Benjamin Bouvier
bcd3dcc6b3
Bug 1342385: Allow mremap on linux32 for wasm; r=jld
...
MozReview-Commit-ID: 82f8ryvd57S
--HG--
extra : rebase_source : 0e74611052853f149eb0fefe8fef849a8f8978b0
extra : amend_source : ff91bb31d45ca4783da391e519f10e3613f0f890
2017-02-24 13:18:57 +01:00
Cykesiopka
90e8bc1b28
Bug 1026589 - Enable more GCC/Clang compiler warnings (-Wextra) for security/certverifier. r=keeler
...
Original patch by Camilo Viecco.
MozReview-Commit-ID: 4LWpueoyQHL
--HG--
extra : rebase_source : 85563711287ad851019c4031d97c1d309f066139
2017-02-23 23:19:55 +08:00
Cykesiopka
58de7b2c68
Bug 1342075 - Make nsCertOverride::OverrideBits an enum class. r=keeler
...
MozReview-Commit-ID: 3aLyL9VDvpf
--HG--
extra : rebase_source : 3b4a1837ed8233ab5a1af71707ca92d7f3699041
2017-02-23 23:16:53 +08:00
ffxbld
90d1cbb4fd
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2017-02-26 07:19:31 -08:00
ffxbld
5c63ba8319
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2017-02-26 07:19:28 -08:00
ffxbld
93f1641e39
No bug, Automated HPKP preload list update from host bld-linux64-spot-361 - a=hpkp-update
2017-02-25 07:22:43 -08:00
ffxbld
baf95bc4f8
No bug, Automated HSTS preload list update from host bld-linux64-spot-361 - a=hsts-update
2017-02-25 07:22:41 -08:00
ffxbld
2c84b59bb2
No bug, Automated HPKP preload list update from host bld-linux64-spot-025 - a=hpkp-update
2017-02-24 08:12:13 -08:00
ffxbld
53ced57059
No bug, Automated HSTS preload list update from host bld-linux64-spot-025 - a=hsts-update
2017-02-24 08:12:11 -08:00
Wes Kocher
39dbca81b0
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: BYjLy4wkFjg
2017-02-23 16:57:34 -08:00
ffxbld
60ae6514e4
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-02-23 07:36:26 -08:00
ffxbld
ad3be07b91
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-02-23 07:36:24 -08:00
Carsten "Tomcat" Book
e6b82618f4
merge mozilla-inbound to mozilla-central a=merge
2017-02-23 14:59:37 +01:00
David Keeler
fca1830f46
bug 1341905 - double-check that uses of CERT_LIST_* are safe in PSM r=jcj
...
MozReview-Commit-ID: BhGHd9xUUbP
--HG--
extra : amend_source : b7f8260719a3d918867a8ed7cf092e2909193bb5
2017-02-22 15:07:05 -08:00
Jeff Walden
d5deea2a4f
Bug 1338374 - Make Vector not use AlignedStorage for its inline element storage. r=froydnj, r=keeler
...
--HG--
extra : rebase_source : 81eb5278404b4843ed5a59819f6000f74200aa41
2017-01-30 15:56:05 -08:00
Wes Kocher
29443ed98c
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: HDHJC8X9xWG
2017-02-22 15:06:46 -08:00
Wes Kocher
b7294d3167
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 2R3yE5OIznC
2017-02-22 15:01:04 -08:00
Wes Kocher
5a7f5284cd
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 5l8P3DzMNXz
2017-02-22 14:55:21 -08:00
Kai Engert
fb7e5cbb5d
Bug 1324096, PSM should check the roots module for a flag, that allows to distinguish between Mozilla-CA-Policy CAs and other CAs, r=dkeeler
2017-02-22 18:02:48 +01:00
ffxbld
b1044cf7c2
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-02-22 08:08:41 -08:00
ffxbld
138dd68d33
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-02-22 08:08:39 -08:00
Wes Kocher
5295bd9f91
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: AoD5GpFatBw
2017-02-21 17:41:05 -08:00
Wes Kocher
13e1cccb3f
Merge inbound to central, a=merge
...
MozReview-Commit-ID: EEMZdLCheAm
2017-02-21 17:35:01 -08:00
Sebastian Hengst
0de0267fd3
Backed out changeset d0a0da23ac05 (bug 1334975) for frequent failures of test_chrome_ext_downloads_saveAs.html. r=backout
2017-02-21 17:54:27 +01:00
ffxbld
fa4cd674a4
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2017-02-21 07:31:37 -08:00
ffxbld
a3f4155b6b
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2017-02-21 07:31:35 -08:00
Carsten "Tomcat" Book
9956afa503
Backed out changeset 597004bec637 (bug 1334975) for test failures in test_chrome_ext_downloads_saveAs.html
2017-02-21 10:30:41 +01:00
Jed Davis
a01b0b45dd
Bug 1286865 - Step 4: Report rejected syscall info in Telemetry. r=gcp r=francois
...
MozReview-Commit-ID: 7R755WT1Ftu
--HG--
extra : rebase_source : 77356e29da9a02a3a4392be3de0e9e88ed9e131e
extra : histedit_source : 813980d967009d4270143ce3a503836c7337941f
2017-02-20 19:55:56 +01:00
Andrea Marchesini
886c391f8f
Bug 1334975 - Get rid of nsIFilePicker.show() use in gecko, r=Gijs, r=ochameau
2017-02-21 15:04:32 +01:00
Franziskus Kiefer
9fcb9743ee
Bug 1334127 - land NSS 93b99b0936d3, r=me
...
--HG--
extra : rebase_source : 5793f0f4595bb1bbff9338dca3e4f5068db5a47f
2017-02-21 13:55:41 +01:00
Jed Davis
f0666046d6
Bug 1286865 - Step 2: Add XPCOM bindings for sandbox syscall reporter. r=gcp r=glandium
...
MozReview-Commit-ID: GERRsOJ7H2w
--HG--
extra : rebase_source : 8ff688150ccf417a266a663ed0973d4850f51e63
2017-01-30 18:50:41 -07:00
Jed Davis
f2fa27edca
Bug 1286865 - Step 1: Gather syscall info from SIGSYS handlers into the parent process. r=gcp
...
MozReview-Commit-ID: 8GfFo4xso65
--HG--
extra : rebase_source : 1596a79d65d30dc72d8b84fc4f1639de377f554a
2017-01-30 18:49:53 -07:00
Jed Davis
eb0d19601a
Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on non-nightly. r=gcp
...
MozReview-Commit-ID: 1It6HNizbAc
--HG--
extra : rebase_source : 1e96f11904abf2c38c5b4e50de7609ddc86cdd8a
2017-01-27 14:25:50 -07:00
Andrea Marchesini
5da6bc7a06
Bug 1334975 - Get rid of nsIFilePicker.show() use in gecko, r=Gijs, r=ochameau
2017-02-21 07:51:00 +01:00
Phil Ringnalda
16d671402f
Merge autoland to m-c, a=merge
2017-02-20 20:26:48 -08:00
ffxbld
4ccad03e67
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-02-20 07:40:40 -08:00
ffxbld
289045d108
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-02-20 07:40:37 -08:00
Iris Hsiao
15a77169b7
Merge mozilla-central to mozilla-inbound
2017-02-20 15:30:29 +08:00
ffxbld
e6df08c941
No bug, Automated HPKP preload list update from host bld-linux64-spot-078 - a=hpkp-update
2017-02-19 09:10:48 -08:00
ffxbld
b705ab918d
No bug, Automated HSTS preload list update from host bld-linux64-spot-078 - a=hsts-update
2017-02-19 09:10:46 -08:00
ffxbld
12cf113033
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-02-18 07:00:40 -08:00
ffxbld
755899dd22
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-02-18 07:00:37 -08:00
Wes Kocher
8c4ce17711
Merge inbound to m-c a=merge
...
MozReview-Commit-ID: DCUf7VEDrTt
2017-02-17 13:38:51 -08:00
Wes Kocher
700ed47352
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 3ZIZ9QEVArE
2017-02-17 12:45:42 -08:00
ffxbld
a565a10373
No bug, Automated HPKP preload list update from host bld-linux64-spot-381 - a=hpkp-update
2017-02-17 07:06:37 -08:00
ffxbld
5c04bdbade
No bug, Automated HSTS preload list update from host bld-linux64-spot-381 - a=hsts-update
2017-02-17 07:06:35 -08:00
Phil Ringnalda
87ae1a50e4
Backed out 5 changesets (bug 1284897) for mozilla::SandboxPermissions::RemovePermissionsForProcess crashes
...
Backed out changeset 19b2fcee13a9 (bug 1284897)
Backed out changeset a5171791437f (bug 1284897)
Backed out changeset 3ea8b8a18515 (bug 1284897)
Backed out changeset 21497a4e3bde (bug 1284897)
Backed out changeset 12e17d5f0fa9 (bug 1284897)
2017-02-16 22:14:15 -08:00
Vedant Sareen
7d4bd52fae
Bug 1330907 - Rename Telemetry::ID to Telemetry::HistogramID. r=dexter
...
Changed |print("enum ID : uint32_t {", file=output)| to |print("enum HistogramID : uint32_t {", file=output)| at line 53 of the file |toolkit/components/telemetry/gen-histogram-enum.py|, and then replaced all the textual occurrences of |Telemetry::ID| to |Telemetry::HistogramID| and |ID| to |HistogramID| in 43 other files.
2017-02-16 00:45:15 +05:30
Carsten "Tomcat" Book
85079555b0
Merge mozilla-central to autoland
2017-02-20 14:12:30 +01:00
Sebastian Hengst
68e7240c0c
Backed out changeset 71b9ac06a60a (bug 1284897)
2017-02-21 23:13:29 +01:00
Sebastian Hengst
0155610268
Backed out changeset 0740284125d3 (bug 1284897)
2017-02-21 23:13:24 +01:00
EKR
caac1dd24c
Bug 1340854 - Properly report TLS handshake telemetry for 0 length reads. r=mt
2017-02-18 11:27:21 -08:00
David Parks
7f64ae96ea
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
--HG--
extra : rebase_source : f1ddd3bdfb52cef0a2dc8bfbae4ba5c78e7fd7eb
2017-01-20 08:27:57 -08:00
David Parks
26437f4ecd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : 4d5637bcdbeae605b0b99e9192598d48f371b698
2017-02-14 15:08:40 -08:00
David Parks
3fd846f6a8
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
2017-01-20 08:27:57 -08:00
David Parks
e9bcaf4cbe
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
2017-02-14 15:08:40 -08:00
David Major
fff91cf0bf
Bug 1335632 - Split out the const and mutable parts of myTrustedEVInfos. r=keeler
...
.rdata: 5536 bytes change
.data: -5760 bytes change
--HG--
extra : rebase_source : 2aa718f0744760cab5f5146d73139dace24a3225
2017-02-17 15:31:05 +13:00
David Keeler
4b081ff27d
bug 1301407 - enable nsNSSComponent initialization diagnostic crash report on all platforms r=dragana
...
--HG--
extra : amend_source : 56900b3bf87a8d927a9aa91672aa8593bdfe3e69
2017-02-15 14:51:45 -08:00
David Parks
5b871d6f30
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
--HG--
extra : rebase_source : 309715aa2449d53456934495b1f5e854df599bfb
extra : histedit_source : 26761a6a33e4e5b2bb559caf3b3eb51c249f2bcd
2017-01-20 08:27:57 -08:00
David Parks
82eb0f3fdd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : e34e8b50101cc40ded26e80791052123b24c8243
extra : histedit_source : 69c9b2dc91546adbfdad03b5d43842809191ffb9
2017-02-14 15:08:40 -08:00
Emanuel Hoogeveen
d8ab2e5bec
Bug 1338574 - Part 6: Use MOZ_CRASH_UNSAFE_PRINTF in NSS. r=keeler
...
--HG--
extra : rebase_source : 85173c8c8becd9f25f5ee0385c3b7ecdc8e85cce
2017-02-21 18:02:00 +01:00
ffxbld
a2f6f5b441
No bug, Automated HPKP preload list update from host bld-linux64-spot-022 - a=hpkp-update
2017-02-16 08:04:27 -08:00
ffxbld
86974fabaf
No bug, Automated HSTS preload list update from host bld-linux64-spot-022 - a=hsts-update
2017-02-16 08:04:24 -08:00
Wes Kocher
72ecfb5fd6
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: 7gVISUXnm2Q
2017-02-22 15:07:12 -08:00
Kate McKinley
c69d150710
Bug 1339669 - Update security.mixed_content.hsts_priming_cache_timeout default r=mayhemer
...
MozReview-Commit-ID: CNFrPUyrdO8
--HG--
extra : rebase_source : 858da20cf65369ede5908b07921dfba501956b84
2017-02-16 10:48:59 +09:00
Wes Kocher
017c515285
Merge inbound to m-c a=merge
...
MozReview-Commit-ID: IKI0zVtF1n9
2017-02-15 16:18:13 -08:00
Wes Kocher
ec985117e6
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 9FDTT0Vkl0L
2017-02-15 15:26:11 -08:00
ffxbld
c1cc1aa5b1
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-02-15 07:22:17 -08:00
ffxbld
c9a6d4e82f
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-02-15 07:22:14 -08:00
Carsten "Tomcat" Book
ed3d8d8286
merge mozilla-inbound to mozilla-central a=merge
2017-02-15 12:21:44 +01:00
Wes Kocher
f85117da36
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: 1c81Eie63Pe
2017-02-14 14:45:40 -08:00
Wes Kocher
cac6cb6a10
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 1D2zbWPC8TT
2017-02-14 13:12:20 -08:00
ffxbld
ac8a72f2d5
No bug, Automated HPKP preload list update from host bld-linux64-spot-086 - a=hpkp-update
2017-02-14 07:14:02 -08:00
ffxbld
b904921c76
No bug, Automated HSTS preload list update from host bld-linux64-spot-086 - a=hsts-update
2017-02-14 07:13:59 -08:00
EKR
785f12a554
Bug 1331280 - Generic telemetry probe for TLS handshake status. r=keeler
...
--HG--
extra : rebase_source : 69a2e93a5cd8d500702a670dfaa5e6cebb822ff0
2017-02-14 13:12:00 -05:00
Carsten "Tomcat" Book
8c454e1c69
Merge mozilla-central to mozilla-inbound
2017-02-15 12:43:50 +01:00
Bob Owen
209be0e8ce
Bug 1339389: Remove legacy build config from Windows SandboxBroker moz.build. r=glandium
...
MozReview-Commit-ID: KA3dCxrCZRo
2017-02-15 08:31:14 +00:00
Wes Kocher
5583be3ddf
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: KkIFx9ndC8y
2017-02-14 14:46:45 -08:00
David Keeler
2950b86660
bug 1339010
- ensure pinning and CT telemetry info has been initialized r=jcj
...
MozReview-Commit-ID: F7pOqCK145n
--HG--
extra : rebase_source : 7138aca9769f6719e35073f16b835159c7929684
2017-02-13 16:47:43 -08:00
Wes Kocher
415dbf1a26
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: JuiEcsYYLS3
2017-02-13 17:08:00 -08:00
Wes Kocher
05bee27cec
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 3sGhLpcvp7K
2017-02-13 16:49:15 -08:00
ffxbld
e80ac94bd8
No bug, Automated HPKP preload list update from host bld-linux64-spot-308 - a=hpkp-update
2017-02-13 07:05:42 -08:00
ffxbld
7027f8a7e2
No bug, Automated HSTS preload list update from host bld-linux64-spot-308 - a=hsts-update
2017-02-13 07:05:39 -08:00
Phil Ringnalda
ea85356f95
Merge m-c to m-i
2017-02-12 15:33:29 -08:00
David Major
66f98480ef
Bug 1335294: Remove const from data tables under security/ for better codegen on Windows. r=keeler
...
MozReview-Commit-ID: 3k1Gpm0ugY2
2017-02-13 09:41:20 +13:00
ffxbld
9057f0c449
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-02-12 07:27:38 -08:00
ffxbld
dfb75b1bd9
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-02-12 07:27:36 -08:00
ffxbld
3f38ad8e9c
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-02-11 07:51:02 -08:00
ffxbld
f27f804b88
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-02-11 07:50:59 -08:00
Wes Kocher
71842da0e8
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 8GR9XTMPAjp
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
2017-02-10 14:32:26 -08:00
ffxbld
7de3f46c87
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-02-10 07:05:40 -08:00
ffxbld
7f6d91a361
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-02-10 07:05:38 -08:00
Iris Hsiao
24ddf955dd
Backed out changeset e887fb5d5d06 (bug 1337748) for eslint failure
...
--HG--
rename : security/manager/ssl/security-prefs.js => netwerk/base/security-prefs.js
2017-02-10 14:00:02 +08:00
Masatoshi Kimura
2154e8d95a
Bug 1337748 - Move security-prefs.js from netwerk/ to security/manager/. r=keeler,mcmanus
...
MozReview-Commit-ID: 2TOJG6tRWJZ
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
extra : rebase_source : 4127a5c9676f24d17a0f38efed8e9ad558044b07
2017-02-08 21:16:27 +09:00
Phil Ringnalda
b5acb9b812
Backed out 2 changesets (bug 1336867) for (at least) eslint failures
...
CLOSED TREE
Backed out changeset 0a4f283638cb (bug 1336867)
Backed out changeset 837766805d75 (bug 1336867)
--HG--
rename : security/manager/ssl/tests/unit/test_sts_parser.js => security/manager/ssl/tests/gtest/STSParserTest.cpp
2017-02-09 19:02:32 -08:00
Jonathan Hao
ef8f78b212
Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService r=keeler,mgoodwin,past
...
--HG--
extra : rebase_source : e4a69e18154adf22e045c820ae2b3fd8a77877a6
2017-02-08 11:17:29 +08:00
Jonathan Hao
c449723684
Bug 1336867 - Move STSParserTest.cpp to test_sts_parser.js r=keeler
...
--HG--
rename : security/manager/ssl/tests/gtest/STSParserTest.cpp => security/manager/ssl/tests/unit/test_sts_parser.js
extra : rebase_source : dfadaa8f9f0030e07a4ea7bf64e36a7b4d959521
2017-02-07 10:23:45 +08:00
Jonathan Hao
e28cb314a8
Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService r=keeler,mgoodwin,past
...
--HG--
extra : rebase_source : 3b14ddfcb4107eeeb15ba5498d0b516310847c58
2017-02-08 11:17:29 +08:00
Jonathan Hao
8b8bdd6f07
Bug 1336867 - Move STSParserTest.cpp to test_sts_parser.js r=keeler
...
--HG--
rename : security/manager/ssl/tests/gtest/STSParserTest.cpp => security/manager/ssl/tests/unit/test_sts_parser.js
extra : rebase_source : dfadaa8f9f0030e07a4ea7bf64e36a7b4d959521
2017-02-07 10:23:45 +08:00
Wes Kocher
e27ab18a24
Merge autoland to central, a=merge
...
MozReview-Commit-ID: Cu9iXbDAS7t
2017-02-09 16:36:11 -08:00
ffxbld
7d72c6ef47
No bug, Automated HPKP preload list update from host bld-linux64-spot-387 - a=hpkp-update
2017-02-09 07:37:08 -08:00
ffxbld
7efff53231
No bug, Automated HSTS preload list update from host bld-linux64-spot-387 - a=hsts-update
2017-02-09 07:37:04 -08:00
Cykesiopka
35ac12c63d
Bug 1331983 - Avoid non-smart string IDL types in nsIX509CertDB.idl. r=gcp,keeler,nwgh
...
Smart string classes like nsCString are safer to use than raw |char*| strings,
and are typically easier to deal with as well.
MozReview-Commit-ID: 2PdrCa6cbpe
--HG--
extra : rebase_source : a8730dd48e954f4947534a0d4d524848061dac98
2017-02-09 23:11:29 +08:00
Masatoshi Kimura
448874c0f1
Bug 1337748 - Move security-prefs.js from netwerk/ to security/manager/. r=keeler,mcmanus
...
MozReview-Commit-ID: 2TOJG6tRWJZ
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
extra : rebase_source : e11ef6fa7264edd41e77d65512a2183c737f34dd
2017-02-08 21:16:27 +09:00
David Keeler
a280d5294c
bug 1338701 - constify all TransportSecurityPreloads, use mozilla::BinarySearch over bsearch r=Cykesiopka
...
MozReview-Commit-ID: Lu3H9SpyJgR
--HG--
extra : rebase_source : 7a958793523bc8d4e9d34a7b3b26760a3c1da0f9
2017-02-10 15:52:26 -08:00
Sylvestre Ledru
26605e4a7d
Bug 1337358 - Converts for(...; ...; ...) loops to use the new range-based loops in C++11 in security/sandbox/ r=gcp
...
MozReview-Commit-ID: Iwj7i07LkJ0
--HG--
extra : rebase_source : 88a71d78dd6d3e4cf603047a5714631b4ae4542b
2017-02-08 11:59:38 +01:00
Sylvestre Ledru
aba86ae938
Bug 1337358 - Converts for(...; ...; ...) loops to use the new range-based loops in C++11 in security/ r=keeler
...
MozReview-Commit-ID: yfkQVEp2do
--HG--
extra : rebase_source : 048f30343b9eb353bbc15fbde157ffbb3b2da8ec
2017-02-07 13:22:44 +01:00
Carsten "Tomcat" Book
6215212efa
Merge mozilla-central to mozilla-inbound
2017-02-14 13:41:43 +01:00
Matt Woodrow
0686551eab
Bug 1325227 - Part 3: Allow child process to share semaphore handles with the parent/gpu processes. r=bobowen
2017-02-04 23:19:03 +13:00
Sylvestre Ledru
455bdf24fe
Bug 1338086 - Remove useless else blocks in order to reduce complexity in security/sandbox/linux/ r=gcp
...
MozReview-Commit-ID: 5UWtAe6THd6
--HG--
extra : rebase_source : 17af6640439f209cb37e91552cf0f97043bd9e91
2017-02-09 10:56:05 +01:00
Jonathan Hao
f7fe4cbe12
Bug 1323644
- Isolate the HSTS and HPKP storage by first party domain (ForgetAboutSite) r=keeler,mossop
...
MozReview-Commit-ID: LjYb5coVxJl
--HG--
extra : rebase_source : 0a1cc4b70b266958c478ff48d9edc1e669ebb33f
2017-02-14 10:29:54 +08:00
Jonathan Hao
4489e44dc2
Bug 1323644
- Isolate the HSTS and HPKP storage by first party domain (PSM) r=Cykesiopka,keeler
...
MozReview-Commit-ID: HhFFqtpBNjO
--HG--
extra : rebase_source : 980dfd035efc4886a7ca393923c2c2783cc76a7d
2017-02-14 10:29:10 +08:00
ffxbld
166c51d181
No bug, Automated HPKP preload list update from host bld-linux64-spot-013 - a=hpkp-update
2017-02-08 07:19:15 -08:00
ffxbld
8a301bbd0d
No bug, Automated HSTS preload list update from host bld-linux64-spot-013 - a=hsts-update
2017-02-08 07:19:13 -08:00
Franziskus Kiefer
78e9074835
Bug 1334127 - land NSS e3bca65235d5, r=me
2017-02-08 06:00:53 +01:00
Tom Tromey
5f8f360823
Bug 1060419 - make log_print use Printf.h, r=froydnj
...
MozReview-Commit-ID: BIZ1GQEZ1vs
--HG--
extra : rebase_source : 2f1f0aa12493c44f352d9a7e8683e7bb72d2d75b
2016-12-15 20:16:31 -07:00
Tom Tromey
f8ab4ddf02
Bug 1060419 - remove unneeded includes of prprf.h, r=froydnj
...
MozReview-Commit-ID: JifhpA3oOeH
--HG--
extra : rebase_source : 08460997dc3fd91f3065c718e17b41bb4acf8bae
2016-12-09 10:00:01 -10:00
Kai Engert
c8dbb3b86e
Bug 1334127 - update firefox nss.symbols, r=franziskus
...
--HG--
extra : rebase_source : ae7d157350878c0988f39ac49a9d8731be9a8632
2017-02-10 02:29:00 +01:00
Franziskus Kiefer
6d466422fe
Bug 1334127 - land NSS 01d6c0dff06f, r=me
...
--HG--
extra : rebase_source : 37ce5889894c3a0208c91c2fa254ab6a8c9ba080
2017-02-13 14:27:06 +01:00
David Keeler
8fa9a9c682
bug 1294580 - prevent end-entity certificates from being their own trust anchors r=Cykesiopka
...
MozReview-Commit-ID: KaZaFG8AWwl
--HG--
extra : rebase_source : 8cba6d29febc73e65ff54bc754ab9d016e140d6f
2017-02-24 12:32:41 -08:00
Cykesiopka
d80bc035b4
Bug 1342736 - Remove nsIX509CertDB.verifySignedManifestAsync(). r=mgoodwin
...
verifySignedManifestAsync() was added in Bug 1059216 to support Trusted Hosted
Apps.
However, Bug 1196988 removed THA and no add-ons use this method, so there's no
point in keeping it around.
MozReview-Commit-ID: 6xBRxvRZfjh
--HG--
extra : rebase_source : 5b8cf9c5863187b55325a8f9929bbe52c6478ec5
2017-02-26 20:25:36 +08:00
Wes Kocher
672c83ed65
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 5H1ZxSV0XuM
2017-02-07 16:33:31 -08:00
Wes Kocher
eba276a4fb
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 8yDHss0OAAq
2017-02-07 15:56:57 -08:00
ffxbld
5586217f34
No bug, Automated HPKP preload list update from host bld-linux64-spot-055 - a=hpkp-update
2017-02-07 07:33:06 -08:00
ffxbld
3139a8b47f
No bug, Automated HSTS preload list update from host bld-linux64-spot-055 - a=hsts-update
2017-02-07 07:33:04 -08:00
Cykesiopka
fa71c479fc
Bug 1332636 - Remove PSM support for Firefox Marketplace apps and Trusted Hosted Apps. r=keeler
...
THA was removed in Bug 1196988.
After Bug 1235869 and Bug 1238079, Firefox Marketplace apps are at most
supported by B2G, and B2G only code doesn't need to be in m-c anymore.
MozReview-Commit-ID: DAx5lRdYQo0
--HG--
extra : rebase_source : e7fc32195def3acda2d53a6e3cb969f1e8a9a9a1
2017-02-06 23:43:38 +08:00
Haik Aftandilian
fe1e99cceb
Bug 1333681 - Part 2 - Adds tests for reading of the profile dir; r=bobowen,gcp
...
Adds additional tests that try to read files and get directory listings from
both a web content process and a file content process.
Tests include attempting to read the profile directory and cookies file from
a web content process and validating that this is prevented by the sandbox
when the sandbox level (security.sandbox.content.level) is set high enough.
Only Mac (for now) uses a level that includes read access blocking of the
profile directory.
Tests also attempt to read the profile and cookies file from a file content
process which should be allowed.
MozReview-Commit-ID: KfyT9ohsuuG
--HG--
extra : rebase_source : f1c5aa2fef58a6bb859623072770ea918f8f4df1
2017-02-01 21:26:23 -08:00
Wes Kocher
848c29538a
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 2yQjOIMCCiO
2017-02-06 17:45:21 -08:00
Wes Kocher
e88bb6a257
Merge autoland to m-c a=merge
...
MozReview-Commit-ID: EcBWp8VLx1x
2017-02-06 17:37:51 -08:00
ffxbld
e53176272b
No bug, Automated HPKP preload list update from host bld-linux64-spot-1037 - a=hpkp-update
2017-02-06 08:13:57 -08:00
ffxbld
07ad576454
No bug, Automated HSTS preload list update from host bld-linux64-spot-1037 - a=hsts-update
2017-02-06 08:13:55 -08:00
David Keeler
c7118bb741
bug 1335576 - stop passing nsINSSComponent around everywhere in nsNSSCertHelper.cpp r=Cykesiopka
...
MozReview-Commit-ID: LW4JEnvh1tR
--HG--
extra : rebase_source : fd8bfc7343419ff5412b32042ce98d27eea7c350
2017-01-31 14:08:56 -08:00
David Keeler
6cb15d5fe6
bug 1335576 - run clang-format on nsNSSCertHelper.cpp r=Cykesiopka
...
MozReview-Commit-ID: 61ocKUdur9G
--HG--
extra : rebase_source : 34fffd66e627f9ab8a38a4c779da2abfd3bef954
2017-01-31 13:23:55 -08:00
Carsten "Tomcat" Book
775c0b6d2b
Merge mozilla-central to mozilla-inbound
2017-02-07 14:14:38 +01:00
Bob Owen
0b173d4f36
Bug 1321724: Change USER_NON_ADMIN access token level from whitelist to blacklist containing Admin SIDs. r=jimm
...
MozReview-Commit-ID: 9cx2R6kMUwa
2017-02-07 10:59:43 +00:00
Carsten "Tomcat" Book
ac8a2fb906
Backed out changeset a608c5cc4ff8 (bug 1321725) for landing with wrong bug number
...
--HG--
extra : rebase_source : 1d7b5b836c1e67507c6592c11d1bfe50623eee84
2017-02-07 11:50:54 +01:00
Bob Owen
2ca65ce116
Bug 1321725: Change USER_NON_ADMIN access token level from whitelist to blacklist containing Admin SIDs. r=jimm
...
MozReview-Commit-ID: 9cx2R6kMUwa
2017-02-07 10:38:24 +00:00
Jed Davis
467786d86a
Bug 1335329
- Improve handling of mkdir() on preexisting directories in Linux sandbox file broker. r=gcp
...
If the path given doesn't have write+create permissions in the broker
policy, but does have MAY_ACCESS (i.e., if checking for its existence
with lstat() or access() would be allowed), then check for its existence
and fail with EEXIST the way the the real mkdir() would.
Note that mkdir() fails with EEXIST even the existing file isn't a
directory, including if it's a broken symlink.
MozReview-Commit-ID: 13Cwnq1nRrw
--HG--
extra : rebase_source : c37caa091583fa85a0a72ed62fa9f12a3523e8f4
2017-02-02 11:56:21 -07:00
Franziskus Kiefer
2b1b7ba92f
Bug 1334127 - land NSS 0750d7a0402b, r=me
...
--HG--
extra : rebase_source : db118d989a2dd5a964230369bfe27297cf073ca4
2017-02-06 06:02:12 +01:00
ffxbld
24209083be
No bug, Automated HPKP preload list update from host bld-linux64-spot-018 - a=hpkp-update
2017-02-05 07:38:32 -08:00
ffxbld
7b0a9b6ebf
No bug, Automated HSTS preload list update from host bld-linux64-spot-018 - a=hsts-update
2017-02-05 07:38:30 -08:00
Phil Ringnalda
56e8c0db4a
Merge autoland to m-c, a=merge
2017-02-04 16:36:35 -08:00
ffxbld
80fd210dd6
No bug, Automated HPKP preload list update from host bld-linux64-spot-017 - a=hpkp-update
2017-02-04 07:26:25 -08:00
ffxbld
933525c585
No bug, Automated HSTS preload list update from host bld-linux64-spot-017 - a=hsts-update
2017-02-04 07:26:23 -08:00
ffxbld
a643925da8
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-02-03 07:17:03 -08:00
ffxbld
b0c736bd73
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-02-03 07:17:01 -08:00
Franziskus Kiefer
0f7202f3c2
Bug 1334127 - land NSS 0a7ba014dbb3, r=me
2017-02-03 06:00:56 +01:00
Wes Kocher
9df4609d47
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 2YFPzTIzJeU
2017-02-02 15:55:40 -08:00
ffxbld
6f0eb0ec8e
No bug, Automated HPKP preload list update from host bld-linux64-spot-018 - a=hpkp-update
2017-02-02 07:29:08 -08:00
ffxbld
a367e03beb
No bug, Automated HSTS preload list update from host bld-linux64-spot-018 - a=hsts-update
2017-02-02 07:29:06 -08:00
Phil Ringnalda
0efec638f3
Merge m-c to a CLOSED TREE autoland
2017-02-01 20:42:06 -08:00
Phil Ringnalda
d20e4431d0
Backed out changeset b03c9f4ac1b0 (bug 1335294) for Windows PGO bustage
...
CLOSED TREE
2017-02-01 19:17:21 -08:00
Phil Ringnalda
320bc0a242
No bug, backed out 2 changesets (HPKP and HSTS updates) for being generated by a patch being backed out
...
CLOSED TREE
Backed out changeset 35aecea31459
Backed out changeset 5fb02eba033b
MozReview-Commit-ID: JJaJQS98OJn
2017-02-01 19:16:41 -08:00
ffxbld
9bd2796d0c
No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update
2017-02-01 08:17:00 -08:00
ffxbld
25558d37ea
No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update
2017-02-01 08:16:58 -08:00
Franziskus Kiefer
9d099e6afc
Bug 1334127 - land NSS 650e5f6cb617, r=me
2017-02-01 06:01:01 +01:00
David Major
369d1056a8
Bug 1335294: Add constexpr to data tables under security/ for better codegen on Windows. r=keeler
...
MozReview-Commit-ID: 3OMBGfLKP9I
--HG--
extra : rebase_source : 9422b385ce03ddef674167df41665224e4f9b6f3
2017-02-01 14:59:57 +13:00
ffxbld
9ebd31f2b7
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-01-31 07:20:28 -08:00
ffxbld
74d092c90f
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-01-31 07:20:26 -08:00
Sebastian Hengst
927eb5ce69
Merge m-c to autoland
2017-01-31 13:10:38 +01:00
Olli Pettay
5de2e3d5f6
Bug 1335323 - Move vector include to sandbox header to fix bustage. r=bustage-fix a=bustage-fix
2017-01-31 13:06:22 +01:00
Phil Ringnalda
4e0c5c4603
Bug 1335310 - Backed out 2 changesets for being absolutely the wrong time of day for a real periodicupdate push to have landed, a=mystery
...
Backed out changeset 3beb66073c97
Backed out changeset 1257b7e442fe
2017-01-30 22:07:41 -08:00
ffxbld
8eb81aead8
No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update
2017-01-30 20:28:59 -08:00
ffxbld
a9d37b2096
No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update
2017-01-30 20:28:56 -08:00
Wes Kocher
584127af5f
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 4GYZ5Pzy7BY
2017-01-30 15:44:58 -08:00
Wes Kocher
a5176322a6
Merge autoland to central, a=merge
...
MozReview-Commit-ID: BoJFR48izPq
2017-01-30 15:21:59 -08:00
ffxbld
1bd01b630b
No bug, Automated HPKP preload list update from host bld-linux64-spot-018 - a=hpkp-update
2017-01-30 07:29:29 -08:00
ffxbld
a2507f8490
No bug, Automated HSTS preload list update from host bld-linux64-spot-018 - a=hsts-update
2017-01-30 07:29:27 -08:00
Benjamin Smedberg
ca77995f5d
Bug 1333826 - Remove SDK_FILES, SDK_LIBRARY, and related is_sdk support in the build goop, r=mshal
...
MozReview-Commit-ID: 52vPyDXdFte
--HG--
extra : rebase_source : c3217730bb70eb7319152dd07536b12f49d6a597
2017-01-30 11:24:10 -05:00
Franziskus Kiefer
27dd4cc8f4
Bug 1334127 - land NSS 87188da8b352, r=me
...
--HG--
extra : rebase_source : 6b38e725b6663df981fccdb0fe00991734775cfb
2017-01-30 14:20:42 +01:00
ffxbld
2e014b99f8
No bug, Automated HPKP preload list update from host bld-linux64-spot-132 - a=hpkp-update
2017-01-29 08:10:01 -08:00
ffxbld
b60ce9ada6
No bug, Automated HSTS preload list update from host bld-linux64-spot-132 - a=hsts-update
2017-01-29 08:09:59 -08:00
Phil Ringnalda
1b25397681
Merge autoland to m-c, a=merge
2017-01-28 13:07:19 -08:00
ffxbld
f4622c553d
No bug, Automated HPKP preload list update from host bld-linux64-spot-249 - a=hpkp-update
2017-01-28 07:15:15 -08:00
ffxbld
7dae055764
No bug, Automated HSTS preload list update from host bld-linux64-spot-249 - a=hsts-update
2017-01-28 07:15:13 -08:00
ffxbld
b36ba7c7b3
No bug, Automated HPKP preload list update from host bld-linux64-spot-015 - a=hpkp-update
2017-01-27 18:39:05 -08:00
ffxbld
474d46a74e
No bug, Automated HSTS preload list update from host bld-linux64-spot-015 - a=hsts-update
2017-01-27 18:39:03 -08:00
Wes Kocher
7cd28f7e5d
Merge inbound to central, a=merge
...
MozReview-Commit-ID: HvoljuLV6Gj
2017-01-27 16:37:18 -08:00
Sebastian Hengst
e1d5db133e
Backed out changeset e87ae43ca443 (bug 1330326)
2017-01-27 20:59:55 +01:00
Gian-Carlo Pascutto
0d2bf66dfd
Bug 1330326 - Make sandboxing policy more configurable via preferences. r=jld
...
MozReview-Commit-ID: 9P0bSLLKRWp
--HG--
extra : rebase_source : ab7d7da81459bd08c6aec7d7c89949ca7207471f
2017-01-26 19:59:50 +01:00
David Keeler
586b697eca
bug 1334321 - add test for nsISecretDecoderRing using existing key database r=Cykesiopka
...
MozReview-Commit-ID: Fk8bC78QJzo
--HG--
extra : rebase_source : fb32e782530136c41ac40a5c66f35fde9146ab56
2017-01-25 15:34:21 -08:00
Haik Aftandilian
9086ac87fb
Bug 1332522 - Part 2 - Remove read restrictions from level 2 policy for file content processes; r=gcp
...
Update MacSandboxInfo struct to include file system read flag and remove
filesytem read restrictions from the file content process sandbox.
MozReview-Commit-ID: B9LPocvb0W3
--HG--
extra : rebase_source : 7c80335c28dbdb7146d2ad0b447959db5e06cf0f
2017-01-24 15:20:08 -08:00
Franziskus Kiefer
4551817b24
Bug 1334127 - land NSS dbbf303cf467, r=me
...
--HG--
extra : rebase_source : 0275628dd4cb24c87ce4a59c8d5e60e07a2ada20
2017-01-26 19:49:57 +01:00
Wes Kocher
8fa84ca644
Merge inbound to central, a=merge
...
MozReview-Commit-ID: BZgxmhS6OtM
2017-01-26 16:19:05 -08:00
David Keeler
d1775338ca
bug 1301407 - save PRErrorCode from all NSS initialization calls and include in annotated crash report r=dragana
...
--HG--
extra : amend_source : e5bf0a9ffc2f6810b44521e3444a308b92bb495e
2017-01-25 13:14:52 -08:00
J.C. Jones
f4f4101b1f
Bug 1335466 - Regenerate the CA RootHashes.inc r=keeler
...
This is a maintenance re-run since Firefox 50, to include new roots.
MozReview-Commit-ID: HSs2P6S65A7
--HG--
extra : rebase_source : 48ddaa79e702a3fc92879ba45165114488584808
2017-02-01 16:45:07 -07:00
Wes Kocher
f5eab47fb9
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: HVH8TbXbw7N
2017-02-01 16:30:50 -08:00
Sergei Chernov
b3b80907d0
Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler
...
MozReview-Commit-ID: LcMdKcgBStG
--HG--
extra : rebase_source : 38b2531e9abb8a84d32c437d13fab881f2c49f18
2017-01-09 08:22:28 +02:00
Carsten "Tomcat" Book
182312677f
merge mozilla-inbound to mozilla-central a=merge
2017-01-25 13:47:25 +01:00
Florian Quèze
0e0865f4fc
Bug 1331599 - script-generated patch to replace removeEventListener calls with the once option when possible, r=jaws.
2017-01-25 07:01:52 +01:00
Jonathan Hao
fabf923b4c
Bug 1290529 - Clear HSTS and HPKP for subdomains in ForgetAboutSite. r=keeler,MattN
...
--HG--
extra : rebase_source : 98c1da830f74f96f90092d81b0d24cfef2ffe483
2017-01-24 11:14:36 +08:00
Jonathan Hao
77aaedadde
Bug 1311645 - Test that ocsp is not separated for containers. r=keeler
...
--HG--
extra : rebase_source : 3d234e076bfe8bf625574ec46731f706561f514b
2017-01-24 18:06:25 +08:00
David Parks
990402c301
Bug 1317735 - Consolidate env vars for logging. r=jimm
...
Assigns the preference security.sandbox.logging.enabled and the environment variable MOZ_SANDBOX_LOGGING to control whether or not sandbox violations are logged. The pref defaults to true. On Linux, only the environment variable is considered.
--HG--
extra : rebase_source : f67870a74795228548b290aec32d08552c068874
2017-01-23 12:46:49 -08:00
Gian-Carlo Pascutto
aa1bdaad34
Bug 1330326 - Make sandboxing policy more configurable via preferences. r=jld
...
MozReview-Commit-ID: 9P0bSLLKRWp
--HG--
extra : rebase_source : e1d2f34e5d0901614d88a583beecb704369ce478
2017-01-26 19:59:50 +01:00
Wes Kocher
e457683b2d
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: BipzgOEInZh
2017-01-30 15:54:34 -08:00
David Keeler
05acf3850b
bug 1334694 - remove token arguments from nsIX509CertDB.importPKCS12File and exportPKCS12File r=Cykesiopka
...
MozReview-Commit-ID: Ceo48mcF38I
--HG--
extra : rebase_source : c2738fa9c9bc178059831e9460209bde954fdc84
2017-01-27 15:26:20 -08:00
Masatoshi Kimura
c7b8db8e17
Bug 1122973 - Use templates instead of macros for NSS module factory constructors. r=Cykesiopka,keeler
...
MozReview-Commit-ID: EcnOKgruorA
--HG--
extra : rebase_source : 385b1dff5bd244b5ef211c41a4235d6fd174be22
extra : source : d4c8ea38c5067202ed2fedb117eb83dcfdc89f86
2017-01-28 11:10:42 +09:00
Greg Mierzwinski
d034427bd2
Bug 1301197 - Add xpcshell code coverage to linux64-jsdcov and the 'coverage' mozinfo flag. r=jmaher
...
This patch makes it possible to collect code coverage for xpcshell tests using the linux64-jsdcov build. It also enables the use of a 'coverage' flag to disable tests when they are instrumented with the js debugger for code coverage. Lastly, it uses the 'coverage' flag to disable certain tests.
MozReview-Commit-ID: 97VFkJmlwQn
--HG--
extra : rebase_source : 26c841f5a68f927889c0903e701bfde4b7ca84ac
2016-11-08 15:57:21 -05:00
Wes Kocher
0151c314cd
Merge m-c to autoland, a=merge CLOSED TREE
...
MozReview-Commit-ID: Kq0cDcNXrZf
2017-02-03 17:31:12 -08:00
David Keeler
31150dd09f
bug 1335904 - disable EV treatment for TurkTrust H6 root certificate r=jcj
...
MozReview-Commit-ID: FzQsKAuuVcX
--HG--
extra : rebase_source : 424699fa3a680939ee047037b4f37fc48af1b680
2017-02-02 14:37:49 -08:00