From 543c164cdccb881d196372aaba270083a4783775 Mon Sep 17 00:00:00 2001 From: Wes Kocher Date: Fri, 29 Jan 2016 14:57:27 -0800 Subject: [PATCH] Backed out 2 changesets (bug 1241821) for android build bustage CLOSED TREE Backed out changeset ae7246d654c8 (bug 1241821) Backed out changeset bdecb787f1a2 (bug 1241821) --HG-- extra : commitid : HdwYW6HntXi --- b2g/installer/package-manifest.in | 5 - browser/installer/package-manifest.in | 5 - .../b2gdroid/installer/package-manifest.in | 5 - mobile/android/installer/package-manifest.in | 5 - .../unit/test_toolkit_securityreporter.js | 132 ------------------ security/manager/ssl/tests/unit/xpcshell.ini | 3 - toolkit/components/moz.build | 1 - .../securityreporter/SecurityReporter.js | 112 --------------- .../SecurityReporter.manifest | 2 - toolkit/components/securityreporter/moz.build | 16 --- .../securityreporter/nsISecurityReporter.idl | 14 -- 11 files changed, 300 deletions(-) delete mode 100644 security/manager/ssl/tests/unit/test_toolkit_securityreporter.js delete mode 100644 toolkit/components/securityreporter/SecurityReporter.js delete mode 100644 toolkit/components/securityreporter/SecurityReporter.manifest delete mode 100644 toolkit/components/securityreporter/moz.build delete mode 100644 toolkit/components/securityreporter/nsISecurityReporter.idl diff --git a/b2g/installer/package-manifest.in b/b2g/installer/package-manifest.in index eed3fdcd3902..3a2a2d3d92bf 100644 --- a/b2g/installer/package-manifest.in +++ b/b2g/installer/package-manifest.in @@ -325,7 +325,6 @@ @RESPATH@/components/toolkit_finalizationwitness.xpt @RESPATH@/components/toolkit_formautofill.xpt @RESPATH@/components/toolkit_osfile.xpt -@RESPATH@/components/toolkit_securityreporter.xpt #ifdef NIGHTLY_BUILD @RESPATH@/components/toolkit_perfmonitoring.xpt #endif @@ -708,10 +707,6 @@ @RESPATH@/components/PrivateBrowsing.manifest @RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js -; Security Reports -@RESPATH@/components/SecurityReporter.manifest -@RESPATH@/components/SecurityReporter.js - ; Signed Packaged Content @RESPATH@/components/InstallPackagedWebapp.manifest @RESPATH@/components/InstallPackagedWebapp.js diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index b2d7d6e4551c..631a68c9adad 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -319,7 +319,6 @@ @RESPATH@/components/toolkit_finalizationwitness.xpt @RESPATH@/components/toolkit_formautofill.xpt @RESPATH@/components/toolkit_osfile.xpt -@RESPATH@/components/toolkit_securityreporter.xpt #ifdef NIGHTLY_BUILD @RESPATH@/components/toolkit_perfmonitoring.xpt #endif @@ -630,10 +629,6 @@ @RESPATH@/components/PrivateBrowsing.manifest @RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js -; Security Reports -@RESPATH@/components/SecurityReporter.manifest -@RESPATH@/components/SecurityReporter.js - ; Signed Packaged Content @RESPATH@/components/InstallPackagedWebapp.manifest @RESPATH@/components/InstallPackagedWebapp.js diff --git a/mobile/android/b2gdroid/installer/package-manifest.in b/mobile/android/b2gdroid/installer/package-manifest.in index 983ebc659383..2f214ad0771f 100644 --- a/mobile/android/b2gdroid/installer/package-manifest.in +++ b/mobile/android/b2gdroid/installer/package-manifest.in @@ -251,7 +251,6 @@ @BINPATH@/components/toolkit_finalizationwitness.xpt @BINPATH@/components/toolkit_formautofill.xpt @BINPATH@/components/toolkit_osfile.xpt -@RESPATH@/components/toolkit_securityreporter.xpt #ifdef NIGHTLY_BUILD @BINPATH@/components/toolkit_perfmonitoring.xpt #endif @@ -467,10 +466,6 @@ @BINPATH@/components/url-classifier.xpt #endif -; Security Reports -@RESPATH@/components/SecurityReporter.manifest -@RESPATH@/components/SecurityReporter.js - ; [Browser Chrome Files] @BINPATH@/chrome/browser@JAREXT@ @BINPATH@/chrome/browser.manifest diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in index 1b796835cff2..0030384e96be 100644 --- a/mobile/android/installer/package-manifest.in +++ b/mobile/android/installer/package-manifest.in @@ -228,7 +228,6 @@ @BINPATH@/components/toolkit_finalizationwitness.xpt @BINPATH@/components/toolkit_formautofill.xpt @BINPATH@/components/toolkit_osfile.xpt -@RESPATH@/components/toolkit_securityreporter.xpt #ifdef NIGHTLY_BUILD @BINPATH@/components/toolkit_perfmonitoring.xpt #endif @@ -435,10 +434,6 @@ @BINPATH@/components/PrivateBrowsing.manifest @BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js -; Security Reports -@RESPATH@/components/SecurityReporter.manifest -@RESPATH@/components/SecurityReporter.js - ; [Browser Chrome Files] @BINPATH@/chrome/toolkit@JAREXT@ @BINPATH@/chrome/toolkit.manifest diff --git a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js b/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js deleted file mode 100644 index 1c7286a6aca3..000000000000 --- a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js +++ /dev/null @@ -1,132 +0,0 @@ -/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This test is for the TLS error reporting functionality exposed by - * SecurityReporter.js in /toolkit/components/securityreporter. The test is - * here because we make use of the tlsserver functionality that lives with the - * PSM ssl tests. - * - * The testing here will be augmented by the existing mochitests for the - * error reporting functionality in aboutNetError.xhtml and - * aboutCertError.xhtml once these make use of this component. - */ - -"use strict"; -const CC = Components.Constructor; -const Cm = Components.manager; - -Cu.import("resource://testing-common/AppInfo.jsm"); -updateAppInfo(); - -// We must get the profile before performing operations on the cert db. -do_get_profile(); - -const certdb = Cc["@mozilla.org/security/x509certdb;1"] - .getService(Ci.nsIX509CertDB); -const reporter = Cc["@mozilla.org/securityreporter;1"] - .getService(Ci.nsISecurityReporter); - - -const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1", - "nsIBinaryInputStream", "setInputStream"); - -var server; - -// this allows us to create a callback which checks that a report is as -// expected. -function getReportCheck(expectReport, expectedError) { - return function sendReportWithInfo(transportSecurityInfo) { - // register a path handler on the server - server.registerPathHandler("/submit/sslreports", - function(request, response) { - if (expectReport) { - let report = JSON.parse(readDataFromRequest(request)); - do_check_eq(report.errorCode, expectedError); - response.setStatusLine(null, 201, "Created"); - response.write("Created"); - } else { - do_throw("No report should have been received"); - } - }); - - reporter.reportTLSError(transportSecurityInfo, "example.com", -1); - } -} - -// read the request body from a request -function readDataFromRequest(aRequest) { - if (aRequest.method == "POST" || aRequest.method == "PUT") { - if (aRequest.bodyInputStream) { - let inputStream = new BinaryInputStream(aRequest.bodyInputStream); - let bytes = []; - let available; - - while ((available = inputStream.available()) > 0) { - Array.prototype.push.apply(bytes, inputStream.readByteArray(available)); - } - - return String.fromCharCode.apply(null, bytes); - } - } - return null; -} - -function run_test() { - // start a report server - server = new HttpServer(); - server.start(-1); - - let port = server.identity.primaryPort; - - // Set the reporting URL to ensure any reports are sent to the test server - Services.prefs.setCharPref("security.ssl.errorReporting.url", - `http://localhost:${port}/submit/sslreports`); - // set strict-mode pinning enforcement so we can cause connection failures. - Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2); - - // start a TLS server - add_tls_server_setup("BadCertServer", "bad_certs"); - - // Add a user-specified trust anchor. - addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u"); - - - // Cause a reportable condition with error reporting disabled. No report - // should be sent. - Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false); - add_connection_test("expired.example.com", - SEC_ERROR_EXPIRED_CERTIFICATE, null, - getReportCheck(false)); - - // Now enable reporting - add_test(function () { - Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true); - run_next_test(); - }); - - // test calling the component with no transportSecurityInfo. No report should - // be sent even though reporting is enabled. - add_test(function() { - server.registerPathHandler("/submit/sslreports", - function(request, response) { - do_throw("No report should be sent"); - }); - reporter.reportTLSError(null, "example.com", -1); - run_next_test(); - }); - - // Test sending a report with no error. This allows us to check the case - // where there is no failed cert chain - add_connection_test("good.include-subdomains.pinning.example.com", - PRErrorCodeSuccess, null, - getReportCheck(true, PRErrorCodeSuccess)); - - // Test sending a report where there is an error and a failed cert chain. - add_connection_test("expired.example.com", - SEC_ERROR_EXPIRED_CERTIFICATE, null, - getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE)); - - run_next_test(); -} diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini index 2270f32ab9fe..3fa90211e956 100644 --- a/security/manager/ssl/tests/unit/xpcshell.ini +++ b/security/manager/ssl/tests/unit/xpcshell.ini @@ -150,6 +150,3 @@ skip-if = toolkit == 'android' || toolkit == 'gonk' run-sequentially = hardcoded ports [test_weak_crypto.js] firefox-appdir = browser - -# The TLS error reporting functionality lives in /toolkit but needs tlsserver -[test_toolkit_securityreporter.js] diff --git a/toolkit/components/moz.build b/toolkit/components/moz.build index 6923a8d0f60e..309389fef1bb 100644 --- a/toolkit/components/moz.build +++ b/toolkit/components/moz.build @@ -48,7 +48,6 @@ DIRS += [ 'reader', 'remotebrowserutils', 'reflect', - 'securityreporter', 'sqlite', 'startup', 'statusfilter', diff --git a/toolkit/components/securityreporter/SecurityReporter.js b/toolkit/components/securityreporter/SecurityReporter.js deleted file mode 100644 index 9ca1e55466cb..000000000000 --- a/toolkit/components/securityreporter/SecurityReporter.js +++ /dev/null @@ -1,112 +0,0 @@ -/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -const { classes: Cc, interfaces: Ci, utils: Cu} = Components; - -Cu.importGlobalProperties(['fetch']); - -const { XPCOMUtils } = Cu.import("resource://gre/modules/XPCOMUtils.jsm", {}); -const protocolHandler = Cc["@mozilla.org/network/protocol;1?name=http"] - .getService(Ci.nsIHttpProtocolHandler); -const { Services } = Cu.import("resource://gre/modules/Services.jsm", {}); - -const TLS_ERROR_REPORT_TELEMETRY_SUCCESS = 6; -const TLS_ERROR_REPORT_TELEMETRY_FAILURE = 7; -const HISTOGRAM_ID = "TLS_ERROR_REPORT_UI"; - - -XPCOMUtils.defineLazyModuleGetter(this, "UpdateUtils", - "resource://gre/modules/UpdateUtils.jsm"); - -function getDERString(cert) -{ - var length = {}; - var derArray = cert.getRawDER(length); - var derString = ''; - for (var i = 0; i < derArray.length; i++) { - derString += String.fromCharCode(derArray[i]); - } - return derString; -} - -function SecurityReporter() { } - -SecurityReporter.prototype = { - classDescription: "Security reporter component", - classID: Components.ID("{8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}"), - contractID: "@mozilla.org/securityreporter;1", - QueryInterface: XPCOMUtils.generateQI([Ci.nsISecurityReporter]), - reportTLSError: function(transportSecurityInfo, hostname, port) { - // don't send if there's no transportSecurityInfo (since the report cannot - // contain anything of interest) - if (!transportSecurityInfo) { - return; - } - - // don't send a report if the pref is not enabled - if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) { - return; - } - - // Don't send a report if the host we're connecting to is the report - // server (otherwise we'll get loops when this fails) - let endpoint = - Services.prefs.getCharPref("security.ssl.errorReporting.url"); - let reportURI = Services.io.newURI(endpoint, null, null); - - if (reportURI.host == hostname) { - return; - } - - // Convert the nsIX509CertList into a format that can be parsed into - // JSON - let asciiCertChain = []; - - if (transportSecurityInfo.failedCertChain) { - let certs = transportSecurityInfo.failedCertChain.getEnumerator(); - while (certs.hasMoreElements()) { - let cert = certs.getNext(); - cert.QueryInterface(Ci.nsIX509Cert); - asciiCertChain.push(btoa(getDERString(cert))); - } - } - - let report = { - hostname: hostname, - port: port, - timestamp: Math.round(Date.now() / 1000), - errorCode: transportSecurityInfo.errorCode, - failedCertChain: asciiCertChain, - userAgent: protocolHandler.userAgent, - version: 1, - build: Services.appinfo.appBuildID, - product: Services.appinfo.name, - channel: UpdateUtils.UpdateChannel - } - - fetch(endpoint, { - method: "POST", - body: JSON.stringify(report), - headers: { - 'Content-Type': 'application/json' - } - }).then(function (aResponse) { - if (!aResponse.ok) { - // request returned non-success status - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE); - } else { - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_SUCCESS); - } - }).catch(function (e) { - // error making request to reportURL - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE); - }); - } -}; - -this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SecurityReporter]); diff --git a/toolkit/components/securityreporter/SecurityReporter.manifest b/toolkit/components/securityreporter/SecurityReporter.manifest deleted file mode 100644 index d4e080dc7cd9..000000000000 --- a/toolkit/components/securityreporter/SecurityReporter.manifest +++ /dev/null @@ -1,2 +0,0 @@ -component {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} SecurityReporter.js -contract @mozilla.org/securityreporter;1 {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} diff --git a/toolkit/components/securityreporter/moz.build b/toolkit/components/securityreporter/moz.build deleted file mode 100644 index 447033be2ebb..000000000000 --- a/toolkit/components/securityreporter/moz.build +++ /dev/null @@ -1,16 +0,0 @@ -# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -XPIDL_MODULE = 'toolkit_securityreporter' - -XPIDL_SOURCES += [ - 'nsISecurityReporter.idl', -] - -EXTRA_COMPONENTS += [ - 'SecurityReporter.js', - 'SecurityReporter.manifest', -] diff --git a/toolkit/components/securityreporter/nsISecurityReporter.idl b/toolkit/components/securityreporter/nsISecurityReporter.idl deleted file mode 100644 index 462dd1e480e2..000000000000 --- a/toolkit/components/securityreporter/nsISecurityReporter.idl +++ /dev/null @@ -1,14 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsISupports.idl" -#include "nsITransportSecurityInfo.idl" - -[scriptable, uuid(8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b)] -interface nsISecurityReporter : nsISupports -{ - void reportTLSError(in nsITransportSecurityInfo aSecurityInfo, - in AUTF8String aHostname, - in long aPort); -};