This patch enables PSM and Firefox to use TLS 1.3 Encrypted Client Hello (draft -08). Specifically:
- Compile NSS with NSS_ENABLE_DRAFT_HPKE=1
- Add ECH "public_name" handling in SSLServerCertVerification.cpp (see: https://tools.ietf.org/html/draft-ietf-tls-esni-08#section-6.3.2)
- Adds `mIsAcceptedEch` to TransportSecurityInfo, and xpcshell tests for ECH use cases
- Adds EncryptedClientHelloServer to facilitate the xpcshell tests
- Un-ifdef Set/GetEchConfigs code in nsNSSIOLayer.cpp. Also reverted the Base64 encoding and decoding, as the data returned from DNS is already decoded (wire-format).
Differential Revision: https://phabricator.services.mozilla.com/D92651
This patch enables PSM and Firefox to use TLS 1.3 Encrypted Client Hello (draft -08). Specifically:
- Compile NSS with NSS_ENABLE_DRAFT_HPKE=1
- Add ECH "public_name" handling in SSLServerCertVerification.cpp (see: https://tools.ietf.org/html/draft-ietf-tls-esni-08#section-6.3.2)
- Adds `mIsAcceptedEch` to TransportSecurityInfo, and xpcshell tests for ECH use cases
- Adds EncryptedClientHelloServer to facilitate the xpcshell tests
- Un-ifdef Set/GetEchConfigs code in nsNSSIOLayer.cpp. Also reverted the Base64 encoding and decoding, as the data returned from DNS is already decoded (wire-format).
Differential Revision: https://phabricator.services.mozilla.com/D92651
- Add 2 test: 1) server is not listening to the port and 2) server is not responding that will cause the connection to timeout and fall back to HTTP2
- Adds a server that only reads packets but never sends any to simulate a handshake timing out
Differential Revision: https://phabricator.services.mozilla.com/D95816
- Add 2 test: 1) server is not listening to the port and 2) server is not responding that will cause the connection to timeout and fall back to HTTP2
- Adds a server that only reads packets but never sends any to simulate a handshake timing out
Differential Revision: https://phabricator.services.mozilla.com/D95816
- Add 2 test: 1) server is not listening to the port and 2) server is not responding that will cause the connection to timeout and fall back to HTTP2
- Adds a server that only reads packets but never sends any to simulate a handshake timing out
Differential Revision: https://phabricator.services.mozilla.com/D95816
This will allow us to make response that violate the Http3 protocol and cause a protocol error.
Currently the server returns only one response, we may extend it if needed.
Differential Revision: https://phabricator.services.mozilla.com/D94912
This preference is currently only used when running Windows XPCShell
tests in order to disable IPv6 resolution for "localhost". However, this
does not seem to be needed anymore and actually breaks the expectation
that "localhost" resolves to IPv4 and IPv6 loopback addresses
(see bugs 1673315, 1673364, 1220810).
Differential Revision: https://phabricator.services.mozilla.com/D94986
Now that we're e10s by default, we need to disable it for xpcshell.
Unfortunately we can't do this via user prefs because, by the time xpcshell
parses those, it's already too late: e10s has already been decided.
In an earlier patch, we've changed that env var to accept '1' for Android,
instead of the version string as on desktop.
Differential Revision: https://phabricator.services.mozilla.com/D94337
Now that we're e10s by default, we need to disable it for xpcshell.
Unfortunately we can't do this via user prefs because, by the time xpcshell
parses those, it's already too late: e10s has already been decided.
In an earlier patch, we've changed that env var to accept '1' for Android,
instead of the version string as on desktop.
Differential Revision: https://phabricator.services.mozilla.com/D94337
Allow-list all Python code in tree for use with the black linter, and re-format all code in-tree accordingly.
To produce this patch I did all of the following:
1. Make changes to tools/lint/black.yml to remove include: stanza and update list of source extensions.
2. Run ./mach lint --linter black --fix
3. Make some ad-hoc manual updates to python/mozbuild/mozbuild/test/configure/test_configure.py -- it has some hard-coded line numbers that the reformat breaks.
4. Make some ad-hoc manual updates to `testing/marionette/client/setup.py`, `testing/marionette/harness/setup.py`, and `testing/firefox-ui/harness/setup.py`, which have hard-coded regexes that break after the reformat.
5. Add a set of exclusions to black.yml. These will be deleted in a follow-up bug (1672023).
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D94045
Allow-list all Python code in tree for use with the black linter, and re-format all code in-tree accordingly.
To produce this patch I did all of the following:
1. Make changes to tools/lint/black.yml to remove include: stanza and update list of source extensions.
2. Run ./mach lint --linter black --fix
3. Make some ad-hoc manual updates to python/mozbuild/mozbuild/test/configure/test_configure.py -- it has some hard-coded line numbers that the reformat breaks.
4. Make some ad-hoc manual updates to `testing/marionette/client/setup.py`, `testing/marionette/harness/setup.py`, and `testing/firefox-ui/harness/setup.py`, which have hard-coded regexes that break after the reformat.
5. Add a set of exclusions to black.yml. These will be deleted in a follow-up bug (1672023).
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D94045
Allow-list all Python code in tree for use with the black linter, and re-format all code in-tree accordingly.
To produce this patch I did all of the following:
1. Make changes to tools/lint/black.yml to remove include: stanza and update list of source extensions.
2. Run ./mach lint --linter black --fix
3. Make some ad-hoc manual updates to python/mozbuild/mozbuild/test/configure/test_configure.py -- it has some hard-coded line numbers that the reformat breaks.
4. Add a set of exclusions to black.yml. These will be deleted in a follow-up bug (1672023).
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D94045
If *all* test paths don't resolve to any tests and we're running in CI, exit without
causing the task to fail. This situation can happen due to moz.build traversal that
causes manifests to not exist under certain configurations.
Ideally I'd love if we could prevent those cases from happening in the first place (i.e
generate the 'all-tests.pkl' file via a file-system traversal and then rely on skip-if's
to not run things), but until then this fixes a fairly frequent intermittent.
Differential Revision: https://phabricator.services.mozilla.com/D93684
The manifest file hasn't actually done anything since XPT definitions were
moved to the libxul binary, and now just generates warnings in local builes.
Differential Revision: https://phabricator.services.mozilla.com/D89197
The manifest file hasn't actually done anything since XPT definitions were
moved to the libxul binary, and now just generates warnings in local builes.
Differential Revision: https://phabricator.services.mozilla.com/D89197
The manifest file hasn't actually done anything since XPT definitions were
moved to the libxul binary, and now just generates warnings in local builes.
Differential Revision: https://phabricator.services.mozilla.com/D89197
Today we don't require that `mach` `CommandProvider`s subclass from any particular parent class and we're very lax about the requirements they must meet. While that's convenient in certain circumstances, it has some unfortunate implications for feature development.
Today the only requirements that we have for `CommandProvider`s are that they have an `__init__()` method that takes either 1 or 2 arguments, the second of which must be called `context` and is populated with the `mach` `CommandContext`. Again, while this flexibility is occasionally convenient, it is limiting. As we add features to `mach`, having a better idea what the shape of our `CommandProvider`s are and how we can instantiate them and use them is increasingly important, and this gives us additional control when having `mach` configure `CommandProvider`s based on data that is only available at the `mach` level. In particular, we plan to leverage this in bugs 985141 and 1654074.
Here we add validation to the `CommandProvider` decorator to ensure all classes inherit from `MachCommandBase`, update all `CommandProvider`s in-tree to inherit from `MachCommandBase`, and update source and test code accordingly.
Follow-up work: we now require (de facto) that the `context` be populated with a `topdir` attribute by the `populate_context_handler` function, since instantiating the `MachCommandBase` requires a `topdir` be provided. This is fine for now in the interest of keeping this patch reasonably sized, but some additional refactoring could make this cleaner.
Differential Revision: https://phabricator.services.mozilla.com/D86255
6.5 A ServiceMode RR is considered "compatible" with a client if the
client implements support for all its mandatory keys. If the SVCB
RRSet contains no compatible RRs, the client will generally act as if
the RRSet is empty.
Differential Revision: https://phabricator.services.mozilla.com/D85838
Kevin Jacobs
Razvan Maries
Kershaw Chang
Bogdan Tara
Sylvestre Ledru
Dragana Damjanovic
Andreea Pavel
smolnar
Frederic Wang
Aaron Klotz
Ricky Stewart
Dorel Luca
Andrew Halberstadt
Simon Giesecke
Valentin Gosu
Sebastian Hengst
Kris Maglione
Mihai Alexandru Michis
Geoff Brown
Anny Gakhokidze
Butkovits Atila