mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge autoland to mozilla-central. a=merge

This commit is contained in:
Gurzau Raul 2018-10-15 01:17:04 +03:00
Родитель fd63f0c02c 7363138acc
Коммит f64fd67d89
35 изменённых файлов: 390 добавлений и 693 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
browser/app/moz.build
Просмотреть файл

@ -84,11 +84,6 @@ if CONFIG['OS_ARCH'] == 'WINNT':
'ole32.dll',
]
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'Darwin':
USE_LIBS += [
'mozsandbox',
]
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT':
# For sandbox includes and the include dependencies those have
LOCAL_INCLUDES += [

14
browser/app/nsBrowserApp.cpp
Просмотреть файл

@ -43,10 +43,6 @@
#include "FuzzerDefs.h"
#endif
#ifdef XP_MACOSX
#include "mozilla/Sandbox.h"
#endif
#ifdef MOZ_LINUX_32_SSE2_STARTUP_ERROR
#include <cpuid.h>
#include "mozilla/Unused.h"
@ -267,16 +263,6 @@ int main(int argc, char* argv[], char* envp[])
{
mozilla::TimeStamp start = mozilla::TimeStamp::Now();
#ifdef XP_MACOSX
if (argc > 1 && IsArg(argv[1], "contentproc")) {
std::string err;
if (!mozilla::EarlyStartMacSandboxIfEnabled(argc, argv, err)) {
Output("Sandbox error: %s\n", err.c_str());
MOZ_CRASH("Sandbox initialization failed");
}
}
#endif
#ifdef MOZ_BROWSER_CAN_BE_CONTENTPROC
// We are launching as a content process, delegate to the appropriate
// main

6
browser/app/profile/firefox.js
Просмотреть файл

@ -1026,12 +1026,6 @@ pref("security.sandbox.gpu.level", 0);
pref("security.sandbox.gmp.win32k-disable", false);
#endif
#if defined(NIGHTLY_BUILD) && defined(XP_MACOSX) && defined(MOZ_SANDBOX)
// Start the Mac sandbox immediately during child process startup instead
// of when messaged by the parent after the message loop is running.
pref("security.sandbox.content.mac.earlyinit", true);
#endif
#if defined(XP_MACOSX) && defined(MOZ_SANDBOX) && defined(MOZ_CONTENT_SANDBOX)
// This pref is discussed in bug 1083344, the naming is inspired from its
// Windows counterpart, but on Mac it's an integer which means:

1
devtools/client/jar.mn
Просмотреть файл

@ -107,7 +107,6 @@ devtools.jar:
skin/images/accessibility.svg (themes/images/accessibility.svg)
skin/images/add.svg (themes/images/add.svg)
skin/images/arrowhead-left.svg (themes/images/arrowhead-left.svg)
skin/images/arrowhead-right.svg (themes/images/arrowhead-right.svg)
skin/images/arrowhead-down.svg (themes/images/arrowhead-down.svg)
skin/images/arrowhead-up.svg (themes/images/arrowhead-up.svg)
skin/images/breadcrumbs-divider.svg (themes/images/breadcrumbs-divider.svg)

53
devtools/client/themes/layout.css
Просмотреть файл

@ -217,14 +217,13 @@
}
.flex-outline-final {
border: 1px solid currentColor;
border: 2px solid currentColor;
position: relative;
grid-column: final-start / final-end;
}
.flex-outline-final.clamped::after {
content: "";
background-color: var(--theme-body-background);
background-image: url(chrome://devtools/skin/images/lock.svg);
background-size: 16px;
background-repeat: no-repeat;
@ -236,7 +235,13 @@
position: absolute;
right: -10px;
top: 6px;
border-radius: 50%;
/* Making sure the icon is visible against any background by creating a plain background
around its shape, using a drop-shadow filter. */
filter:
drop-shadow(1px 0px 0px var(--theme-body-background))
drop-shadow(0px 1px 0px var(--theme-body-background))
drop-shadow(-1px 0px 0px var(--theme-body-background))
drop-shadow(0px -1px 0px var(--theme-body-background));
}
.flex-outline.column .flex-outline-final.clamped::after {
@ -246,7 +251,7 @@
.flex-outline-basis {
border-style: dotted;
border-width: 3px;
margin: 1px 0;
margin: 1px;
grid-column: basis-start / basis-end;
}
@ -255,19 +260,43 @@
}
.flex-outline-delta {
background-repeat: round;
fill: currentColor;
-moz-context-properties: fill;
grid-column: delta-start / delta-end;
margin: 4px;
margin: 3px 0;
opacity: .5;
position: relative;
}
.flex-outline.growing .flex-outline-delta {
background-image: url(chrome://devtools/skin/images/arrowhead-right.svg);
.flex-outline-delta::before {
content: "";
position: absolute;
left: 2px;
right: 2px;
top: calc(50% - .5px);
height: 1px;
background: currentColor;
}
.flex-outline.shrinking .flex-outline-delta {
background-image: url(chrome://devtools/skin/images/arrowhead-left.svg);
.flex-outline-delta::after {
content: "";
position: absolute;
width: 5px;
height: 5px;
top: 50%;
border: 1px solid currentColor;
}
.flex-outline.growing .flex-outline-delta:after {
right: 2px;
border-width: 1px 1px 0 0;
transform-origin: top right;
transform: rotate(.125turn);
}
.flex-outline.shrinking .flex-outline-delta:after {
left: 2px;
border-width: 1px 0 0 1px;
transform-origin: top left;
transform: rotate(-.125turn);
}
.flex-outline-point {

118
dom/ipc/ContentChild.cpp
Просмотреть файл

@ -194,7 +194,6 @@
#endif
#if defined(XP_MACOSX)
#include "nsMacUtilsImpl.h"
#include <CoreServices/CoreServices.h>
// Info.plist key associated with the developer repo path
#define MAC_DEV_REPO_KEY "MozillaDeveloperRepoPath"
@ -1524,6 +1523,110 @@ ContentChild::RecvReinitRenderingForDeviceReset()
}
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
#include <stdlib.h>
static bool
GetAppPaths(nsCString &aAppPath, nsCString &aAppBinaryPath, nsCString &aAppDir)
{
nsAutoCString appPath;
nsAutoCString appBinaryPath(
(CommandLine::ForCurrentProcess()->argv()[0]).c_str());
nsAutoCString::const_iterator start, end;
appBinaryPath.BeginReading(start);
appBinaryPath.EndReading(end);
if (RFindInReadable(NS_LITERAL_CSTRING(".app/Contents/MacOS/"), start, end)) {
end = start;
++end; ++end; ++end; ++end;
appBinaryPath.BeginReading(start);
appPath.Assign(Substring(start, end));
} else {
return false;
}
nsCOMPtr<nsIFile> app, appBinary;
nsresult rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appPath),
true, getter_AddRefs(app));
if (NS_FAILED(rv)) {
return false;
}
rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appBinaryPath),
true, getter_AddRefs(appBinary));
if (NS_FAILED(rv)) {
return false;
}
nsCOMPtr<nsIFile> appDir;
nsCOMPtr<nsIProperties> dirSvc =
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID);
if (!dirSvc) {
return false;
}
rv = dirSvc->Get(NS_GRE_DIR,
NS_GET_IID(nsIFile), getter_AddRefs(appDir));
if (NS_FAILED(rv)) {
return false;
}
bool exists;
rv = appDir->Exists(&exists);
if (NS_FAILED(rv) || !exists) {
return false;
}
// appDir points to .app/Contents/Resources, for our purposes we want
// .app/Contents.
nsCOMPtr<nsIFile> appDirParent;
rv = appDir->GetParent(getter_AddRefs(appDirParent));
if (NS_FAILED(rv)) {
return false;
}
rv = app->Normalize();
if (NS_FAILED(rv)) {
return false;
}
app->GetNativePath(aAppPath);
rv = appBinary->Normalize();
if (NS_FAILED(rv)) {
return false;
}
appBinary->GetNativePath(aAppBinaryPath);
rv = appDirParent->Normalize();
if (NS_FAILED(rv)) {
return false;
}
appDirParent->GetNativePath(aAppDir);
return true;
}
// This function is only used in an |#ifdef DEBUG| path.
#ifdef DEBUG
// Given a path to a file, return the directory which contains it.
static nsAutoCString
GetDirectoryPath(const char *aPath) {
nsCOMPtr<nsIFile> file = do_CreateInstance(NS_LOCAL_FILE_CONTRACTID);
if (!file ||
NS_FAILED(file->InitWithNativePath(nsDependentCString(aPath)))) {
MOZ_CRASH("Failed to create or init an nsIFile");
}
nsCOMPtr<nsIFile> directoryFile;
if (NS_FAILED(file->GetParent(getter_AddRefs(directoryFile))) ||
!directoryFile) {
MOZ_CRASH("Failed to get parent for an nsIFile");
}
directoryFile->Normalize();
nsAutoCString directoryPath;
if (NS_FAILED(directoryFile->GetNativePath(directoryPath))) {
MOZ_CRASH("Failed to get path for an nsIFile");
}
return directoryPath;
}
#endif // DEBUG
extern "C" {
CGError
CGSSetDenyWindowServerConnections(bool);
@ -1555,9 +1658,9 @@ StartMacOSContentSandbox()
#endif
}
nsAutoCString appPath;
if (!nsMacUtilsImpl::GetAppPath(appPath)) {
MOZ_CRASH("Error resolving child process app path");
nsAutoCString appPath, appBinaryPath, appDir;
if (!GetAppPaths(appPath, appBinaryPath, appDir)) {
MOZ_CRASH("Error resolving child process path");
}
ContentChild* cc = ContentChild::GetSingleton();
@ -1583,9 +1686,9 @@ StartMacOSContentSandbox()
info.shouldLog = Preferences::GetBool("security.sandbox.logging.enabled") ||
PR_GetEnv("MOZ_SANDBOX_LOGGING");
info.appPath.assign(appPath.get());
info.appBinaryPath.assign(appBinaryPath.get());
info.appDir.assign(appDir.get());
info.hasAudio = !Preferences::GetBool("media.cubeb.sandbox");
info.hasWindowServer = !Preferences::GetBool(
"security.sandbox.content.mac.disconnect-windowserver");
// These paths are used to whitelist certain directories used by the testing
// system. They should not be considered a public API, and are only intended
@ -1639,8 +1742,7 @@ StartMacOSContentSandbox()
if (bloatLog != nullptr) {
// |bloatLog| points to a specific file, but we actually write to a sibling
// of that path.
nsAutoCString bloatDirectoryPath =
nsMacUtilsImpl::GetDirectoryPath(bloatLog);
nsAutoCString bloatDirectoryPath = GetDirectoryPath(bloatLog);
info.debugWriteDir.assign(bloatDirectoryPath.get());
}
#endif // DEBUG

153
dom/ipc/ContentParent.cpp
Просмотреть файл

@ -110,7 +110,6 @@
#include "mozilla/Unused.h"
#include "mozilla/HangDetails.h"
#include "nsAnonymousTemporaryFile.h"
#include "nsAppDirectoryServiceDefs.h"
#include "nsAppRunner.h"
#include "nsCDefaultURIFixup.h"
#include "nsCExternalHandlerService.h"
@ -120,7 +119,6 @@
#include "nsConsoleService.h"
#include "nsContentUtils.h"
#include "nsDebugImpl.h"
#include "nsDirectoryService.h"
#include "nsDirectoryServiceDefs.h"
#include "nsEmbedCID.h"
#include "nsFrameLoader.h"
@ -216,10 +214,6 @@
#include "signaling/src/peerconnection/WebrtcGlobalParent.h"
#endif
#if defined(XP_MACOSX)
#include "nsMacUtilsImpl.h"
#endif
#if defined(ANDROID) || defined(LINUX)
#include "nsSystemInfo.h"
#endif
@ -615,10 +609,6 @@ static const char* sObserverTopics[] = {
"clear-site-data-reload-needed",
};
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
bool ContentParent::sEarlySandboxInit = false;
#endif
// PreallocateProcess is called by the PreallocatedProcessManager.
// ContentParent then takes this process back within GetNewOrUsedBrowserProcess.
/*static*/ already_AddRefed<ContentParent>
@ -2140,120 +2130,6 @@ ContentParent::GetTestShellSingleton()
return static_cast<TestShellParent*>(p);
}
#ifdef XP_MACOSX
void
ContentParent::AppendSandboxParams(std::vector<std::string> &aArgs)
{
nsCOMPtr<nsIProperties>
directoryService(do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID));
if (!directoryService) {
MOZ_CRASH("Failed to get the directory service");
}
// Indicates the child should startup the sandbox
aArgs.push_back("-sbStartup");
// The content sandbox level
int contentSandboxLevel =
Preferences::GetInt("security.sandbox.content.level");
std::ostringstream os;
os << contentSandboxLevel;
std::string contentSandboxLevelString = os.str();
aArgs.push_back("-sbLevel");
aArgs.push_back(contentSandboxLevelString);
// Sandbox logging
if (Preferences::GetBool("security.sandbox.logging.enabled") ||
PR_GetEnv("MOZ_SANDBOX_LOGGING")) {
aArgs.push_back("-sbLogging");
}
// For file content processes
if (GetRemoteType().EqualsLiteral(FILE_REMOTE_TYPE)) {
aArgs.push_back("-sbAllowFileAccess");
}
// Audio access
if (!Preferences::GetBool("media.cubeb.sandbox")) {
aArgs.push_back("-sbAllowAudio");
}
// Windowserver access
if (!Preferences::GetBool("security.sandbox.content.mac.disconnect-windowserver")) {
aArgs.push_back("-sbAllowWindowServer");
}
// .app path (normalized)
nsAutoCString appPath;
if (!nsMacUtilsImpl::GetAppPath(appPath)) {
MOZ_CRASH("Failed to get app dir paths");
}
aArgs.push_back("-sbAppPath");
aArgs.push_back(appPath.get());
// TESTING_READ_PATH1
nsAutoCString testingReadPath1;
Preferences::GetCString("security.sandbox.content.mac.testing_read_path1",
testingReadPath1);
if (!testingReadPath1.IsEmpty()) {
aArgs.push_back("-sbTestingReadPath");
aArgs.push_back(testingReadPath1.get());
}
// TESTING_READ_PATH2
nsAutoCString testingReadPath2;
Preferences::GetCString("security.sandbox.content.mac.testing_read_path2",
testingReadPath2);
if (!testingReadPath2.IsEmpty()) {
aArgs.push_back("-sbTestingReadPath");
aArgs.push_back(testingReadPath2.get());
}
// TESTING_READ_PATH3, TESTING_READ_PATH4. In development builds,
// these are used to whitelist the repo dir and object dir respectively.
nsresult rv;
if (mozilla::IsDevelopmentBuild()) {
// Repo dir
nsCOMPtr<nsIFile> repoDir;
rv = mozilla::GetRepoDir(getter_AddRefs(repoDir));
if (NS_FAILED(rv)) {
MOZ_CRASH("Failed to get path to repo dir");
}
nsCString repoDirPath;
Unused << repoDir->GetNativePath(repoDirPath);
aArgs.push_back("-sbTestingReadPath");
aArgs.push_back(repoDirPath.get());
// Object dir
nsCOMPtr<nsIFile> objDir;
rv = mozilla::GetObjDir(getter_AddRefs(objDir));
if (NS_FAILED(rv)) {
MOZ_CRASH("Failed to get path to build object dir");
}
nsCString objDirPath;
Unused << objDir->GetNativePath(objDirPath);
aArgs.push_back("-sbTestingReadPath");
aArgs.push_back(objDirPath.get());
}
// DEBUG_WRITE_DIR
#ifdef DEBUG
// When a content process dies intentionally (|NoteIntentionalCrash|), for
// tests it wants to log that it did this. Allow writing to this location
// that the testrunner wants.
char *bloatLog = PR_GetEnv("XPCOM_MEM_BLOAT_LOG");
if (bloatLog != nullptr) {
// |bloatLog| points to a specific file, but we actually write to a sibling
// of that path.
nsAutoCString bloatDirectoryPath =
nsMacUtilsImpl::GetDirectoryPath(bloatLog);
aArgs.push_back("-sbDebugWriteDir");
aArgs.push_back(bloatDirectoryPath.get());
}
#endif // DEBUG
}
#endif // XP_MACOSX
bool
ContentParent::LaunchSubprocess(ProcessPriority aInitialPriority /* = PROCESS_PRIORITY_FOREGROUND */)
{
@ -2342,15 +2218,6 @@ ContentParent::LaunchSubprocess(ProcessPriority aInitialPriority /* = PROCESS_PR
extraArgs.push_back("-safeMode");
}
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
// If we're launching a middleman process for a
// recording or replay, start the sandbox later.
if (sEarlySandboxInit && IsContentSandboxEnabled() &&
!IsRecordingOrReplaying()) {
AppendSandboxParams(extraArgs);
}
#endif
nsCString parentBuildID(mozilla::PlatformBuildID());
extraArgs.push_back("-parentBuildID");
extraArgs.push_back(parentBuildID.get());
@ -2470,17 +2337,6 @@ ContentParent::ContentParent(ContentParent* aOpener,
NS_ASSERTION(NS_IsMainThread(), "Wrong thread!");
bool isFile = mRemoteType.EqualsLiteral(FILE_REMOTE_TYPE);
mSubprocess = new ContentProcessHost(this, isFile);
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
// sEarlySandboxInit is statically initialized to false.
// Once we've set it to true due to the pref, avoid checking the
// pref on subsequent calls. As a result, changing the earlyinit
// pref requires restarting the browser to take effect.
if (!ContentParent::sEarlySandboxInit) {
ContentParent::sEarlySandboxInit =
Preferences::GetBool("security.sandbox.content.mac.earlyinit");
}
#endif
}
ContentParent::~ContentParent()
@ -2751,15 +2607,6 @@ ContentParent::InitInternal(ProcessPriority aInitialPriority)
// of value to take effect.
shouldSandbox = IsContentSandboxEnabled();
#ifdef XP_MACOSX
// If the sandbox was initialized during content process
// startup, we must not send the SetProcessSandbox message.
// If early startup was pref'd off or the process is a
// middleman process, send SetProcessSandbox now.
shouldSandbox = shouldSandbox &&
(!sEarlySandboxInit || IsRecordingOrReplaying());
#endif
#ifdef XP_LINUX
if (shouldSandbox) {
MOZ_ASSERT(!mSandboxBroker);

9
dom/ipc/ContentParent.h
Просмотреть файл

@ -1262,8 +1262,6 @@ public:
// initializing.
void MaybeEnableRemoteInputEventQueue();
void AppendSandboxParams(std::vector<std::string>& aArgs);
public:
void SendGetFilesResponseAndForget(const nsID& aID,
const GetFilesResponseResult& aResult);
@ -1389,13 +1387,6 @@ private:
static uint64_t sNextTabParentId;
static nsDataHashtable<nsUint64HashKey, TabParent*> sNextTabParents;
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
// When set to true, indicates that content processes should
// initialize their sandbox during startup instead of waiting
// for the SetProcessSandbox IPDL message.
static bool sEarlySandboxInit;
#endif
};
} // namespace dom

12
dom/ipc/ContentProcess.cpp
Просмотреть файл

@ -14,7 +14,6 @@
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
#include <stdlib.h>
#include "mozilla/Sandbox.h"
#endif
#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX)
@ -297,16 +296,7 @@ ContentProcess::Init(int aArgc, char* aArgv[])
mXREEmbed.Start();
#if (defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX)
mContent.SetProfileDir(profileDir);
#if defined(DEBUG)
// For WebReplay middleman processes, the sandbox is
// started after receiving the SetProcessSandbox message.
if (IsContentSandboxEnabled() &&
Preferences::GetBool("security.sandbox.content.mac.earlyinit") &&
!recordreplay::IsMiddleman()) {
AssertMacSandboxEnabled();
}
#endif /* DEBUG */
#endif /* XP_MACOSX && MOZ_CONTENT_SANDBOX */
#endif
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
SetUpSandboxEnvironment();

145
dom/media/tests/mochitest/identity/test_fingerprints.html
Просмотреть файл

@ -1,46 +1,43 @@
<html>
<head>
<meta charset="utf-8" />
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="application/javascript">var scriptRelativePath = "../";</script>
<script type="application/javascript" src="../pc.js"></script>
</head>
<body>
<script class="testbody" type="application/javascript">
'use strict';
<script class="testbody" type="application/javascript">
createHTML({ title: "Test multiple identity fingerprints", bug: "1005152" });
// here we call the identity provider directly
function getIdentityAssertion(fpArray) {
var Cu = SpecialPowers.Cu;
var rtcid = Cu.import('resource://gre/modules/media/IdpSandbox.jsm');
var sandbox = new rtcid.IdpSandbox('example.com', 'idp.js', window);
return sandbox.start()
.then(idp => SpecialPowers.wrap(idp)
.generateAssertion(JSON.stringify({ fingerprint: fpArray }),
'https://example.com',
{}))
.then(assertion => {
assertion = SpecialPowers.wrap(assertion);
var assertionString = btoa(JSON.stringify(assertion));
sandbox.stop();
return assertionString;
});
async function getIdentityAssertion(fingerprint) {
const {Cu} = SpecialPowers;
const rtcid = Cu.import('resource://gre/modules/media/IdpSandbox.jsm');
const sandbox = new rtcid.IdpSandbox('example.com', 'idp.js', window);
const idp = SpecialPowers.wrap(await sandbox.start());
const assertion = SpecialPowers.wrap(await
idp.generateAssertion(JSON.stringify({ fingerprint }),
'https://example.com',
{}));
const assertionString = btoa(JSON.stringify(assertion));
sandbox.stop();
return assertionString;
}
// This takes a real fingerprint and makes some extra bad ones.
function makeFingerprints(algo, digest) {
var fingerprints = [];
fingerprints.push({ algorithm: algo, digest: digest });
function makeFingerprints(algorithm, digest) {
const fingerprints = [];
fingerprints.push({ algorithm, digest });
for (var i = 0; i < 3; ++i) {
fingerprints.push({
algorithm: algo,
algorithm,
digest: digest.replace(/:./g, ':' + i.toString(16))
});
}
return fingerprints;
}
var fingerprintRegex = /^a=fingerprint:(\S+) (\S+)/m;
var identityRegex = /^a=identity:(\S+)/m;
const fingerprintRegex = /^a=fingerprint:(\S+) (\S+)/m;
const identityRegex = /^a=identity:(\S+)/m;
function fingerprintSdp(fingerprints) {
return fingerprints.map(fp => 'a=fInGeRpRiNt:' + fp.algorithm +
@ -50,73 +47,45 @@ function fingerprintSdp(fingerprints) {
// Firefox only uses a single fingerprint.
// That doesn't mean we have it create SDP that describes two.
// This function synthesizes that SDP and tries to set it.
function testMultipleFingerprints() {
runNetworkTest(async () => {
// this one fails setRemoteDescription if the identity is not good
var pcStrict = new RTCPeerConnection({ peerIdentity: 'someone@example.com'});
const pcStrict = new RTCPeerConnection({ peerIdentity: 'someone@example.com'});
// this one will be manually tweaked to have two fingerprints
var pcDouble = new RTCPeerConnection({});
const pcDouble = new RTCPeerConnection({});
var offer, match, fingerprints;
const stream = await getUserMedia({ video: true });
ok(stream, 'Got test stream');
const [track] = stream.getTracks();
pcDouble.addTrack(track, stream);
try {
const offer = await pcDouble.createOffer();
ok(offer, 'Got offer');
const match = offer.sdp.match(fingerprintRegex);
if (!match) {
throw new Error('No fingerprint in offer SDP');
}
const fingerprints = makeFingerprints(match[1], match[2]);
const assertion = await getIdentityAssertion(fingerprints);
ok(assertion, 'Should have assertion');
var fail = msg =>
(e => ok(false, 'error in ' + msg + ': ' +
(e.message ? (e.message + '\n' + e.stack) : e)));
const sdp = offer.sdp.slice(0, match.index) +
'a=identity:' + assertion + '\n' +
fingerprintSdp(fingerprints.slice(1)) +
offer.sdp.slice(match.index);
navigator.mediaDevices.getUserMedia({ video: true })
.then(stream => {
ok(stream, 'Got test stream');
pcDouble.addStream(stream);
return pcDouble.createOffer();
})
.then(o => {
offer = o;
ok(offer, 'Got offer');
match = offer.sdp.match(fingerprintRegex);
if (!match) {
throw new Error('No fingerprint in offer SDP');
}
fingerprints = makeFingerprints(match[1], match[2]);
return getIdentityAssertion(fingerprints);
})
.then(assertion => {
ok(assertion, 'Should have assertion');
var sdp = offer.sdp.slice(0, match.index) +
'a=identity:' + assertion + '\n' +
fingerprintSdp(fingerprints.slice(1)) +
offer.sdp.slice(match.index);
return pcStrict.setRemoteDescription({ type: 'offer', sdp });
})
.then(() => {
ok(true, 'Modified fingerprints were accepted');
}, error => {
var e = SpecialPowers.wrap(error);
ok(false, 'error in test: ' +
(e.message ? (e.message + '\n' + e.stack) : e));
})
.then(() => {
pcStrict.close();
pcDouble.close();
SimpleTest.finish();
});
}
SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
set: [
[ 'media.peerconnection.identity.enabled', true ],
// Disable permission to skip prompt when on platforms the use loopback
// test devices (these would normally trigger a prompt).
[ 'media.navigator.permission.disabled', true ],
// Since this test doesn't include head.js or pc.js, we need to set the fake
// device pref manually. On platforms where loopback devices are used they
// should still take precedence, however on some platforms no prefs would
// be set and the test would fail.
[ 'media.navigator.streams.fake', true ]
]
}, testMultipleFingerprints);
await pcStrict.setRemoteDescription({ type: 'offer', sdp });
ok(true, 'Modified fingerprints were accepted');
} catch (error) {
const e = SpecialPowers.wrap(error);
ok(false, 'error in test: ' +
(e.message ? (e.message + '\n' + e.stack) : e));
}
pcStrict.close();
pcDouble.close();
track.stop();
networkTestFinished();
});
</script>
</body>
</body>
</html>

2
dom/media/tests/mochitest/mochitest.ini
Просмотреть файл

@ -347,6 +347,8 @@ skip-if = (android_version == '18') # android(Bug 1189784, timeouts on 4.3 emula
[test_peerConnection_bug1227781.html]
[test_peerConnection_stats.html]
skip-if = toolkit == 'android' # android(Bug 1189784, timeouts on 4.3 emulator, Bug 1373858)
[test_peerConnection_stats_relayProtocol.html]
skip-if = toolkit == 'android' # android(Bug 1189784, timeouts on 4.3 emulator, Bug 1373858)
[test_peerConnection_sender_and_receiver_stats.html]
skip-if = (android_version == '18') # android(Bug 1189784, timeouts on 4.3 emulator)
[test_peerConnection_trackless_sender_stats.html]

3
dom/media/tests/mochitest/test_peerConnection_stats.html
Просмотреть файл

@ -581,9 +581,8 @@ var PC_REMOTE_TEST_REMOTE_STATS = test => {
});
}
var test;
runNetworkTest(function (options) {
test = new PeerConnectionTest(options);
const test = new PeerConnectionTest(options);
test.chain.insertAfter("PC_LOCAL_WAIT_FOR_MEDIA_FLOW",
[PC_LOCAL_TEST_LOCAL_STATS]);

56
dom/media/tests/mochitest/test_peerConnection_stats_relayProtocol.html Normal file
Просмотреть файл

@ -0,0 +1,56 @@
<!DOCTYPE HTML>
<html>
<head>
<script type="application/javascript" src="nonTrickleIce.js"></script>
<script type="application/javascript" src="pc.js"></script>
</head>
<body>
<pre id="test">
<script type="application/javascript">
createHTML({
bug: "1435789",
title: "WebRTC local-candidate relayProtocol stats attribute"
});
var PC_LOCAL_TEST_LOCAL_STATS_RELAYCANDIDATE = test => {
return test.pcLocal.getStats().then(stats => {
let haveRelayProtocol = {};
for (let [k, v] of stats) {
if (v.type == "local-candidate") {
haveRelayProtocol[v.candidateType + "-" + v.relayProtocol] = v.relayProtocol;
}
}
is(haveRelayProtocol["host-undefined"], undefined, "relayProtocol not set for host candidates");
is(haveRelayProtocol["serverreflexive-undefined"], undefined, "relayProtocol not set for serverreflexive candidates");
ok(haveRelayProtocol["relayed-udp"], "Has UDP relay candidate");
ok(haveRelayProtocol["relayed-tcp"], "Has TCP relay candidate");
// TURN/TLS does not work, see https://bugzilla.mozilla.org/show_bug.cgi?id=1323439
// With TURN/TLS working, we should have exactly five entries in haveRelayProtocol.
todo(haveRelayProtocol["relayed-tls"], "Has TLS relay candidate. See https://bugzilla.mozilla.org/show_bug.cgi?id=1323439");
is(Object.keys(haveRelayProtocol).length, 4, "All candidate types are accounted for");
});
}
runNetworkTest(options => {
// uses NAT simulator in order to get srflx candidates.
SpecialPowers.pushPrefEnv(
{
'set': [
['media.peerconnection.nat_simulator.filtering_type', 'ENDPOINT_INDEPENDENT'],
['media.peerconnection.nat_simulator.mapping_type', 'ENDPOINT_INDEPENDENT']
]
}, function (options) {
const test = new PeerConnectionTest(options);
makeOffererNonTrickle(test.chain);
makeAnswererNonTrickle(test.chain);
test.chain.removeAfter("PC_LOCAL_WAIT_FOR_MEDIA_FLOW");
test.chain.append([PC_LOCAL_TEST_LOCAL_STATS_RELAYCANDIDATE]);
test.setMediaConstraints([{ audio: true }], [{ audio: true }]);
test.run();
})
}, { useIceServer: true });
</script>
</pre>
</body>
</html>

2
dom/media/webrtc/WebrtcGlobal.h
Просмотреть файл

@ -228,6 +228,7 @@ struct ParamTraits<mozilla::dom::RTCIceCandidateStats>
WriteParam(aMsg, aParam.mComponentId);
WriteParam(aMsg, aParam.mIpAddress);
WriteParam(aMsg, aParam.mMozLocalTransport);
WriteParam(aMsg, aParam.mRelayProtocol);
WriteParam(aMsg, aParam.mPortNumber);
WriteParam(aMsg, aParam.mTransport);
WriteRTCStats(aMsg, aParam);
@ -240,6 +241,7 @@ struct ParamTraits<mozilla::dom::RTCIceCandidateStats>
!ReadParam(aMsg, aIter, &(aResult->mComponentId)) ||
!ReadParam(aMsg, aIter, &(aResult->mIpAddress)) ||
!ReadParam(aMsg, aIter, &(aResult->mMozLocalTransport)) ||
!ReadParam(aMsg, aIter, &(aResult->mRelayProtocol)) ||
!ReadParam(aMsg, aIter, &(aResult->mPortNumber)) ||
!ReadParam(aMsg, aIter, &(aResult->mTransport)) ||
!ReadRTCStats(aMsg, aIter, aResult)) {

3
dom/webidl/RTCStatsReport.webidl
Просмотреть файл

@ -155,7 +155,8 @@ dictionary RTCIceCandidateStats : RTCStats {
DOMString candidateId;
DOMString ipAddress;
DOMString transport;
DOMString mozLocalTransport; // needs standardization
DOMString mozLocalTransport; // obsoleted by relayProtocol
DOMString relayProtocol;
long portNumber;
RTCStatsIceCandidateType candidateType;
};

12
ipc/app/MozillaRuntimeMain.cpp
Просмотреть файл

@ -9,23 +9,11 @@
#include "mozilla/Bootstrap.h"
#include "mozilla/WindowsDllBlocklist.h"
#ifdef XP_MACOSX
#include "mozilla/Sandbox.h"
#endif
using namespace mozilla;
int
main(int argc, char *argv[])
{
#ifdef XP_MACOSX
std::string err;
if (!mozilla::EarlyStartMacSandboxIfEnabled(argc, argv, err)) {
fprintf(stderr, "Sandbox error: %s\n", err.c_str());
MOZ_CRASH("Sandbox initialization failed");
}
#endif
#ifdef HAS_DLL_BLOCKLIST
DllBlocklist_Initialize(eDllBlocklistInitFlagIsChildProcess);
#endif

6
ipc/glue/GeckoChildProcessHost.cpp
Просмотреть файл

@ -549,12 +549,6 @@ AddAppDirToCommandLine(std::vector<std::string>& aCmdLine)
NS_GET_IID(nsIFile),
getter_AddRefs(profileDir));
if (NS_SUCCEEDED(rv)) {
// If the profile doesn't exist, normalization will
// fail. But we don't return an error here because some
// tests require startup with a missing profile dir.
// For users, almost universally, the profile will be in
// the home directory and normalization isn't required.
mozilla::Unused << profileDir->Normalize();
nsAutoCString path;
MOZ_ALWAYS_SUCCEEDS(profileDir->GetNativePath(path));
aCmdLine.push_back("-profile");

8
js/src/vm/JSContext-inl.h
Просмотреть файл

@ -45,15 +45,15 @@ class ContextChecks
* realm/compartment/zone mismatches.
*/
static void fail(JS::Realm* r1, JS::Realm* r2, int argIndex) {
MOZ_CRASH_UNSAFE_PRINTF("*** Realm mismatch %p vs. %p at argument %d\n",
MOZ_CRASH_UNSAFE_PRINTF("*** Realm mismatch %p vs. %p at argument %d",
r1, r2, argIndex);
}
static void fail(JS::Compartment* c1, JS::Compartment* c2, int argIndex) {
MOZ_CRASH_UNSAFE_PRINTF("*** Compartment mismatch %p vs. %p at argument %d\n",
MOZ_CRASH_UNSAFE_PRINTF("*** Compartment mismatch %p vs. %p at argument %d",
c1, c2, argIndex);
}
static void fail(JS::Zone* z1, JS::Zone* z2, int argIndex) {
MOZ_CRASH_UNSAFE_PRINTF("*** Zone mismatch %p vs. %p at argument %d\n",
MOZ_CRASH_UNSAFE_PRINTF("*** Zone mismatch %p vs. %p at argument %d",
z1, z2, argIndex);
}
@ -94,7 +94,7 @@ class ContextChecks
// zone, see JS_MarkCrossZoneId.
if (zone()) {
if (!cx->runtime()->gc.atomMarking.atomIsMarked(zone(), thing)) {
MOZ_CRASH_UNSAFE_PRINTF("*** Atom not marked for zone %p at argument %d\n",
MOZ_CRASH_UNSAFE_PRINTF("*** Atom not marked for zone %p at argument %d",
zone(), argIndex);
}
}

45
layout/generic/nsFrame.cpp
Просмотреть файл

@ -2675,13 +2675,12 @@ WrapSeparatorTransform(nsDisplayListBuilder* aBuilder, nsIFrame* aFrame,
// one, return an empty Maybe.
// The returned clip rect, if there is one, is relative to |aMaskedFrame|.
static Maybe<nsRect>
ComputeClipForMaskItem(nsDisplayListBuilder* aBuilder, nsIFrame* aMaskedFrame,
bool aHandleOpacity)
ComputeClipForMaskItem(nsDisplayListBuilder* aBuilder, nsIFrame* aMaskedFrame)
{
const nsStyleSVGReset* svgReset = aMaskedFrame->StyleSVGReset();
nsSVGUtils::MaskUsage maskUsage;
nsSVGUtils::DetermineMaskUsage(aMaskedFrame, aHandleOpacity, maskUsage);
nsSVGUtils::DetermineMaskUsage(aMaskedFrame, false, maskUsage);
nsPoint offsetToUserSpace = nsLayoutUtils::ComputeOffsetToUserSpace(aBuilder, aMaskedFrame);
int32_t devPixelRatio = aMaskedFrame->PresContext()->AppUnitsPerDevPixel();
@ -2935,16 +2934,18 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder,
aBuilder->EnterSVGEffectsContents(&hoistedScrollInfoItemsStorage);
}
// We build an opacity item if it's not going to be drawn by SVG content.
// We could in principle skip creating an nsDisplayOpacity item if
// nsDisplayOpacity::NeedsActiveLayer returns false and usingSVGEffects is
// true (the nsDisplayFilter/nsDisplayMasksAndClipPaths could handle the
// opacity). Since SVG has perf issues where we sometimes spend a lot of
// time creating display list items that might be helpful. We'd need to
// restore our mechanism to do that (changed in bug 1482403), and we'd
// need to invalidate the frame if the value that would be return from
// NeedsActiveLayer was to change, which we don't currently do.
bool useOpacity =
HasVisualOpacity(effectSet) && !nsSVGUtils::CanOptimizeOpacity(this);
bool needsActiveOpacityLayer = false;
// We build an opacity item if it's not going to be drawn by SVG content, or
// SVG effects. SVG effects won't handle the opacity if we want an active
// layer (for async animations), see
// nsSVGIntegrationsUtils::PaintMaskAndClipPath or
// nsSVGIntegrationsUtils::PaintFilter.
bool useOpacity = HasVisualOpacity(effectSet) &&
!nsSVGUtils::CanOptimizeOpacity(this) &&
((needsActiveOpacityLayer = nsDisplayOpacity::NeedsActiveLayer(aBuilder, this)) || !usingSVGEffects);
bool useBlendMode = effects->mMixBlendMode != NS_STYLE_BLEND_NORMAL;
bool useStickyPosition = disp->mPosition == NS_STYLE_POSITION_STICKY &&
IsScrollFrameActive(aBuilder,
@ -3016,7 +3017,7 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder,
Maybe<nsRect> clipForMask;
if (usingMask) {
clipForMask = ComputeClipForMaskItem(aBuilder, this, !useOpacity);
clipForMask = ComputeClipForMaskItem(aBuilder, this);
}
nsDisplayListCollection set(aBuilder);
@ -3195,15 +3196,9 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder,
// Skip all filter effects while generating glyph mask.
if (usingFilter && !aBuilder->IsForGenerateGlyphMask()) {
// If we are going to create a mask display item, handle opacity effect
// in that mask display item; Otherwise, take care of opacity in this
// filter display item.
bool handleOpacity = !usingMask && !useOpacity;
/* List now emptied, so add the new list to the top. */
resultList.AppendToTop(
MakeDisplayItem<nsDisplayFilters>(aBuilder, this, &resultList,
handleOpacity));
resultList.AppendToTop(MakeDisplayItem<nsDisplayFilters>(
aBuilder, this, &resultList));
}
if (usingMask) {
@ -3221,9 +3216,8 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder,
? aBuilder->CurrentActiveScrolledRoot()
: containerItemASR;
/* List now emptied, so add the new list to the top. */
resultList.AppendToTop(
MakeDisplayItem<nsDisplayMasksAndClipPaths>(aBuilder, this, &resultList,
!useOpacity, maskASR));
resultList.AppendToTop(MakeDisplayItem<nsDisplayMasksAndClipPaths>(
aBuilder, this, &resultList, maskASR));
}
// Also add the hoisted scroll info items. We need those for APZ scrolling
@ -3243,6 +3237,9 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder,
// The clip we would set on an element with opacity would clip
// all descendant content, but some should not be clipped.
DisplayListClipState::AutoSaveRestore opacityClipState(aBuilder);
const bool needsActiveOpacityLayer =
nsDisplayOpacity::NeedsActiveLayer(aBuilder, this);
resultList.AppendToTop(
MakeDisplayItem<nsDisplayOpacity>(aBuilder, this, &resultList,
containerItemASR,

7
layout/painting/RetainedDisplayListBuilder.cpp
Просмотреть файл

@ -414,6 +414,13 @@ public:
return true;
}
if (type == DisplayItemType::TYPE_MASK ||
type == DisplayItemType::TYPE_FILTER ||
type == DisplayItemType::TYPE_SVG_WRAPPER) {
// SVG items have some invalidation issues, see bugs 1494110 and 1494663.
return true;
}
return false;
}

59
layout/painting/nsDisplayList.cpp
Просмотреть файл

@ -6539,6 +6539,30 @@ nsDisplayOpacity::ApplyOpacityToChildren(nsDisplayListBuilder* aBuilder)
return true;
}
/**
* Returns true if this nsDisplayOpacity contains only a filter or a mask item
* that has the same frame as the opacity item. In this case the opacity item
* can be optimized away.
*/
bool
nsDisplayOpacity::IsEffectsWrapper() const
{
if (mList.Count() != 1) {
return false;
}
const nsDisplayItem* item = mList.GetBottom();
if (item->Frame() != mFrame) {
// The effect item needs to have the same frame as the opacity item.
return false;
}
const DisplayItemType type = item->GetType();
return type == DisplayItemType::TYPE_MASK ||
type == DisplayItemType::TYPE_FILTER;
}
bool
nsDisplayOpacity::ShouldFlattenAway(nsDisplayListBuilder* aBuilder)
{
@ -6561,6 +6585,13 @@ nsDisplayOpacity::ShouldFlattenAway(nsDisplayListBuilder* aBuilder)
return false;
}
if (IsEffectsWrapper()) {
MOZ_ASSERT(nsSVGIntegrationUtils::UsingEffectsForFrame(mFrame));
static_cast<nsDisplayEffectsBase*>(mList.GetBottom())->SetHandleOpacity();
mChildOpacityState = ChildOpacityState::Applied;
return true;
}
// Return true if we successfully applied opacity to child items, or if
// WebRender is not in use. In the latter case, the opacity gets flattened and
// applied during layer building.
@ -9445,7 +9476,6 @@ nsDisplayEffectsBase::nsDisplayEffectsBase(
nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity,
const ActiveScrolledRoot* aActiveScrolledRoot,
bool aClearClipChain)
: nsDisplayWrapList(aBuilder,
@ -9453,17 +9483,16 @@ nsDisplayEffectsBase::nsDisplayEffectsBase(
aList,
aActiveScrolledRoot,
aClearClipChain)
, mHandleOpacity(aHandleOpacity)
, mHandleOpacity(false)
{
MOZ_COUNT_CTOR(nsDisplayEffectsBase);
}
nsDisplayEffectsBase::nsDisplayEffectsBase(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity)
nsDisplayList* aList)
: nsDisplayWrapList(aBuilder, aFrame, aList)
, mHandleOpacity(aHandleOpacity)
, mHandleOpacity(false)
{
MOZ_COUNT_CTOR(nsDisplayEffectsBase);
}
@ -9512,7 +9541,9 @@ nsDisplayEffectsBase::ComputeInvalidationRegion(
nsRect bounds = GetBounds(aBuilder, &snap);
if (geometry->mFrameOffsetToReferenceFrame != ToReferenceFrame() ||
geometry->mUserSpaceOffset != UserSpaceOffset() ||
!geometry->mBBox.IsEqualInterior(BBoxInUserSpace())) {
!geometry->mBBox.IsEqualInterior(BBoxInUserSpace()) ||
geometry->mOpacity != mFrame->StyleEffects()->mOpacity ||
geometry->mHandleOpacity != ShouldHandleOpacity()) {
// Filter and mask output can depend on the location of the frame's user
// space and on the frame's BBox. We need to invalidate if either of these
// change relative to the reference frame.
@ -9633,12 +9664,10 @@ nsDisplayMasksAndClipPaths::nsDisplayMasksAndClipPaths(
nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity,
const ActiveScrolledRoot* aActiveScrolledRoot)
: nsDisplayEffectsBase(aBuilder,
aFrame,
aList,
aHandleOpacity,
aActiveScrolledRoot,
true)
{
@ -9836,11 +9865,6 @@ nsDisplayMasksAndClipPaths::ComputeInvalidationRegion(
bool snap;
nsRect bounds = GetBounds(aBuilder, &snap);
if (mFrame->StyleEffects()->mOpacity != geometry->mOpacity ||
mHandleOpacity != geometry->mHandleOpacity) {
aInvalidRegion->Or(*aInvalidRegion, bounds);
}
if (mDestRects.Length() != geometry->mDestRects.Length()) {
aInvalidRegion->Or(bounds, geometry->mBounds);
} else {
@ -10032,7 +10056,7 @@ nsDisplayMasksAndClipPaths::PrintEffects(nsACString& aTo)
nsLayoutUtils::FirstContinuationOrIBSplitSibling(mFrame);
bool first = true;
aTo += " effects=(";
if (mFrame->StyleEffects()->mOpacity != 1.0f && mHandleOpacity) {
if (mHandleOpacity) {
first = false;
aTo += nsPrintfCString("opacity(%f)", mFrame->StyleEffects()->mOpacity);
}
@ -10069,9 +10093,8 @@ nsDisplayMasksAndClipPaths::PrintEffects(nsACString& aTo)
nsDisplayFilters::nsDisplayFilters(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity)
: nsDisplayEffectsBase(aBuilder, aFrame, aList, aHandleOpacity)
nsDisplayList* aList)
: nsDisplayEffectsBase(aBuilder, aFrame, aList)
, mEffectsBounds(aFrame->GetVisualOverflowRectRelativeToSelf())
{
MOZ_COUNT_CTOR(nsDisplayFilters);
@ -10320,7 +10343,7 @@ nsDisplayFilters::PrintEffects(nsACString& aTo)
nsLayoutUtils::FirstContinuationOrIBSplitSibling(mFrame);
bool first = true;
aTo += " effects=(";
if (mFrame->StyleEffects()->mOpacity != 1.0f && mHandleOpacity) {
if (mHandleOpacity) {
first = false;
aTo += nsPrintfCString("opacity(%f)", mFrame->StyleEffects()->mOpacity);
}

14
layout/painting/nsDisplayList.h
Просмотреть файл

@ -5790,6 +5790,7 @@ public:
private:
bool ApplyOpacityToChildren(nsDisplayListBuilder* aBuilder);
bool IsEffectsWrapper() const;
float mOpacity;
bool mForEventsAndPluginsOnly : 1;
@ -6688,13 +6689,11 @@ public:
nsDisplayEffectsBase(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity,
const ActiveScrolledRoot* aActiveScrolledRoot,
bool aClearClipChain = false);
nsDisplayEffectsBase(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity);
nsDisplayList* aList);
nsDisplayEffectsBase(nsDisplayListBuilder* aBuilder,
const nsDisplayEffectsBase& aOther)
@ -6716,12 +6715,15 @@ public:
HitTestState* aState,
nsTArray<nsIFrame*>* aOutFrames) override;
void RestoreState() override { mHandleOpacity = false; }
bool ShouldFlattenAway(nsDisplayListBuilder* aBuilder) override
{
return false;
}
bool ShouldHandleOpacity() { return mHandleOpacity; }
void SetHandleOpacity() { mHandleOpacity = true; }
bool ShouldHandleOpacity() const { return mHandleOpacity; }
gfxRect BBoxInUserSpace() const;
gfxPoint UserSpaceOffset() const;
@ -6757,7 +6759,6 @@ public:
nsDisplayMasksAndClipPaths(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity,
const ActiveScrolledRoot* aActiveScrolledRoot);
nsDisplayMasksAndClipPaths(nsDisplayListBuilder* aBuilder,
const nsDisplayMasksAndClipPaths& aOther)
@ -6869,8 +6870,7 @@ class nsDisplayFilters : public nsDisplayEffectsBase
public:
nsDisplayFilters(nsDisplayListBuilder* aBuilder,
nsIFrame* aFrame,
nsDisplayList* aList,
bool aHandleOpacity);
nsDisplayList* aList);
nsDisplayFilters(nsDisplayListBuilder* aBuilder,
const nsDisplayFilters& aOther)

4
layout/painting/nsDisplayListInvalidation.cpp
Просмотреть файл

@ -131,6 +131,8 @@ nsDisplaySVGEffectGeometry::nsDisplaySVGEffectGeometry(
, mBBox(aItem->BBoxInUserSpace())
, mUserSpaceOffset(aItem->UserSpaceOffset())
, mFrameOffsetToReferenceFrame(aItem->ToReferenceFrame())
, mOpacity(aItem->Frame()->StyleEffects()->mOpacity)
, mHandleOpacity(aItem->ShouldHandleOpacity())
{
}
@ -147,8 +149,6 @@ nsDisplayMasksAndClipPathsGeometry::nsDisplayMasksAndClipPathsGeometry(
: nsDisplaySVGEffectGeometry(aItem, aBuilder)
, nsImageGeometryMixin(aItem, aBuilder)
, mDestRects(aItem->GetDestRects())
, mOpacity(aItem->Frame()->StyleEffects()->mOpacity)
, mHandleOpacity(aItem->ShouldHandleOpacity())
{
}

4
layout/painting/nsDisplayListInvalidation.h
Просмотреть файл

@ -302,6 +302,8 @@ public:
gfxRect mBBox;
gfxPoint mUserSpaceOffset;
nsPoint mFrameOffsetToReferenceFrame;
float mOpacity;
bool mHandleOpacity;
};
class nsDisplayMasksAndClipPathsGeometry
@ -318,8 +320,6 @@ public:
}
nsTArray<nsRect> mDestRects;
float mOpacity;
bool mHandleOpacity;
};
class nsDisplayFiltersGeometry

4
media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
Просмотреть файл

@ -1156,6 +1156,10 @@ static void ToRTCIceCandidateStats(
if (candidateType == RTCStatsType::Local_candidate) {
cand.mMozLocalTransport.Construct(
NS_ConvertASCIItoUTF16(candidate.local_addr.transport.c_str()));
if (RTCStatsIceCandidateType(candidate.type) == RTCStatsIceCandidateType::Relayed) {
cand.mRelayProtocol.Construct(
NS_ConvertASCIItoUTF16(candidate.local_addr.transport.c_str()));
}
}
report->mIceCandidateStats.Value().AppendElement(cand, fallible);
if (candidate.trickled) {

6
media/webrtc/signaling/src/peerconnection/WebrtcGlobalInformation.cpp
Просмотреть файл

@ -980,9 +980,9 @@ static uint32_t GetCandidateIpAndTransportMask(const RTCIceCandidateStats *cand)
uint32_t res = 0;
nsAutoCString transport;
// prefer local transport for local relay candidates
if (cand->mMozLocalTransport.WasPassed()) {
transport.Assign(NS_ConvertUTF16toUTF8(cand->mMozLocalTransport.Value()));
// prefer relay transport for local relay candidates
if (cand->mRelayProtocol.WasPassed()) {
transport.Assign(NS_ConvertUTF16toUTF8(cand->mRelayProtocol.Value()));
} else {
transport.Assign(NS_ConvertUTF16toUTF8(cand->mTransport.Value()));
}

2
mfbt/tests/moz.build
Просмотреть файл

@ -9,6 +9,8 @@ if CONFIG['MOZ_WIDGET_TOOLKIT']:
'gtest',
]
# Important: for these tests to be run, they also need to be added
# to testing/cppunittest.ini.
CppUnitTests([
'TestAlgorithm',
'TestArray',

10
security/sandbox/mac/Sandbox.h
Просмотреть файл

@ -45,7 +45,6 @@ typedef struct _MacSandboxInfo {
, hasFilePrivileges(false)
, hasSandboxedProfile(false)
, hasAudio(false)
, hasWindowServer(false)
, shouldLog(true)
{
}
@ -56,7 +55,6 @@ typedef struct _MacSandboxInfo {
bool hasFilePrivileges;
bool hasSandboxedProfile;
bool hasAudio;
bool hasWindowServer;
MacSandboxPluginInfo pluginInfo;
std::string appPath;
std::string appBinaryPath;
@ -69,20 +67,12 @@ typedef struct _MacSandboxInfo {
std::string testingReadPath3;
std::string testingReadPath4;
std::string parentPort;
std::string crashServerPort;
bool shouldLog;
} MacSandboxInfo;
namespace mozilla {
bool StartMacSandbox(MacSandboxInfo const &aInfo, std::string &aErrorMessage);
bool EarlyStartMacSandboxIfEnabled(int aArgc, char** aArgv,
std::string &aErrorMessage);
#ifdef DEBUG
void AssertMacSandboxEnabled();
#endif /* DEBUG */
} // namespace mozilla

198
security/sandbox/mac/Sandbox.mm
Просмотреть файл

@ -15,8 +15,6 @@
#include <stdlib.h>
#include <CoreFoundation/CoreFoundation.h>
#include <iostream>
#include <sstream>
#include <vector>
#include "mozilla/Assertions.h"
@ -226,22 +224,16 @@ bool StartMacSandbox(MacSandboxInfo const &aInfo, std::string &aErrorMessage)
params.push_back(macOSMinor.c_str());
params.push_back("APP_PATH");
params.push_back(aInfo.appPath.c_str());
params.push_back("APP_BINARY_PATH");
params.push_back(aInfo.appBinaryPath.c_str());
params.push_back("APP_DIR");
params.push_back(aInfo.appDir.c_str());
params.push_back("PROFILE_DIR");
params.push_back(aInfo.profileDir.c_str());
params.push_back("HOME_PATH");
params.push_back(getenv("HOME"));
params.push_back("HAS_SANDBOXED_PROFILE");
params.push_back(aInfo.hasSandboxedProfile ? "TRUE" : "FALSE");
params.push_back("HAS_WINDOW_SERVER");
params.push_back(aInfo.hasWindowServer ? "TRUE" : "FALSE");
if (!aInfo.parentPort.empty()) {
params.push_back("PARENT_PORT");
params.push_back(aInfo.parentPort.c_str());
}
if (!aInfo.crashServerPort.empty()) {
params.push_back("CRASH_PORT");
params.push_back(aInfo.crashServerPort.c_str());
}
if (!aInfo.testingReadPath1.empty()) {
params.push_back("TESTING_READ_PATH1");
params.push_back(aInfo.testingReadPath1.c_str());
@ -330,186 +322,4 @@ bool StartMacSandbox(MacSandboxInfo const &aInfo, std::string &aErrorMessage)
return true;
}
/*
* Fill |aInfo| with content sandbox params parsed from the provided
* command line arguments. Return false if any sandbox parameters needed
* for early startup of the sandbox are not present in the arguments.
*/
bool
GetContentSandboxParamsFromArgs(int aArgc, char** aArgv, MacSandboxInfo& aInfo)
{
// Ensure we find these paramaters in the command
// line arguments. Return false if any are missing.
bool foundSandboxLevel = false;
bool foundValidSandboxLevel = false;
bool foundParentPort = false;
bool foundAppPath = false;
// Read access directories used in testing
int nTestingReadPaths = 0;
std::string testingReadPaths[MAX_TESTING_READ_PATHS] = {};
// Collect sandbox params from CLI arguments
for (int i = 0; i < aArgc; i++) {
if ((strcmp(aArgv[i], "-sbLevel") == 0) && (i + 1 < aArgc)) {
std::stringstream ss(aArgv[i+1]);
int level = 0;
ss >> level;
foundSandboxLevel = true;
aInfo.level = level;
foundValidSandboxLevel = level > 0 && level <= 3 ? true : false;
if (!foundValidSandboxLevel) {
break;
}
i++;
continue;
}
if (strcmp(aArgv[i], "-sbLogging") == 0) {
aInfo.shouldLog = true;
continue;
}
if (strcmp(aArgv[i], "-sbAllowFileAccess") == 0) {
aInfo.hasFilePrivileges = true;
continue;
}
if (strcmp(aArgv[i], "-sbAllowAudio") == 0) {
aInfo.hasAudio = true;
continue;
}
if (strcmp(aArgv[i], "-sbAllowWindowServer") == 0) {
aInfo.hasWindowServer = true;
continue;
}
if ((strcmp(aArgv[i], "-sbAppPath") == 0) && (i + 1 < aArgc)) {
foundAppPath = true;
aInfo.appPath.assign(aArgv[i+1]);
i++;
continue;
}
if ((strcmp(aArgv[i], "-sbTestingReadPath") == 0) && (i + 1 < aArgc)) {
MOZ_ASSERT(nTestingReadPaths < MAX_TESTING_READ_PATHS);
testingReadPaths[nTestingReadPaths] = aArgv[i+1];
nTestingReadPaths++;
i++;
continue;
}
if ((strcmp(aArgv[i], "-profile") == 0) && (i + 1 < aArgc)) {
aInfo.hasSandboxedProfile = true;
aInfo.profileDir.assign(aArgv[i+1]);
i++;
continue;
}
#ifdef DEBUG
if ((strcmp(aArgv[i], "-sbDebugWriteDir") == 0) && (i + 1 < aArgc)) {
aInfo.debugWriteDir.assign(aArgv[i+1]);
i++;
continue;
}
#endif // DEBUG
// Handle positional arguments
if (strstr(aArgv[i], "org.mozilla.machname") != NULL) {
foundParentPort = true;
aInfo.parentPort.assign(aArgv[i]);
continue;
}
if (strstr(aArgv[i], "gecko-crash-server-pipe") != NULL) {
aInfo.crashServerPort.assign(aArgv[i]);
continue;
}
}
if (!foundSandboxLevel) {
fprintf(stderr, "Content sandbox disabled due to "
"missing sandbox CLI level parameter.\n");
return false;
}
if (!foundValidSandboxLevel) {
fprintf(stderr, "Content sandbox disabled due to invalid"
"sandbox level (%d)\n", aInfo.level);
return false;
}
if (!foundParentPort) {
fprintf(stderr, "Content sandbox disabled due to "
"missing sandbox CLI parent port parameter.\n");
return false;
}
if (!foundAppPath) {
fprintf(stderr, "Content sandbox disabled due to "
"missing sandbox CLI app path parameter.\n");
return false;
}
aInfo.testingReadPath1 = testingReadPaths[0];
aInfo.testingReadPath2 = testingReadPaths[1];
aInfo.testingReadPath3 = testingReadPaths[2];
aInfo.testingReadPath4 = testingReadPaths[3];
return true;
}
/*
* Returns true if no errors were encountered or if early sandbox startup is
* not enabled for this process. Returns false if an error was encountered.
*/
bool
EarlyStartMacSandboxIfEnabled(int aArgc, char** aArgv,
std::string &aErrorMessage)
{
bool earlyStartupEnabled = false;
// Check for the -sbStartup CLI parameter which
// indicates we should start the sandbox now.
for (int i = 0; i < aArgc; i++) {
if (strcmp(aArgv[i], "-sbStartup") == 0) {
earlyStartupEnabled = true;
break;
}
}
// The sandbox will be started later when/if parent
// sends the sandbox startup message. Return true
// indicating no errors occurred.
if (!earlyStartupEnabled) {
return true;
}
MacSandboxInfo info;
info.type = MacSandboxType_Content;
if (!GetContentSandboxParamsFromArgs(aArgc, aArgv, info)) {
return false;
}
return StartMacSandbox(info, aErrorMessage);
}
#ifdef DEBUG
/*
* Ensures that a process sandbox is enabled by attempting to enable
* a new sandbox policy and ASSERT'ing that this fails. This depends
* on sandbox_init() failing when called again after a sandbox has
* already been successfully enabled.
*/
void
AssertMacSandboxEnabled()
{
char *errorbuf = NULL;
int rv = sandbox_init("(version 1)(deny default)", 0, &errorbuf);
MOZ_ASSERT(rv != 0);
}
#endif /* DEBUG */
} // namespace mozilla

23
security/sandbox/mac/SandboxPolicies.h
Просмотреть файл

@ -6,8 +6,6 @@
#ifndef mozilla_SandboxPolicies_h
#define mozilla_SandboxPolicies_h
#define MAX_TESTING_READ_PATHS 4
namespace mozilla {
static const char pluginSandboxRules[] = R"SANDBOX_LITERAL(
@ -52,17 +50,16 @@ static const char contentSandboxRules[] = R"SANDBOX_LITERAL(
(define sandbox-level-3 (param "SANDBOX_LEVEL_3"))
(define macosMinorVersion (string->number (param "MAC_OS_MINOR")))
(define appPath (param "APP_PATH"))
(define appBinaryPath (param "APP_BINARY_PATH"))
(define appdir-path (param "APP_DIR"))
(define hasProfileDir (param "HAS_SANDBOXED_PROFILE"))
(define profileDir (param "PROFILE_DIR"))
(define hasWindowServer (param "HAS_WINDOW_SERVER"))
(define home-path (param "HOME_PATH"))
(define debugWriteDir (param "DEBUG_WRITE_DIR"))
(define testingReadPath1 (param "TESTING_READ_PATH1"))
(define testingReadPath2 (param "TESTING_READ_PATH2"))
(define testingReadPath3 (param "TESTING_READ_PATH3"))
(define testingReadPath4 (param "TESTING_READ_PATH4"))
(define parentPort (param "PARENT_PORT"))
(define crashPort (param "CRASH_PORT"))
(if (string=? should-log "TRUE")
(deny default)
@ -84,12 +81,12 @@ static const char contentSandboxRules[] = R"SANDBOX_LITERAL(
(subpath "/System")
(subpath "/usr/lib")
(subpath "/Library/GPUBundles")
(subpath appPath))
(subpath appdir-path))
(allow file-read*
(subpath "/System")
(subpath "/usr/lib")
(subpath "/Library/GPUBundles")
(subpath appPath)))
(subpath appdir-path)))
; Allow read access to standard system paths.
(allow file-read*
@ -188,14 +185,6 @@ static const char contentSandboxRules[] = R"SANDBOX_LITERAL(
(ipc-posix-name-regex #"^CFPBS:"))
(allow signal (target self))
(if (string? parentPort)
(allow mach-lookup (global-name parentPort)))
(if (string? crashPort)
(allow mach-lookup (global-name crashPort)))
(if (string=? hasWindowServer "TRUE")
(allow mach-lookup (global-name "com.apple.windowserver.active")))
(allow mach-lookup (global-name "com.apple.coreservices.launchservicesd"))
(allow mach-lookup (global-name "com.apple.lsd.mapdb"))
(if (>= macosMinorVersion 13)
(allow mach-lookup
@ -241,7 +230,9 @@ static const char contentSandboxRules[] = R"SANDBOX_LITERAL(
(home-subpath "/Library/Colors")
(home-subpath "/Library/Keyboard Layouts")
(home-subpath "/Library/Input Methods")
(home-subpath "/Library/Spelling"))
(home-subpath "/Library/Spelling")
(literal appPath)
(literal appBinaryPath))
(if (defined? 'file-map-executable)
(begin

12
testing/cppunittest.ini
Просмотреть файл

@ -1,17 +1,20 @@
[ShowSSEConfig]
[TestPrintf]
[TestAppShellSteadyState]
[TestAlgorithm]
[TestArray]
[TestArrayUtils]
[TestAtomics]
[TestBinarySearch]
[TestBloomFilter]
[TestBufferList]
[TestCasting]
[TestCeilingFloor]
[TestCheckedInt]
[TestCountPopulation]
[TestCountZeroes]
[TestDefineEnum]
[TestDoublyLinkedList]
[TestDllInterceptor]
skip-if = os != 'win'
[TestEndian]
@ -20,6 +23,7 @@ skip-if = os != 'win'
[TestEnumTypeTraits]
[TestFastBernoulliTrial]
[TestFloatingPoint]
[TestFunctionTypeTraits]
[TestIntegerPrintfMacros]
[TestIntegerRange]
[TestJSONWriter]
@ -28,12 +32,16 @@ skip-if = os != 'win'
[TestMacroForEach]
[TestMathAlgorithms]
[TestMaybe]
[TestNonDereferenceable]
[TestNotNull]
[TestParseFTPList]
[TestPLDHash]
[TestPair]
[TestPoisonArea]
skip-if = os == 'android' # Bug 1147630
[TestRange]
[TestRefPtr]
[TestResult]
[TestRollingMean]
[TestScopeExit]
[TestSegmentedVector]
@ -44,14 +52,18 @@ skip-if = os == 'android' # Bug 1147630
[TestSPSCQueue]
[TestSyncRunnable]
[TestTemplateLib]
[TestTextUtils]
[TestThreadSafeWeakPtr]
[TestTuple]
[TestTypeTraits]
[TestTypedEnum]
[TestUniquePtr]
[TestUtf8]
[TestVariant]
[TestVector]
[TestVolatileBuffer]
[TestWeakPtr]
[TestWrappingOperations]
[TestXorShift128PlusRNG]
[buffered_stun_socket_unittest]
[ice_unittest]

2
toolkit/content/aboutwebrtc/aboutWebrtc.js
Просмотреть файл

@ -850,7 +850,7 @@ ICEStats.prototype = {
var type = c.candidateType;
if (c.type == "local-candidate" && c.candidateType == "relayed") {
type = `${c.candidateType}-${c.mozLocalTransport}`;
type = `${c.candidateType}-${c.relayProtocol}`;
}
return `${c.ipAddress}:${c.portNumber}/${c.transport}(${type})`;

9
toolkit/recordreplay/ProcessRedirectDarwin.cpp
Просмотреть файл

@ -716,14 +716,7 @@ Preamble_gettimeofday(CallArguments* aArguments)
static PreambleResult
Preamble_fcntl(CallArguments* aArguments)
{
// We don't record any outputs for fcntl other than its return value, but
// some commands have an output parameter they write additional data to.
// Handle this by only allowing a limited set of commands to be used when
// events are not passed through and we are recording/replaying the outputs.
if (AreThreadEventsPassedThrough()) {
return PreambleResult::Redirect;
}
// Make sure fcntl is only used with a limited set of commands.
auto& cmd = aArguments->Arg<1, size_t>();
switch (cmd) {
case F_GETFL:

68
xpcom/base/nsMacUtilsImpl.cpp
Просмотреть файл

@ -6,13 +6,6 @@
#include "nsMacUtilsImpl.h"
#include "base/command_line.h"
#include "nsDirectoryServiceDefs.h"
#include "nsCOMPtr.h"
#include "nsIFile.h"
#include "nsIProperties.h"
#include "nsServiceManagerUtils.h"
#include <CoreFoundation/CoreFoundation.h>
NS_IMPL_ISUPPORTS(nsMacUtilsImpl, nsIMacUtils)
@ -132,64 +125,3 @@ nsMacUtilsImpl::GetIsTranslated(bool* aIsTranslated)
return NS_OK;
}
#if defined(MOZ_CONTENT_SANDBOX)
bool
nsMacUtilsImpl::GetAppPath(nsCString &aAppPath)
{
nsAutoCString appPath;
nsAutoCString appBinaryPath(
(CommandLine::ForCurrentProcess()->argv()[0]).c_str());
nsAutoCString::const_iterator start, end;
appBinaryPath.BeginReading(start);
appBinaryPath.EndReading(end);
if (RFindInReadable(NS_LITERAL_CSTRING(".app/Contents/MacOS/"), start, end)) {
end = start;
++end; ++end; ++end; ++end;
appBinaryPath.BeginReading(start);
appPath.Assign(Substring(start, end));
} else {
return false;
}
nsCOMPtr<nsIFile> app;
nsresult rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appPath),
true, getter_AddRefs(app));
if (NS_FAILED(rv)) {
return false;
}
rv = app->Normalize();
if (NS_FAILED(rv)) {
return false;
}
app->GetNativePath(aAppPath);
return true;
}
#if defined(DEBUG)
// Given a path to a file, return the directory which contains it.
nsAutoCString
nsMacUtilsImpl::GetDirectoryPath(const char *aPath)
{
nsCOMPtr<nsIFile> file = do_CreateInstance(NS_LOCAL_FILE_CONTRACTID);
if (!file ||
NS_FAILED(file->InitWithNativePath(nsDependentCString(aPath)))) {
MOZ_CRASH("Failed to create or init an nsIFile");
}
nsCOMPtr<nsIFile> directoryFile;
if (NS_FAILED(file->GetParent(getter_AddRefs(directoryFile))) ||
!directoryFile) {
MOZ_CRASH("Failed to get parent for an nsIFile");
}
directoryFile->Normalize();
nsAutoCString directoryPath;
if (NS_FAILED(directoryFile->GetNativePath(directoryPath))) {
MOZ_CRASH("Failed to get path for an nsIFile");
}
return directoryPath;
}
#endif /* DEBUG */
#endif /* MOZ_CONTENT_SANDBOX */

8
xpcom/base/nsMacUtilsImpl.h
Просмотреть файл

@ -21,14 +21,6 @@ public:
{
}
#if defined(MOZ_CONTENT_SANDBOX)
static bool GetAppPath(nsCString &aAppPath);
#ifdef DEBUG
static nsAutoCString GetDirectoryPath(const char *aPath);
#endif /* DEBUG */
#endif /* MOZ_CONTENT_SANDBOX */
private:
~nsMacUtilsImpl()
{