Backed out 2 changesets (bug 1241821) for android build bustage CLOSED TREE

Backed out changeset ae7246d654c8 (bug 1241821)
Backed out changeset bdecb787f1a2 (bug 1241821)

b2g/installer/package-manifest.in

@@ -325,7 +325,6 @@
 @RESPATH@/components/toolkit_finalizationwitness.xpt
 @RESPATH@/components/toolkit_formautofill.xpt
 @RESPATH@/components/toolkit_osfile.xpt
-@RESPATH@/components/toolkit_securityreporter.xpt
 #ifdef NIGHTLY_BUILD
 @RESPATH@/components/toolkit_perfmonitoring.xpt
 #endif
@@ -708,10 +707,6 @@
 @RESPATH@/components/PrivateBrowsing.manifest
 @RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
 
-; Security Reports
-@RESPATH@/components/SecurityReporter.manifest
-@RESPATH@/components/SecurityReporter.js
-
 ; Signed Packaged Content
 @RESPATH@/components/InstallPackagedWebapp.manifest
 @RESPATH@/components/InstallPackagedWebapp.js

browser/installer/package-manifest.in

@@ -319,7 +319,6 @@
 @RESPATH@/components/toolkit_finalizationwitness.xpt
 @RESPATH@/components/toolkit_formautofill.xpt
 @RESPATH@/components/toolkit_osfile.xpt
-@RESPATH@/components/toolkit_securityreporter.xpt
 #ifdef NIGHTLY_BUILD
 @RESPATH@/components/toolkit_perfmonitoring.xpt
 #endif
@@ -630,10 +629,6 @@
 @RESPATH@/components/PrivateBrowsing.manifest
 @RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
 
-; Security Reports
-@RESPATH@/components/SecurityReporter.manifest
-@RESPATH@/components/SecurityReporter.js
-
 ; Signed Packaged Content
 @RESPATH@/components/InstallPackagedWebapp.manifest
 @RESPATH@/components/InstallPackagedWebapp.js

mobile/android/b2gdroid/installer/package-manifest.in

@@ -251,7 +251,6 @@
 @BINPATH@/components/toolkit_finalizationwitness.xpt
 @BINPATH@/components/toolkit_formautofill.xpt
 @BINPATH@/components/toolkit_osfile.xpt
-@RESPATH@/components/toolkit_securityreporter.xpt
 #ifdef NIGHTLY_BUILD
 @BINPATH@/components/toolkit_perfmonitoring.xpt
 #endif
@@ -467,10 +466,6 @@
 @BINPATH@/components/url-classifier.xpt
 #endif
 
-; Security Reports
-@RESPATH@/components/SecurityReporter.manifest
-@RESPATH@/components/SecurityReporter.js
-
 ; [Browser Chrome Files]
 @BINPATH@/chrome/browser@JAREXT@
 @BINPATH@/chrome/browser.manifest

mobile/android/installer/package-manifest.in

@@ -228,7 +228,6 @@
 @BINPATH@/components/toolkit_finalizationwitness.xpt
 @BINPATH@/components/toolkit_formautofill.xpt
 @BINPATH@/components/toolkit_osfile.xpt
-@RESPATH@/components/toolkit_securityreporter.xpt
 #ifdef NIGHTLY_BUILD
 @BINPATH@/components/toolkit_perfmonitoring.xpt
 #endif
@@ -435,10 +434,6 @@
 @BINPATH@/components/PrivateBrowsing.manifest
 @BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
 
-; Security Reports
-@RESPATH@/components/SecurityReporter.manifest
-@RESPATH@/components/SecurityReporter.js
-
 ; [Browser Chrome Files]
 @BINPATH@/chrome/toolkit@JAREXT@
 @BINPATH@/chrome/toolkit.manifest

security/manager/ssl/tests/unit/test_toolkit_securityreporter.js

@@ -1,132 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* This test is for the TLS error reporting functionality exposed by
- * SecurityReporter.js in /toolkit/components/securityreporter. The test is
- * here because we make use of the tlsserver functionality that lives with the
- * PSM ssl tests.
- *
- * The testing here will be augmented by the existing mochitests for the
- * error reporting functionality in aboutNetError.xhtml and
- * aboutCertError.xhtml once these make use of this component.
- */
-
-"use strict";
-const CC = Components.Constructor;
-const Cm = Components.manager;
-
-Cu.import("resource://testing-common/AppInfo.jsm");
-updateAppInfo();
-
-// We must get the profile before performing operations on the cert db.
-do_get_profile();
-
-const certdb = Cc["@mozilla.org/security/x509certdb;1"]
-                 .getService(Ci.nsIX509CertDB);
-const reporter = Cc["@mozilla.org/securityreporter;1"]
-                   .getService(Ci.nsISecurityReporter);
-
-
-const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
-                             "nsIBinaryInputStream", "setInputStream");
-
-var server;
-
-// this allows us to create a callback which checks that a report is as
-// expected.
-function getReportCheck(expectReport, expectedError) {
-  return function sendReportWithInfo(transportSecurityInfo) {
-    // register a path handler on the server
-    server.registerPathHandler("/submit/sslreports",
-                              function(request, response) {
-      if (expectReport) {
-        let report = JSON.parse(readDataFromRequest(request));
-        do_check_eq(report.errorCode, expectedError);
-        response.setStatusLine(null, 201, "Created");
-        response.write("Created");
-      } else {
-        do_throw("No report should have been received");
-      }
-    });
-
-    reporter.reportTLSError(transportSecurityInfo, "example.com", -1);
-  }
-}
-
-// read the request body from a request
-function readDataFromRequest(aRequest) {
-  if (aRequest.method == "POST" || aRequest.method == "PUT") {
-    if (aRequest.bodyInputStream) {
-      let inputStream = new BinaryInputStream(aRequest.bodyInputStream);
-      let bytes = [];
-      let available;
-
-      while ((available = inputStream.available()) > 0) {
-        Array.prototype.push.apply(bytes, inputStream.readByteArray(available));
-      }
-
-      return String.fromCharCode.apply(null, bytes);
-    }
-  }
-  return null;
-}
-
-function run_test() {
-  // start a report server
-  server = new HttpServer();
-  server.start(-1);
-
-  let port = server.identity.primaryPort;
-
-  // Set the reporting URL to ensure any reports are sent to the test server
-  Services.prefs.setCharPref("security.ssl.errorReporting.url",
-                             `http://localhost:${port}/submit/sslreports`);
-  // set strict-mode pinning enforcement so we can cause connection failures.
-  Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2);
-
-  // start a TLS server
-  add_tls_server_setup("BadCertServer", "bad_certs");
-
-  // Add a user-specified trust anchor.
-  addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u");
-
-
-  // Cause a reportable condition with error reporting disabled. No report
-  // should be sent.
-  Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false);
-  add_connection_test("expired.example.com",
-                      SEC_ERROR_EXPIRED_CERTIFICATE, null,
-                      getReportCheck(false));
-
-  // Now enable reporting
-  add_test(function () {
-    Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true);
-    run_next_test();
-  });
-
-  // test calling the component with no transportSecurityInfo. No report should
-  // be sent even though reporting is enabled.
-  add_test(function() {
-    server.registerPathHandler("/submit/sslreports",
-                               function(request, response) {
-      do_throw("No report should be sent");
-    });
-    reporter.reportTLSError(null, "example.com", -1);
-    run_next_test();
-  });
-
-  // Test sending a report with no error. This allows us to check the case
-  // where there is no failed cert chain
-  add_connection_test("good.include-subdomains.pinning.example.com",
-                      PRErrorCodeSuccess, null,
-                      getReportCheck(true, PRErrorCodeSuccess));
-
-  // Test sending a report where there is an error and a failed cert chain.
-  add_connection_test("expired.example.com",
-                      SEC_ERROR_EXPIRED_CERTIFICATE, null,
-                      getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE));
-
-  run_next_test();
-}

security/manager/ssl/tests/unit/xpcshell.ini

@@ -150,6 +150,3 @@ skip-if = toolkit == 'android' || toolkit == 'gonk'
 run-sequentially = hardcoded ports
 [test_weak_crypto.js]
 firefox-appdir = browser
-
-# The TLS error reporting functionality lives in /toolkit but needs tlsserver
-[test_toolkit_securityreporter.js]

toolkit/components/moz.build

@@ -48,7 +48,6 @@ DIRS += [
     'reader',
     'remotebrowserutils',
     'reflect',
-    'securityreporter',
     'sqlite',
     'startup',
     'statusfilter',

toolkit/components/securityreporter/SecurityReporter.js

@@ -1,112 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-const { classes: Cc, interfaces: Ci, utils: Cu} = Components;
-
-Cu.importGlobalProperties(['fetch']);
-
-const { XPCOMUtils } = Cu.import("resource://gre/modules/XPCOMUtils.jsm", {});
-const protocolHandler = Cc["@mozilla.org/network/protocol;1?name=http"]
-                          .getService(Ci.nsIHttpProtocolHandler);
-const { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
-
-const TLS_ERROR_REPORT_TELEMETRY_SUCCESS = 6;
-const TLS_ERROR_REPORT_TELEMETRY_FAILURE = 7;
-const HISTOGRAM_ID = "TLS_ERROR_REPORT_UI";
-
-
-XPCOMUtils.defineLazyModuleGetter(this, "UpdateUtils",
-                                  "resource://gre/modules/UpdateUtils.jsm");
-
-function getDERString(cert)
-{
-  var length = {};
-  var derArray = cert.getRawDER(length);
-  var derString = '';
-  for (var i = 0; i < derArray.length; i++) {
-    derString += String.fromCharCode(derArray[i]);
-  }
-  return derString;
-}
-
-function SecurityReporter() { }
-
-SecurityReporter.prototype = {
-  classDescription: "Security reporter component",
-  classID:          Components.ID("{8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}"),
-  contractID:       "@mozilla.org/securityreporter;1",
-  QueryInterface: XPCOMUtils.generateQI([Ci.nsISecurityReporter]),
-  reportTLSError: function(transportSecurityInfo, hostname, port) {
-    // don't send if there's no transportSecurityInfo (since the report cannot
-    // contain anything of interest)
-    if (!transportSecurityInfo) {
-      return;
-    }
-
-    // don't send a report if the pref is not enabled
-    if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) {
-      return;
-    }
-
-    // Don't send a report if the host we're connecting to is the report
-    // server (otherwise we'll get loops when this fails)
-    let endpoint =
-      Services.prefs.getCharPref("security.ssl.errorReporting.url");
-    let reportURI = Services.io.newURI(endpoint, null, null);
-
-    if (reportURI.host == hostname) {
-      return;
-    }
-
-    // Convert the nsIX509CertList into a format that can be parsed into
-    // JSON
-    let asciiCertChain = [];
-
-    if (transportSecurityInfo.failedCertChain) {
-      let certs = transportSecurityInfo.failedCertChain.getEnumerator();
-      while (certs.hasMoreElements()) {
-        let cert = certs.getNext();
-        cert.QueryInterface(Ci.nsIX509Cert);
-        asciiCertChain.push(btoa(getDERString(cert)));
-      }
-    }
-
-    let report = {
-      hostname: hostname,
-      port: port,
-      timestamp: Math.round(Date.now() / 1000),
-      errorCode: transportSecurityInfo.errorCode,
-      failedCertChain: asciiCertChain,
-      userAgent: protocolHandler.userAgent,
-      version: 1,
-      build: Services.appinfo.appBuildID,
-      product: Services.appinfo.name,
-      channel: UpdateUtils.UpdateChannel
-    }
-
-    fetch(endpoint, {
-      method: "POST",
-      body: JSON.stringify(report),
-      headers: {
-        'Content-Type': 'application/json'
-      }
-    }).then(function (aResponse) {
-      if (!aResponse.ok) {
-        // request returned non-success status
-        Services.telemetry.getHistogramById(HISTOGRAM_ID)
-          .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
-      } else {
-        Services.telemetry.getHistogramById(HISTOGRAM_ID)
-          .add(TLS_ERROR_REPORT_TELEMETRY_SUCCESS);
-      }
-    }).catch(function (e) {
-      // error making request to reportURL
-      Services.telemetry.getHistogramById(HISTOGRAM_ID)
-          .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
-    });
-  }
-};
-
-this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SecurityReporter]);

toolkit/components/securityreporter/SecurityReporter.manifest

@@ -1,2 +0,0 @@
-component {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} SecurityReporter.js
-contract @mozilla.org/securityreporter;1 {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}

toolkit/components/securityreporter/moz.build

@@ -1,16 +0,0 @@
-# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
-# vim: set filetype=python:
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-XPIDL_MODULE = 'toolkit_securityreporter'
-
-XPIDL_SOURCES += [
-    'nsISecurityReporter.idl',
-]
-
-EXTRA_COMPONENTS += [
-    'SecurityReporter.js',
-    'SecurityReporter.manifest',
-]

toolkit/components/securityreporter/nsISecurityReporter.idl

@@ -1,14 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-#include "nsITransportSecurityInfo.idl"
-
-[scriptable, uuid(8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b)]
-interface nsISecurityReporter : nsISupports
-{
-  void reportTLSError(in nsITransportSecurityInfo aSecurityInfo,
-                      in AUTF8String aHostname,
-                      in long aPort);
-};