Martin Thomson
e4182ac689
Bug 1083058 - Adding pref to control TLS version fallback, r=keeler
...
From af667978f8915e6ebfaf02f8967b3d320d409a24 Mon Sep 17 00:00:00 2001
---
netwerk/base/public/security-prefs.js | 1 +
security/manager/ssl/src/nsNSSIOLayer.cpp | 21 +++++-
security/manager/ssl/src/nsNSSIOLayer.h | 2 +
.../manager/ssl/tests/gtest/TLSIntoleranceTest.cpp | 76 +++++++++++++++++++---
4 files changed, 90 insertions(+), 10 deletions(-)
2014-10-02 16:36:48 -07:00
Jed Davis
82a97e04c9
Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang
...
--HG--
extra : amend_source : f80a3a672f5496f76d8649f0c8ab905044ea81ac
2014-10-20 12:29:25 -07:00
Carsten "Tomcat" Book
db53227352
merge mozilla-inbound to mozilla-central a=merge
2014-10-20 14:34:56 +02:00
ffxbld
0c786b120d
No bug, Automated HPKP preload list update from host bld-linux64-spot-069 - a=hpkp-update
2014-10-18 03:18:53 -07:00
ffxbld
a20f696cba
No bug, Automated HSTS preload list update from host bld-linux64-spot-069 - a=hsts-update
2014-10-18 03:18:51 -07:00
Jim Mathies
5dcb538c28
Bug 1083325
- Gracefully deal with null ssl status when serializing/deserializing TransportSecurityInfo. r=dkeeler
2014-10-16 14:11:19 -05:00
Cykesiopka
1c4af4e6a1
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
2014-10-18 15:18:00 +02:00
Cykesiopka
c30bd575d3
Bug 622859 - Tests for bug 622859. r=briansmith,keeler
2014-10-16 05:22:00 +02:00
Tanvi Vyas
12cc245a41
Bug 418354 - update test for bug 455367. Insecure image loads should be considered mixed display content regardless of whether image data was actually returned. r=honzab
2014-10-18 13:21:23 -07:00
David Keeler
8c488b9625
bug 1042889 - test certificate overrides for untrusted x509v1 certificates used as CAs r=mmc
2014-10-15 10:42:13 -07:00
David Keeler
36e798be2b
bug 1042889 - allow overrides for untrusted x509v1 certificates used as CAs r=mmc
2014-10-15 10:39:57 -07:00
David Keeler
0a4f56b330
bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith
2014-10-15 10:38:51 -07:00
Bob Owen
64a69cb8af
Bug 1080567: Don't report registry NAME_NOT_FOUND errors for the Windows warn only sandbox. r=tabraldes
2014-10-13 15:12:28 +01:00
Martin Thomson
e10ee742fd
Bug 1076983 - Disabling SSL 3.0 with pref
2014-10-14 17:17:35 -07:00
Jon Morton
1700296f02
Bug 979835: Port BoxObject and its subclasses to WebIDL. r=khuey sr=bz
...
--HG--
rename : layout/xul/nsIPopupBoxObject.idl => dom/webidl/PopupBoxObject.webidl
rename : layout/xul/tree/nsITreeBoxObject.idl => dom/webidl/TreeBoxObject.webidl
rename : layout/xul/nsBoxObject.cpp => layout/xul/BoxObject.cpp
rename : layout/xul/nsBoxObject.h => layout/xul/BoxObject.h
rename : layout/xul/nsListBoxObject.cpp => layout/xul/ListBoxObject.cpp
rename : layout/xul/nsMenuBoxObject.cpp => layout/xul/MenuBoxObject.cpp
rename : layout/xul/nsPopupBoxObject.cpp => layout/xul/PopupBoxObject.cpp
2014-10-14 13:15:21 -07:00
Jed Davis
56cddbd763
Bug 1080077 - For sandbox failures with no crash reporter, log the C stack. r=kang
...
This is mostly for ASAN builds, which --disable-crash-reporter, but also
fixes a related papercut: debug builds don't use the crash reporter
unless overridden with an environment variable.
Note: this is Linux-only, so NS_StackWalk is always part of the build;
see also bug 1063455.
2014-10-13 18:48:17 -07:00
Mike Hommey
951b27b2b0
Bug 1080994 - Build libclearkey without a dependency on mozalloc or mozglue. r=dkeeler,r=cpearce
2014-10-14 07:13:25 +09:00
Sylvestre Ledru
20095be902
Bug 1081935 - Missing UUID bump. r=gavin a=me
2014-10-13 17:27:42 +02:00
Ryan VanderMeulen
ad3210dd8e
Merge inbound to m-c. a=merge
2014-10-11 16:16:00 -04:00
ffxbld
aa2c9e3dc4
No bug, Automated HPKP preload list update from host bld-linux64-spot-412 - a=hpkp-update
2014-10-11 03:18:06 -07:00
ffxbld
662e6c9a21
No bug, Automated HSTS preload list update from host bld-linux64-spot-412 - a=hsts-update
2014-10-11 03:18:03 -07:00
Stephen Pohl
0b58cd9573
Bug 1077282: Cleanup uses of GreD vs GreBinD, introcuded by v2 signature changes on OSX. Based on initial patch by rstrong. r=bsmedberg
2014-10-10 15:06:57 -04:00
Kai Engert
2251b66f13
Bug 1075686, Update Mozilla 35 to use NSS 3.17.2, RTM
2014-10-10 19:16:08 +02:00
Patrick McManus
9c3bce6805
bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler
2014-08-20 16:30:16 -04:00
Brian Smith
0cacd2ed70
Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler
2014-10-05 17:18:11 -07:00
Carsten "Tomcat" Book
da90427b6c
Backed out changeset b885a82dc02a (bug 1078108) for breaking B2g ICS Builds
2014-10-10 09:01:45 +02:00
Brian Smith
2565f9b33d
Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler
...
--HG--
extra : rebase_source : 3115275b2b1c5337cbea0fd43a2221fcd54dadc1
extra : source : bb5694e268255b6549ccaaaddca74fbb83d4bda1
2014-10-05 17:18:11 -07:00
Brian Smith
201e27f5f3
Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
...
--HG--
extra : rebase_source : 8734920020e0889ea6cac1e878b182326bbf81d6
2014-10-07 18:30:47 -07:00
Wan-Teh Chang
de5513f839
Bug 1075686: Update Mozilla 35 to use NSS 3.17.2 Beta 2.
...
This fixes bug 1049435.
2014-10-09 10:58:30 -07:00
David Keeler
a052b67f71
bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith
2014-10-08 09:48:15 -07:00
David Keeler
af214d36f8
bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith
2014-10-08 09:33:59 -07:00
David Keeler
42cd9ec5ca
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
2014-10-07 09:35:42 -07:00
Eric Rahm
7fffd05532
Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
2014-10-08 13:19:14 -07:00
Eric Rahm
8d715a7fe4
Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
2014-10-08 13:17:32 -07:00
David Keeler
71bd008415
backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:10:46 -07:00
David Keeler
6e65e0bca0
backout 9692998f547e (bug 1058812 2/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:10:10 -07:00
David Keeler
4279bb931d
backout 0097b4ffaf33 (bug 1058812 3/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:09:26 -07:00
David Keeler
3718659874
bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith
2014-10-08 09:48:15 -07:00
David Keeler
7ad555939c
bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith
2014-10-08 09:33:59 -07:00
David Keeler
5606be5b15
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
2014-10-07 09:35:42 -07:00
Brian Smith
7c87c719cd
Bug 1077887: Work around old GCC "enum class" bug, r=mmc
...
--HG--
extra : rebase_source : 983e8d8bcfded10d1d1dca793d610996b40b444d
2014-10-04 18:45:31 -07:00
Brian Smith
121791c43f
Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc
...
--HG--
extra : rebase_source : f0483e775c6fefc256fc9527b1b1118086cc121f
2014-10-03 15:52:38 -07:00
Andrew Halberstadt
d292ee73f1
Bug 1066735 - Remove root b2g and android specific xpcshell manifests, r=chmanchester
2014-10-07 18:18:28 -04:00
David Keeler
4ae95106e2
bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB
2014-10-06 11:28:15 -07:00
Ehsan Akhgari
15ca5186a6
Fix one bad implicit constructor in pkix, no bug, blanket-rs=bsmith
2014-10-07 09:46:59 -04:00
Carsten "Tomcat" Book
811400331c
Backed out changeset 76000f9f12da (bug 1077859) for causing frequent Mac OSX XPCshell test failures
2014-10-07 12:53:42 +02:00
Carsten "Tomcat" Book
f3c6c6a49b
Backed out changeset 16fe1b9eb9e6 (bug 1077887)
2014-10-07 12:53:03 +02:00
Carsten "Tomcat" Book
2dbcab7289
Backed out changeset 124b04c01c71 (bug 1077926)
2014-10-07 12:52:49 +02:00
Brian Smith
655ade7a8b
Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
...
--HG--
extra : rebase_source : 360fe925397688c1d0a2386c4974def6b571f0d4
2014-10-05 00:29:43 -07:00
Brian Smith
1fc729071e
Bug 1077887: Work around old GCC "enum class" bug, r=mmc
...
--HG--
extra : rebase_source : ce707672dfc0587760c09701fd6adbe26c874916
2014-10-04 18:45:31 -07:00