mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Backed out 2 changesets (bug 1241821) for android build bustage CLOSED TREE
Backed out changeset ae7246d654c8 (bug 1241821) Backed out changeset bdecb787f1a2 (bug 1241821)
This commit is contained in:
parent
12a3f8477f
commit
0d8c068131
@ -325,7 +325,6 @@
|
|||||||
@RESPATH@/components/toolkit_finalizationwitness.xpt
|
@RESPATH@/components/toolkit_finalizationwitness.xpt
|
||||||
@RESPATH@/components/toolkit_formautofill.xpt
|
@RESPATH@/components/toolkit_formautofill.xpt
|
||||||
@RESPATH@/components/toolkit_osfile.xpt
|
@RESPATH@/components/toolkit_osfile.xpt
|
||||||
@RESPATH@/components/toolkit_securityreporter.xpt
|
|
||||||
#ifdef NIGHTLY_BUILD
|
#ifdef NIGHTLY_BUILD
|
||||||
@RESPATH@/components/toolkit_perfmonitoring.xpt
|
@RESPATH@/components/toolkit_perfmonitoring.xpt
|
||||||
#endif
|
#endif
|
||||||
@ -708,10 +707,6 @@
|
|||||||
@RESPATH@/components/PrivateBrowsing.manifest
|
@RESPATH@/components/PrivateBrowsing.manifest
|
||||||
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
||||||
|
|
||||||
; Security Reports
|
|
||||||
@RESPATH@/components/SecurityReporter.manifest
|
|
||||||
@RESPATH@/components/SecurityReporter.js
|
|
||||||
|
|
||||||
; Signed Packaged Content
|
; Signed Packaged Content
|
||||||
@RESPATH@/components/InstallPackagedWebapp.manifest
|
@RESPATH@/components/InstallPackagedWebapp.manifest
|
||||||
@RESPATH@/components/InstallPackagedWebapp.js
|
@RESPATH@/components/InstallPackagedWebapp.js
|
||||||
|
@ -319,7 +319,6 @@
|
|||||||
@RESPATH@/components/toolkit_finalizationwitness.xpt
|
@RESPATH@/components/toolkit_finalizationwitness.xpt
|
||||||
@RESPATH@/components/toolkit_formautofill.xpt
|
@RESPATH@/components/toolkit_formautofill.xpt
|
||||||
@RESPATH@/components/toolkit_osfile.xpt
|
@RESPATH@/components/toolkit_osfile.xpt
|
||||||
@RESPATH@/components/toolkit_securityreporter.xpt
|
|
||||||
#ifdef NIGHTLY_BUILD
|
#ifdef NIGHTLY_BUILD
|
||||||
@RESPATH@/components/toolkit_perfmonitoring.xpt
|
@RESPATH@/components/toolkit_perfmonitoring.xpt
|
||||||
#endif
|
#endif
|
||||||
@ -630,10 +629,6 @@
|
|||||||
@RESPATH@/components/PrivateBrowsing.manifest
|
@RESPATH@/components/PrivateBrowsing.manifest
|
||||||
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
||||||
|
|
||||||
; Security Reports
|
|
||||||
@RESPATH@/components/SecurityReporter.manifest
|
|
||||||
@RESPATH@/components/SecurityReporter.js
|
|
||||||
|
|
||||||
; Signed Packaged Content
|
; Signed Packaged Content
|
||||||
@RESPATH@/components/InstallPackagedWebapp.manifest
|
@RESPATH@/components/InstallPackagedWebapp.manifest
|
||||||
@RESPATH@/components/InstallPackagedWebapp.js
|
@RESPATH@/components/InstallPackagedWebapp.js
|
||||||
|
@ -251,7 +251,6 @@
|
|||||||
@BINPATH@/components/toolkit_finalizationwitness.xpt
|
@BINPATH@/components/toolkit_finalizationwitness.xpt
|
||||||
@BINPATH@/components/toolkit_formautofill.xpt
|
@BINPATH@/components/toolkit_formautofill.xpt
|
||||||
@BINPATH@/components/toolkit_osfile.xpt
|
@BINPATH@/components/toolkit_osfile.xpt
|
||||||
@RESPATH@/components/toolkit_securityreporter.xpt
|
|
||||||
#ifdef NIGHTLY_BUILD
|
#ifdef NIGHTLY_BUILD
|
||||||
@BINPATH@/components/toolkit_perfmonitoring.xpt
|
@BINPATH@/components/toolkit_perfmonitoring.xpt
|
||||||
#endif
|
#endif
|
||||||
@ -467,10 +466,6 @@
|
|||||||
@BINPATH@/components/url-classifier.xpt
|
@BINPATH@/components/url-classifier.xpt
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
; Security Reports
|
|
||||||
@RESPATH@/components/SecurityReporter.manifest
|
|
||||||
@RESPATH@/components/SecurityReporter.js
|
|
||||||
|
|
||||||
; [Browser Chrome Files]
|
; [Browser Chrome Files]
|
||||||
@BINPATH@/chrome/browser@JAREXT@
|
@BINPATH@/chrome/browser@JAREXT@
|
||||||
@BINPATH@/chrome/browser.manifest
|
@BINPATH@/chrome/browser.manifest
|
||||||
|
@ -228,7 +228,6 @@
|
|||||||
@BINPATH@/components/toolkit_finalizationwitness.xpt
|
@BINPATH@/components/toolkit_finalizationwitness.xpt
|
||||||
@BINPATH@/components/toolkit_formautofill.xpt
|
@BINPATH@/components/toolkit_formautofill.xpt
|
||||||
@BINPATH@/components/toolkit_osfile.xpt
|
@BINPATH@/components/toolkit_osfile.xpt
|
||||||
@RESPATH@/components/toolkit_securityreporter.xpt
|
|
||||||
#ifdef NIGHTLY_BUILD
|
#ifdef NIGHTLY_BUILD
|
||||||
@BINPATH@/components/toolkit_perfmonitoring.xpt
|
@BINPATH@/components/toolkit_perfmonitoring.xpt
|
||||||
#endif
|
#endif
|
||||||
@ -435,10 +434,6 @@
|
|||||||
@BINPATH@/components/PrivateBrowsing.manifest
|
@BINPATH@/components/PrivateBrowsing.manifest
|
||||||
@BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
@BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
|
||||||
|
|
||||||
; Security Reports
|
|
||||||
@RESPATH@/components/SecurityReporter.manifest
|
|
||||||
@RESPATH@/components/SecurityReporter.js
|
|
||||||
|
|
||||||
; [Browser Chrome Files]
|
; [Browser Chrome Files]
|
||||||
@BINPATH@/chrome/toolkit@JAREXT@
|
@BINPATH@/chrome/toolkit@JAREXT@
|
||||||
@BINPATH@/chrome/toolkit.manifest
|
@BINPATH@/chrome/toolkit.manifest
|
||||||
|
@ -1,132 +0,0 @@
|
|||||||
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
/* This test is for the TLS error reporting functionality exposed by
|
|
||||||
* SecurityReporter.js in /toolkit/components/securityreporter. The test is
|
|
||||||
* here because we make use of the tlsserver functionality that lives with the
|
|
||||||
* PSM ssl tests.
|
|
||||||
*
|
|
||||||
* The testing here will be augmented by the existing mochitests for the
|
|
||||||
* error reporting functionality in aboutNetError.xhtml and
|
|
||||||
* aboutCertError.xhtml once these make use of this component.
|
|
||||||
*/
|
|
||||||
|
|
||||||
"use strict";
|
|
||||||
const CC = Components.Constructor;
|
|
||||||
const Cm = Components.manager;
|
|
||||||
|
|
||||||
Cu.import("resource://testing-common/AppInfo.jsm");
|
|
||||||
updateAppInfo();
|
|
||||||
|
|
||||||
// We must get the profile before performing operations on the cert db.
|
|
||||||
do_get_profile();
|
|
||||||
|
|
||||||
const certdb = Cc["@mozilla.org/security/x509certdb;1"]
|
|
||||||
.getService(Ci.nsIX509CertDB);
|
|
||||||
const reporter = Cc["@mozilla.org/securityreporter;1"]
|
|
||||||
.getService(Ci.nsISecurityReporter);
|
|
||||||
|
|
||||||
|
|
||||||
const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
|
|
||||||
"nsIBinaryInputStream", "setInputStream");
|
|
||||||
|
|
||||||
var server;
|
|
||||||
|
|
||||||
// this allows us to create a callback which checks that a report is as
|
|
||||||
// expected.
|
|
||||||
function getReportCheck(expectReport, expectedError) {
|
|
||||||
return function sendReportWithInfo(transportSecurityInfo) {
|
|
||||||
// register a path handler on the server
|
|
||||||
server.registerPathHandler("/submit/sslreports",
|
|
||||||
function(request, response) {
|
|
||||||
if (expectReport) {
|
|
||||||
let report = JSON.parse(readDataFromRequest(request));
|
|
||||||
do_check_eq(report.errorCode, expectedError);
|
|
||||||
response.setStatusLine(null, 201, "Created");
|
|
||||||
response.write("Created");
|
|
||||||
} else {
|
|
||||||
do_throw("No report should have been received");
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
reporter.reportTLSError(transportSecurityInfo, "example.com", -1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// read the request body from a request
|
|
||||||
function readDataFromRequest(aRequest) {
|
|
||||||
if (aRequest.method == "POST" || aRequest.method == "PUT") {
|
|
||||||
if (aRequest.bodyInputStream) {
|
|
||||||
let inputStream = new BinaryInputStream(aRequest.bodyInputStream);
|
|
||||||
let bytes = [];
|
|
||||||
let available;
|
|
||||||
|
|
||||||
while ((available = inputStream.available()) > 0) {
|
|
||||||
Array.prototype.push.apply(bytes, inputStream.readByteArray(available));
|
|
||||||
}
|
|
||||||
|
|
||||||
return String.fromCharCode.apply(null, bytes);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
function run_test() {
|
|
||||||
// start a report server
|
|
||||||
server = new HttpServer();
|
|
||||||
server.start(-1);
|
|
||||||
|
|
||||||
let port = server.identity.primaryPort;
|
|
||||||
|
|
||||||
// Set the reporting URL to ensure any reports are sent to the test server
|
|
||||||
Services.prefs.setCharPref("security.ssl.errorReporting.url",
|
|
||||||
`http://localhost:${port}/submit/sslreports`);
|
|
||||||
// set strict-mode pinning enforcement so we can cause connection failures.
|
|
||||||
Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2);
|
|
||||||
|
|
||||||
// start a TLS server
|
|
||||||
add_tls_server_setup("BadCertServer", "bad_certs");
|
|
||||||
|
|
||||||
// Add a user-specified trust anchor.
|
|
||||||
addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u");
|
|
||||||
|
|
||||||
|
|
||||||
// Cause a reportable condition with error reporting disabled. No report
|
|
||||||
// should be sent.
|
|
||||||
Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false);
|
|
||||||
add_connection_test("expired.example.com",
|
|
||||||
SEC_ERROR_EXPIRED_CERTIFICATE, null,
|
|
||||||
getReportCheck(false));
|
|
||||||
|
|
||||||
// Now enable reporting
|
|
||||||
add_test(function () {
|
|
||||||
Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true);
|
|
||||||
run_next_test();
|
|
||||||
});
|
|
||||||
|
|
||||||
// test calling the component with no transportSecurityInfo. No report should
|
|
||||||
// be sent even though reporting is enabled.
|
|
||||||
add_test(function() {
|
|
||||||
server.registerPathHandler("/submit/sslreports",
|
|
||||||
function(request, response) {
|
|
||||||
do_throw("No report should be sent");
|
|
||||||
});
|
|
||||||
reporter.reportTLSError(null, "example.com", -1);
|
|
||||||
run_next_test();
|
|
||||||
});
|
|
||||||
|
|
||||||
// Test sending a report with no error. This allows us to check the case
|
|
||||||
// where there is no failed cert chain
|
|
||||||
add_connection_test("good.include-subdomains.pinning.example.com",
|
|
||||||
PRErrorCodeSuccess, null,
|
|
||||||
getReportCheck(true, PRErrorCodeSuccess));
|
|
||||||
|
|
||||||
// Test sending a report where there is an error and a failed cert chain.
|
|
||||||
add_connection_test("expired.example.com",
|
|
||||||
SEC_ERROR_EXPIRED_CERTIFICATE, null,
|
|
||||||
getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE));
|
|
||||||
|
|
||||||
run_next_test();
|
|
||||||
}
|
|
@ -150,6 +150,3 @@ skip-if = toolkit == 'android' || toolkit == 'gonk'
|
|||||||
run-sequentially = hardcoded ports
|
run-sequentially = hardcoded ports
|
||||||
[test_weak_crypto.js]
|
[test_weak_crypto.js]
|
||||||
firefox-appdir = browser
|
firefox-appdir = browser
|
||||||
|
|
||||||
# The TLS error reporting functionality lives in /toolkit but needs tlsserver
|
|
||||||
[test_toolkit_securityreporter.js]
|
|
||||||
|
@ -48,7 +48,6 @@ DIRS += [
|
|||||||
'reader',
|
'reader',
|
||||||
'remotebrowserutils',
|
'remotebrowserutils',
|
||||||
'reflect',
|
'reflect',
|
||||||
'securityreporter',
|
|
||||||
'sqlite',
|
'sqlite',
|
||||||
'startup',
|
'startup',
|
||||||
'statusfilter',
|
'statusfilter',
|
||||||
|
@ -1,112 +0,0 @@
|
|||||||
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
const { classes: Cc, interfaces: Ci, utils: Cu} = Components;
|
|
||||||
|
|
||||||
Cu.importGlobalProperties(['fetch']);
|
|
||||||
|
|
||||||
const { XPCOMUtils } = Cu.import("resource://gre/modules/XPCOMUtils.jsm", {});
|
|
||||||
const protocolHandler = Cc["@mozilla.org/network/protocol;1?name=http"]
|
|
||||||
.getService(Ci.nsIHttpProtocolHandler);
|
|
||||||
const { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
|
|
||||||
|
|
||||||
const TLS_ERROR_REPORT_TELEMETRY_SUCCESS = 6;
|
|
||||||
const TLS_ERROR_REPORT_TELEMETRY_FAILURE = 7;
|
|
||||||
const HISTOGRAM_ID = "TLS_ERROR_REPORT_UI";
|
|
||||||
|
|
||||||
|
|
||||||
XPCOMUtils.defineLazyModuleGetter(this, "UpdateUtils",
|
|
||||||
"resource://gre/modules/UpdateUtils.jsm");
|
|
||||||
|
|
||||||
function getDERString(cert)
|
|
||||||
{
|
|
||||||
var length = {};
|
|
||||||
var derArray = cert.getRawDER(length);
|
|
||||||
var derString = '';
|
|
||||||
for (var i = 0; i < derArray.length; i++) {
|
|
||||||
derString += String.fromCharCode(derArray[i]);
|
|
||||||
}
|
|
||||||
return derString;
|
|
||||||
}
|
|
||||||
|
|
||||||
function SecurityReporter() { }
|
|
||||||
|
|
||||||
SecurityReporter.prototype = {
|
|
||||||
classDescription: "Security reporter component",
|
|
||||||
classID: Components.ID("{8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}"),
|
|
||||||
contractID: "@mozilla.org/securityreporter;1",
|
|
||||||
QueryInterface: XPCOMUtils.generateQI([Ci.nsISecurityReporter]),
|
|
||||||
reportTLSError: function(transportSecurityInfo, hostname, port) {
|
|
||||||
// don't send if there's no transportSecurityInfo (since the report cannot
|
|
||||||
// contain anything of interest)
|
|
||||||
if (!transportSecurityInfo) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// don't send a report if the pref is not enabled
|
|
||||||
if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Don't send a report if the host we're connecting to is the report
|
|
||||||
// server (otherwise we'll get loops when this fails)
|
|
||||||
let endpoint =
|
|
||||||
Services.prefs.getCharPref("security.ssl.errorReporting.url");
|
|
||||||
let reportURI = Services.io.newURI(endpoint, null, null);
|
|
||||||
|
|
||||||
if (reportURI.host == hostname) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Convert the nsIX509CertList into a format that can be parsed into
|
|
||||||
// JSON
|
|
||||||
let asciiCertChain = [];
|
|
||||||
|
|
||||||
if (transportSecurityInfo.failedCertChain) {
|
|
||||||
let certs = transportSecurityInfo.failedCertChain.getEnumerator();
|
|
||||||
while (certs.hasMoreElements()) {
|
|
||||||
let cert = certs.getNext();
|
|
||||||
cert.QueryInterface(Ci.nsIX509Cert);
|
|
||||||
asciiCertChain.push(btoa(getDERString(cert)));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
let report = {
|
|
||||||
hostname: hostname,
|
|
||||||
port: port,
|
|
||||||
timestamp: Math.round(Date.now() / 1000),
|
|
||||||
errorCode: transportSecurityInfo.errorCode,
|
|
||||||
failedCertChain: asciiCertChain,
|
|
||||||
userAgent: protocolHandler.userAgent,
|
|
||||||
version: 1,
|
|
||||||
build: Services.appinfo.appBuildID,
|
|
||||||
product: Services.appinfo.name,
|
|
||||||
channel: UpdateUtils.UpdateChannel
|
|
||||||
}
|
|
||||||
|
|
||||||
fetch(endpoint, {
|
|
||||||
method: "POST",
|
|
||||||
body: JSON.stringify(report),
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/json'
|
|
||||||
}
|
|
||||||
}).then(function (aResponse) {
|
|
||||||
if (!aResponse.ok) {
|
|
||||||
// request returned non-success status
|
|
||||||
Services.telemetry.getHistogramById(HISTOGRAM_ID)
|
|
||||||
.add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
|
|
||||||
} else {
|
|
||||||
Services.telemetry.getHistogramById(HISTOGRAM_ID)
|
|
||||||
.add(TLS_ERROR_REPORT_TELEMETRY_SUCCESS);
|
|
||||||
}
|
|
||||||
}).catch(function (e) {
|
|
||||||
// error making request to reportURL
|
|
||||||
Services.telemetry.getHistogramById(HISTOGRAM_ID)
|
|
||||||
.add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SecurityReporter]);
|
|
@ -1,2 +0,0 @@
|
|||||||
component {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} SecurityReporter.js
|
|
||||||
contract @mozilla.org/securityreporter;1 {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}
|
|
@ -1,16 +0,0 @@
|
|||||||
# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
|
|
||||||
# vim: set filetype=python:
|
|
||||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
||||||
|
|
||||||
XPIDL_MODULE = 'toolkit_securityreporter'
|
|
||||||
|
|
||||||
XPIDL_SOURCES += [
|
|
||||||
'nsISecurityReporter.idl',
|
|
||||||
]
|
|
||||||
|
|
||||||
EXTRA_COMPONENTS += [
|
|
||||||
'SecurityReporter.js',
|
|
||||||
'SecurityReporter.manifest',
|
|
||||||
]
|
|
@ -1,14 +0,0 @@
|
|||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
#include "nsISupports.idl"
|
|
||||||
#include "nsITransportSecurityInfo.idl"
|
|
||||||
|
|
||||||
[scriptable, uuid(8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b)]
|
|
||||||
interface nsISecurityReporter : nsISupports
|
|
||||||
{
|
|
||||||
void reportTLSError(in nsITransportSecurityInfo aSecurityInfo,
|
|
||||||
in AUTF8String aHostname,
|
|
||||||
in long aPort);
|
|
||||||
};
|
|
Loading…
Reference in New Issue
Block a user