February 2012 - tor-commits - lists.torproject.org

[torbrowser/maint-2.3] bump all tbb versions to 2.2.35-5 for firefox, openssl, qt, noscript, and https-everywhere updates
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 0a9fb84816e8825303a8a6acccc4ab9ed696348b Author: Erinn Clark <erinn(a)torproject.org> Date: Fri Feb 3 00:49:03 2012 +0100 bump all tbb versions to 2.2.35-5 for firefox, openssl, qt, noscript, and https-everywhere updates --- README.LINUX-2.2 | 10 +++++----- README.OSX-2.2 | 10 +++++----- README.WIN-2.2 | 13 ++++++------- build-scripts/linux.mk | 2 +- build-scripts/versions.mk | 8 ++++---- build-scripts/windows.mk | 2 +- changelog.linux-2.2 | 13 +++++++++++++ changelog.osx-2.2 | 12 ++++++++++++ changelog.windows-2.2 | 14 ++++++++++++++ 9 files changed, 61 insertions(+), 23 deletions(-) diff --git a/README.LINUX-2.2 b/README.LINUX-2.2 index fa8278a..3466964 100644 --- a/README.LINUX-2.2 +++ b/README.LINUX-2.2 @@ -4,12 +4,12 @@ Tor Browser Bundle for GNU/Linux Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -Firefox (Aurora) 9.0.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/README.OSX-2.2 b/README.OSX-2.2 index f5b4363..56fb53a 100644 --- a/README.OSX-2.2 +++ b/README.OSX-2.2 @@ -4,12 +4,12 @@ Tor Browser Bundle for Mac OS X Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -Firefox (Aurora) 9.0.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/README.WIN-2.2 b/README.WIN-2.2 index 6fa63a6..b586bd5 100644 --- a/README.WIN-2.2 +++ b/README.WIN-2.2 @@ -4,13 +4,12 @@ Tor Browser Bundle for Windows Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -FirefoxPortable 9.0.1 - \_ Firefox (Aurora) 9.0.1 - \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 + \_ Torbutton 1.4.5.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/build-scripts/linux.mk b/build-scripts/linux.mk index 594e4d7..c8cfc88 100644 --- a/build-scripts/linux.mk +++ b/build-scripts/linux.mk @@ -36,7 +36,7 @@ include $(PWD)/versions.mk ## Architecture ARCH_TYPE=$(shell uname -m) -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=Linux ## Location of directory for source unpacking diff --git a/build-scripts/versions.mk b/build-scripts/versions.mk index ec85656..1ee01eb 100644 --- a/build-scripts/versions.mk +++ b/build-scripts/versions.mk @@ -2,12 +2,12 @@ RELEASE_VER=2.2.35 -HTTPSEVERY_VER=1.2.1 -FIREFOX_VER=9.0.1 +HTTPSEVERY_VER=1.2.2 +FIREFOX_VER=10.0 LIBEVENT_VER=2.0.16-stable LIBPNG_VER=1.4.8 -NOSCRIPT_VER=2.2.5 -OPENSSL_VER=1.0.0f +NOSCRIPT_VER=2.2.8 +OPENSSL_VER=1.0.0g OTR_VER=3.2.0 PIDGIN_VER=2.6.4 QT_VER=4.6.2 diff --git a/build-scripts/windows.mk b/build-scripts/windows.mk index 159f1b2..a8ddb91 100644 --- a/build-scripts/windows.mk +++ b/build-scripts/windows.mk @@ -31,7 +31,7 @@ ## Include versions include $(PWD)/versions.mk -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=Windows ## Location of required libraries diff --git a/changelog.linux-2.2 b/changelog.linux-2.2 index fb5e57c..cef8906 100644 --- a/changelog.linux-2.2 +++ b/changelog.linux-2.2 @@ -1,3 +1,16 @@ +Tor Browser Bundle (2.2.35-5); suite=linux + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + * Put documentation in remove-shared-lib-symlinks debug dumps (closes: #4984) + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:17:09 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=linux * Update OpenSSL to 1.0.0f diff --git a/changelog.osx-2.2 b/changelog.osx-2.2 index a327aaf..80a7d10 100644 --- a/changelog.osx-2.2 +++ b/changelog.osx-2.2 @@ -1,3 +1,15 @@ +Tor Browser Bundle (2.2.35-5); suite=osx + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:14:24 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=osx * Update OpenSSL to 1.0.0f diff --git a/changelog.windows-2.2 b/changelog.windows-2.2 index 36fd885..c465b79 100644 --- a/changelog.windows-2.2 +++ b/changelog.windows-2.2 @@ -1,3 +1,17 @@ +Tor Browser Bundle (2.2.35-5); suite=windows + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + * Make sure mozconfig always gets copied into the Firefox build directory + (closes: #4879) + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:17:05 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=windows * Update OpenSSL to 1.0.0f

1 0

[torbrowser/maint-2.3] fix some path names since this is the stable branch
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 2474a46bae381d165477732226a9c5762fa5e6fc Author: Erinn Clark <erinn(a)torproject.org> Date: Fri Feb 3 00:49:43 2012 +0100 fix some path names since this is the stable branch --- build-scripts/osx.mk | 10 +++++----- build-scripts/versions.mk | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build-scripts/osx.mk b/build-scripts/osx.mk index 8f31ec8..a06200d 100644 --- a/build-scripts/osx.mk +++ b/build-scripts/osx.mk @@ -20,7 +20,7 @@ ### make -f osx.mk build-all-binaries ### make -f osx.mk all-compressed-bundles ### ... -### Look in tbbosx-alpha-dist/ for your files. +### Look in tbbosx-dist/ for your files. ### ### See LICENSE for licensing information ### @@ -36,14 +36,14 @@ include $(PWD)/versions.mk ## Architecture ARCH_TYPE=i386 -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=MacOS ## Location of directory for source unpacking -FETCH_DIR=$(PWD)/build-alpha-$(ARCH_TYPE) +FETCH_DIR=$(PWD)/build-$(ARCH_TYPE) ## Location of directory for prefix/destdir/compiles/etc BUILT_DIR=$(FETCH_DIR)/built -TBB_FINAL=$(BUILT_DIR)/tbbosx-alpha-dist +TBB_FINAL=$(BUILT_DIR)/tbbosx-dist source-dance: fetch-source unpack-source echo "We're ready for building now." @@ -154,7 +154,7 @@ DEST=generic-bundle NAME=TorBrowser ## Where shall we put the finished files for distribution? -DISTDIR=tbbosx-alpha-dist +DISTDIR=tbbosx-dist ## Version and name of the compressed bundle (also used for source) VERSION=$(RELEASE_VER)-$(BUILD_NUM)-dev diff --git a/build-scripts/versions.mk b/build-scripts/versions.mk index 1ee01eb..5eac8db 100644 --- a/build-scripts/versions.mk +++ b/build-scripts/versions.mk @@ -106,7 +106,7 @@ unpack-libevent: cd $(FETCH_DIR) && tar -xvzf $(LIBEVENT_PACKAGE) unpack-tor: - -rm -rf $(FETCH_DIR)/tor-$(TOR-VER) + -rm -rf $(FETCH_DIR)/tor-$(TOR_VER) cd $(FETCH_DIR) && tar -xvzf $(TOR_PACKAGE) unpack-firefox:

1 0

[torbrowser/master] [Linux] Fix --help option of remove-shared-library-symlinks
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 647511023d800bd4bdeba3b2964c48b1d734a582 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Mon Jan 30 00:47:13 2012 -0800 [Linux] Fix --help option of remove-shared-library-symlinks Previously, the script would crash upon entering the outer if block (and trying to parse the inner if statement). (Tcl requires that most non-operator strings in expressions be quoted.) --- build-scripts/remove-shared-lib-symlinks | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/build-scripts/remove-shared-lib-symlinks b/build-scripts/remove-shared-lib-symlinks index 4692625..c847a5e 100755 --- a/build-scripts/remove-shared-lib-symlinks +++ b/build-scripts/remove-shared-lib-symlinks @@ -34,7 +34,7 @@ if {$argc != 1 || puts -nonewline $usage_chan $usage - if {$usage_chan eq stderr} { + if {$usage_chan eq "stderr"} { exit 2 } else { exit 0

1 0

[torbrowser/master] [4984 Linux] Put documentation in remove-shared-lib-symlinks debug dumps
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 6a351a8317c19b436f7f2a9b211aaf982027fef5 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Mon Jan 30 04:12:53 2012 -0800 [4984 Linux] Put documentation in remove-shared-lib-symlinks debug dumps Also, print each list item on a separate line; this makes parsing the files in another program potentially much more of a PITA, but hopefully we'll never have filenames containing newlines. --- build-scripts/remove-shared-lib-symlinks | 65 +++++++++++++++++++++++++----- 1 files changed, 55 insertions(+), 10 deletions(-) diff --git a/build-scripts/remove-shared-lib-symlinks b/build-scripts/remove-shared-lib-symlinks index c847a5e..d08a716 100755 --- a/build-scripts/remove-shared-lib-symlinks +++ b/build-scripts/remove-shared-lib-symlinks @@ -181,14 +181,42 @@ foreach {x} $shared_lib_filenames { # Write the current list of shared library names and the list of # rename/delete actions to disk. -# -# FIXME Currently, we write these out as single Tcl lists, most likely -# on a single line, because that is the only format that we can easily -# emit which can also be parsed easily and unambiguously by another -# program. Someday that should be improved; until then, it should be -# easy enough to write a tiny Tcl program that reads the list and -# writes out one list element per line or a tiny Tk program that reads -# the list and sticks it in a listbox widget. + +set debug_dump_common_header [string trimleft { + +In order to make Tor Browser Bundle for Linux run successfully when +extracted or copied onto a filesystem which does not support symbolic +links (such as the FAT filesystem used on most USB sticks), all shared +library symlinks in this directory were removed, and some shared +libraries in this directory were renamed to match the names by which +the loader will search for them. + +Since the process of removing symlinks and renaming shared libraries +loses some potentially important information about shared library +version numbers, the remove-shared-lib-symlinks script which performs +these operations records some information about its actions. + +See build-scripts/remove-shared-lib-symlinks in torbrowser.git for +more information. +}] + +set library_list_header [string trimleft { + +This file contains a list of the files and symlinks which the +remove-shared-lib-symlinks script might have affected. +}] + +set library_rename_action_list_header [string trimleft { + +This file contains a list of the rename (mv) and delete (rm) actions +which the remove-shared-lib-symlinks script performed to remove shared +library symlinks from this directory. +}] + +proc line_list {s} { + split $s "\n" +} + set library_list {} foreach {x} $shared_lib_filenames { set x_type [file type $x] @@ -202,12 +230,29 @@ foreach {x} $shared_lib_filenames { } lappend library_list [list $x $x_type $extra_info] } + set library_list_chan [open ".shared-library-name-list" {WRONLY CREAT EXCL}] -puts -nonewline $library_list_chan $library_list +foreach {x} [line_list $debug_dump_common_header] { + puts $library_list_chan "# $x" +} +foreach {x} [line_list $library_list_header] { + puts $library_list_chan "# $x" +} +foreach {x} $library_list { + puts $library_list_chan $x +} close $library_list_chan set action_list_chan [open ".shared-library-rename-action-list" {WRONLY CREAT EXCL}] -puts -nonewline $action_list_chan $shared_lib_name_actions +foreach {x} [line_list $debug_dump_common_header] { + puts $action_list_chan "# $x" +} +foreach {x} [line_list $library_rename_action_list_header] { + puts $action_list_chan "# $x" +} +foreach {x} $shared_lib_name_actions { + puts $action_list_chan $x +} close $action_list_chan # Perform the rename/delete actions.

1 0

[torbrowser/master] Add patch for font limiting.
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 6bd23bc373a372b010d5bdfb659ca3e17fcf864c Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed Dec 28 22:12:08 2011 -0600 Add patch for font limiting. --- ...13-Limit-the-number-of-fonts-per-document.patch | 228 ++++++++++++++++++++ 1 files changed, 228 insertions(+), 0 deletions(-) diff --git a/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch new file mode 100644 index 0000000..989d072 --- /dev/null +++ b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch @@ -0,0 +1,228 @@ +From 27c2a4a72504fe9a08cbfdf2210b05263bd693dd Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Tue, 27 Dec 2011 15:28:22 -0600 +Subject: [PATCH 13/13] Limit the number of fonts per document. + +We create two prefs: +browser.display.max_font_count and browser.display.max_font_attempts. +max_font_count sets a limit on the number of fonts actually used in the +document, and max_font_attempts sets a limit on the total number of CSS +queries that a document is allowed to perform. + +Once either limit is reached, the browser behaves as if +browser.display.use_document_fonts was set to 0 for subsequent font queries. + +If a pref is not set or is negative, that limit does not apply. + +This is done to address: +https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability +--- + layout/base/nsPresContext.cpp | 100 +++++++++++++++++++++++++++++++++++++++++ + layout/base/nsPresContext.h | 9 ++++ + layout/style/nsRuleNode.cpp | 13 ++++- + 3 files changed, 119 insertions(+), 3 deletions(-) + +diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp +index 0d5b1ce..ab9a7ba 100644 +--- a/layout/base/nsPresContext.cpp ++++ b/layout/base/nsPresContext.cpp +@@ -98,6 +98,8 @@ + #include "nsIFrameMessageManager.h" + #include "FrameLayerBuilder.h" + #include "nsDOMMediaQueryList.h" ++#include "nsString.h" ++#include "nsUnicharUtils.h" + + #ifdef MOZ_SMIL + #include "nsSMILAnimationController.h" +@@ -707,6 +709,10 @@ nsPresContext::GetUserPreferences() + // * use fonts? + mUseDocumentFonts = + Preferences::GetInt("browser.display.use_document_fonts") != 0; ++ mMaxFonts = ++ Preferences::GetInt("browser.display.max_font_count", -1); ++ mMaxFontAttempts = ++ Preferences::GetInt("browser.display.max_font_attempts", -1); + + // * replace backslashes with Yen signs? (bug 245770) + mEnableJapaneseTransform = +@@ -1306,6 +1312,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const + return font; + } + ++PRBool ++nsPresContext::FontUseCountReached(const nsFont &font) { ++ if (mMaxFonts < 0) { ++ return PR_FALSE; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { ++ if (mFontsUsed[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsUsed[i].style == font.style*/) { ++ // seen it before: OK ++ return PR_FALSE; ++ } ++ } ++ ++ if (mFontsUsed.Length() >= mMaxFonts) { ++ return PR_TRUE; ++ } ++ ++ return PR_FALSE; ++} ++ ++PRBool ++nsPresContext::FontAttemptCountReached(const nsFont &font) { ++ if (mMaxFontAttempts < 0) { ++ return PR_FALSE; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { ++ if (mFontsTried[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsTried[i].style == font.style*/) { ++ // seen it before: OK ++ return PR_FALSE; ++ } ++ } ++ ++ if (mFontsTried.Length() >= mMaxFontAttempts) { ++ return PR_TRUE; ++ } ++ ++ return PR_FALSE; ++} ++ ++void ++nsPresContext::AddFontUse(const nsFont &font) { ++ if (mMaxFonts < 0) { ++ return; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { ++ if (mFontsUsed[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsUsed[i].style == font.style*/) { ++ // seen it before: OK ++ return; ++ } ++ } ++ ++ if (mFontsUsed.Length() >= mMaxFonts) { ++ return; ++ } ++ ++ mFontsUsed.AppendElement(font); ++ return; ++} ++ ++void ++nsPresContext::AddFontAttempt(const nsFont &font) { ++ if (mMaxFontAttempts < 0) { ++ return; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { ++ if (mFontsTried[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsTried[i].style == font.style*/) { ++ // seen it before: OK ++ return; ++ } ++ } ++ ++ if (mFontsTried.Length() >= mMaxFontAttempts) { ++ return; ++ } ++ ++ mFontsTried.AppendElement(font); ++ return; ++} ++ + void + nsPresContext::SetFullZoom(float aZoom) + { +diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h +index 2b09cc0..fe8a926 100644 +--- a/layout/base/nsPresContext.h ++++ b/layout/base/nsPresContext.h +@@ -548,6 +548,13 @@ public: + } + } + ++ nsTArray<nsFont> mFontsUsed; // currently for font-count limiting only ++ nsTArray<nsFont> mFontsTried; // currently for font-count limiting only ++ void AddFontUse(const nsFont &font); ++ void AddFontAttempt(const nsFont &font); ++ PRBool FontUseCountReached(const nsFont &font); ++ PRBool FontAttemptCountReached(const nsFont &font); ++ + PRInt32 MinFontSize() const { + return NS_MAX(mMinFontSize, mMinimumFontSizePref); + } +@@ -1123,6 +1130,8 @@ protected: + PRUint32 mInterruptChecksToSkip; + + mozilla::TimeStamp mReflowStartTime; ++ PRInt32 mMaxFontAttempts; ++ PRInt32 mMaxFonts; + + unsigned mHasPendingInterrupt : 1; + unsigned mInterruptsEnabled : 1; +diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp +index a791723..5d65984 100644 +--- a/layout/style/nsRuleNode.cpp ++++ b/layout/style/nsRuleNode.cpp +@@ -3087,6 +3087,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + + // See if there is a minimum font-size constraint to honor + nscoord minimumFontSize = mPresContext->MinFontSize(); ++ PRBool isXUL = PR_FALSE; + + if (minimumFontSize < 0) + minimumFontSize = 0; +@@ -3098,10 +3099,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + // We only need to know this to determine if we have to use the + // document fonts (overriding the useDocumentFonts flag), or to + // determine if we have to override the minimum font-size constraint. +- if ((!useDocumentFonts || minimumFontSize > 0) && mPresContext->IsChrome()) { ++ if (mPresContext->IsChrome()) { + // if we are not using document fonts, but this is a XUL document, + // then we use the document fonts anyway +- useDocumentFonts = PR_TRUE; ++ isXUL = PR_TRUE; + minimumFontSize = 0; + } + +@@ -3116,9 +3117,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + // generic? + nsFont::GetGenericID(font->mFont.name, &generic); + ++ mPresContext->AddFontAttempt(font->mFont); ++ + // If we aren't allowed to use document fonts, then we are only entitled + // to use the user's default variable-width font and fixed-width font +- if (!useDocumentFonts) { ++ if (!isXUL && (!useDocumentFonts || ++ mPresContext->FontAttemptCountReached(font->mFont) || ++ mPresContext->FontUseCountReached(font->mFont))) { + // Extract the generic from the specified font family... + nsAutoString genericName; + if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { +@@ -3154,6 +3159,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + minimumFontSize, font); + } + ++ if (font->mGenericID == kGenericFont_NONE) ++ mPresContext->AddFontUse(font->mFont); + COMPUTE_END_INHERITED(Font, font) + } + +-- +1.7.3.4 +

1 0

[torbrowser/master] Rebase to Firefox 10.
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit b4780f07d6af74ee72d2e63aa032cf614b71c310 Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed Feb 1 16:54:29 2012 -0800 Rebase to Firefox 10. --- ...nents.interfaces-lookupMethod-from-conten.patch | 24 ++++++------ ...0002-Make-Permissions-Manager-memory-only.patch | 24 ++++++------ ...-Make-Intermediate-Cert-Store-memory-only.patch | 12 +++--- ...th-headers-before-the-modify-request-obse.patch | 15 ++++---- .../firefox/0005-Add-a-string-based-cacheKey.patch | 14 ++++---- ...6-Randomize-HTTP-pipeline-order-and-depth.patch | 30 ++++++++-------- .../0007-Block-all-plugins-except-flash.patch | 20 +++++----- ...ontent-pref-service-memory-only-clearable.patch | 12 +++--- ...owser-exit-when-not-launched-from-Vidalia.patch | 8 ++-- .../0010-Disable-SSL-Session-ID-tracking.patch | 6 ++-- ...observer-event-to-close-persistent-connec.patch | 21 ++++++----- ...e-client-values-only-to-CSS-Media-Queries.patch | 18 +++++----- ...13-Limit-the-number-of-fonts-per-document.patch | 36 ++++++++++---------- 13 files changed, 121 insertions(+), 119 deletions(-) diff --git a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch index de0903c..ba0da28 100644 --- a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch +++ b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch @@ -1,7 +1,7 @@ -From 658f53653a37767802d9cd992b8dd58d7503ea1b Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Mon, 20 Jun 2011 17:07:41 -0700 -Subject: [PATCH 01/12] Block Components.interfaces,lookupMethod from content +From 67b86f0c22070cbf86112174ae1e2ce6d6a36dee Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:40:40 -0800 +Subject: [PATCH 01/13] Block Components.interfaces,lookupMethod from content This patch removes the ability of content script to access Components.interfaces.* as well as call or access Components.lookupMethod. @@ -16,14 +16,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=429070 https://trac.torproject.org/projects/tor/ticket/2873 https://trac.torproject.org/projects/tor/ticket/2874 --- - js/src/xpconnect/src/xpccomponents.cpp | 8 ++++++-- + js/xpconnect/src/XPCComponents.cpp | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) -diff --git a/js/src/xpconnect/src/xpccomponents.cpp b/js/src/xpconnect/src/xpccomponents.cpp -index ca38e47..34175a5 100644 ---- a/js/src/xpconnect/src/xpccomponents.cpp -+++ b/js/src/xpconnect/src/xpccomponents.cpp -@@ -4431,7 +4431,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) +diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp +index 3bcbf91..d5c020a 100644 +--- a/js/xpconnect/src/XPCComponents.cpp ++++ b/js/xpconnect/src/XPCComponents.cpp +@@ -4456,7 +4456,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) NS_IMETHODIMP nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval) { @@ -34,7 +34,7 @@ index ca38e47..34175a5 100644 *_retval = xpc_CheckAccessList(methodName, allowed); return NS_OK; } -@@ -4440,7 +4442,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c +@@ -4465,7 +4467,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c NS_IMETHODIMP nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) { @@ -46,5 +46,5 @@ index ca38e47..34175a5 100644 return NS_OK; } -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch index fcc3802..ecd1e32 100644 --- a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch +++ b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch @@ -1,7 +1,7 @@ -From b390a17593f20c837facf0b9da1ee4696697f1b6 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Mon, 20 Jun 2011 17:07:56 -0700 -Subject: [PATCH 02/12] Make Permissions Manager memory-only +From 193c50c03aa61eef5415d0476467c22941022a11 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:45:16 -0800 +Subject: [PATCH 02/13] Make Permissions Manager memory-only This patch exposes a pref 'permissions.memory_only' that properly isolates the permissions manager to memory, which is responsible for all user specified @@ -16,7 +16,7 @@ https://trac.torproject.org/projects/tor/ticket/2950 1 files changed, 31 insertions(+), 3 deletions(-) diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp -index d72b794..b89887e 100644 +index 67eb216..12cc7cf 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -58,6 +58,10 @@ @@ -31,7 +31,7 @@ index d72b794..b89887e 100644 static nsPermissionManager *gPermissionManager = nsnull; @@ -203,6 +207,11 @@ nsPermissionManager::Init() - mObserverService->AddObserver(this, "profile-do-change", PR_TRUE); + mObserverService->AddObserver(this, "profile-do-change", true); } + nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID); @@ -42,11 +42,11 @@ index d72b794..b89887e 100644 if (IsChildProcess()) { // Get the permissions from the parent process InfallibleTArray<IPC::Permission> perms; -@@ -251,8 +260,18 @@ nsPermissionManager::InitDB(PRBool aRemoveFile) +@@ -251,8 +260,18 @@ nsPermissionManager::InitDB(bool aRemoveFile) if (!storage) return NS_ERROR_UNEXPECTED; -+ PRBool memory_db = false; ++ bool memory_db = false; + nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); + if (prefs) { + prefs->GetBoolPref("permissions.memory_only", &memory_db); @@ -61,9 +61,9 @@ index d72b794..b89887e 100644 + } NS_ENSURE_SUCCESS(rv, rv); - PRBool ready; -@@ -262,7 +281,11 @@ nsPermissionManager::InitDB(PRBool aRemoveFile) - rv = permissionsFile->Remove(PR_FALSE); + bool ready; +@@ -262,7 +281,11 @@ nsPermissionManager::InitDB(bool aRemoveFile) + rv = permissionsFile->Remove(false); NS_ENSURE_SUCCESS(rv, rv); - rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); @@ -90,5 +90,5 @@ index d72b794..b89887e 100644 // or is going away because the application is shutting down. if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) { -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch index e921f7d..ec575bc 100644 --- a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch +++ b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch @@ -1,7 +1,7 @@ -From 93a3a1886d34e5f73a385726c22ecfc4e72598a3 Mon Sep 17 00:00:00 2001 +From 5d72233faeba1745962f55fa09fe2f537eda93ec Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri, 19 Aug 2011 17:58:23 -0700 -Subject: [PATCH 03/12] Make Intermediate Cert Store memory-only. +Subject: [PATCH 03/13] Make Intermediate Cert Store memory-only. This patch makes the intermediate SSL cert store exist in memory only. @@ -12,15 +12,15 @@ https://trac.torproject.org/projects/tor/ticket/2949 1 files changed, 14 insertions(+), 1 deletions(-) diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp -index 5bb09ae..737715d 100644 +index a08c4ef..0ec3713 100644 --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp -@@ -1732,8 +1732,21 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox) +@@ -1730,8 +1730,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as // "/usr/lib/nss/libnssckbi.so". PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; - SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", -+ PRBool nocertdb = false; ++ bool nocertdb = false; + mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb); + + // XXX: We can also do the the following to only disable the certdb. @@ -39,5 +39,5 @@ index 5bb09ae..737715d 100644 if (init_rv != SECSuccess) { PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch index c0b2070..44dfccc 100644 --- a/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch +++ b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch @@ -1,7 +1,8 @@ -From f30579c50a6915314a470579da533f53200e61d8 Mon Sep 17 00:00:00 2001 +From 6dc27a50e06bca139a07546f94a827f1fdb762b7 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri, 2 Sep 2011 15:33:20 -0700 -Subject: [PATCH 04/12] Add HTTP auth headers before the modify-request observer. +Subject: [PATCH 04/13] Add HTTP auth headers before the modify-request + observer. Otherwise, how are we supposed to modify them? @@ -11,10 +12,10 @@ Thanks to Georg Koppen for spotting both the problem and this fix. 1 files changed, 7 insertions(+), 4 deletions(-) diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 3f9d049..945bc0d 100644 +index dec2a83..4c5e759 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -291,9 +291,6 @@ nsHttpChannel::Connect(PRBool firstTime) +@@ -316,9 +316,6 @@ nsHttpChannel::Connect(bool firstTime) return NS_ERROR_DOCUMENT_NOT_CACHED; } @@ -24,7 +25,7 @@ index 3f9d049..945bc0d 100644 if (mLoadFlags & LOAD_NO_NETWORK_IO) { return NS_ERROR_DOCUMENT_NOT_CACHED; } -@@ -3665,6 +3662,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) +@@ -3701,6 +3698,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) AddCookiesToRequest(); @@ -34,7 +35,7 @@ index 3f9d049..945bc0d 100644 // notify "http-on-modify-request" observers gHttpHandler->OnModifyRequest(this); -@@ -4741,7 +4741,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn) +@@ -4795,7 +4795,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn) // this authentication attempt (bug 84794). // TODO: save cookies from auth response and send them here (bug 572151). AddCookiesToRequest(); @@ -47,5 +48,5 @@ index 3f9d049..945bc0d 100644 gHttpHandler->OnModifyRequest(this); -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch index 87941e2..822033a 100644 --- a/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch +++ b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch @@ -1,7 +1,7 @@ -From 65410adb53fafe4ec717ab464cdefee3cdd35708 Mon Sep 17 00:00:00 2001 +From a06818f3a358e6c4502b944ecd264fd2ccaff5bf Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri, 2 Sep 2011 20:47:02 -0700 -Subject: [PATCH 05/12] Add a string-based cacheKey. +Subject: [PATCH 05/13] Add a string-based cacheKey. Used for isolating cache according to same-origin policy. --- @@ -29,10 +29,10 @@ index 2da46d6..4ee5774 100644 * may fail if the disk cache is not present. The value of this attribute * is usually only settable during the processing of a channel's diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 945bc0d..9e838d8 100644 +index 4c5e759..6205d62 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -2356,6 +2356,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, +@@ -2389,6 +2389,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, cacheKey.Append(buf); } @@ -45,7 +45,7 @@ index 945bc0d..9e838d8 100644 if (!cacheKey.IsEmpty()) { cacheKey.AppendLiteral("uri="); } -@@ -4641,6 +4647,22 @@ nsHttpChannel::SetCacheForOfflineUse(PRBool value) +@@ -4695,6 +4701,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) } NS_IMETHODIMP @@ -69,7 +69,7 @@ index 945bc0d..9e838d8 100644 { value = mOfflineCacheClientID; diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index 6e0f360..9df9e38 100644 +index 88ce469..53538cf 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h @@ -303,6 +303,7 @@ private: @@ -81,5 +81,5 @@ index 6e0f360..9df9e38 100644 // auth specific data nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider; -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch index 2935289..de40bfe 100644 --- a/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch +++ b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch @@ -1,7 +1,7 @@ -From 797fecf94e73e4f65fa8fdd58e0980e0d79ec092 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Tue, 8 Nov 2011 17:34:54 -0800 -Subject: [PATCH 06/12] Randomize HTTP pipeline order and depth. +From 755f71320538b0a813807cc3f4076dd20cbe9849 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 16:05:22 -0800 +Subject: [PATCH 06/13] Randomize HTTP pipeline order and depth. This is an experimental defense against http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf @@ -14,7 +14,7 @@ https://blog.torproject.org/blog/experimental-defense-website-traffic-finge… 2 files changed, 81 insertions(+), 1 deletions(-) diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -index 3bb2b55..89ec350 100644 +index 23ef893..bba456d 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp +++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp @@ -94,6 +94,11 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() @@ -29,7 +29,7 @@ index 3bb2b55..89ec350 100644 } nsHttpConnectionMgr::~nsHttpConnectionMgr() -@@ -856,7 +861,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent, +@@ -865,7 +870,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent, nsHttpPipeline *pipeline = nsnull; if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) { LOG((" looking to build pipeline...\n")); @@ -38,11 +38,11 @@ index 3bb2b55..89ec350 100644 trans = pipeline; } -@@ -929,6 +934,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, - return PR_TRUE; +@@ -938,6 +943,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, + return true; } -+PRBool ++bool +nsHttpConnectionMgr::BuildRandomizedPipeline(nsConnectionEntry *ent, + nsAHttpTransaction *firstTrans, + nsHttpPipeline **result) @@ -117,7 +117,7 @@ index 3bb2b55..89ec350 100644 nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans) { diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h -index d6dba79..c6e295f 100644 +index cdf21a9..9647225 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.h +++ b/netwerk/protocol/http/nsHttpConnectionMgr.h @@ -48,6 +48,7 @@ @@ -128,15 +128,15 @@ index d6dba79..c6e295f 100644 #include "nsIObserver.h" #include "nsITimer.h" -@@ -275,6 +276,7 @@ private: +@@ -276,6 +277,7 @@ private: nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *, PRUint8 caps, nsHttpConnection *); - PRBool BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); -+ PRBool BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); + bool BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); ++ bool BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); nsresult ProcessNewTransaction(nsHttpTransaction *); nsresult EnsureSocketThreadTargetIfOnline(); void ClosePersistentConnections(nsConnectionEntry *ent); -@@ -352,6 +354,8 @@ private: +@@ -353,6 +355,8 @@ private: PRUint64 mTimeOfNextWakeUp; // Timer for next pruning of dead connections. nsCOMPtr<nsITimer> mTimer; @@ -146,5 +146,5 @@ index d6dba79..c6e295f 100644 // // the connection table -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch index c8d55f8..ef83185 100644 --- a/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch +++ b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch @@ -1,7 +1,7 @@ -From 2954118c9ab70d2e1c4d983a8f101b3a237461bb Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Wed, 28 Sep 2011 13:24:20 -0700 -Subject: [PATCH 07/12] Block all plugins except flash. +From 7d6e270e1a05e1fe57d069b9859c9b51904db33e Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:50:15 -0800 +Subject: [PATCH 07/13] Block all plugins except flash. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space @@ -17,11 +17,11 @@ on a better way. Until then, it is delta-darwinism for us. 2 files changed, 35 insertions(+), 0 deletions(-) diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp -index 8578d56..3fbae53 100644 +index 729c9ef..1f4652d 100644 --- a/dom/plugins/base/nsPluginHost.cpp +++ b/dom/plugins/base/nsPluginHost.cpp -@@ -1964,6 +1964,35 @@ PRBool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) - return PR_FALSE; +@@ -1965,6 +1965,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) + return false; } +PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile) @@ -56,7 +56,7 @@ index 8578d56..3fbae53 100644 typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void); nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, -@@ -2085,6 +2114,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, +@@ -2086,6 +2115,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, continue; } @@ -68,7 +68,7 @@ index 8578d56..3fbae53 100644 if (!pluginTag) { nsPluginFile pluginFile(localfile); diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h -index 1cfd59b..7d83c20 100644 +index 39a8891..c262abf 100644 --- a/dom/plugins/base/nsPluginHost.h +++ b/dom/plugins/base/nsPluginHost.h @@ -278,6 +278,8 @@ private: @@ -81,5 +81,5 @@ index 1cfd59b..7d83c20 100644 // and removes it from the cache. void RemoveCachedPluginsInfo(const char *filePath, -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch index 6473b13..ac91170 100644 --- a/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch +++ b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch @@ -1,7 +1,7 @@ -From e14ab520ed4e012dbeb051eb9320e59f06873674 Mon Sep 17 00:00:00 2001 +From 23a09d0a6def1e2f7190177a875ab5a85c5da7b7 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Thu, 8 Sep 2011 08:40:17 -0700 -Subject: [PATCH 08/12] Make content pref service memory-only + clearable +Subject: [PATCH 08/13] Make content pref service memory-only + clearable This prevents random urls from being inserted into content-prefs.sqllite in the profile directory as content prefs change (includes site-zoom and perhaps @@ -11,10 +11,10 @@ other site prefs?). 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js -index 0d12b36..494515b 100644 +index adfb650..1619d5f 100644 --- a/toolkit/components/contentprefs/nsContentPrefService.js +++ b/toolkit/components/contentprefs/nsContentPrefService.js -@@ -1183,7 +1183,7 @@ ContentPrefService.prototype = { +@@ -1240,7 +1240,7 @@ ContentPrefService.prototype = { var dbConnection; @@ -23,7 +23,7 @@ index 0d12b36..494515b 100644 dbConnection = this._dbCreate(dbService, dbFile); else { try { -@@ -1231,7 +1231,7 @@ ContentPrefService.prototype = { +@@ -1288,7 +1288,7 @@ ContentPrefService.prototype = { }, _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) { @@ -33,5 +33,5 @@ index 0d12b36..494515b 100644 try { this._dbCreateSchema(dbConnection); -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch index 11d3cdf..3dc98ed 100644 --- a/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch +++ b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch @@ -1,7 +1,7 @@ -From 84286ac84d1973747f9ff541df90ed79c34ed443 Mon Sep 17 00:00:00 2001 +From b9c2e8d93cf62ea8f8fec63f0db955d8d0c4bc24 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Sun, 9 Oct 2011 22:50:07 -0700 -Subject: [PATCH 09/12] Make Tor Browser exit when not launched from Vidalia +Subject: [PATCH 09/13] Make Tor Browser exit when not launched from Vidalia Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app for easy relaunch. If they manage to do this, we should fail closed rather @@ -16,7 +16,7 @@ actually be common. 1 files changed, 15 insertions(+), 0 deletions(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js -index e78919d..c1e90f3 100644 +index a463fac..4480050 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -1217,6 +1217,21 @@ function BrowserStartup() { @@ -42,5 +42,5 @@ index e78919d..c1e90f3 100644 if (uriToLoad instanceof Ci.nsISupportsArray) { let count = uriToLoad.Count(); -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch index 53553f1..8722540 100644 --- a/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch +++ b/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch @@ -1,7 +1,7 @@ -From 5e8424690ef1d9f5c38dbf87811f82fa92e29eb5 Mon Sep 17 00:00:00 2001 +From 8bfcf12fe59b7b9940830446bf331729f5c86b3d Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed, 7 Dec 2011 19:36:38 -0800 -Subject: [PATCH 10/12] Disable SSL Session ID tracking. +Subject: [PATCH 10/13] Disable SSL Session ID tracking. We can't easily bind SSL Session ID tracking to url bar domain, so we have to disable them to satisfy @@ -24,5 +24,5 @@ index 2e6f9ed..c8a993b 100644 PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ PR_TRUE, /* detectRollBack */ -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch index 0b67cd6..7d91c66 100644 --- a/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch +++ b/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch @@ -1,7 +1,8 @@ -From f29be5f0e41e9915bcd15b692685bebce9d33f91 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Wed, 7 Dec 2011 20:05:19 -0800 -Subject: [PATCH 11/12] Provide an observer event to close persistent connections +From befcfaff647b1e09722d100fbf2dadcc22cfdc2b Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:53:28 -0800 +Subject: [PATCH 11/13] Provide an observer event to close persistent + connections We need to prevent linkability across "New Identity", which includes closing keep-alive connections. @@ -10,18 +11,18 @@ keep-alive connections. 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp -index f79f23e..ed70ecd 100644 +index f21598e..f3bf6af 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -321,6 +321,7 @@ nsHttpHandler::Init() - mObserverService->AddObserver(this, "net:clear-active-logins", PR_TRUE); - mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, PR_TRUE); - mObserverService->AddObserver(this, "net:prune-dead-connections", PR_TRUE); + mObserverService->AddObserver(this, "net:clear-active-logins", true); + mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); + mObserverService->AddObserver(this, "net:prune-dead-connections", true); + mObserverService->AddObserver(this, "net:prune-all-connections", PR_TRUE); } return NS_OK; -@@ -1611,6 +1612,12 @@ nsHttpHandler::Observe(nsISupports *subject, +@@ -1481,6 +1482,12 @@ nsHttpHandler::Observe(nsISupports *subject, mConnMgr->PruneDeadConnections(); } } @@ -35,5 +36,5 @@ index f79f23e..ed70ecd 100644 return NS_OK; } -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch b/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch index 7253f9c..d3e636b 100644 --- a/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch +++ b/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch @@ -1,7 +1,7 @@ -From e4586005446c57161e14adc153aa5890f5694223 Mon Sep 17 00:00:00 2001 +From b5c42aa7668ac12b034cc1806ae1dc48732fa9b5 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)fscked.org> Date: Tue, 20 Dec 2011 21:02:49 -0800 -Subject: [PATCH 12/12] Provide client values only to CSS Media Queries +Subject: [PATCH 12/13] Provide client values only to CSS Media Queries Also disable a bunch of Mozilla extensions that smell like they are fingerprintable. @@ -13,10 +13,10 @@ https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linka… 1 files changed, 6 insertions(+), 4 deletions(-) diff --git a/layout/style/nsMediaFeatures.cpp b/layout/style/nsMediaFeatures.cpp -index 9a65c8e..d633dd1 100644 +index 6eca06e..c68f191 100644 --- a/layout/style/nsMediaFeatures.cpp +++ b/layout/style/nsMediaFeatures.cpp -@@ -381,14 +381,14 @@ nsMediaFeatures::features[] = { +@@ -383,14 +383,14 @@ nsMediaFeatures::features[] = { nsMediaFeature::eMinMaxAllowed, nsMediaFeature::eLength, { nsnull }, @@ -33,7 +33,7 @@ index 9a65c8e..d633dd1 100644 }, { &nsGkAtoms::orientation, -@@ -409,7 +409,7 @@ nsMediaFeatures::features[] = { +@@ -411,7 +411,7 @@ nsMediaFeatures::features[] = { nsMediaFeature::eMinMaxAllowed, nsMediaFeature::eIntRatio, { nsnull }, @@ -42,7 +42,7 @@ index 9a65c8e..d633dd1 100644 }, { &nsGkAtoms::color, -@@ -455,6 +455,7 @@ nsMediaFeatures::features[] = { +@@ -457,6 +457,7 @@ nsMediaFeatures::features[] = { }, // Mozilla extensions @@ -50,7 +50,7 @@ index 9a65c8e..d633dd1 100644 { &nsGkAtoms::_moz_device_pixel_ratio, nsMediaFeature::eMinMaxAllowed, -@@ -467,7 +468,7 @@ nsMediaFeatures::features[] = { +@@ -469,7 +470,7 @@ nsMediaFeatures::features[] = { nsMediaFeature::eMinMaxNotAllowed, nsMediaFeature::eEnumerated, { kOrientationKeywords }, @@ -59,7 +59,7 @@ index 9a65c8e..d633dd1 100644 }, { &nsGkAtoms::_moz_is_resource_document, -@@ -588,6 +589,7 @@ nsMediaFeatures::features[] = { +@@ -590,6 +591,7 @@ nsMediaFeatures::features[] = { { nsnull }, GetWindowsTheme }, @@ -68,5 +68,5 @@ index 9a65c8e..d633dd1 100644 { nsnull, -- -1.7.3.4 +1.7.5.4 diff --git a/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch index 989d072..4ae2487 100644 --- a/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch +++ b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch @@ -1,6 +1,6 @@ -From 27c2a4a72504fe9a08cbfdf2210b05263bd693dd Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Tue, 27 Dec 2011 15:28:22 -0600 +From 4ed1e1c2372216cfcf377b369a9d44bb9f60ee14 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 16:01:21 -0800 Subject: [PATCH 13/13] Limit the number of fonts per document. We create two prefs: @@ -23,19 +23,19 @@ https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linka… 3 files changed, 119 insertions(+), 3 deletions(-) diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp -index 0d5b1ce..ab9a7ba 100644 +index e1587db..9690d9c 100644 --- a/layout/base/nsPresContext.cpp +++ b/layout/base/nsPresContext.cpp @@ -98,6 +98,8 @@ - #include "nsIFrameMessageManager.h" #include "FrameLayerBuilder.h" #include "nsDOMMediaQueryList.h" + #include "nsSMILAnimationController.h" +#include "nsString.h" +#include "nsUnicharUtils.h" - #ifdef MOZ_SMIL - #include "nsSMILAnimationController.h" -@@ -707,6 +709,10 @@ nsPresContext::GetUserPreferences() + #ifdef IBMBIDI + #include "nsBidiPresUtils.h" +@@ -706,6 +708,10 @@ nsPresContext::GetUserPreferences() // * use fonts? mUseDocumentFonts = Preferences::GetInt("browser.display.use_document_fonts") != 0; @@ -46,7 +46,7 @@ index 0d5b1ce..ab9a7ba 100644 // * replace backslashes with Yen signs? (bug 245770) mEnableJapaneseTransform = -@@ -1306,6 +1312,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const +@@ -1300,6 +1306,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const return font; } @@ -148,7 +148,7 @@ index 0d5b1ce..ab9a7ba 100644 nsPresContext::SetFullZoom(float aZoom) { diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h -index 2b09cc0..fe8a926 100644 +index ecd01d8..552a69a 100644 --- a/layout/base/nsPresContext.h +++ b/layout/base/nsPresContext.h @@ -548,6 +548,13 @@ public: @@ -165,7 +165,7 @@ index 2b09cc0..fe8a926 100644 PRInt32 MinFontSize() const { return NS_MAX(mMinFontSize, mMinimumFontSizePref); } -@@ -1123,6 +1130,8 @@ protected: +@@ -1117,6 +1124,8 @@ protected: PRUint32 mInterruptChecksToSkip; mozilla::TimeStamp mReflowStartTime; @@ -175,10 +175,10 @@ index 2b09cc0..fe8a926 100644 unsigned mHasPendingInterrupt : 1; unsigned mInterruptsEnabled : 1; diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index a791723..5d65984 100644 +index 27336bf..827585a 100644 --- a/layout/style/nsRuleNode.cpp +++ b/layout/style/nsRuleNode.cpp -@@ -3087,6 +3087,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3091,6 +3091,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // See if there is a minimum font-size constraint to honor nscoord minimumFontSize = mPresContext->MinFontSize(); @@ -186,7 +186,7 @@ index a791723..5d65984 100644 if (minimumFontSize < 0) minimumFontSize = 0; -@@ -3098,10 +3099,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3102,10 +3103,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // We only need to know this to determine if we have to use the // document fonts (overriding the useDocumentFonts flag), or to // determine if we have to override the minimum font-size constraint. @@ -194,12 +194,12 @@ index a791723..5d65984 100644 + if (mPresContext->IsChrome()) { // if we are not using document fonts, but this is a XUL document, // then we use the document fonts anyway -- useDocumentFonts = PR_TRUE; +- useDocumentFonts = true; + isXUL = PR_TRUE; minimumFontSize = 0; } -@@ -3116,9 +3117,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3120,9 +3121,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // generic? nsFont::GetGenericID(font->mFont.name, &generic); @@ -214,7 +214,7 @@ index a791723..5d65984 100644 // Extract the generic from the specified font family... nsAutoString genericName; if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { -@@ -3154,6 +3159,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3158,6 +3163,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, minimumFontSize, font); } @@ -224,5 +224,5 @@ index a791723..5d65984 100644 } -- -1.7.3.4 +1.7.5.4

1 0

[torbrowser/master] add openssl patch that allows it to build with a 10.5 SDK
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 75661153f23556f4303522f3d569ececba83af50 Author: Erinn Clark <erinn(a)torproject.org> Date: Fri Feb 3 00:51:19 2012 +0100 add openssl patch that allows it to build with a 10.5 SDK --- build-scripts/osx.mk | 3 ++ .../openssl/0001-Build-OpenSSL-with-10.5-SDK.patch | 35 ++++++++++++++++++++ 2 files changed, 38 insertions(+), 0 deletions(-) diff --git a/build-scripts/osx.mk b/build-scripts/osx.mk index a06200d..4a13151 100644 --- a/build-scripts/osx.mk +++ b/build-scripts/osx.mk @@ -59,6 +59,9 @@ build-zlib: OPENSSL_DIR=$(FETCH_DIR)/openssl-$(OPENSSL_VER) OPENSSL_OPTS=-no-rc5 -no-md2 -no-man shared zlib -mmacosx-version-min=10.5 -isysroot /Developer/SDKs/MacOSX10.5.sdk -Wl,-syslibroot,/Developer/SDKs/MacOSX10.5.sdk --prefix=$(BUILT_DIR) --openssldir=$(BUILT_DIR) -L$(BUILT_DIR)/lib -I$(BUILT_DIR)/include build-openssl: + cp ../src/current-patches/openssl/*patch $(OPENSSL_DIR) + cp patch-any-src.sh $(OPENSSL_DIR) + cd $(OPENSSL_DIR) && ./patch-any-src.sh ifeq (x86_64,$(ARCH_TYPE)) cd $(OPENSSL_DIR) && ./Configure darwin64-x86_64-cc $(OPENSSL_OPTS) else diff --git a/src/current-patches/openssl/0001-Build-OpenSSL-with-10.5-SDK.patch b/src/current-patches/openssl/0001-Build-OpenSSL-with-10.5-SDK.patch new file mode 100644 index 0000000..b3ba7d9 --- /dev/null +++ b/src/current-patches/openssl/0001-Build-OpenSSL-with-10.5-SDK.patch @@ -0,0 +1,35 @@ +From e966e8ee358c4dff1aa25a71af72c215ec3f2d4a Mon Sep 17 00:00:00 2001 +From: Erinn Clark <erinn(a)torproject.org> +Date: Fri, 6 Jan 2012 16:06:55 +0100 +Subject: [PATCH] Make it possible to build OpenSSL on OS X with a 10.5 SDK + +--- + Configure | 5 ++++- + 1 files changed, 4 insertions(+), 1 deletions(-) + +diff --git a/Configure b/Configure +index 7941c93..d70b6eb 100755 +--- a/Configure ++++ b/Configure +@@ -816,7 +816,7 @@ PROCESS_ARGS: + } + elsif (/^[-+]/) + { +- if (/^-[lL](.*)$/ or /^-Wl,/) ++ if (/^-[lL](.*)$/ or /^-Wl,/ or /^-isysroot/) + { + $libs.=$_." "; + } +@@ -867,6 +867,9 @@ PROCESS_ARGS: + eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string + $target=$1; + } ++ elsif (/^\//) { ++ $libs .= $_." "; ++ } + else + { + die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); +-- +1.7.7.4 +

1 0

[torbrowser/master] bump all tbb versions to 2.2.35-5 for firefox, openssl, qt, noscript, and https-everywhere updates
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 0a9fb84816e8825303a8a6acccc4ab9ed696348b Author: Erinn Clark <erinn(a)torproject.org> Date: Fri Feb 3 00:49:03 2012 +0100 bump all tbb versions to 2.2.35-5 for firefox, openssl, qt, noscript, and https-everywhere updates --- README.LINUX-2.2 | 10 +++++----- README.OSX-2.2 | 10 +++++----- README.WIN-2.2 | 13 ++++++------- build-scripts/linux.mk | 2 +- build-scripts/versions.mk | 8 ++++---- build-scripts/windows.mk | 2 +- changelog.linux-2.2 | 13 +++++++++++++ changelog.osx-2.2 | 12 ++++++++++++ changelog.windows-2.2 | 14 ++++++++++++++ 9 files changed, 61 insertions(+), 23 deletions(-) diff --git a/README.LINUX-2.2 b/README.LINUX-2.2 index fa8278a..3466964 100644 --- a/README.LINUX-2.2 +++ b/README.LINUX-2.2 @@ -4,12 +4,12 @@ Tor Browser Bundle for GNU/Linux Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -Firefox (Aurora) 9.0.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/README.OSX-2.2 b/README.OSX-2.2 index f5b4363..56fb53a 100644 --- a/README.OSX-2.2 +++ b/README.OSX-2.2 @@ -4,12 +4,12 @@ Tor Browser Bundle for Mac OS X Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -Firefox (Aurora) 9.0.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/README.WIN-2.2 b/README.WIN-2.2 index 6fa63a6..b586bd5 100644 --- a/README.WIN-2.2 +++ b/README.WIN-2.2 @@ -4,13 +4,12 @@ Tor Browser Bundle for Windows Included applications --------------------- -Vidalia 0.2.15 (with Qt 4.6.2) -Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0f) -FirefoxPortable 9.0.1 - \_ Firefox (Aurora) 9.0.1 - \_ Torbutton 1.4.5.1 - |_ NoScript 2.2.5 - |_ HTTPS-Everywhere 1.2.1 +Vidalia 0.2.15 (with Qt 4.7.4) +Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5 and openssl-1.0.0g) +Firefox 10.0 + \_ Torbutton 1.4.5.1 + |_ NoScript 2.2.8 + |_ HTTPS-Everywhere 1.2.2 Usage ----- diff --git a/build-scripts/linux.mk b/build-scripts/linux.mk index 594e4d7..c8cfc88 100644 --- a/build-scripts/linux.mk +++ b/build-scripts/linux.mk @@ -36,7 +36,7 @@ include $(PWD)/versions.mk ## Architecture ARCH_TYPE=$(shell uname -m) -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=Linux ## Location of directory for source unpacking diff --git a/build-scripts/versions.mk b/build-scripts/versions.mk index ec85656..1ee01eb 100644 --- a/build-scripts/versions.mk +++ b/build-scripts/versions.mk @@ -2,12 +2,12 @@ RELEASE_VER=2.2.35 -HTTPSEVERY_VER=1.2.1 -FIREFOX_VER=9.0.1 +HTTPSEVERY_VER=1.2.2 +FIREFOX_VER=10.0 LIBEVENT_VER=2.0.16-stable LIBPNG_VER=1.4.8 -NOSCRIPT_VER=2.2.5 -OPENSSL_VER=1.0.0f +NOSCRIPT_VER=2.2.8 +OPENSSL_VER=1.0.0g OTR_VER=3.2.0 PIDGIN_VER=2.6.4 QT_VER=4.6.2 diff --git a/build-scripts/windows.mk b/build-scripts/windows.mk index 159f1b2..a8ddb91 100644 --- a/build-scripts/windows.mk +++ b/build-scripts/windows.mk @@ -31,7 +31,7 @@ ## Include versions include $(PWD)/versions.mk -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=Windows ## Location of required libraries diff --git a/changelog.linux-2.2 b/changelog.linux-2.2 index fb5e57c..cef8906 100644 --- a/changelog.linux-2.2 +++ b/changelog.linux-2.2 @@ -1,3 +1,16 @@ +Tor Browser Bundle (2.2.35-5); suite=linux + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + * Put documentation in remove-shared-lib-symlinks debug dumps (closes: #4984) + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:17:09 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=linux * Update OpenSSL to 1.0.0f diff --git a/changelog.osx-2.2 b/changelog.osx-2.2 index a327aaf..80a7d10 100644 --- a/changelog.osx-2.2 +++ b/changelog.osx-2.2 @@ -1,3 +1,15 @@ +Tor Browser Bundle (2.2.35-5); suite=osx + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:14:24 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=osx * Update OpenSSL to 1.0.0f diff --git a/changelog.windows-2.2 b/changelog.windows-2.2 index 36fd885..c465b79 100644 --- a/changelog.windows-2.2 +++ b/changelog.windows-2.2 @@ -1,3 +1,17 @@ +Tor Browser Bundle (2.2.35-5); suite=windows + + * Update Firefox to 10.0 + * Update Qt to 4.7.4 + * Update OpenSSL to 1.0.0g + * Update HTTPS Everywhere to 1.2.2 + * Update NoScript to 2.2.8 + * New Firefox patches + - Limit the number of fonts per document + * Make sure mozconfig always gets copied into the Firefox build directory + (closes: #4879) + + -- Erinn Clark <erinn(a)torproject.org> Fri Feb 3 00:17:05 CET 2012 + Tor Browser Bundle (2.2.35-4); suite=windows * Update OpenSSL to 1.0.0f

1 0

[torbrowser/master] fix some path names since this is the stable branch
by erinn＠torproject.org 02 Feb '12

02 Feb '12

commit 2474a46bae381d165477732226a9c5762fa5e6fc Author: Erinn Clark <erinn(a)torproject.org> Date: Fri Feb 3 00:49:43 2012 +0100 fix some path names since this is the stable branch --- build-scripts/osx.mk | 10 +++++----- build-scripts/versions.mk | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build-scripts/osx.mk b/build-scripts/osx.mk index 8f31ec8..a06200d 100644 --- a/build-scripts/osx.mk +++ b/build-scripts/osx.mk @@ -20,7 +20,7 @@ ### make -f osx.mk build-all-binaries ### make -f osx.mk all-compressed-bundles ### ... -### Look in tbbosx-alpha-dist/ for your files. +### Look in tbbosx-dist/ for your files. ### ### See LICENSE for licensing information ### @@ -36,14 +36,14 @@ include $(PWD)/versions.mk ## Architecture ARCH_TYPE=i386 -BUILD_NUM=4 +BUILD_NUM=5 PLATFORM=MacOS ## Location of directory for source unpacking -FETCH_DIR=$(PWD)/build-alpha-$(ARCH_TYPE) +FETCH_DIR=$(PWD)/build-$(ARCH_TYPE) ## Location of directory for prefix/destdir/compiles/etc BUILT_DIR=$(FETCH_DIR)/built -TBB_FINAL=$(BUILT_DIR)/tbbosx-alpha-dist +TBB_FINAL=$(BUILT_DIR)/tbbosx-dist source-dance: fetch-source unpack-source echo "We're ready for building now." @@ -154,7 +154,7 @@ DEST=generic-bundle NAME=TorBrowser ## Where shall we put the finished files for distribution? -DISTDIR=tbbosx-alpha-dist +DISTDIR=tbbosx-dist ## Version and name of the compressed bundle (also used for source) VERSION=$(RELEASE_VER)-$(BUILD_NUM)-dev diff --git a/build-scripts/versions.mk b/build-scripts/versions.mk index 1ee01eb..5eac8db 100644 --- a/build-scripts/versions.mk +++ b/build-scripts/versions.mk @@ -106,7 +106,7 @@ unpack-libevent: cd $(FETCH_DIR) && tar -xvzf $(LIBEVENT_PACKAGE) unpack-tor: - -rm -rf $(FETCH_DIR)/tor-$(TOR-VER) + -rm -rf $(FETCH_DIR)/tor-$(TOR_VER) cd $(FETCH_DIR) && tar -xvzf $(TOR_PACKAGE) unpack-firefox:

1 0

[translation/orbot] Update translations for orbot
by translation＠torproject.org 02 Feb '12

02 Feb '12

commit 8f16b7c65cdfc751ca529753373a47ac69d3c79a Author: Translation commit bot <translation(a)torproject.org> Date: Thu Feb 2 20:45:03 2012 +0000 Update translations for orbot --- values-it/strings.xml | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/values-it/strings.xml b/values-it/strings.xml index e3a949a..ba46e52 100644 --- a/values-it/strings.xml +++ b/values-it/strings.xml @@ -39,9 +39,9 @@ <string name="pref_transparent_all_title">Tor ovunqe</string> <string name="pref_transparent_all_summary">Traffico proxy di tutte le app attraverso Tor</string> <string name="pref_transparent_port_fallback_title">Fallback porte proxy</string> - <string name="pref_transparent_port_fallback_summary"></string> + <string name="pref_transparent_port_fallback_summary">ATTENZIONE: Aggira le porte comuni (80, 443, ecc). *USARE SOLO* se le modalità \'All\' o \'App\' non funzionano.</string> <string name="pref_transparent_port_title">Elenco porte</string> - <string name="pref_transparent_port_summary"></string> + <string name="pref_transparent_port_summary">Lista di porte per cui fare proxy. *USARE SOLO* se le modalità \'All\' o \'App\' non funzionano.</string> <string name="pref_transparent_port_dialog">Inserisci porte da proxare</string> <string name="pref_has_root">Richiesto accesso root</string> <string name="pref_has_root_summary">Richiede il root per il proxying trasparente</string> @@ -66,7 +66,7 @@ <string name="wizard_permission_enable_root">Concedi permessi root a Orbot</string> <string name="wizard_configure">Configura Torification</string> <string name="wizard_configure_msg">Orbot dà la possibilità di instradare tutto il traffico delle applicazioni tramite Tor o scegliere le applicazioni singolarmente.</string> - <string name="wizard_configure_all"></string> + <string name="wizard_configure_all">Usa Tor come proxy per tutte le applicazioni.</string> <string name="wizard_configure_select_apps">Seleziona singole app per Tor</string> <string name="wizard_tips_tricks">App abilitate per Orbot</string> <string name="wizard_tips_msg">Ti invitiamo a scaricare &amp; usare app che possono connettersi direttamente a Orbot. Fai click sui pulsanti qui sotto per installare.</string> @@ -87,9 +87,9 @@ Visita il nostro sito web https://guardianproject.info/apps/orbot o invia una ma <string name="pref_general_group">Generale</string> <string name="pref_start_boot_title">Avvia Orbot al boot</string> <string name="pref_start_boot_summary">Avvia automaticamente Orbot e connetti Tor quando il dispositivo Android viene avviato</string> - <string name="wizard_title_msg"></string> + <string name="wizard_title_msg">Orbot porta Tor su Android!\n\nTor ti aiuta a difenderti da filtraggio di contenuti, analisi del traffico e sorveglianza della rete che minacciano la privacy, informazioni personali e relazioni personali.\n\nQuesta procedura guidata ti aiuterà a configurare Orbot e Tor sul tuo dispositivo.</string> <string name="wizard_warning_title">Attenzione</string> - <string name="wizard_warning_msg"></string> + <string name="wizard_warning_msg">La semplice installazione di Orbot non renderà anonimo il tuo traffico di rete mobile.\n\nDevi configurare correttamente Orbot, il tuo dispositivo e le altre applicazioni per usare Tor.</string> <string name="wizard_permissions_title">Permessi</string> <string name="wizard_permissions_root_msg1"></string> <string name="wizard_permissions_root_msg2"></string>

1 0