Граф коммитов

9016 Коммитов

Автор SHA1 Сообщение Дата
Ehsan Akhgari bd73520e3c Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith 2014-09-08 20:47:36 -04:00
David Keeler d577ecb4c1 bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc 2014-09-08 09:33:03 -07:00
Carsten "Tomcat" Book 75dcdffdac merge mozilla-inbound to mozilla-central a=merge 2014-09-08 15:22:16 +02:00
ffxbld fb37ddfbb4 No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update 2014-09-06 03:17:54 -07:00
ffxbld 335a88aab5 No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update 2014-09-06 03:17:51 -07:00
Wes Kocher ca62a34614 Merge inbound to m-c a=merge 2014-09-05 19:04:52 -07:00
Monica Chew 573218568c Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso) 2014-09-05 12:04:26 -07:00
Bob Owen a9431992d5 Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
David Keeler 702384684c bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes 2014-09-05 11:04:22 -07:00
Monica Chew 2c36fac925 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler) 2014-09-05 12:04:26 -07:00
Bob Owen f19448274c Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Brian Smith a37dba0312 Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
2014-09-04 15:53:07 -07:00
Brian Smith 418571330e Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
2014-08-31 22:03:22 -07:00
Brian Smith 4170cfe622 Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
2014-08-30 23:30:20 -07:00
Brian Smith 6e2797899e Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
2014-08-30 23:27:15 -07:00
Brian Smith 26f076840d Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
2014-09-01 19:23:01 -07:00
Brian Smith 1966d956d1 Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
2014-08-30 23:09:18 -07:00
Brian Smith c7a8deb8a0 Bug 1061021, Part 13: Remove Output class, r=keeler
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
2014-08-30 20:47:58 -07:00
Brian Smith 5419f381e4 Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
2014-08-30 20:42:19 -07:00
Brian Smith c697d86d9d Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
2014-08-30 19:55:52 -07:00
Brian Smith dedfff0a81 Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
2014-08-30 19:16:24 -07:00
Brian Smith d1e3997695 Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
2014-08-30 18:00:02 -07:00
Brian Smith a67503eadb Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
2014-08-30 17:47:22 -07:00
Brian Smith 24aa747308 Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
2014-08-30 17:40:41 -07:00
Brian Smith 653ade1f65 Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
2014-08-30 17:00:16 -07:00
Brian Smith 3c92292236 Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
2014-08-30 16:49:49 -07:00
Brian Smith 61df71edb6 Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
2014-08-30 16:33:47 -07:00
Brian Smith 314958b44f Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
2014-08-30 16:15:11 -07:00
Brian Smith f854a1e2f2 Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
2014-08-30 16:07:16 -07:00
Brian Smith 8b26ecac0b Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
2014-08-30 23:11:23 -07:00
Brian Smith a6be0bc849 Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
2014-09-02 22:03:30 -07:00
Brian Smith a891fc79d8 Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
2014-08-29 16:06:38 -07:00
David Keeler d219ed0d80 bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith 2014-09-04 10:42:31 -07:00
David Keeler a250e4de47 bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith 2014-09-03 10:12:55 -07:00
Carsten "Tomcat" Book d578571a85 Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage 2014-09-04 15:14:41 +02:00
Carsten "Tomcat" Book 39fa254326 Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage 2014-09-04 15:13:14 +02:00
Bob Owen ad41895771 Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
Bob Owen 0fdb849687 Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Mike Hommey 4b99580194 Bug 1059113 - Use templates for shared libraries and frameworks. r=gps
Also force to use the existing template for XPCOM components.
2014-09-04 09:04:45 +09:00
Mike Hommey 0060683747 Bug 1059090 - Don't require SOURCES to be set for CPP_UNIT_TESTS and SIMPLE_PROGRAMS. r=mshal 2014-09-03 14:16:37 +09:00
Mike Hommey ed70c5f377 Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps 2014-09-03 14:10:54 +09:00
David Keeler c1853c5db4 bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-03 11:44:08 -07:00
Jed Davis 1dfa299843 Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium 2014-08-31 23:23:00 +02:00
Ehsan Akhgari 6deacdf4e9 Bug 1061942 - Switch back security/certverifier and security/manager to use unified builds; r=bsmith 2014-09-02 18:28:11 -04:00
Wes Kocher c0770e9a92 Backed out 1 changesets (bug 1050546) for build bustage
Backed out changeset c7a9e8177202 (bug 1050546)
2014-09-02 16:49:51 -07:00
David Keeler 18cd42500e bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-02 12:10:47 -07:00
Ehsan Akhgari 5bffafdd26 Bug 1061061 - Fix more bad implicit constructors in misc. code; r=bsmedberg 2014-09-02 18:24:24 -04:00
Trevor Saunders d75ed5bf7f bug 1059490 - mark more classes MOZ_FINAL r=froydnj 2014-08-27 14:26:48 -04:00
Martin Thomson 7e9f88e039 Bug 1036737 - Adding fallback SCSV use. r=dkeeler 2014-08-29 14:59:00 +02:00
Ehsan Akhgari aafc47e9e9 Bug 1060975 - Fix bad implicit constructors in security; r=bsmith 2014-08-31 19:26:27 -04:00
Camilo Viecco 7b968ad142 Bug 1039166 - Fix intermittent gtest ASAN errors. r=dkeeler 2014-08-28 15:33:10 -07:00
Ryan VanderMeulen c30a1809d2 Merge inbound to m-c. a=merge 2014-08-30 12:25:27 -04:00
ffxbld 61a875d894 No bug, Automated HPKP preload list update from host bld-linux64-spot-456 - a=hpkp-update 2014-08-30 03:23:01 -07:00
ffxbld ea9d818f0d No bug, Automated HSTS preload list update from host bld-linux64-spot-456 - a=hsts-update 2014-08-30 03:22:59 -07:00
Jed Davis 1ea7e357ca Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.

This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.

--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
2014-08-28 23:23:13 -07:00
Camilo Viecco a47a7b45b5 Bug 1052099 - August 2014 batch of EV root CA changes. r=keeler
--HG--
extra : rebase_source : 4303f1fb6988ff462edd908295708788a24a64f1
2014-08-27 11:31:20 -07:00
David Keeler 4b04dd58f3 bug 1009161 - follow-up: add test_nsCertType.js to xpcshell.ini so it'll actually run r=mmc 2014-08-28 11:38:31 -07:00
David Major db45c0b01a Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
2014-08-28 14:50:10 +12:00
Trevor Saunders fd5e2abf5a bug 1058925 - don't convert nullptr to bool in ClientAuthServer.cpp r=keeler 2014-08-27 19:12:22 -04:00
Wan-Teh Chang e7899e86a5 Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
2014-08-27 15:42:41 -07:00
Monica Chew 5c4a88776f Bug 1004781: Enable pinning in test mode for facebook (r=cviecco) 2014-08-27 14:18:25 -07:00
Tim Abraldes ba6539ecd7 bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent. 2014-08-29 17:34:26 -07:00
Brian Smith 127e03fe0a Bug 1059926: Give DottedOIDToCode.py the ability to generate more encodings, r=keeler
--HG--
extra : rebase_source : 8fabeb5802530789925ae47d1f1cc4b27e4bf899
extra : histedit_source : 1329e925ada56b29c9e05991b85b320d4ae0e3a3
2014-08-28 09:58:13 -07:00
Brian Smith 6452321116 Bug 1057793: Fix build warning on MSVC 2013, r=keeler
--HG--
extra : rebase_source : eb908d0f3d313991cab78d707c7f666ab9d9eaf5
extra : histedit_source : 3d69a511f82895d8b741960205e96488b4f2ebbb
2014-08-17 16:49:19 -07:00
Brian Smith ede2da1dd5 Bug 1057791: Switch PR_ASSERT to assert in pkixcheck.cpp, r=keeler
--HG--
extra : rebase_source : a63e822eed9914046127c466f7e5c4f0e3e84361
extra : histedit_source : fc9d16f67cc349f5c7d3964c5dc58de1e5b9e986
2014-08-17 16:50:45 -07:00
Brian Smith 5846749954 Bug 1057790: Limit scope of CERTCertificate-related stuff to the scope it is used, r=keeler
--HG--
extra : rebase_source : 41b84cc08a928d0cdf57062d89f6d9495351437f
extra : histedit_source : bfbc35434d1318b6e6259bca72e6e1688842e5ad
2014-08-04 15:32:15 -07:00
Brian Smith 01f0b82f34 Bug 1053924: Remove dependencies on PRTime in mozilla::pkix's test code, r=keeler
--HG--
extra : rebase_source : deb2dcec5c56ef86d95df319b5a61165d9d761a7
2014-08-08 10:33:18 -07:00
Jed Davis 3f1e2a85b6 Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium
See also bug 1059038.
2014-08-26 19:23:44 -07:00
Jed Davis 3ae6c90876 Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang 2014-08-26 13:54:16 -07:00
Jed Davis 23c21aa709 Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).

The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
2014-08-26 13:54:09 -07:00
Jed Davis e020caf2de Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang 2014-08-26 13:54:03 -07:00
Cykesiopka bfd5ec525f Bug 1052529 - Add missing l10n strings for mozilla::pkix errors. r=keeler 2014-08-26 00:03:00 +02:00
Steven Michaud dfc4c053b1 Bug 1056936 - Specify full path to plugin-container in sandbox rules. r=rjesup 2014-08-25 15:01:04 -05:00
Birunthan Mohanathas 77bfad00a6 Bug 1045801 - Rename SafeCast to AssertedCast. r=Waldo 2014-08-25 12:17:32 -07:00
David Keeler d026d78753 bug 1034124 - allow overrides when a CA cert is used as an end-entity cert r=briansmith 2014-08-22 12:07:08 -07:00
David Keeler 800c5b4b9f bug 1009161 - mozilla::pkix: allow the Netscape certificate type extension if more standardized information is present r=briansmith 2014-08-25 09:25:36 -07:00
Ryan VanderMeulen 81342753e0 Merge inbound to m-c. a=merge
CLOSED TREE
2014-08-25 11:49:37 -04:00
ffxbld 07de5c29aa No bug, Automated HPKP preload list update from host bld-linux64-spot-317 - a=hpkp-update 2014-08-23 03:29:03 -07:00
ffxbld 8f1e08d168 No bug, Automated HSTS preload list update from host bld-linux64-spot-317 - a=hsts-update 2014-08-23 03:29:01 -07:00
Wes Kocher c725a726be Merge inbound to m-c a=merge 2014-08-22 16:47:32 -07:00
Marco Castelluccio b562d97c7e Bug 1042006 - Replace reviewers-dev certificate. r=fabrice
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
2014-08-21 00:12:00 -04:00
David Keeler 1f84bc411b bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes 2014-08-21 10:37:23 -07:00
Trevor Saunders fd5e9d1fcc bug 1047696 - mark a number of classes MOZ_FINAL to get compilers to devirtualize more r=froydnj 2014-08-05 13:33:55 -04:00
Camilo Viecco 4c5f0ef40a Bug 1047177 - Treat v4 certs as v3 certs. Tests (2/2). r=keeler.
--HG--
extra : rebase_source : 58be8a1ac652636fea80e83fc8eae2b7092c6edd
2014-08-21 14:49:00 -07:00
Camilo Viecco a7b51fb02b Bug 1047177 - Treat v4 certs as v3 certs (1/2). r=keeler.
--HG--
extra : rebase_source : 4cfb69672aa54274bb4ee850f23f0bbbe8e9e49f
2014-08-21 14:47:25 -07:00
Masatoshi Kimura f2fb78225b Bug 1055541 - Fix build failure on VS2013 with --enable-warnings-as-errors due to Warning C4996. r=ehsan 2014-08-20 04:09:03 +09:00
Patrick McManus 300766f367 bug 1050063 - consider tls client hello version in alpn/npn offer list r=hurley r=keeler 2014-08-15 09:39:53 -04:00
Wes Kocher a8d80abaf6 Merge m-c to inbound a=merge 2014-08-22 17:05:17 -07:00
Olli Pettay d72906c30d Bug 314095 - Eliminate nsIContent::GetDocument, r=jst
--HG--
extra : rebase_source : dd8f690940825b298a478b65b68a57418a9962ff
2014-08-22 23:11:27 +03:00
David Keeler 4ee21d300f bug 1057128 - add --clobber to generate_certs.sh, disabled by default (don't unnecessarily regenerate all certificates) r=rbarnes DONTBUILD because NPOTB 2014-08-22 10:25:46 -07:00
David Keeler 3e8057dc3d bug 775370 - (part 1/2) introduce DataStorage r=froydnj r=mmc 2013-09-09 13:37:21 -07:00
Wan-Teh Chang cdfed1ffd4 Bug 1063445: Update to NSS_3_17_1_BETA2.
Includes the fixes for bug 1041326, bug 1058933, bug 1001332, bug 1057783.
2014-09-05 08:18:18 -07:00
Chris Peterson 64bed2314d Bug 1052033 - Fix warnings in security/sandbox and mark as FAIL_ON_WARNINGS. r=smichaud 2014-08-09 14:25:24 -07:00
Ryan VanderMeulen 5fe0932115 Merge inbound to m-c. a=merge 2014-08-16 17:42:29 -04:00
ffxbld e3b3b65eb1 No bug, Automated HPKP preload list update from host bld-linux64-spot-329 - a=hpkp-update 2014-08-16 03:15:25 -07:00
ffxbld 93cb810873 No bug, Automated HSTS preload list update from host bld-linux64-spot-329 - a=hsts-update 2014-08-16 03:15:23 -07:00
Garrett Robinson 90fa6beb03 Bug 1029155 - Tests for storing failed certificate chains r=keeler 2014-08-15 11:27:31 -07:00
Garrett Robinson 691dcd68c1 Bug 1029155 - Store peer certificate chain from failed connections on TransportSecurityInfo r=keeler 2014-08-15 11:27:22 -07:00
Brian Smith 026854c3f0 Bug 1053627, Part 2: Use MOZILLA_PKIX_ARRAY_LENGTH instead of PR_ARRAY_SIZE, r=keeler
--HG--
extra : rebase_source : b9ae99d93921cb2f3a8f4395e9240389752fd2de
2014-08-13 21:01:35 -07:00
Brian Smith edb0ac64e0 Bug 1053627, Part 1: use sizeof instead of PR_ARRAY_SIZE for byte arrays, r=keeler
--HG--
extra : rebase_source : a01364ed6b64800142f18d3d350f50ca178ea4bb
2014-08-04 19:21:52 -07:00
Brian Smith 5a78d0179b Bug 1053621: Stop using PR_NOT_REACHED in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : b70a3ca2f3dade0439cf902bf4042716e7d1bbd3
2014-08-04 19:19:29 -07:00
Brian Smith 1709415e43 Bug 1053620: Replaces uses of PR_Abort with std::abort in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 2e1f3eec5305e89bfa28fbda856b4e36515a2819
2014-08-04 19:12:34 -07:00
Brian Smith d08286d3d3 Bug 1053617: Reduce scope of DER encoding debugging logic to the file it is used in, r=keeler
--HG--
extra : rebase_source : c22f7e96dfdd1997626769ac03c6d189321eec1a
2014-08-04 19:07:26 -07:00
Brian Smith 9a2a60943d Bug 1053616: Remove uses of PR_SetError from mozilla::pkix tests, r=keeler
--HG--
extra : rebase_source : 1fc7ce9ab400c39e3c4afb68940be93cc2a0b848
2014-08-13 17:50:42 -07:00
Cykesiopka f4a67332e8 Bug 1052257 - Add and use error code specific to inadequate key sizes. r=keeler 2014-08-12 22:24:00 -04:00
Jed Davis 1c8a8d2d9b No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
2014-08-14 15:39:14 -07:00
David Keeler c3d3df58ac bug 1030963 - remove non-standard window.crypto functions/properties r=jst r=briansmith r=glandium 2014-08-14 09:38:42 -07:00
Brian Smith 3e57ff4e5a Bug 1048642, Part 3: Remove SECStatus GTest utilities, r=cviecco
--HG--
extra : rebase_source : f77202ad8d271604d7620cc5f704a51338c356ab
2014-08-03 22:45:05 -07:00
Brian Smith 065cf239b1 Bug 1048642, Part 2: Change GenerateKeyPair return type from SECStatus to Result, r=cviecco
--HG--
extra : rebase_source : 652277e952d224175ea57d4509124ff8180440cb
2014-08-04 10:59:21 -07:00
Brian Smith 4a58c8b13e Bug 1048642, Part 1: Change TamperOnce return type from SECStatus to Result, r=cviecco
--HG--
extra : rebase_source : 1d2e8014153d8bfc6f9008dd9b6b9e4d5ac5dcb7
2014-08-03 22:49:10 -07:00
Kai Engert bca16ce1ed Bug 1049006 - Update Mozilla 33 to use NSS 3.17 final and NSPR 4.10.7 final, r=wtc 2014-08-13 21:47:00 +02:00
Jed Davis 033a6785eb Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang
Also refactors how sandbox support and disabling are handled, and allows
simulating a lack of sandbox support with an env var (for testing
without rebuilding a kernel).
2014-08-12 21:28:27 -07:00
David Keeler 3d57f23fab bug 1040446 - mozilla::pkix: add error code for CA cert used as end-entity cert r=briansmith 2014-08-11 12:35:45 -07:00
Brian Smith 9c4276d25b Bug 1048070, Part 2: Remove uses of PR_NOT_REACHED and PR_ARRAY_SIZE in mozilla::pkix, r=keeeler
--HG--
extra : rebase_source : d373a7526c1048770bed8bacb7e14c8f10e832cb
2014-08-03 18:24:35 -07:00
Brian Smith 3f64294312 Bug 1048070, Part 1: Replace uses of PR_ASSERT in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 3f1dbb4babb6d575bde3088c92aeb6f28d689210
2014-08-02 09:17:59 -07:00
Brian Smith ea0e98acf5 Bug 1042479: Accept the OIW sha1WithRSASignature OID, r=keeler
--HG--
extra : rebase_source : 98dfbf1b5130898604e86c54ad4a8453aa87bde4
2014-08-04 16:34:47 -07:00
Patrick McManus b82e230f36 bug 1040323 - SecureBrowserUI needs to consider scheme, not just security of connection r=dkeeler 2014-07-28 14:37:41 -04:00
Ryan VanderMeulen 0e89667592 Merge inbound to m-c. a=merge 2014-08-09 11:19:46 -04:00
ffxbld 40f698d0cb No bug, Automated HPKP preload list update from host bld-linux64-spot-011 - a=hpkp-update 2014-08-09 03:14:42 -07:00
ffxbld 509bcaeb60 No bug, Automated HSTS preload list update from host bld-linux64-spot-011 - a=hsts-update 2014-08-09 03:14:40 -07:00
Wes Kocher 98f9eac6dd Merge m-c to inbound on a CLOSED TREE 2014-08-08 14:15:34 -07:00
Steven Michaud 844fdf04eb Bug 1012949 - Sandbox the OpenH264 plugin for Mac r=rjesup,areinald,ted a=PatchNeedsToLandToday 2014-08-08 11:55:22 -05:00
J. Ryan Stinnett ce8794da11 Bug 1040130 - Allow specifying a client cert for sockets. r=keeler, r=mcmanus 2014-08-07 16:32:00 -04:00
Nicholas Nethercote a7cf4142b4 Bug 1050009 - Initialize pldhash tables with a length, not a capacity. r=roc.
* * *
imported patch rm-dummy-params

--HG--
extra : rebase_source : c25987eb11bae197218d5fc53b77def19afa36ac
2014-08-06 06:31:21 -07:00
Georgios Kontaxis 9bddbaa73e Bug 1048643: extended nsDocShell with flags to indicate tracking protection status (similar to mixed content blocked/loaded status) 2014-08-07 13:35:03 -07:00
David Keeler 14eafa8e5d Bug 1036546 - Soft-disable proprietary window.crypto functions via the pref dom.unsafe_legacy_crypto.enabled. r=smaug 2014-08-05 10:48:24 -07:00
Mike Hommey 89777800f9 Bug 1047267 - Move remaining OS_LIBS and EXTRA_LIBS to moz.build. r=gps
* * *
Bug 1047267 - To fold with "Move remaining OS_LIBS and EXTRA_LIBS to moz.build"
2014-08-07 14:21:03 +09:00
Mike Hommey e8b438350d Bug 1049281 - Move third-party build system "drivers" to config/external, and stop using static dirs. r=gps
--HG--
rename : intl/icu/Makefile.in => config/external/icu/Makefile.in
rename : config/nspr/Makefile.in => config/external/nspr/Makefile.in
rename : config/nspr/moz.build => config/external/nspr/moz.build
rename : security/build/Makefile.in => config/external/nss/Makefile.in
rename : security/build/moz.build => config/external/nss/moz.build
rename : security/build/nspr-dummy.def => config/external/nss/nspr-dummy.def
rename : security/build/nss.def => config/external/nss/nss.def
rename : security/build/nss.mk => config/external/nss/nss.mk
2014-08-07 02:58:52 +09:00
Mike Hommey 4a01b3b147 Bug 1048993 - Use nsinstall from $(topobjdir)/config instead of $(DIST)/bin to avoid races when make wants to reinstall it for some reason. r=mshal 2014-08-07 02:58:50 +09:00
Nathan Froyd e1583db863 Bug 1042226 - move DEFINES += -DAB_CD=$(AB_CD) pattern into config.mk; r=mshal 2014-08-01 12:53:05 -04:00
Monica Chew afefa8ea41 Bug 1047560: Enable pinning on dropbox (r=keeler) 2014-08-01 13:12:38 -07:00
Mike Hommey d9443ec932 Bug 1045783 - Move most OS_LIBS to moz.build and do some related cleanup. r=mshal 2014-08-06 07:25:33 +09:00
Kai Engert a5a24cc8bb Bug 1049006 - Update Mozilla to use NSS 3.17, r=wtc 2014-08-05 22:22:19 +02:00
Ehsan Akhgari 7257b2f870 Bug 579517 follow-up: Remove NSPR types that crept in 2014-08-08 08:39:07 -04:00
Martin Thomson d926cc34de Bug 996237 - Fix nss.def for Android/B2G. r=wtc 2014-08-04 11:51:00 -04:00
Ehsan Akhgari 0403683a4f Bug 1047782 - Fix some bad impliciit constructors in netwerk/; r=mcmanus 2014-08-05 09:20:50 -04:00
Jed Davis b0bd63525b Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang
--HG--
extra : rebase_source : 1b2ec6491277a9dc451ab767d8563076cf522c27
2014-08-04 15:11:33 -07:00
Jed Davis 9d31844f0c Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted
--HG--
extra : rebase_source : 1b890000d5b8d2a8954cdd1118a1023eba829c29
2014-08-04 15:11:18 -07:00
Jed Davis d2d145dc65 Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang
--HG--
extra : rebase_source : e93a4a76f8188d715886e263a366d694c28b4525
2014-08-04 15:11:04 -07:00
Eric Rahm 6fc80c7e16 Bug 1047176 - Part 1: Disable warning C4640 in certverifier. r=keeler
--HG--
extra : rebase_source : a608f8704f57312902b05258ff53a4d1f2010cbc
2014-08-04 11:29:25 -07:00
Patrick McManus f8a14606da bug 1027720 - enforce h2 requirement that sever uses aead r=hurley r=dkeeler 2014-08-04 16:54:10 -04:00
Ed Morley 9239e94fea Backed out changeset fa05c69d7de1 (bug 996237) 2014-08-04 15:34:15 +01:00
Martin Thomson b3853a0865 Bug 996237 - Fix nss.def for Android/B2G. r=wtc 2014-08-01 14:44:00 -04:00
Ed Morley 606b89b834 Backed out changeset 972daa5dd3c5 (bug 1027720) for build failures 2014-08-04 14:33:14 +01:00
Patrick McManus 004b6798a9 bug 1027720 - enforce h2 requirement that sever uses aead r=hurley r=dkeeler 2014-08-01 16:59:00 -04:00
Ed Morley 7feeef7c09 Merge mozilla-central and inbound 2014-08-04 12:23:28 +01:00
Ed Morley b17124bab9 Backed out changeset cabe3163d4bc (bug 1047560) for conflicting with the automated HPKP preload list update 2014-08-04 12:22:36 +01:00
Ed Morley efe972f974 Merge latest green b2g-inbound changeset and mozilla-central; a=merge 2014-08-04 12:13:23 +01:00
ffxbld a86bcdd47d No bug, Automated HPKP preload list update from host bld-linux64-spot-075 - a=hpkp-update 2014-08-02 03:22:22 -07:00
ffxbld b2a536ffc2 No bug, Automated HSTS preload list update from host bld-linux64-spot-075 - a=hsts-update 2014-08-02 03:22:20 -07:00
Bob Owen 8c896093c8 Bug 1045646 - Part 2: Replace AutoPushJSContext in nsCryptoRunnable::Run. r=bholley 2014-08-01 09:00:58 +01:00
Brian Smith 0ccaf0860c Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
--HG--
extra : rebase_source : 2cc39d3c322c1355aad003f2497659a091febac2
2014-08-02 08:49:12 -07:00
Brian Smith de725ae5ef Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
2014-08-01 23:16:21 -07:00
Brian Smith 25a73829af Bug 1041344: Refactor mozilla::pkix::CheckCertificatePolicies, r=cviecco
--HG--
extra : rebase_source : d40184b986e9c6ed44c0b39a485292a91f924f13
2014-07-19 18:51:10 -07:00
Monica Chew 6eea93a408 Bug 1047560: Enable pinning on dropbox (r=keeler) 2014-08-01 13:12:38 -07:00
Jed Davis 9b70e225e5 Bug 1046525 - Allow get{e,}gid and sched_{g,s}etparam in sandboxed content processes. r=kang
Some of these were already in the desktop whitelist; those duplicates
are removed.

--HG--
extra : amend_source : 3ab4b50e3f1980b4d7b93cc17f34b926e2aa2396
2014-08-01 15:05:44 -07:00
Brian Smith 18c07f1b91 Bug 1041186, Part 3: More renaming, r=keeler
--HG--
extra : rebase_source : e4d70240f25f566c3bde91d515739bf46853fe8d
2014-07-31 20:55:52 -07:00
Brian Smith d77dac0580 Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
2014-07-31 12:17:31 -07:00
Brian Smith ffe743ee06 Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
2014-07-18 22:30:51 -07:00
Brian Smith 5f56fc60d6 Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco
--HG--
extra : rebase_source : d5c07dc29a95ccb75a7a8f199de26d43950b9ed4
2014-07-20 11:06:26 -07:00
Brian Smith a95b2088a5 Bug 1039601: Use bounds-checked DERArray instead of plain arrays in pkixocsp.cpp, r=cviecco
--HG--
extra : rebase_source : cbe6257fc470069de0f7cb4f9f169550980a6b98
2014-07-16 09:54:10 -07:00
Brian Smith c45dc156d1 Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
2014-07-18 11:48:49 -07:00
Nathan Froyd 12c76f15f7 Bug 1042878 - part 2 - move MOZ_CAIRO_CFLAGS et al additions to C*FLAGS into moz.build; r=glandium 2014-07-24 11:55:33 -04:00
Andrew McCreight 426692835a Bug 1029151 - Remove dangerous public destructor of nsNSSCertificate. r=keeler 2014-07-30 13:00:29 -07:00
Andrew McCreight 14c7458527 Bug 1029150 - Remove dangerous public destructor of nsCryptoRunnable. r=keeler 2014-07-30 13:00:29 -07:00
Ed Morley dcbfd040d1 Backed out changeset d50d7e88f35e (bug 1012951) for LSan failures 2014-07-30 16:49:43 +01:00
Jed Davis 8cff1bfff8 Bug 1012951 - Sandbox GMP plugins on Linux using seccomp-bpf. r=kang r=ted 2014-07-29 15:31:12 -07:00
Ehsan Akhgari 3fa82c9346 Bug 1045436 - Fix more bad implicit constructors in XPCOM; r=froydnj 2014-07-29 20:43:56 -04:00
Mike Hommey c48f53e37a Bug 1043865 - Remove the remainder of compilation bits from the libs tier. r=gps 2014-07-29 08:59:27 +09:00
Mike Hommey 179299ea01 Bug 1043862 - Make the binaries target use the compile tier. r=gps 2014-07-29 08:58:28 +09:00
Mike Hommey 5f6ba110e6 Bug 1043802 - Remove TOOLS_DIRS and TEST_TOOLS_DIRS. r=gps 2014-07-29 08:55:55 +09:00
Carsten "Tomcat" Book bcf40664e4 merge mozilla-inbound to mozilla-central a=merge 2014-07-28 15:32:36 +02:00
ffxbld 634832a160 No bug, Automated HPKP preload list update from host b-linux64-ix-0010 - a=hpkp-update 2014-07-26 03:16:45 -07:00
ffxbld e56e203db4 No bug, Automated HSTS preload list update from host b-linux64-ix-0010 - a=hsts-update 2014-07-26 03:16:43 -07:00
Jed Davis 301d254a40 Bug 1017393 - Record rejected syscall number in crash dump. r=kang 2014-07-24 11:36:00 +02:00
David Keeler 67d0a99f3a bug 1040889 - don't re-cache OCSP server failures if no fetch was attempted r=briansmith r=cviecco
--HG--
extra : rebase_source : e00c84e62ecca3e97794d3ceafcd1f5f618045d1
2014-07-25 16:59:22 -07:00
Mike Hommey a62cdc4fa7 Bug 1043344 - Move libraries and programs build to the compile tier. r=gps 2014-07-25 07:14:40 +09:00
Jeff Walden 235c1f7500 Bug 1037100 - Remove all use of ScopedDeleteArray from miscellaneous places. r=jcranmer
--HG--
extra : rebase_source : 937557b819742ee62e10a4afa6c5152b910cd8b2
2014-07-10 20:37:40 -07:00
Alexandre Poirot 7ea4dd517f Bug 1027242 - Blacklist mulet's failing tests + expose 'mulet' to ini files; fix previous bustage on a CLOSED TREE, r=ahal 2014-07-02 15:40:56 -07:00
Brian Smith 2544688b97 Bug 1041730: Remove unused parameters from PublicKeyPinningService, r=cviecco
--HG--
extra : rebase_source : 6a091a32ab5178899fc1f9ceb57614f4a87f25c3
2014-07-21 19:18:31 -07:00
Brian Smith a2f498819e Bug 1039031: Print name of server in TLS/OCSP tests, r=cviecco
--HG--
extra : rebase_source : 4d5ae2bdd920f29c6f820b6daf035ddb12406b12
2014-07-15 16:58:31 -07:00
Marco Castelluccio 3236b9594b Bug 1021345 - Allow apps to be installed from the Marketplace staging server. r=fabrice 2014-07-23 13:20:25 +02:00
Mike Hommey 7cab62150a Bug 1041936 part 2 - Directly use the static library "xul" to link into "xul-gtest" instead of having an intermediate library "xul" used by "xul-shared" and "xul-gtest". r=gps 2014-07-23 13:33:09 +09:00
Mike Hommey 95063176fa Bug 1036894 part 9 - Replace all EXTRA_DSO_LDOPTS, SHARED_LIBRARY_LIBS and LIBS with EXTRA_LIBS, OS_LIBS or OS_LDFLAGS, appropriately. r=gps
OS_LIBS for libraries that are not part of the gecko tree, EXTRA_LIBS for
libraries, such as NSPR, that are in the tree, but are not handled by
moz.build just yet. Those EXTRA_LIBS may also come from a system library.
However, in cases where the expanded variables are always empty for the
in-tree case, OS_LIBS is used (as for, e.g. MOZ_ZLIB_LIBS). OS_LDFLAGS is
used exclusively for non-library linker flags.

Always pass EXTRA_LIBS before OS_LIBS on linker command lines.

Forbid EXTRA_DSO_LDOPTS, SHARED_LIBRARY_LIBS and LIBS in Makefiles.
2014-07-23 13:31:02 +09:00
Mike Hommey 5fab42fcaf Bug 1036894 part 8 - Move most in-tree library linkage information to moz.build, as USE_LIBS. r=gps 2014-07-23 13:30:52 +09:00
Mike Hommey 6d6d400ea1 Bug 1036894 part 6 - Emit SimplePrograms for CPP_UNIT_TESTs, and make the corresponding moz.build config look like that of SIMPLE_PROGRAMS. r=gps 2014-07-23 13:29:44 +09:00
Mike Hommey a33d7d67e6 Bug 1036894 part 1 - Move MAKE_FRAMEWORK, SDK_LIBRARY, SHARED_LIBRARY_NAME and STATIC_LIBRARY_NAME to moz.build. r=gps
At the same time, make the Library data more useful in the build frontend.
2014-07-23 13:29:09 +09:00
Wes Kocher be4af0e0fd Merge m-c to inbound 2014-07-22 18:39:17 -07:00
Jonathan Griffin 1c5d8636ac Backed out changeset 64586374a208 on a CLOSED TREE 2014-07-22 18:29:57 -07:00
Jim Mathies e5f4ec183a Bug 948574 - Provide limited access to nsISiteSecurityService apis in the child, and prevent the direct creation of nsISiteSecurityService. r=bz, sr=ptheriault, original author: David Keeler <dkeeler@mozilla.com> 2014-07-22 07:17:45 -05:00
Ehsan Akhgari a50127383b Bug 1041325 - Use intrin.h for _ReturnAddress in the chromium sandbox code; r=bbondy
--HG--
extra : rebase_source : 06bb642636a9f3df2e75eb950816a7d48da85faf
2014-07-20 19:05:44 -04:00
Ehsan Akhgari da7f65d605 Backed out changeset 4b792c35d0be (bug 1041325) because of build bustage 2014-07-20 19:19:05 -04:00
Ehsan Akhgari 006ec45925 Bug 1041325 - Use intrin.h for _ReturnAddress in the chromium sandbox code; r=bbondy 2014-07-20 19:05:44 -04:00
Ryan VanderMeulen 21d58ba963 Merge m-c to inbound. a=merge 2014-07-20 15:14:23 -04:00
ffxbld bc78cf0191 No bug, Automated HPKP preload list update from host bld-linux64-spot-477 - a=hpkp-update 2014-07-19 03:17:35 -07:00
ffxbld a6a2bd935e No bug, Automated HSTS preload list update from host bld-linux64-spot-477 - a=hsts-update 2014-07-19 03:17:32 -07:00
Alexandre Poirot 98afd25e0d Bug 1027242 - Blacklist mulet's failing tests + expose 'mulet' to ini files; fix previous bustage on a CLOSED TREE, r=ahal 2014-07-02 15:40:56 -07:00
Jonathan Griffin 38f79ff899 Backout 4f6d9db92389 for bustage on a CLOSED TREE 2014-07-22 17:55:50 -07:00
Mike Hommey 622bf09730 Bug 1041864 - Remove LIBRARY_NAMEs that aren't used. r=mshal 2014-07-23 08:39:56 +09:00
Alexandre Poirot 37506aa45c Bug 1027242 - Blacklist mulet's failing tests + expose 'mulet' to ini files. r=ahal 2014-07-02 15:40:56 -07:00
Camilo Viecco 2fb2490eb9 Bug 1004353 - Enable pinning for TOR websites. r=mmc
--HG--
extra : rebase_source : d880368dd9eaaafcde353ce187438ae074994bfa
2014-07-22 14:28:52 -07:00
Jed Davis 90ebf4e684 Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted
--HG--
extra : amend_source : 450d51dab077794e194bf407044de95627de0cde
2014-07-17 14:57:28 -07:00
Richard Barnes 91cfa4eae8 Bug 1034852 - Add support for AES-KW to WebCrypto API r=keeler 2014-07-19 07:04:00 -05:00
Richard Barnes e10fdbd715 Bug 1025230 - Allow import/export of JWK-formatted keys in WebCrypto r=bz,keeler 2014-07-19 08:25:00 -05:00
Makoto Kato 3708a1ba13 Bug 984033 - Large OOM in nsStreamLoader::WriteSegmentFun. r=honza 2014-07-17 17:37:33 +09:00
Jed Davis c55ab9dd20 Bug 1038900 - Dynamically allocate signal number for sandbox startup. r=kang 2014-07-16 13:37:00 +02:00
Tim Abraldes 1aaa7148c1 bug 985252. Build sandbox code regardless of whether --enable-content-sandbox/MOZ_CONTENT_SANDBOX is provided. Enable sandboxing of GMP plugins. Enable `SandboxBroker` to set different security policies for different process types. r=bbondy, r=cpearce, r=bent 2014-07-16 16:01:34 -07:00
Wan-Teh Chang 22a38b2f79 Bug 1025729: Update NSS to NSS_3_17_BETA1.
Also includes fixes for bug 836658, bug 1026148, bug 1028582, bug 920719.
2014-07-16 14:26:11 -07:00
Cykesiopka a04b962a5e Bug 360126 - OCSP Delegated Responder Test. r=briansmith 2014-07-15 19:51:00 -04:00
Cykesiopka 4e47589e4d Bug 360126 - Main tests. r=cviecco 2014-07-15 19:50:00 -04:00
Cykesiopka 0289b45f0c Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith 2014-07-15 19:49:00 -04:00
Bob Owen d1da9cff99 Bug 1035275 - Remove unused base Chromium code. r=bbondy 2014-07-07 13:59:11 +01:00
Brian Smith 8483b958ad Bug 1038837: Factor out mozilla::pkix::Input into a separate header, r=mmc
--HG--
rename : security/pkix/lib/pkixder.h => security/pkix/include/pkix/Input.h
rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h
extra : rebase_source : 09bac0a183932f721cdfd32936595867e4dc26ce
2014-07-13 13:17:36 -07:00
Brian Smith 96c220acca Bug 1038828: Replace mozilla::pkix::der::Result with uses of mozilla::pkix::Result, r=mmc
--HG--
rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h
extra : rebase_source : e385af4bab665627aa5d434db04830065cbc641f
2014-07-15 10:33:49 -07:00
Jed Davis 2ff3fcad0d Bug 1038490 - Fix misuse of MOZ_WIDGET_GONK in Linux content process sandbox policy. r=kang
--HG--
extra : amend_source : 0a7fe8ca751b59102cbc23316b18982268306423
2014-07-14 18:35:56 -07:00
Jed Davis 79f8763545 Bug 1038486 - Fix Linux desktop seccomp sandbox build on 32-bit x86. r=kang
--HG--
extra : amend_source : 130d2cbd485734997739ea96ac5d83c01899d8b0
2014-07-09 16:52:56 -07:00
Brian Smith 1c90cc26f0 Bug 916629, Part 4: Unit tests for trust of delegated OCSP responder certificates for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : c473285add9faee9a876677404935bdc253832cb
2014-07-10 21:20:17 -07:00
Brian Smith a60ce49776 Bug 916629, Part 3: Unit tests for OCSP responses signed by a delegated OCSP responder for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : c2c78458aa674dcc1e1426a0efc81df19b73ac4f
2014-07-10 22:14:57 -07:00
Brian Smith 4df6195ea8 Bug 916629, Part 2: Unit tests for "successful" OCSP responses for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 14633119755cbfd55fc3bfef9cf482de3d638b53
2014-07-15 10:09:26 -07:00
Brian Smith d1fd17671c Bug 916629, Part 1: Unit tests for OCSP responses without responseBytes, r=keeler
--HG--
extra : rebase_source : 62ef4209745ff8f2c5a852beb1a9823cbe7c7ff4
2014-07-14 23:09:36 -07:00
jvoisin 20443103f0 Bug 1035786 - Fix namespace bug in Linux sandbox LOG_ERROR macro. r=jld 2014-07-08 05:53:00 +01:00
Jed Davis 51e7e12a6c Bug 1035786 - Avoid warning-as-error sandbox build failure with an explicit cast. r=gdestuynder
getpid() is never negative, so this is safe.
2014-07-10 17:37:45 -07:00
Bob Owen d9210e4477 Bug 1035786 - Fix member variable initialisation order in LogMessage stub in Linux Sandbox.cpp. r=jld 2014-07-09 12:32:49 +01:00
Tim Taubert 09f7b51771 Bug 1026398 - Add support for RSA-OAEP to WebCrypto API r=rbarnes,bz,dkeeler
* * *
Bug 1026398 - Add RSA-OAEP tests r=rbarnes
2014-07-14 18:33:12 -07:00
Brian Smith 7cd854102a Bug 1038098: Save intermediate certificates during TLS handshake, r=keeler
--HG--
extra : rebase_source : 99e2551e78bc8eac91174e5320c15623ede26642
extra : histedit_source : c4af1c24b95b1b3c8a86d06575645b6ffc5308a6
2014-07-14 16:43:33 -07:00
Brian Smith 17375cc8b3 Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : dd8dc1243ea2e37955a15f2481e1c452311e90d8
extra : histedit_source : adc1a2035d41c608d3f0ebe14bba159b2857502d
2014-07-06 19:36:05 -07:00
Brian Smith beb502cd9f Bug 1036107, Part 2: Test algorithm identifier parsing, r=keeler
--HG--
extra : rebase_source : c800d42856d81ba8cceaadde0caa98477b3008f4
extra : histedit_source : 71305fa34b435450525ae3a3e603aef065eaec14
2014-07-10 18:30:58 -07:00
Brian Smith c162caba82 Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 94c49062ae3ddf755651f151e2d648543b10e1ad
extra : histedit_source : a7377bf1d9adb62e1c584e2adeb793aa074245fb
2014-07-10 19:00:32 -07:00
Birunthan Mohanathas be38d67e26 Bug 1038417 - Convert tabs to spaces in moz.build files. r=gps 2014-07-14 15:58:10 -07:00
Monica Chew 5d17335955 Bug 1020485: Enable production mode for fxa (r=keeler) 2014-07-14 13:06:25 -07:00
Carsten "Tomcat" Book 90fb1d9bfd merge mozilla-inbound to mozilla-central a=merge 2014-07-14 14:34:36 +02:00
ffxbld 51ac93f62d No bug, Automated HPKP preload list update from host bld-linux64-spot-135 - a=hpkp-update 2014-07-12 03:13:54 -07:00
ffxbld 8ea8348fac No bug, Automated HSTS preload list update from host bld-linux64-spot-135 - a=hsts-update 2014-07-12 03:13:52 -07:00
Ryan VanderMeulen 296caa949c Merge inbound to m-c. a=merge 2014-07-11 16:34:56 -04:00
ffxbld 457f78b54e No bug, Automated HPKP preload list update from host bld-linux64-spot-1092 - a=hpkp-update 2014-07-11 06:19:00 -07:00
ffxbld 9acfc86acf No bug, Automated HSTS preload list update from host bld-linux64-spot-1092 - a=hsts-update 2014-07-11 06:18:58 -07:00
Ed Morley 65aa1f33ef Backed out changeset 5460c4558253 (bug 1026398) for test_WebCrypto.html timeouts on B2G; CLOSED TREE 2014-07-11 17:01:44 +01:00
Mike Hommey 70a5917917 Bug 1036864 - Remove EXPORT_LIBRARY. r=mshal 2014-07-11 19:06:55 +09:00
Brian Smith 60c3387388 Bug 1036765: Disable cipher suites that are not in the "Browser Cipher Suite" proposal that are still enabled, r=keeler
--HG--
extra : rebase_source : af06ac8fe6c2132b942ca4a1a50a12505b3ca508
extra : histedit_source : 2127635c80fbff235136980990993e753509e802
2014-07-09 18:33:38 -07:00
Harsh Pathak 1716725017 Bug 1036080 - Fix addCertFromBase64() to update trust bits of existing permanent certificates. r=keeler 2014-07-10 11:38:00 +02:00
Richard Barnes d3ecd20c07 Bug 1021607 - Add support for PBKDF2 to WebCrypto API. r=bz
0001 - Introduce BasicSymmetricKeyAlgorithm r=rbarnes
0002 - Implement import key operation for PBKDF2 r=bz,rbarnes
0003 - Introduce MapAlgorithmNameToMechanism() r=rbarnes
0004 - Implement derive bits operation for PBKDF2 r=rbarnes,keeler,bz
0005 - Introduce GetKeySizeForAlgorithm() r=rbarnes
0006 - Implement derive keys operation for PBKDF2 r=rbarnes,bz
2014-07-12 20:06:00 +02:00
Richard Barnes f58a5d84f8 Bug 1026398 - Add support for RSA-OAEP to WebCrypto API. r=bz,dkeeler 2014-07-10 13:44:00 +02:00
Nathan Yee b346b2aea3 Bug 1006671 - Remove unnecessary JSContext argument to nsContentUtils::GetContentSecurityPolicy. r=bholley 2014-07-10 19:25:00 +02:00
Monica Chew 0d4a092978 Bug 1036142: Don't use kPublicKeyPinningPreloadListLength (r=keeler) 2014-07-09 12:58:40 -07:00
Brian Smith 94e53dc0be Bug 1035942: Decide whether to consider end-entity CN as a dnsName in CheckNameConstraints instead of in BuildCertChain, r=cviecco
--HG--
extra : rebase_source : 19c5949253e4e631b0bd841f17f000885001b327
extra : histedit_source : dce57eb862a2a13d07d11fdf6917afcf6cb4136c
2014-07-08 13:04:17 -07:00
Brian Smith 3f110246be Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
2014-07-06 15:55:38 -07:00
Mike Shal ba3758b281 Bug 1036569 - Fix NSS_STATIC_LIBS with carriage return on Windows; r=glandium 2014-07-09 14:38:29 -04:00
Camilo Viecco 65d9a348ea Bug 1030204 - 2/2 Tests for Name constraints for ANSSI(DCISS) Root cert in psm. r=keeler
--HG--
extra : rebase_source : 0b64f7206446a8c414df5b0f4a9653f0180b8b44
2014-07-08 16:16:22 -07:00
Camilo Viecco 867a197ca1 Bug 1030204 - 1/2 Name constraint ANSSI(DCISS) Root cert in mozilla::pkix. r=keeler
--HG--
extra : rebase_source : 221ca75af601649731bf83cace2e6b0edcd4b2ab
2014-07-08 16:16:26 -07:00
Monica Chew fccf311e4a Bug 1035923: Remove deprecated certs from google_root_pems (r=keeler) 2014-07-08 16:01:29 -07:00