Bug 12974: Disable NTLM and Negotiate HTTP Auth

The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, #27602

Bug 12974: Disable NTLM and Negotiate HTTP Auth
998ea589 · Mike Perry · Pier Angelo Vendrame · 53939681 · 998ea589 · 998ea589
Verified Commit 998ea589 authored 10 years ago by Mike Perry Committed by Pier Angelo Vendrame 1 year ago
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -154,6 +154,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel,
  nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState;

  *identityInvalid = false;
+
+  /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+  return NS_ERROR_ABORT;
+
  if (rawModule) {
    return NS_OK;
  }

--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
@@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel,

  *identityInvalid = false;

+  /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+  return NS_ERROR_ABORT;
+
  // Start a new auth sequence if the challenge is exactly "NTLM".
  // If native NTLM auth apis are available and enabled through prefs,
  // try to use them.