diff options
| author |   Julian Ospald <hasufell@gentoo.org> | 2012-06-06 22:21:09 +0000 |
|---|---|---|
| committer | Julian Ospald <hasufell@gentoo.org> | 2012-06-06 22:21:09 +0000 |
| commit | ccae6722eb176a58287f9bc8c0324afbca0616d8 (patch) | |
| tree | e72d0a185053847c705705b846b2f57c10c2e85b /www-client | |
| parent | Also mask beta calligra-l10n (diff) | |
| download | gentoo-2-ccae6722eb176a58287f9bc8c0324afbca0616d8.tar.gz gentoo-2-ccae6722eb176a58287f9bc8c0324afbca0616d8.tar.bz2 gentoo-2-ccae6722eb176a58287f9bc8c0324afbca0616d8.zip | |
version bump/dump... tor upstream switched to ESR
(Portage version: 2.2.0_alpha110/cvs/Linux x86_64)
Diffstat (limited to 'www-client')
21 files changed, 297 insertions, 685 deletions
diff --git a/www-client/torbrowser/ChangeLog b/www-client/torbrowser/ChangeLog index 2a0f74c10cb0..a1d02415f433 100644 --- a/www-client/torbrowser/ChangeLog +++ b/www-client/torbrowser/ChangeLog @@ -1,6 +1,54 @@ # ChangeLog for www-client/torbrowser # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-client/torbrowser/ChangeLog,v 1.3 2012/06/01 15:57:21 hasufell Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-client/torbrowser/ChangeLog,v 1.4 2012/06/06 22:21:08 hasufell Exp $ + +*torbrowser-10.0.5 (06 Jun 2012) + + 06 Jun 2012; Julian Ospald <hasufell@gentoo.org> + +files/torbrowser-patches/0001-Block-Components.interfaces-lookupMethod-from- + conten.patch, + +files/torbrowser-patches/0002-Make-Permissions-Manager-memory-only.patch, + +files/torbrowser-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch + , +files/torbrowser-patches/0004-Add-a-string-based-cacheKey.patch, + +files/torbrowser-patches/0005-Block-all-plugins-except-flash.patch, + +files/torbrowser-patches/0006-Make-content-pref-service-memory-only-clearabl + e.patch, + +files/torbrowser-patches/0007-Make-Tor-Browser-exit-when-not-launched-from-V + idalia.patch, + +files/torbrowser-patches/0008-Disable-SSL-Session-ID-tracking.patch, + +files/torbrowser-patches/0009-Provide-an-observer-event-to-close-persistent- + connec.patch, + +files/torbrowser-patches/0010-Provide-client-values-only-to-CSS-Media-Querie + s.patch, + +files/torbrowser-patches/0011-Limit-the-number-of-fonts-per-document.patch, + +files/torbrowser-patches/0012-Rebrand-Firefox-to-TorBrowser.patch, + +files/torbrowser-patches/0013-Make-Download-manager-memory-only.patch, + +files/torbrowser-patches/0014-Add-DDG-and-StartPage-to-Omnibox.patch, + +files/torbrowser-patches/0015-Make-nsICacheService.EvictEntries-synchronous. + patch, +files/torbrowser-patches/0016-Prevent-WebSocket-DNS-leak.patch, + +files/torbrowser-patches/0017-Randomize-HTTP-request-order-and-pipeline-dept + h.patch, + +files/torbrowser-patches/0018-Add-HTTP-auth-headers-before-the-modify-reques + t-obse.patch, + -files/12.0/0001-Block-Components.interfaces-lookupMethod-from-conten.patch, + -files/12.0/0002-Make-Permissions-Manager-memory-only.patch, + -files/12.0/0003-Make-Intermediate-Cert-Store-memory-only.patch, + -files/12.0/0004-Add-a-string-based-cacheKey.patch, + -files/12.0/0005-Block-all-plugins-except-flash.patch, + -files/12.0/0006-Make-content-pref-service-memory-only-clearable.patch, + -files/12.0/0008-Disable-SSL-Session-ID-tracking.patch, + -files/12.0/0009-Provide-an-observer-event-to-close-persistent-connec.patch, + -files/12.0/0010-Provide-client-values-only-to-CSS-Media-Queries.patch, + -files/12.0/0011-Limit-the-number-of-fonts-per-document.patch, + -files/12.0/0012-Randomize-HTTP-request-order-and-pipeline-depth.patch, + -files/12.0/0013-Rebrand-Firefox-to-TorBrowser.patch, + -files/12.0/0014-Make-Download-manager-memory-only.patch, + -files/12.0/0015-Add-DDG-and-StartPage-to-Omnibox.patch, + -files/12.0/0016-Adapt-Steven-Michaud-s-Mac-crashfix-patch-for-FF12.patch, + -files/12.0/0017-Make-nsICacheService.EvictEntries-synchronous.patch, + -files/12.0/0018-Prevent-WebSocket-DNS-leak.patch, +torbrowser-10.0.5.ebuild, + -torbrowser-12.0-r2.ebuild: + version bump/dump... tor upstream switched to ESR 01 Jun 2012; Julian Ospald <hasufell@gentoo.org> torbrowser-12.0-r2.ebuild: bump profile-folder version diff --git a/www-client/torbrowser/files/12.0/0016-Adapt-Steven-Michaud-s-Mac-crashfix-patch-for-FF12.patch b/www-client/torbrowser/files/12.0/0016-Adapt-Steven-Michaud-s-Mac-crashfix-patch-for-FF12.patch deleted file mode 100644 index 5a08ed4ccef4..000000000000 --- a/www-client/torbrowser/files/12.0/0016-Adapt-Steven-Michaud-s-Mac-crashfix-patch-for-FF12.patch +++ /dev/null @@ -1,544 +0,0 @@ -From 262403fb627ca452bfbcaf06fd6ad965f156ed18 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git@torproject.org> -Date: Thu, 26 Apr 2012 10:54:24 -0700 -Subject: [PATCH 16/16] Adapt Steven Michaud's Mac crashfix patch for FF12. - -Source is: https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35 - -Some minor tweaks were needed to get it to apply to FF12 and to compile on -MacOS. ---- - widget/Makefile.in | 1 + - widget/cocoa/nsChildView.mm | 35 +++++++++++++-------- - widget/gtk2/nsDragService.cpp | 2 +- - widget/gtk2/nsWindow.cpp | 2 +- - widget/nsIDragService.idl | 4 +-- - widget/nsPIDragService.idl | 48 +++++++++++++++++++++++++++++ - widget/qt/nsDragService.h | 2 + - widget/windows/Makefile.in | 4 ++ - widget/windows/nsDragService.cpp | 13 +++++--- - widget/windows/nsDragService.h | 12 +++--- - widget/windows/nsNativeDragSource.cpp | 7 ++-- - widget/windows/nsNativeDragTarget.cpp | 28 ++++++++++------ - widget/windows/nsPIDragServiceWindows.idl | 46 +++++++++++++++++++++++++++ - widget/xpwidgets/nsBaseDragService.cpp | 16 +++++++++- - widget/xpwidgets/nsBaseDragService.h | 9 ++--- - 15 files changed, 180 insertions(+), 49 deletions(-) - create mode 100644 widget/nsPIDragService.idl - create mode 100644 widget/windows/nsPIDragServiceWindows.idl - -diff --git a/widget/Makefile.in b/widget/Makefile.in -index 4a3405b..4c105a4 100644 ---- a/widget/Makefile.in -+++ b/widget/Makefile.in -@@ -138,6 +138,7 @@ XPIDLSRCS = \ - nsIClipboardDragDropHooks.idl \ - nsIClipboardDragDropHookList.idl \ - nsIDragSession.idl \ -+ nsPIDragService.idl \ - nsIDragService.idl \ - nsIFormatConverter.idl \ - nsIClipboard.idl \ -diff --git a/widget/cocoa/nsChildView.mm b/widget/cocoa/nsChildView.mm -index 7f738a1..0149ab1 100644 ---- a/widget/cocoa/nsChildView.mm -+++ b/widget/cocoa/nsChildView.mm -@@ -4566,11 +4566,12 @@ NSEvent* gLastDragMouseDownEvent = nil; - if (!dragService) { - dragService = do_GetService(kDragServiceContractID); - } -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); - - if (dragService) { - NSPoint pnt = [NSEvent mouseLocation]; - FlipCocoaScreenCoordinate(pnt); -- dragService->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ dragServicePriv->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); - } - } - -@@ -4591,11 +4592,13 @@ NSEvent* gLastDragMouseDownEvent = nil; - } - - if (mDragService) { -- // set the dragend point from the current mouse location -- nsDragService* dragService = static_cast<nsDragService *>(mDragService); -- NSPoint pnt = [NSEvent mouseLocation]; -- FlipCocoaScreenCoordinate(pnt); -- dragService->SetDragEndPoint(nsIntPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y))); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ // set the dragend point from the current mouse location -+ NSPoint pnt = [NSEvent mouseLocation]; -+ FlipCocoaScreenCoordinate(pnt); -+ dragServicePriv->SetDragEndPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ } - - // XXX: dropEffect should be updated per |operation|. - // As things stand though, |operation| isn't well handled within "our" -@@ -4606,13 +4609,19 @@ NSEvent* gLastDragMouseDownEvent = nil; - // value for NSDragOperationGeneric that is passed by other applications. - // All that said, NSDragOperationNone is still reliable. - if (operation == NSDragOperationNone) { -- nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -- dragService->GetDataTransfer(getter_AddRefs(dataTransfer)); -- nsCOMPtr<nsIDOMNSDataTransfer> dataTransferNS = -- do_QueryInterface(dataTransfer); -- -- if (dataTransferNS) -- dataTransferNS->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ nsCOMPtr<nsIDragSession> dragSession; -+ mDragService->GetCurrentSession(getter_AddRefs(dragSession)); -+ if (dragSession) { -+ nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -+ dragSession->GetDataTransfer(getter_AddRefs(dataTransfer)); -+ if (dataTransfer) { -+ nsCOMPtr<nsIDOMNSDataTransfer> dataTransferNS = -+ do_QueryInterface(dataTransfer); -+ if (dataTransferNS) { -+ dataTransferNS->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ } -+ } -+ } - } - - mDragService->EndDragSession(true); -diff --git a/widget/gtk2/nsDragService.cpp b/widget/gtk2/nsDragService.cpp -index ca5a42c..876fd55 100644 ---- a/widget/gtk2/nsDragService.cpp -+++ b/widget/gtk2/nsDragService.cpp -@@ -1334,7 +1334,7 @@ nsDragService::SourceEndDragSession(GdkDragContext *aContext, - GdkDisplay* display = gdk_display_get_default(); - if (display) { - gdk_display_get_pointer(display, NULL, &x, &y, NULL); -- SetDragEndPoint(nsIntPoint(x, y)); -+ SetDragEndPoint(x, y); - } - - // Either the drag was aborted or the drop occurred outside the app. -diff --git a/widget/gtk2/nsWindow.cpp b/widget/gtk2/nsWindow.cpp -index 5e4afee..25c394b 100644 ---- a/widget/gtk2/nsWindow.cpp -+++ b/widget/gtk2/nsWindow.cpp -@@ -3698,7 +3698,7 @@ nsWindow::OnDragDropEvent(GtkWidget *aWidget, - if (display) { - // get the current cursor position - gdk_display_get_pointer(display, NULL, &x, &y, NULL); -- ((nsDragService *)dragService.get())->SetDragEndPoint(nsIntPoint(x, y)); -+ ((nsDragService *)dragService.get())->SetDragEndPoint(x, y); - } - dragService->EndDragSession(true); - -diff --git a/widget/nsIDragService.idl b/widget/nsIDragService.idl -index e42c578..ef8c46f 100644 ---- a/widget/nsIDragService.idl -+++ b/widget/nsIDragService.idl -@@ -48,7 +48,7 @@ interface nsIDOMDragEvent; - interface nsIDOMDataTransfer; - interface nsISelection; - --[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052), builtinclass] -+[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052)] - interface nsIDragService : nsISupports - { - const long DRAGDROP_ACTION_NONE = 0; -@@ -145,8 +145,6 @@ interface nsIDragService : nsISupports - */ - void suppress(); - void unsuppress(); -- -- [noscript] void dragMoved(in long aX, in long aY); - }; - - -diff --git a/widget/nsPIDragService.idl b/widget/nsPIDragService.idl -new file mode 100644 -index 0000000..93a144d ---- /dev/null -+++ b/widget/nsPIDragService.idl -@@ -0,0 +1,48 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud <smichaud@pobox.com> -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(FAD8C90B-8E1D-446A-9B6C-241486A85CBD)] -+interface nsPIDragService : nsISupports -+{ -+ void dragMoved(in long aX, in long aY); -+ -+ PRUint16 getInputSource(); -+ -+ void setDragEndPoint(in long aX, in long aY); -+}; -diff --git a/widget/qt/nsDragService.h b/widget/qt/nsDragService.h -index 5a3e5bb..50dcfac 100644 ---- a/widget/qt/nsDragService.h -+++ b/widget/qt/nsDragService.h -@@ -50,6 +50,8 @@ public: - NS_DECL_ISUPPORTS - NS_DECL_NSIDRAGSERVICE - -+ NS_IMETHOD DragMoved(PRInt32 aX, PRInt32 aY); -+ - nsDragService(); - - private: -diff --git a/widget/windows/Makefile.in b/widget/windows/Makefile.in -index c9327f8..3298997 100644 ---- a/widget/windows/Makefile.in -+++ b/widget/windows/Makefile.in -@@ -119,6 +119,10 @@ ifdef MOZ_ENABLE_D3D10_LAYER - DEFINES += -DMOZ_ENABLE_D3D10_LAYER - endif - -+XPIDLSRCS += \ -+ nsPIDragServiceWindows.idl \ -+ $(NULL) -+ - SHARED_LIBRARY_LIBS = \ - ../xpwidgets/$(LIB_PREFIX)xpwidgets_s.$(LIB_SUFFIX) \ - $(NULL) -diff --git a/widget/windows/nsDragService.cpp b/widget/windows/nsDragService.cpp -index 8c5df7e..1cf9995 100644 ---- a/widget/windows/nsDragService.cpp -+++ b/widget/windows/nsDragService.cpp -@@ -97,6 +97,8 @@ nsDragService::~nsDragService() - NS_IF_RELEASE(mDataObject); - } - -+NS_IMPL_ISUPPORTS_INHERITED1(nsDragService, nsBaseDragService, nsPIDragServiceWindows) -+ - bool - nsDragService::CreateDragImage(nsIDOMNode *aDOMNode, - nsIScriptableRegion *aRegion, -@@ -350,7 +352,7 @@ nsDragService::StartInvokingDragSession(IDataObject * aDataObj, - POINT cpos; - cpos.x = GET_X_LPARAM(pos); - cpos.y = GET_Y_LPARAM(pos); -- SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ SetDragEndPoint(cpos.x, cpos.y); - EndDragSession(true); - - mDoingDrag = false; -@@ -468,25 +470,26 @@ nsDragService::GetData(nsITransferable * aTransferable, PRUint32 anItem) - - //--------------------------------------------------------- - NS_IMETHODIMP --nsDragService::SetIDataObject(IDataObject * aDataObj) -+nsDragService::SetIDataObject(nsISupports * aDataObj) - { -+ IDataObject *dataObj = (IDataObject*) aDataObj; - // When the native drag starts the DragService gets - // the IDataObject that is being dragged - NS_IF_RELEASE(mDataObject); -- mDataObject = aDataObj; -+ mDataObject = dataObj; - NS_IF_ADDREF(mDataObject); - - return NS_OK; - } - - //--------------------------------------------------------- --void -+NS_IMETHODIMP - nsDragService::SetDroppedLocal() - { - // Sent from the native drag handler, letting us know - // a drop occurred within the application vs. outside of it. - mSentLocalDropEvent = true; -- return; -+ return NS_OK; - } - - //------------------------------------------------------------------------- -diff --git a/widget/windows/nsDragService.h b/widget/windows/nsDragService.h -index 87d6cc9..04c8746 100644 ---- a/widget/windows/nsDragService.h -+++ b/widget/windows/nsDragService.h -@@ -39,6 +39,7 @@ - #define nsDragService_h__ - - #include "nsBaseDragService.h" -+#include "nsPIDragServiceWindows.h" - #include <windows.h> - #include <shlobj.h> - -@@ -52,12 +53,15 @@ class nsString; - * Native Win32 DragService wrapper - */ - --class nsDragService : public nsBaseDragService -+class nsDragService : public nsBaseDragService, public nsPIDragServiceWindows - { - public: - nsDragService(); - virtual ~nsDragService(); -- -+ -+ NS_DECL_ISUPPORTS_INHERITED -+ NS_DECL_NSPIDRAGSERVICEWINDOWS -+ - // nsIDragService - NS_IMETHOD InvokeDragSession(nsIDOMNode *aDOMNode, - nsISupportsArray *anArrayTransferables, -@@ -71,13 +75,9 @@ public: - NS_IMETHOD EndDragSession(bool aDoneDrag); - - // native impl. -- NS_IMETHOD SetIDataObject(IDataObject * aDataObj); - NS_IMETHOD StartInvokingDragSession(IDataObject * aDataObj, - PRUint32 aActionType); - -- // A drop occurred within the application vs. outside of it. -- void SetDroppedLocal(); -- - protected: - nsDataObjCollection* GetDataObjCollection(IDataObject * aDataObj); - -diff --git a/widget/windows/nsNativeDragSource.cpp b/widget/windows/nsNativeDragSource.cpp -index e51101e..0fe6ffe 100644 ---- a/widget/windows/nsNativeDragSource.cpp -+++ b/widget/windows/nsNativeDragSource.cpp -@@ -42,7 +42,7 @@ - #include "nsIServiceManager.h" - #include "nsToolkit.h" - #include "nsWidgetsCID.h" --#include "nsIDragService.h" -+#include "nsDragService.h" - - static NS_DEFINE_IID(kCDragServiceCID, NS_DRAGSERVICE_CID); - -@@ -101,9 +101,10 @@ STDMETHODIMP - nsNativeDragSource::QueryContinueDrag(BOOL fEsc, DWORD grfKeyState) - { - nsCOMPtr<nsIDragService> dragService = do_GetService(kCDragServiceCID); -- if (dragService) { -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); -+ if (dragServicePriv) { - DWORD pos = ::GetMessagePos(); -- dragService->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); -+ dragServicePriv->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); - } - - if (fEsc) { -diff --git a/widget/windows/nsNativeDragTarget.cpp b/widget/windows/nsNativeDragTarget.cpp -index cf6196b..82ad3c6 100644 ---- a/widget/windows/nsNativeDragTarget.cpp -+++ b/widget/windows/nsNativeDragTarget.cpp -@@ -209,7 +209,11 @@ nsNativeDragTarget::DispatchDragDropEvent(PRUint32 aEventType, POINTL aPT) - event.isControl = IsKeyDown(NS_VK_CONTROL); - event.isMeta = false; - event.isAlt = IsKeyDown(NS_VK_ALT); -- event.inputSource = static_cast<nsBaseDragService*>(mDragService)->GetInputSource(); -+ event.inputSource = 0; -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ dragServicePriv->GetInputSource(&event.inputSource); -+ } - - mWindow->DispatchEvent(&event, status); - } -@@ -296,9 +300,8 @@ nsNativeDragTarget::DragEnter(LPDATAOBJECT pIDataSource, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService. It should be a private interface, though. -- nsDragService * winDragService = -- static_cast<nsDragService *>(mDragService); -- winDragService->SetIDataObject(pIDataSource); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pIDataSource); - - // Now process the native drag state and then dispatch the event - ProcessDrag(NS_DRAGDROP_ENTER, grfKeyState, ptl, pdwEffect); -@@ -436,8 +439,8 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService (but it should still be a private interface) -- nsDragService* winDragService = static_cast<nsDragService*>(mDragService); -- winDragService->SetIDataObject(pData); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pData); - - // NOTE: ProcessDrag spins the event loop which may destroy arbitrary objects. - // We use strong refs to prevent it from destroying these: -@@ -461,11 +464,14 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // tell the drag service we're done with the session - // Use GetMessagePos to get the position of the mouse at the last message - // seen by the event loop. (Bug 489729) -- DWORD pos = ::GetMessagePos(); -- POINT cpos; -- cpos.x = GET_X_LPARAM(pos); -- cpos.y = GET_Y_LPARAM(pos); -- winDragService->SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ DWORD pos = ::GetMessagePos(); -+ POINT cpos; -+ cpos.x = GET_X_LPARAM(pos); -+ cpos.y = GET_Y_LPARAM(pos); -+ dragServicePriv->SetDragEndPoint(cpos.x, cpos.y); -+ } - serv->EndDragSession(true); - - // release the ref that was taken in DragEnter -diff --git a/widget/windows/nsPIDragServiceWindows.idl b/widget/windows/nsPIDragServiceWindows.idl -new file mode 100644 -index 0000000..c8a46dd ---- /dev/null -+++ b/widget/windows/nsPIDragServiceWindows.idl -@@ -0,0 +1,46 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud <smichaud@pobox.com> -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(6FC2117D-5EB4-441A-9C12-62A783BEBC0C)] -+interface nsPIDragServiceWindows : nsISupports -+{ -+ void setIDataObject(in nsISupports aDataObj); -+ -+ void setDroppedLocal(); -+}; -diff --git a/widget/xpwidgets/nsBaseDragService.cpp b/widget/xpwidgets/nsBaseDragService.cpp -index 342a036..87e28f7 100644 ---- a/widget/xpwidgets/nsBaseDragService.cpp -+++ b/widget/xpwidgets/nsBaseDragService.cpp -@@ -88,7 +88,7 @@ nsBaseDragService::~nsBaseDragService() - { - } - --NS_IMPL_ISUPPORTS2(nsBaseDragService, nsIDragService, nsIDragSession) -+NS_IMPL_ISUPPORTS3(nsBaseDragService, nsIDragService, nsPIDragService, nsIDragSession) - - //--------------------------------------------------------- - NS_IMETHODIMP -@@ -436,6 +436,20 @@ nsBaseDragService::DragMoved(PRInt32 aX, PRInt32 aY) - return NS_OK; - } - -+NS_IMETHODIMP -+nsBaseDragService::SetDragEndPoint(PRInt32 aX, PRInt32 aY) -+{ -+ mEndDragPoint = nsIntPoint(aX, aY); -+ return NS_OK; -+} -+ -+NS_IMETHODIMP -+nsBaseDragService::GetInputSource(PRUint16* aInputSource) -+{ -+ *aInputSource = mInputSource; -+ return NS_OK; -+} -+ - static nsIPresShell* - GetPresShellForContent(nsIDOMNode* aDOMNode) - { -diff --git a/widget/xpwidgets/nsBaseDragService.h b/widget/xpwidgets/nsBaseDragService.h -index 290c0cb..2ceac2b 100644 ---- a/widget/xpwidgets/nsBaseDragService.h -+++ b/widget/xpwidgets/nsBaseDragService.h -@@ -39,6 +39,7 @@ - #define nsBaseDragService_h__ - - #include "nsIDragService.h" -+#include "nsPIDragService.h" - #include "nsIDragSession.h" - #include "nsITransferable.h" - #include "nsISupportsArray.h" -@@ -64,6 +65,7 @@ class nsICanvasElementExternal; - */ - - class nsBaseDragService : public nsIDragService, -+ public nsPIDragService, - public nsIDragSession - { - -@@ -74,14 +76,11 @@ public: - //nsISupports - NS_DECL_ISUPPORTS - -- //nsIDragSession and nsIDragService -+ //nsIDragSession, nsIDragService and nsPIDragService - NS_DECL_NSIDRAGSERVICE -+ NS_DECL_NSPIDRAGSERVICE - NS_DECL_NSIDRAGSESSION - -- void SetDragEndPoint(nsIntPoint aEndDragPoint) { mEndDragPoint = aEndDragPoint; } -- -- PRUint16 GetInputSource() { return mInputSource; } -- - protected: - - /** --- -1.7.5.4 - diff --git a/www-client/torbrowser/files/12.0/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/www-client/torbrowser/files/torbrowser-patches/0001-Block-Components.interfaces-lookupMethod-from-conten.patch index df1c202026e0..1f4a712674bf 100644 --- a/www-client/torbrowser/files/12.0/0001-Block-Components.interfaces-lookupMethod-from-conten.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0001-Block-Components.interfaces-lookupMethod-from-conten.patch @@ -1,7 +1,7 @@ -From 878aa170944f7d44a76f0eb09214d46b6028c549 Mon Sep 17 00:00:00 2001 +From 18fea351a9f218893514ccbca82c492ce81d038d Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 1 Feb 2012 15:40:40 -0800 -Subject: [PATCH 01/16] Block Components.interfaces,lookupMethod from content +Subject: [PATCH 01/18] Block Components.interfaces,lookupMethod from content This patch removes the ability of content script to access Components.interfaces.* as well as call or access Components.lookupMethod. @@ -20,10 +20,10 @@ https://trac.torproject.org/projects/tor/ticket/2874 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp -index 716cfdb..56e3f55 100644 +index 3bcbf91..d5c020a 100644 --- a/js/xpconnect/src/XPCComponents.cpp +++ b/js/xpconnect/src/XPCComponents.cpp -@@ -4261,7 +4261,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) +@@ -4456,7 +4456,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) NS_IMETHODIMP nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval) { @@ -34,7 +34,7 @@ index 716cfdb..56e3f55 100644 *_retval = xpc_CheckAccessList(methodName, allowed); return NS_OK; } -@@ -4270,7 +4272,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c +@@ -4465,7 +4467,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c NS_IMETHODIMP nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) { diff --git a/www-client/torbrowser/files/12.0/0002-Make-Permissions-Manager-memory-only.patch b/www-client/torbrowser/files/torbrowser-patches/0002-Make-Permissions-Manager-memory-only.patch index f38dc99b6534..1638a750f87d 100644 --- a/www-client/torbrowser/files/12.0/0002-Make-Permissions-Manager-memory-only.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0002-Make-Permissions-Manager-memory-only.patch @@ -1,7 +1,7 @@ -From 5f47c5bdf95633e28b6e338ba8794243b429aefb Mon Sep 17 00:00:00 2001 +From 336217485d707ff63ef42d2a0bc3705c2c7f7a3c Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 1 Feb 2012 15:45:16 -0800 -Subject: [PATCH 02/16] Make Permissions Manager memory-only +Subject: [PATCH 02/18] Make Permissions Manager memory-only This patch exposes a pref 'permissions.memory_only' that properly isolates the permissions manager to memory, which is responsible for all user specified @@ -16,7 +16,7 @@ https://trac.torproject.org/projects/tor/ticket/2950 1 files changed, 31 insertions(+), 3 deletions(-) diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp -index cdfe21b..a7a0efb 100644 +index 67eb216..12cc7cf 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -58,6 +58,10 @@ @@ -75,7 +75,7 @@ index cdfe21b..a7a0efb 100644 NS_ENSURE_SUCCESS(rv, rv); mDBConn->GetConnectionReady(&ready); -@@ -794,7 +817,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT +@@ -783,7 +806,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT { ENSURE_NOT_CHILD_PROCESS; diff --git a/www-client/torbrowser/files/12.0/0003-Make-Intermediate-Cert-Store-memory-only.patch b/www-client/torbrowser/files/torbrowser-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch index 617a78ed72e6..faaa4b35f41f 100644 --- a/www-client/torbrowser/files/12.0/0003-Make-Intermediate-Cert-Store-memory-only.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0003-Make-Intermediate-Cert-Store-memory-only.patch @@ -1,7 +1,7 @@ -From 8cb78993225793692fe0560d25db4af55e0553bd Mon Sep 17 00:00:00 2001 +From e6d127b805461470bff0dad12f5ad89fc3cd3df3 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@fscked.org> Date: Fri, 19 Aug 2011 17:58:23 -0700 -Subject: [PATCH 03/16] Make Intermediate Cert Store memory-only. +Subject: [PATCH 03/18] Make Intermediate Cert Store memory-only. This patch makes the intermediate SSL cert store exist in memory only. @@ -12,10 +12,10 @@ https://trac.torproject.org/projects/tor/ticket/2949 1 files changed, 14 insertions(+), 1 deletions(-) diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp -index 5abc0a5..22becca 100644 +index a08c4ef..0ec3713 100644 --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp -@@ -1738,8 +1738,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) +@@ -1730,8 +1730,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as // "/usr/lib/nss/libnssckbi.so". PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; diff --git a/www-client/torbrowser/files/12.0/0004-Add-a-string-based-cacheKey.patch b/www-client/torbrowser/files/torbrowser-patches/0004-Add-a-string-based-cacheKey.patch index 7ddd877a653f..d917eb4399f2 100644 --- a/www-client/torbrowser/files/12.0/0004-Add-a-string-based-cacheKey.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0004-Add-a-string-based-cacheKey.patch @@ -1,7 +1,7 @@ -From c4212c764149b74a04aad7d15cb3df810512e4ba Mon Sep 17 00:00:00 2001 +From 84668dfe7bdcd35d96ffcaf273ade5a5d8d470f8 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@fscked.org> Date: Fri, 2 Sep 2011 20:47:02 -0700 -Subject: [PATCH 04/16] Add a string-based cacheKey. +Subject: [PATCH 04/18] Add a string-based cacheKey. Used for isolating cache according to same-origin policy. --- @@ -29,10 +29,10 @@ index 2da46d6..4ee5774 100644 * may fail if the disk cache is not present. The value of this attribute * is usually only settable during the processing of a channel's diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index fab0726..5f42b7b 100644 +index dec2a83..97bd84c 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -2415,6 +2415,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, +@@ -2392,6 +2392,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, cacheKey.Append(buf); } @@ -45,7 +45,7 @@ index fab0726..5f42b7b 100644 if (!cacheKey.IsEmpty()) { cacheKey.AppendLiteral("uri="); } -@@ -4762,6 +4768,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) +@@ -4695,6 +4701,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) } NS_IMETHODIMP @@ -69,10 +69,10 @@ index fab0726..5f42b7b 100644 { value = mOfflineCacheClientID; diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index b7bba48..605dc80 100644 +index 88ce469..53538cf 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -304,6 +304,7 @@ private: +@@ -303,6 +303,7 @@ private: nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry; nsCacheAccessMode mOfflineCacheAccess; nsCString mOfflineCacheClientID; diff --git a/www-client/torbrowser/files/12.0/0005-Block-all-plugins-except-flash.patch b/www-client/torbrowser/files/torbrowser-patches/0005-Block-all-plugins-except-flash.patch index 9a577c0cb80b..bb00c55ea965 100644 --- a/www-client/torbrowser/files/12.0/0005-Block-all-plugins-except-flash.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0005-Block-all-plugins-except-flash.patch @@ -1,7 +1,7 @@ -From 89d6deddce94c720793a33a1c9fc812ad65116a9 Mon Sep 17 00:00:00 2001 +From 3457f78e346df5962449cbd5aa86624e19fd5f64 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 1 Feb 2012 15:50:15 -0800 -Subject: [PATCH 05/16] Block all plugins except flash. +Subject: [PATCH 05/18] Block all plugins except flash. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space @@ -17,10 +17,10 @@ on a better way. Until then, it is delta-darwinism for us. 2 files changed, 35 insertions(+), 0 deletions(-) diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp -index ed081fc..7384bcc 100644 +index 992bcd4..f56f231 100644 --- a/dom/plugins/base/nsPluginHost.cpp +++ b/dom/plugins/base/nsPluginHost.cpp -@@ -1985,6 +1985,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) +@@ -1968,6 +1968,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) return false; } @@ -56,7 +56,7 @@ index ed081fc..7384bcc 100644 typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void); nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, -@@ -2118,6 +2147,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, +@@ -2101,6 +2130,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, continue; } @@ -68,10 +68,10 @@ index ed081fc..7384bcc 100644 if (!pluginTag) { nsPluginFile pluginFile(localfile); diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h -index 5630b8d..f54bd32 100644 +index 39a8891..c262abf 100644 --- a/dom/plugins/base/nsPluginHost.h +++ b/dom/plugins/base/nsPluginHost.h -@@ -285,6 +285,8 @@ private: +@@ -278,6 +278,8 @@ private: // Loads all cached plugins info into mCachedPlugins nsresult ReadPluginInfo(); diff --git a/www-client/torbrowser/files/12.0/0006-Make-content-pref-service-memory-only-clearable.patch b/www-client/torbrowser/files/torbrowser-patches/0006-Make-content-pref-service-memory-only-clearable.patch index a26bfecda614..285c6193e62f 100644 --- a/www-client/torbrowser/files/12.0/0006-Make-content-pref-service-memory-only-clearable.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0006-Make-content-pref-service-memory-only-clearable.patch @@ -1,7 +1,7 @@ -From b2cc8f517c6589def4cc126af0b5f1898d61541c Mon Sep 17 00:00:00 2001 +From 66ff6c30d5b1de5d549181acbba686f792fe4cb4 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@fscked.org> Date: Thu, 8 Sep 2011 08:40:17 -0700 -Subject: [PATCH 06/16] Make content pref service memory-only + clearable +Subject: [PATCH 06/18] Make content pref service memory-only + clearable This prevents random urls from being inserted into content-prefs.sqllite in the profile directory as content prefs change (includes site-zoom and perhaps @@ -11,10 +11,10 @@ other site prefs?). 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js -index 17cac93..1f12609 100644 +index adfb650..1619d5f 100644 --- a/toolkit/components/contentprefs/nsContentPrefService.js +++ b/toolkit/components/contentprefs/nsContentPrefService.js -@@ -1242,7 +1242,7 @@ ContentPrefService.prototype = { +@@ -1240,7 +1240,7 @@ ContentPrefService.prototype = { var dbConnection; @@ -23,7 +23,7 @@ index 17cac93..1f12609 100644 dbConnection = this._dbCreate(dbService, dbFile); else { try { -@@ -1290,7 +1290,7 @@ ContentPrefService.prototype = { +@@ -1288,7 +1288,7 @@ ContentPrefService.prototype = { }, _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) { diff --git a/www-client/torbrowser/files/torbrowser-patches/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/www-client/torbrowser/files/torbrowser-patches/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch new file mode 100644 index 000000000000..af74f2c013c6 --- /dev/null +++ b/www-client/torbrowser/files/torbrowser-patches/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch @@ -0,0 +1,46 @@ +From d6956a597662f3d753622377183cb317ef6a3ad4 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git@fscked.org> +Date: Sun, 9 Oct 2011 22:50:07 -0700 +Subject: [PATCH 07/18] Make Tor Browser exit when not launched from Vidalia + +Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app +for easy relaunch. If they manage to do this, we should fail closed rather +than opened. Hopefully they will get the hint and dock Vidalia instead. + +This is an emergency fix for +https://trac.torproject.org/projects/tor/ticket/4192. We can do a better +localized fix w/ a translated alert menu later, if it seems like this might +actually be common. +--- + browser/base/content/browser.js | 15 +++++++++++++++ + 1 files changed, 15 insertions(+), 0 deletions(-) + +diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js +index b06a17b..fc1d305 100644 +--- a/browser/base/content/browser.js ++++ b/browser/base/content/browser.js +@@ -1217,6 +1217,21 @@ function BrowserStartup() { + + prepareForStartup(); + ++ // If this is not a TBB profile, exit. ++ // Solves https://trac.torproject.org/projects/tor/ticket/4192 ++ var foundPref = false; ++ try { ++ foundPref = gPrefService.prefHasUserValue("torbrowser.version"); ++ } catch(e) { ++ //dump("No pref: "+e); ++ } ++ if(!foundPref) { ++ var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"] ++ .getService(Components.interfaces.nsIAppStartup); ++ appStartup.quit(3); // Force all windows to close, and then quit. ++ } ++ ++ + if (uriToLoad && !isLoadingBlank) { + if (uriToLoad instanceof Ci.nsISupportsArray) { + let count = uriToLoad.Count(); +-- +1.7.5.4 + diff --git a/www-client/torbrowser/files/12.0/0008-Disable-SSL-Session-ID-tracking.patch b/www-client/torbrowser/files/torbrowser-patches/0008-Disable-SSL-Session-ID-tracking.patch index ff692fe291c6..2c8669ebc7bd 100644 --- a/www-client/torbrowser/files/12.0/0008-Disable-SSL-Session-ID-tracking.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0008-Disable-SSL-Session-ID-tracking.patch @@ -1,7 +1,7 @@ -From 4d7f3122a76e0d5a31ba352880892fecd493252b Mon Sep 17 00:00:00 2001 +From 70161b38e1855ce4b7a61ac1e9572fb07dfbedda Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@fscked.org> Date: Wed, 7 Dec 2011 19:36:38 -0800 -Subject: [PATCH 08/16] Disable SSL Session ID tracking. +Subject: [PATCH 08/18] Disable SSL Session ID tracking. We can't easily bind SSL Session ID tracking to url bar domain, so we have to disable them to satisfy @@ -11,7 +11,7 @@ https://www.torproject.org/projects/torbrowser/design/#identifier-linkability. 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c -index 22206f7..31086db 100644 +index 28e6210..fa48ecd 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -173,7 +173,7 @@ static sslOptions ssl_defaults = { diff --git a/www-client/torbrowser/files/12.0/0009-Provide-an-observer-event-to-close-persistent-connec.patch b/www-client/torbrowser/files/torbrowser-patches/0009-Provide-an-observer-event-to-close-persistent-connec.patch index 2c5f135f51da..cf63ff11e312 100644 --- a/www-client/torbrowser/files/12.0/0009-Provide-an-observer-event-to-close-persistent-connec.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0009-Provide-an-observer-event-to-close-persistent-connec.patch @@ -1,7 +1,7 @@ -From 873acaa3fd6df60fe57f1549cdb45df7e277808d Mon Sep 17 00:00:00 2001 +From d5ef29d9219a7ff9a78f9523845a2e2966c2a266 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 1 Feb 2012 15:53:28 -0800 -Subject: [PATCH 09/16] Provide an observer event to close persistent +Subject: [PATCH 09/18] Provide an observer event to close persistent connections We need to prevent linkability across "New Identity", which includes closing @@ -11,10 +11,10 @@ keep-alive connections. 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp -index ebc7641..dbcdff7 100644 +index 281d6ff..8125681 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp -@@ -331,6 +331,7 @@ nsHttpHandler::Init() +@@ -325,6 +325,7 @@ nsHttpHandler::Init() mObserverService->AddObserver(this, "net:clear-active-logins", true); mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); mObserverService->AddObserver(this, "net:prune-dead-connections", true); @@ -22,7 +22,7 @@ index ebc7641..dbcdff7 100644 } return NS_OK; -@@ -1522,6 +1523,12 @@ nsHttpHandler::Observe(nsISupports *subject, +@@ -1504,6 +1505,12 @@ nsHttpHandler::Observe(nsISupports *subject, mConnMgr->PruneDeadConnections(); } } diff --git a/www-client/torbrowser/files/12.0/0010-Provide-client-values-only-to-CSS-Media-Queries.patch b/www-client/torbrowser/files/torbrowser-patches/0010-Provide-client-values-only-to-CSS-Media-Queries.patch index 661f0ca4187a..fc55116642bd 100644 --- a/www-client/torbrowser/files/12.0/0010-Provide-client-values-only-to-CSS-Media-Queries.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0010-Provide-client-values-only-to-CSS-Media-Queries.patch @@ -1,7 +1,7 @@ -From a27dcd387d8c3c1f1e150dcdd3c8aa1872ad14b5 Mon Sep 17 00:00:00 2001 +From ee455135f0084be04e74952182e4f948643c5347 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@fscked.org> Date: Tue, 20 Dec 2011 21:02:49 -0800 -Subject: [PATCH 10/16] Provide client values only to CSS Media Queries +Subject: [PATCH 10/18] Provide client values only to CSS Media Queries Also disable a bunch of Mozilla extensions that smell like they are fingerprintable. diff --git a/www-client/torbrowser/files/12.0/0011-Limit-the-number-of-fonts-per-document.patch b/www-client/torbrowser/files/torbrowser-patches/0011-Limit-the-number-of-fonts-per-document.patch index 9dce423f0e05..3e0391d334e3 100644 --- a/www-client/torbrowser/files/12.0/0011-Limit-the-number-of-fonts-per-document.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0011-Limit-the-number-of-fonts-per-document.patch @@ -1,7 +1,7 @@ -From c4d1c23872e2be83f33f2b9bfc5c49d2b98c73a6 Mon Sep 17 00:00:00 2001 +From 6eff7de2e19b0970b04b8721be4f46577617894c Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 1 Feb 2012 16:01:21 -0800 -Subject: [PATCH 11/16] Limit the number of fonts per document. +Subject: [PATCH 11/18] Limit the number of fonts per document. We create two prefs: browser.display.max_font_count and browser.display.max_font_attempts. @@ -23,7 +23,7 @@ https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkabilit 3 files changed, 119 insertions(+), 3 deletions(-) diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp -index 49b201e..0a8db3c 100644 +index e1587db..9690d9c 100644 --- a/layout/base/nsPresContext.cpp +++ b/layout/base/nsPresContext.cpp @@ -98,6 +98,8 @@ @@ -35,7 +35,7 @@ index 49b201e..0a8db3c 100644 #ifdef IBMBIDI #include "nsBidiPresUtils.h" -@@ -733,6 +735,10 @@ nsPresContext::GetUserPreferences() +@@ -706,6 +708,10 @@ nsPresContext::GetUserPreferences() // * use fonts? mUseDocumentFonts = Preferences::GetInt("browser.display.use_document_fonts") != 0; @@ -46,7 +46,7 @@ index 49b201e..0a8db3c 100644 // * replace backslashes with Yen signs? (bug 245770) mEnableJapaneseTransform = -@@ -1334,6 +1340,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const +@@ -1300,6 +1306,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const return font; } @@ -148,10 +148,10 @@ index 49b201e..0a8db3c 100644 nsPresContext::SetFullZoom(float aZoom) { diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h -index 4b70c2f..ae8fcd5 100644 +index ecd01d8..552a69a 100644 --- a/layout/base/nsPresContext.h +++ b/layout/base/nsPresContext.h -@@ -535,6 +535,13 @@ public: +@@ -548,6 +548,13 @@ public: } } @@ -165,7 +165,7 @@ index 4b70c2f..ae8fcd5 100644 PRInt32 MinFontSize() const { return NS_MAX(mMinFontSize, mMinimumFontSizePref); } -@@ -1127,6 +1134,8 @@ protected: +@@ -1117,6 +1124,8 @@ protected: PRUint32 mInterruptChecksToSkip; mozilla::TimeStamp mReflowStartTime; @@ -175,10 +175,10 @@ index 4b70c2f..ae8fcd5 100644 unsigned mHasPendingInterrupt : 1; unsigned mInterruptsEnabled : 1; diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index 9eb41ac..47065d0 100644 +index 27336bf..827585a 100644 --- a/layout/style/nsRuleNode.cpp +++ b/layout/style/nsRuleNode.cpp -@@ -3087,6 +3087,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3091,6 +3091,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // See if there is a minimum font-size constraint to honor nscoord minimumFontSize = mPresContext->MinFontSize(); @@ -186,7 +186,7 @@ index 9eb41ac..47065d0 100644 if (minimumFontSize < 0) minimumFontSize = 0; -@@ -3098,10 +3099,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3102,10 +3103,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // We only need to know this to determine if we have to use the // document fonts (overriding the useDocumentFonts flag), or to // determine if we have to override the minimum font-size constraint. @@ -199,7 +199,7 @@ index 9eb41ac..47065d0 100644 minimumFontSize = 0; } -@@ -3116,9 +3117,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3120,9 +3121,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, // generic? nsFont::GetGenericID(font->mFont.name, &generic); @@ -214,7 +214,7 @@ index 9eb41ac..47065d0 100644 // Extract the generic from the specified font family... nsAutoString genericName; if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { -@@ -3154,6 +3159,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, +@@ -3158,6 +3163,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, minimumFontSize, font); } diff --git a/www-client/torbrowser/files/12.0/0013-Rebrand-Firefox-to-TorBrowser.patch b/www-client/torbrowser/files/torbrowser-patches/0012-Rebrand-Firefox-to-TorBrowser.patch index 81ee4e2b8b4c..6f087be32831 100644 --- a/www-client/torbrowser/files/12.0/0013-Rebrand-Firefox-to-TorBrowser.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0012-Rebrand-Firefox-to-TorBrowser.patch @@ -1,7 +1,7 @@ -From 6a588618b49d59512c118802911d6f95c610299f Mon Sep 17 00:00:00 2001 +From a1fcacb6cf3286226552028775aa41c4109546a6 Mon Sep 17 00:00:00 2001 From: Erinn Clark <erinn@torproject.org> Date: Wed, 25 Apr 2012 09:14:00 -0300 -Subject: [PATCH 13/16] Rebrand Firefox to TorBrowser +Subject: [PATCH 12/18] Rebrand Firefox to TorBrowser This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. diff --git a/www-client/torbrowser/files/12.0/0014-Make-Download-manager-memory-only.patch b/www-client/torbrowser/files/torbrowser-patches/0013-Make-Download-manager-memory-only.patch index 66346885b781..171a699fd69c 100644 --- a/www-client/torbrowser/files/12.0/0014-Make-Download-manager-memory-only.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0013-Make-Download-manager-memory-only.patch @@ -1,7 +1,7 @@ -From e01aaa410e0e8fabf75841ad6b975fc3ff89e154 Mon Sep 17 00:00:00 2001 +From c1ddd87b5cc6e69516c4b465cfa992a5c496e6d0 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 25 Apr 2012 13:39:35 -0700 -Subject: [PATCH 14/16] Make Download manager memory only. +Subject: [PATCH 13/18] Make Download manager memory only. Solves https://trac.torproject.org/projects/tor/ticket/4017. @@ -18,10 +18,10 @@ this breaks enough times in conflict. 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/toolkit/components/downloads/nsDownloadManager.cpp b/toolkit/components/downloads/nsDownloadManager.cpp -index 17c9dcb..62e0ad9 100644 +index 00a6e7d..2e83f61 100644 --- a/toolkit/components/downloads/nsDownloadManager.cpp +++ b/toolkit/components/downloads/nsDownloadManager.cpp -@@ -2002,7 +2002,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, +@@ -1992,7 +1992,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, if (NS_LITERAL_STRING("memory").Equals(aData)) return SwitchDatabaseTypeTo(DATABASE_MEMORY); else if (NS_LITERAL_STRING("disk").Equals(aData)) @@ -30,7 +30,7 @@ index 17c9dcb..62e0ad9 100644 } else if (strcmp(aTopic, "alertclickcallback") == 0) { nsCOMPtr<nsIDownloadManagerUI> dmui = -@@ -2079,7 +2079,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() +@@ -2069,7 +2069,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() (void)ResumeAllDownloads(false); // Switch back to the on-disk DB again diff --git a/www-client/torbrowser/files/12.0/0015-Add-DDG-and-StartPage-to-Omnibox.patch b/www-client/torbrowser/files/torbrowser-patches/0014-Add-DDG-and-StartPage-to-Omnibox.patch index e0740ae09cfd..2a9e97c349f9 100644 --- a/www-client/torbrowser/files/12.0/0015-Add-DDG-and-StartPage-to-Omnibox.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0014-Add-DDG-and-StartPage-to-Omnibox.patch @@ -1,7 +1,7 @@ -From db055738d6431057670e8f219616170ed3644a9e Mon Sep 17 00:00:00 2001 +From bac6dfa9b86a7389ab5217be629ec2c490dcf193 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 25 Apr 2012 15:03:46 -0700 -Subject: [PATCH 15/16] Add DDG and StartPage to Omnibox. +Subject: [PATCH 14/18] Add DDG and StartPage to Omnibox. You mean there are search engines that don't require captchas if you don't have a cookie? Holy crap. Get those in there now. diff --git a/www-client/torbrowser/files/12.0/0017-Make-nsICacheService.EvictEntries-synchronous.patch b/www-client/torbrowser/files/torbrowser-patches/0015-Make-nsICacheService.EvictEntries-synchronous.patch index 5354027d7dfd..f51bd3c29241 100644 --- a/www-client/torbrowser/files/12.0/0017-Make-nsICacheService.EvictEntries-synchronous.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0015-Make-nsICacheService.EvictEntries-synchronous.patch @@ -1,7 +1,7 @@ -From f7bdc9274aa6dc8efccc50d18dbb287225aa6c27 Mon Sep 17 00:00:00 2001 +From 22fe0ff634913df18d3757d5bdf9faf8527ab395 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Tue, 1 May 2012 15:02:03 -0700 -Subject: [PATCH 17/17] Make nsICacheService.EvictEntries synchronous +Subject: [PATCH 15/18] Make nsICacheService.EvictEntries synchronous This fixes a race condition that allows cache-based EverCookies to persist for a brief time (on the order of minutes?) after cache clearing/"New Identity". @@ -12,10 +12,10 @@ https://trac.torproject.org/projects/tor/ticket/5715 1 files changed, 13 insertions(+), 2 deletions(-) diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp -index 015e49e..1ef0db1 100644 +index 8af611f..65686c7 100644 --- a/netwerk/cache/nsCacheService.cpp +++ b/netwerk/cache/nsCacheService.cpp -@@ -1415,10 +1415,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) +@@ -1315,10 +1315,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) return NS_OK; } diff --git a/www-client/torbrowser/files/12.0/0018-Prevent-WebSocket-DNS-leak.patch b/www-client/torbrowser/files/torbrowser-patches/0016-Prevent-WebSocket-DNS-leak.patch index 9b309872b9a4..c9a8e91439d6 100644 --- a/www-client/torbrowser/files/12.0/0018-Prevent-WebSocket-DNS-leak.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0016-Prevent-WebSocket-DNS-leak.patch @@ -1,7 +1,7 @@ -From 93199734c06485660fb922c61f740191648a6dc6 Mon Sep 17 00:00:00 2001 +From 975bce873ae2d127e6a0681466b21d55e14b1550 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> Date: Wed, 2 May 2012 17:44:39 -0700 -Subject: [PATCH 18/18] Prevent WebSocket DNS leak. +Subject: [PATCH 16/18] Prevent WebSocket DNS leak. This is due to an improper implementation of the WebSocket spec by Mozilla. @@ -29,10 +29,10 @@ bug can't turn up in other components or due to 3rd party addons. 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp -index 1bd5f38..eda0e48 100644 +index 68ad8a5..1253b2f 100644 --- a/netwerk/dns/nsDNSService2.cpp +++ b/netwerk/dns/nsDNSService2.cpp -@@ -404,6 +404,7 @@ nsDNSService::Init() +@@ -383,6 +383,7 @@ nsDNSService::Init() bool enableIDN = true; bool disableIPv6 = false; bool disablePrefetch = false; @@ -40,7 +40,7 @@ index 1bd5f38..eda0e48 100644 int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT; nsAdoptingCString ipv4OnlyDomains; -@@ -427,6 +428,10 @@ nsDNSService::Init() +@@ -404,6 +405,10 @@ nsDNSService::Init() // If a manual proxy is in use, disable prefetch implicitly prefs->GetIntPref("network.proxy.type", &proxyType); @@ -51,7 +51,7 @@ index 1bd5f38..eda0e48 100644 } if (mFirstTime) { -@@ -444,7 +449,7 @@ nsDNSService::Init() +@@ -420,7 +425,7 @@ nsDNSService::Init() // Monitor these to see if there is a change in proxy configuration // If a manual proxy is in use, disable prefetch implicitly @@ -60,7 +60,7 @@ index 1bd5f38..eda0e48 100644 } } -@@ -473,6 +478,7 @@ nsDNSService::Init() +@@ -448,6 +453,7 @@ nsDNSService::Init() mIDN = idn; mIPv4OnlyDomains = ipv4OnlyDomains; // exchanges buffer ownership mDisableIPv6 = disableIPv6; @@ -68,7 +68,7 @@ index 1bd5f38..eda0e48 100644 // Disable prefetching either by explicit preference or if a manual proxy is configured mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL); -@@ -584,6 +590,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, +@@ -547,6 +553,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, if (mDisablePrefetch && (flags & RESOLVE_SPECULATE)) return NS_ERROR_DNS_LOOKUP_QUEUE_FULL; @@ -83,7 +83,7 @@ index 1bd5f38..eda0e48 100644 res = mResolver; idn = mIDN; } -@@ -670,6 +684,14 @@ nsDNSService::Resolve(const nsACString &hostname, +@@ -597,6 +611,14 @@ nsDNSService::Resolve(const nsACString &hostname, MutexAutoLock lock(mLock); res = mResolver; idn = mIDN; @@ -109,10 +109,10 @@ index 1749b41..3ec8eba 100644 + bool mDisableDNS; }; diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp -index 22873d3..0875c12 100644 +index 9e446e9..42aa6ca 100644 --- a/netwerk/protocol/websocket/WebSocketChannel.cpp +++ b/netwerk/protocol/websocket/WebSocketChannel.cpp -@@ -1875,8 +1875,12 @@ WebSocketChannel::ApplyForAdmission() +@@ -1698,8 +1698,12 @@ WebSocketChannel::ApplyForAdmission() LOG(("WebSocketChannel::ApplyForAdmission: checking for concurrent open\n")); nsCOMPtr<nsIThread> mainThread; NS_GetMainThread(getter_AddRefs(mainThread)); diff --git a/www-client/torbrowser/files/12.0/0012-Randomize-HTTP-request-order-and-pipeline-depth.patch b/www-client/torbrowser/files/torbrowser-patches/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch index 33ff9a24351b..f3b7aeb802f8 100644 --- a/www-client/torbrowser/files/12.0/0012-Randomize-HTTP-request-order-and-pipeline-depth.patch +++ b/www-client/torbrowser/files/torbrowser-patches/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch @@ -1,7 +1,7 @@ -From 6147cea4de151dade922b3c2787016f70c222458 Mon Sep 17 00:00:00 2001 +From 60d369378ea65b1502ba2ab28a851318e7910a64 Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git@torproject.org> -Date: Tue, 24 Apr 2012 17:21:45 -0700 -Subject: [PATCH 12/16] Randomize HTTP request order and pipeline depth. +Date: Wed, 6 Jun 2012 11:08:56 -0700 +Subject: [PATCH 17/18] Randomize HTTP request order and pipeline depth. This is an experimental defense against http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf @@ -12,18 +12,18 @@ https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprin This defense has been improved since that blog post to additionally randomize the order and concurrency of non-pipelined HTTP requests. --- - netwerk/protocol/http/nsHttpConnectionMgr.cpp | 133 ++++++++++++++++++++++++- + netwerk/protocol/http/nsHttpConnectionMgr.cpp | 136 ++++++++++++++++++++++++- netwerk/protocol/http/nsHttpConnectionMgr.h | 5 + - 2 files changed, 133 insertions(+), 5 deletions(-) + 2 files changed, 136 insertions(+), 5 deletions(-) diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -index 6e1099d..3eec5b3 100644 +index 23ef893..788368f 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp +++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -@@ -100,6 +100,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() +@@ -94,6 +94,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() + { + LOG(("Creating nsHttpConnectionMgr @%x\n", this)); mCT.Init(); - mAlternateProtocolHash.Init(16); - mSpdyPreferredHash.Init(); + + nsresult rv; + mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv); @@ -33,7 +33,7 @@ index 6e1099d..3eec5b3 100644 } nsHttpConnectionMgr::~nsHttpConnectionMgr() -@@ -353,8 +359,12 @@ nsHttpConnectionMgr::AddTransactionToPipeline(nsHttpPipeline *pipeline) +@@ -342,8 +348,12 @@ nsHttpConnectionMgr::AddTransactionToPipeline(nsHttpPipeline *pipeline) nsConnectionEntry *ent = mCT.Get(ci->HashKey()); if (ent) { // search for another request to pipeline... @@ -48,7 +48,7 @@ index 6e1099d..3eec5b3 100644 nsHttpTransaction *trans = ent->mPendingQ[i]; if (trans->Caps() & NS_HTTP_ALLOW_PIPELINING) { pipeline->AddTransaction(trans); -@@ -365,6 +375,8 @@ +@@ -354,6 +364,8 @@ nsHttpConnectionMgr::AddTransactionToPipeline(nsHttpPipeline *pipeline) break; } } @@ -57,17 +57,17 @@ index 6e1099d..3eec5b3 100644 } } } -@@ -898,12 +908,17 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) - - ProcessSpdyPendingQ(ent); +@@ -585,12 +597,17 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) + LOG(("nsHttpConnectionMgr::ProcessPendingQForEntry [ci=%s]\n", + ent->mConnInfo->HashKey().get())); -- PRUint32 i, count = ent->mPendingQ.Length(); +- PRInt32 i, count = ent->mPendingQ.Length(); + PRUint32 h, i = 0, count = ent->mPendingQ.Length(); if (count > 0) { LOG((" pending-count=%u\n", count)); nsHttpTransaction *trans = nsnull; nsHttpConnection *conn = nsnull; -- for (i = 0; i < count; ++i) { +- for (i=0; i<count; ++i) { + + PRUint32* ind = new PRUint32[count]; + ShuffleRequestOrder(ind, count); @@ -77,22 +77,22 @@ index 6e1099d..3eec5b3 100644 trans = ent->mPendingQ[i]; // When this transaction has already established a half-open -@@ -927,6 +944,7 @@ - "something mutated pending queue from " - "GetConnection()"); +@@ -610,6 +627,7 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) + if (conn) + break; } + delete [] ind; if (conn) { LOG((" dispatching pending transaction...\n")); -@@ -1011,6 +1026,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap +@@ -694,6 +712,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap maxPersistConns = mMaxPersistConnsPerHost; } + // Fuzz maxConns for website fingerprinting attack + // We create a range of maxConns/5 up to 6*maxConns/5 + // because this function is called repeatedly, and we'll -+ // end up converging on a the high side of concurrent connections ++ // end up converging to the high side of concurrent connections + // after a short while. + PRUint8 *bytes = nsnull; + nsresult rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); @@ -105,8 +105,8 @@ index 6e1099d..3eec5b3 100644 // use >= just to be safe return (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) && (persistCount >= maxPersistConns) ); -@@ -1227,7 +1255,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent, - +@@ -865,7 +896,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent, + nsHttpPipeline *pipeline = nsnull; if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) { LOG((" looking to build pipeline...\n")); - if (BuildPipeline(ent, trans, &pipeline)) @@ -114,7 +114,7 @@ index 6e1099d..3eec5b3 100644 trans = pipeline; } -@@ -1300,6 +1328,101 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, +@@ -938,6 +969,101 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, return true; } @@ -217,19 +217,19 @@ index 6e1099d..3eec5b3 100644 nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans) { diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h -index a13da0f..59ee9b9 100644 +index cdf21a9..81b282a 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.h +++ b/netwerk/protocol/http/nsHttpConnectionMgr.h -@@ -54,6 +54,7 @@ +@@ -51,6 +51,7 @@ + #include "nsIObserver.h" #include "nsITimer.h" - #include "nsIX509Cert3.h" +#include "nsIRandomGenerator.h" class nsHttpPipeline; -@@ -317,6 +318,8 @@ private: - nsresult DispatchTransaction(nsConnectionEntry *, nsHttpTransaction *, +@@ -276,6 +277,8 @@ private: + nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *, PRUint8 caps, nsHttpConnection *); bool BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); + bool BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); @@ -237,7 +237,7 @@ index a13da0f..59ee9b9 100644 nsresult ProcessNewTransaction(nsHttpTransaction *); nsresult EnsureSocketThreadTargetIfOnline(); void ClosePersistentConnections(nsConnectionEntry *ent); -@@ -409,6 +412,8 @@ private: +@@ -353,6 +356,8 @@ private: PRUint64 mTimeOfNextWakeUp; // Timer for next pruning of dead connections. nsCOMPtr<nsITimer> mTimer; diff --git a/www-client/torbrowser/files/torbrowser-patches/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/www-client/torbrowser/files/torbrowser-patches/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch new file mode 100644 index 000000000000..1f18aa5d4564 --- /dev/null +++ b/www-client/torbrowser/files/torbrowser-patches/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch @@ -0,0 +1,52 @@ +From 8c741c1ee9b05e23582047df6179bc7344864011 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git@fscked.org> +Date: Fri, 2 Sep 2011 15:33:20 -0700 +Subject: [PATCH 18/18] Add HTTP auth headers before the modify-request + observer. + +Otherwise, how are we supposed to modify them? + +Thanks to Georg Koppen for spotting both the problem and this fix. +--- + netwerk/protocol/http/nsHttpChannel.cpp | 11 +++++++---- + 1 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp +index 97bd84c..6205d62 100644 +--- a/netwerk/protocol/http/nsHttpChannel.cpp ++++ b/netwerk/protocol/http/nsHttpChannel.cpp +@@ -316,9 +316,6 @@ nsHttpChannel::Connect(bool firstTime) + return NS_ERROR_DOCUMENT_NOT_CACHED; + } + +- // check to see if authorization headers should be included +- mAuthProvider->AddAuthorizationHeaders(); +- + if (mLoadFlags & LOAD_NO_NETWORK_IO) { + return NS_ERROR_DOCUMENT_NOT_CACHED; + } +@@ -3707,6 +3704,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) + + AddCookiesToRequest(); + ++ // check to see if authorization headers should be included ++ mAuthProvider->AddAuthorizationHeaders(); ++ + // notify "http-on-modify-request" observers + gHttpHandler->OnModifyRequest(this); + +@@ -4817,7 +4817,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn) + // this authentication attempt (bug 84794). + // TODO: save cookies from auth response and send them here (bug 572151). + AddCookiesToRequest(); +- ++ ++ // check to see if authorization headers should be included ++ mAuthProvider->AddAuthorizationHeaders(); ++ + // notify "http-on-modify-request" observers + gHttpHandler->OnModifyRequest(this); + +-- +1.7.5.4 + diff --git a/www-client/torbrowser/torbrowser-12.0-r2.ebuild b/www-client/torbrowser/torbrowser-10.0.5.ebuild index 532683c1041c..8a909553e2f3 100644 --- a/www-client/torbrowser/torbrowser-12.0-r2.ebuild +++ b/www-client/torbrowser/torbrowser-10.0.5.ebuild @@ -1,18 +1,26 @@ # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-client/torbrowser/torbrowser-12.0-r2.ebuild,v 1.2 2012/06/01 15:57:21 hasufell Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-client/torbrowser/torbrowser-10.0.5.ebuild,v 1.1 2012/06/06 22:21:08 hasufell Exp $ EAPI="3" VIRTUALX_REQUIRED="pgo" WANT_AUTOCONF="2.1" +MOZ_ESR="1" MY_PN="firefox" # latest version of the torbrowser-bundle we use the profile-folder from # https://www.torproject.org/dist/torbrowser/linux/ -TB_V="2.2.35-12" +TB_V="2.2.36-1" + +MOZ_P="${MY_PN}-${PV}" + +if [[ ${MOZ_ESR} == 1 ]]; then + # ESR releases have slightly version numbers + MOZ_P="${MOZ_P}esr" +fi # Patch version -PATCH="${MY_PN}-12.0-patches-0.5" +PATCH="${MY_PN}-10.0-patches-0.8" # Upstream ftp release URI that's used by mozlinguas.eclass # We don't use the http mirror because it deletes old tarballs. MOZ_FTP_URI="ftp://ftp.mozilla.org/pub/${MY_PN}/releases/" @@ -33,11 +41,11 @@ LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 ) GPL-2 MIT CCPL-Attribution-3.0" -IUSE="bindist +crashreporter +ipc +jit pgo selinux system-sqlite +webm" +IUSE="bindist +crashreporter +ipc pgo selinux system-sqlite +webm" SRC_URI="${SRC_URI} http://dev.gentoo.org/~anarchy/mozilla/patchsets/${PATCH}.tar.xz - ${MOZ_FTP_URI}/${PV}/source/${MY_PN}-${PV}.source.tar.bz2 + ${MOZ_FTP_URI}/${PV}/source/${MOZ_P}.source.tar.bz2 amd64? ( https://www.torproject.org/dist/${PN}/linux/tor-browser-gnu-linux-x86_64-${TB_V}-dev-en-US.tar.gz ) x86? ( https://www.torproject.org/dist/${PN}/linux/tor-browser-gnu-linux-i686-${TB_V}-dev-en-US.tar.gz )" @@ -46,13 +54,13 @@ ASM_DEPEND=">=dev-lang/yasm-1.1" # Mesa 7.10 needed for WebGL + bugfixes RDEPEND=" >=sys-devel/binutils-2.16.1 - >=dev-libs/nss-3.13.3 - >=dev-libs/nspr-4.9 + >=dev-libs/nss-3.13.5 + >=dev-libs/nspr-4.9.1 >=dev-libs/glib-2.26:2 >=media-libs/mesa-7.10 media-libs/libpng[apng] virtual/libffi - system-sqlite? ( >=dev-db/sqlite-3.7.10[fts3,secure-delete,threadsafe,unlock-notify,debug=] ) + system-sqlite? ( >=dev-db/sqlite-3.7.7.1[fts3,secure-delete,threadsafe,unlock-notify,debug=] ) webm? ( >=media-libs/libvpx-1.0.0 media-libs/alsa-lib ) crashreporter? ( net-misc/curl ) @@ -67,7 +75,11 @@ DEPEND="${RDEPEND} amd64? ( ${ASM_DEPEND} ) virtual/opengl )" -S="${WORKDIR}/mozilla-release" +if [[ ${MOZ_ESR} == 1 ]]; then + S="${WORKDIR}/mozilla-esr${PV%%.*}" +else + S="${WORKDIR}/mozilla-release" +fi QA_PRESTRIPPED="usr/$(get_libdir)/${PN}/${MY_PN}/firefox" @@ -108,15 +120,18 @@ pkg_setup() { src_prepare() { # Apply our patches + EPATCH_EXCLUDE="6012_fix_shlibsign.patch 6013_fix_abort_declaration.patch" \ EPATCH_SUFFIX="patch" \ EPATCH_FORCE="yes" \ epatch "${WORKDIR}/firefox" - # Torbrowser patches for firefox 12, check regularly/for every version-bump + # Torbrowser patches for firefox 10.0.5esr, check regularly/for every version-bump # https://gitweb.torproject.org/torbrowser.git/history/HEAD:/src/current-patches + # exclude vidalia patch, cause we don't force the user to use it + EPATCH_EXCLUDE="0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch" \ EPATCH_SUFFIX="patch" \ EPATCH_FORCE="yes" \ - epatch "${FILESDIR}/${PV}" + epatch "${FILESDIR}/${PN}-patches" # Allow user to apply any additional patches without modifing ebuild epatch_user @@ -181,11 +196,6 @@ src_configure() { mozconfig_annotate '' --with-default-mozilla-five-home=${MOZILLA_FIVE_HOME} mozconfig_annotate '' --target="${CTARGET:-${CHOST}}" - mozconfig_use_enable system-sqlite - # Both methodjit and tracejit conflict with PaX - mozconfig_use_enable jit methodjit - mozconfig_use_enable jit tracejit - # Allow for a proper pgo build if use pgo; then echo "mk_add_options PROFILE_GEN_SCRIPT='\$(PYTHON) \$(OBJDIR)/_profile/pgo/profileserver.py'" >> "${S}"/.mozconfig @@ -246,11 +256,8 @@ src_install() { obj_dir="${obj_dir%/*}" cd "${S}/${obj_dir}" - # Without methodjit and tracejit there's no conflict with PaX - if use jit; then - # Pax mark xpcshell for hardened support, only used for startupcache creation. - pax-mark m "${S}/${obj_dir}"/dist/bin/xpcshell - fi + # Pax mark xpcshell for hardened support, only used for startupcache creation. + pax-mark m "${S}/${obj_dir}"/dist/bin/xpcshell MOZ_MAKE_FLAGS="${MAKEOPTS}" \ emake DESTDIR="${D}" install || die "emake install failed" @@ -262,15 +269,8 @@ src_install() { rm -rf "${ED}"/usr/include "${ED}${MOZILLA_FIVE_HOME}"/{idl,include,lib,sdk} || \ die "Failed to remove sdk and headers" - # Without methodjit and tracejit there's no conflict with PaX - if use jit; then - # Required in order to use plugins and even run firefox on hardened. - pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/{firefox,firefox-bin} - fi - - # Plugin-container needs to be pax-marked for hardened to ensure plugins such as flash - # continue to work as expected. - pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/plugin-container + # Required in order to use plugins and even run firefox on hardened. + pax-mark m "${ED}"${MOZILLA_FIVE_HOME}/{firefox,firefox-bin,plugin-container} # Plugins dir keepdir /usr/$(get_libdir)/${PN}/${MY_PN}/plugins @@ -282,11 +282,15 @@ src_install() { # create wrapper to start torbrowser make_wrapper ${PN} "/usr/$(get_libdir)/${PN}/${MY_PN}/${MY_PN} -no-remote -profile ~/.${PN}/profile" - newicon "${WORKDIR}"/tor-browser_en-US/App/Firefox/icons/mozicon128.png ${PN}.png + newicon -s 128 "${WORKDIR}"/tor-browser_en-US/App/Firefox/icons/mozicon128.png ${PN}.png make_desktop_entry ${PN} "Torbrowser" ${PN} "Network;WebBrowser" dodoc "${WORKDIR}"/tor-browser_en-US/Docs/changelog } +pkg_preinst() { + gnome2_icon_savelist +} + pkg_postinst() { ewarn "This patched firefox build is _NOT_ recommended by TOR upstream but uses" ewarn "the exact same patches (excluding Vidalia-patch). Use this only if you know" @@ -300,4 +304,10 @@ pkg_postinst() { einfo elog "The update check when you first start ${PN} does not recognize this version." einfo + + gnome2_icon_cache_update +} + +pkg_postrm() { + gnome2_icon_cache_update } |