ITS#7022
ITS#7023
ITS#7028

Rich Megginson authored 13 years ago and Quanah Gibson-Mount committed 13 years ago

The NSS_InitContext et. al, and their corresponding shutdown functions,
are not thread safe.  There can only be one thread at a time calling
these functions.  Protect the calls with a mutex.  Create the mutex
using a PR_CallOnce to ensure that the mutex is only created once and
not used before created.  Move the registration of the nss shutdown
callback to also use a PR_CallOnce.  Removed the call to
SSL_ClearSessionCache() because it is always called at shutdown, and we must
not call it more than once.

Jan Vcelak authored 13 years ago and Quanah Gibson-Mount committed 13 years ago

If server certificate hostname does not match the server hostname,
connection is closed even if client has set TLS_REQCERT to 'allow'. This
is wrong - the documentation says, that bad certificates are being
ignored when TLS_REQCERT is set to 'allow'.

Howard Chu authored 13 years ago and Quanah Gibson-Mount committed 13 years ago

This reverts commit 3cb2ca8b.
Patch has no benefit