From ddfd498b4bd69fe172b180d53f16f9922aa3a6ff Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Sat, 2 Jul 2022 12:25:57 +0200 Subject: libre/iceweasel: 102.0 --- ...FSDG-sync-remote-settings-with-local-dump.patch | 260 +++++++++++---------- libre/iceweasel/PKGBUILD | 23 +- libre/iceweasel/zstandard-0.18.0.diff | 10 + 3 files changed, 159 insertions(+), 134 deletions(-) create mode 100644 libre/iceweasel/zstandard-0.18.0.diff diff --git a/libre/iceweasel/9001-FSDG-sync-remote-settings-with-local-dump.patch b/libre/iceweasel/9001-FSDG-sync-remote-settings-with-local-dump.patch index c46d90f51..08ab1e2e8 100644 --- a/libre/iceweasel/9001-FSDG-sync-remote-settings-with-local-dump.patch +++ b/libre/iceweasel/9001-FSDG-sync-remote-settings-with-local-dump.patch @@ -1,4 +1,4 @@ -From bec8749011d7dba665eace92557f9d36b36c3060 Mon Sep 17 00:00:00 2001 +From e2e22a52ee5e5cf9f7c55854b828bb65a919b563 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:20:39 +0200 Subject: [PATCH 01/13] Point to local omni.ja files, not remote server @@ -24,12 +24,12 @@ If necessary, missing files can be added later. --- .../components/ASRouterAdmin/ASRouterAdmin.jsx | 2 +- .../newtab/data/content/activity-stream.bundle.js | 2 +- - modules/libpref/init/all.js | 2 +- - services/settings/Utils.jsm | 4 ++-- + services/settings/Utils.jsm | 2 +- .../periodic-updates/scripts/periodic_file_updates.sh | 2 +- toolkit/components/search/SearchUtils.jsm | 8 ++++---- toolkit/components/search/docs/DefaultSearchEngines.rst | 2 +- .../components/search/docs/SearchEngineConfiguration.rst | 2 +- + toolkit/modules/AppConstants.jsm | 4 ++-- toolkit/mozapps/defaultagent/RemoteSettings.cpp | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) @@ -47,11 +47,11 @@ index 0a9da8d804..fdc387aa63 100644 > nimbus-desktop-experiments diff --git a/browser/components/newtab/data/content/activity-stream.bundle.js b/browser/components/newtab/data/content/activity-stream.bundle.js -index 6e7cc5e33d..f2b4f3fcc9 100644 +index 3439547610..e4b170454c 100644 --- a/browser/components/newtab/data/content/activity-stream.bundle.js +++ b/browser/components/newtab/data/content/activity-stream.bundle.js -@@ -1819,7 +1819,7 @@ class ASRouterAdminInner extends react__WEBPACK_IMPORTED_MODULE_3___default.a.Pu - label = /*#__PURE__*/react__WEBPACK_IMPORTED_MODULE_3___default.a.createElement("span", null, "remote settings (", /*#__PURE__*/react__WEBPACK_IMPORTED_MODULE_3___default.a.createElement("a", { +@@ -1577,7 +1577,7 @@ class ASRouterAdminInner extends (external_React_default()).PureComponent { + label = /*#__PURE__*/external_React_default().createElement("span", null, "remote settings (", /*#__PURE__*/external_React_default().createElement("a", { className: "providerUrl", target: "_blank", - href: "https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/records", @@ -59,29 +59,12 @@ index 6e7cc5e33d..f2b4f3fcc9 100644 rel: "noopener noreferrer" }, "nimbus-desktop-experiments"), ")"); } -diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js -index 651d38c0e2..cb72224e1b 100644 ---- a/modules/libpref/init/all.js -+++ b/modules/libpref/init/all.js -@@ -2198,7 +2198,7 @@ pref("security.insecure_field_warning.ignore_local_ip_address", true); - // Remote settings preferences - // Note: if you change this, make sure to also review security.onecrl.maximum_staleness_in_seconds - pref("services.settings.poll_interval", 86400); // 24H --pref("services.settings.server", "https://firefox.settings.services.mozilla.com/v1"); -+pref("services.settings.server", "resource://app/defaults/settings"); - pref("services.settings.default_bucket", "main"); - - // The percentage of clients who will report uptake telemetry as diff --git a/services/settings/Utils.jsm b/services/settings/Utils.jsm -index f91e5dcb67..c09c58e693 100644 +index 31ad77d286..9f2e97f14c 100644 --- a/services/settings/Utils.jsm +++ b/services/settings/Utils.jsm -@@ -90,10 +90,10 @@ var Utils = { - get SERVER_URL() { - return allowServerURLOverride - ? gServerURL -- : "https://firefox.settings.services.mozilla.com/v1"; -+ : "resource://app/defaults/settings"; +@@ -106,7 +106,7 @@ var Utils = { + : AppConstants.REMOTE_SETTINGS_SERVER_URL; }, - CHANGES_PATH: "/buckets/monitor/collections/changes/changeset", @@ -90,7 +73,7 @@ index f91e5dcb67..c09c58e693 100644 /** * Logger instance. diff --git a/taskcluster/docker/periodic-updates/scripts/periodic_file_updates.sh b/taskcluster/docker/periodic-updates/scripts/periodic_file_updates.sh -index 191d3d563b..49fb961be2 100755 +index 3bc70462c4..dc9592c9fa 100755 --- a/taskcluster/docker/periodic-updates/scripts/periodic_file_updates.sh +++ b/taskcluster/docker/periodic-updates/scripts/periodic_file_updates.sh @@ -285,7 +285,7 @@ function compare_suffix_lists { @@ -103,10 +86,10 @@ index 191d3d563b..49fb961be2 100755 # 1. List remote settings collections from server. echo "INFO: fetch remote settings list from server" diff --git a/toolkit/components/search/SearchUtils.jsm b/toolkit/components/search/SearchUtils.jsm -index 41d2a23e55..e123f3f392 100644 +index 0bf60e5f16..5561b885f6 100644 --- a/toolkit/components/search/SearchUtils.jsm +++ b/toolkit/components/search/SearchUtils.jsm -@@ -159,13 +159,13 @@ var SearchUtils = { +@@ -158,13 +158,13 @@ var SearchUtils = { ENGINES_URLS: { "prod-main": @@ -125,7 +108,7 @@ index 41d2a23e55..e123f3f392 100644 // The following constants are left undocumented in nsISearchService.idl diff --git a/toolkit/components/search/docs/DefaultSearchEngines.rst b/toolkit/components/search/docs/DefaultSearchEngines.rst -index 1506af2913..5f43ff26f3 100644 +index 3dfe68abb1..26d5f18a7b 100644 --- a/toolkit/components/search/docs/DefaultSearchEngines.rst +++ b/toolkit/components/search/docs/DefaultSearchEngines.rst @@ -99,4 +99,4 @@ is updated. @@ -135,7 +118,7 @@ index 1506af2913..5f43ff26f3 100644 -.. _search-default-override-allowlist bucket: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-default-override-allowlist/records +.. _search-default-override-allowlist bucket: resource://app/defaults/settings/main/search-default-override-allowlist.json diff --git a/toolkit/components/search/docs/SearchEngineConfiguration.rst b/toolkit/components/search/docs/SearchEngineConfiguration.rst -index e9041affb8..7a9466d294 100644 +index c782f9f7c3..4d773d27c5 100644 --- a/toolkit/components/search/docs/SearchEngineConfiguration.rst +++ b/toolkit/components/search/docs/SearchEngineConfiguration.rst @@ -68,5 +68,5 @@ related. As a result several situations may occur: @@ -145,6 +128,22 @@ index e9041affb8..7a9466d294 100644 -.. _viewed live: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records +.. _viewed live: resource://app/defaults/settings/main/search-config.json .. _Normandy: /toolkit/components/normandy/normandy/services.html +diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm +index 7f8ac95dd9..fc34169ea5 100644 +--- a/toolkit/modules/AppConstants.jsm ++++ b/toolkit/modules/AppConstants.jsm +@@ -420,9 +420,9 @@ this.AppConstants = Object.freeze({ + + REMOTE_SETTINGS_SERVER_URL: + #ifdef MOZ_THUNDERBIRD +- "https://thunderbird-settings.thunderbird.net/v1", ++ "resource://app/defaults/settings", + #else +- "https://firefox.settings.services.mozilla.com/v1", ++ "resource://app/defaults/settings", + #endif + + REMOTE_SETTINGS_VERIFY_SIGNATURE: diff --git a/toolkit/mozapps/defaultagent/RemoteSettings.cpp b/toolkit/mozapps/defaultagent/RemoteSettings.cpp index 667d9fc628..b2bf628f29 100644 --- a/toolkit/mozapps/defaultagent/RemoteSettings.cpp @@ -159,10 +158,10 @@ index 667d9fc628..b2bf628f29 100644 #define PROD_CID "windows-default-browser-agent" #define PROD_ID "state" -- -2.35.1 +2.37.0 -From 99e7bd7760ebcd68575d19761d35a6db20ac8b48 Mon Sep 17 00:00:00 2001 +From 9329ba8b85b542759a089818d70ba86d0a5b9a60 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:34:08 +0200 Subject: [PATCH 02/13] Remove polling triggered by push broadcasts @@ -179,10 +178,10 @@ service. 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/dom/push/PushBroadcastService.jsm b/dom/push/PushBroadcastService.jsm -index aa1504211d..d635a2c3aa 100644 +index 1ee7986f6a..db73413b1a 100644 --- a/dom/push/PushBroadcastService.jsm +++ b/dom/push/PushBroadcastService.jsm -@@ -178,6 +178,19 @@ var BroadcastService = class { +@@ -179,6 +179,19 @@ var BroadcastService = class { } } @@ -203,10 +202,10 @@ index aa1504211d..d635a2c3aa 100644 * Call the listeners of the specified broadcasts. * diff --git a/services/settings/remote-settings.js b/services/settings/remote-settings.js -index 4307597351..64cad55929 100644 +index f7e8e24748..57d11d71b3 100644 --- a/services/settings/remote-settings.js +++ b/services/settings/remote-settings.js -@@ -446,7 +446,7 @@ function remoteSettingsFunction() { +@@ -533,7 +533,7 @@ function remoteSettingsFunction() { moduleURI: __URI__, symbolName: "remoteSettingsBroadcastHandler", }; @@ -215,7 +214,7 @@ index 4307597351..64cad55929 100644 }; return remoteSettings; -@@ -466,9 +466,6 @@ var remoteSettingsBroadcastHandler = { +@@ -553,9 +553,6 @@ var remoteSettingsBroadcastHandler = { `Push notification received (version=${version} phase=${phase})` ); @@ -227,10 +226,10 @@ index 4307597351..64cad55929 100644 }, }; -- -2.35.1 +2.37.0 -From 52e9a179bc94e96fd8959b5fea9884ef9aa5fe77 Mon Sep 17 00:00:00 2001 +From 11631dd36d3eeecc5f22171d5e059fbe7662c77c Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:41:54 +0200 Subject: [PATCH 03/13] Remove timer that triggers polling for changes @@ -271,10 +270,10 @@ index 3bfed26ea4..807eb220ec 100644 -# see syntax https://searchfox.org/mozilla-central/rev/cc280c4be94ff8cf64a27cc9b3d6831ffa49fa45/toolkit/components/timermanager/UpdateTimerManager.jsm#155 -category update-timer RemoteSettingsComponents @mozilla.org/services/settings;1,getService,services-settings-poll-changes,services.settings.poll_interval,86400,259200 -- -2.35.1 +2.37.0 -From 04b7e9a6af031487d55eef867e581eb68c4d07c9 Mon Sep 17 00:00:00 2001 +From d720d5680fa97ad53998b6050bc28df4503f0c39 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:47:41 +0200 Subject: [PATCH 04/13] Utils: fetch timestamps of each collection locally @@ -286,10 +285,10 @@ timestamps from that file and mock response headers to not confuse any code that expects them. --- browser/installer/package-manifest.in | 1 + - services/settings/Utils.jsm | 17 ++++++++++++++--- + services/settings/Utils.jsm | 18 +++++++++++++++--- services/settings/dumps/monitor/moz.build | 8 ++++++++ services/settings/dumps/moz.build | 1 + - 4 files changed, 24 insertions(+), 3 deletions(-) + 4 files changed, 25 insertions(+), 3 deletions(-) create mode 100644 services/settings/dumps/monitor/moz.build diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in @@ -305,10 +304,10 @@ index 73a41dc25b..04c2a3fb6a 100644 ; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325) diff --git a/services/settings/Utils.jsm b/services/settings/Utils.jsm -index c09c58e693..f5605b1b16 100644 +index 9f2e97f14c..4e140f0fdd 100644 --- a/services/settings/Utils.jsm +++ b/services/settings/Utils.jsm -@@ -300,7 +300,7 @@ var Utils = { +@@ -377,7 +377,7 @@ var Utils = { async fetchLatestChanges(serverUrl, options = {}) { const { expectedTimestamp, lastEtag = "", filters = {} } = options; @@ -317,7 +316,7 @@ index c09c58e693..f5605b1b16 100644 const params = { ...filters, _expected: expectedTimestamp ?? 0, -@@ -315,7 +315,11 @@ var Utils = { +@@ -392,7 +392,11 @@ var Utils = { .map(([k, v]) => `${k}=${encodeURIComponent(v)}`) .join("&"); } @@ -330,7 +329,7 @@ index c09c58e693..f5605b1b16 100644 if (response.status >= 500) { throw new Error(`Server error ${response.status} ${response.statusText}`); -@@ -350,7 +353,15 @@ var Utils = { +@@ -427,7 +431,15 @@ var Utils = { } } @@ -349,7 +348,7 @@ index c09c58e693..f5605b1b16 100644 // Since the response is served via a CDN, the Date header value could have been cached. diff --git a/services/settings/dumps/monitor/moz.build b/services/settings/dumps/monitor/moz.build new file mode 100644 -index 0000000000..d3d017fda5 +index 0000000000..25c53a2eeb --- /dev/null +++ b/services/settings/dumps/monitor/moz.build @@ -0,0 +1,8 @@ @@ -374,10 +373,10 @@ index f407580bfa..53e9d8b45e 100644 ] -- -2.35.1 +2.37.0 -From d2b5ce3db6af3e000f9ab7a10b2608e77cde0067 Mon Sep 17 00:00:00 2001 +From 98496943d01589201771f69e14ba6b3cb7395e48 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:52:10 +0200 Subject: [PATCH 05/13] Utils: disable offline checking @@ -389,10 +388,10 @@ current and any future code that relies on it. 1 file changed, 9 deletions(-) diff --git a/services/settings/Utils.jsm b/services/settings/Utils.jsm -index f5605b1b16..cd189f1500 100644 +index 4e140f0fdd..5d448da54c 100644 --- a/services/settings/Utils.jsm +++ b/services/settings/Utils.jsm -@@ -109,15 +109,6 @@ var Utils = { +@@ -192,15 +192,6 @@ var Utils = { * @return {bool} Whether network is down or not. */ get isOffline() { @@ -409,10 +408,10 @@ index f5605b1b16..cd189f1500 100644 }, -- -2.35.1 +2.37.0 -From 588cd28c3cd000501be66af573ac136e55d7e1ea Mon Sep 17 00:00:00 2001 +From 738c1836a53ead5253ab3e0f9750aec94192dff0 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 17:56:02 +0200 Subject: [PATCH 06/13] Refactor hashing logic to a separate function @@ -440,7 +439,7 @@ index 147ebb6b13..c86e218fd3 100644 // Now, first add a shutdown blocker. If that fails, we must have diff --git a/services/settings/SharedUtils.jsm b/services/settings/SharedUtils.jsm -index db5017a742..1a8e83c2e8 100644 +index 5d32fb38bd..753a1b1393 100644 --- a/services/settings/SharedUtils.jsm +++ b/services/settings/SharedUtils.jsm @@ -28,11 +28,16 @@ var SharedUtils = { @@ -463,10 +462,10 @@ index db5017a742..1a8e83c2e8 100644 /** -- -2.35.1 +2.37.0 -From bce803bdb3e4f7203042454c65c386db6f385439 Mon Sep 17 00:00:00 2001 +From fa07a0a3fbd62a0d973a4ca07fdc3a5cf2209841 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 18:05:02 +0200 Subject: [PATCH 07/13] Client: Fetch and hash records from local dump @@ -497,14 +496,14 @@ the upgrade to local-only setup. [1] https://firefox-source-docs.mozilla.org/services/common/services/RemoteSettings.html#initial-data --- - services/settings/RemoteSettingsClient.jsm | 62 ++++++++++------------ - 1 file changed, 27 insertions(+), 35 deletions(-) + services/settings/RemoteSettingsClient.jsm | 63 ++++++++++------------ + 1 file changed, 27 insertions(+), 36 deletions(-) diff --git a/services/settings/RemoteSettingsClient.jsm b/services/settings/RemoteSettingsClient.jsm -index bd3fddbcf2..1c9dd2378f 100644 +index eee1487491..90e82772c4 100644 --- a/services/settings/RemoteSettingsClient.jsm +++ b/services/settings/RemoteSettingsClient.jsm -@@ -587,11 +587,9 @@ class RemoteSettingsClient extends EventEmitter { +@@ -592,11 +592,9 @@ class RemoteSettingsClient extends EventEmitter { // If the data is up-to-date but don't have metadata (records loaded from dump), // we fetch them and validate the signature immediately. @@ -518,10 +517,10 @@ index bd3fddbcf2..1c9dd2378f 100644 await this.db.importChanges(metadata); // We don't bother validating the signature if the dump was just loaded. We do // if the dump was loaded at some other point (eg. from .get()). -@@ -844,32 +842,23 @@ class RemoteSettingsClient extends EventEmitter { +@@ -825,33 +823,23 @@ class RemoteSettingsClient extends EventEmitter { + * @returns {Promise} + */ async _validateCollectionSignature(records, timestamp, metadata) { - const start = Cu.now() * 1000; - - if (!metadata?.signature) { + if (!metadata?.json_dump_metadata) { throw new MissingSignatureError(this.identifier); @@ -549,7 +548,8 @@ index bd3fddbcf2..1c9dd2378f 100644 - serialized, - "p384ecdsa=" + signature, - certChain, -- this.signerName +- this.signerName, +- Utils.CERT_CHAIN_ROOT_IDENTIFIER + !(await RemoteSettingsWorker.checkContentHash( + new TextEncoder().encode(serialized), + size, @@ -557,7 +557,7 @@ index bd3fddbcf2..1c9dd2378f 100644 )) ) { throw new InvalidSignatureError(this.identifier); -@@ -1061,24 +1050,27 @@ class RemoteSettingsClient extends EventEmitter { +@@ -1024,24 +1012,27 @@ class RemoteSettingsClient extends EventEmitter { * @param since timestamp of last sync (optional) */ async _fetchChangeset(expectedTimestamp, since) { @@ -602,10 +602,10 @@ index bd3fddbcf2..1c9dd2378f 100644 remoteRecords, }; -- -2.35.1 +2.37.0 -From dd4897ba2ece2d0deb23953c044c44323d9934d0 Mon Sep 17 00:00:00 2001 +From 9e4840347d561c7dc98ab6f84e3c3a195297c29e Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 18:42:56 +0200 Subject: [PATCH 08/13] Client: start deferred sync on get() or on() @@ -627,7 +627,7 @@ occurs during the session. 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/services/settings/RemoteSettingsClient.jsm b/services/settings/RemoteSettingsClient.jsm -index 1c9dd2378f..f7a0b3bdaa 100644 +index 90e82772c4..2a009eca7c 100644 --- a/services/settings/RemoteSettingsClient.jsm +++ b/services/settings/RemoteSettingsClient.jsm @@ -16,6 +16,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { @@ -638,7 +638,7 @@ index 1c9dd2378f..f7a0b3bdaa 100644 Downloader: "resource://services-settings/Attachments.jsm", IDBHelpers: "resource://services-settings/IDBHelpers.jsm", KintoHttpClient: "resource://services-common/kinto-http-client.js", -@@ -28,6 +29,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { +@@ -27,6 +28,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { }); const TELEMETRY_COMPONENT = "remotesettings"; @@ -646,7 +646,7 @@ index 1c9dd2378f..f7a0b3bdaa 100644 XPCOMUtils.defineLazyGetter(this, "console", () => Utils.log); -@@ -259,6 +261,14 @@ class RemoteSettingsClient extends EventEmitter { +@@ -249,6 +251,14 @@ class RemoteSettingsClient extends EventEmitter { this._lastCheckTimePref = lastCheckTimePref; this._verifier = null; this._syncRunning = false; @@ -661,8 +661,8 @@ index 1c9dd2378f..f7a0b3bdaa 100644 // This attribute allows signature verification to be disabled, when running tests // or when pulling data from a dev server. -@@ -293,6 +303,11 @@ class RemoteSettingsClient extends EventEmitter { - ); +@@ -278,6 +288,11 @@ class RemoteSettingsClient extends EventEmitter { + this.db.identifier = this.identifier; } + on(event, callback) { @@ -673,7 +673,7 @@ index 1c9dd2378f..f7a0b3bdaa 100644 get identifier() { return `${this.bucketName}/${this.collectionName}`; } -@@ -361,6 +376,10 @@ class RemoteSettingsClient extends EventEmitter { +@@ -346,6 +361,10 @@ class RemoteSettingsClient extends EventEmitter { let lastModified = await this.db.getLastModified(); let hasLocalData = lastModified !== null; @@ -684,7 +684,7 @@ index 1c9dd2378f..f7a0b3bdaa 100644 if (syncIfEmpty && !hasLocalData) { // .get() was called before we had the chance to synchronize the local database. // We'll try to avoid returning an empty list. -@@ -445,7 +464,10 @@ class RemoteSettingsClient extends EventEmitter { +@@ -444,7 +463,10 @@ class RemoteSettingsClient extends EventEmitter { // No need to verify signature on JSON dumps. // If local DB cannot be read, then we don't even try to do anything, // we return results early. @@ -696,7 +696,7 @@ index 1c9dd2378f..f7a0b3bdaa 100644 } console.debug( -@@ -483,6 +505,12 @@ class RemoteSettingsClient extends EventEmitter { +@@ -484,6 +506,12 @@ class RemoteSettingsClient extends EventEmitter { return final; } @@ -710,10 +710,10 @@ index 1c9dd2378f..f7a0b3bdaa 100644 * Synchronize the local database with the remote server. * -- -2.35.1 +2.37.0 -From 192096cd8caa2cbdfdc294a71056e6ee1b7e513d Mon Sep 17 00:00:00 2001 +From 72de3dbe162430638a58838b714f1872c2dd8195 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 18:53:51 +0200 Subject: [PATCH 09/13] Client: deep compare records if timestamps match @@ -735,7 +735,7 @@ noticeable performance issues. 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/services/settings/RemoteSettingsClient.jsm b/services/settings/RemoteSettingsClient.jsm -index f7a0b3bdaa..64ac27d149 100644 +index 2a009eca7c..dbcdb559df 100644 --- a/services/settings/RemoteSettingsClient.jsm +++ b/services/settings/RemoteSettingsClient.jsm @@ -13,6 +13,7 @@ const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); @@ -746,7 +746,7 @@ index f7a0b3bdaa..64ac27d149 100644 ClientEnvironmentBase: "resource://gre/modules/components-utils/ClientEnvironment.jsm", Database: "resource://services-settings/Database.jsm", -@@ -1053,7 +1054,10 @@ class RemoteSettingsClient extends EventEmitter { +@@ -1015,7 +1016,10 @@ class RemoteSettingsClient extends EventEmitter { const old = oldById.get(r.id); if (old) { oldById.delete(r.id); @@ -759,10 +759,10 @@ index f7a0b3bdaa..64ac27d149 100644 } } else { -- -2.35.1 +2.37.0 -From c834cd3beeb989f30c88aabea480d08989c02abc Mon Sep 17 00:00:00 2001 +From 0ddc970c40569ca7b20ec67a413519589e7c52f6 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 19:01:39 +0200 Subject: [PATCH 10/13] Client: delete more data on cleanup @@ -776,14 +776,14 @@ useful anyway when remote-settings.js doesn't do any polling for changes. Note that attachments should be deleted before the records, because the logic gets the data about the attachments from those records. --- - services/settings/RemoteSettingsClient.jsm | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) + services/settings/RemoteSettingsClient.jsm | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/services/settings/RemoteSettingsClient.jsm b/services/settings/RemoteSettingsClient.jsm -index 64ac27d149..ac6259ca2c 100644 +index dbcdb559df..c20ce412b2 100644 --- a/services/settings/RemoteSettingsClient.jsm +++ b/services/settings/RemoteSettingsClient.jsm -@@ -219,7 +219,7 @@ class AttachmentDownloader extends Downloader { +@@ -207,7 +207,7 @@ class AttachmentDownloader extends Downloader { allRecords .filter(r => !!r.attachment) .map(r => @@ -792,7 +792,7 @@ index 64ac27d149..ac6259ca2c 100644 ) ); } -@@ -1013,7 +1016,7 @@ class RemoteSettingsClient extends EventEmitter { +@@ -975,7 +975,7 @@ class RemoteSettingsClient extends EventEmitter { // Signature failed, clear local DB because it contains // bad data (local + remote changes). console.debug(`${this.identifier} clear local data`); @@ -801,7 +801,7 @@ index 64ac27d149..ac6259ca2c 100644 // Local data was tampered, throw and it will retry from empty DB. console.error(`${this.identifier} local data was corrupted`); throw new CorruptedDataError(this.identifier); -@@ -1035,7 +1038,7 @@ class RemoteSettingsClient extends EventEmitter { +@@ -997,7 +997,7 @@ class RemoteSettingsClient extends EventEmitter { // _importJSONDump() only clears DB if dump is available, // therefore do it here! if (imported < 0) { @@ -810,7 +810,7 @@ index 64ac27d149..ac6259ca2c 100644 } } } -@@ -1075,6 +1078,12 @@ class RemoteSettingsClient extends EventEmitter { +@@ -1037,6 +1037,12 @@ class RemoteSettingsClient extends EventEmitter { return syncResult; } @@ -824,10 +824,10 @@ index 64ac27d149..ac6259ca2c 100644 * Fetch information from changeset endpoint. * -- -2.35.1 +2.37.0 -From 68ee3019155c605ea3fefd9370209d548d1049c2 Mon Sep 17 00:00:00 2001 +From 00e45ee5b33b5e6030fa2d3b589cce5418822a3e Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 19:07:56 +0200 Subject: [PATCH 11/13] Client: remove comparison of collection timestamps @@ -842,10 +842,10 @@ necessary cleanup. So remove the checks. 1 file changed, 5 deletions(-) diff --git a/services/settings/RemoteSettingsClient.jsm b/services/settings/RemoteSettingsClient.jsm -index ac6259ca2c..e59845a337 100644 +index c20ce412b2..79ec40ee9e 100644 --- a/services/settings/RemoteSettingsClient.jsm +++ b/services/settings/RemoteSettingsClient.jsm -@@ -948,14 +948,9 @@ class RemoteSettingsClient extends EventEmitter { +@@ -917,14 +917,9 @@ class RemoteSettingsClient extends EventEmitter { updated: [], deleted: [], }; @@ -858,13 +858,13 @@ index ac6259ca2c..e59845a337 100644 - return syncResult; - } - const start = Cu.now() * 1000; await this.db.importChanges(metadata, remoteTimestamp, remoteRecords, { + clear: retry, -- -2.35.1 +2.37.0 -From aa15f1fee8030b3a315312fba2f1b19e6694aad4 Mon Sep 17 00:00:00 2001 +From 37d74c55d8c1d852666f179fe6ea45fd99ff83ca Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 19:15:44 +0200 Subject: [PATCH 12/13] Attachments: load only from dump and drop cached @@ -874,7 +874,7 @@ Subject: [PATCH 12/13] Attachments: load only from dump and drop cached 1 file changed, 8 insertions(+), 27 deletions(-) diff --git a/services/settings/Attachments.jsm b/services/settings/Attachments.jsm -index 70c02627ac..d24d8907fd 100644 +index 2bf846e4e1..542f34f97e 100644 --- a/services/settings/Attachments.jsm +++ b/services/settings/Attachments.jsm @@ -151,9 +151,10 @@ class Downloader { @@ -897,7 +897,7 @@ index 70c02627ac..d24d8907fd 100644 }); const blob = new Blob([newBuffer]); // Store in cache but don't wait for it before returning. -@@ -239,7 +241,7 @@ class Downloader { +@@ -237,7 +239,7 @@ class Downloader { } try { @@ -906,7 +906,7 @@ index 70c02627ac..d24d8907fd 100644 } catch (e) { // Failed to read from cache, e.g. IndexedDB unusable. Cu.reportError(e); -@@ -276,7 +278,7 @@ class Downloader { +@@ -300,7 +302,7 @@ class Downloader { * @returns {String} the absolute file path to the downloaded attachment. */ async downloadToDisk(record, options = {}) { @@ -915,7 +915,7 @@ index 70c02627ac..d24d8907fd 100644 const { attachment: { filename, size, hash }, } = record; -@@ -333,31 +335,10 @@ class Downloader { +@@ -357,31 +359,10 @@ class Downloader { */ async downloadAsBytes(record, options = {}) { const { @@ -951,10 +951,10 @@ index 70c02627ac..d24d8907fd 100644 /** -- -2.35.1 +2.37.0 -From 271e88d8a18a6ae30ccc616c57fe7a36290ba520 Mon Sep 17 00:00:00 2001 +From 5f475d79389de681e2eac63527a6d497b0b0da77 Mon Sep 17 00:00:00 2001 From: grizzlyuser Date: Wed, 30 Dec 2020 19:22:20 +0200 Subject: [PATCH 13/13] Disable CRLite entirely for now @@ -965,32 +965,44 @@ within minutes. That won't work with local-only setup. Although (some?) of the JSON dumps for it are in place, obviously the updates won't happen that fast. -Right now CRLite doesn't enforce anything, and works just for telemetry -collection (which is hopefully disabled anyway). So disable the -preference right in the source code, so that the patch fails to apply -when the upstream decides to set it to enforcing mode by default. +Disable the preference right in the source code, so that the patch fails +to apply when the upstream decides to set it to fully enforcing mode +by default. The solution with CRLite is up for discussion. If necessary, it's possible to make clients for blessed collections to communicate to real Remote Settings server. For example, for collections related to certificate revocations. --- - modules/libpref/init/all.js | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js -index cb72224e1b..79940b598a 100644 ---- a/modules/libpref/init/all.js -+++ b/modules/libpref/init/all.js -@@ -160,7 +160,7 @@ pref("security.xfocsp.errorReporting.automatic", false); - // 1: Consult CRLite but only collect telemetry. - // 2: Consult CRLite and enforce both "Revoked" and "Not Revoked" results. - // 3: Consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked". --pref("security.pki.crlite_mode", 3); -+pref("security.pki.crlite_mode", 0); - - // Issuer we use to detect MitM proxies. Set to the issuer of the cert of the - // Firefox update service. The string format is whatever NSS uses to print a DN. + modules/libpref/init/StaticPrefList.yaml | 2 +- + security/manager/ssl/nsNSSComponent.cpp | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml +index c487b04a35..b0808338ef 100644 +--- a/modules/libpref/init/StaticPrefList.yaml ++++ b/modules/libpref/init/StaticPrefList.yaml +@@ -12269,7 +12269,7 @@ + # 3: Consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked". + - name: security.pki.crlite_mode + type: RelaxedAtomicUint32 +- value: 3 ++ value: 0 + mirror: always + + - name: security.tls.version.min +diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp +index 12da07c56f..39f85cf5b3 100644 +--- a/security/manager/ssl/nsNSSComponent.cpp ++++ b/security/manager/ssl/nsNSSComponent.cpp +@@ -1453,6 +1453,7 @@ void nsNSSComponent::setValidationOptions( + CRLiteMode defaultCRLiteMode = CRLiteMode::Disabled; + CRLiteMode crliteMode = + static_cast(StaticPrefs::security_pki_crlite_mode()); ++ // Adding a comment just in case so that the patch breaks as soon as any surrounding lines get changed + switch (crliteMode) { + case CRLiteMode::Disabled: + case CRLiteMode::TelemetryOnly: -- -2.35.1 +2.37.0 diff --git a/libre/iceweasel/PKGBUILD b/libre/iceweasel/PKGBUILD index 7f791a7d7..6800006a0 100644 --- a/libre/iceweasel/PKGBUILD +++ b/libre/iceweasel/PKGBUILD @@ -60,10 +60,10 @@ pkgname=iceweasel epoch=1 -pkgver=101.0.1 +pkgver=102.0 pkgrel=1 pkgrel+=.parabola1 -_brandingver=98.0-1 +_brandingver=102.0-1 pkgdesc="Standalone web browser derived from Mozilla Firefox" arch=(x86_64) arch+=(armv7h i686) @@ -85,6 +85,7 @@ optdepends=('networkmanager: Location detection via available WiFi networks' replaces=('firefox') options=(!emptydirs !makeflags !strip !lto !debug) # FIXME: can we still make debug package? source=(https://archive.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkgver.source.tar.xz{,.asc} + zstandard-0.18.0.diff $pkgname.desktop identity-icons-brand.svg) source=(${source[*]/identity-icons-brand.svg/}) source+=(https://repo.parabola.nu/other/iceweasel/${pkgname}_${_brandingver}.branding.tar.xz{,.sig} @@ -98,12 +99,13 @@ source_armv7h=(build-arm-libopus.patch) source_i686=('avoid-libxul-OOM-python-check.patch' 'rust-static-disable-network-test-on-static-libraries.patch' 'firefox-99.0.1-fdlibm-double.patch') -sha256sums=('b4c76e8bdf81f473f3e56b2f69dbe5119bba5cab38e36ab0f3f38cf0cdc4a9c2' +sha256sums=('01797f04bd8d65f4c7f628d7ce832bf52a0874433886e4d0d78ef33c1ca66abf' 'SKIP' + 'a6857ad2f2e2091c6c4fdcde21a59fbeb0138914c0e126df64b50a5af5ff63be' '9cdc2602661717712092d28bb494e5b48e518cb930898aca85eaf21f91f7ef58') -sha256sums+=('f3e89499909b172476e931d9ab18b856d0001e3042b3816d1728809536179768' +sha256sums+=('d29c194ed7b3b4fa0f511866723118938c2be40077b4e9aadf8b3e6bfff91049' 'SKIP' - 'f49bb26d1a04145c39639200b64fd9010ded4261f60e06eb48bc0d5f58d1e935' + '77b79ce95a560d371b08925a4f8c005b38e45936f61c8e4a4378d5ac56313cba' 'a2c71759290dd48c87bf8aacb681040dcaefdabe0d57317de361d2d2d509664b' 'e192458a2a9878483984e1400bb3c66df369adfbf6f144b90445f80973c32ed1' 'a6a0bf8296d42a0ea2664efd45e9131df1f19fc6199724ec78d66119589850dd' @@ -196,6 +198,9 @@ prepare() { mkdir mozbuild cd firefox-$pkgver + # Unbreak build with python-zstandard 0.18.0 + patch -Np1 -i ../zstandard-0.18.0.diff + # echo -n "$_google_api_key" >google-api-key # anti-feature # echo -n "$_mozilla_api_key" >mozilla-api-key # anti-feature @@ -246,11 +251,9 @@ ac_add_options --disable-eme END - # FIXME: FTBS with cbindgen > 0.23 + # FIXME: FTBS with cbindgen > 0.23 (currrently 0.24) # https://bugzilla.mozilla.org/show_bug.cgi?id=1773259 - if [[ "${CARCH}" != i686 ]] # cbindgen i686 is currrently 0.23 - then sed -i '/const uint64_t ROOT_CLIP_CHAIN = ~0;/d' gfx/webrender_bindings/webrender_ffi.h - fi + sed -i '/const uint64_t ROOT_CLIP_CHAIN = ~0;/d' gfx/webrender_bindings/webrender_ffi.h ## [ARCH-SPECIFIC CONFIG] ## @@ -440,7 +443,7 @@ END # Disable/neutralize Remote Settings (as best we can) echo "applying 9001-FSDG-sync-remote-settings-with-local-dump.patch" - patch -Np1 --no-backup-if-mismatch -i ../9001-FSDG-sync-remote-settings-with-local-dump.patch + git apply ../9001-FSDG-sync-remote-settings-with-local-dump.patch # Disable various components at the source level sed -i 's/;1/;0/' toolkit/components/telemetry/components.conf diff --git a/libre/iceweasel/zstandard-0.18.0.diff b/libre/iceweasel/zstandard-0.18.0.diff new file mode 100644 index 000000000..5dfa30557 --- /dev/null +++ b/libre/iceweasel/zstandard-0.18.0.diff @@ -0,0 +1,10 @@ +diff --git i/python/sites/mach.txt w/python/sites/mach.txt +index 01f4f8c23da3b..85cfaf2b273ac 100644 +--- i/python/sites/mach.txt ++++ w/python/sites/mach.txt +@@ -134,4 +134,4 @@ pypi-optional:glean-sdk==50.1.0:telemetry will not be collected + # We aren't (yet) able to pin packages in automation, so we have to + # support down to the oldest locally-installed version (5.4.2). + pypi-optional:psutil>=5.4.2,<=5.8.0:telemetry will be missing some data +-pypi-optional:zstandard>=0.11.1,<=0.17.0:zstd archives will not be possible to extract ++pypi-optional:zstandard>=0.11.1,<=0.18.0:zstd archives will not be possible to extract -- cgit v1.2.3