Opened 9 years ago

Closed 9 years ago

#1624 closed enhancement (fixed)

Use nsICrypto::logout() to clear SSL Session IDs instead of SSLv2 pref hack

Reported by: mikeperry Owned by: mikeperry
Priority: High Milestone:
Component: Applications/Torbutton Version:
Severity: Keywords: TorbuttonIteration20110320 MikePerryIteration20110320
Cc: Actual Points: 2
Parent ID: #2482 Points: 2
Reviewer: Sponsor:

Description

Apparently there is now a method to clear SSL Session IDs and other crypto data that we can call upon Tor toggle, instead of performing our current brutal hack of toggling security.enable_ssl2.

https://bugzilla.mozilla.org/show_bug.cgi?id=448747

Child Tickets

Change History (5)

comment:2 Changed 9 years ago by mikeperry

Parent ID: #2482

comment:3 Changed 9 years ago by mikeperry

Keywords: TorbuttonIteration20110320 MikePerryIteration20110320 added

comment:4 Changed 9 years ago by mikeperry

Points: 2

comment:5 Changed 9 years ago by mikeperry

Actual Points: 2
Resolution: fixed
Status: newclosed
Summary: Use nsICrypto::logout() to clear SSL Session IDsUse nsICrypto::logout() to clear SSL Session IDs instead of SSLv2 pref hack

This is fixed in master, with a fallback to the old method for clearing SIDs if an exception gets thrown.

Will appear in 1.3.2-alpha.

Note: See TracTickets for help on using tickets.