From 924133a90dd1a46e1ee062c2e446130b255c9cb4 Mon Sep 17 00:00:00 2001 From: Martin Stransky Date: Fri, 19 Aug 2016 12:01:30 +0200 Subject: Update to 48.0.1, Added fix for mozbz#1291700 - Since latest release NTLM/SPNEGO no longer works --- .gitignore | 2 ++ firefox.spec | 13 +++++-- mozilla-1291700.patch | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++ sources | 4 +-- 4 files changed, 107 insertions(+), 5 deletions(-) create mode 100644 mozilla-1291700.patch diff --git a/.gitignore b/.gitignore index ce38cc4..70d060b 100644 --- a/.gitignore +++ b/.gitignore @@ -202,3 +202,5 @@ firefox-3.6.4.source.tar.bz2 /firefox-langpacks-48.0-20160726.tar.xz /firefox-48.0.source.tar.xz /firefox-langpacks-48.0-20160727.tar.xz +/firefox-langpacks-48.0.1-20160819.tar.xz +/firefox-48.0.1.source.tar.xz diff --git a/firefox.spec b/firefox.spec index 4505157..d7cbefa 100644 --- a/firefox.spec +++ b/firefox.spec @@ -85,8 +85,8 @@ Summary: Mozilla Firefox Web browser Name: firefox -Version: 48.0 -Release: 6%{?pre_tag}%{?dist} +Version: 48.0.1 +Release: 1%{?pre_tag}%{?dist} URL: https://www.mozilla.org/firefox/ License: MPLv1.1 or GPLv2+ or LGPLv2+ Group: Applications/Internet @@ -135,6 +135,7 @@ Patch406: mozilla-256180.patch Patch407: mozilla-890908-async-nego.patch Patch408: mozilla-1272332.patch Patch409: mozilla-1225044.patch +Patch410: mozilla-1291700.patch # Debian patches Patch500: mozilla-440908.patch @@ -279,6 +280,7 @@ cd %{tarballdir} %patch407 -p1 -b .890908-async-nego %patch408 -p1 -b .1272332 %patch409 -p1 -b .1225044 +%patch410 -p1 -b .1291700 # Debian extension patch %patch500 -p1 -b .440908 @@ -773,7 +775,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %exclude %{_libdir}/firefox-devel-%{version} %exclude %{_datadir}/idl %if !%{?system_nss} -%{mozappdir}/libfreebl3.chk +%{mozappdir}/libfreeblpriv3.chk %{mozappdir}/libnssdbm3.chk %{mozappdir}/libsoftokn3.chk %endif @@ -781,6 +783,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #--------------------------------------------------------------------- %changelog +* Fri Aug 19 2016 Martin Stransky - 48.0.1-1 +- Update to 48.0.1 +- Added fix for mozbz#1291700 - Since latest release NTLM/SPNEGO + no longer works + * Wed Aug 17 2016 Martin Stransky - 48.0-6 - Added patch for mozbz#1225044 - gtk3 rendering glitches diff --git a/mozilla-1291700.patch b/mozilla-1291700.patch new file mode 100644 index 0000000..0b0b3ba --- /dev/null +++ b/mozilla-1291700.patch @@ -0,0 +1,93 @@ +# HG changeset patch +# User Honza Bambas +# Parent 069612b7e7c93f79394fc40bc24c1e354de7a3e5 +Bug 1291700 - Allow negotiate/ntml to work when in the 'Never remember history' mode, r=jduell + +diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp +--- a/extensions/auth/nsHttpNegotiateAuth.cpp ++++ b/extensions/auth/nsHttpNegotiateAuth.cpp +@@ -60,17 +60,37 @@ static const char kNegotiateAuthSSPI[] = + //----------------------------------------------------------------------------- + + // Return false when the channel comes from a Private browsing window. + static bool + TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel) + { + nsCOMPtr bareChannel = do_QueryInterface(authChannel); + MOZ_ASSERT(bareChannel); +- return !NS_UsePrivateBrowsing(bareChannel); ++ ++ if (!NS_UsePrivateBrowsing(bareChannel)) { ++ return true; ++ } ++ ++ nsCOMPtr prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); ++ if (!prefs) { ++ return true; ++ } ++ ++ // When the "Never remember history" option is set, all channels are ++ // set PB mode flag, but here we want to make an exception, users ++ // want their credentials go out. ++ bool dontRememberHistory; ++ if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart", ++ &dontRememberHistory)) && ++ dontRememberHistory) { ++ return true; ++ } ++ ++ return false; + } + + NS_IMETHODIMP + nsHttpNegotiateAuth::GetAuthFlags(uint32_t *flags) + { + // + // Negotiate Auth creds should not be reused across multiple requests. + // Only perform the negotiation when it is explicitly requested by the +diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp +--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp ++++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp +@@ -182,28 +182,38 @@ ForceGenericNTLM() + return flag; + } + + // Check to see if we should use default credentials for this host or proxy. + static bool + CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel, + bool isProxyAuth) + { ++ nsCOMPtr prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); ++ + // Prevent using default credentials for authentication when we are in the + // private browsing mode. It would cause a privacy data leak. + nsCOMPtr bareChannel = do_QueryInterface(channel); + MOZ_ASSERT(bareChannel); ++ + if (NS_UsePrivateBrowsing(bareChannel)) { ++ // But allow when in the "Never remember history" mode. ++ bool dontRememberHistory; ++ if (prefs && ++ NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart", ++ &dontRememberHistory)) && ++ !dontRememberHistory) { ++ return false; ++ } ++ } ++ ++ if (!prefs) { + return false; + } + +- nsCOMPtr prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); +- if (!prefs) +- return false; +- + if (isProxyAuth) { + bool val; + if (NS_FAILED(prefs->GetBoolPref(kAllowProxies, &val))) + val = false; + LOG(("Default credentials allowed for proxy: %d\n", val)); + return val; + } + diff --git a/sources b/sources index a4fcc2f..2603180 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -df52f6cfdf98e10b3f036479f38406c4 firefox-48.0.source.tar.xz -be99fdaebb501a70c03cee3a49f716b1 firefox-langpacks-48.0-20160727.tar.xz +892a534ca51f5d21d658d1d1fc08e8c5 firefox-langpacks-48.0.1-20160819.tar.xz +8c09b6cbf13ce13aa57d87175da997f4 firefox-48.0.1.source.tar.xz -- cgit