mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
697 381 коммит 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

157 Коммитов

Автор SHA1 Сообщение Дата
Wes Kocher 9adc1fecb8 Backed out changeset 3b48e1a81a17 (bug 1038068) for xpcshell orange even after a clobbering IGNORE IDL 
--HG--
extra : amend_source : 086173e953ae46aa2292993601380ab04884b1ac
 2015-04-21 18:21:52 -07:00
Dave Townsend f4b5328e0d Bug 1038068: Check add-on signatures and refuse to install unsigned or broken add-ons (preffed off for now). IGNORE IDL. r=dveditz 
--HG--
extra : rebase_source : a48282c6b3f10391e9492d4f0a89cef8697ea622
extra : amend_source : 17c0645d0577dad789b2d9b4879459327fcef1f7
 2015-03-31 11:32:40 -07:00
Nathan Froyd 5389bbbf54 Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler 
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase.  For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
 2015-02-27 12:50:49 -05:00
Brian Smith b1035c0992 Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler 
--HG--
extra : rebase_source : ea7083439f22cb40d6c97f872ef9866144516745
 2015-04-12 19:57:48 -10:00
Ehsan Akhgari 883849ee32 Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj 
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
 2015-03-21 12:28:04 -04:00
Cykesiopka 171babfad4 Bug 1139177 - RSA public key size checking cleanups. r=keeler 2015-03-05 16:41:00 +01:00
Brian Smith 06b7804e70 Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler 
--HG--
extra : rebase_source : 79efad2c5f60120ff1022547ce7efa628a7acd0f
 2015-02-14 16:59:02 -08:00
Brian Smith a89b90ea7f Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler 
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
 2015-02-07 12:14:31 -08:00
Brian Smith b0f87b9b6c Bug 1122841, Part 2: Centralize checking of public key, r=keeler 
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
 2015-02-02 16:17:08 -08:00
Ehsan Akhgari 5f97b938f2 Bug 1117043 - Mark virtual overridden functions as MOZ_OVERRIDE in security; r=bsmith 2015-01-02 09:02:04 -05:00
Brian Smith f118650ad8 Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj 
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
 2014-12-23 14:51:52 -08:00
Cykesiopka 1c4af4e6a1 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Carsten "Tomcat" Book e5ad1e7db2 Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Cykesiopka 01941f880c Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
Eric Rahm 7fffd05532 Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan 2014-10-08 13:19:14 -07:00
Eric Rahm 8d715a7fe4 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan 2014-10-08 13:17:32 -07:00
Wes Kocher 445e1466e9 Backed out 5 changesets (bug 806819) for WinXP test failures on a CLOSED TREE 
Backed out changeset 009ae35b0c67 (bug 806819)
Backed out changeset 5a57f87f5061 (bug 806819)
Backed out changeset f06cd735b5b3 (bug 806819)
Backed out changeset e25a2a8d4af4 (bug 806819)
Backed out changeset 70a167982c3f (bug 806819)
 2014-10-06 16:32:50 -07:00
Eric Rahm 53a247fb00 Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan 
--HG--
extra : rebase_source : 49a3f57d94fc94702f1604175c4e206091b67197
 2014-10-06 13:11:24 -07:00
Eric Rahm 80d2b8bba6 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan 
--HG--
extra : rebase_source : c96eea1c12ea8c19314393f0e8b4b57a4316a61d
 2014-10-06 13:08:20 -07:00
David Keeler fd860abf57 bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco 2014-09-25 11:18:56 -07:00
Vlatko Markovic 8818f4947f Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb 2014-09-22 07:58:59 -07:00
Robin Thunell 2915e7de92 Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler 2014-09-22 07:58:59 -07:00
Vlatko Markovic e160a6a6da Bug 1059204 - Prepare verification code for reuse. r=rlb 2014-09-19 20:13:47 -07:00
Marco Castelluccio b562d97c7e Bug 1042006 - Replace reviewers-dev certificate. r=fabrice 
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
 2014-08-21 00:12:00 -04:00
Ehsan Akhgari 7257b2f870 Bug 579517 follow-up: Remove NSPR types that crept in 2014-08-08 08:39:07 -04:00
Brian Smith 0ccaf0860c Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler 
--HG--
extra : rebase_source : 2cc39d3c322c1355aad003f2497659a091febac2
 2014-08-02 08:49:12 -07:00
Brian Smith de725ae5ef Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler 
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
 2014-08-01 23:16:21 -07:00
Brian Smith d77dac0580 Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler 
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
 2014-07-31 12:17:31 -07:00
Brian Smith ffe743ee06 Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
 2014-07-18 22:30:51 -07:00
Brian Smith 5f56fc60d6 Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco 
--HG--
extra : rebase_source : d5c07dc29a95ccb75a7a8f199de26d43950b9ed4
 2014-07-20 11:06:26 -07:00
Brian Smith c45dc156d1 Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler 
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
 2014-07-18 11:48:49 -07:00
Marco Castelluccio 3236b9594b Bug 1021345 - Allow apps to be installed from the Marketplace staging server. r=fabrice 2014-07-23 13:20:25 +02:00
Cykesiopka 0289b45f0c Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith 2014-07-15 19:49:00 -04:00
Brian Smith 17375cc8b3 Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : dd8dc1243ea2e37955a15f2481e1c452311e90d8
extra : histedit_source : adc1a2035d41c608d3f0ebe14bba159b2857502d
 2014-07-06 19:36:05 -07:00
Brian Smith c162caba82 Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 94c49062ae3ddf755651f151e2d648543b10e1ad
extra : histedit_source : a7377bf1d9adb62e1c584e2adeb793aa074245fb
 2014-07-10 19:00:32 -07:00
Brian Smith b14f27897b Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco 
--HG--
extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc
 2014-07-10 22:38:59 -07:00
Brian Smith 3f110246be Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
 2014-07-06 15:55:38 -07:00
Brian Smith 783ead1861 Bug 1034636: Remove mozilla::pkix::ScopedCERTCertifciate and mozilla::pkix::ScopedPLArenaPool, r=mmc 
--HG--
extra : rebase_source : 68e6da2f1e1c7fa678ef4cc81d23cc6298709108
extra : histedit_source : feba4c589dbf004ee50e2dea1fca0809f8f97674
 2014-07-03 21:49:56 -07:00
Brian Smith f5ec8594e7 Bug 1033563, Part 3: Change mozilla::pkix::TrustDomain::FindPotentialIssuers API to be iterator-like, r=keeler 
--HG--
extra : rebase_source : e8c734ecb2de2c52dd8909c8b48f4bdb09d0128e
 2014-07-02 16:15:16 -07:00
Brian Smith 89e560be23 Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler 
--HG--
extra : rebase_source : e093922497d005734c590a59f175993a7715bce8
 2014-07-03 16:59:42 -07:00
Harsh Pathak 7c4b2ba847 Bug 643041 - Merge nsIX509Cert2 and nsIX509Cert3 into nsIX509Cert, and merge nsIX509CertDB2 into nsIX509CertDB. r=keeler 
--HG--
extra : rebase_source : 5283c637e45dbee9f741d56cda54fdef1afce16e
 2014-07-03 22:09:24 -07:00
Brian Smith bd8f23ccd6 Bug 1028643: Convert nsISignatureVerifier to use CertVerifier (mozilla::pkix) and move nsISignatureVerifier functionality to nsIDataSignatureVerifier, r=keeler 
--HG--
extra : rebase_source : 14f6f5dedd7145d574ac5b4c86b6ad42b6716ae8
extra : histedit_source : f891fbe80c4ca9fc62849bc2d6d8ffad372a6bf0
 2014-06-22 18:50:22 -07:00
Brian Smith ca4f473450 Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler 
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
 2014-06-20 10:10:51 -07:00
Brian Smith b76e937c55 Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler 
--HG--
extra : rebase_source : e445c913994dc027e1179543d7b6cab2505e734d
 2014-06-19 00:13:20 -07:00
Brian Smith 67bd0799fb Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler 
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
 2014-06-05 15:18:32 -07:00
Brian Smith 279c66a9b8 Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler 
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
 2014-06-03 10:47:25 -07:00
David Keeler 4434286b6b bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith 2014-05-28 15:28:03 -07:00
Marco Castelluccio 51f64d5cbb Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith 2014-05-18 15:42:42 +02:00
Brian Smith 2912321bc5 Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler 
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
 2014-05-15 18:59:52 -07:00
Brian Smith 077fb4cfcf Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler 
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
 2014-05-14 01:02:34 -07:00
Brian Smith 9ae1a34e11 Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
 2014-04-25 16:29:26 -07:00
Camilo Viecco a54a4f05cf Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler 
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
 2014-02-05 14:49:10 -08:00
David Keeler b1405bc489 bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith 
--HG--
rename : security/insanity/include/insanity/ScopedPtr.h => security/pkix/include/pkix/ScopedPtr.h
rename : security/insanity/include/insanity/bind.h => security/pkix/include/pkix/bind.h
rename : security/insanity/include/insanity/nullptr.h => security/pkix/include/pkix/nullptr.h
rename : security/insanity/include/insanity/pkix.h => security/pkix/include/pkix/pkix.h
rename : security/insanity/include/insanity/pkixtypes.h => security/pkix/include/pkix/pkixtypes.h
rename : security/insanity/lib/pkixbind.cpp => security/pkix/lib/pkixbind.cpp
rename : security/insanity/lib/pkixbuild.cpp => security/pkix/lib/pkixbuild.cpp
rename : security/insanity/lib/pkixcheck.cpp => security/pkix/lib/pkixcheck.cpp
rename : security/insanity/lib/pkixcheck.h => security/pkix/lib/pkixcheck.h
rename : security/insanity/lib/pkixder.cpp => security/pkix/lib/pkixder.cpp
rename : security/insanity/lib/pkixder.h => security/pkix/lib/pkixder.h
rename : security/insanity/lib/pkixkey.cpp => security/pkix/lib/pkixkey.cpp
rename : security/insanity/lib/pkixocsp.cpp => security/pkix/lib/pkixocsp.cpp
rename : security/insanity/lib/pkixutil.h => security/pkix/lib/pkixutil.h
rename : security/insanity/moz.build => security/pkix/moz.build
rename : security/insanity/test/lib/moz.build => security/pkix/test/lib/moz.build
rename : security/insanity/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestutil.cpp
rename : security/insanity/test/lib/pkixtestutil.h => security/pkix/test/lib/pkixtestutil.h
 2014-03-20 14:29:21 -07:00
Brian Smith dbb4eb51fe Bug 978528: Return the correct error message when no potential issuers are found during path bulding in insanitY::pkix, r=cviecco 
--HG--
extra : rebase_source : 71f806312ad322bc2971e7efaea2da217b07efad
 2014-03-01 20:55:51 -08:00
Brian Smith 605160af41 Bug 921886: Add certificate policiy support to insanity::pkix, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 6522e2c2f57f59fe23c0ed0c838f1f54236bdafc
 2014-02-24 12:37:45 -08:00
Brian Smith 46ac0ca312 Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 4b54682ca6d97e2ec7709b9a5c93ddea71126f8b
 2014-02-16 17:35:40 -08:00
Brian Smith 2f3036a251 Bug 896620: Make marketplace certs work on in all products, r=keeler 
--HG--
extra : source : 86ec7137a8892f75918c77e605df970f5b96ef62
extra : histedit_source : 33326790804d49e6ec658626116ebf870d94d445
 2014-02-14 14:37:07 -08:00