[tor-commits] [torbrowser/master] Update patches for FF15.0.1.
mikeperry at torproject.org
mikeperry at torproject.org
Sat Sep 8 00:52:45 UTC 2012
commit 2077234f9c6b74b41a4d7d2c6a36455a039cd651
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Fri Sep 7 17:50:11 2012 -0700
Update patches for FF15.0.1.
---
...nents.interfaces-lookupMethod-from-conten.patch | 4 +-
...0002-Make-Permissions-Manager-memory-only.patch | 4 +-
...-Make-Intermediate-Cert-Store-memory-only.patch | 4 +-
.../alpha/0004-Add-a-string-based-cacheKey.patch | 14 ++++----
.../0005-Block-all-plugins-except-flash.patch | 4 +-
...ontent-pref-service-memory-only-clearable.patch | 4 +-
.../0007-Disable-SSL-Session-ID-tracking.patch | 4 +-
...ice-and-system-specific-CSS-Media-Queries.patch | 4 +-
.../0009-Make-Download-manager-memory-only.patch | 4 +-
.../0010-Add-DDG-and-StartPage-to-Omnibox.patch | 4 +-
...-nsICacheService.EvictEntries-synchronous.patch | 10 +++---
...owser-exit-when-not-launched-from-Vidalia.patch | 4 +-
...13-Limit-the-number-of-fonts-per-document.patch | 4 +-
...observer-event-to-close-persistent-connec.patch | 14 ++++----
.../alpha/0015-Rebrand-Firefox-to-TorBrowser.patch | 4 +-
.../alpha/0016-Prevent-WebSocket-DNS-leak.patch | 4 +-
...ize-HTTP-request-order-and-pipeline-depth.patch | 10 +++---
...Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch | 4 +-
...9-Add-a-redirect-API-for-HTTPS-Everywhere.patch | 36 ++++++++++----------
19 files changed, 70 insertions(+), 70 deletions(-)
diff --git a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
index 41da39d..921a716 100644
--- a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
+++ b/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch
@@ -1,7 +1,7 @@
-From d4c3ef2aadb70643bf0a3784cd5d9e9bb72481e1 Mon Sep 17 00:00:00 2001
+From caab8c136e806dcd913d637210ff187abb1b6b29 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:40:40 -0800
-Subject: [PATCH 01/20] Block Components.interfaces,lookupMethod from content
+Subject: [PATCH 01/19] Block Components.interfaces,lookupMethod from content
This patch removes the ability of content script to access
Components.interfaces.* as well as call or access Components.lookupMethod.
diff --git a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch
index 3dfb09b..d73f1ab 100644
--- a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch
+++ b/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch
@@ -1,7 +1,7 @@
-From 59d440e340d37c95fe71396f420db13908df80d2 Mon Sep 17 00:00:00 2001
+From 12acd440d185f5536eed99084c4800a46d617197 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:45:16 -0800
-Subject: [PATCH 02/20] Make Permissions Manager memory-only
+Subject: [PATCH 02/19] Make Permissions Manager memory-only
This patch exposes a pref 'permissions.memory_only' that properly isolates the
permissions manager to memory, which is responsible for all user specified
diff --git a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch
index 6873aee..33cf5e9 100644
--- a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch
+++ b/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch
@@ -1,7 +1,7 @@
-From 128b9ac61b08961bd606290c5a24231d4bf5622c Mon Sep 17 00:00:00 2001
+From a95872e8de8230e8e0128314acd335a7cb3510fb Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Fri, 19 Aug 2011 17:58:23 -0700
-Subject: [PATCH 03/20] Make Intermediate Cert Store memory-only.
+Subject: [PATCH 03/19] Make Intermediate Cert Store memory-only.
This patch makes the intermediate SSL cert store exist in memory only.
diff --git a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch
index 3f01281..bbc6220 100644
--- a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch
+++ b/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch
@@ -1,7 +1,7 @@
-From edf66166ab881d3cafc73ffcc8d2ec4b78ef42ed Mon Sep 17 00:00:00 2001
+From df164279499b23794a112de4305f3ed99a25da68 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 17:03:57 -0700
-Subject: [PATCH 04/20] Add a string-based cacheKey.
+Subject: [PATCH 04/19] Add a string-based cacheKey.
Used for isolating cache according to same-origin policy.
---
@@ -29,10 +29,10 @@ index 96a8aef..b1c6f05 100644
* may fail if the disk cache is not present. The value of this attribute
* is usually only settable during the processing of a channel's
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index 0c8b530..529857b 100644
+index 290d04c..9c10e3a 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -2543,6 +2543,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
+@@ -2538,6 +2538,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID,
cacheKey.Append(buf);
}
@@ -45,7 +45,7 @@ index 0c8b530..529857b 100644
if (!cacheKey.IsEmpty()) {
cacheKey.AppendLiteral("uri=");
}
-@@ -4881,6 +4887,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value)
+@@ -4876,6 +4882,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value)
}
NS_IMETHODIMP
@@ -69,10 +69,10 @@ index 0c8b530..529857b 100644
{
value = mOfflineCacheClientID;
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
-index 333e884..3d06ffd 100644
+index eaad05e..0382b1c 100644
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
-@@ -302,6 +302,7 @@ private:
+@@ -292,6 +292,7 @@ private:
nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry;
nsCacheAccessMode mOfflineCacheAccess;
nsCString mOfflineCacheClientID;
diff --git a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch
index bc7afbb..79d92de 100644
--- a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch
+++ b/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch
@@ -1,7 +1,7 @@
-From 20068bdda01cb2a1cd0f890fe2172887318ec20c Mon Sep 17 00:00:00 2001
+From 5c43ec0bcc08d82d7ea1895e2586028ff0c43db2 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 1 Feb 2012 15:50:15 -0800
-Subject: [PATCH 05/20] Block all plugins except flash.
+Subject: [PATCH 05/19] Block all plugins except flash.
We cannot use the @mozilla.org/extensions/blocklist;1 service, because we
actually want to stop plugins from ever entering the browser's process space
diff --git a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch
index f2bd23d..cc75ee1 100644
--- a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch
+++ b/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch
@@ -1,7 +1,7 @@
-From b967a0bf9803f887876635cb0c40c66e900dec35 Mon Sep 17 00:00:00 2001
+From c1f6abc0766763e65c5e8b22f72171c5f8e4639b Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Thu, 8 Sep 2011 08:40:17 -0700
-Subject: [PATCH 06/20] Make content pref service memory-only + clearable
+Subject: [PATCH 06/19] Make content pref service memory-only + clearable
This prevents random urls from being inserted into content-prefs.sqllite in
the profile directory as content prefs change (includes site-zoom and perhaps
diff --git a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch
index befce4a..5b8270a 100644
--- a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch
+++ b/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch
@@ -1,7 +1,7 @@
-From a143df8693d811bde257a748ffc914aca38acb21 Mon Sep 17 00:00:00 2001
+From e3703799acddc621be9c64299070180721b489dc Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at fscked.org>
Date: Wed, 7 Dec 2011 19:36:38 -0800
-Subject: [PATCH 07/20] Disable SSL Session ID tracking.
+Subject: [PATCH 07/19] Disable SSL Session ID tracking.
We can't easily bind SSL Session ID tracking to url bar domain,
so we have to disable them to satisfy
diff --git a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch b/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch
index 7276a46..1b7d396 100644
--- a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch
+++ b/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch
@@ -1,7 +1,7 @@
-From 1bed42f67d1dd1a10693199448e495b155c44034 Mon Sep 17 00:00:00 2001
+From fdecb1911dd0bbd9bc611931c16026de17f6cbe9 Mon Sep 17 00:00:00 2001
From: Shondoit Walker <shondoit at gmail.com>
Date: Mon, 4 Jun 2012 19:15:31 +0200
-Subject: [PATCH 08/20] Limit device- and system-specific CSS Media Queries
+Subject: [PATCH 08/19] Limit device- and system-specific CSS Media Queries
This is done to address
https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability
diff --git a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch b/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch
index dfc54fd..6ee2744 100644
--- a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch
+++ b/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch
@@ -1,7 +1,7 @@
-From 3788af0e0eee6639870de19a48178d9718542dc6 Mon Sep 17 00:00:00 2001
+From ec182e8a83826db0c2bae711d594a26cd0b08a22 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 25 Apr 2012 13:39:35 -0700
-Subject: [PATCH 09/20] Make Download manager memory only.
+Subject: [PATCH 09/19] Make Download manager memory only.
Solves https://trac.torproject.org/projects/tor/ticket/4017.
diff --git a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch b/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch
index 50feb06..e9c6c2c 100644
--- a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch
+++ b/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch
@@ -1,7 +1,7 @@
-From 78271fc762f49a74b762afa62b69d62f55bc5ab9 Mon Sep 17 00:00:00 2001
+From e58200766a98fc8e239c95eb19a0afcf9fcd6381 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Wed, 25 Apr 2012 15:03:46 -0700
-Subject: [PATCH 10/20] Add DDG and StartPage to Omnibox.
+Subject: [PATCH 10/19] Add DDG and StartPage to Omnibox.
You mean there are search engines that don't require captchas if you don't
have a cookie? Holy crap. Get those in there now.
diff --git a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch b/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch
index 9db46a6..879cfa6 100644
--- a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch
+++ b/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch
@@ -1,7 +1,7 @@
-From fe734b407d4dca7e83cd08b918418b73af15fa8a Mon Sep 17 00:00:00 2001
+From b0f594e6130bf618a25d33d80f7b66d110449dc9 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 1 May 2012 15:02:03 -0700
-Subject: [PATCH 11/20] Make nsICacheService.EvictEntries synchronous
+Subject: [PATCH 11/19] Make nsICacheService.EvictEntries synchronous
This fixes a race condition that allows cache-based EverCookies to persist for
a brief time (on the order of minutes?) after cache clearing/"New Identity".
@@ -12,10 +12,10 @@ https://trac.torproject.org/projects/tor/ticket/5715
1 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp
-index 709705e..d3af3fc 100644
+index 991cc34..ef2ad25 100644
--- a/netwerk/cache/nsCacheService.cpp
+++ b/netwerk/cache/nsCacheService.cpp
-@@ -1460,10 +1460,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor)
+@@ -1506,10 +1506,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor)
return NS_OK;
}
@@ -31,7 +31,7 @@ index 709705e..d3af3fc 100644
+ if (storagePolicy == nsICache::STORE_ANYWHERE &&
+ NS_IsMainThread() && gService && gService->mInitialized) {
+ nsCacheServiceAutoLock lock;
-+ gService->DoomActiveEntries(nsnull);
++ gService->DoomActiveEntries();
+ gService->ClearDoomList();
+ (void) SyncWithCacheIOThread();
+ }
diff --git a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
index a3d06cc..91a5347 100644
--- a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
+++ b/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch
@@ -1,7 +1,7 @@
-From 4d49aed78e8185f590060be473ab7e2013e6a792 Mon Sep 17 00:00:00 2001
+From 07ed1fba9d99b3aa860ab75f34c7650341c59b77 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Thu, 7 Jun 2012 14:45:26 -0700
-Subject: [PATCH 12/20] Make Tor Browser exit when not launched from Vidalia
+Subject: [PATCH 12/19] Make Tor Browser exit when not launched from Vidalia
Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app
for easy relaunch. If they manage to do this, we should fail closed rather
diff --git a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch
index cf7aac9..95e3f48 100644
--- a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch
+++ b/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch
@@ -1,7 +1,7 @@
-From a7917e7ceb3aebfc20f56fa64ec9780dd32f78e3 Mon Sep 17 00:00:00 2001
+From a94c453f1b68acddb84d1a97e10de3994dfdf2cd Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Thu, 7 Jun 2012 15:09:59 -0700
-Subject: [PATCH 13/20] Limit the number of fonts per document.
+Subject: [PATCH 13/19] Limit the number of fonts per document.
We create two prefs:
browser.display.max_font_count and browser.display.max_font_attempts.
diff --git a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch
index 9d50822..6f63876 100644
--- a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch
+++ b/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch
@@ -1,7 +1,7 @@
-From f67aed29f53ef17aad69cba6d008df4f2d09d231 Mon Sep 17 00:00:00 2001
+From af43ed872bd64b623ea1d5b83926c4d06e8fcd7d Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
-Date: Tue, 28 Aug 2012 18:03:22 -0700
-Subject: [PATCH 14/20] Provide an observer event to close persistent
+Date: Fri, 7 Sep 2012 16:18:26 -0700
+Subject: [PATCH 14/19] Provide an observer event to close persistent
connections
We need to prevent linkability across "New Identity", which includes closing
@@ -11,18 +11,18 @@ keep-alive connections.
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp
-index 8b5533f..3647edc 100644
+index 2f71837..b066140 100644
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
-@@ -307,6 +307,7 @@ nsHttpHandler::Init()
- mObserverService->AddObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID, true);
+@@ -309,6 +309,7 @@ nsHttpHandler::Init()
mObserverService->AddObserver(this, "net:clear-active-logins", true);
+ mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true);
mObserverService->AddObserver(this, "net:prune-dead-connections", true);
+ mObserverService->AddObserver(this, "net:prune-all-connections", true);
mObserverService->AddObserver(this, "net:failed-to-process-uri-content", true);
}
-@@ -1625,6 +1626,12 @@ nsHttpHandler::Observe(nsISupports *subject,
+@@ -1651,6 +1652,12 @@ nsHttpHandler::Observe(nsISupports *subject,
if (uri && mConnMgr)
mConnMgr->ReportFailedToProcess(uri);
}
diff --git a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch b/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch
index 2829fa2..2a6a9c5 100644
--- a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch
+++ b/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch
@@ -1,7 +1,7 @@
-From 883793ca836ce271f65ea6c31d27f41c7240ca59 Mon Sep 17 00:00:00 2001
+From d14732e7069aa8c33733f067e1e706bd852e3aba Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 18:05:11 -0700
-Subject: [PATCH 15/20] Rebrand Firefox to TorBrowser
+Subject: [PATCH 15/19] Rebrand Firefox to TorBrowser
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
diff --git a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch b/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch
index bde4e62..3c0367d 100644
--- a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch
+++ b/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch
@@ -1,7 +1,7 @@
-From 2bf15d1165f2d7aad286ab1591db318682ef4df2 Mon Sep 17 00:00:00 2001
+From 727bc1103bc663e1bc2a25bb4fb8e9c9fb31763b Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 18:07:37 -0700
-Subject: [PATCH 16/20] Prevent WebSocket DNS leak.
+Subject: [PATCH 16/19] Prevent WebSocket DNS leak.
This is due to an improper implementation of the WebSocket spec by Mozilla.
diff --git a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch b/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch
index 8550cdd..76330a3 100644
--- a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch
+++ b/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch
@@ -1,7 +1,7 @@
-From fc8110586a4777dfd3cb93eb5544535f6bd7b0f3 Mon Sep 17 00:00:00 2001
+From c5b94226e50a5502ef7902e2d05874f36d678769 Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 18:08:27 -0700
-Subject: [PATCH 17/20] Randomize HTTP request order and pipeline depth.
+Subject: [PATCH 17/19] Randomize HTTP request order and pipeline depth.
This is an experimental defense against
http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf
@@ -24,7 +24,7 @@ request order (though SPDY is still disabled by default in TBB).
2 files changed, 57 insertions(+), 4 deletions(-)
diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
-index 60a6807..334c5fb 100644
+index 0bfaf3b..d565532 100644
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -20,6 +20,8 @@
@@ -93,7 +93,7 @@ index 60a6807..334c5fb 100644
}
nsHttpConnectionMgr::~nsHttpConnectionMgr()
-@@ -1153,6 +1185,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap
+@@ -1141,6 +1173,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap
maxPersistConns = mMaxPersistConnsPerHost;
}
@@ -113,7 +113,7 @@ index 60a6807..334c5fb 100644
// use >= just to be safe
bool result = (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) &&
(persistCount >= maxPersistConns) );
-@@ -1319,6 +1364,11 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent,
+@@ -1307,6 +1352,11 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent,
maxdepth = PR_MIN(maxdepth, depthLimit);
diff --git a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch b/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch
index 4bdffcc..109574a 100644
--- a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch
+++ b/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch
@@ -1,7 +1,7 @@
-From 40ffe7af2a41166a91f95fe145d3cb97527e4165 Mon Sep 17 00:00:00 2001
+From d705e4bb2b7efd4166d46d6fcb3183212902707c Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 18:22:32 -0700
-Subject: [PATCH 18/20] Adapt Steven Michaud's Mac crashfix patch
+Subject: [PATCH 18/19] Adapt Steven Michaud's Mac crashfix patch
Source is: https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35
diff --git a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch b/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch
index de0b3ad..7f8ac2d 100644
--- a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch
+++ b/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch
@@ -1,7 +1,7 @@
-From 704d06cc2310082c12abd7b8ccfbb71dae1c0a9f Mon Sep 17 00:00:00 2001
+From b5d6491427d18bbae057a2974ea80421163fbc0a Mon Sep 17 00:00:00 2001
From: Mike Perry <mikeperry-git at torproject.org>
Date: Tue, 28 Aug 2012 18:30:22 -0700
-Subject: [PATCH 19/20] Add a redirect API for HTTPS-Everywhere.
+Subject: [PATCH 19/19] Add a redirect API for HTTPS-Everywhere.
---
netwerk/protocol/http/HttpChannelChild.cpp | 15 ++++-
@@ -16,7 +16,7 @@ Subject: [PATCH 19/20] Add a redirect API for HTTPS-Everywhere.
9 files changed, 117 insertions(+), 12 deletions(-)
diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp
-index 691fee0..f22fa40 100644
+index cc88184..c26c8f4 100644
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -1035,7 +1035,8 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext)
@@ -71,7 +71,7 @@ index 6b699c7..b29a4a7 100644
bool mIsFromCache;
bool mCacheEntryAvailable;
diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp
-index 31aa582..25568bd 100644
+index 8f95076..22f3bba 100644
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -97,6 +97,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI,
@@ -82,7 +82,7 @@ index 31aa582..25568bd 100644
const PRUint32& loadFlags,
const RequestHeaderTuples& requestHeaders,
const nsHttpAtom& requestMethod,
-@@ -118,6 +119,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI,
+@@ -117,6 +118,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI,
nsCOMPtr<nsIURI> originalUri(aOriginalURI);
nsCOMPtr<nsIURI> docUri(aDocURI);
nsCOMPtr<nsIURI> referrerUri(aReferrerURI);
@@ -90,7 +90,7 @@ index 31aa582..25568bd 100644
nsCString uriSpec;
uri->GetSpec(uriSpec);
-@@ -145,6 +147,8 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI,
+@@ -144,6 +146,8 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI,
httpChan->SetDocumentURI(docUri);
if (referrerUri)
httpChan->SetReferrerInternal(referrerUri);
@@ -100,7 +100,7 @@ index 31aa582..25568bd 100644
httpChan->SetLoadFlags(loadFlags);
diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h
-index 97eea07..e254589 100644
+index 9650aa9..2ac7e81 100644
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -49,6 +49,7 @@ protected:
@@ -112,7 +112,7 @@ index 97eea07..e254589 100644
const RequestHeaderTuples& requestHeaders,
const nsHttpAtom& requestMethod,
diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl
-index b67e2c1..2b919cc 100644
+index 10af59f..6053541 100644
--- a/netwerk/protocol/http/PHttpChannel.ipdl
+++ b/netwerk/protocol/http/PHttpChannel.ipdl
@@ -35,6 +35,7 @@ parent:
@@ -124,10 +124,10 @@ index b67e2c1..2b919cc 100644
RequestHeaderTuples requestHeaders,
nsHttpAtom requestMethod,
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
-index 529857b..73b54ce 100644
+index 9c10e3a..57afae4 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
-@@ -1398,18 +1398,17 @@ nsHttpChannel::HandleAsyncRedirectChannelToHttps()
+@@ -1396,18 +1396,17 @@ nsHttpChannel::HandleAsyncRedirectChannelToHttps()
return;
}
@@ -149,7 +149,7 @@ index 529857b..73b54ce 100644
nsCOMPtr<nsIURI> upgradedURI;
rv = mURI->Clone(getter_AddRefs(upgradedURI));
-@@ -1431,6 +1430,48 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
+@@ -1429,6 +1428,48 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
else
upgradedURI->SetPort(oldPort);
@@ -198,7 +198,7 @@ index 529857b..73b54ce 100644
nsCOMPtr<nsIIOService> ioService;
rv = gHttpHandler->GetIOService(getter_AddRefs(ioService));
NS_ENSURE_SUCCESS(rv, rv);
-@@ -1446,7 +1487,7 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
+@@ -1444,7 +1485,7 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
PRUint32 flags = nsIChannelEventSink::REDIRECT_PERMANENT;
PushRedirectAsyncFunc(
@@ -207,7 +207,7 @@ index 529857b..73b54ce 100644
rv = gHttpHandler->AsyncOnChannelRedirect(this, newChannel, flags);
if (NS_SUCCEEDED(rv))
-@@ -1455,14 +1496,18 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
+@@ -1453,14 +1494,18 @@ nsHttpChannel::AsyncRedirectChannelToHttps()
if (NS_FAILED(rv)) {
AutoRedirectVetoNotifier notifier(this);
PopRedirectAsyncFunc(
@@ -229,7 +229,7 @@ index 529857b..73b54ce 100644
{
AutoRedirectVetoNotifier notifier(this);
-@@ -3910,6 +3955,12 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
+@@ -3905,6 +3950,12 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
if (mLoadGroup)
mLoadGroup->AddRequest(this, nsnull);
@@ -243,7 +243,7 @@ index 529857b..73b54ce 100644
// "http-on-modify-request" and load group observers that may set
// mTimingEnabled flag.
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
-index 3d06ffd..60f52dd 100644
+index 0382b1c..2c50507 100644
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -103,6 +103,8 @@ public:
@@ -265,7 +265,7 @@ index 3d06ffd..60f52dd 100644
nsresult SetReferrerInternal(nsIURI *referrer) {
nsCAutoString spec;
nsresult rv = referrer->GetAsciiSpec(spec);
-@@ -183,11 +188,13 @@ private:
+@@ -173,11 +178,13 @@ private:
// redirection specific methods
void HandleAsyncRedirect();
@@ -279,7 +279,7 @@ index 3d06ffd..60f52dd 100644
virtual nsresult SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod);
// proxy specific methods
-@@ -247,8 +254,8 @@ private:
+@@ -237,8 +244,8 @@ private:
bool MustValidateBasedOnQueryUrl();
void HandleAsyncRedirectChannelToHttps();
@@ -290,7 +290,7 @@ index 3d06ffd..60f52dd 100644
/**
* A function that takes care of reading STS headers and enforcing STS
-@@ -320,6 +327,7 @@ private:
+@@ -310,6 +317,7 @@ private:
friend class AutoRedirectVetoNotifier;
friend class HttpAsyncAborter<nsHttpChannel>;
nsCOMPtr<nsIURI> mRedirectURI;
More information about the tor-commits
mailing list