[tor-commits] [torbrowser/master] move firefox patches into firefox directory

erinn at torproject.org erinn at torproject.org
Sat Oct 29 14:26:32 UTC 2011


commit e5050b2a1cdbb9a44c82e6afb07c4f0d6626f5dd
Author: Erinn Clark <erinn at torproject.org>
Date:   Sat Oct 29 13:58:50 2011 +0100

    move firefox patches into firefox directory
---
 ...nents.interfaces-lookupMethod-from-conten.patch |   50 -------
 ...0002-Make-Permissions-Manager-memory-only.patch |   94 ------------
 ...-Make-Intermediate-Cert-Store-memory-only.patch |   43 ------
 ...th-headers-before-the-modify-request-obse.patch |   51 -------
 .../0005-Add-a-string-based-cacheKey.patch         |   85 -----------
 ...6-Randomize-HTTP-pipeline-order-and-depth.patch |  149 --------------------
 .../0007-Block-all-plugins-except-flash.patch      |   85 -----------
 ...ontent-pref-service-memory-only-clearable.patch |   37 -----
 ...owser-exit-when-not-launched-from-Vidalia.patch |   46 ------
 ...nents.interfaces-lookupMethod-from-conten.patch |   50 +++++++
 ...0002-Make-Permissions-Manager-memory-only.patch |   94 ++++++++++++
 ...-Make-Intermediate-Cert-Store-memory-only.patch |   43 ++++++
 ...th-headers-before-the-modify-request-obse.patch |   51 +++++++
 .../firefox/0005-Add-a-string-based-cacheKey.patch |   85 +++++++++++
 ...6-Randomize-HTTP-pipeline-order-and-depth.patch |  149 ++++++++++++++++++++
 .../0007-Block-all-plugins-except-flash.patch      |   85 +++++++++++
 ...ontent-pref-service-memory-only-clearable.patch |   37 +++++
 ...owser-exit-when-not-launched-from-Vidalia.patch |   46 ++++++
 18 files changed, 640 insertions(+), 640 deletions(-)

diff --git a/src/current-patches/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
deleted file mode 100644
index 70070d2..0000000
--- a/src/current-patches/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From b31cf77e084355158252629efd6bf794212d807a Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Mon, 20 Jun 2011 17:07:41 -0700
-Subject: [PATCH 1/8] Block Components.interfaces,lookupMethod from content
-
-This patch removes the ability of content script to access
-Components.interfaces.* as well as call or access Components.lookupMethod.
-
-These two interfaces seem to be exposed to content script only to make our
-lives difficult. Components.lookupMethod can undo our JS hooks, and
-Components.interfaces is useful for fingerprinting the platform, OS, and
-Firebox version.
-
-They appear to have no other legitimate use. See also:
-https://bugzilla.mozilla.org/show_bug.cgi?id=429070
-https://trac.torproject.org/projects/tor/ticket/2873
-https://trac.torproject.org/projects/tor/ticket/2874
----
- js/src/xpconnect/src/xpccomponents.cpp |    8 ++++++--
- 1 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/js/src/xpconnect/src/xpccomponents.cpp b/js/src/xpconnect/src/xpccomponents.cpp
-index 664021e..9c8c415 100644
---- a/js/src/xpconnect/src/xpccomponents.cpp
-+++ b/js/src/xpconnect/src/xpccomponents.cpp
-@@ -4393,7 +4393,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval)
- NS_IMETHODIMP
- nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval)
- {
--    static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull };
-+    // XXX: Pref observer? Also, is this what we want? Seems like a plan
-+    //static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull };
-+    static const char* allowed[] = { "isSuccessCode", nsnull };
-     *_retval = xpc_CheckAccessList(methodName, allowed);
-     return NS_OK;
- }
-@@ -4402,7 +4404,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c
- NS_IMETHODIMP
- nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
- {
--    static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull};
-+    // XXX: Pref observer? Also, is this what we want? Seems like a plan
-+    //    static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull};
-+    static const char* allowed[] = { "results", nsnull};
-     *_retval = xpc_CheckAccessList(propertyName, allowed);
-     return NS_OK;
- }
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/0002-Make-Permissions-Manager-memory-only.patch
deleted file mode 100644
index 0429cca..0000000
--- a/src/current-patches/0002-Make-Permissions-Manager-memory-only.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-From 9eff68b74bb38d535c1d09246c8c2893f05edd1b Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Mon, 20 Jun 2011 17:07:56 -0700
-Subject: [PATCH 2/8] Make Permissions Manager memory-only
-
-This patch exposes a pref 'permissions.memory_only' that properly isolates the
-permissions manager to memory, which is responsible for all user specified
-site permissions, as well as stored STS policy.
-
-The pref does successfully clear the permissions manager memory if toggled. It
-does not need to be set in prefs.js, and can be handled by Torbutton.
-
-https://trac.torproject.org/projects/tor/ticket/2950
----
- extensions/cookie/nsPermissionManager.cpp |   34 ++++++++++++++++++++++++++--
- 1 files changed, 31 insertions(+), 3 deletions(-)
-
-diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp
-index 773a973..5387397 100644
---- a/extensions/cookie/nsPermissionManager.cpp
-+++ b/extensions/cookie/nsPermissionManager.cpp
-@@ -58,6 +58,10 @@
- #include "mozStorageHelper.h"
- #include "mozStorageCID.h"
- #include "nsXULAppAPI.h"
-+#include "nsCOMPtr.h"
-+#include "nsIPrefService.h"
-+#include "nsIPrefBranch.h"
-+#include "nsIPrefBranch2.h"
- 
- static nsPermissionManager *gPermissionManager = nsnull;
- 
-@@ -227,6 +231,11 @@ nsPermissionManager::Init()
-     mObserverService->AddObserver(this, "profile-do-change", PR_TRUE);
-   }
- 
-+  nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID);
-+  if (pbi) {
-+    pbi->AddObserver("permissions.", this, PR_FALSE);
-+  }
-+
-   if (IsChildProcess()) {
-     // Get the permissions from the parent process
-     InfallibleTArray<IPC::Permission> perms;
-@@ -275,8 +284,18 @@ nsPermissionManager::InitDB(PRBool aRemoveFile)
-   if (!storage)
-     return NS_ERROR_UNEXPECTED;
- 
-+  PRBool memory_db = false;
-+  nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
-+  if (prefs) {
-+    prefs->GetBoolPref("permissions.memory_only", &memory_db); 
-+  }
-+
-   // cache a connection to the hosts database
--  rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
-+  if (memory_db) {
-+    rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn));
-+  } else {
-+    rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
-+  }
-   NS_ENSURE_SUCCESS(rv, rv);
- 
-   PRBool ready;
-@@ -286,7 +305,11 @@ nsPermissionManager::InitDB(PRBool aRemoveFile)
-     rv = permissionsFile->Remove(PR_FALSE);
-     NS_ENSURE_SUCCESS(rv, rv);
- 
--    rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
-+    if (memory_db) {
-+      rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn));
-+    } else {
-+      rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
-+    }
-     NS_ENSURE_SUCCESS(rv, rv);
- 
-     mDBConn->GetConnectionReady(&ready);
-@@ -805,7 +828,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT
- {
-   ENSURE_NOT_CHILD_PROCESS;
- 
--  if (!nsCRT::strcmp(aTopic, "profile-before-change")) {
-+  if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
-+    if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("permissions.memory_only").get())) {
-+      // XXX: Should we remove the file? Probably not..
-+      InitDB(PR_FALSE);
-+    }
-+  } else if (!nsCRT::strcmp(aTopic, "profile-before-change")) {
-     // The profile is about to change,
-     // or is going away because the application is shutting down.
-     if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) {
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch
deleted file mode 100644
index 0d3c991..0000000
--- a/src/current-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 6b2fed2b29f239c1c85e32bd417bacc3fd7155a7 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Fri, 19 Aug 2011 17:58:23 -0700
-Subject: [PATCH 3/8] Make Intermediate Cert Store memory-only.
-
-This patch makes the intermediate SSL cert store exist in memory only.
-
-The pref must be set before startup in prefs.js.
-https://trac.torproject.org/projects/tor/ticket/2949
----
- security/manager/ssl/src/nsNSSComponent.cpp |   15 ++++++++++++++-
- 1 files changed, 14 insertions(+), 1 deletions(-)
-
-diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp
-index 11cb2bd..fd717f4 100644
---- a/security/manager/ssl/src/nsNSSComponent.cpp
-+++ b/security/manager/ssl/src/nsNSSComponent.cpp
-@@ -1757,8 +1757,21 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox)
-     // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as
-     // "/usr/lib/nss/libnssckbi.so".
-     PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE;
--    SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "",
-+    PRBool nocertdb = false;
-+    mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb);
-+
-+    // XXX: We can also do the the following to only disable the certdb.
-+    // Leaving this codepath in as a fallback in case InitNODB fails
-+    if (nocertdb)
-+      init_flags |= NSS_INIT_NOCERTDB;
-+
-+    SECStatus init_rv;
-+    if (nocertdb) {
-+        init_rv = ::NSS_NoDB_Init(NULL);
-+    } else {
-+        init_rv = ::NSS_Initialize(profileStr.get(), "", "",
-                                          SECMOD_DB, init_flags);
-+    }
- 
-     if (init_rv != SECSuccess) {
-       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get()));
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/src/current-patches/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
deleted file mode 100644
index 24ab5fd..0000000
--- a/src/current-patches/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 273ae174b0db5c37d39bb4aefdf1ce3c14fee3d6 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Fri, 2 Sep 2011 15:33:20 -0700
-Subject: [PATCH 4/8] Add HTTP auth headers before the modify-request observer.
-
-Otherwise, how are we supposed to modify them?
-
-Thanks to Georg Koppen for spotting both the problem and this fix.
----
- netwerk/protocol/http/nsHttpChannel.cpp |   11 +++++++----
- 1 files changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index cd11187..144ecb7 100644
---- a/netwerk/protocol/http/nsHttpChannel.cpp
-+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -287,9 +287,6 @@ nsHttpChannel::Connect(PRBool firstTime)
-         return NS_ERROR_DOCUMENT_NOT_CACHED;
-     }
- 
--    // check to see if authorization headers should be included
--    mAuthProvider->AddAuthorizationHeaders();
--
-     if (mLoadFlags & LOAD_NO_NETWORK_IO) {
-         return NS_ERROR_DOCUMENT_NOT_CACHED;
-     }
-@@ -3621,6 +3618,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
- 
-     AddCookiesToRequest();
- 
-+    // check to see if authorization headers should be included
-+    mAuthProvider->AddAuthorizationHeaders();
-+
-     // notify "http-on-modify-request" observers
-     gHttpHandler->OnModifyRequest(this);
- 
-@@ -4693,7 +4693,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn)
-     // this authentication attempt (bug 84794).
-     // TODO: save cookies from auth response and send them here (bug 572151).
-     AddCookiesToRequest();
--    
-+   
-+    // check to see if authorization headers should be included
-+    mAuthProvider->AddAuthorizationHeaders();
-+ 
-     // notify "http-on-modify-request" observers
-     gHttpHandler->OnModifyRequest(this);
- 
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0005-Add-a-string-based-cacheKey.patch b/src/current-patches/0005-Add-a-string-based-cacheKey.patch
deleted file mode 100644
index 3d5fd54..0000000
--- a/src/current-patches/0005-Add-a-string-based-cacheKey.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From b777a0bc7898314cf13f8ad30a3ed072f4246941 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Fri, 2 Sep 2011 20:47:02 -0700
-Subject: [PATCH 5/8] Add a string-based cacheKey.
-
-Used for isolating cache according to same-origin policy.
----
- netwerk/base/public/nsICachingChannel.idl |    7 +++++++
- netwerk/protocol/http/nsHttpChannel.cpp   |   22 ++++++++++++++++++++++
- netwerk/protocol/http/nsHttpChannel.h     |    1 +
- 3 files changed, 30 insertions(+), 0 deletions(-)
-
-diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl
-index 2da46d6..4ee5774 100644
---- a/netwerk/base/public/nsICachingChannel.idl
-+++ b/netwerk/base/public/nsICachingChannel.idl
-@@ -98,6 +98,13 @@ interface nsICachingChannel : nsICacheInfoChannel
-     attribute nsISupports cacheKey;
- 
-     /**
-+     * Set/get the cache domain... uniquely identifies the data in the cache
-+     * for this channel.  Holding a reference to this key does NOT prevent
-+     * the cached data from being removed.
-+     */
-+    attribute AUTF8String cacheDomain;
-+
-+    /**
-      * Specifies whether or not the data should be cached to a file.  This
-      * may fail if the disk cache is not present.  The value of this attribute
-      * is usually only settable during the processing of a channel's
-diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index 144ecb7..0c8f8ae 100644
---- a/netwerk/protocol/http/nsHttpChannel.cpp
-+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -2313,6 +2313,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
-         cacheKey.Append(buf);
-     }
- 
-+    if (strlen(mCacheDomain.get()) > 0) {
-+        cacheKey.AppendLiteral("domain=");
-+        cacheKey.Append(mCacheDomain.get());
-+        cacheKey.AppendLiteral("&");
-+    }
-+
-     if (!cacheKey.IsEmpty()) {
-         cacheKey.AppendLiteral("uri=");
-     }
-@@ -4593,6 +4599,22 @@ nsHttpChannel::SetCacheForOfflineUse(PRBool value)
- }
- 
- NS_IMETHODIMP
-+nsHttpChannel::GetCacheDomain(nsACString &value)
-+{
-+    value = mCacheDomain;
-+
-+    return NS_OK;
-+}
-+
-+NS_IMETHODIMP
-+nsHttpChannel::SetCacheDomain(const nsACString &value)
-+{
-+    mCacheDomain = value;
-+
-+    return NS_OK;
-+}
-+
-+NS_IMETHODIMP
- nsHttpChannel::GetOfflineCacheClientID(nsACString &value)
- {
-     value = mOfflineCacheClientID;
-diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
-index a64ec07..7e89afe 100644
---- a/netwerk/protocol/http/nsHttpChannel.h
-+++ b/netwerk/protocol/http/nsHttpChannel.h
-@@ -303,6 +303,7 @@ private:
-     nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry;
-     nsCacheAccessMode                 mOfflineCacheAccess;
-     nsCString                         mOfflineCacheClientID;
-+    nsCString                         mCacheDomain;
- 
-     // auth specific data
-     nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider;
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0006-Randomize-HTTP-pipeline-order-and-depth.patch b/src/current-patches/0006-Randomize-HTTP-pipeline-order-and-depth.patch
deleted file mode 100644
index 76ce04d..0000000
--- a/src/current-patches/0006-Randomize-HTTP-pipeline-order-and-depth.patch
+++ /dev/null
@@ -1,149 +0,0 @@
-From f68b858073e7c16236430ee349fb565ac18cf3d4 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Sat, 3 Sep 2011 00:10:35 -0700
-Subject: [PATCH 6/8] Randomize HTTP pipeline order and depth.
-
-Also turn up maximum depth to 12.
-
-This is an experimental defense against
-http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf
----
- netwerk/protocol/http/nsHttpConnectionMgr.cpp |   78 ++++++++++++++++++++++++-
- netwerk/protocol/http/nsHttpConnectionMgr.h   |    4 +
- 2 files changed, 81 insertions(+), 1 deletions(-)
-
-diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-index c754f83..6a522ec 100644
---- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-@@ -93,6 +93,11 @@ nsHttpConnectionMgr::nsHttpConnectionMgr()
-     , mTimeOfNextWakeUp(LL_MAXUINT)
- {
-     LOG(("Creating nsHttpConnectionMgr @%x\n", this));
-+    nsresult rv;
-+    mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv);
-+    if (NS_FAILED(rv)) {
-+        mRandomGenerator = nsnull;
-+    }
- }
- 
- nsHttpConnectionMgr::~nsHttpConnectionMgr()
-@@ -822,7 +827,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent,
-     nsHttpPipeline *pipeline = nsnull;
-     if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) {
-         LOG(("  looking to build pipeline...\n"));
--        if (BuildPipeline(ent, trans, &pipeline))
-+        if (BuildRandomizedPipeline(ent, trans, &pipeline))
-             trans = pipeline;
-     }
- 
-@@ -895,6 +900,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent,
-     return PR_TRUE;
- }
- 
-+PRBool
-+nsHttpConnectionMgr::BuildRandomizedPipeline(nsConnectionEntry *ent,
-+                                   nsAHttpTransaction *firstTrans,
-+                                   nsHttpPipeline **result)
-+{
-+    if (mRandomGenerator == nsnull)
-+        return BuildPipeline(ent, firstTrans, result);
-+    if (mMaxPipelinedRequests < 2)
-+        return PR_FALSE;
-+
-+    nsresult rv;
-+    PRUint8 *bytes = nsnull;
-+
-+    nsHttpPipeline *pipeline = nsnull;
-+    nsHttpTransaction *trans;
-+
-+    PRUint32 i = 0, numAdded = 0, numAllowed = 0;
-+    PRUint32 max = 0;
-+
-+    while (i < ent->mPendingQ.Length()) {
-+        if (ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING)
-+            numAllowed++;
-+        i++;
-+    }
-+
-+    rv = mRandomGenerator->GenerateRandomBytes(1, &bytes);
-+    NS_ENSURE_SUCCESS(rv, rv);
-+    // 4...12
-+    max = 4 + (bytes[0] % (mMaxPipelinedRequests + 1));
-+    NS_Free(bytes);
-+
-+    while (numAllowed > 0) {
-+        rv = mRandomGenerator->GenerateRandomBytes(1, &bytes);
-+        NS_ENSURE_SUCCESS(rv, rv);
-+        i = bytes[0] % ent->mPendingQ.Length();
-+        NS_Free(bytes);
-+
-+        trans = ent->mPendingQ[i];
-+
-+        if (!(ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING))
-+            continue;
-+
-+        if (numAdded == 0) {
-+            pipeline = new nsHttpPipeline;
-+            if (!pipeline)
-+                return PR_FALSE;
-+            pipeline->AddTransaction(firstTrans);
-+            numAdded = 1;
-+        }
-+        pipeline->AddTransaction(trans);
-+
-+        // remove transaction from pending queue
-+        ent->mPendingQ.RemoveElementAt(i);
-+        NS_RELEASE(trans);
-+
-+        numAllowed--;
-+
-+        if (++numAdded == max)
-+            break;
-+    }
-+
-+    //fprintf(stderr, "Yay!!! pipelined %u/%u transactions\n", numAdded, max);
-+    LOG(("  pipelined %u/%u transactions\n", numAdded, max));
-+
-+    if (numAdded == 0)
-+        return PR_FALSE;
-+
-+    NS_ADDREF(*result = pipeline);
-+    return PR_TRUE;
-+}
-+
- nsresult
- nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans)
- {
-diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h
-index 695cd8f..1806d17 100644
---- a/netwerk/protocol/http/nsHttpConnectionMgr.h
-+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
-@@ -48,6 +48,7 @@
- #include "nsAutoPtr.h"
- #include "mozilla/ReentrantMonitor.h"
- #include "nsISocketTransportService.h"
-+#include "nsIRandomGenerator.h"
- 
- #include "nsIObserver.h"
- #include "nsITimer.h"
-@@ -270,6 +271,7 @@ private:
-     nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *,
-                                  PRUint8 caps, nsHttpConnection *);
-     PRBool   BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
-+    PRBool   BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
-     nsresult ProcessNewTransaction(nsHttpTransaction *);
-     nsresult EnsureSocketThreadTargetIfOnline();
-     nsresult CreateTransport(nsConnectionEntry *, nsHttpTransaction *);
-@@ -345,6 +347,8 @@ private:
-     PRUint64 mTimeOfNextWakeUp;
-     // Timer for next pruning of dead connections.
-     nsCOMPtr<nsITimer> mTimer;
-+    // Random number generator for reordering HTTP pipeline
-+    nsCOMPtr<nsIRandomGenerator>             mRandomGenerator;
- 
-     //
-     // the connection table
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0007-Block-all-plugins-except-flash.patch b/src/current-patches/0007-Block-all-plugins-except-flash.patch
deleted file mode 100644
index eae5f1f..0000000
--- a/src/current-patches/0007-Block-all-plugins-except-flash.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 32c9fdda43a02e738cbe9c7207795ed92bf835b9 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Wed, 28 Sep 2011 13:24:20 -0700
-Subject: [PATCH 7/8] Block all plugins except flash.
-
-We cannot use the @mozilla.org/extensions/blocklist;1 service, because we
-actually want to stop plugins from ever entering the browser's process space
-and/or executing code (for example, AV plugins that collect statistics/analyse
-urls, magical toolbars that phone home or "help" the user, skype buttons that
-ruin our day, and censorship filters). Hence we rolled our own.
-
-See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings
-on a better way. Until then, it is delta-darwinism for us.
----
- dom/plugins/base/nsPluginHost.cpp |   33 +++++++++++++++++++++++++++++++++
- dom/plugins/base/nsPluginHost.h   |    2 ++
- 2 files changed, 35 insertions(+), 0 deletions(-)
-
-diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp
-index 2c2ad7d..eba8c24 100644
---- a/dom/plugins/base/nsPluginHost.cpp
-+++ b/dom/plugins/base/nsPluginHost.cpp
-@@ -2014,6 +2014,35 @@ PRBool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag)
-   return PR_FALSE;
- }
- 
-+PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile)
-+{
-+    nsCString leaf;
-+    const char *leafStr;
-+    nsresult rv;
-+    
-+    rv = pluginFile->GetNativeLeafName(leaf);
-+    if (NS_FAILED(rv)) {
-+        return PR_TRUE; // fuck 'em. blacklist.
-+    }
-+
-+    leafStr = leaf.get();
-+
-+    if (!leafStr) {
-+        return PR_TRUE; // fuck 'em. blacklist.
-+    }
-+
-+    // libgnashplugin.so, libflashplayer.so, Flash Player-10.4-10.5.plugin,
-+    // NPSWF32.dll, NPSWF64.dll
-+    if (strstr(leafStr, "libgnashplugin") == leafStr ||
-+        strstr(leafStr, "libflashplayer") == leafStr ||
-+        strstr(leafStr, "Flash Player") == leafStr ||
-+        strstr(leafStr, "NPSWF") == leafStr) {
-+        return PR_FALSE;
-+    }
-+
-+    return PR_TRUE; // fuck 'em. blacklist.
-+}
-+
- typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void);
- 
- nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
-@@ -2135,6 +2164,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
-       continue;
-     }
- 
-+    if (GhettoBlacklist(localfile)) {
-+        continue;
-+    }
-+
-     // if it is not found in cache info list or has been changed, create a new one
-     if (!pluginTag) {
-       nsPluginFile pluginFile(localfile);
-diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h
-index cb43042..41dbf63 100644
---- a/dom/plugins/base/nsPluginHost.h
-+++ b/dom/plugins/base/nsPluginHost.h
-@@ -282,6 +282,8 @@ private:
-   // Loads all cached plugins info into mCachedPlugins
-   nsresult ReadPluginInfo();
- 
-+  PRBool GhettoBlacklist(nsIFile *pluginFile);
-+
-   // Given a file path, returns the plugins info from our cache
-   // and removes it from the cache.
-   void RemoveCachedPluginsInfo(const char *filePath,
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0008-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/0008-Make-content-pref-service-memory-only-clearable.patch
deleted file mode 100644
index 3b46894..0000000
--- a/src/current-patches/0008-Make-content-pref-service-memory-only-clearable.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From cdf48e30d76f7e1c349cdf8597e9cdc94623b8d8 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Thu, 8 Sep 2011 08:40:17 -0700
-Subject: [PATCH 8/8] Make content pref service memory-only + clearable
-
-This prevents random urls from being inserted into content-prefs.sqllite in
-the profile directory as content prefs change (includes site-zoom and perhaps
-other site prefs?).
----
- .../contentprefs/nsContentPrefService.js           |    4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js
-index a5f417f..601f7a3 100644
---- a/toolkit/components/contentprefs/nsContentPrefService.js
-+++ b/toolkit/components/contentprefs/nsContentPrefService.js
-@@ -1036,7 +1036,7 @@ ContentPrefService.prototype = {
- 
-     var dbConnection;
- 
--    if (!dbFile.exists())
-+    if (true || !dbFile.exists())
-       dbConnection = this._dbCreate(dbService, dbFile);
-     else {
-       try {
-@@ -1084,7 +1084,7 @@ ContentPrefService.prototype = {
-   },
- 
-   _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) {
--    var dbConnection = aDBService.openDatabase(aDBFile);
-+    var dbConnection = aDBService.openSpecialDatabase("memory");
- 
-     try {
-       this._dbCreateSchema(dbConnection);
--- 
-1.7.3.4
-
diff --git a/src/current-patches/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
deleted file mode 100644
index 6659770..0000000
--- a/src/current-patches/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 369d7df54fe13dd69a069a43959bdabcc364e6e4 Mon Sep 17 00:00:00 2001
-From: Mike Perry <mikeperry-git at fscked.org>
-Date: Sun, 9 Oct 2011 22:50:07 -0700
-Subject: [PATCH] Make Tor Browser exit when not launched from Vidalia
-
-Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app
-for easy relaunch. If they manage to do this, we should fail closed rather
-than opened. Hopefully they will get the hint and dock Vidalia instead.
-
-This is an emergency fix for
-https://trac.torproject.org/projects/tor/ticket/4192. We can do a better
-localized fix w/ a translated alert menu later, if it seems like this might
-actually be common.
----
- browser/base/content/browser.js |   15 +++++++++++++++
- 1 files changed, 15 insertions(+), 0 deletions(-)
-
-diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
-index 50f6963..ed2812c 100644
---- a/browser/base/content/browser.js
-+++ b/browser/base/content/browser.js
-@@ -1203,6 +1203,21 @@ function BrowserStartup() {
- 
-   prepareForStartup();
- 
-+  // If this is not a TBB profile, exit. 
-+  // Solves https://trac.torproject.org/projects/tor/ticket/4192
-+  var foundPref = false;
-+  try {
-+    foundPref = gPrefService.prefHasUserValue("torbrowser.version");
-+  } catch(e) {
-+    //dump("No pref: "+e);
-+  }
-+  if(!foundPref) {
-+    var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"]
-+                         .getService(Components.interfaces.nsIAppStartup);
-+    appStartup.quit(3); // Force all windows to close, and then quit.
-+  }
-+
-+
-   if (uriToLoad && !isLoadingBlank) {
-     if (uriToLoad instanceof Ci.nsISupportsArray) {
-       let count = uriToLoad.Count();
--- 
-1.7.3.4
-
diff --git a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
new file mode 100644
index 0000000..70070d2
--- /dev/null
+++ b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
@@ -0,0 +1,50 @@
+From b31cf77e084355158252629efd6bf794212d807a Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Mon, 20 Jun 2011 17:07:41 -0700
+Subject: [PATCH 1/8] Block Components.interfaces,lookupMethod from content
+
+This patch removes the ability of content script to access
+Components.interfaces.* as well as call or access Components.lookupMethod.
+
+These two interfaces seem to be exposed to content script only to make our
+lives difficult. Components.lookupMethod can undo our JS hooks, and
+Components.interfaces is useful for fingerprinting the platform, OS, and
+Firebox version.
+
+They appear to have no other legitimate use. See also:
+https://bugzilla.mozilla.org/show_bug.cgi?id=429070
+https://trac.torproject.org/projects/tor/ticket/2873
+https://trac.torproject.org/projects/tor/ticket/2874
+---
+ js/src/xpconnect/src/xpccomponents.cpp |    8 ++++++--
+ 1 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/js/src/xpconnect/src/xpccomponents.cpp b/js/src/xpconnect/src/xpccomponents.cpp
+index 664021e..9c8c415 100644
+--- a/js/src/xpconnect/src/xpccomponents.cpp
++++ b/js/src/xpconnect/src/xpccomponents.cpp
+@@ -4393,7 +4393,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval)
+ NS_IMETHODIMP
+ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval)
+ {
+-    static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull };
++    // XXX: Pref observer? Also, is this what we want? Seems like a plan
++    //static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull };
++    static const char* allowed[] = { "isSuccessCode", nsnull };
+     *_retval = xpc_CheckAccessList(methodName, allowed);
+     return NS_OK;
+ }
+@@ -4402,7 +4404,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c
+ NS_IMETHODIMP
+ nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
+ {
+-    static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull};
++    // XXX: Pref observer? Also, is this what we want? Seems like a plan
++    //    static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull};
++    static const char* allowed[] = { "results", nsnull};
+     *_retval = xpc_CheckAccessList(propertyName, allowed);
+     return NS_OK;
+ }
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch
new file mode 100644
index 0000000..0429cca
--- /dev/null
+++ b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch
@@ -0,0 +1,94 @@
+From 9eff68b74bb38d535c1d09246c8c2893f05edd1b Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Mon, 20 Jun 2011 17:07:56 -0700
+Subject: [PATCH 2/8] Make Permissions Manager memory-only
+
+This patch exposes a pref 'permissions.memory_only' that properly isolates the
+permissions manager to memory, which is responsible for all user specified
+site permissions, as well as stored STS policy.
+
+The pref does successfully clear the permissions manager memory if toggled. It
+does not need to be set in prefs.js, and can be handled by Torbutton.
+
+https://trac.torproject.org/projects/tor/ticket/2950
+---
+ extensions/cookie/nsPermissionManager.cpp |   34 ++++++++++++++++++++++++++--
+ 1 files changed, 31 insertions(+), 3 deletions(-)
+
+diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp
+index 773a973..5387397 100644
+--- a/extensions/cookie/nsPermissionManager.cpp
++++ b/extensions/cookie/nsPermissionManager.cpp
+@@ -58,6 +58,10 @@
+ #include "mozStorageHelper.h"
+ #include "mozStorageCID.h"
+ #include "nsXULAppAPI.h"
++#include "nsCOMPtr.h"
++#include "nsIPrefService.h"
++#include "nsIPrefBranch.h"
++#include "nsIPrefBranch2.h"
+ 
+ static nsPermissionManager *gPermissionManager = nsnull;
+ 
+@@ -227,6 +231,11 @@ nsPermissionManager::Init()
+     mObserverService->AddObserver(this, "profile-do-change", PR_TRUE);
+   }
+ 
++  nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID);
++  if (pbi) {
++    pbi->AddObserver("permissions.", this, PR_FALSE);
++  }
++
+   if (IsChildProcess()) {
+     // Get the permissions from the parent process
+     InfallibleTArray<IPC::Permission> perms;
+@@ -275,8 +284,18 @@ nsPermissionManager::InitDB(PRBool aRemoveFile)
+   if (!storage)
+     return NS_ERROR_UNEXPECTED;
+ 
++  PRBool memory_db = false;
++  nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
++  if (prefs) {
++    prefs->GetBoolPref("permissions.memory_only", &memory_db); 
++  }
++
+   // cache a connection to the hosts database
+-  rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
++  if (memory_db) {
++    rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn));
++  } else {
++    rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
++  }
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+   PRBool ready;
+@@ -286,7 +305,11 @@ nsPermissionManager::InitDB(PRBool aRemoveFile)
+     rv = permissionsFile->Remove(PR_FALSE);
+     NS_ENSURE_SUCCESS(rv, rv);
+ 
+-    rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
++    if (memory_db) {
++      rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn));
++    } else {
++      rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn));
++    }
+     NS_ENSURE_SUCCESS(rv, rv);
+ 
+     mDBConn->GetConnectionReady(&ready);
+@@ -805,7 +828,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT
+ {
+   ENSURE_NOT_CHILD_PROCESS;
+ 
+-  if (!nsCRT::strcmp(aTopic, "profile-before-change")) {
++  if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
++    if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("permissions.memory_only").get())) {
++      // XXX: Should we remove the file? Probably not..
++      InitDB(PR_FALSE);
++    }
++  } else if (!nsCRT::strcmp(aTopic, "profile-before-change")) {
+     // The profile is about to change,
+     // or is going away because the application is shutting down.
+     if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) {
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch
new file mode 100644
index 0000000..0d3c991
--- /dev/null
+++ b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch
@@ -0,0 +1,43 @@
+From 6b2fed2b29f239c1c85e32bd417bacc3fd7155a7 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Fri, 19 Aug 2011 17:58:23 -0700
+Subject: [PATCH 3/8] Make Intermediate Cert Store memory-only.
+
+This patch makes the intermediate SSL cert store exist in memory only.
+
+The pref must be set before startup in prefs.js.
+https://trac.torproject.org/projects/tor/ticket/2949
+---
+ security/manager/ssl/src/nsNSSComponent.cpp |   15 ++++++++++++++-
+ 1 files changed, 14 insertions(+), 1 deletions(-)
+
+diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp
+index 11cb2bd..fd717f4 100644
+--- a/security/manager/ssl/src/nsNSSComponent.cpp
++++ b/security/manager/ssl/src/nsNSSComponent.cpp
+@@ -1757,8 +1757,21 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox)
+     // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as
+     // "/usr/lib/nss/libnssckbi.so".
+     PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE;
+-    SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "",
++    PRBool nocertdb = false;
++    mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb);
++
++    // XXX: We can also do the the following to only disable the certdb.
++    // Leaving this codepath in as a fallback in case InitNODB fails
++    if (nocertdb)
++      init_flags |= NSS_INIT_NOCERTDB;
++
++    SECStatus init_rv;
++    if (nocertdb) {
++        init_rv = ::NSS_NoDB_Init(NULL);
++    } else {
++        init_rv = ::NSS_Initialize(profileStr.get(), "", "",
+                                          SECMOD_DB, init_flags);
++    }
+ 
+     if (init_rv != SECSuccess) {
+       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get()));
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
new file mode 100644
index 0000000..24ab5fd
--- /dev/null
+++ b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
@@ -0,0 +1,51 @@
+From 273ae174b0db5c37d39bb4aefdf1ce3c14fee3d6 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Fri, 2 Sep 2011 15:33:20 -0700
+Subject: [PATCH 4/8] Add HTTP auth headers before the modify-request observer.
+
+Otherwise, how are we supposed to modify them?
+
+Thanks to Georg Koppen for spotting both the problem and this fix.
+---
+ netwerk/protocol/http/nsHttpChannel.cpp |   11 +++++++----
+ 1 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
+index cd11187..144ecb7 100644
+--- a/netwerk/protocol/http/nsHttpChannel.cpp
++++ b/netwerk/protocol/http/nsHttpChannel.cpp
+@@ -287,9 +287,6 @@ nsHttpChannel::Connect(PRBool firstTime)
+         return NS_ERROR_DOCUMENT_NOT_CACHED;
+     }
+ 
+-    // check to see if authorization headers should be included
+-    mAuthProvider->AddAuthorizationHeaders();
+-
+     if (mLoadFlags & LOAD_NO_NETWORK_IO) {
+         return NS_ERROR_DOCUMENT_NOT_CACHED;
+     }
+@@ -3621,6 +3618,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
+ 
+     AddCookiesToRequest();
+ 
++    // check to see if authorization headers should be included
++    mAuthProvider->AddAuthorizationHeaders();
++
+     // notify "http-on-modify-request" observers
+     gHttpHandler->OnModifyRequest(this);
+ 
+@@ -4693,7 +4693,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn)
+     // this authentication attempt (bug 84794).
+     // TODO: save cookies from auth response and send them here (bug 572151).
+     AddCookiesToRequest();
+-    
++   
++    // check to see if authorization headers should be included
++    mAuthProvider->AddAuthorizationHeaders();
++ 
+     // notify "http-on-modify-request" observers
+     gHttpHandler->OnModifyRequest(this);
+ 
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch
new file mode 100644
index 0000000..3d5fd54
--- /dev/null
+++ b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch
@@ -0,0 +1,85 @@
+From b777a0bc7898314cf13f8ad30a3ed072f4246941 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Fri, 2 Sep 2011 20:47:02 -0700
+Subject: [PATCH 5/8] Add a string-based cacheKey.
+
+Used for isolating cache according to same-origin policy.
+---
+ netwerk/base/public/nsICachingChannel.idl |    7 +++++++
+ netwerk/protocol/http/nsHttpChannel.cpp   |   22 ++++++++++++++++++++++
+ netwerk/protocol/http/nsHttpChannel.h     |    1 +
+ 3 files changed, 30 insertions(+), 0 deletions(-)
+
+diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl
+index 2da46d6..4ee5774 100644
+--- a/netwerk/base/public/nsICachingChannel.idl
++++ b/netwerk/base/public/nsICachingChannel.idl
+@@ -98,6 +98,13 @@ interface nsICachingChannel : nsICacheInfoChannel
+     attribute nsISupports cacheKey;
+ 
+     /**
++     * Set/get the cache domain... uniquely identifies the data in the cache
++     * for this channel.  Holding a reference to this key does NOT prevent
++     * the cached data from being removed.
++     */
++    attribute AUTF8String cacheDomain;
++
++    /**
+      * Specifies whether or not the data should be cached to a file.  This
+      * may fail if the disk cache is not present.  The value of this attribute
+      * is usually only settable during the processing of a channel's
+diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
+index 144ecb7..0c8f8ae 100644
+--- a/netwerk/protocol/http/nsHttpChannel.cpp
++++ b/netwerk/protocol/http/nsHttpChannel.cpp
+@@ -2313,6 +2313,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
+         cacheKey.Append(buf);
+     }
+ 
++    if (strlen(mCacheDomain.get()) > 0) {
++        cacheKey.AppendLiteral("domain=");
++        cacheKey.Append(mCacheDomain.get());
++        cacheKey.AppendLiteral("&");
++    }
++
+     if (!cacheKey.IsEmpty()) {
+         cacheKey.AppendLiteral("uri=");
+     }
+@@ -4593,6 +4599,22 @@ nsHttpChannel::SetCacheForOfflineUse(PRBool value)
+ }
+ 
+ NS_IMETHODIMP
++nsHttpChannel::GetCacheDomain(nsACString &value)
++{
++    value = mCacheDomain;
++
++    return NS_OK;
++}
++
++NS_IMETHODIMP
++nsHttpChannel::SetCacheDomain(const nsACString &value)
++{
++    mCacheDomain = value;
++
++    return NS_OK;
++}
++
++NS_IMETHODIMP
+ nsHttpChannel::GetOfflineCacheClientID(nsACString &value)
+ {
+     value = mOfflineCacheClientID;
+diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
+index a64ec07..7e89afe 100644
+--- a/netwerk/protocol/http/nsHttpChannel.h
++++ b/netwerk/protocol/http/nsHttpChannel.h
+@@ -303,6 +303,7 @@ private:
+     nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry;
+     nsCacheAccessMode                 mOfflineCacheAccess;
+     nsCString                         mOfflineCacheClientID;
++    nsCString                         mCacheDomain;
+ 
+     // auth specific data
+     nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider;
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch
new file mode 100644
index 0000000..76ce04d
--- /dev/null
+++ b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch
@@ -0,0 +1,149 @@
+From f68b858073e7c16236430ee349fb565ac18cf3d4 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Sat, 3 Sep 2011 00:10:35 -0700
+Subject: [PATCH 6/8] Randomize HTTP pipeline order and depth.
+
+Also turn up maximum depth to 12.
+
+This is an experimental defense against
+http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf
+---
+ netwerk/protocol/http/nsHttpConnectionMgr.cpp |   78 ++++++++++++++++++++++++-
+ netwerk/protocol/http/nsHttpConnectionMgr.h   |    4 +
+ 2 files changed, 81 insertions(+), 1 deletions(-)
+
+diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+index c754f83..6a522ec 100644
+--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
++++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+@@ -93,6 +93,11 @@ nsHttpConnectionMgr::nsHttpConnectionMgr()
+     , mTimeOfNextWakeUp(LL_MAXUINT)
+ {
+     LOG(("Creating nsHttpConnectionMgr @%x\n", this));
++    nsresult rv;
++    mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv);
++    if (NS_FAILED(rv)) {
++        mRandomGenerator = nsnull;
++    }
+ }
+ 
+ nsHttpConnectionMgr::~nsHttpConnectionMgr()
+@@ -822,7 +827,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent,
+     nsHttpPipeline *pipeline = nsnull;
+     if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) {
+         LOG(("  looking to build pipeline...\n"));
+-        if (BuildPipeline(ent, trans, &pipeline))
++        if (BuildRandomizedPipeline(ent, trans, &pipeline))
+             trans = pipeline;
+     }
+ 
+@@ -895,6 +900,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent,
+     return PR_TRUE;
+ }
+ 
++PRBool
++nsHttpConnectionMgr::BuildRandomizedPipeline(nsConnectionEntry *ent,
++                                   nsAHttpTransaction *firstTrans,
++                                   nsHttpPipeline **result)
++{
++    if (mRandomGenerator == nsnull)
++        return BuildPipeline(ent, firstTrans, result);
++    if (mMaxPipelinedRequests < 2)
++        return PR_FALSE;
++
++    nsresult rv;
++    PRUint8 *bytes = nsnull;
++
++    nsHttpPipeline *pipeline = nsnull;
++    nsHttpTransaction *trans;
++
++    PRUint32 i = 0, numAdded = 0, numAllowed = 0;
++    PRUint32 max = 0;
++
++    while (i < ent->mPendingQ.Length()) {
++        if (ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING)
++            numAllowed++;
++        i++;
++    }
++
++    rv = mRandomGenerator->GenerateRandomBytes(1, &bytes);
++    NS_ENSURE_SUCCESS(rv, rv);
++    // 4...12
++    max = 4 + (bytes[0] % (mMaxPipelinedRequests + 1));
++    NS_Free(bytes);
++
++    while (numAllowed > 0) {
++        rv = mRandomGenerator->GenerateRandomBytes(1, &bytes);
++        NS_ENSURE_SUCCESS(rv, rv);
++        i = bytes[0] % ent->mPendingQ.Length();
++        NS_Free(bytes);
++
++        trans = ent->mPendingQ[i];
++
++        if (!(ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING))
++            continue;
++
++        if (numAdded == 0) {
++            pipeline = new nsHttpPipeline;
++            if (!pipeline)
++                return PR_FALSE;
++            pipeline->AddTransaction(firstTrans);
++            numAdded = 1;
++        }
++        pipeline->AddTransaction(trans);
++
++        // remove transaction from pending queue
++        ent->mPendingQ.RemoveElementAt(i);
++        NS_RELEASE(trans);
++
++        numAllowed--;
++
++        if (++numAdded == max)
++            break;
++    }
++
++    //fprintf(stderr, "Yay!!! pipelined %u/%u transactions\n", numAdded, max);
++    LOG(("  pipelined %u/%u transactions\n", numAdded, max));
++
++    if (numAdded == 0)
++        return PR_FALSE;
++
++    NS_ADDREF(*result = pipeline);
++    return PR_TRUE;
++}
++
+ nsresult
+ nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans)
+ {
+diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h
+index 695cd8f..1806d17 100644
+--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
++++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
+@@ -48,6 +48,7 @@
+ #include "nsAutoPtr.h"
+ #include "mozilla/ReentrantMonitor.h"
+ #include "nsISocketTransportService.h"
++#include "nsIRandomGenerator.h"
+ 
+ #include "nsIObserver.h"
+ #include "nsITimer.h"
+@@ -270,6 +271,7 @@ private:
+     nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *,
+                                  PRUint8 caps, nsHttpConnection *);
+     PRBool   BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
++    PRBool   BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
+     nsresult ProcessNewTransaction(nsHttpTransaction *);
+     nsresult EnsureSocketThreadTargetIfOnline();
+     nsresult CreateTransport(nsConnectionEntry *, nsHttpTransaction *);
+@@ -345,6 +347,8 @@ private:
+     PRUint64 mTimeOfNextWakeUp;
+     // Timer for next pruning of dead connections.
+     nsCOMPtr<nsITimer> mTimer;
++    // Random number generator for reordering HTTP pipeline
++    nsCOMPtr<nsIRandomGenerator>             mRandomGenerator;
+ 
+     //
+     // the connection table
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch
new file mode 100644
index 0000000..eae5f1f
--- /dev/null
+++ b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch
@@ -0,0 +1,85 @@
+From 32c9fdda43a02e738cbe9c7207795ed92bf835b9 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Wed, 28 Sep 2011 13:24:20 -0700
+Subject: [PATCH 7/8] Block all plugins except flash.
+
+We cannot use the @mozilla.org/extensions/blocklist;1 service, because we
+actually want to stop plugins from ever entering the browser's process space
+and/or executing code (for example, AV plugins that collect statistics/analyse
+urls, magical toolbars that phone home or "help" the user, skype buttons that
+ruin our day, and censorship filters). Hence we rolled our own.
+
+See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings
+on a better way. Until then, it is delta-darwinism for us.
+---
+ dom/plugins/base/nsPluginHost.cpp |   33 +++++++++++++++++++++++++++++++++
+ dom/plugins/base/nsPluginHost.h   |    2 ++
+ 2 files changed, 35 insertions(+), 0 deletions(-)
+
+diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp
+index 2c2ad7d..eba8c24 100644
+--- a/dom/plugins/base/nsPluginHost.cpp
++++ b/dom/plugins/base/nsPluginHost.cpp
+@@ -2014,6 +2014,35 @@ PRBool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag)
+   return PR_FALSE;
+ }
+ 
++PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile)
++{
++    nsCString leaf;
++    const char *leafStr;
++    nsresult rv;
++    
++    rv = pluginFile->GetNativeLeafName(leaf);
++    if (NS_FAILED(rv)) {
++        return PR_TRUE; // fuck 'em. blacklist.
++    }
++
++    leafStr = leaf.get();
++
++    if (!leafStr) {
++        return PR_TRUE; // fuck 'em. blacklist.
++    }
++
++    // libgnashplugin.so, libflashplayer.so, Flash Player-10.4-10.5.plugin,
++    // NPSWF32.dll, NPSWF64.dll
++    if (strstr(leafStr, "libgnashplugin") == leafStr ||
++        strstr(leafStr, "libflashplayer") == leafStr ||
++        strstr(leafStr, "Flash Player") == leafStr ||
++        strstr(leafStr, "NPSWF") == leafStr) {
++        return PR_FALSE;
++    }
++
++    return PR_TRUE; // fuck 'em. blacklist.
++}
++
+ typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void);
+ 
+ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
+@@ -2135,6 +2164,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
+       continue;
+     }
+ 
++    if (GhettoBlacklist(localfile)) {
++        continue;
++    }
++
+     // if it is not found in cache info list or has been changed, create a new one
+     if (!pluginTag) {
+       nsPluginFile pluginFile(localfile);
+diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h
+index cb43042..41dbf63 100644
+--- a/dom/plugins/base/nsPluginHost.h
++++ b/dom/plugins/base/nsPluginHost.h
+@@ -282,6 +282,8 @@ private:
+   // Loads all cached plugins info into mCachedPlugins
+   nsresult ReadPluginInfo();
+ 
++  PRBool GhettoBlacklist(nsIFile *pluginFile);
++
+   // Given a file path, returns the plugins info from our cache
+   // and removes it from the cache.
+   void RemoveCachedPluginsInfo(const char *filePath,
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch
new file mode 100644
index 0000000..3b46894
--- /dev/null
+++ b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch
@@ -0,0 +1,37 @@
+From cdf48e30d76f7e1c349cdf8597e9cdc94623b8d8 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Thu, 8 Sep 2011 08:40:17 -0700
+Subject: [PATCH 8/8] Make content pref service memory-only + clearable
+
+This prevents random urls from being inserted into content-prefs.sqllite in
+the profile directory as content prefs change (includes site-zoom and perhaps
+other site prefs?).
+---
+ .../contentprefs/nsContentPrefService.js           |    4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js
+index a5f417f..601f7a3 100644
+--- a/toolkit/components/contentprefs/nsContentPrefService.js
++++ b/toolkit/components/contentprefs/nsContentPrefService.js
+@@ -1036,7 +1036,7 @@ ContentPrefService.prototype = {
+ 
+     var dbConnection;
+ 
+-    if (!dbFile.exists())
++    if (true || !dbFile.exists())
+       dbConnection = this._dbCreate(dbService, dbFile);
+     else {
+       try {
+@@ -1084,7 +1084,7 @@ ContentPrefService.prototype = {
+   },
+ 
+   _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) {
+-    var dbConnection = aDBService.openDatabase(aDBFile);
++    var dbConnection = aDBService.openSpecialDatabase("memory");
+ 
+     try {
+       this._dbCreateSchema(dbConnection);
+-- 
+1.7.3.4
+
diff --git a/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
new file mode 100644
index 0000000..6659770
--- /dev/null
+++ b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
@@ -0,0 +1,46 @@
+From 369d7df54fe13dd69a069a43959bdabcc364e6e4 Mon Sep 17 00:00:00 2001
+From: Mike Perry <mikeperry-git at fscked.org>
+Date: Sun, 9 Oct 2011 22:50:07 -0700
+Subject: [PATCH] Make Tor Browser exit when not launched from Vidalia
+
+Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app
+for easy relaunch. If they manage to do this, we should fail closed rather
+than opened. Hopefully they will get the hint and dock Vidalia instead.
+
+This is an emergency fix for
+https://trac.torproject.org/projects/tor/ticket/4192. We can do a better
+localized fix w/ a translated alert menu later, if it seems like this might
+actually be common.
+---
+ browser/base/content/browser.js |   15 +++++++++++++++
+ 1 files changed, 15 insertions(+), 0 deletions(-)
+
+diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
+index 50f6963..ed2812c 100644
+--- a/browser/base/content/browser.js
++++ b/browser/base/content/browser.js
+@@ -1203,6 +1203,21 @@ function BrowserStartup() {
+ 
+   prepareForStartup();
+ 
++  // If this is not a TBB profile, exit. 
++  // Solves https://trac.torproject.org/projects/tor/ticket/4192
++  var foundPref = false;
++  try {
++    foundPref = gPrefService.prefHasUserValue("torbrowser.version");
++  } catch(e) {
++    //dump("No pref: "+e);
++  }
++  if(!foundPref) {
++    var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"]
++                         .getService(Components.interfaces.nsIAppStartup);
++    appStartup.quit(3); // Force all windows to close, and then quit.
++  }
++
++
+   if (uriToLoad && !isLoadingBlank) {
+     if (uriToLoad instanceof Ci.nsISupportsArray) {
+       let count = uriToLoad.Count();
+-- 
+1.7.3.4
+





More information about the tor-commits mailing list