Update to 48.0.1, Added fix for mozbz#1291700 - Since latest release NTLM/SPNEGO no longer works

This commit is contained in:
Martin Stransky 2016-08-19 12:01:30 +02:00
parent 7029bb409d
commit 924133a90d
4 changed files with 107 additions and 5 deletions

2
.gitignore vendored
View File

@ -202,3 +202,5 @@ firefox-3.6.4.source.tar.bz2
/firefox-langpacks-48.0-20160726.tar.xz
/firefox-48.0.source.tar.xz
/firefox-langpacks-48.0-20160727.tar.xz
/firefox-langpacks-48.0.1-20160819.tar.xz
/firefox-48.0.1.source.tar.xz

View File

@ -85,8 +85,8 @@
Summary: Mozilla Firefox Web browser
Name: firefox
Version: 48.0
Release: 6%{?pre_tag}%{?dist}
Version: 48.0.1
Release: 1%{?pre_tag}%{?dist}
URL: https://www.mozilla.org/firefox/
License: MPLv1.1 or GPLv2+ or LGPLv2+
Group: Applications/Internet
@ -135,6 +135,7 @@ Patch406: mozilla-256180.patch
Patch407: mozilla-890908-async-nego.patch
Patch408: mozilla-1272332.patch
Patch409: mozilla-1225044.patch
Patch410: mozilla-1291700.patch
# Debian patches
Patch500: mozilla-440908.patch
@ -279,6 +280,7 @@ cd %{tarballdir}
%patch407 -p1 -b .890908-async-nego
%patch408 -p1 -b .1272332
%patch409 -p1 -b .1225044
%patch410 -p1 -b .1291700
# Debian extension patch
%patch500 -p1 -b .440908
@ -773,7 +775,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%exclude %{_libdir}/firefox-devel-%{version}
%exclude %{_datadir}/idl
%if !%{?system_nss}
%{mozappdir}/libfreebl3.chk
%{mozappdir}/libfreeblpriv3.chk
%{mozappdir}/libnssdbm3.chk
%{mozappdir}/libsoftokn3.chk
%endif
@ -781,6 +783,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
#---------------------------------------------------------------------
%changelog
* Fri Aug 19 2016 Martin Stransky <stransky@redhat.com> - 48.0.1-1
- Update to 48.0.1
- Added fix for mozbz#1291700 - Since latest release NTLM/SPNEGO
no longer works
* Wed Aug 17 2016 Martin Stransky <stransky@redhat.com> - 48.0-6
- Added patch for mozbz#1225044 - gtk3 rendering glitches

93
mozilla-1291700.patch Normal file
View File

@ -0,0 +1,93 @@
# HG changeset patch
# User Honza Bambas <honzab.moz@firemni.cz>
# Parent 069612b7e7c93f79394fc40bc24c1e354de7a3e5
Bug 1291700 - Allow negotiate/ntml to work when in the 'Never remember history' mode, r=jduell
diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -60,17 +60,37 @@ static const char kNegotiateAuthSSPI[] =
//-----------------------------------------------------------------------------
// Return false when the channel comes from a Private browsing window.
static bool
TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel)
{
nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(authChannel);
MOZ_ASSERT(bareChannel);
- return !NS_UsePrivateBrowsing(bareChannel);
+
+ if (!NS_UsePrivateBrowsing(bareChannel)) {
+ return true;
+ }
+
+ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
+ if (!prefs) {
+ return true;
+ }
+
+ // When the "Never remember history" option is set, all channels are
+ // set PB mode flag, but here we want to make an exception, users
+ // want their credentials go out.
+ bool dontRememberHistory;
+ if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
+ &dontRememberHistory)) &&
+ dontRememberHistory) {
+ return true;
+ }
+
+ return false;
}
NS_IMETHODIMP
nsHttpNegotiateAuth::GetAuthFlags(uint32_t *flags)
{
//
// Negotiate Auth creds should not be reused across multiple requests.
// Only perform the negotiation when it is explicitly requested by the
diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
@@ -182,28 +182,38 @@ ForceGenericNTLM()
return flag;
}
// Check to see if we should use default credentials for this host or proxy.
static bool
CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
bool isProxyAuth)
{
+ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
+
// Prevent using default credentials for authentication when we are in the
// private browsing mode. It would cause a privacy data leak.
nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(channel);
MOZ_ASSERT(bareChannel);
+
if (NS_UsePrivateBrowsing(bareChannel)) {
+ // But allow when in the "Never remember history" mode.
+ bool dontRememberHistory;
+ if (prefs &&
+ NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
+ &dontRememberHistory)) &&
+ !dontRememberHistory) {
+ return false;
+ }
+ }
+
+ if (!prefs) {
return false;
}
- nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
- if (!prefs)
- return false;
-
if (isProxyAuth) {
bool val;
if (NS_FAILED(prefs->GetBoolPref(kAllowProxies, &val)))
val = false;
LOG(("Default credentials allowed for proxy: %d\n", val));
return val;
}

View File

@ -1,2 +1,2 @@
df52f6cfdf98e10b3f036479f38406c4 firefox-48.0.source.tar.xz
be99fdaebb501a70c03cee3a49f716b1 firefox-langpacks-48.0-20160727.tar.xz
892a534ca51f5d21d658d1d1fc08e8c5 firefox-langpacks-48.0.1-20160819.tar.xz
8c09b6cbf13ce13aa57d87175da997f4 firefox-48.0.1.source.tar.xz