Merge commit '50d3e596bbe89c95615f96eb71f6bc5be737a1db' into Basilisk-releasev2018.07.18

# Conflicts:
#	browser/app/profile/firefox.js
#	browser/components/preferences/jar.mn

18 files changed, 126 insertions, 86 deletions

diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp
index a8c9a5a25..ebe9d4703 100644
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -81,7 +81,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
 
   // This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
   // have a loadingPrincipal
-  MOZ_ASSERT(skipContentTypeCheck ||
+  MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
              mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
 
   // TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false meaning
@@ -493,6 +493,27 @@ LoadInfo::ContextForTopLevelLoad()
   return context;
 }
 
+already_AddRefed<nsISupports>
+LoadInfo::GetLoadingContext()
+{
+  nsCOMPtr<nsISupports> context;
+  if (mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
+    context = ContextForTopLevelLoad();
+  }
+  else {
+    context = LoadingNode();
+  }
+  return context.forget();
+}
+
+NS_IMETHODIMP
+LoadInfo::GetLoadingContextXPCOM(nsISupports** aResult)
+{
+  nsCOMPtr<nsISupports> context = GetLoadingContext();
+  context.forget(aResult);
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult)
 {
diff --git a/netwerk/base/TLSServerSocket.cpp b/netwerk/base/TLSServerSocket.cpp
index b32a9a188..257a7f5da 100644
--- a/netwerk/base/TLSServerSocket.cpp
+++ b/netwerk/base/TLSServerSocket.cpp
@@ -419,6 +419,13 @@ TLSServerConnectionInfo::GetCipherName(nsACString& aCipherName)
 }
 
 NS_IMETHODIMP
+TLSServerConnectionInfo::GetCipherSuite(nsACString& aCipherSuite)
+{
+  aCipherSuite.Assign(mCipherSuite);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
 TLSServerConnectionInfo::GetKeyLength(uint32_t* aKeyLength)
 {
   if (NS_WARN_IF(!aKeyLength)) {
@@ -490,7 +497,8 @@ TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD)
   if (NS_FAILED(rv)) {
     return rv;
   }
-  mCipherName.Assign(cipherInfo.cipherSuiteName);
+  mCipherName.Assign(cipherInfo.symCipherName);
+  mCipherSuite.Assign(cipherInfo.cipherSuiteName);
   mKeyLength = cipherInfo.effectiveKeyBits;
   mMacLength = cipherInfo.macBits;
 
diff --git a/netwerk/base/TLSServerSocket.h b/netwerk/base/TLSServerSocket.h
index 9fb57e0cc..fd47fc918 100644
--- a/netwerk/base/TLSServerSocket.h
+++ b/netwerk/base/TLSServerSocket.h
@@ -68,6 +68,7 @@ private:
   nsCOMPtr<nsIX509Cert>                  mPeerCert;
   int16_t                                mTlsVersionUsed;
   nsCString                              mCipherName;
+  nsCString                              mCipherSuite;
   uint32_t                               mKeyLength;
   uint32_t                               mMacLength;
   // lock protects access to mSecurityObserver
diff --git a/netwerk/base/nsFileStreams.cpp b/netwerk/base/nsFileStreams.cpp
index 2ddb7ae98..6508b33b9 100644
--- a/netwerk/base/nsFileStreams.cpp
+++ b/netwerk/base/nsFileStreams.cpp
@@ -1015,11 +1015,18 @@ nsAtomicFileOutputStream::DoOpen()
     }
 
     if (NS_SUCCEEDED(rv) && mTargetFileExists) {
+        // Abort if |file| is not writable; it won't work as an output stream.
+        bool isWritable;
+        if (NS_SUCCEEDED(file->IsWritable(&isWritable)) && !isWritable) {
+            return NS_ERROR_FILE_ACCESS_DENIED;
+        }
+
         uint32_t origPerm;
         if (NS_FAILED(file->GetPermissions(&origPerm))) {
             NS_ERROR("Can't get permissions of target file");
             origPerm = mOpenParams.perm;
         }
+
         // XXX What if |perm| is more restrictive then |origPerm|?
         // This leaves the user supplied permissions as they were.
         rv = tempResult->CreateUnique(nsIFile::NORMAL_FILE_TYPE, origPerm);
diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl
index 9a883ff98..bc609c317 100644
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -10,7 +10,7 @@
 interface nsIDOMDocument;
 interface nsINode;
 interface nsIPrincipal;
-
+native LoadContextRef(already_AddRefed<nsISupports>);
 %{C++
 #include "nsTArray.h"
 #include "mozilla/BasePrincipal.h"
@@ -334,6 +334,21 @@ interface nsILoadInfo : nsISupports
   nsISupports binaryContextForTopLevelLoad();
 
   /**
+   * For all loads except loads of TYPE_DOCUMENT, the loadingContext
+   * simply returns the loadingNode. For loads of TYPE_DOCUMENT this
+   * will return the context available for top-level loads which
+   * do not have a loadingNode.
+   */
+  [binaryname(LoadingContextXPCOM)]
+  readonly attribute nsISupports loadingContext;
+  
+  /**
+   * A C++ friendly version of the loadingContext.
+   */
+  [noscript, notxpcom, nostdcall, binaryname(GetLoadingContext)]
+  LoadContextRef binaryGetLoadingContext();
+
+  /**
    * The securityFlags of that channel.
    */
   readonly attribute nsSecurityFlags securityFlags;
diff --git a/netwerk/base/nsITLSServerSocket.idl b/netwerk/base/nsITLSServerSocket.idl
index 9a03c2ead..57485357f 100644
--- a/netwerk/base/nsITLSServerSocket.idl
+++ b/netwerk/base/nsITLSServerSocket.idl
@@ -94,7 +94,7 @@ interface nsITLSServerSocket : nsIServerSocket
  * method of the security observer has been called (see
  * |nsITLSServerSecurityObserver| below).
  */
-[scriptable, uuid(19668ea4-e5ad-4182-9698-7e890d48f327)]
+[scriptable, uuid(205e273d-2439-449b-bfc5-fc555c87dbc4)]
 interface nsITLSClientStatus : nsISupports
 {
   /**
@@ -125,11 +125,19 @@ interface nsITLSClientStatus : nsISupports
   /**
    * cipherName
    *
+   * Name of the symetric cipher used, such as
+   * "AES-GCM" or "CAMELLIA".
+   */
+  readonly attribute ACString cipherName;
+
+  /**
+   * cipherSuite
+   *
    * Name of the cipher suite used, such as
    * "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256".
    * See security/nss/lib/ssl/sslinfo.c for the possible values.
    */
-  readonly attribute ACString cipherName;
+  readonly attribute ACString cipherSuite;
 
   /**
    * keyLength
diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp
index e2a290e4d..dff4ecbc0 100644
--- a/netwerk/base/nsStandardURL.cpp
+++ b/netwerk/base/nsStandardURL.cpp
@@ -3455,8 +3455,10 @@ FromIPCSegment(const nsACString& aSpec, const ipc::StandardURLSegment& aSegment,
         return false;
     }
 
+    CheckedInt<uint32_t> segmentLen = aSegment.position();
+    segmentLen += aSegment.length();
     // Make sure the segment does not extend beyond the spec.
-    if (NS_WARN_IF(aSegment.position() + aSegment.length() > aSpec.Length())) {
+    if (NS_WARN_IF(!segmentLen.isValid() || segmentLen.value() > aSpec.Length())) {
         return false;
     }
 
diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js
index 5351d7c04..cfbbf4a45 100644
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -3,7 +3,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 pref("security.tls.version.min", 1);
-pref("security.tls.version.max", 3);
+pref("security.tls.version.max", 4);
 pref("security.tls.version.fallback-limit", 3);
 pref("security.tls.insecure_fallback_hosts", "");
 pref("security.tls.unrestricted_rc4_fallback", false);
diff --git a/netwerk/cache/nsCacheEntryDescriptor.cpp b/netwerk/cache/nsCacheEntryDescriptor.cpp
index b53ee3058..64765f8aa 100644
--- a/netwerk/cache/nsCacheEntryDescriptor.cpp
+++ b/netwerk/cache/nsCacheEntryDescriptor.cpp
@@ -1399,6 +1399,12 @@ nsCompressOutputStreamWrapper::Close()
     // Do not allow to initialize stream after calling Close().
     mStreamEnded = true;
 
+    // In some rare cases, flushing the zlib stream can take too long
+    // and we lose our cache entry in the meantime. Do another check
+    // and bail if so.
+    if (!mDescriptor)
+        return NS_ERROR_NOT_AVAILABLE;
+
     if (mDescriptor->CacheEntry()) {
         nsAutoCString uncompressedLenStr;
         rv = mDescriptor->GetMetaDataElement("uncompressed-len",
diff --git a/netwerk/cache2/CacheObserver.cpp b/netwerk/cache2/CacheObserver.cpp
index 1eb76e8c5..6b6d89395 100644
--- a/netwerk/cache2/CacheObserver.cpp
+++ b/netwerk/cache2/CacheObserver.cpp
@@ -26,8 +26,6 @@ CacheObserver* CacheObserver::sSelf = nullptr;
 static uint32_t const kDefaultUseNewCache = 1; // Use the new cache by default
 uint32_t CacheObserver::sUseNewCache = kDefaultUseNewCache;
 
-static bool sUseNewCacheTemp = false; // Temp trigger to not lose early adopters
-
 static int32_t const kAutoDeleteCacheVersion = -1; // Auto-delete off by default
 static int32_t sAutoDeleteCacheVersion = kAutoDeleteCacheVersion;
 
@@ -154,9 +152,7 @@ CacheObserver::AttachToPreferences()
     "browser.cache.auto_delete_cache_version", kAutoDeleteCacheVersion);
 
   mozilla::Preferences::AddUintVarCache(
-    &sUseNewCache, "browser.cache.use_new_backend", kDefaultUseNewCache);
-  mozilla::Preferences::AddBoolVarCache(
-    &sUseNewCacheTemp, "browser.cache.use_new_backend_temp", false);
+    &sUseNewCache, "browser.cache.backend", kDefaultUseNewCache);
 
   mozilla::Preferences::AddBoolVarCache(
     &sUseDiskCache, "browser.cache.disk.enable", kDefaultUseDiskCache);
@@ -297,9 +293,6 @@ bool CacheObserver::UseNewCache()
 {
   uint32_t useNewCache = sUseNewCache;
 
-  if (sUseNewCacheTemp)
-    useNewCache = 1;
-
   switch (useNewCache) {
     case 0: // use the old cache backend
       return false;
diff --git a/netwerk/cookie/nsCookieService.cpp b/netwerk/cookie/nsCookieService.cpp
index cf1d91e2d..1c4e5e740 100644
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3348,12 +3348,16 @@ nsCookieService::SetCookieInternal(nsIURI                        *aHostURI,
     return newCookie;
   }
 
+  // Note: For now we allow 0x20 (Space) in cookie names.
+  // Some websites apparently use cookie names with spaces in them, and the RFC
+  // doesn't exactly specify what to do in that case, so it's better to keep
+  // wider compatibility.
   const char illegalNameCharacters[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
                                          0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
                                          0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
                                          0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
                                          0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E,
-                                         0x1F, 0x00 };
+                                         0x1F, /* 0x20, */ 0x00 };
   if (cookieAttributes.name.FindCharInSet(illegalNameCharacters, 0) != -1) {
     COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "invalid name character");
     return newCookie;
@@ -3374,18 +3378,26 @@ nsCookieService::SetCookieInternal(nsIURI                        *aHostURI,
     return newCookie;
   }
 
-  // reject cookie if value contains an RFC 6265 disallowed character - see
-  // https://bugzilla.mozilla.org/show_bug.cgi?id=1191423
-  // NOTE: this is not the full set of characters disallowed by 6265 - notably
-  // 0x09, 0x20, 0x22, 0x2C, 0x5C, and 0x7F are missing from this list. This is
-  // for parity with Chrome. This only applies to cookies set via the Set-Cookie
-  // header, as document.cookie is defined to be UTF-8. Hooray for
-  // symmetry!</sarcasm>
-  const char illegalCharacters[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-                                     0x08, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-                                     0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
-                                     0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D,
-                                     0x1E, 0x1F, 0x3B, 0x00 };
+  // Reject cookie if value contains an RFC 6265 disallowed character.
+  // See RFC 6265 section 4.1.1
+  // XXX: For now we allow for web compatibility (see issue #357):
+  // 0x20 (Space)
+  // 0x22 (DQUOTE)
+  // 0x2C (Comma)
+  // 0x5C (Backslash)
+  //
+  // FIXME: Before removing DQUOTE from the exceptions list:
+  // DQUOTE *cookie-octet DQUOTE is permitted and would fail if just removed.
+  // This needs better checking for first and last character allowing
+  // DQUOTE but not in the actual value.
+  //
+  // This only applies to cookies set via the Set-Cookie header, since
+  // document.cookie is defined to be UTF-8.
+  const char illegalCharacters[] = { 
+      0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
+      0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+      0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, /* 0x20, 0x22, */
+      /* 0x2C, */ 0x3B, /* 0x5C, */ 0x7F, 0x00 };
   if (aFromHttp && (cookieAttributes.value.FindCharInSet(illegalCharacters, 0) != -1)) {
     COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "invalid value character");
     return newCookie;
diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp
index d1c67f01b..7c88b9222 100644
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -737,7 +737,6 @@ HttpChannelParent::RecvRedirect2Verify(const nsresult& result,
 {
   LOG(("HttpChannelParent::RecvRedirect2Verify [this=%p result=%x]\n",
        this, result));
-  nsresult rv;
   if (NS_SUCCEEDED(result)) {
     nsCOMPtr<nsIHttpChannel> newHttpChannel =
         do_QueryInterface(mRedirectChannel);
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index 7bcec146d..ac855b478 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -24,7 +24,6 @@
 #include "nsICryptoHash.h"
 #include "nsINetworkInterceptController.h"
 #include "nsINSSErrorsService.h"
-#include "nsISecurityReporter.h"
 #include "nsIStringBundle.h"
 #include "nsIStreamListenerTee.h"
 #include "nsISeekableStream.h"
@@ -1733,56 +1732,6 @@ nsHttpChannel::ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead)
     return NS_OK;
 }
 
-/**
- * Decide whether or not to send a security report and, if so, give the
- * SecurityReporter the information required to send such a report.
- */
-void
-nsHttpChannel::ProcessSecurityReport(nsresult status) {
-    uint32_t errorClass;
-    nsCOMPtr<nsINSSErrorsService> errSvc =
-            do_GetService("@mozilla.org/nss_errors_service;1");
-    // getErrorClass will throw a generic NS_ERROR_FAILURE if the error code is
-    // not in the set of errors covered by the NSS errors service.
-    nsresult rv = errSvc->GetErrorClass(status, &errorClass);
-    if (!NS_SUCCEEDED(rv)) {
-        return;
-    }
-
-    // if the content was not loaded succesfully and we have security info,
-    // send a TLS error report - we must do this early as other parts of
-    // OnStopRequest can return early
-    bool reportingEnabled =
-            Preferences::GetBool("security.ssl.errorReporting.enabled");
-    bool reportingAutomatic =
-            Preferences::GetBool("security.ssl.errorReporting.automatic");
-    if (!mSecurityInfo || !reportingEnabled || !reportingAutomatic) {
-        return;
-    }
-
-    nsCOMPtr<nsITransportSecurityInfo> secInfo =
-            do_QueryInterface(mSecurityInfo);
-    nsCOMPtr<nsISecurityReporter> errorReporter =
-            do_GetService("@mozilla.org/securityreporter;1");
-
-    if (!secInfo || !mURI) {
-        return;
-    }
-
-    nsAutoCString hostStr;
-    int32_t port;
-    rv = mURI->GetHost(hostStr);
-    if (!NS_SUCCEEDED(rv)) {
-        return;
-    }
-
-    rv = mURI->GetPort(&port);
-
-    if (NS_SUCCEEDED(rv)) {
-        errorReporter->ReportTLSError(secInfo, hostStr, port);
-    }
-}
-
 bool
 nsHttpChannel::IsHTTPS()
 {
@@ -6687,10 +6636,6 @@ nsHttpChannel::OnStopRequest(nsIRequest *request, nsISupports *ctxt, nsresult st
     MOZ_ASSERT(NS_IsMainThread(),
                "OnStopRequest should only be called from the main thread");
 
-    if (NS_FAILED(status)) {
-        ProcessSecurityReport(status);
-    }
-
     // If this load failed because of a security error, it may be because we
     // are in a captive portal - trigger an async check to make sure.
     int32_t nsprError = -1 * NS_ERROR_GET_CODE(status);
diff --git a/netwerk/sctp/datachannel/DataChannel.cpp b/netwerk/sctp/datachannel/DataChannel.cpp
index d47a9d5ea..f2a91c589 100644
--- a/netwerk/sctp/datachannel/DataChannel.cpp
+++ b/netwerk/sctp/datachannel/DataChannel.cpp
@@ -654,7 +654,10 @@ int
 DataChannelConnection::SendPacket(unsigned char data[], size_t len, bool release)
 {
   //LOG(("%p: SCTP/DTLS sent %ld bytes", this, len));
-  int res = mTransportFlow->SendPacket(data, len) < 0 ? 1 : 0;
+  int res = 0;
+  if (mTransportFlow) {
+    res = mTransportFlow->SendPacket(data, len) < 0 ? 1 : 0;
+  }
   if (release)
     delete [] data;
   return res;
diff --git a/netwerk/sctp/datachannel/DataChannel.h b/netwerk/sctp/datachannel/DataChannel.h
index 84ab422fc..ebf29366b 100644
--- a/netwerk/sctp/datachannel/DataChannel.h
+++ b/netwerk/sctp/datachannel/DataChannel.h
@@ -111,7 +111,7 @@ public:
     virtual void NotifyDataChannel(already_AddRefed<DataChannel> channel) = 0;
   };
 
-  explicit DataChannelConnection(DataConnectionListener *listener);
+  DataChannelConnection(DataConnectionListener *listener);
 
   bool Init(unsigned short aPort, uint16_t aNumStreams, bool aUsingDtls);
   void Destroy(); // So we can spawn refs tied to runnables in shutdown
diff --git a/netwerk/sctp/src/netinet/sctp_auth.c b/netwerk/sctp/src/netinet/sctp_auth.c
index 50432ad8a..ee5ca36ce 100755
--- a/netwerk/sctp/src/netinet/sctp_auth.c
+++ b/netwerk/sctp/src/netinet/sctp_auth.c
@@ -1525,6 +1525,8 @@ sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m,
 	    if (p_random != NULL) {
 		keylen = sizeof(*p_random) + random_len;
 		bcopy(p_random, new_key->key, keylen);
+	    } else {
+		keylen = 0;
 	    }
 	    /* append in the AUTH chunks */
 	    if (chunks != NULL) {
diff --git a/netwerk/sctp/src/netinet/sctp_pcb.c b/netwerk/sctp/src/netinet/sctp_pcb.c
index 297097025..58c164f50 100755
--- a/netwerk/sctp/src/netinet/sctp_pcb.c
+++ b/netwerk/sctp/src/netinet/sctp_pcb.c
@@ -7688,6 +7688,8 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m,
 		if (p_random != NULL) {
 			keylen = sizeof(*p_random) + random_len;
 			bcopy(p_random, new_key->key, keylen);
+		} else {
+			keylen = 0;
 		}
 		/* append in the AUTH chunks */
 		if (chunks != NULL) {
diff --git a/netwerk/test/gtest/TestStandardURL.cpp b/netwerk/test/gtest/TestStandardURL.cpp
index ccab556a9..a013f351c 100644
--- a/netwerk/test/gtest/TestStandardURL.cpp
+++ b/netwerk/test/gtest/TestStandardURL.cpp
@@ -4,8 +4,11 @@
 #include "nsCOMPtr.h"
 #include "nsNetCID.h"
 #include "nsIURL.h"
+#include "nsIStandardURL.h"
 #include "nsString.h"
 #include "nsComponentManagerUtils.h"
+#include "nsIIPCSerializableURI.h"
+#include "mozilla/ipc/URIUtils.h"
 
 TEST(TestStandardURL, Simple) {
     nsCOMPtr<nsIURL> url( do_CreateInstance(NS_STANDARDURL_CONTRACTID) );
@@ -67,3 +70,16 @@ MOZ_GTEST_BENCH(TestStandardURL, Perf, [] {
         url->GetRef(out);
     }
 });
+
+TEST(TestStandardURL, Deserialize_Bug1392739)
+{
+  mozilla::ipc::StandardURLParams standard_params;
+  standard_params.urlType() = nsIStandardURL::URLTYPE_STANDARD;
+  standard_params.spec() = NS_LITERAL_CSTRING("");
+  standard_params.host() = mozilla::ipc::StandardURLSegment(4294967295, 1);
+
+  mozilla::ipc::URIParams params(standard_params);
+
+  nsCOMPtr<nsIIPCSerializableURI> url = do_CreateInstance(NS_STANDARDURL_CID);
+  ASSERT_EQ(url->Deserialize(params), false);
+}