Introduce create_ssl_context

components/net/connector.rs

@@ -27,15 +27,19 @@ const DEFAULT_CIPHERS: &'static str = concat!(
     "AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
 );
 
-pub fn create_http_connector(certificate_file: &str) -> Arc<Pool<Connector>> {
+pub fn create_ssl_context(certificate_file: &str) -> Arc<SslContext> {
     let mut context = SslContext::new(SslMethod::Sslv23).unwrap();
     context.set_CA_file(&resources_dir_path()
                         .expect("Need certificate file to make network requests")
                         .join(certificate_file)).unwrap();
     context.set_cipher_list(DEFAULT_CIPHERS).unwrap();
     context.set_options(SSL_OP_NO_SSLV2 | SSL_OP_NO_SSLV3 | SSL_OP_NO_COMPRESSION);
+    Arc::new(context)
+}
+
+pub fn create_http_connector(ssl_context: Arc<SslContext>) -> Arc<Pool<Connector>> {
     let connector = HttpsConnector::new(ServoSslClient {
-        context: Arc::new(context)
+        context: ssl_context,
     });
 
     Arc::new(Pool::with_connector(Default::default(), connector))

components/net/http_loader.rs

@@ -3,7 +3,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 use brotli::Decompressor;
-use connector::{Connector, create_http_connector};
+use connector::{Connector, create_http_connector, create_ssl_context};
 use cookie;
 use cookie_storage::CookieStorage;
 use devtools_traits::{ChromeToDevtoolsControlMsg, DevtoolsControlMsg, HttpRequest as DevtoolsHttpRequest};
@@ -77,11 +77,12 @@ pub struct HttpState {
 
 impl HttpState {
     pub fn new(certificate_path: &str) -> HttpState {
+        let ssl_context = create_ssl_context(certificate_path);
         HttpState {
             hsts_list: Arc::new(RwLock::new(HstsList::new())),
             cookie_jar: Arc::new(RwLock::new(CookieStorage::new(150))),
             auth_cache: Arc::new(RwLock::new(AuthCache::new())),
-            connector_pool: create_http_connector(certificate_path),
+            connector_pool: create_http_connector(ssl_context),
         }
     }
 }

components/net/resource_thread.rs

@@ -3,7 +3,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 //! A thread that takes a URL and streams back the binary data.
-use connector::{Connector, create_http_connector};
+use connector::{Connector, create_http_connector, create_ssl_context};
 use cookie;
 use cookie_rs;
 use cookie_storage::CookieStorage;
@@ -104,17 +104,18 @@ fn create_resource_groups(config_dir: Option<&Path>)
         read_json_from_file(&mut hsts_list, config_dir, "hsts_list.json");
         read_json_from_file(&mut cookie_jar, config_dir, "cookie_jar.json");
     }
+    let ssl_context = create_ssl_context("certs");
     let resource_group = ResourceGroup {
         cookie_jar: Arc::new(RwLock::new(cookie_jar)),
         auth_cache: Arc::new(RwLock::new(auth_cache)),
         hsts_list: Arc::new(RwLock::new(hsts_list.clone())),
-        connector: create_http_connector("certs"),
+        connector: create_http_connector(ssl_context.clone()),
     };
     let private_resource_group = ResourceGroup {
         cookie_jar: Arc::new(RwLock::new(CookieStorage::new(150))),
         auth_cache: Arc::new(RwLock::new(AuthCache::new())),
         hsts_list: Arc::new(RwLock::new(HstsList::new())),
-        connector: create_http_connector("certs"),
+        connector: create_http_connector(ssl_context),
     };
     (resource_group, private_resource_group)
 }
@@ -319,12 +320,13 @@ impl CoreResourceManager {
              init: RequestInit,
              mut sender: IpcSender<FetchResponseMsg>,
              group: &ResourceGroup) {
+        let ssl_context = create_ssl_context("certs");
         let http_state = HttpState {
             hsts_list: group.hsts_list.clone(),
             cookie_jar: group.cookie_jar.clone(),
             auth_cache: group.auth_cache.clone(),
             // FIXME(#15694): use group.connector.clone() instead.
-            connector_pool: create_http_connector("certs"),
+            connector_pool: create_http_connector(ssl_context),
         };
         let ua = self.user_agent.clone();
         let dc = self.devtools_chan.clone();