Update to 48.0.1, Added fix for mozbz#1291700 - Since latest release NTLM/SPNEGO no longer works

1 files changed, 93 insertions, 0 deletions

diff --git a/mozilla-1291700.patch b/mozilla-1291700.patch
new file mode 100644
index 0000000..0b0b3ba
--- /dev/null
+++ b/mozilla-1291700.patch
@@ -0,0 +1,93 @@
+# HG changeset patch
+# User Honza Bambas <honzab.moz@firemni.cz>
+# Parent  069612b7e7c93f79394fc40bc24c1e354de7a3e5
+Bug 1291700 - Allow negotiate/ntml to work when in the 'Never remember history' mode, r=jduell
+
+diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp
+--- a/extensions/auth/nsHttpNegotiateAuth.cpp
++++ b/extensions/auth/nsHttpNegotiateAuth.cpp
+@@ -60,17 +60,37 @@ static const char kNegotiateAuthSSPI[] =
+ //-----------------------------------------------------------------------------
+ 
+ // Return false when the channel comes from a Private browsing window.
+ static bool
+ TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel)
+ {
+     nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(authChannel);
+     MOZ_ASSERT(bareChannel);
+-    return !NS_UsePrivateBrowsing(bareChannel);
++
++    if (!NS_UsePrivateBrowsing(bareChannel)) {
++        return true;
++    }
++
++    nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
++    if (!prefs) {
++        return true;
++    }
++
++    // When the "Never remember history" option is set, all channels are
++    // set PB mode flag, but here we want to make an exception, users
++    // want their credentials go out.
++    bool dontRememberHistory;
++    if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
++                                        &dontRememberHistory)) &&
++        dontRememberHistory) {
++        return true;
++    }
++
++    return false;
+ }
+ 
+ NS_IMETHODIMP
+ nsHttpNegotiateAuth::GetAuthFlags(uint32_t *flags)
+ {
+     //
+     // Negotiate Auth creds should not be reused across multiple requests.
+     // Only perform the negotiation when it is explicitly requested by the
+diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
++++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+@@ -182,28 +182,38 @@ ForceGenericNTLM()
+     return flag;
+ }
+ 
+ // Check to see if we should use default credentials for this host or proxy.
+ static bool
+ CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
+                          bool isProxyAuth)
+ {
++    nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
++
+     // Prevent using default credentials for authentication when we are in the
+     // private browsing mode.  It would cause a privacy data leak.
+     nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(channel);
+     MOZ_ASSERT(bareChannel);
++
+     if (NS_UsePrivateBrowsing(bareChannel)) {
++        // But allow when in the "Never remember history" mode.
++        bool dontRememberHistory;
++        if (prefs &&
++            NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
++                                            &dontRememberHistory)) &&
++            !dontRememberHistory) {
++            return false;
++        }
++    }
++
++    if (!prefs) {
+         return false;
+     }
+ 
+-    nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
+-    if (!prefs)
+-        return false;
+-
+     if (isProxyAuth) {
+         bool val;
+         if (NS_FAILED(prefs->GetBoolPref(kAllowProxies, &val)))
+             val = false;
+         LOG(("Default credentials allowed for proxy: %d\n", val));
+         return val;
+     }
+