e7883e4059
Backed out changeset 490eb9194ae1 (bug 1228175) for TestIsCertBuiltInRoot failures on at least Android
...
MozReview-Commit-ID: 7kpuhoY0CJw
2016-03-09 14:22:36 -08:00
f228ba40a1
bug 1228175 - fix IsCertBuiltInRoot r=Cykesiopka,mgoodwin
...
When a built-in root certificate has its trust changed from the default value,
the platform has to essentially create a copy of it in the read/write
certificate database with the new trust settings. At that point, the desired
behavior is that the platform still considers that certificate a built-in root.
Before this patch, this would indeed happen for the duration of that run of the
platform, but as soon as it restarted, the certificate in question would only
appear to be from the read/write database, and thus was not considered a
built-in root. This patch changes the test of built-in-ness to explicitly
search the built-in certificate slot for the certificate in question. If found,
it is considered a built-in root.
MozReview-Commit-ID: HCtZpPQVEGZ
--HG--
extra : rebase_source : 898ef37459723f1d8479cfdc58658ccb00e782a9
2016-03-04 17:06:33 -08:00
0926cc2911
Bug 1254653 - Add telemetry to measure how often we encounter EV certificates r=keeler
...
MozReview-Commit-ID: FvDpMGEJGLQ
--HG--
extra : rebase_source : 8dab354175e1a7b57450011bc50ffa6fd13448b7
2016-03-08 17:30:40 -05:00
1ca11b97af
merge mozilla-inbound to mozilla-central a=merge
2016-03-09 11:46:43 +01:00
3e380e6fa3
No bug, Automated HPKP preload list update from host bld-linux64-spot-223 - a=hpkp-update
2016-03-08 19:41:38 -08:00
a560947174
No bug, Automated HSTS preload list update from host bld-linux64-spot-223 - a=hsts-update
2016-03-08 19:41:36 -08:00
610314abc0
Bug 1253958 - Make getHSTSPreloadList.js and genHPKPStaticPins.js gracefully handle trailing whitespace in URL entries. r=dkeeler
...
MozReview-Commit-ID: Kyc7JzxVEo0
--HG--
extra : rebase_source : 009554017b7ec1e2c6e57430ee554eb94deb2a3a
2016-03-06 16:02:52 -08:00
0fb560192b
Bug 1253166 - Remove UI to override RC4 errors. r=keeler
2016-03-08 06:34:42 +09:00
e9c1221a17
Bug 1254306 - Do not check the fallback limit version for the RC4 fallback. r=keeler
2016-03-09 07:38:43 +09:00
777c075f0e
Bug 1253010 - part 3 - create all nsIDateTimeFormat instances directly; r=smontagu
2015-12-05 11:03:27 -05:00
ae4c78cdd2
Bug 1253010 - part 1 - refactor nsX509CertValidity time formatting; r=keeler
...
nsX509CertValidity has several copy-pasted routines that differ only
slightly in the parameters they use for formatting times. Let's have a
single place to do the formatting and pass in the appropriate
parameters.
2015-12-05 10:26:19 -05:00
bda0bd02db
Bug 1253194: Suppress -Wimplicit-fallthrough clang warning for intentional fallthrough in icu_utf.cc (which is imported code). r=bobowen
2016-03-04 09:00:40 -08:00
9b8bef561d
Bug 1245053, NSS_3_23_RTM, only version numbers finalized, no code changes, DONTBUILD
2016-03-03 10:53:54 +01:00
a650e7a431
Bug 1250254 - Enable ESLint "no-throw-literal" rule for PSM. r=dkeeler
...
MozReview-Commit-ID: LZcitO0FTWH
--HG--
rename : security/manager/.eslintrc => security/manager/.eslintrc.json
extra : transplant_source : %95%EA%08ofJn-l%3D%A2W%90%A6i%E4%5D%A1c%3E
2016-02-29 20:05:55 -08:00
8662000fad
bug 1049969 - add symbols file for the test pkcs11 module so it works on Windows r=jcj
...
MozReview-Commit-ID: KRaAmd7icd8
--HG--
extra : rebase_source : 2c0f1b8cf055574c01d6a6ef15af4246d00151bc
2016-03-01 17:12:38 -08:00
cff547515b
Bug 1250256 - Partially clean up nsSDR.cpp. r=keeler
...
MozReview-Commit-ID: FoS4oTjnd7F
--HG--
extra : transplant_source : %03%85%27T%06%E6%FB%FD%10%2C%F6%D9%92%F7I%60%B0%C1vr
2016-03-01 20:07:53 -08:00
e3710a089b
bug 1197314: Remove PR_snprintf calls in security/manager/ssl/ r=keeler
...
MozReview-Commit-ID: Kq5kWzC1UHU
2016-02-26 15:31:43 -08:00
3a39756220
bug 1250818 - remove certificate issuer organization to common name fallback r=Cykesiopka
...
Before this change, if a certificate's issuer DN did not have an organization
component, nsIX509Cert.issuerOrganization would fall back to using the issuer
common name. This was never a good idea, because this gave misleading
information to consumers of this interface. Furthermore, it appears that all
consumers of this interface already do such a fallback (for display purposes)
when they've determined that it's a reasonable thing to do.
MozReview-Commit-ID: p2gmSP0nZW
--HG--
extra : rebase_source : 2248ff01e8c0e9a79b27f4406fdc2f0a4ed98360
2016-02-26 13:18:02 -08:00
4d0d854bab
Bug 1173679 - Add tests for the "security.OCSP.enabled" pref. r=dkeeler
...
MozReview-Commit-ID: BQurIgVY8os
--HG--
extra : transplant_source : Z%25%16_%EB%0ABe%98%1B%F5%E5%FE%8C%AA%F0%18%90%16%AB
2016-02-28 17:49:06 -08:00
7f956c0bfb
merge mozilla-inbound to mozilla-central a=merge
2016-02-29 11:35:30 +01:00
b9a9010687
Bug 1249595 - Enable 11 more ESLint rules for PSM. r=keeler
...
MozReview-Commit-ID: FxS9SPRMMxf
--HG--
extra : transplant_source : %18%08%F0%EB%E3%AD%3E%F7%94%80%05%C0%D0P%5Co.%940%7E
2016-02-26 12:35:34 -08:00
6ca62e9a7f
Bug 1245053, Upgrade Mozilla 47 to use NSS 3.23, land RC0, r=me
2016-02-26 11:23:11 +01:00
896a7362d7
Bug 1247860 - Enable ChaCha20/Poly1305 cipher suites r=emk,keeler
2016-02-26 12:37:19 +01:00
a1c1defa04
bug 1199850 - remove unnecessary PSM xpcshell extended key usage tests r=Cykesiopka,jcj
...
MozReview-Commit-ID: 8Uz4bN87872
--HG--
extra : rebase_source : a3021481a40c7e974a3b756021e274beeb7f30d6
2016-02-24 14:20:01 -08:00
3cdbeb2bd6
Bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html; r=bobowen
...
Modify the Mac sandbox to allow temporary files to be created in a
parent-specified subdirectory of NS_OS_TEMP_DIR. This is similar to the
Windows approach. The parent provides a UUID in a preference which is
used by the content process to form the subdirectory name.
MozReview-Commit-ID: 6BONpfZz8ZI
--HG--
extra : rebase_source : ad18e091918356a1a40c13f1453972b4512ad476
2016-02-25 15:26:13 -08:00
6a5ff52e36
backing out c815269c99c8, bug 1245053, CLOSED TREE
2016-02-25 18:51:37 +01:00
48201519cb
Bug 1245053, test NSS_3_23_BETA7, r=me
2016-02-25 15:35:08 +01:00
e232fcd2d4
Merge mozilla-central to mozilla-inbound
2016-02-25 11:59:05 +01:00
3695dd59e0
merge mozilla-inbound to mozilla-central a=merge
2016-02-25 11:57:51 +01:00
45a1207cdf
Bug 1201437 - Make cert override tests check for STATE_CERT_USER_OVERRIDDEN. r=keeler
...
MozReview-Commit-ID: G6KQPXHbEPL
--HG--
extra : rebase_source : 9ed61d521996d96d2d18f5d602439bedc46393c0
2016-02-24 22:45:12 -08:00
0147157053
Bug 1201437 - Add new WebProgress state flag for user-overridden cert. r=keeler
...
MozReview-Commit-ID: cvBYSZykK0
--HG--
extra : rebase_source : 68038f9d21a33efac139eedd26636f815217d2d6
2016-02-24 22:46:52 -08:00
a150859d8e
Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. r=dkeeler
...
MozReview-Commit-ID: 5OClBV522lv
--HG--
extra : transplant_source : G%A3%3B%A0%AC%0D%25%F2%C5K%DC8%0F%90%1B%7Bf%E0%93%F7
2016-02-18 06:01:39 -08:00
f64795a71b
Bug 1246365 - Enable eslint "comma-spacing" and "semi" rules for PSM. r=keeler
...
MozReview-Commit-ID: 7FVcD7O9mpG
--HG--
extra : transplant_source : R%C3B%B73%0A%9E%FA%83_%CF%FE%86O%B4%FF%C4f%EB%9C
2016-02-18 21:16:50 -08:00
da44ab790c
Bug 1220237 - Remove uses of nsIEnumerator from PSM. r=keeler
...
MozReview-Commit-ID: 3FhBCqnJz4n
--HG--
extra : transplant_source : %1B%9B%40%EAzK%A2%F6%B0%FF%FF%A3O%A6%D7%25c%DD%F1U
2016-02-24 17:42:45 -08:00
5553a6adbf
Bug 1245053, landing NSS_3_23_BETA5, r=mt
2016-02-23 00:50:19 +01:00
f9727da7b1
Bug 1188045 - Part 1: Move the definition of sandboxTarget::Instance() out-of-line; r=bobowen,glandium
...
This is required so that delay-loading xul.dll works with clang-cl.
2016-02-22 09:55:09 -05:00
62bd6f7a62
bug 1248099 - add extended key usage tests for mozilla::pkix r=Cykesiopka,jcj
...
MozReview-Commit-ID: 9rXn5Q1wsnx
--HG--
extra : rebase_source : f598007d568c7394898294d66b1845a173f97dc2
2016-02-12 17:24:54 -08:00
51a37ae665
bug 1241650 - remove nsIX509CertDB.findCertNicknames r=mgoodwin
...
MozReview-Commit-ID: JtU7H5qGvge
--HG--
extra : rebase_source : fae856a160e5cc987702794f805030b2d1cc3533
2016-01-21 15:14:31 -08:00
156ed9a0ed
Bug 1247580 P2 Add gtest to ensure we can continue to deserialize old security info strings. r=bz
2016-02-17 07:18:00 -08:00
7382b7bc31
Bug 1247580 P1 Allow old nsIX509Cert serialized objects to be read off disk. r=bz
2016-02-17 07:18:00 -08:00
e5ab49e43e
Bug 1247847 - Use smart pointers in nsNSSCertHelper.cpp to manage NSS resources. r=keeler
...
This lets us remove things like gotos in the code, and makes resource ownership slightly clearer.
MozReview-Commit-ID: Kucn7exhLd7
--HG--
extra : transplant_source : %27%FF%D2tjLI%9B5ep%21%B7%FA%92%08%14%07%12%C6
2016-02-16 16:25:09 -08:00
eb91d4f287
Bug 1244245 - Enable eslint "curly" rule for PSM. r=keeler
...
Also includes minor cleanup.
MozReview-Commit-ID: CHgbTIa3s2O
--HG--
extra : transplant_source : %FD%ACi%DE%3E%28%0D%D2_%5Dc%1Dk%E6%E8%EDw%D5%FA%93
2016-02-16 17:27:49 -08:00
be2b50a7f8
Bug 1248252 - Improper outdated octal constant syntax in M-C tree. Use '0o' prefix. r=dao
...
Be warned. Do not attemp to change the .js "test" source code in ./js
They are meant to check
- the outdated 0666 octal constant is still parsed correctly,
- the outdated 0666 octal constant raises syntax error flag
in strict mode, etc.
So leave them alone.
2016-02-15 08:57:00 +01:00
be7b0e4539
Backed out 2 changesets (bug 1247250) for bustage. r=bustage on a CLOSED TREE
...
Backed out changeset 8aded3a039f5 (bug 1247250)
Backed out changeset 374e6d0abf0e (bug 1247250)
2016-02-12 00:42:48 +01:00
8e3a5c71be
Bug 1247250 - followup: fix comments to reflect the review comment. r=keeler DONTBUILD
2016-02-12 07:43:21 +09:00
e40094eb48
Bug 1247250 - Enable TLS 1.3 draft 11 anti-downgrade on non-secure fallback. r=keeler
2016-02-12 07:36:37 +09:00
103a609a33
Bug 1243193 - Use Assert.throws() more in PSM tests. r=keeler
2016-02-10 21:40:00 +01:00
686438c658
Bug 1164581 - Adding an overload for NS_ProxyRelease that accepts already_AddRefed, and removing all the others. r=bobbyholley
2016-02-10 08:23:00 +01:00
28c09863cb
bug 1241564 - remove EV treatment for TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı SHA-1 root certificate r=Cykesiopka
...
MozReview-Commit-ID: 9ktEj2kgfYo
2016-02-09 13:30:22 -08:00
5ceb0c8a89
bug 1246765 - remove unnecessary resource://app/ registration from getHSTSPreloadList.js r=Cykesiopka DONTBUILD NPOTB
2016-02-08 12:56:34 -08:00
Wes Kocher
David Keeler
Richard Barnes
Carsten "Tomcat" Book
ffxbld
Cykesiopka
Masatoshi Kimura
Nathan Froyd
Daniel Holbert
Kai Engert
Aniket Vyas
Tim Taubert
Haik Aftandilian
Nihanth Subramanya
Ehsan Akhgari
Ben Kelly
ISHIKAWA, Chiaki
Sebastian Hengst
Aidin Gharibnavaz