Remove support for TLS session caches in TLSServerSocket.

This resolves %738

1 files changed, 13 insertions, 0 deletions

diff --git a/xpcom/build/XPCOMInit.cpp b/xpcom/build/XPCOMInit.cpp
index e8ee5828a..b89f51a98 100644
--- a/xpcom/build/XPCOMInit.cpp
+++ b/xpcom/build/XPCOMInit.cpp
@@ -123,6 +123,8 @@ extern nsresult nsStringInputStreamConstructor(nsISupports*, REFNSIID, void**);
 #include "nsMemoryInfoDumper.h"
 #include "nsSecurityConsoleMessage.h"
 #include "nsMessageLoop.h"
+#include "nss.h"
+#include "ssl.h"
 
 #include "nsStatusReporterManager.h"
 
@@ -1043,6 +1045,17 @@ ShutdownXPCOM(nsIServiceManager* aServMgr)
     sInitializedJS = false;
   }
 
+  // At this point all networking threads should have been joined and the
+  // component manager is shut down. Any remaining objects that hold NSS
+  // resources (should!) have been released, so we can safely shut down NSS.
+  if (NSS_IsInitialized()) {
+    SSL_ClearSessionCache();
+    // XXX: It would be nice if we can enforce this shutdown.
+    if (NSS_Shutdown() != SECSuccess) {
+      NS_WARNING("NSS Shutdown failed - some resources are still in use");
+    }
+  }
+  
   // Release our own singletons
   // Do this _after_ shutting down the component manager, because the
   // JS component loader will use XPConnect to call nsIModule::canUnload,