Jump to content

"This address is restricted"

Mathwiz
 Share

Recommended Posts

Mathwiz

Mathwiz

Posted
Posted

Hopefully this will be an easy one for one of the Firefox experts. Trying to learn about the IceApe browser, Serpent (55) gave me this:

image.thumb.png.c8800588ef612ce902a6e50c3d2c1980.png

Apparently Serpent (at least 55) blocks port 50100 for some strange reason, but that's where the IceApe changelog is. Is there a pref to control this? Searching for 50100 in about:config yields nothing....

Link to comment
Share on other sites

roytam1

roytam1

Posted
Posted
1 hour ago, Mathwiz said:

Hopefully this will be an easy one for one of the Firefox experts. Trying to learn about the IceApe browser, Serpent (55) gave me this:

image.thumb.png.c8800588ef612ce902a6e50c3d2c1980.png

Apparently Serpent (at least 55) blocks port 50100 for some strange reason, but that's where the IceApe changelog is. Is there a pref to control this? Searching for 50100 in about:config yields nothing....

50100 is not banned as it is not listed in https://github.com/roytam1/basilisk55/blob/master/netwerk/base/nsIOService.cpp#L98

you may check if there is pref `network.security.ports.banned` and try resetting it.

or you may add 50100 to string pref `network.security.ports.banned.override` in about:config.

3
Link to comment
Share on other sites
roytam1

roytam1

Posted
Posted
43 minutes ago, Mathwiz said:

Thanks, but no dice. There's no network.security.ports.banned pref; yet it refuses to connect, even after I created string pref network.security.ports.banned.override and set it to 50100 :huh:

OK I think I found the root of issue, and a fix is pushed.

3
Link to comment
Share on other sites
Mathwiz

Mathwiz

Posted
  • Author
Posted

Thanks! I'll be sure to download the next Serpent 55 update once you post it. Does this affect any other platforms, such as UXP? If so I'll download those too.

I looked at the code you linked to, and it looked pretty straightforward. There's a hard-coded list of `bad' ports, and you can add more ports to the list with the network.security.ports.banned pref, and/or remove ports from the list with the network.security.ports.banned.override pref. So it was quite strange that it wouldn't work no matter how I set those prefs!

1
Link to comment
Share on other sites
Mathwiz

Mathwiz

Posted
  • Author
Posted

Good - sounds like the issue was unique to the Moebius platform and doesn't affect UXP browsers. Which sort of makes sense, because IceApe is itself a UXP browser - I think they would've noticed if they couldn't browse their own change log!

2
Link to comment
Share on other sites
roytam1

roytam1

Posted
Posted (edited)
6 hours ago, Mathwiz said:

So it was quite strange that it wouldn't work no matter how I set those prefs!

yeah, because there are some bit width problems in variable, and problem is revealed in the conditions in the code after security patches applied. fix is simple as well: https://github.com/roytam1/basilisk55/commit/fc7f3915a7bd9d30615f0430c9c014f7fd758b76

EDIT: also reported to upstream: https://github.com/classilla/tenfourfox/commit/4f70dd5c954cfcfd55357527da98c15f8355fbe5#r59478686

Edited by roytam1
3
Link to comment
Share on other sites
Mathwiz

Mathwiz

Posted
  • Author
Posted (edited)
On 11/4/2021 at 4:59 PM, XPerceniol said:

Hmmm ... fine here with both Serpent 52 and FF 52.9.1?

And fine with FF 53 too. Evidently a very unique bug.

23 hours ago, roytam1 said:

problem is revealed in the conditions in the code after security patches applied.

I see; the procedure is passed a 32-bit value, and wants to ensure it's a valid port number (in the range 1 to 65535), so that you'll get the error if you enter something idiotic like microsoft.com:0 or google.com:65536; but it was first assigning the 32-bit value to a 16-bit value, cutting off the high-order bits and rendering the check for being over 65535 meaningless. Worse, it was a signed 16-bit value, so anything over 32767 tested as less than 0 and was blocked as an invalid port number!

Edit: Roytam's fix works! BTW, I saw that he found and fixed the same coding mistake in FF 45 and the Tycho browsers (PM 27 and KM); yet it didn't cause the same bug, at least in the FF 45 build I was using. (Haven't tried the others.) Like later FF versions, FF 45 accessed port 50100 just fine.

Edited by Mathwiz
3
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...