June 2015 - tbb-commits - lists.torproject.org

[tor-browser-bundle/master] Bug 16446: Update FTE bridge #1 fingerprint.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 1d57b74a17a246b7e1e49eaa14a26c4824011298 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Jun 25 12:52:50 2015 -0700 Bug 16446: Update FTE bridge #1 fingerprint. --- Bundle-Data/PTConfigs/bridge_prefs.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Bundle-Data/PTConfigs/bridge_prefs.js b/Bundle-Data/PTConfigs/bridge_prefs.js index 8e7fd43..5137356 100644 --- a/Bundle-Data/PTConfigs/bridge_prefs.js +++ b/Bundle-Data/PTConfigs/bridge_prefs.js @@ -14,14 +14,14 @@ pref("extensions.torlauncher.default_bridge.flashproxy.3", "flashproxy 0.0.1.0:3 pref("extensions.torlauncher.default_bridge.flashproxy.4", "flashproxy 0.0.1.0:4 4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD"); pref("extensions.torlauncher.default_bridge.flashproxy.5", "flashproxy 0.0.1.0:5 4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD"); -pref("extensions.torlauncher.default_bridge.fte.1", "fte 192.240.101.106:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E"); +pref("extensions.torlauncher.default_bridge.fte.1", "fte 192.240.101.106:80 FDC5BA65D93B6BCA5EBDF8EF8E4FA936B7F1F8E5"); pref("extensions.torlauncher.default_bridge.fte.2", "fte 50.7.176.114:80 2BD466989944867075E872310EBAD65BC88C8AEF"); pref("extensions.torlauncher.default_bridge.fte.3", "fte 131.252.210.150:8080 0E858AC201BF0F3FA3C462F64844CBFFC7297A42"); pref("extensions.torlauncher.default_bridge.fte.4", "fte 128.105.214.161:8080 1E326AAFB3FCB515015250D8FCCC8E37F91A153B"); pref("extensions.torlauncher.default_bridge.fte.5", "fte 128.105.214.162:8080 FC562097E1951DCC41B7D7F324D88157119BB56D"); pref("extensions.torlauncher.default_bridge.fte.6", "fte 128.105.214.163:8080 A17A40775FBD2CA1184BF80BFC330A77ECF9D0E9"); -pref("extensions.torlauncher.default_bridge.fte-ipv6.1", "fte [2001:49f0:d002:1::2]:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E"); +pref("extensions.torlauncher.default_bridge.fte-ipv6.1", "fte [2001:49f0:d002:1::2]:80 FDC5BA65D93B6BCA5EBDF8EF8E4FA936B7F1F8E5"); pref("extensions.torlauncher.default_bridge.fte-ipv6.2", "fte [2001:49f0:d00a:1::c]:80 2BD466989944867075E872310EBAD65BC88C8AEF"); pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T");

1 0

[tor-browser-bundle/master] Bug 13247: Update meek to 0.20 to fix profile error
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 6132f1a5796a11410f00c33be2a447b2898a6521 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Jun 25 14:45:10 2015 -0700 Bug 13247: Update meek to 0.20 to fix profile error --- gitian/versions.alpha | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/versions.alpha b/gitian/versions.alpha index c45a5bd..5380a5a 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -25,7 +25,7 @@ FTEPROXY_TAG=597f8378f6f4f3de570b8e1064c2e4cb8d67fbd0 # tag 0.2.19 LIBDMG_TAG=dfd5e5cc3dc1191e37d3c3a6118975afdd1d7014 TXSOCKSX_TAG=216eb0894a1755872f4789f9458aa6cf543b8433 # unsigned habnabit/1.13.0.2 GOPTLIB_TAG=0.2 -MEEK_TAG=0.19 +MEEK_TAG=0.20 FAKETIME_TAG=70aa6b394d9341522dffe8a5a5cf5929e82cc6b9 # unsigned v0.9.6 GOED25519_TAG=c4161f4c7483313562781c61b9a20aba73daf9de GOSIPHASH_TAG=42ba037e748c9062a75e0924705c43b893edefcd

1 0

[tor-browser/tor-browser-38.1.0esr-5.x-1] Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit d888d0afb8e1f2770cc9420387ff031eb584e416 Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Sat Jun 13 19:27:43 2015 -0700 Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent --- dom/base/nsContentUtils.cpp | 4 + dom/base/nsContentUtils.h | 13 ++- dom/events/KeyCodeConsensus.h | 189 +++++++++++++++++++++++++++++++++++++++++ dom/events/KeyboardEvent.cpp | 68 ++++++++++++--- 4 files changed, 262 insertions(+), 12 deletions(-) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index 8899c3a..2cecc01 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -247,6 +247,7 @@ bool nsContentUtils::sIsResourceTimingEnabled = false; bool nsContentUtils::sIsUserTimingLoggingEnabled = false; bool nsContentUtils::sIsExperimentalAutocompleteEnabled = false; bool nsContentUtils::sEncodeDecodeURLHash = false; +bool nsContentUtils::sPrivacyResistFingerprinting = false; uint32_t nsContentUtils::sHandlingInputTimeout = 1000; @@ -525,6 +526,9 @@ nsContentUtils::Init() Preferences::AddBoolVarCache(&sEncodeDecodeURLHash, "dom.url.encode_decode_hash", false); + Preferences::AddBoolVarCache(&sPrivacyResistFingerprinting, + "privacy.resistFingerprinting", false); + Preferences::AddUintVarCache(&sHandlingInputTimeout, "dom.event.handling-user-input-time-limit", 1000); diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h index 9785005..5fed502 100644 --- a/dom/base/nsContentUtils.h +++ b/dom/base/nsContentUtils.h @@ -1911,6 +1911,16 @@ public: return sEncodeDecodeURLHash; } + /* + * Returns true if the browser should attempt to prevent content scripts + * from collecting distinctive information about the browser that could + * be used to "fingerprint" and track the user across websites. + */ + static bool ResistFingerprinting() + { + return sPrivacyResistFingerprinting; + } + /** * Returns true if the doc tree branch which contains aDoc contains any * plugins which we don't control event dispatch for, i.e. do any plugins @@ -2385,7 +2395,8 @@ private: static bool sIsUserTimingLoggingEnabled; static bool sIsExperimentalAutocompleteEnabled; static bool sEncodeDecodeURLHash; - + static bool sPrivacyResistFingerprinting; + static nsHtml5StringParser* sHTMLFragmentParser; static nsIParser* sXMLFragmentParser; static nsIFragmentContentSink* sXMLFragmentSink; diff --git a/dom/events/KeyCodeConsensus.h b/dom/events/KeyCodeConsensus.h new file mode 100644 index 0000000..8d66d19 --- /dev/null +++ b/dom/events/KeyCodeConsensus.h @@ -0,0 +1,189 @@ +// See https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/keyCode + +// When privacy.resistFingerprinting is active, we hide the user's use of +// the numpad, right modifer keys, and any non-QWERTY US English keyboard. + +#include "nsString.h" +#include "nsClassHashTable.h" + +// KEY_INTERNAL is called by KEY or SHIFT. +#define KEY_INTERNAL(key, code, keyCode, shift) \ + gCodes->Put(NS_LITERAL_STRING(key), NS_LITERAL_STRING(#code)); \ + gKeyCodes->Put(NS_LITERAL_STRING(key), keyCode); \ + gShiftStates->Put(NS_LITERAL_STRING(key), shift); + +// KEY and SHIFT Assign a consensus codeName and keyCode for the given keyName. +// KEY indicates that shift is off. +#define KEY(key, code, keyCode) KEY_INTERNAL(key, code, keyCode, false) +// SHIFT indicates that shift is on. +#define SHIFT(key, code, keyCode) KEY_INTERNAL(key, code, keyCode, true) + +// Three global constant static maps. +// gCodes provides a codeName for each keyName. +static nsDataHashtable<nsStringHashKey, nsString>* gCodes; +// gKeyCodes provides a keyCode for each keyName. +static nsDataHashtable<nsStringHashKey, uint32_t>* gKeyCodes; +// gShiftStates provides a shift value for each keyName. +static nsDataHashtable<nsStringHashKey, bool>* gShiftStates; + +// Populate the global static maps gCodes, gKeCodes, gShiftStates +// with their constant values. +static void createKeyCodes() +{ + if (gCodes) return; + + gCodes = new nsDataHashtable<nsStringHashKey, nsString>(); + gKeyCodes = new nsDataHashtable<nsStringHashKey, uint32_t>(); + gShiftStates = new nsDataHashtable<nsStringHashKey, bool>(); + + KEY("AltLeft", AltLeft, 18) + KEY("AltRight", AltRight, 18) + KEY("CapsLock", CapsLock, 20) + KEY("Control", ControlLeft, 17) + KEY("Meta", OSLeft, 91) + KEY("Shift", ShiftLeft, 16) + KEY("ContextMenu", ContextMenu, 93) + KEY("Enter", Enter, 13) + KEY(" ", Space, 32) + KEY("Tab", Tab, 9) + KEY("Delete", Delete, 46) + KEY("End", End, 35) + KEY("Help", Help, 6) + KEY("Home", Home, 36) + KEY("Insert", Insert, 45) + KEY("PageDown", PageDown, 34) + KEY("PageUp", PageUp, 33) + KEY("ArrowDown", ArrowDown, 40) + KEY("ArrowLeft", ArrowLeft, 37) + KEY("ArrowRight", ArrowRight, 39) + KEY("ArrowUp", ArrowUp, 38) + KEY("Escape", Escape, 27) + KEY("PrintScreen", PrintScreen, 44) + KEY("ScrollLock", ScrollLock, 145) + KEY("Pause", Pause, 19) + + KEY(",", Comma, 188) + SHIFT("<", Comma, 188) + KEY(".", Period, 190) + SHIFT(">", Period, 190) + KEY("/", Slash, 191) + SHIFT("?", Slash, 191) + KEY(";", Semicolon, 59) + SHIFT(":", Semicolon, 59) + KEY("'", Quote, 222) + SHIFT("\"", Quote, 222) + KEY("[", BracketLeft, 219) + SHIFT("{", BracketLeft, 219) + KEY("]", BracketRight, 221) + SHIFT("}", BracketRight, 221) + KEY("`", Backquote, 192) + SHIFT("~", Backquote, 192) + KEY("\\", Backslash, 220) + SHIFT("|", Backslash, 220) + KEY("-", Minus, 173) + SHIFT("_", Minus, 173) + KEY("=", Equal, 61) + SHIFT("+", Equal, 61) + + SHIFT("A", KeyA, 65) + SHIFT("B", KeyB, 66) + SHIFT("C", KeyC, 67) + SHIFT("D", KeyD, 68) + SHIFT("E", KeyE, 69) + SHIFT("F", KeyF, 70) + SHIFT("G", KeyG, 71) + SHIFT("H", KeyH, 72) + SHIFT("I", KeyI, 73) + SHIFT("J", KeyJ, 74) + SHIFT("K", KeyK, 75) + SHIFT("L", KeyL, 76) + SHIFT("M", KeyM, 77) + SHIFT("N", KeyN, 78) + SHIFT("O", KeyO, 79) + SHIFT("P", KeyP, 80) + SHIFT("Q", KeyQ, 81) + SHIFT("R", KeyR, 82) + SHIFT("S", KeyS, 83) + SHIFT("T", KeyT, 84) + SHIFT("U", KeyU, 85) + SHIFT("V", KeyV, 86) + SHIFT("W", KeyW, 87) + SHIFT("X", KeyX, 88) + SHIFT("Y", KeyY, 89) + SHIFT("Z", KeyZ, 90) + + KEY("a", KeyA, 65) + KEY("b", KeyB, 66) + KEY("c", KeyC, 67) + KEY("d", KeyD, 68) + KEY("e", KeyE, 69) + KEY("f", KeyF, 70) + KEY("g", KeyG, 71) + KEY("h", KeyH, 72) + KEY("i", KeyI, 73) + KEY("j", KeyJ, 74) + KEY("k", KeyK, 75) + KEY("l", KeyL, 76) + KEY("m", KeyM, 77) + KEY("n", KeyN, 78) + KEY("o", KeyO, 79) + KEY("p", KeyP, 80) + KEY("q", KeyQ, 81) + KEY("r", KeyR, 82) + KEY("s", KeyS, 83) + KEY("t", KeyT, 84) + KEY("u", KeyU, 85) + KEY("v", KeyV, 86) + KEY("w", KeyW, 87) + KEY("x", KeyX, 88) + KEY("y", KeyY, 89) + KEY("z", KeyZ, 90) + + KEY("F1", F1, 112) + KEY("F2", F2, 113) + KEY("F3", F3, 114) + KEY("F4", F4, 115) + KEY("F5", F5, 116) + KEY("F6", F6, 117) + KEY("F7", F7, 118) + KEY("F8", F8, 119) + KEY("F9", F9, 120) + KEY("F10", F10, 121) + KEY("F11", F11, 122) + KEY("F12", F12, 123) + KEY("F13", F13, 124) + KEY("F14", F14, 125) + KEY("F15", F15, 126) + KEY("F16", F16, 127) + KEY("F17", F17, 128) + KEY("F18", F18, 129) + KEY("F19", F19, 130) + KEY("F20", F20, 131) + KEY("F21", F21, 132) + KEY("F22", F22, 133) + KEY("F23", F23, 134) + KEY("F24", F24, 135) + + KEY("0", Digit0, 48) + KEY("1", Digit1, 49) + KEY("2", Digit2, 50) + KEY("3", Digit3, 51) + KEY("4", Digit4, 52) + KEY("5", Digit5, 53) + KEY("6", Digit6, 54) + KEY("7", Digit7, 55) + KEY("8", Digit8, 56) + KEY("9", Digit9, 57) + + SHIFT("!", Digit0, 48) + SHIFT("@", Digit1, 49) + SHIFT("#", Digit2, 50) + SHIFT("$", Digit3, 51) + SHIFT("%", Digit4, 52) + SHIFT("^", Digit5, 53) + SHIFT("&", Digit6, 54) + SHIFT("*", Digit7, 55) + SHIFT("(", Digit8, 56) + SHIFT(")", Digit9, 57) + +} diff --git a/dom/events/KeyboardEvent.cpp b/dom/events/KeyboardEvent.cpp index cd5352b..8829b8f 100644 --- a/dom/events/KeyboardEvent.cpp +++ b/dom/events/KeyboardEvent.cpp @@ -6,10 +6,17 @@ #include "mozilla/dom/KeyboardEvent.h" #include "mozilla/TextEvents.h" #include "prtime.h" +#include "KeyCodeConsensus.h" +#include "nsContentUtils.h" namespace mozilla { namespace dom { +static bool ResistFingerprinting() { + return nsContentUtils::ResistFingerprinting() && + !nsContentUtils::IsCallerChrome(); +} + KeyboardEvent::KeyboardEvent(EventTarget* aOwner, nsPresContext* aPresContext, WidgetKeyboardEvent* aEvent) @@ -26,6 +33,7 @@ KeyboardEvent::KeyboardEvent(EventTarget* aOwner, mEvent->time = PR_Now(); mEvent->AsKeyboardEvent()->mKeyNameIndex = KEY_NAME_INDEX_USE_STRING; } + createKeyCodes(); } NS_IMPL_ADDREF_INHERITED(KeyboardEvent, UIEvent) @@ -66,7 +74,16 @@ KeyboardEvent::GetCtrlKey(bool* aIsDown) bool KeyboardEvent::ShiftKey() { - return mEvent->AsKeyboardEvent()->IsShift(); + bool shiftState = mEvent->AsKeyboardEvent()->IsShift(); + if (!ResistFingerprinting()) { + return shiftState; + } + // Find a consensus fake shift state for the given key name. + bool fakeShiftState; + nsString keyName; + GetKey(keyName); + bool exists = gShiftStates->Get(keyName, &fakeShiftState); + return exists ? fakeShiftState : shiftState; } NS_IMETHODIMP @@ -131,7 +148,17 @@ KeyboardEvent::GetKey(nsAString& aKeyName) void KeyboardEvent::GetCode(nsAString& aCodeName) { - mEvent->AsKeyboardEvent()->GetDOMCodeName(aCodeName); + if (!ResistFingerprinting()) { + mEvent->AsKeyboardEvent()->GetDOMCodeName(aCodeName); + } else { + // Use a consensus code name corresponding to the + // key name. + nsString keyName, codeNameTemp; + GetKey(keyName); + if (gCodes->Get(keyName, &codeNameTemp)) { + aCodeName = codeNameTemp; + } + } } NS_IMETHODIMP @@ -157,7 +184,7 @@ KeyboardEvent::CharCode() case NS_KEY_BEFORE_UP: case NS_KEY_UP: case NS_KEY_AFTER_UP: - return 0; + // return 0; case NS_KEY_PRESS: return mEvent->AsKeyboardEvent()->charCode; } @@ -176,12 +203,19 @@ uint32_t KeyboardEvent::KeyCode() { // If this event is initialized with ctor, we shouldn't check event type. - if (mInitializedByCtor) { - return mEvent->AsKeyboardEvent()->keyCode; - } - - if (mEvent->HasKeyEventMessage()) { - return mEvent->AsKeyboardEvent()->keyCode; + if (mInitializedByCtor || mEvent->HasKeyEventMessage()) { + if (!ResistFingerprinting()) { + return mEvent->AsKeyboardEvent()->keyCode; + } else { + if (CharCode() != 0) { + return 0; + } + // Find a consensus key code for the given key name. + nsString keyName; + GetKey(keyName); + uint32_t keyCode; + return gKeyCodes->Get(keyName, &keyCode) ? keyCode : 0; + } } return 0; } @@ -206,7 +240,7 @@ KeyboardEvent::Which() //Special case for 4xp bug 62878. Try to make value of which //more closely mirror the values that 4.x gave for RETURN and BACKSPACE { - uint32_t keyCode = mEvent->AsKeyboardEvent()->keyCode; + uint32_t keyCode = KeyCode(); if (keyCode == NS_VK_RETURN || keyCode == NS_VK_BACK) { return keyCode; } @@ -229,7 +263,19 @@ KeyboardEvent::GetLocation(uint32_t* aLocation) uint32_t KeyboardEvent::Location() { - return mEvent->AsKeyboardEvent()->location; + uint32_t location = mEvent->AsKeyboardEvent()->location; + if (!ResistFingerprinting()) { + return location; + } + // To resist fingerprinting, hide right modifier keys, as + // well as the numpad. + switch (location) { + case 0 : return 0; + case 1 : return 1; + case 2 : return 1; + case 3 : return 0; + default: return 0; + } } // static

1 0

[tor-browser/tor-browser-38.1.0esr-5.x-1] Bug #16005: Relax minimal mode.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 340de21bca0cf0c8a7633bdad3c61ef4d9265438 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri Jun 19 20:20:00 2015 -0700 Bug #16005: Relax minimal mode. Use min values from a 2013 Moto E and a 2009 laptop with integrated graphics. --- dom/canvas/WebGLContext.cpp | 5 ++++- dom/canvas/WebGLContext.h | 33 +++++++++++++++++++++++---------- dom/canvas/WebGLContextState.cpp | 32 ++++++++++++++++++++++++++++++++ dom/canvas/WebGLContextValidate.cpp | 3 --- 4 files changed, 59 insertions(+), 14 deletions(-) diff --git a/dom/canvas/WebGLContext.cpp b/dom/canvas/WebGLContext.cpp index 1c22c27..da6442c 100644 --- a/dom/canvas/WebGLContext.cpp +++ b/dom/canvas/WebGLContext.cpp @@ -1245,7 +1245,10 @@ WebGLContext::GetContextAttributes(Nullable<dom::WebGLContextAttributes>& retval result.mAlpha.Construct(mOptions.alpha); result.mDepth = mOptions.depth; result.mStencil = mOptions.stencil; - result.mAntialias = mOptions.antialias; + if (MinCapabilityMode()) + result.mAntialias = false; + else + result.mAntialias = mOptions.antialias; result.mPremultipliedAlpha = mOptions.premultipliedAlpha; result.mPreserveDrawingBuffer = mOptions.preserveDrawingBuffer; } diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 63c4091..f72d552 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -53,17 +53,30 @@ class nsIDocShell; * * Exceptions: some of the following values are set to higher values than in the spec because * the values in the spec are ridiculously low. They are explicitly marked below + * + * Tor Browser Modifications: The following values are the minimum between a 2009 laptop, and a 2013 Moto E */ -#define MINVALUE_GL_MAX_TEXTURE_SIZE 1024 // Different from the spec, which sets it to 64 on page 162 -#define MINVALUE_GL_MAX_CUBE_MAP_TEXTURE_SIZE 512 // Different from the spec, which sets it to 16 on page 162 -#define MINVALUE_GL_MAX_VERTEX_ATTRIBS 8 // Page 164 -#define MINVALUE_GL_MAX_FRAGMENT_UNIFORM_VECTORS 16 // Page 164 -#define MINVALUE_GL_MAX_VERTEX_UNIFORM_VECTORS 128 // Page 164 -#define MINVALUE_GL_MAX_VARYING_VECTORS 8 // Page 164 -#define MINVALUE_GL_MAX_TEXTURE_IMAGE_UNITS 8 // Page 164 -#define MINVALUE_GL_MAX_VERTEX_TEXTURE_IMAGE_UNITS 0 // Page 164 -#define MINVALUE_GL_MAX_RENDERBUFFER_SIZE 1024 // Different from the spec, which sets it to 1 on page 164 -#define MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS 8 // Page 164 +#define MINVALUE_GL_MAX_TEXTURE_SIZE 4096 // Different from the spec, which sets it to 64 on page 162 +#define MINVALUE_GL_MAX_CUBE_MAP_TEXTURE_SIZE 2048 // Different from the spec, which sets it to 16 on page 162 +#define MINVALUE_GL_MAX_VERTEX_ATTRIBS 16 // Page 164 +#define MINVALUE_GL_MAX_FRAGMENT_UNIFORM_VECTORS 224 // Page 164 +#define MINVALUE_GL_MAX_VERTEX_UNIFORM_VECTORS 256 // Page 164 +#define MINVALUE_GL_MAX_VARYING_VECTORS 16 // Page 164 +#define MINVALUE_GL_MAX_TEXTURE_IMAGE_UNITS 16 // Page 164 +#define MINVALUE_GL_MAX_VERTEX_TEXTURE_IMAGE_UNITS 16 // Page 164 +#define MINVALUE_GL_MAX_RENDERBUFFER_SIZE 4096 // Different from the spec, which sets it to 1 on page 164 +#define MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS 32 // Page 164 + +/* The following additional values were set specifically for fingerprinting. + * These ranges came from a 2013 Moto E. + * + * These values specify the upper end of the maximum size of line and point + * elements. The lower bounds are 1 in both cases (and the minimum of 1 is + * guaranteed by OpenGL). */ +#define MINVALUE_GL_ALIASED_LINE_WIDTH_RANGE 5 +#define MINVALUE_GL_ALIASED_POINT_SIZE_RANGE 255 +/* This value is used to cap the resolution of the viewport to (MAX x MAX) */ +#define MINVALUE_GL_MAX_VIEWPORT_DIMS 4096 namespace mozilla { diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index fe7f078..7646ce9 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -134,6 +134,38 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_MAX_RENDERBUFFER_SIZE: return JS::Int32Value(MINVALUE_GL_MAX_RENDERBUFFER_SIZE); + case LOCAL_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS: + return JS::Int32Value(MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS); + + //case LOCAL_GL_DEPTH_RANGE: + case LOCAL_GL_ALIASED_POINT_SIZE_RANGE: { + GLfloat fv[2] = { 1, MINVALUE_GL_ALIASED_POINT_SIZE_RANGE }; + JSObject* obj = Float32Array::Create(cx, this, 2, fv); + if (!obj) { + rv = NS_ERROR_OUT_OF_MEMORY; + } + return JS::ObjectOrNullValue(obj); + } + + case LOCAL_GL_ALIASED_LINE_WIDTH_RANGE: { + GLfloat fv[2] = { 1, MINVALUE_GL_ALIASED_LINE_WIDTH_RANGE }; + JSObject* obj = Float32Array::Create(cx, this, 2, fv); + if (!obj) { + rv = NS_ERROR_OUT_OF_MEMORY; + } + return JS::ObjectOrNullValue(obj); + } + + case LOCAL_GL_MAX_VIEWPORT_DIMS: { + GLint iv[2] = { MINVALUE_GL_MAX_VIEWPORT_DIMS, MINVALUE_GL_MAX_VIEWPORT_DIMS }; + JSObject* obj = Int32Array::Create(cx, this, 2, iv); + if (!obj) { + rv = NS_ERROR_OUT_OF_MEMORY; + } + return JS::ObjectOrNullValue(obj); + } + + default: // Return the real value; we're not overriding this one break; diff --git a/dom/canvas/WebGLContextValidate.cpp b/dom/canvas/WebGLContextValidate.cpp index 703fd0f..a6fb0fb 100644 --- a/dom/canvas/WebGLContextValidate.cpp +++ b/dom/canvas/WebGLContextValidate.cpp @@ -1700,9 +1700,6 @@ WebGLContext::InitAndValidateGL() mCanLoseContextInForeground = Preferences::GetBool("webgl.can-lose-context-in-foreground", true); mRestoreWhenVisible = Preferences::GetBool("webgl.restore-context-when-visible", true); - if (MinCapabilityMode()) - mDisableFragHighP = true; - // These are the default values, see 6.2 State tables in the // OpenGL ES 2.0.25 spec. mColorWriteMask[0] = 1;

1 0

[tor-browser/tor-browser-38.1.0esr-5.x-1] Bug 16300: Isolate Broadcast Channels to first party.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 8a7950b34812259d857f65daaae766174dc48ce5 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Jun 19 10:53:28 2015 -0400 Bug 16300: Isolate Broadcast Channels to first party. Note that when the privacy.thirdparty.isolate pref. is set to 1 or 2, we disable use of Broadcast Channels by SharedWorkers since we cannot obtain the isolation host. --- dom/broadcastchannel/BroadcastChannel.cpp | 77 ++++++++++++++++++++-- dom/broadcastchannel/BroadcastChannel.h | 2 + dom/broadcastchannel/BroadcastChannelParent.cpp | 7 +- dom/broadcastchannel/BroadcastChannelParent.h | 3 + dom/broadcastchannel/BroadcastChannelService.cpp | 11 +++- dom/broadcastchannel/BroadcastChannelService.h | 1 + ipc/glue/BackgroundChildImpl.cpp | 1 + ipc/glue/BackgroundChildImpl.h | 1 + ipc/glue/BackgroundParentImpl.cpp | 5 +- ipc/glue/BackgroundParentImpl.h | 2 + ipc/glue/PBackground.ipdl | 3 +- 11 files changed, 102 insertions(+), 11 deletions(-) diff --git a/dom/broadcastchannel/BroadcastChannel.cpp b/dom/broadcastchannel/BroadcastChannel.cpp index 6d16c2d..92ec729 100644 --- a/dom/broadcastchannel/BroadcastChannel.cpp +++ b/dom/broadcastchannel/BroadcastChannel.cpp @@ -20,6 +20,7 @@ #include "nsIScriptSecurityManager.h" #include "nsServiceManagerUtils.h" #include "nsISupportsPrimitives.h" +#include "mozIThirdPartyUtil.h" #ifdef XP_WIN #undef PostMessage @@ -105,6 +106,44 @@ GetOrigin(nsIPrincipal* aPrincipal, nsAString& aOrigin, ErrorResult& aRv) appsService->GetManifestURLByLocalId(appId, aOrigin); } +bool +IsFirstPartyIsolationEnabled() +{ + return 0 != mozilla::Preferences::GetInt("privacy.thirdparty.isolate"); +} + +void +GetFirstPartyHost(nsIDocument* aDoc, nsAString& aFirstPartyHost, + ErrorResult& aRv) +{ + if (!aDoc) { + aRv.Throw(NS_ERROR_FAILURE); + return; + } + + nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc = + do_GetService(THIRDPARTYUTIL_CONTRACTID); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + nsresult rv = thirdPartySvc->GetFirstPartyIsolationURI(nullptr, aDoc, + getter_AddRefs(firstPartyIsolationURI)); + if (NS_WARN_IF(NS_FAILED(rv))) { + aRv.Throw(rv); + return; + } + + if (firstPartyIsolationURI) { + nsAutoCString hostCStr; + rv = thirdPartySvc->GetFirstPartyHostForIsolation(firstPartyIsolationURI, + hostCStr); + if (NS_WARN_IF(NS_FAILED(rv))) { + aRv.Throw(rv); + return; + } + + aFirstPartyHost = NS_ConvertUTF8toUTF16(hostCStr); + } +} + nsIPrincipal* GetPrincipalFromWorkerPrivate(WorkerPrivate* aWorkerPrivate) { @@ -126,11 +165,13 @@ class InitializeRunnable final : public WorkerMainThreadRunnable { public: InitializeRunnable(WorkerPrivate* aWorkerPrivate, nsAString& aOrigin, + nsAString& aFirstPartyHost, PrincipalInfo& aPrincipalInfo, bool& aPrivateBrowsing, ErrorResult& aRv) : WorkerMainThreadRunnable(aWorkerPrivate) , mWorkerPrivate(GetCurrentThreadWorkerPrivate()) , mOrigin(aOrigin) + , mFirstPartyHost(aFirstPartyHost) , mPrincipalInfo(aPrincipalInfo) , mPrivateBrowsing(aPrivateBrowsing) , mRv(aRv) @@ -175,9 +216,16 @@ public: wp = wp->GetParent(); } + bool isIsolationEnabled = IsFirstPartyIsolationEnabled(); + // Window doesn't exist for some kind of workers (eg: SharedWorkers) nsPIDOMWindow* window = wp->GetWindow(); if (!window) { + // If we lack a window and first party isolation is enabled, disallow + // use of Broadcast Channels. This is the safe thing to do, e.g., if + // a SharedWorker is being used. + if (isIsolationEnabled) + mRv.Throw(NS_ERROR_FAILURE); return true; } @@ -189,12 +237,20 @@ public: doc->DisallowBFCaching(); } + if (isIsolationEnabled) { + GetFirstPartyHost(doc, mFirstPartyHost, mRv); + if (NS_WARN_IF(mRv.Failed())) { + return true; + } + } + return true; } private: WorkerPrivate* mWorkerPrivate; nsAString& mOrigin; + nsAString& mFirstPartyHost; PrincipalInfo& mPrincipalInfo; bool& mPrivateBrowsing; ErrorResult& mRv; @@ -401,12 +457,14 @@ BroadcastChannel::IsEnabled(JSContext* aCx, JSObject* aGlobal) BroadcastChannel::BroadcastChannel(nsPIDOMWindow* aWindow, const PrincipalInfo& aPrincipalInfo, const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing) : DOMEventTargetHelper(aWindow) , mWorkerFeature(nullptr) , mPrincipalInfo(new PrincipalInfo(aPrincipalInfo)) , mOrigin(aOrigin) + , mFirstPartyHost(aFirstPartyHost) , mChannel(aChannel) , mPrivateBrowsing(aPrivateBrowsing) , mIsKeptAlive(false) @@ -437,6 +495,7 @@ BroadcastChannel::Constructor(const GlobalObject& aGlobal, // Window is null in workers. nsAutoString origin; + nsAutoString firstPartyHost; PrincipalInfo principalInfo; bool privateBrowsing = false; WorkerPrivate* workerPrivate = nullptr; @@ -483,14 +542,21 @@ BroadcastChannel::Constructor(const GlobalObject& aGlobal, // No bfcache when BroadcastChannel is used. doc->DisallowBFCaching(); } + + if (IsFirstPartyIsolationEnabled()) { + GetFirstPartyHost(doc, firstPartyHost, aRv); + if (NS_WARN_IF(aRv.Failed())) { + return nullptr; + } + } } else { JSContext* cx = aGlobal.Context(); workerPrivate = GetWorkerPrivateFromContext(cx); MOZ_ASSERT(workerPrivate); nsRefPtr<InitializeRunnable> runnable = - new InitializeRunnable(workerPrivate, origin, principalInfo, - privateBrowsing, aRv); + new InitializeRunnable(workerPrivate, origin, firstPartyHost, + principalInfo, privateBrowsing, aRv); runnable->Dispatch(cx); } @@ -499,8 +565,8 @@ BroadcastChannel::Constructor(const GlobalObject& aGlobal, } nsRefPtr<BroadcastChannel> bc = - new BroadcastChannel(window, principalInfo, origin, aChannel, - privateBrowsing); + new BroadcastChannel(window, principalInfo, origin, firstPartyHost, + aChannel, privateBrowsing); // Register this component to PBackground. PBackgroundChild* actor = BackgroundChild::GetForCurrentThread(); @@ -626,7 +692,8 @@ BroadcastChannel::ActorCreated(PBackgroundChild* aActor) } PBroadcastChannelChild* actor = - aActor->SendPBroadcastChannelConstructor(*mPrincipalInfo, mOrigin, mChannel, + aActor->SendPBroadcastChannelConstructor(*mPrincipalInfo, mOrigin, + mFirstPartyHost, mChannel, mPrivateBrowsing); mActor = static_cast<BroadcastChannelChild*>(actor); diff --git a/dom/broadcastchannel/BroadcastChannel.h b/dom/broadcastchannel/BroadcastChannel.h index 9208114..eac335f 100644 --- a/dom/broadcastchannel/BroadcastChannel.h +++ b/dom/broadcastchannel/BroadcastChannel.h @@ -92,6 +92,7 @@ private: BroadcastChannel(nsPIDOMWindow* aWindow, const PrincipalInfo& aPrincipalInfo, const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing); @@ -112,6 +113,7 @@ private: nsAutoPtr<PrincipalInfo> mPrincipalInfo; nsString mOrigin; + nsString mFirstPartyHost; nsString mChannel; bool mPrivateBrowsing; diff --git a/dom/broadcastchannel/BroadcastChannelParent.cpp b/dom/broadcastchannel/BroadcastChannelParent.cpp index 7a1740d..f5fd9f3 100644 --- a/dom/broadcastchannel/BroadcastChannelParent.cpp +++ b/dom/broadcastchannel/BroadcastChannelParent.cpp @@ -18,10 +18,12 @@ namespace dom { BroadcastChannelParent::BroadcastChannelParent( const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing) : mService(BroadcastChannelService::GetOrCreate()) , mOrigin(aOrigin) + , mFirstPartyHost(aFirstPartyHost) , mChannel(aChannel) , mPrivateBrowsing(aPrivateBrowsing) { @@ -43,7 +45,8 @@ BroadcastChannelParent::RecvPostMessage(const ClonedMessageData& aData) return false; } - mService->PostMessage(this, aData, mOrigin, mChannel, mPrivateBrowsing); + mService->PostMessage(this, aData, mOrigin, mFirstPartyHost, + mChannel, mPrivateBrowsing); return true; } @@ -79,12 +82,14 @@ BroadcastChannelParent::ActorDestroy(ActorDestroyReason aWhy) void BroadcastChannelParent::CheckAndDeliver(const ClonedMessageData& aData, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, bool aPrivateBrowsing) { AssertIsOnBackgroundThread(); if (aOrigin == mOrigin && + aFirstPartyHost == mFirstPartyHost && aChannel == mChannel && aPrivateBrowsing == mPrivateBrowsing) { // We need to duplicate data only if we have blobs or if the manager of diff --git a/dom/broadcastchannel/BroadcastChannelParent.h b/dom/broadcastchannel/BroadcastChannelParent.h index 6ab3bb9..fc2d9de 100644 --- a/dom/broadcastchannel/BroadcastChannelParent.h +++ b/dom/broadcastchannel/BroadcastChannelParent.h @@ -24,11 +24,13 @@ class BroadcastChannelParent final : public PBroadcastChannelParent public: void CheckAndDeliver(const ClonedMessageData& aData, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, bool aPrivateBrowsing); private: BroadcastChannelParent(const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing); ~BroadcastChannelParent(); @@ -42,6 +44,7 @@ private: nsRefPtr<BroadcastChannelService> mService; nsString mOrigin; + nsString mFirstPartyHost; nsString mChannel; bool mPrivateBrowsing; }; diff --git a/dom/broadcastchannel/BroadcastChannelService.cpp b/dom/broadcastchannel/BroadcastChannelService.cpp index 7b73c72..debc111 100644 --- a/dom/broadcastchannel/BroadcastChannelService.cpp +++ b/dom/broadcastchannel/BroadcastChannelService.cpp @@ -83,11 +83,13 @@ struct MOZ_STACK_CLASS PostMessageData final PostMessageData(BroadcastChannelParent* aParent, const ClonedMessageData& aData, const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing) : mParent(aParent) , mData(aData) , mOrigin(aOrigin) + , mFirstPartyHost(aFirstPartyHost) , mChannel(aChannel) , mPrivateBrowsing(aPrivateBrowsing) { @@ -117,6 +119,7 @@ struct MOZ_STACK_CLASS PostMessageData final const ClonedMessageData& mData; nsTArray<nsRefPtr<FileImpl>> mFiles; const nsString mOrigin; + const nsString mFirstPartyHost; const nsString mChannel; bool mPrivateBrowsing; }; @@ -131,8 +134,8 @@ PostMessageEnumerator(nsPtrHashKey<BroadcastChannelParent>* aKey, void* aPtr) MOZ_ASSERT(parent); if (parent != data->mParent) { - parent->CheckAndDeliver(data->mData, data->mOrigin, data->mChannel, - data->mPrivateBrowsing); + parent->CheckAndDeliver(data->mData, data->mOrigin, data->mFirstPartyHost, + data->mChannel, data->mPrivateBrowsing); } return PL_DHASH_NEXT; @@ -144,6 +147,7 @@ void BroadcastChannelService::PostMessage(BroadcastChannelParent* aParent, const ClonedMessageData& aData, const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing) { @@ -151,7 +155,8 @@ BroadcastChannelService::PostMessage(BroadcastChannelParent* aParent, MOZ_ASSERT(aParent); MOZ_ASSERT(mAgents.Contains(aParent)); - PostMessageData data(aParent, aData, aOrigin, aChannel, aPrivateBrowsing); + PostMessageData data(aParent, aData, aOrigin, aFirstPartyHost, + aChannel, aPrivateBrowsing); mAgents.EnumerateEntries(PostMessageEnumerator, &data); } diff --git a/dom/broadcastchannel/BroadcastChannelService.h b/dom/broadcastchannel/BroadcastChannelService.h index 3864e78..30345c5 100644 --- a/dom/broadcastchannel/BroadcastChannelService.h +++ b/dom/broadcastchannel/BroadcastChannelService.h @@ -32,6 +32,7 @@ public: void PostMessage(BroadcastChannelParent* aParent, const ClonedMessageData& aData, const nsAString& aOrigin, + const nsAString& aFirstPartyHost, const nsAString& aChannel, bool aPrivateBrowsing); diff --git a/ipc/glue/BackgroundChildImpl.cpp b/ipc/glue/BackgroundChildImpl.cpp index c29f9b7..4c6e7e5 100644 --- a/ipc/glue/BackgroundChildImpl.cpp +++ b/ipc/glue/BackgroundChildImpl.cpp @@ -214,6 +214,7 @@ BackgroundChildImpl::DeallocPVsyncChild(PVsyncChild* aActor) dom::PBroadcastChannelChild* BackgroundChildImpl::AllocPBroadcastChannelChild(const PrincipalInfo& aPrincipalInfo, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, const bool& aPrivateBrowsing) { diff --git a/ipc/glue/BackgroundChildImpl.h b/ipc/glue/BackgroundChildImpl.h index 267fb3c..27f78ba 100644 --- a/ipc/glue/BackgroundChildImpl.h +++ b/ipc/glue/BackgroundChildImpl.h @@ -80,6 +80,7 @@ protected: virtual PBroadcastChannelChild* AllocPBroadcastChannelChild(const PrincipalInfo& aPrincipalInfo, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, const bool& aPrivateBrowsing) override; diff --git a/ipc/glue/BackgroundParentImpl.cpp b/ipc/glue/BackgroundParentImpl.cpp index 54a0afe..3bf16f0 100644 --- a/ipc/glue/BackgroundParentImpl.cpp +++ b/ipc/glue/BackgroundParentImpl.cpp @@ -250,13 +250,15 @@ mozilla::dom::PBroadcastChannelParent* BackgroundParentImpl::AllocPBroadcastChannelParent( const PrincipalInfo& aPrincipalInfo, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, const bool& aPrivateBrowsing) { AssertIsInMainProcess(); AssertIsOnBackgroundThread(); - return new BroadcastChannelParent(aOrigin, aChannel, aPrivateBrowsing); + return new BroadcastChannelParent(aOrigin, aFirstPartyHost, + aChannel, aPrivateBrowsing); } namespace { @@ -324,6 +326,7 @@ BackgroundParentImpl::RecvPBroadcastChannelConstructor( PBroadcastChannelParent* actor, const PrincipalInfo& aPrincipalInfo, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, const bool& aPrivateBrowsing) { diff --git a/ipc/glue/BackgroundParentImpl.h b/ipc/glue/BackgroundParentImpl.h index 1b58cf0..aeccd53 100644 --- a/ipc/glue/BackgroundParentImpl.h +++ b/ipc/glue/BackgroundParentImpl.h @@ -73,6 +73,7 @@ protected: virtual PBroadcastChannelParent* AllocPBroadcastChannelParent(const PrincipalInfo& aPrincipalInfo, const nsString& aOrigin, + const nsString& aFirstPartyHost, const nsString& aChannel, const bool& aPrivateBrowsing) override; @@ -80,6 +81,7 @@ protected: RecvPBroadcastChannelConstructor(PBroadcastChannelParent* actor, const PrincipalInfo& aPrincipalInfo, const nsString& origin, + const nsString& firstPartyHost, const nsString& channel, const bool& aPrivateBrowsing) override; diff --git a/ipc/glue/PBackground.ipdl b/ipc/glue/PBackground.ipdl index 6533290..dd5fdea 100644 --- a/ipc/glue/PBackground.ipdl +++ b/ipc/glue/PBackground.ipdl @@ -34,7 +34,8 @@ parent: PVsync(); - PBroadcastChannel(PrincipalInfo pInfo, nsString origin, nsString channel, + PBroadcastChannel(PrincipalInfo pInfo, nsString origin, + nsString firstPartyHost, nsString channel, bool privateBrowsing); RegisterServiceWorker(ServiceWorkerRegistrationData data);

1 0

[tor-browser/tor-browser-38.1.0esr-5.x-1] fixup! Bug 12827: Create preference to disable SVG.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 455a21820dff054fb8bde1417f3d0a289917d932 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Jun 25 12:06:54 2015 -0400 fixup! Bug 12827: Create preference to disable SVG. If an <object> is used to load an SVG from a .xml file, avoid dereferencing null pointers when script elements are created as generic elements (i.e., when svg.in-content.enabled=false). Fixes ticket #16397. --- dom/xml/nsXMLContentSink.cpp | 12 +++++++++--- dom/xml/nsXMLFragmentContentSink.cpp | 4 ++-- dom/xslt/xslt/txMozillaXMLOutput.cpp | 15 ++++++++------- parser/html/nsHtml5TreeOpExecutor.cpp | 2 ++ 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/dom/xml/nsXMLContentSink.cpp b/dom/xml/nsXMLContentSink.cpp index cb360a1..3a512e2 100644 --- a/dom/xml/nsXMLContentSink.cpp +++ b/dom/xml/nsXMLContentSink.cpp @@ -473,8 +473,10 @@ nsXMLContentSink::CreateElement(const char16_t** aAtts, uint32_t aAttsCount, || aNodeInfo->Equals(nsGkAtoms::script, kNameSpaceID_SVG) ) { nsCOMPtr<nsIScriptElement> sele = do_QueryInterface(content); - sele->SetScriptLineNumber(aLineNumber); - sele->SetCreatorParser(GetParser()); + if (sele) { + sele->SetScriptLineNumber(aLineNumber); + sele->SetCreatorParser(GetParser()); + } mConstrainSize = false; } @@ -556,13 +558,17 @@ nsXMLContentSink::CloseElement(nsIContent* aContent) nsCOMPtr<nsIScriptElement> sele = do_QueryInterface(aContent); if (mPreventScriptExecution) { - sele->PreventExecution(); + if (sele) + sele->PreventExecution(); return NS_OK; } // Always check the clock in nsContentSink right after a script StopDeflecting(); + if (!sele) + return NS_OK; + // Now tell the script that it's ready to go. This may execute the script // or return true, or neither if the script doesn't need executing. bool block = sele->AttemptToExecute(); diff --git a/dom/xml/nsXMLFragmentContentSink.cpp b/dom/xml/nsXMLFragmentContentSink.cpp index 7fce46b..b3d25e9 100644 --- a/dom/xml/nsXMLFragmentContentSink.cpp +++ b/dom/xml/nsXMLFragmentContentSink.cpp @@ -230,8 +230,8 @@ nsXMLFragmentContentSink::CloseElement(nsIContent* aContent) if (mPreventScriptExecution && aContent->Tag() == nsGkAtoms::script && (aContent->IsHTML() || aContent->IsSVG())) { nsCOMPtr<nsIScriptElement> sele = do_QueryInterface(aContent); - NS_ASSERTION(sele, "script did QI correctly!"); - sele->PreventExecution(); + if (sele) + sele->PreventExecution(); } return NS_OK; } diff --git a/dom/xslt/xslt/txMozillaXMLOutput.cpp b/dom/xslt/xslt/txMozillaXMLOutput.cpp index d72910e..b4c0098 100644 --- a/dom/xslt/xslt/txMozillaXMLOutput.cpp +++ b/dom/xslt/xslt/txMozillaXMLOutput.cpp @@ -300,13 +300,14 @@ txMozillaXMLOutput::endElement() } else if ((ns == kNameSpaceID_XHTML || ns == kNameSpaceID_SVG) && localName == nsGkAtoms::script) { nsCOMPtr<nsIScriptElement> sele = do_QueryInterface(element); - MOZ_ASSERT(sele, "script elements need to implement nsIScriptElement"); - bool block = sele->AttemptToExecute(); - // If the act of insertion evaluated the script, we're fine. - // Else, add this script element to the array of loading scripts. - if (block) { - rv = mNotifier->AddScriptElement(sele); - NS_ENSURE_SUCCESS(rv, rv); + if (sele) { + bool block = sele->AttemptToExecute(); + // If the act of insertion evaluated the script, we're fine. + // Else, add this script element to the array of loading scripts. + if (block) { + rv = mNotifier->AddScriptElement(sele); + NS_ENSURE_SUCCESS(rv, rv); + } } } else if (ns == kNameSpaceID_XHTML && (localName == nsGkAtoms::input || diff --git a/parser/html/nsHtml5TreeOpExecutor.cpp b/parser/html/nsHtml5TreeOpExecutor.cpp index 6c424c8..ecb238e 100644 --- a/parser/html/nsHtml5TreeOpExecutor.cpp +++ b/parser/html/nsHtml5TreeOpExecutor.cpp @@ -636,6 +636,8 @@ nsHtml5TreeOpExecutor::RunScript(nsIContent* aScriptElement) NS_ASSERTION(aScriptElement, "No script to run"); nsCOMPtr<nsIScriptElement> sele = do_QueryInterface(aScriptElement); + if (!sele) + return; if (!mParser) { NS_ASSERTION(sele->IsMalformed(), "Script wasn't marked as malformed.");

1 0

[tor-browser-bundle/maint-4.5] Bug 16446: Update FTE bridge #1 fingerprint.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 16c6fa4a20e67cb34fc2e29680eca6e9fa890b2f Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Jun 25 12:52:50 2015 -0700 Bug 16446: Update FTE bridge #1 fingerprint. --- Bundle-Data/PTConfigs/bridge_prefs.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Bundle-Data/PTConfigs/bridge_prefs.js b/Bundle-Data/PTConfigs/bridge_prefs.js index 8e7fd43..5137356 100644 --- a/Bundle-Data/PTConfigs/bridge_prefs.js +++ b/Bundle-Data/PTConfigs/bridge_prefs.js @@ -14,14 +14,14 @@ pref("extensions.torlauncher.default_bridge.flashproxy.3", "flashproxy 0.0.1.0:3 pref("extensions.torlauncher.default_bridge.flashproxy.4", "flashproxy 0.0.1.0:4 4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD"); pref("extensions.torlauncher.default_bridge.flashproxy.5", "flashproxy 0.0.1.0:5 4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD"); -pref("extensions.torlauncher.default_bridge.fte.1", "fte 192.240.101.106:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E"); +pref("extensions.torlauncher.default_bridge.fte.1", "fte 192.240.101.106:80 FDC5BA65D93B6BCA5EBDF8EF8E4FA936B7F1F8E5"); pref("extensions.torlauncher.default_bridge.fte.2", "fte 50.7.176.114:80 2BD466989944867075E872310EBAD65BC88C8AEF"); pref("extensions.torlauncher.default_bridge.fte.3", "fte 131.252.210.150:8080 0E858AC201BF0F3FA3C462F64844CBFFC7297A42"); pref("extensions.torlauncher.default_bridge.fte.4", "fte 128.105.214.161:8080 1E326AAFB3FCB515015250D8FCCC8E37F91A153B"); pref("extensions.torlauncher.default_bridge.fte.5", "fte 128.105.214.162:8080 FC562097E1951DCC41B7D7F324D88157119BB56D"); pref("extensions.torlauncher.default_bridge.fte.6", "fte 128.105.214.163:8080 A17A40775FBD2CA1184BF80BFC330A77ECF9D0E9"); -pref("extensions.torlauncher.default_bridge.fte-ipv6.1", "fte [2001:49f0:d002:1::2]:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E"); +pref("extensions.torlauncher.default_bridge.fte-ipv6.1", "fte [2001:49f0:d002:1::2]:80 FDC5BA65D93B6BCA5EBDF8EF8E4FA936B7F1F8E5"); pref("extensions.torlauncher.default_bridge.fte-ipv6.2", "fte [2001:49f0:d00a:1::c]:80 2BD466989944867075E872310EBAD65BC88C8AEF"); pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T");

1 0

[tor-browser-bundle/maint-4.5] Bug 16430: Backport Tor patch to allow DNS names with _
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit 2c3f85664eda04e9a942d56d1c56ff2cc7d2de83 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Jun 25 12:58:44 2015 -0700 Bug 16430: Backport Tor patch to allow DNS names with _ --- gitian/descriptors/linux/gitian-tor.yml | 2 + gitian/descriptors/mac/gitian-tor.yml | 2 + gitian/descriptors/windows/gitian-tor.yml | 2 + gitian/patches/bug16430.patch | 93 +++++++++++++++++++++++++++++ 4 files changed, 99 insertions(+) diff --git a/gitian/descriptors/linux/gitian-tor.yml b/gitian/descriptors/linux/gitian-tor.yml index b218486..b95bcf5 100644 --- a/gitian/descriptors/linux/gitian-tor.yml +++ b/gitian/descriptors/linux/gitian-tor.yml @@ -22,6 +22,7 @@ files: - "bug8402-master.patch" - "bug8405.patch" - "bug15482.patch" +- "bug16430.patch" - "dzip.sh" - "openssl-linux32-utils.zip" - "openssl-linux64-utils.zip" @@ -83,6 +84,7 @@ script: | git am ~/build/bug8402-master.patch else git am ~/build/bug15482.patch + git am ~/build/bug16430.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/descriptors/mac/gitian-tor.yml b/gitian/descriptors/mac/gitian-tor.yml index 3d0e0c6..8a7d333 100644 --- a/gitian/descriptors/mac/gitian-tor.yml +++ b/gitian/descriptors/mac/gitian-tor.yml @@ -18,6 +18,7 @@ files: - "bug8402-master.patch" - "bug8405.patch" - "bug15482.patch" +- "bug16430.patch" - "apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb" - "multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz" - "dzip.sh" @@ -61,6 +62,7 @@ script: | git am ~/build/bug8402-master.patch else git am ~/build/bug15482.patch + git am ~/build/bug16430.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/descriptors/windows/gitian-tor.yml b/gitian/descriptors/windows/gitian-tor.yml index 87e1dc2..c47982e 100644 --- a/gitian/descriptors/windows/gitian-tor.yml +++ b/gitian/descriptors/windows/gitian-tor.yml @@ -18,6 +18,7 @@ files: - "bug8402-master.patch" - "bug8405.patch" - "bug15482.patch" +- "bug16430.patch" - "binutils.tar.bz2" - "dzip.sh" - "mingw-w64-win32-utils.zip" @@ -61,6 +62,7 @@ script: | git am ~/build/bug8402-master.patch else git am ~/build/bug15482.patch + git am ~/build/bug16430.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/patches/bug16430.patch b/gitian/patches/bug16430.patch new file mode 100644 index 0000000..81bbe3e --- /dev/null +++ b/gitian/patches/bug16430.patch @@ -0,0 +1,93 @@ +From 3f336966a264d7cd7c6dab08fb85d85273f06d68 Mon Sep 17 00:00:00 2001 +From: Yawning Angel <yawning(a)schwanenlied.me> +Date: Wed, 24 Jun 2015 13:52:29 +0000 +Subject: [PATCH] Work around nytimes.com's broken hostnames in our SOCKS + checks. + +RFC 952 is approximately 30 years old, and people are failing to comply, +by serving A records with '_' as part of the hostname. Since relaxing +the check is a QOL improvement for our userbase, relax the check to +allow such abominations as destinations, especially since there are +likely to be other similarly misconfigured domains out there. +--- + changes/bug16430 | 4 ++++ + src/common/util.c | 7 +++++-- + src/test/test_util.c | 9 +++++++-- + 3 files changed, 16 insertions(+), 4 deletions(-) + create mode 100644 changes/bug16430 + +diff --git a/changes/bug16430 b/changes/bug16430 +new file mode 100644 +index 0000000..ca7b874 +--- /dev/null ++++ b/changes/bug16430 +@@ -0,0 +1,4 @@ ++ o Minor features (client): ++ - Relax the validation done to hostnames in SOCKS5 requests, and allow ++ '_' to cope with domains observed in the wild that are serving non-RFC ++ compliant records. Resolves ticket 16430. +diff --git a/src/common/util.c b/src/common/util.c +index 942d0c2..4490150 100644 +--- a/src/common/util.c ++++ b/src/common/util.c +@@ -1036,6 +1036,9 @@ string_is_valid_ipv6_address(const char *string) + + /** Return true iff <b>string</b> matches a pattern of DNS names + * that we allow Tor clients to connect to. ++ * ++ * Note: This allows certain technically invalid characters ('_') to cope ++ * with misconfigured zones that have been encountered in the wild. + */ + int + string_is_valid_hostname(const char *string) +@@ -1048,7 +1051,7 @@ string_is_valid_hostname(const char *string) + smartlist_split_string(components,string,".",0,0); + + SMARTLIST_FOREACH_BEGIN(components, char *, c) { +- if (c[0] == '-') { ++ if ((c[0] == '-') || (*c == '_')) { + result = 0; + break; + } +@@ -1057,7 +1060,7 @@ string_is_valid_hostname(const char *string) + if ((*c >= 'a' && *c <= 'z') || + (*c >= 'A' && *c <= 'Z') || + (*c >= '0' && *c <= '9') || +- (*c == '-')) ++ (*c == '-') || (*c == '_')) + c++; + else + result = 0; +diff --git a/src/test/test_util.c b/src/test/test_util.c +index b0366db..0f64c26 100644 +--- a/src/test/test_util.c ++++ b/src/test/test_util.c +@@ -4268,18 +4268,23 @@ test_util_hostname_validation(void *arg) + tt_assert(string_is_valid_hostname("stanford.edu")); + tt_assert(string_is_valid_hostname("multiple-words-with-hypens.jp")); + +- // Subdomain name cannot start with '-'. ++ // Subdomain name cannot start with '-' or '_'. + tt_assert(!string_is_valid_hostname("-torproject.org")); + tt_assert(!string_is_valid_hostname("subdomain.-domain.org")); + tt_assert(!string_is_valid_hostname("-subdomain.domain.org")); ++ tt_assert(!string_is_valid_hostname("___abc.org")); + + // Hostnames cannot contain non-alphanumeric characters. + tt_assert(!string_is_valid_hostname("%%domain.\\org.")); + tt_assert(!string_is_valid_hostname("***x.net")); +- tt_assert(!string_is_valid_hostname("___abc.org")); + tt_assert(!string_is_valid_hostname("\xff\xffxyz.org")); + tt_assert(!string_is_valid_hostname("word1 word2.net")); + ++ // Test workaround for nytimes.com stupidity, technically invalid, ++ // but we allow it since they are big, even though they are failing to ++ // comply with a ~30 year old standard. ++ tt_assert(string_is_valid_hostname("core3_euw1.fabrik.nytimes.com")); ++ + // XXX: do we allow single-label DNS names? + + done: +-- +1.9.1 +

1 0

[tor-browser-bundle/maint-4.5] Update changelog for 4.5.3.
by mikeperry＠torproject.org 25 Jun '15

25 Jun '15

commit d1fa7e5602d806bcedff71797453ce2de4169b4f Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Jun 25 12:59:01 2015 -0700 Update changelog for 4.5.3. --- Bundle-Data/Docs/ChangeLog.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index 2cd2710..9a03b5f 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -9,6 +9,9 @@ Tor Browser 4.5.3 -- June 30 2015 * Translation updates * Bug 16397: Fix crash related to disabling SVG * Bug 16403: Set search parameters for Disconnect + * Bug 16446: Update FTE bridge #1 fingerprint + * Tor patch backport + * Bug 16430: Allow DNS names with _ characters in them (fixes nytimes.com) Tor Browser 5.0a2 -- June 15 2015 * All Platforms

1 0

[tor-browser-bundle/master] Included change log for 4.5.3
by gk＠torproject.org 25 Jun '15

25 Jun '15

commit 5bbed9ba56ce1bda1adc6d43802b86c0909feb41 Author: Georg Koppen <gk(a)torproject.org> Date: Thu Jun 25 18:40:05 2015 +0000 Included change log for 4.5.3 --- Bundle-Data/Docs/ChangeLog.txt | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index e986e5c..2cd2710 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,15 @@ +Tor Browser 4.5.3 -- June 30 2015 + * All Platforms + * Update Firefox to 31.8.0esr + * Update OpenSSL to 1.0.1o + * Update NoScript to 2.6.9.27 + * Update Torbutton to 1.9.2.8 + * Bug 16403: Set search parameters for Disconnect + * Bug 14429: Make sure the automatic resizing is disabled + * Translation updates + * Bug 16397: Fix crash related to disabling SVG + * Bug 16403: Set search parameters for Disconnect + Tor Browser 5.0a2 -- June 15 2015 * All Platforms * Update Tor to 0.2.7.1-alpha

1 0