[tor-commits] [torbrowser/master] Rebase patches to Firefox 11.
erinn at torproject.org
erinn at torproject.org
Fri Mar 16 05:18:24 UTC 2012
commit 37575c4a15d18362c8a68f8f74a4bffaa0b67611
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Thu Mar 15 22:05:37 2012 -0700
Rebase patches to Firefox 11.
---
...nents.interfaces-lookupMethod-from-conten.patch | 8 ++--
...0002-Make-Permissions-Manager-memory-only.patch | 2 +-
...-Make-Intermediate-Cert-Store-memory-only.patch | 6 +-
...th-headers-before-the-modify-request-obse.patch | 10 ++--
.../firefox/0005-Add-a-string-based-cacheKey.patch | 8 ++--
...6-Randomize-HTTP-pipeline-order-and-depth.patch | 41 ++++++++++----------
.../0007-Block-all-plugins-except-flash.patch | 12 +++---
...ontent-pref-service-memory-only-clearable.patch | 8 ++--
...owser-exit-when-not-launched-from-Vidalia.patch | 6 +-
.../0010-Disable-SSL-Session-ID-tracking.patch | 6 +-
...observer-event-to-close-persistent-connec.patch | 8 ++--
...e-client-values-only-to-CSS-Media-Queries.patch | 2 +-
...13-Limit-the-number-of-fonts-per-document.patch | 14 +++---
13 files changed, 66 insertions(+), 65 deletions(-)
diff --git a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
index ba0da28..bdc2f8d 100644
--- a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
+++ b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
@@ -1,4 +1,4 @@
-From 67b86f0c22070cbf86112174ae1e2ce6d6a36dee Mon Sep 17 00:00:00 2001
+From 7b56d6e4ae963f13bb7469d803be823e366ec00c Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:40:40 -0800
Subject: [PATCH 01/13] Block Components.interfaces,lookupMethod from content
@@ -20,10 +20,10 @@ https://trac.torproject.org/projects/tor/ticket/2874
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp
-index 3bcbf91..d5c020a 100644
+index ef3e5ac..e986db4 100644
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
-@@ -4456,7 +4456,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval)
+@@ -4236,7 +4236,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval)
NS_IMETHODIMP
nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval)
{
@@ -34,7 +34,7 @@ index 3bcbf91..d5c020a 100644
*_retval = xpc_CheckAccessList(methodName, allowed);
return NS_OK;
}
-@@ -4465,7 +4467,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c
+@@ -4245,7 +4247,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c
NS_IMETHODIMP
nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
{
diff --git a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch
index ecd1e32..1ff64e3 100644
--- a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch
+++ b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch
@@ -1,4 +1,4 @@
-From 193c50c03aa61eef5415d0476467c22941022a11 Mon Sep 17 00:00:00 2001
+From 4640f62becabf5adefd190ae119c93e486be9aed Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:45:16 -0800
Subject: [PATCH 02/13] Make Permissions Manager memory-only
diff --git a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch
index ec575bc..49ca58e 100644
--- a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch
+++ b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch
@@ -1,4 +1,4 @@
-From 5d72233faeba1745962f55fa09fe2f537eda93ec Mon Sep 17 00:00:00 2001
+From b24b0d0fdddb77692a1609109f4c7cfb4b6f11f8 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Fri, 19 Aug 2011 17:58:23 -0700
Subject: [PATCH 03/13] Make Intermediate Cert Store memory-only.
@@ -12,10 +12,10 @@ https://trac.torproject.org/projects/tor/ticket/2949
1 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp
-index a08c4ef..0ec3713 100644
+index 5abc0a5..22becca 100644
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
-@@ -1730,8 +1730,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox)
+@@ -1738,8 +1738,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox)
// Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as
// "/usr/lib/nss/libnssckbi.so".
PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE;
diff --git a/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
index 44dfccc..2f0ef83 100644
--- a/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
+++ b/src/current-patches/firefox/0004-Add-HTTP-auth-headers-before-the-modify-request-obse.patch
@@ -1,4 +1,4 @@
-From 6dc27a50e06bca139a07546f94a827f1fdb762b7 Mon Sep 17 00:00:00 2001
+From d09a2b089ef401b08a8668b55b42233c81cbc198 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Fri, 2 Sep 2011 15:33:20 -0700
Subject: [PATCH 04/13] Add HTTP auth headers before the modify-request
@@ -12,10 +12,10 @@ Thanks to Georg Koppen for spotting both the problem and this fix.
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index dec2a83..4c5e759 100644
+index 7c88d41..0cab7a4 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -316,9 +316,6 @@ nsHttpChannel::Connect(bool firstTime)
+@@ -328,9 +328,6 @@ nsHttpChannel::Connect(bool firstTime)
return NS_ERROR_DOCUMENT_NOT_CACHED;
}
@@ -25,7 +25,7 @@ index dec2a83..4c5e759 100644
if (mLoadFlags & LOAD_NO_NETWORK_IO) {
return NS_ERROR_DOCUMENT_NOT_CACHED;
}
-@@ -3701,6 +3698,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
+@@ -3743,6 +3740,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
AddCookiesToRequest();
@@ -35,7 +35,7 @@ index dec2a83..4c5e759 100644
// notify "http-on-modify-request" observers
gHttpHandler->OnModifyRequest(this);
-@@ -4795,7 +4795,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn)
+@@ -4847,7 +4847,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn)
// this authentication attempt (bug 84794).
// TODO: save cookies from auth response and send them here (bug 572151).
AddCookiesToRequest();
diff --git a/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch
index 822033a..c0b8be5 100644
--- a/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch
+++ b/src/current-patches/firefox/0005-Add-a-string-based-cacheKey.patch
@@ -1,4 +1,4 @@
-From a06818f3a358e6c4502b944ecd264fd2ccaff5bf Mon Sep 17 00:00:00 2001
+From 76dfe3891b66f4a6ba352cf543ca52ff59aa65cd Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Fri, 2 Sep 2011 20:47:02 -0700
Subject: [PATCH 05/13] Add a string-based cacheKey.
@@ -29,10 +29,10 @@ index 2da46d6..4ee5774 100644
* may fail if the disk cache is not present. The value of this attribute
* is usually only settable during the processing of a channel's
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index 4c5e759..6205d62 100644
+index 0cab7a4..2c2803f 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -2389,6 +2389,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
+@@ -2408,6 +2408,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
cacheKey.Append(buf);
}
@@ -45,7 +45,7 @@ index 4c5e759..6205d62 100644
if (!cacheKey.IsEmpty()) {
cacheKey.AppendLiteral("uri=");
}
-@@ -4695,6 +4701,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value)
+@@ -4747,6 +4753,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value)
}
NS_IMETHODIMP
diff --git a/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch
index de40bfe..04a34ea 100644
--- a/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch
+++ b/src/current-patches/firefox/0006-Randomize-HTTP-pipeline-order-and-depth.patch
@@ -1,6 +1,6 @@
-From 755f71320538b0a813807cc3f4076dd20cbe9849 Mon Sep 17 00:00:00 2001
+From 39a9dab25c4ed3acc95009c0f44f4f6f2f1c5086 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
-Date: Wed, 1 Feb 2012 16:05:22 -0800
+Date: Thu, 15 Mar 2012 20:05:07 -0700
Subject: [PATCH 06/13] Randomize HTTP pipeline order and depth.
This is an experimental defense against
@@ -9,18 +9,19 @@ http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf
See also:
https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting
---
- netwerk/protocol/http/nsHttpConnectionMgr.cpp | 78 ++++++++++++++++++++++++-
+ netwerk/protocol/http/nsHttpConnectionMgr.cpp | 79 ++++++++++++++++++++++++-
netwerk/protocol/http/nsHttpConnectionMgr.h | 4 +
- 2 files changed, 81 insertions(+), 1 deletions(-)
+ 2 files changed, 82 insertions(+), 1 deletions(-)
diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-index 23ef893..bba456d 100644
+index 17d897f..3200638 100644
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-@@ -94,6 +94,11 @@ nsHttpConnectionMgr::nsHttpConnectionMgr()
- {
+@@ -99,6 +99,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr()
LOG(("Creating nsHttpConnectionMgr @%x\n", this));
mCT.Init();
+ mAlternateProtocolHash.Init(16);
++
+ nsresult rv;
+ mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv);
+ if (NS_FAILED(rv)) {
@@ -29,8 +30,8 @@ index 23ef893..bba456d 100644
}
nsHttpConnectionMgr::~nsHttpConnectionMgr()
-@@ -865,7 +870,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent,
- nsHttpPipeline *pipeline = nsnull;
+@@ -1227,7 +1233,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent,
+
if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) {
LOG((" looking to build pipeline...\n"));
- if (BuildPipeline(ent, trans, &pipeline))
@@ -38,7 +39,7 @@ index 23ef893..bba456d 100644
trans = pipeline;
}
-@@ -938,6 +943,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent,
+@@ -1300,6 +1306,77 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent,
return true;
}
@@ -117,26 +118,26 @@ index 23ef893..bba456d 100644
nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans)
{
diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h
-index cdf21a9..9647225 100644
+index bb605a1..47d01f6 100644
--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
-@@ -48,6 +48,7 @@
- #include "nsAutoPtr.h"
- #include "mozilla/ReentrantMonitor.h"
- #include "nsISocketTransportService.h"
-+#include "nsIRandomGenerator.h"
-
+@@ -54,6 +54,7 @@
#include "nsIObserver.h"
#include "nsITimer.h"
-@@ -276,6 +277,7 @@ private:
- nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *,
+ #include "nsIX509Cert3.h"
++#include "nsIRandomGenerator.h"
+
+ class nsHttpPipeline;
+
+@@ -312,6 +313,7 @@ private:
+ nsresult DispatchTransaction(nsConnectionEntry *, nsHttpTransaction *,
PRUint8 caps, nsHttpConnection *);
bool BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
+ bool BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
nsresult ProcessNewTransaction(nsHttpTransaction *);
nsresult EnsureSocketThreadTargetIfOnline();
void ClosePersistentConnections(nsConnectionEntry *ent);
-@@ -353,6 +355,8 @@ private:
+@@ -405,6 +407,8 @@ private:
PRUint64 mTimeOfNextWakeUp;
// Timer for next pruning of dead connections.
nsCOMPtr<nsITimer> mTimer;
diff --git a/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch
index ef83185..b850f62 100644
--- a/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch
+++ b/src/current-patches/firefox/0007-Block-all-plugins-except-flash.patch
@@ -1,4 +1,4 @@
-From 7d6e270e1a05e1fe57d069b9859c9b51904db33e Mon Sep 17 00:00:00 2001
+From 10873c626d038b520853539d45a170919d6d0361 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:50:15 -0800
Subject: [PATCH 07/13] Block all plugins except flash.
@@ -17,10 +17,10 @@ on a better way. Until then, it is delta-darwinism for us.
2 files changed, 35 insertions(+), 0 deletions(-)
diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp
-index 729c9ef..1f4652d 100644
+index 7fe18b2..d76c4ca 100644
--- a/dom/plugins/base/nsPluginHost.cpp
+++ b/dom/plugins/base/nsPluginHost.cpp
-@@ -1965,6 +1965,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag)
+@@ -1982,6 +1982,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag)
return false;
}
@@ -56,7 +56,7 @@ index 729c9ef..1f4652d 100644
typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void);
nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
-@@ -2086,6 +2115,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
+@@ -2103,6 +2132,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir,
continue;
}
@@ -68,10 +68,10 @@ index 729c9ef..1f4652d 100644
if (!pluginTag) {
nsPluginFile pluginFile(localfile);
diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h
-index 39a8891..c262abf 100644
+index 5630b8d..f54bd32 100644
--- a/dom/plugins/base/nsPluginHost.h
+++ b/dom/plugins/base/nsPluginHost.h
-@@ -278,6 +278,8 @@ private:
+@@ -285,6 +285,8 @@ private:
// Loads all cached plugins info into mCachedPlugins
nsresult ReadPluginInfo();
diff --git a/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch
index ac91170..b123321 100644
--- a/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch
+++ b/src/current-patches/firefox/0008-Make-content-pref-service-memory-only-clearable.patch
@@ -1,4 +1,4 @@
-From 23a09d0a6def1e2f7190177a875ab5a85c5da7b7 Mon Sep 17 00:00:00 2001
+From 9a406718f9cb98f57de4649def8ef501ddbb9775 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Thu, 8 Sep 2011 08:40:17 -0700
Subject: [PATCH 08/13] Make content pref service memory-only + clearable
@@ -11,10 +11,10 @@ other site prefs?).
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js
-index adfb650..1619d5f 100644
+index 17cac93..1f12609 100644
--- a/toolkit/components/contentprefs/nsContentPrefService.js
+++ b/toolkit/components/contentprefs/nsContentPrefService.js
-@@ -1240,7 +1240,7 @@ ContentPrefService.prototype = {
+@@ -1242,7 +1242,7 @@ ContentPrefService.prototype = {
var dbConnection;
@@ -23,7 +23,7 @@ index adfb650..1619d5f 100644
dbConnection = this._dbCreate(dbService, dbFile);
else {
try {
-@@ -1288,7 +1288,7 @@ ContentPrefService.prototype = {
+@@ -1290,7 +1290,7 @@ ContentPrefService.prototype = {
},
_dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) {
diff --git a/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
index 3dc98ed..1744772 100644
--- a/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
+++ b/src/current-patches/firefox/0009-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
@@ -1,4 +1,4 @@
-From b9c2e8d93cf62ea8f8fec63f0db955d8d0c4bc24 Mon Sep 17 00:00:00 2001
+From af562eedaa61f60241c4a73c2cac6a0a5821a66d Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Sun, 9 Oct 2011 22:50:07 -0700
Subject: [PATCH 09/13] Make Tor Browser exit when not launched from Vidalia
@@ -16,10 +16,10 @@ actually be common.
1 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
-index a463fac..4480050 100644
+index 6abab20..21afee0 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
-@@ -1217,6 +1217,21 @@ function BrowserStartup() {
+@@ -1224,6 +1224,21 @@ function BrowserStartup() {
prepareForStartup();
diff --git a/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch
index 8722540..76ce1b6 100644
--- a/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch
+++ b/src/current-patches/firefox/0010-Disable-SSL-Session-ID-tracking.patch
@@ -1,4 +1,4 @@
-From 8bfcf12fe59b7b9940830446bf331729f5c86b3d Mon Sep 17 00:00:00 2001
+From 33198fdb4467637fabf292e18530c89e8b6bad4e Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Wed, 7 Dec 2011 19:36:38 -0800
Subject: [PATCH 10/13] Disable SSL Session ID tracking.
@@ -11,10 +11,10 @@ https://www.torproject.org/projects/torbrowser/design/#identifier-linkability.
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
-index 2e6f9ed..c8a993b 100644
+index 22206f7..31086db 100644
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
-@@ -172,7 +172,7 @@ static sslOptions ssl_defaults = {
+@@ -173,7 +173,7 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */
PR_TRUE, /* enableSSL3 */
PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */
diff --git a/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch
index 7d91c66..f442982 100644
--- a/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch
+++ b/src/current-patches/firefox/0011-Provide-an-observer-event-to-close-persistent-connec.patch
@@ -1,4 +1,4 @@
-From befcfaff647b1e09722d100fbf2dadcc22cfdc2b Mon Sep 17 00:00:00 2001
+From a0c84e27f2c40d043c85ba3b794d3578e909f558 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:53:28 -0800
Subject: [PATCH 11/13] Provide an observer event to close persistent
@@ -11,10 +11,10 @@ keep-alive connections.
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp
-index f21598e..f3bf6af 100644
+index 727b5d6..87b55bc 100644
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
-@@ -321,6 +321,7 @@ nsHttpHandler::Init()
+@@ -329,6 +329,7 @@ nsHttpHandler::Init()
mObserverService->AddObserver(this, "net:clear-active-logins", true);
mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true);
mObserverService->AddObserver(this, "net:prune-dead-connections", true);
@@ -22,7 +22,7 @@ index f21598e..f3bf6af 100644
}
return NS_OK;
-@@ -1481,6 +1482,12 @@ nsHttpHandler::Observe(nsISupports *subject,
+@@ -1533,6 +1534,12 @@ nsHttpHandler::Observe(nsISupports *subject,
mConnMgr->PruneDeadConnections();
}
}
diff --git a/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch b/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch
index d3e636b..abed414 100644
--- a/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch
+++ b/src/current-patches/firefox/0012-Provide-client-values-only-to-CSS-Media-Queries.patch
@@ -1,4 +1,4 @@
-From b5c42aa7668ac12b034cc1806ae1dc48732fa9b5 Mon Sep 17 00:00:00 2001
+From 10f26d027ba5413d7e26aaccd92cbc1c12b42d86 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Tue, 20 Dec 2011 21:02:49 -0800
Subject: [PATCH 12/13] Provide client values only to CSS Media Queries
diff --git a/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch
index 4ae2487..7f0f248 100644
--- a/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch
+++ b/src/current-patches/firefox/0013-Limit-the-number-of-fonts-per-document.patch
@@ -1,4 +1,4 @@
-From 4ed1e1c2372216cfcf377b369a9d44bb9f60ee14 Mon Sep 17 00:00:00 2001
+From 215f7088f53e25309ec5037c05a25ed9048a625b Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 16:01:21 -0800
Subject: [PATCH 13/13] Limit the number of fonts per document.
@@ -23,7 +23,7 @@ https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkabilit
3 files changed, 119 insertions(+), 3 deletions(-)
diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp
-index e1587db..9690d9c 100644
+index c7ad359..ac12dff 100644
--- a/layout/base/nsPresContext.cpp
+++ b/layout/base/nsPresContext.cpp
@@ -98,6 +98,8 @@
@@ -35,7 +35,7 @@ index e1587db..9690d9c 100644
#ifdef IBMBIDI
#include "nsBidiPresUtils.h"
-@@ -706,6 +708,10 @@ nsPresContext::GetUserPreferences()
+@@ -731,6 +733,10 @@ nsPresContext::GetUserPreferences()
// * use fonts?
mUseDocumentFonts =
Preferences::GetInt("browser.display.use_document_fonts") != 0;
@@ -46,7 +46,7 @@ index e1587db..9690d9c 100644
// * replace backslashes with Yen signs? (bug 245770)
mEnableJapaneseTransform =
-@@ -1300,6 +1306,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const
+@@ -1332,6 +1338,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const
return font;
}
@@ -148,7 +148,7 @@ index e1587db..9690d9c 100644
nsPresContext::SetFullZoom(float aZoom)
{
diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h
-index ecd01d8..552a69a 100644
+index 39f5b4a..a72d12e 100644
--- a/layout/base/nsPresContext.h
+++ b/layout/base/nsPresContext.h
@@ -548,6 +548,13 @@ public:
@@ -165,7 +165,7 @@ index ecd01d8..552a69a 100644
PRInt32 MinFontSize() const {
return NS_MAX(mMinFontSize, mMinimumFontSizePref);
}
-@@ -1117,6 +1124,8 @@ protected:
+@@ -1125,6 +1132,8 @@ protected:
PRUint32 mInterruptChecksToSkip;
mozilla::TimeStamp mReflowStartTime;
@@ -175,7 +175,7 @@ index ecd01d8..552a69a 100644
unsigned mHasPendingInterrupt : 1;
unsigned mInterruptsEnabled : 1;
diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp
-index 27336bf..827585a 100644
+index 2918a54..5870693 100644
--- a/layout/style/nsRuleNode.cpp
+++ b/layout/style/nsRuleNode.cpp
@@ -3091,6 +3091,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct,
More information about the tor-commits
mailing list