51a5fe52f3
Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg
2015-05-22 17:05:45 +01:00
a83c753047
bug 1166976 - generate some PSM xpcshell test certificates at build time r=Cykesiopka,mgoodwin,froydnj
2015-05-20 16:35:16 -07:00
5eae5c2c7b
Bug 1166031 - Update NSS to NSS_3_19_1_RTM. a=sledru
...
--HG--
extra : transplant_source : %A7%DD%B5%C6%8C%1C%C1%C1%8C%CBY%E4%AD%87%0Bt%02%A9%B0%13
2015-05-28 14:14:52 -04:00
df91e412ac
Bug 1168007 (part 7) - Use PLDHashTable2 in nsCertTree. r=froydnj.
...
It's possible that Clear() will be called on a table that hasn't had anything
inserted in it, but that's ok.
--HG--
extra : rebase_source : 454a79d9ec0fbf8d82706c12535c5862fe687cba
2015-05-18 21:14:51 -07:00
58ee0c69e5
Bug 1168007 (part 6) - Use PLDHashTable2 in nsSecureBrowserUIImpl. r=froydnj.
...
--HG--
extra : rebase_source : fe8f14d5caf24931bace563518b7541beb838074
2015-05-18 21:02:48 -07:00
563c609fd0
Bug 1168695 - Add result strings to PSM xpcshell HPKP tests. r=keeler
...
--HG--
extra : rebase_source : 75fd17476020a68c60fd5e733c4d7a30fd05b8da
2015-05-28 02:26:00 +02:00
c2bc81fbea
Bug 1167254 - Convert test_bug234856.html mochitest to an xpcshell test. r=keeler
...
--HG--
extra : rebase_source : c8bad9f0d55aa2a037ae508da988a137c5239006
2015-05-28 02:22:00 +02:00
6ddb65f184
Bug 1166323 - Remove IME sequence number. r=masayuki,nchen
2015-05-28 13:51:40 +09:00
20a5506187
Bug 1164714 - Fix unified compilation bustage on Windows. r=me
...
CLOSED TREE
2015-05-27 19:37:09 -07:00
133069acd0
Bug 1164714 - Move netwerk/base/nsISiteSecurityService.idl into security/manager/ssl. r=keeler,mcmanus
...
--HG--
rename : netwerk/base/nsISiteSecurityService.idl => security/manager/ssl/nsISiteSecurityService.idl
2015-05-26 10:31:30 -07:00
a028ea5c2d
Bug 1164714 - Move and flatten security/manager/boot/{public,src}/ into security/manager/ssl/. r=keeler
...
--HG--
rename : security/manager/boot/src/CertBlocklist.cpp => security/manager/ssl/CertBlocklist.cpp
rename : security/manager/boot/src/CertBlocklist.h => security/manager/ssl/CertBlocklist.h
rename : security/manager/boot/src/DataStorage.cpp => security/manager/ssl/DataStorage.cpp
rename : security/manager/boot/src/DataStorage.h => security/manager/ssl/DataStorage.h
rename : security/manager/boot/src/PublicKeyPinningService.cpp => security/manager/ssl/PublicKeyPinningService.cpp
rename : security/manager/boot/src/PublicKeyPinningService.h => security/manager/ssl/PublicKeyPinningService.h
rename : security/manager/boot/src/RootCertificateTelemetryUtils.cpp => security/manager/ssl/RootCertificateTelemetryUtils.cpp
rename : security/manager/boot/src/RootCertificateTelemetryUtils.h => security/manager/ssl/RootCertificateTelemetryUtils.h
rename : security/manager/boot/src/RootHashes.inc => security/manager/ssl/RootHashes.inc
rename : security/manager/boot/src/StaticHPKPins.errors => security/manager/ssl/StaticHPKPins.errors
rename : security/manager/boot/src/StaticHPKPins.h => security/manager/ssl/StaticHPKPins.h
rename : security/manager/boot/src/nsEntropyCollector.cpp => security/manager/ssl/nsEntropyCollector.cpp
rename : security/manager/boot/src/nsEntropyCollector.h => security/manager/ssl/nsEntropyCollector.h
rename : security/manager/boot/public/nsIBufEntropyCollector.idl => security/manager/ssl/nsIBufEntropyCollector.idl
rename : security/manager/boot/public/nsICertBlocklist.idl => security/manager/ssl/nsICertBlocklist.idl
rename : security/manager/boot/public/nsISSLStatusProvider.idl => security/manager/ssl/nsISSLStatusProvider.idl
rename : security/manager/boot/public/nsISecurityUITelemetry.idl => security/manager/ssl/nsISecurityUITelemetry.idl
rename : security/manager/boot/src/nsSTSPreloadList.errors => security/manager/ssl/nsSTSPreloadList.errors
rename : security/manager/boot/src/nsSTSPreloadList.inc => security/manager/ssl/nsSTSPreloadList.inc
rename : security/manager/boot/src/nsSecureBrowserUIImpl.cpp => security/manager/ssl/nsSecureBrowserUIImpl.cpp
rename : security/manager/boot/src/nsSecureBrowserUIImpl.h => security/manager/ssl/nsSecureBrowserUIImpl.h
rename : security/manager/boot/src/nsSecurityHeaderParser.cpp => security/manager/ssl/nsSecurityHeaderParser.cpp
rename : security/manager/boot/src/nsSecurityHeaderParser.h => security/manager/ssl/nsSecurityHeaderParser.h
rename : security/manager/boot/src/nsSiteSecurityService.cpp => security/manager/ssl/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsSiteSecurityService.h => security/manager/ssl/nsSiteSecurityService.h
2015-05-26 10:31:25 -07:00
ae04912e48
Bug 1164714 - Flatten security/manager/ssl/src/ directory. r=keeler
...
--HG--
rename : security/manager/ssl/src/CryptoTask.cpp => security/manager/ssl/CryptoTask.cpp
rename : security/manager/ssl/src/CryptoTask.h => security/manager/ssl/CryptoTask.h
rename : security/manager/ssl/src/CryptoUtil.h => security/manager/ssl/CryptoUtil.h
rename : security/manager/ssl/src/IntolerantFallbackList.inc => security/manager/ssl/IntolerantFallbackList.inc
rename : security/manager/ssl/src/NSSErrorsService.cpp => security/manager/ssl/NSSErrorsService.cpp
rename : security/manager/ssl/src/NSSErrorsService.h => security/manager/ssl/NSSErrorsService.h
rename : security/manager/ssl/src/PPSMContentDownloader.ipdl => security/manager/ssl/PPSMContentDownloader.ipdl
rename : security/manager/ssl/src/PSMContentListener.cpp => security/manager/ssl/PSMContentListener.cpp
rename : security/manager/ssl/src/PSMContentListener.h => security/manager/ssl/PSMContentListener.h
rename : security/manager/ssl/src/PSMRunnable.cpp => security/manager/ssl/PSMRunnable.cpp
rename : security/manager/ssl/src/PSMRunnable.h => security/manager/ssl/PSMRunnable.h
rename : security/manager/ssl/src/PublicSSL.h => security/manager/ssl/PublicSSL.h
rename : security/manager/ssl/src/SSLServerCertVerification.cpp => security/manager/ssl/SSLServerCertVerification.cpp
rename : security/manager/ssl/src/SSLServerCertVerification.h => security/manager/ssl/SSLServerCertVerification.h
rename : security/manager/ssl/src/ScopedNSSTypes.h => security/manager/ssl/ScopedNSSTypes.h
rename : security/manager/ssl/src/SharedCertVerifier.h => security/manager/ssl/SharedCertVerifier.h
rename : security/manager/ssl/src/SharedSSLState.cpp => security/manager/ssl/SharedSSLState.cpp
rename : security/manager/ssl/src/SharedSSLState.h => security/manager/ssl/SharedSSLState.h
rename : security/manager/ssl/src/TransportSecurityInfo.cpp => security/manager/ssl/TransportSecurityInfo.cpp
rename : security/manager/ssl/src/TransportSecurityInfo.h => security/manager/ssl/TransportSecurityInfo.h
rename : security/manager/ssl/src/md4.c => security/manager/ssl/md4.c
rename : security/manager/ssl/src/md4.h => security/manager/ssl/md4.h
rename : security/manager/ssl/src/nsCertOverrideService.cpp => security/manager/ssl/nsCertOverrideService.cpp
rename : security/manager/ssl/src/nsCertOverrideService.h => security/manager/ssl/nsCertOverrideService.h
rename : security/manager/ssl/src/nsCertPicker.cpp => security/manager/ssl/nsCertPicker.cpp
rename : security/manager/ssl/src/nsCertPicker.h => security/manager/ssl/nsCertPicker.h
rename : security/manager/ssl/src/nsCertTree.cpp => security/manager/ssl/nsCertTree.cpp
rename : security/manager/ssl/src/nsCertTree.h => security/manager/ssl/nsCertTree.h
rename : security/manager/ssl/src/nsCertVerificationThread.cpp => security/manager/ssl/nsCertVerificationThread.cpp
rename : security/manager/ssl/src/nsCertVerificationThread.h => security/manager/ssl/nsCertVerificationThread.h
rename : security/manager/ssl/src/nsClientAuthRemember.cpp => security/manager/ssl/nsClientAuthRemember.cpp
rename : security/manager/ssl/src/nsClientAuthRemember.h => security/manager/ssl/nsClientAuthRemember.h
rename : security/manager/ssl/src/nsCrypto.cpp => security/manager/ssl/nsCrypto.cpp
rename : security/manager/ssl/src/nsCrypto.h => security/manager/ssl/nsCrypto.h
rename : security/manager/ssl/src/nsCryptoHash.cpp => security/manager/ssl/nsCryptoHash.cpp
rename : security/manager/ssl/src/nsCryptoHash.h => security/manager/ssl/nsCryptoHash.h
rename : security/manager/ssl/src/nsDataSignatureVerifier.cpp => security/manager/ssl/nsDataSignatureVerifier.cpp
rename : security/manager/ssl/src/nsDataSignatureVerifier.h => security/manager/ssl/nsDataSignatureVerifier.h
rename : security/manager/ssl/src/nsKeyModule.cpp => security/manager/ssl/nsKeyModule.cpp
rename : security/manager/ssl/src/nsKeyModule.h => security/manager/ssl/nsKeyModule.h
rename : security/manager/ssl/src/nsKeygenHandler.cpp => security/manager/ssl/nsKeygenHandler.cpp
rename : security/manager/ssl/src/nsKeygenHandler.h => security/manager/ssl/nsKeygenHandler.h
rename : security/manager/ssl/src/nsKeygenHandlerContent.cpp => security/manager/ssl/nsKeygenHandlerContent.cpp
rename : security/manager/ssl/src/nsKeygenHandlerContent.h => security/manager/ssl/nsKeygenHandlerContent.h
rename : security/manager/ssl/src/nsKeygenThread.cpp => security/manager/ssl/nsKeygenThread.cpp
rename : security/manager/ssl/src/nsKeygenThread.h => security/manager/ssl/nsKeygenThread.h
rename : security/manager/ssl/src/nsNSSASN1Object.cpp => security/manager/ssl/nsNSSASN1Object.cpp
rename : security/manager/ssl/src/nsNSSASN1Object.h => security/manager/ssl/nsNSSASN1Object.h
rename : security/manager/ssl/src/nsNSSCallbacks.cpp => security/manager/ssl/nsNSSCallbacks.cpp
rename : security/manager/ssl/src/nsNSSCallbacks.h => security/manager/ssl/nsNSSCallbacks.h
rename : security/manager/ssl/src/nsNSSCertHelper.cpp => security/manager/ssl/nsNSSCertHelper.cpp
rename : security/manager/ssl/src/nsNSSCertHelper.h => security/manager/ssl/nsNSSCertHelper.h
rename : security/manager/ssl/src/nsNSSCertTrust.cpp => security/manager/ssl/nsNSSCertTrust.cpp
rename : security/manager/ssl/src/nsNSSCertTrust.h => security/manager/ssl/nsNSSCertTrust.h
rename : security/manager/ssl/src/nsNSSCertValidity.cpp => security/manager/ssl/nsNSSCertValidity.cpp
rename : security/manager/ssl/src/nsNSSCertValidity.h => security/manager/ssl/nsNSSCertValidity.h
rename : security/manager/ssl/src/nsNSSCertificate.cpp => security/manager/ssl/nsNSSCertificate.cpp
rename : security/manager/ssl/src/nsNSSCertificate.h => security/manager/ssl/nsNSSCertificate.h
rename : security/manager/ssl/src/nsNSSCertificateDB.cpp => security/manager/ssl/nsNSSCertificateDB.cpp
rename : security/manager/ssl/src/nsNSSCertificateDB.h => security/manager/ssl/nsNSSCertificateDB.h
rename : security/manager/ssl/src/nsNSSCertificateFakeTransport.cpp => security/manager/ssl/nsNSSCertificateFakeTransport.cpp
rename : security/manager/ssl/src/nsNSSCertificateFakeTransport.h => security/manager/ssl/nsNSSCertificateFakeTransport.h
rename : security/manager/ssl/src/nsNSSComponent.cpp => security/manager/ssl/nsNSSComponent.cpp
rename : security/manager/ssl/src/nsNSSComponent.h => security/manager/ssl/nsNSSComponent.h
rename : security/manager/ssl/src/nsNSSErrors.cpp => security/manager/ssl/nsNSSErrors.cpp
rename : security/manager/ssl/src/nsNSSHelper.h => security/manager/ssl/nsNSSHelper.h
rename : security/manager/ssl/src/nsNSSIOLayer.cpp => security/manager/ssl/nsNSSIOLayer.cpp
rename : security/manager/ssl/src/nsNSSIOLayer.h => security/manager/ssl/nsNSSIOLayer.h
rename : security/manager/ssl/src/nsNSSModule.cpp => security/manager/ssl/nsNSSModule.cpp
rename : security/manager/ssl/src/nsNSSShutDown.cpp => security/manager/ssl/nsNSSShutDown.cpp
rename : security/manager/ssl/src/nsNSSShutDown.h => security/manager/ssl/nsNSSShutDown.h
rename : security/manager/ssl/src/nsNSSVersion.cpp => security/manager/ssl/nsNSSVersion.cpp
rename : security/manager/ssl/src/nsNSSVersion.h => security/manager/ssl/nsNSSVersion.h
rename : security/manager/ssl/src/nsNTLMAuthModule.cpp => security/manager/ssl/nsNTLMAuthModule.cpp
rename : security/manager/ssl/src/nsNTLMAuthModule.h => security/manager/ssl/nsNTLMAuthModule.h
rename : security/manager/ssl/src/nsPK11TokenDB.cpp => security/manager/ssl/nsPK11TokenDB.cpp
rename : security/manager/ssl/src/nsPK11TokenDB.h => security/manager/ssl/nsPK11TokenDB.h
rename : security/manager/ssl/src/nsPKCS11Slot.cpp => security/manager/ssl/nsPKCS11Slot.cpp
rename : security/manager/ssl/src/nsPKCS11Slot.h => security/manager/ssl/nsPKCS11Slot.h
rename : security/manager/ssl/src/nsPKCS12Blob.cpp => security/manager/ssl/nsPKCS12Blob.cpp
rename : security/manager/ssl/src/nsPKCS12Blob.h => security/manager/ssl/nsPKCS12Blob.h
rename : security/manager/ssl/src/nsPSMBackgroundThread.cpp => security/manager/ssl/nsPSMBackgroundThread.cpp
rename : security/manager/ssl/src/nsPSMBackgroundThread.h => security/manager/ssl/nsPSMBackgroundThread.h
rename : security/manager/ssl/src/nsProtectedAuthThread.cpp => security/manager/ssl/nsProtectedAuthThread.cpp
rename : security/manager/ssl/src/nsProtectedAuthThread.h => security/manager/ssl/nsProtectedAuthThread.h
rename : security/manager/ssl/src/nsRandomGenerator.cpp => security/manager/ssl/nsRandomGenerator.cpp
rename : security/manager/ssl/src/nsRandomGenerator.h => security/manager/ssl/nsRandomGenerator.h
rename : security/manager/ssl/src/nsSDR.cpp => security/manager/ssl/nsSDR.cpp
rename : security/manager/ssl/src/nsSDR.h => security/manager/ssl/nsSDR.h
rename : security/manager/ssl/src/nsSSLSocketProvider.cpp => security/manager/ssl/nsSSLSocketProvider.cpp
rename : security/manager/ssl/src/nsSSLSocketProvider.h => security/manager/ssl/nsSSLSocketProvider.h
rename : security/manager/ssl/src/nsSSLStatus.cpp => security/manager/ssl/nsSSLStatus.cpp
rename : security/manager/ssl/src/nsSSLStatus.h => security/manager/ssl/nsSSLStatus.h
rename : security/manager/ssl/src/nsSmartCardMonitor.cpp => security/manager/ssl/nsSmartCardMonitor.cpp
rename : security/manager/ssl/src/nsSmartCardMonitor.h => security/manager/ssl/nsSmartCardMonitor.h
rename : security/manager/ssl/src/nsTLSSocketProvider.cpp => security/manager/ssl/nsTLSSocketProvider.cpp
rename : security/manager/ssl/src/nsTLSSocketProvider.h => security/manager/ssl/nsTLSSocketProvider.h
rename : security/manager/ssl/src/nsUsageArrayHelper.cpp => security/manager/ssl/nsUsageArrayHelper.cpp
rename : security/manager/ssl/src/nsUsageArrayHelper.h => security/manager/ssl/nsUsageArrayHelper.h
rename : security/manager/ssl/src/nsVerificationJob.h => security/manager/ssl/nsVerificationJob.h
2015-05-26 10:31:23 -07:00
e02a99f68f
Bug 1164714 - Flatten security/manager/ssl/public/ directory. r=keeler
...
--HG--
rename : security/manager/ssl/public/nsIASN1Object.idl => security/manager/ssl/nsIASN1Object.idl
rename : security/manager/ssl/public/nsIASN1PrintableItem.idl => security/manager/ssl/nsIASN1PrintableItem.idl
rename : security/manager/ssl/public/nsIASN1Sequence.idl => security/manager/ssl/nsIASN1Sequence.idl
rename : security/manager/ssl/public/nsIAssociatedContentSecurity.idl => security/manager/ssl/nsIAssociatedContentSecurity.idl
rename : security/manager/ssl/public/nsIBadCertListener2.idl => security/manager/ssl/nsIBadCertListener2.idl
rename : security/manager/ssl/public/nsICertOverrideService.idl => security/manager/ssl/nsICertOverrideService.idl
rename : security/manager/ssl/public/nsICertPickDialogs.idl => security/manager/ssl/nsICertPickDialogs.idl
rename : security/manager/ssl/public/nsICertTree.idl => security/manager/ssl/nsICertTree.idl
rename : security/manager/ssl/public/nsICertificateDialogs.idl => security/manager/ssl/nsICertificateDialogs.idl
rename : security/manager/ssl/public/nsIClientAuthDialogs.idl => security/manager/ssl/nsIClientAuthDialogs.idl
rename : security/manager/ssl/public/nsIDataSignatureVerifier.idl => security/manager/ssl/nsIDataSignatureVerifier.idl
rename : security/manager/ssl/public/nsIGenKeypairInfoDlg.idl => security/manager/ssl/nsIGenKeypairInfoDlg.idl
rename : security/manager/ssl/public/nsIKeyModule.idl => security/manager/ssl/nsIKeyModule.idl
rename : security/manager/ssl/public/nsIKeygenThread.idl => security/manager/ssl/nsIKeygenThread.idl
rename : security/manager/ssl/public/nsINSSVersion.idl => security/manager/ssl/nsINSSVersion.idl
rename : security/manager/ssl/public/nsIPK11Token.idl => security/manager/ssl/nsIPK11Token.idl
rename : security/manager/ssl/public/nsIPK11TokenDB.idl => security/manager/ssl/nsIPK11TokenDB.idl
rename : security/manager/ssl/public/nsIPKCS11.idl => security/manager/ssl/nsIPKCS11.idl
rename : security/manager/ssl/public/nsIPKCS11Module.idl => security/manager/ssl/nsIPKCS11Module.idl
rename : security/manager/ssl/public/nsIPKCS11ModuleDB.idl => security/manager/ssl/nsIPKCS11ModuleDB.idl
rename : security/manager/ssl/public/nsIPKCS11Slot.idl => security/manager/ssl/nsIPKCS11Slot.idl
rename : security/manager/ssl/public/nsIProtectedAuthThread.idl => security/manager/ssl/nsIProtectedAuthThread.idl
rename : security/manager/ssl/public/nsISSLStatus.idl => security/manager/ssl/nsISSLStatus.idl
rename : security/manager/ssl/public/nsITokenDialogs.idl => security/manager/ssl/nsITokenDialogs.idl
rename : security/manager/ssl/public/nsITokenPasswordDialogs.idl => security/manager/ssl/nsITokenPasswordDialogs.idl
rename : security/manager/ssl/public/nsIUserCertPicker.idl => security/manager/ssl/nsIUserCertPicker.idl
rename : security/manager/ssl/public/nsIX509Cert.idl => security/manager/ssl/nsIX509Cert.idl
rename : security/manager/ssl/public/nsIX509CertDB.idl => security/manager/ssl/nsIX509CertDB.idl
rename : security/manager/ssl/public/nsIX509CertList.idl => security/manager/ssl/nsIX509CertList.idl
rename : security/manager/ssl/public/nsIX509CertValidity.idl => security/manager/ssl/nsIX509CertValidity.idl
2015-05-26 10:30:46 -07:00
ea7750bcb1
Bug 991983 - Define SOURCES as SourcePath. r=gps
2015-05-28 07:34:15 +09:00
b24a26ecdc
Bug 1168048 - Avoid potential null-pointer dereferencing in nsNSSCertificateDB r=keeler
...
--HG--
extra : histedit_source : 63ddf50ccbd79eb320c52aa47959f76a8b247e21
2015-05-27 14:12:26 -07:00
8b1facad54
Bug 1167866 - Add result strings to PSM test_cert* xpcshell tests. r=keeler
...
--HG--
extra : rebase_source : 306e5f3230350fefe1ade0f748f8d593a79f3392
2015-05-23 19:57:32 -07:00
9e5deef0e2
Merge m-i to m-c, a=merge
2015-05-23 13:31:21 -07:00
70743008c3
No bug, Automated HPKP preload list update from host bld-linux64-spot-023 - a=hpkp-update
2015-05-23 03:32:23 -07:00
3cb82ca5b5
No bug, Automated HSTS preload list update from host bld-linux64-spot-023 - a=hsts-update
2015-05-23 03:32:21 -07:00
685504d65d
Bug 958421 - XUL dialog for certificate is security/manager/pki/resouces is unnecessary on Firefox Android. r=snorp
2015-05-22 14:28:04 +09:00
db188ea282
Bug 1160485 - remove implicit conversion from RefPtr<T> to TemporaryRef<T>; r=ehsan
...
Having this implicit conversion means that we can silently do extra
refcounting when it's completely unnecessary. It's also an obstacle to
making RefPtr more nsRefPtr-like, so let's get rid of it.
2015-05-01 09:14:16 -04:00
ab7196486a
Bug 1060112 - Don't treat OCSP responses omitting the requested certificate status as "unknown certificate" responses blocking the connection r=keeler
2015-05-21 13:39:34 -04:00
3925a960aa
Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj
2015-05-21 13:22:04 -07:00
e90de3e5e0
Bug 1166586 (part 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
...
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
--HG--
extra : rebase_source : d8dc450f80ac23b8455141b471cc9ae823e1e384
2015-05-04 22:59:24 -07:00
5edd9ca1e4
Backed out changeset 38ff380719e4 (bug 1166031) for test_WebCrypto_DH.html failures.
2015-05-20 22:05:15 -04:00
2249f71a31
Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt
2015-05-20 21:06:06 -04:00
309d57da39
Bug 1166031 - Update PSM xpcshell small RSA key test to reflect new error. r=Cykesiopka
...
Previously NSS would accept smaller RSA key sizes than PSM would in TLS handshakes. Now that the limit is the same, NSS handles the handshake termination with a different error code before PSM can make its own policy decision.
--HG--
extra : rebase_source : ceb01cc28cb63e9ca52b935ea22d917d79dee1b9
2015-05-21 12:57:03 -07:00
d29d3d14b0
Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt
...
--HG--
extra : rebase_source : bb3c28e7ece399d4e1902e96b052a4c7c69e81af
extra : source : 38ff380719e46767d2eadd47891980e47a473d0f
2015-05-20 21:06:06 -04:00
740177a058
Bug 1166078 - Clean up and add expected result strings to test_hmac.js. r=keeler
...
--HG--
extra : rebase_source : 7d8d3e38e2f706324bb4563f65a4d85b1af8866b
2015-05-18 15:22:54 -07:00
ed468964b8
Bug 1164714 - Flatten security/manager/pki/src/ directory. r=keeler
...
--HG--
rename : security/manager/pki/src/nsASN1Tree.cpp => security/manager/pki/nsASN1Tree.cpp
rename : security/manager/pki/src/nsASN1Tree.h => security/manager/pki/nsASN1Tree.h
rename : security/manager/pki/src/nsNSSDialogHelper.cpp => security/manager/pki/nsNSSDialogHelper.cpp
rename : security/manager/pki/src/nsNSSDialogHelper.h => security/manager/pki/nsNSSDialogHelper.h
rename : security/manager/pki/src/nsNSSDialogs.cpp => security/manager/pki/nsNSSDialogs.cpp
rename : security/manager/pki/src/nsNSSDialogs.h => security/manager/pki/nsNSSDialogs.h
rename : security/manager/pki/src/nsPKIModule.cpp => security/manager/pki/nsPKIModule.cpp
rename : security/manager/pki/src/nsPKIParamBlock.cpp => security/manager/pki/nsPKIParamBlock.cpp
rename : security/manager/pki/src/nsPKIParamBlock.h => security/manager/pki/nsPKIParamBlock.h
2015-05-19 10:47:42 -07:00
b8b7e39d71
Bug 1164714 - Flatten security/manager/pki/public/ directory. r=keeler
...
--HG--
rename : security/manager/pki/public/nsIASN1Tree.idl => security/manager/pki/nsIASN1Tree.idl
rename : security/manager/pki/public/nsIPKIParamBlock.idl => security/manager/pki/nsIPKIParamBlock.idl
2015-05-19 10:47:38 -07:00
4879ae86f4
Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj
2015-05-19 11:15:34 -07:00
44861c2d49
bug 1165911 - do more safety checks when gathering successful TLS connection telemetry r=Cykesiopka
2015-05-18 10:37:38 -07:00
4a930bc0f3
Back out a1f7ae44c7bb (bug 1164373) for causing intermittent test failures.
...
--HG--
extra : rebase_source : ac3d87bc11cf5cff81bc94f72ba01d1f05dfe445
2015-05-18 19:00:54 -07:00
09631fba2e
merge mozilla-inbound to mozilla-central a=merge
2015-05-18 13:43:01 +02:00
c38e008367
Bug 1152842 - Remove legacy Download Manager support from test_bug383369.html. r=paolo
2015-05-11 17:43:15 -07:00
cfe5014bab
Backed out changeset fe10feec1ede because of OCSP test failures
2015-05-16 16:38:34 -04:00
a9f5d9c05c
Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
2015-05-15 16:17:47 -04:00
e67e1e2a38
Merge m-c to m-i
2015-05-16 09:49:14 -07:00
d22fb4c9fd
Merge m-i to m-c, a=merge
2015-05-16 08:50:37 -07:00
d89ecd849b
No bug, Automated HPKP preload list update from host bld-linux64-spot-152 - a=hpkp-update
2015-05-16 03:30:30 -07:00
0c4a5d8d8b
No bug, Automated HSTS preload list update from host bld-linux64-spot-152 - a=hsts-update
2015-05-16 03:30:28 -07:00
cf42e317ab
Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan
2015-05-16 09:07:10 +01:00
eab9ff6d25
Back out all four patches from bug 1161377. r=me.
...
Due to Android startup regressions (bug 1163066) and plugin crashes (bug
1165155).
--HG--
extra : rebase_source : 380f79e67dff4c4eaa2614f286a4d0669666b652
2015-05-14 21:48:43 -07:00
3c714c42eb
Backed out changeset 17cfad44e12b (bug 1155963) for breaking b2g builds
2015-05-14 16:35:18 -07:00
06998bb825
Bug 1162965 - Use /dev/shm instead of /tmp for sandbox chroot if possible. r=kang
2015-05-14 16:19:08 -07:00
ae441fafa2
Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan
2015-05-15 00:00:33 +01:00
cb7ae71daf
Bug 1164409 - Reduce PSM xpcshell script code duplication. r=keeler
2015-05-15 02:28:00 -04:00
4e7fc3055e
bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
2015-04-06 16:10:28 -07:00
424c7b08b9
Bug 1164373 - Remove two static constructors involving PR_NewLogModule(). r=froydnj.
...
--HG--
extra : rebase_source : 089cbc39be20f60ca3c7e07b9f42034f19c4ea29
2015-05-13 18:02:56 -07:00
ba79e01ad2
Bug 1161377 (part 3, attempt 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
...
--HG--
extra : rebase_source : 990907701818b7da2b4e8955c419bb61130e266f
2015-05-12 17:33:26 -07:00
8cac570831
Bug 1149718: Fix wow_helper lib path for VS2015. r=glandium
...
--HG--
extra : rebase_source : 91893548992b2c0929abaa4e81bce60e473247ff
2015-05-12 18:20:28 -04:00
3c315d18c3
bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka
2015-05-07 11:06:07 -07:00
737fac0f14
Bug 1163358 - Add "psm" tag to PSM xpcshell and mochitest manifests. r=dkeeler
...
--HG--
extra : rebase_source : 43570fd1ec37a363df530dac0fd457c1019d194d
2015-05-09 18:21:00 +02:00
fe90037862
Bug 1043692 - Add a DIST_INSTALL variable to moz.build, and replace NO_DIST_INSTALL with it. r=gps
2015-05-12 07:55:21 +09:00
94925de358
Bug 1146874 Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes
2015-05-11 08:24:39 +01:00
0323a0a1b5
Backout c375efe78e07 (bug 1161377 part 3) for (probably) increasing the static constructor count and regressing Fennec start-up time. r=me.
2015-05-10 22:16:18 -07:00
256161c570
Merge m-c to m-c, a=merge
2015-05-09 14:16:58 -07:00
2e46137393
No bug, Automated HPKP preload list update from host bld-linux64-spot-270 - a=hpkp-update
2015-05-09 03:31:59 -07:00
9dfe0d6356
No bug, Automated HSTS preload list update from host bld-linux64-spot-270 - a=hsts-update
2015-05-09 03:31:58 -07:00
e43a05d6d2
Merge fx-team to m-c a=merge
2015-05-08 10:29:41 -07:00
bfb87f34ff
Bug 1162691 - Part 2: Wrap expensive calls in PR_LOG_TEST. r=froydnj
...
Check that logging is enabled before performing potentially expensive
operations.
2015-05-08 14:36:34 -07:00
4eceb82c1f
Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj
...
PR_LOGGING is now always defined, we can remove #ifdefs checking for it.
2015-05-08 14:36:33 -07:00
7b4994dfc8
Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler
...
--HG--
extra : rebase_source : 5728bfc05f8326f5392a787d38bc64ec8dbefe21
extra : source : a02ea85607a2c0989f057053858125fa5046763b
2015-05-05 20:21:00 +02:00
d65b604e3b
Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes
2015-05-06 10:11:56 +01:00
d8275d9234
Back out changeset a02ea85607a2 (bug 1038072) for widespread test failures (at least Linux, Android, and Mulet), on a CLOSED TREE.
2015-05-06 09:58:55 +02:00
a956162b00
Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler
...
--HG--
extra : rebase_source : 3afa62b566718cfbfaaf53765d385187388e83e5
2015-05-05 20:21:00 +02:00
17348fdef0
Bug 1161377 (part 3) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
...
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
2015-05-04 22:59:24 -07:00
cb581e0eff
Bug 1128607 - Test the freshness check for OneCRL (r=keeler)
2015-05-07 18:54:07 +01:00
f82bee04e1
Bug 1128607 - Add freshness check for OneCRL (r=keeler)
2015-05-07 18:54:05 +01:00
6c728ddf43
bug 1153212 - 2/2 Necko explicitly track origin vs routed host and give psm only origin r=dkeeler r=hurley IGNORE IDL
...
Allow necko to simultaneously track the dual concept of routed host
and origin (authenticated host). The origin is given to the socket
provider and the routed host is inserted at DNS lookup time as if it
were a SRV or CNAME.
--HG--
extra : rebase_source : f9cc87b92084025443bc0374b1dd994f01662ebb
2015-04-09 11:31:59 -04:00
6a940b1edd
bug 1153212 - 1/2 revert 90d6a38931fa to make room for better fix r=backout
...
--HG--
extra : rebase_source : a812bd796d4aa9df8e51c32a014663c025f3e0a6
2015-05-07 13:16:26 -04:00
c0e295b256
Bug 1144055, Upgrade Firefox to use NSS 3.19, landing NSS_3_19_RTM
2015-05-04 21:34:38 +02:00
f7b3a781d8
Bug 1153446 - Replace instances of double spacing with single spacing in nsserrors.properties. r=dkeeler
2015-05-01 02:40:00 +02:00
0dc457eba2
Merge m-i to m-c, a=merge
2015-05-02 10:02:17 -07:00
ba8964f0c6
No bug, Automated HPKP preload list update from host bld-linux64-spot-137 - a=hpkp-update
2015-05-02 03:30:49 -07:00
aaf9d7d061
No bug, Automated HSTS preload list update from host bld-linux64-spot-137 - a=hsts-update
2015-05-02 03:30:48 -07:00
924c9eb636
Bug 1134923 - Remove NS_Alloc/NS_Realloc/NS_Free. r=nfroyd
...
They are kept around for the sake of the standalone glue, which is used
for e.g. webapprt, which doesn't have direct access to jemalloc, and thus
still needs a wrapper to go through the xpcom function list and get to
jemalloc from there.
2015-05-01 09:40:30 +09:00
c8ff2d51c8
Bug 1159972 - Remove the fallible version of PL_DHashTableInit(). r=froydnj.
...
It's no longer needed now that entry storage isn't allocated there. (The other
possible causes of failures in that function are less interesting and simply
crashing is a reasonable thing to do for them.)
This also makes PL_DNewHashTable() infallible, so I removed some
now-unnecessary checks of its result.
--HG--
extra : rebase_source : 4c6ab0c449bc18e8bace8bf036b5bd78d3a2f1c4
2015-04-29 16:38:29 -07:00
2343aee19b
Bug 1150515: Set the subsystem to WINDOWS,5.02 for wow_helper so that it runs on WinXP 64-bit. r=glandium
2015-04-30 09:48:03 +01:00
8beb5af44d
Bug 1145844 - Update fallback whitelist. r=keeler
2015-04-29 13:48:53 +09:00
ca3e5326e2
Bug 734229 - Partially address by refusing to re-negotiate on NTLM. r=mayhemer, r=keeler
...
Now only one NTLM Negotiate packet will be sent per connection, rather
than again after a failed authentication. The problem situation is
triggered due to failed Negotiate authentication, and is probably more
complex.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
--HG--
extra : rebase_source : dc2bac8a3b7dab5e774dcfb9ce33b73c7233d686
2014-11-28 11:34:06 +13:00
ebde6b9f4f
Bug 1157835: Remove the MSVC_ENABLE_PGO flag from the build system. r=glandium
...
--HG--
extra : rebase_source : 0c47c99bb8b92f8361a51fd81b20a2cc8647a986
2015-04-27 19:59:27 -04:00
596e5f9960
merge fx-team to mozilla-central a=merge
2015-04-27 12:34:03 +02:00
107708af7c
merge mozilla-inbound to mozilla-central a=merge
2015-04-27 12:00:14 +02:00
2ecabecaa7
No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update
2015-04-25 03:32:33 -07:00
d0e7b73b16
No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update
2015-04-25 03:32:31 -07:00
89c80effa2
Bug 1154184 - Don't use Linux sandbox gtest dir if not building tests. r=gps
2015-04-24 17:36:08 -07:00
7b5d12ad46
Bug 1038068: Check add-on signatures and refuse to install unsigned or broken add-ons (preffed off for now). r=dveditz
...
--HG--
extra : source : 3b48e1a81a170634dce964cd462c752d09680805
2015-03-31 11:32:40 -07:00
cdf101ec43
merge mozilla-inbound to mozilla-central a=merge
2015-04-24 14:37:13 +02:00
ee333796b2
Bug 1121982 - Update PSM to use NSS name constraints
2015-04-23 20:26:29 -04:00
471d07992f
Bug 1144600 - Don't crash when submitting <keygen> on b2g r=dkeeler
2015-04-23 13:35:49 -07:00
24f35dfe49
Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
...
--HG--
extra : rebase_source : 11fb8b1c1a3044b82668136f4cfec4c758d9270c
2015-04-22 12:55:23 -07:00
acb448f5f9
Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald
2015-04-22 14:56:09 -05:00
a4f79b207d
bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes
...
Also remove certificates where notBefore is on or after 1 April 2015.
2015-04-21 16:07:33 -07:00
0343243a12
Bug 1124076 followup - fix the build when PR_LOGGING is not defined. r=mrbkap
2015-04-23 13:24:57 -07:00
6c532d910b
bug 1081128 - test_pinning.js takes ~300 seconds on b2g debug emulator - request a longer timeout for it r=Cykesiopka
...
--HG--
extra : amend_source : 9ba64939a0f277c9407f47731186cfea4da64774
2015-04-22 11:06:36 -07:00
9470ab9873
Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, r=nss-confcall
2015-04-23 21:16:20 +02:00
17b87281f2
Bug 1147212 - Add support for goog-unwanted-shavar. r=gcp,r=matej,r=smaug
...
--HG--
rename : toolkit/components/url-classifier/tests/mochitest/evilWorker.js => toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js
extra : rebase_source : efe09564160fb2fcb1adb5f6599183f053268c40
2015-04-22 21:01:37 +12:00
ed2915b75f
Backed out changeset 7f3cf84c11a9 (bug 1124076) for bustage on a CLOSED TREE
2015-04-22 13:44:23 +02:00
3a94be560c
Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
...
--HG--
extra : rebase_source : 00240091ae66180390a76a9613a4215cf591401d
2015-04-21 14:56:00 +02:00
399276d5fc
Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel
...
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
2015-04-21 21:40:49 -04:00
ec1aede15a
Bug 1150765 - Add sandbox rules to allow hardware rendering of OpenGL on Mac. r=smichaud
...
--HG--
extra : rebase_source : 1fa38a01840f24b63f27254d434c9e0bc3382309
2015-04-21 11:17:16 +02:00
04795f03be
bug 1153212 - Alt-Svc Fixes r=dkeeler r=hurley
2015-04-13 17:11:59 -04:00
803079473a
Bug 1144055, Upgrade Firefox 39 to use NSS 3.19, NSS_3_19_BETA4 to pick up bug 1155279
2015-04-20 21:46:19 +02:00
7d4e804ec6
Merge m-i to m-c, a=merge
2015-04-18 16:36:32 -07:00
a178fd47b7
No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update
2015-04-18 03:29:47 -07:00
aa4085d52f
No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update
2015-04-18 03:29:45 -07:00
e69f0f4b4b
bug 1150114 - allow PrintableString to match UTF8String in name constraints checking r=briansmith
2015-04-08 16:17:39 -07:00
c2568b80a0
Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall
2015-04-17 13:49:43 +02:00
af1ece91c4
Bug 1153248, re-enable a bunch of tests that now work with e10s, r=billm
2015-04-16 15:38:12 -04:00
5ff51a7744
bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes
2015-04-07 17:29:05 -07:00
d15620fcea
Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA3, r=nss-confcall
2015-04-17 18:43:30 +02:00
81764496cd
bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past
2015-03-25 11:04:49 -07:00
95bd8011e6
Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler
...
--HG--
extra : rebase_source : caf903d29b0adc22fcc7e87e4fa0019cfa48007e
2015-04-14 05:33:03 -10:00
f124561818
Bug 1154399 - Part 3: Simplify OptionalExtensions. r=keeler
...
We used to avoid using Nested and NestedOf because they were based on
bind and it was difficult to maintain our std::bind polyfill. Now that
we use lambdas, it is easy to use Nested and NestedOf, so we should do
so wherever it makes the code clearer.
--HG--
extra : rebase_source : 1157d16320b3b211e3ce612b75782e8bd9c55f30
2015-04-14 05:32:46 -10:00
d09798e9f5
Bug 1154399 - Part 2: Simplify and un-inline OptionalVersion. r=keeler
...
Also fixes the wrong comment. The syntax for version in OCSP and X.509
certs is identical.
--HG--
extra : rebase_source : 744a2998ce8c55a61fbbc1966bc22e4903fa2484
2015-04-14 05:32:29 -10:00
0cac719ba9
Bug 1154399 - Part 1: De-templatize and un-inline IntegralValue. r=keeler
...
--HG--
extra : rebase_source : 899eaed19b13edc9c257f0ab212d447bb54e607d
2015-04-14 05:06:41 -10:00
5389bbbf54
Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler
...
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase. For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
2015-02-27 12:50:49 -05:00
67e9dfaaf8
Bug 1153114 - Remove anonymous namespace around pkix gtests. r=bsmith
...
This avoids -Wunused-variable fatal warnings with GCC 5.0
2015-04-15 09:21:23 +09:00
c755113bc5
Bug 1153090 followup - consistently use sizeof(hash) r=dkeeler
2015-04-14 22:19:18 +02:00
88aa8d67cc
Bug 1153090 - Unaligned access in cert block list (r=keeler)
2015-04-14 21:19:52 +02:00
5ab8ccdeac
Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith
2015-04-14 14:30:09 +02:00
566d65be48
Bug 1153738: Make ScopedPtr a minimal proper subset of std::unique_ptr, r=keeler
...
Remove all features of ScopedPtr that aren't in std::unique_ptr, and
remove all currently-unused features of ScopedPtr. In particular,
replace |operator=(T*)| with |reset(T* p = nullptr)| and make
|operator bool| explicit.
--HG--
rename : security/pkix/include/pkix/ScopedPtr.h => security/pkix/lib/ScopedPtr.h
extra : rebase_source : 206bfb32aa5a04a4719f28b4aca59fe2f0abbec3
2015-04-13 00:28:11 -10:00
b1035c0992
Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
...
--HG--
extra : rebase_source : ea7083439f22cb40d6c97f872ef9866144516745
2015-04-12 19:57:48 -10:00
ede9c4f220
merge mozilla-inbound to mozilla-central a=merge
2015-04-13 12:00:00 +02:00
bd0890186b
No bug, Automated HPKP preload list update from host bld-linux64-spot-009 - a=hpkp-update
2015-04-11 03:29:55 -07:00
83c81d6e76
No bug, Automated HSTS preload list update from host bld-linux64-spot-009 - a=hsts-update
2015-04-11 03:29:53 -07:00
ba1cc023b7
Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang
...
This needs more unit tests for the various pieces of what's going on
here (LinuxCapabilities, SandboxChroot, UnshareUserNamespace()) but
that's nontrivial due to needing a single-threaded process -- and
currently they can't be run on Mozilla's CI anyway due to needing user
namespaces, and local testing can just try using GMP and manually
inspecting the child process. So that will be a followup.
2015-04-10 18:05:19 -07:00
6bf3d102d8
Bug 1151607 - Step 1.5: Avoid unlikely false positives in Linux SandboxInfo feature detection. r=kang
...
Using the equivalent of release assertions in the patch after this one
is easier to justify if I can't come up with vaguely legitimate reasons
why they might fail; this detects the ones I thought of.
2015-04-10 18:05:19 -07:00
32cb9ee32d
Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent
...
This means that B2G plugin-container must (dynamically) link against
libmozsandbox in order to call into it before initializing Binder.
(Desktop Linux plugin-container already contains the sandbox code.)
2015-04-10 18:05:19 -07:00
cf24e12150
Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang
2015-04-10 18:05:19 -07:00
2c5369d16e
Bug 1132689 - Feb 2015 batch of EV root CA Changes. r=keeler
...
--HG--
extra : rebase_source : 43a28d1b97c569280979c8a2d95494e4d2f9a67c
extra : amend_source : 056721a65cc7d0738d9ab2a92071f8f7eaf48262
2015-03-30 08:57:00 +02:00
01409dbd35
bug 1147085 - remove nsINSSCertCache (replace it with nsIX509CertDB.getCerts()) r=Cykesiopka
2015-04-03 14:01:05 -07:00
bdc70031c6
Bug 1152895 - remove dead code in nsSSLIOLayerSetOptions r=dkeeler
2015-04-09 13:40:04 -04:00
3487ae0262
Bug 1147725 - Disable test_ocsp_fetch_method.js and test_ocsp_url.js on slow B2G Emulator debug builds. r=keeler
...
--HG--
extra : rebase_source : 87d4b8284b33498a50542d49b956db84cdae1b62
2015-04-06 14:05:00 +02:00
077c2e64f4
Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm
2015-04-05 14:01:38 +01:00
fa3a91e936
Merge m-i to m-c, a=merge
2015-04-04 09:59:17 -07:00
3a6df834e2
No bug, Automated HPKP preload list update from host bld-linux64-spot-220 - a=hpkp-update
2015-04-04 03:27:46 -07:00
81b8c93237
No bug, Automated HSTS preload list update from host bld-linux64-spot-220 - a=hsts-update
2015-04-04 03:27:44 -07:00
33228918ed
Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld
2015-04-03 11:51:41 -05:00
c2f2ce39ec
Bug 1149805 - Switch head_psm.js to Assert.jsm methods and add expected result strings. r=keeler
2015-04-02 05:50:00 -04:00
6680672cfb
Bug 488480 - Correct documentation about the function hasMatchingOverride() in nsICertOverrideService.idl. Original patch by Johnathan Nightingale. r=keeler
...
IGNORE IDL
--HG--
extra : rebase_source : 3e2f7be6a165caf413726d13c9ccee26abbd2925
2015-04-02 05:45:00 -04:00
4c7234747e
Bug 1143651 - don't use CallQueryInterface when the compiler can do the cast for us; r=ehsan
2015-03-12 13:20:29 -04:00
7eb3221db7
Bug 1147726: Disable test_keysize_ev.js on slow B2G Emulator debug builds. r=dkeeler
2015-03-31 11:53:00 +02:00
a0437d5b8f
Bug 1146057: Remove support for GCC 4.6, r=keeler
...
Since Gecko now requires GCC 4.7 or later, we no longer need to
work around the lack of support for "override" and "final" in
earlier versions of GCC.
--HG--
extra : rebase_source : 0f104f16be9e7c1ff87bbdd0d4ba6700b1081fb8
2015-03-30 20:18:46 -10:00
e4f543bb58
Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce
2015-04-01 09:40:35 +01:00
eef3ca5f6e
Bug 1119878 Part 1: Change SandboxTarget to hold sandbox target services to provide functions. r=aklotz, r=glandium, r=cpearce
2015-04-01 09:40:35 +01:00
b077d9624d
Bug 1134920 - Use moz_xmalloc/moz_xrealloc/free instead of nsMemory::Alloc/Realloc/Free. r=nfroyd
2015-04-01 13:51:45 +09:00
d7b3e00bed
Bug 1138848 - Tests for modified OneCRL (r=keeler, unfocused)
...
* * *
* * *
give blocklist debug info to NSPR_LOG
2015-03-31 15:10:19 -07:00
1b0d6fb879
Bug 1138848 - Modify OneCRL blocklist for subject / public key blocking (r=keeler, unfocused)
2015-03-31 15:10:09 -07:00
5a690c59fa
bug 844351 - remove nsISSLErrorListener r=cykesiopka
...
--HG--
extra : amend_source : e2adec756356509f0a4601bbeabf7ba7c8d15a8e
2015-03-24 16:00:10 -07:00
ee04a8b86a
Bug 1147247 - Use PRErrorCodeSuccess constant instead of literal 0 to represent success in PSM xpcshell tests. r=dkeeler
...
--HG--
extra : rebase_source : 75a144cbf0e166f92884275fb6c511c98d7e61bd
2015-03-27 23:16:00 +01:00
bb6cbdf02b
Bug 667471 - Pretty print names of ECDSA with SHA-2 algorithms in Certificate Viewer. r=dkeeler
...
--HG--
extra : rebase_source : eb961cbdf8fe1ccf74642d86c03ee6c41c30f2d4
2015-03-27 23:13:00 +01:00
c39e359c7d
Bug 1138293 - Use malloc/free/realloc/calloc instead of moz_malloc/moz_free/moz_realloc/moz_calloc. r=njn
...
The distinction between moz_malloc/moz_free and malloc/free is not
interesting. We are inconsistent in our use of one or the other, and
I wouldn't be surprised if we are mixing them anyways.
2015-03-31 12:32:49 +09:00
36b7acc82a
Bug 1136278, Part 2: Refactor test SubjectPublicKeyInfo generation, r=keeler
...
--HG--
extra : rebase_source : 7bb0327749fd013ba5de17483d21a9e9f21eb07a
extra : source : 9f3617a5b85a8a2ae9a82c0f0584b413a9b635b4
2015-02-26 13:10:13 -08:00
3ab08d7fdb
Bug 1136278, Part 1: Refactor algorithm identifiers in tests, r=keeler
...
This will make it easier to expand the tests to additional
signature algorithms and additional public key types.
--HG--
extra : rebase_source : 256923fff83d58732b6c995a4096b773fdbb28c1
2015-02-26 16:11:41 -08:00
2f48802ae0
Bug 1147572 - Remove implementation language field from DOM class info. r=jst
2015-03-30 10:45:39 -07:00
c6676519f2
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, florian, billm, jesup
2015-03-03 09:51:05 -05:00
46dfeaba0b
Bug 1148070 - Change nsIClassInfo::getHelperForLanguage() to getScriptableHelper(). r=bholley
2015-03-29 07:52:54 -07:00
2b3486247c
Backed out 6 changesets (bug 1046245) on a CLOSED TREE
2015-03-29 01:42:32 -04:00
cdd0b089a5
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
24b4f38005
Back out 6 changesets (bug 1046245) for thinking that MSVC would have anything to do with a __PRETTY_FUNCTION__
...
CLOSED TREE
Backed out changeset 9e3ecca831d8 (bug 1046245)
Backed out changeset 87dc145f4da8 (bug 1046245)
Backed out changeset 01606cf19a77 (bug 1046245)
Backed out changeset 2ed2b15fe940 (bug 1046245)
Backed out changeset 2b99b193828a (bug 1046245)
Backed out changeset d1ac67faccbb (bug 1046245)
2015-03-28 19:57:17 -07:00
222e93c87c
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
003e8f5278
Backed out 6 changesets (bug 1046245) for bustage on a CLOSED TREE.
...
Backed out changeset 222c2f9e3bc9 (bug 1046245)
Backed out changeset 4251eef464a2 (bug 1046245)
Backed out changeset 592f4cc23197 (bug 1046245)
Backed out changeset 5bfb9a1c0550 (bug 1046245)
Backed out changeset e966a5df87b6 (bug 1046245)
Backed out changeset 609f3ca64004 (bug 1046245)
2015-03-28 16:24:25 -04:00
59e13faed0
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
e44926f4c1
Merge m-i to m-c, a=merge
2015-03-28 11:44:16 -07:00
ad47b2b11c
No bug, Automated HPKP preload list update from host bld-linux64-spot-1005 - a=hpkp-update
2015-03-28 03:27:37 -07:00
7ffd3e55ce
No bug, Automated HSTS preload list update from host bld-linux64-spot-1005 - a=hsts-update
2015-03-28 03:27:36 -07:00
e6f385fb3d
Bug 1148527 - Indentation fix after bug 1145631, r=ehsan
2015-03-27 18:52:19 +00:00
e2f12bfec6
Bug 1144055 - Upgrade Firefox 39 to use NSS 3.18.1, land NSS_3_18_1_BETA1, r=nss-confcall
2015-03-26 20:39:25 +01:00
0ca524deb8
Bug 947079 - Hack to prevent getting a mixed content icon on a fully secure page. r=keeler
2015-03-26 11:54:53 -07:00
e7768682a2
Bug 1147446: Chromium patch to fix memory leak in Windows sandbox sharedmem_ipc_server.cc. r=aklotz
2015-03-26 08:06:04 +00:00
b44239d022
Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler relanding on a CLOSED TREE
2015-03-25 17:29:05 -07:00
9b0a211a65
Backed out changeset 3a38c3d97f44 (bug 996872) on the theory that it somehow broke lots of tests, forcing a prolonged CLOSED TREE
2015-03-25 14:40:44 -07:00
958425a841
Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler
2015-03-25 11:40:46 -07:00
8794504c9f
Merge m-c to inbound a=merge CLOSED TREE
2015-03-23 16:51:22 -07:00
fb38caf19c
Bug 1146192 - Whitelist sched_yield syscall in GMP sandbox on Linux DONTBUILD CLOSED TREE - r=jld
2015-03-24 10:56:49 +13:00
75fa281404
Bug 1146192 - Backed out changeset d2918bcf0d90 for missing bug number - r=me
2015-03-24 10:53:10 +13:00
1d7005b2a5
Bug 1144514 - Whitelist pread64 in content seccomp-bpf policy. r=kang
...
--HG--
extra : histedit_source : b16050ba3308df92df608cc6fc09069d21df6deb
2015-03-19 11:57:00 -04:00
fc8b8ab2ac
Merge m-c to m-i
2015-03-21 12:50:09 -07:00
09f1e96e74
Merge m-i to m-c, a=merge
2015-03-21 12:31:07 -07:00
21922001d8
No bug, Automated HPKP preload list update from host bld-linux64-spot-1002 - a=hpkp-update
2015-03-21 03:30:42 -07:00
9d9da119ca
No bug, Automated HSTS preload list update from host bld-linux64-spot-1002 - a=hsts-update
2015-03-21 03:30:40 -07:00
883849ee32
Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
...
This patch was automatically generated using the following script:
function convert() {
echo "Converting $1 to $2..."
find . \
! -wholename "*/.git*" \
! -wholename "obj-ff-dbg*" \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.c" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert MOZ_OVERRIDE override
convert MOZ_FINAL final
2015-03-21 12:28:04 -04:00
3b412c43dd
Bug 1XXXXXX - Whitelist sched_yield syscall in GMP sandbox on Linux - r=jld
2015-03-24 09:55:36 +13:00
2cf7194567
bug 1143085 - allow subject alternative name extensions to be empty for compatibility r=briansmith a=kwierso
...
--HG--
extra : amend_source : 89b8233b57049a3d2886aa08cd85c57e6faa693e
2015-03-16 14:00:33 -07:00
09d9f7bb4a
Bug 1144580 - Whitelist pselect6 in content seccomp-bpf policy. r=kang
2015-03-18 15:30:00 +01:00
3a321cb760
Bug 1133187 - Update fallback whitelist. r=keeler
2015-03-18 15:36:00 +01:00
f6d18ff6da
Bug 1141906 - Adjust some assertions in Linux sandbox feature detection. r=kang
...
See bug, and comment at top of SandboxInfo.cpp, for rationale.
Bonus fix: reword comment about nested namespace limit; the exact limit
is 33 (not counting the root) but doesn't particularly matter.
2015-03-17 22:50:00 +01:00
ae28024d8c
Bug 1131227 - Make the about:certerror Unknown Issuer string mention missing intermediates and unimported roots. r=keeler
2015-03-17 14:33:00 +01:00
35c856f796
Bug 1143082 - Fix a message in the mixed content UI. r=dolske
2015-03-17 20:34:58 +09:00
d56d610ecf
Bug 1141885 - Make readlink() fail instead of allowing it, for B2G content processes. r=kang
...
--HG--
extra : rebase_source : c9ceababcd741979058361e96161d575a70bd39f
2015-03-13 13:47:56 -07:00
66ca086aa3
Bug 1083344 - Tighten rules for Mac OS content process sandbox on 10.9 and 10.10. r=smichaud
...
Allow read to whole filesystem until chrome:// and file:// URLs are brokered through another process.
Except $HOME/Library in which we allow only access to profile add-ons subdir.
Add level 2, which allows read only from $HOME and /tmp (while still restricting $HOME/Library.
Change default back to 1.
2015-03-12 17:42:50 +01:00
d9bfa275b9
No bug, Automated HPKP preload list update from host bld-linux64-spot-532 - a=hpkp-update
2015-03-14 03:26:00 -07:00
3d091a2a8c
No bug, Automated HSTS preload list update from host bld-linux64-spot-532 - a=hsts-update
2015-03-14 03:25:58 -07:00
b252a27930
Bug 1142503 - don't use QueryInterface when the compiler can do the cast for us; r=ehsan
...
Calling QueryInterface with a statically known IID should typically not
be necessary. In those cases where it's not, the compiler can do the
cast for us, though we have to supply the reference-counting that
QueryInterface would do.
In passing, several redundant null-checks for the result of |new T| have
been deleted.
2015-03-12 09:43:50 -04:00
99b4a73239
Bug 1142263 - Specify all syscall parameters when doing CLONE_NEWUSER detection; f=bwc r=kang
2015-03-13 13:01:28 +01:00
2d14f8d244
Bug 906996 - Remove unlink from B2G content process syscall whitelist. r=kang
2015-03-11 12:39:00 +01:00
12b79456cc
bug 1102443 - fix leak in key pinning logging by removing an unnecessary function call r=cykesiopka
...
Also took the opportunity to fix the logging message, since it didn't accurately
describe the information that was being printed.
--HG--
extra : amend_source : 40a0c2ba9c07757e5895a822ce3bb8b197674554
2015-03-12 14:31:26 -07:00
d1c61bc9b6
Bug 1116187 - Disable failing mochitest-chrome tests for B2G, r=gbrown
2015-02-06 16:30:37 -08:00
6978e35bf5
bug 1138332 - re-allow overrides for certificates signed by non-CA certificates r=mmc
...
--HG--
extra : amend_source : 92a2dcf71daa6b31be0dcae628a13b13b0fc443a
2015-03-11 11:11:22 -07:00
5814296e8c
Bug 1141815 - Remove nsIDOMCryptoDialogs interface and associated implementation; r=keeler
2015-03-12 10:24:05 +01:00
0bf38c806e
bug 1138716 - update PSM data structures that depend on root CA changes r=mmc
2015-03-23 10:36:55 -07:00
f7aa208f07
Bug 1137470, remove the documentation patch file, because it's no longer reverted locally, DONTBUILD
2015-03-20 13:38:13 +01:00
b58c1a369b
Bug 1137470, Upgrade Firefox 38 to use NSS 3.18, land NSS_3_18_RTM, r=nss-confcall
2015-03-20 13:32:58 +01:00
2aa9e4036e
Bug 1121117 - Add fuzz time to workaround non-monotonicity of Date(). r=keeler
...
--HG--
extra : rebase_source : 464d1e1bf8cb4624f4fda39d3ea6a55430073c6f
2015-03-19 19:57:00 +01:00
f2a63bbdff
Bug 1145432: Add the policy for the client side of the crash server pipe to the GMP Windows sandbox. r=aklotz
2015-03-20 07:53:37 +00:00
0e3211475f
Bug 1140767 - Build more files in security/manager in unified mode; r=dkeeler
2015-03-10 22:52:22 -04:00
4fecdb4ceb
Bug 1141169: Add moz.build BUG_COMPONENT metadata for security/sandbox/ r=jld
2015-03-10 08:03:12 +00:00
b08af57c17
Bug 1137166: Change the Content moreStrict sandbox pref to an integer to indicate the level of sandboxing. r=tabraldes
2015-03-10 08:03:12 +00:00
364038011c
Bug 868814 - Fold mozalloc library into mozglue. r=njn
...
--HG--
rename : memory/mozalloc/moz.build => memory/mozalloc/staticruntime/moz.build
2015-03-10 10:01:52 +09:00
83b1b594b5
Bug 1106470 - Drop SSLv3 support entirely from PSM. r=keeler
2015-03-10 01:22:59 +09:00
19355a43d5
Bug 1137007 - Detect namespace and SECCOMP_FILTER_FLAG_TSYNC support in SandboxInfo. r=kang, r=Unfocused
...
Currently, only user namespace support is detected. This is targeted at
desktop, where (1) user namespace creation is effectively a prerequisite
for unsharing any other namespace, and (2) any kernel with user
namespace support almost certainly has all the others.
Bonus fix: remove extra copy of sandbox flag key names in about:support;
if JS property iteration order ever ceases to follow creation order, the
table rows could be permuted, but this doesn't really matter.
2015-03-06 13:59:00 -05:00
cc58dd5d1a
Bug 1136616 - Allow underscores in reference DNS-IDs in mozilla::pkix name matching. r=briansmith
2015-03-03 13:34:45 -08:00
8f5c1764fb
Merge m-c to m-i
2015-03-07 19:39:49 -08:00
ecf64b97b2
Merge m-i to m-c, a=merge
2015-03-07 19:11:54 -08:00
b74611a261
No bug, Automated HPKP preload list update from host bld-linux64-spot-157 - a=hpkp-update
2015-03-07 03:27:15 -08:00
1ec58518aa
No bug, Automated HSTS preload list update from host bld-linux64-spot-157 - a=hsts-update
2015-03-07 03:27:13 -08:00
44fb9d4eff
bug 1129771 - disable IPv6 in PSM xpcshell TLS connection tests due to failures on OS X 10.10 r=cykesiopka a=ryanvm on a CLOSED TREE
...
In the process of investigating the intermittent failures listed in
bug 1129771, I discovered that the code would frequently get stuck connecting
to [::1] (where no server was listening) and wouldn't fall back to trying
127.0.0.1 (where the test server was listening). This change prevents the code
attempting to connect to [::1]. There probably is an underlying bug here, but
it appears to be in OS X itself and I have neither the time nor expertise to
investigate further.
--HG--
extra : amend_source : 57b6a28858685d7ca3b6b0c7cbc7ed193280ca7c
2015-03-04 13:41:11 -08:00
171babfad4
Bug 1139177 - RSA public key size checking cleanups. r=keeler
2015-03-05 16:41:00 +01:00
01e2b0e158
Bug 1140111 - Whitelist readlinkat along with readlink. r=kang
2015-03-07 10:44:23 -05:00
fc884b360e
Bug 1137470, landing NSS_3_18_RC0 minus bug 1132496, r=nss-confcall
2015-03-07 14:49:00 +01:00
cdb738f18d
bug 1137538 - remove nsIIdentityInfo and nsNSSSocketInfo::GetPreviousCert r=mayhemer
2015-02-27 11:33:36 -08:00
3e7620bf97
Bug 1138882 - Add a pref to enable unrestricted RC4 fallback. r=keeler
2015-03-05 22:51:31 +09:00
fa79ef2aea
Bug 1121117 - Add some logging to test_ocsp_timeout.js to ease debugging. r=dkeeler
2015-03-03 14:25:00 +01:00
0de76a4c17
Merge b2g-inbound to m-c a=merge CLOSED TREE
2015-03-03 17:02:21 -08:00
6cb15b84a0
Bug 1012549 - 0004. Support read private key in keystore. r=dkeeler r=qdot
2015-02-28 21:54:24 +08:00
3b4360319c
bug 1085506 - gather telemetry for TLS handshake certificate verification errors r=rbarnes
2015-02-27 11:14:29 -08:00
f4a1822554
Bug 1130757 - tests for bug 1130757. r=dkeeler
...
--HG--
extra : rebase_source : 7b047f5bddf3544ca82d3b8875925acdbdb02ea5
2015-03-02 08:19:00 +01:00
3133a37202
Bug 1130757 - Move OneCRL check to NSSCertDBTrustDomain::GetCertTrust. r=dkeeler
...
--HG--
extra : rebase_source : ce8cff0735865c00f33102b82c31af35145bda2c
2015-02-26 04:38:00 +01:00
de906ce3ce
Bug 1130418 - Remove broken e-mail cert trust editing UI. r=emk
...
--HG--
extra : rebase_source : fb4c89e251e2ce3e4d9cf002a0cda4166a589a2c
2015-03-02 19:54:00 +01:00
4419d0186e
Bug 1130413 - Remove unused nsITokenPasswordDialogs::GetPassword() function. r=jjones
...
--HG--
extra : rebase_source : 85b9e442d6b5be401fdd389cc251add8a633bb23
2015-02-26 13:05:00 +01:00
b17feb3f40
Merge inbound to m-c a=merge
2015-03-02 12:12:47 -08:00
8084ed7b82
No bug, Automated HPKP preload list update from host bld-linux64-spot-044 - a=hpkp-update
2015-02-28 03:27:43 -08:00
94776e3384
No bug, Automated HSTS preload list update from host bld-linux64-spot-044 - a=hsts-update
2015-02-28 03:27:41 -08:00
8c48f9f304
Bug 1137470 - Upgrade Firefox to NSS 3.18, landing NSS_3_18_BETA7, r=nss-confcall
2015-02-26 23:29:08 +01:00
d01ea02613
bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
2015-02-24 15:48:05 -08:00
a7d78c82c0
Bug 1136388. Change nsIDocumentLoaderFactory and nsIURIContentListener to take MIME types as an XPCOM string, not a char*. r=smaug
2015-02-25 10:26:51 -05:00
c5b6b444f2
Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes. r=gdestuynder
2015-02-20 12:16:00 +01:00
2672d3b5d3
Bug 1077864, Part 3: update nsserrors.properties so error message gets localized.
2015-02-23 16:04:23 -08:00
06b7804e70
Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler
...
--HG--
extra : rebase_source : 79efad2c5f60120ff1022547ce7efa628a7acd0f
2015-02-14 16:59:02 -08:00
27cb600f2f
Bug 1077864, Part 2: Override the trust level for OCSP response signer certs so that they are never considered trust anchors, r=keeler
...
--HG--
extra : rebase_source : d0c599f7fc29b5fbcb7d8cd97980a3f39d39f515
2015-02-14 15:59:38 -08:00
bdb4294871
Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler
...
--HG--
extra : rebase_source : 9a2ca8cb370169f675557987a6b1cc0dedb24ff6
2015-02-22 16:59:03 -08:00
f2235a16db
Bug 1135407: Factor out duplicate logic in tests, r=keeler
...
--HG--
extra : rebase_source : d93eef89cb6596cf35e2ebef29030423cf027f0b
2015-02-21 14:12:38 -08:00
baf73d756f
Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith
2015-02-23 13:40:09 -05:00
fd0387315e
Merge inbound to m-c. a=merge
2015-02-21 16:40:27 -05:00
c2dabe6507
No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update
2015-02-21 03:32:26 -08:00
00bf62f9f5
No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update
2015-02-21 03:32:24 -08:00
256a142a70
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
...
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
Bob Owen
David Keeler
Ryan VanderMeulen
Nicholas Nethercote
Cykesiopka
Makoto Kato
Birunthan Mohanathas
Mike Hommey
Kaspar Brand
Phil Ringnalda
ffxbld
Nathan Froyd
Tim Taubert
Eric Rahm
Carsten "Tomcat" Book
cedric
Richard Barnes
Neil Rashbrook
Wes Kocher
Jed Davis
David Major
Daniel Veditz
L. David Baron
Mark Goodwin
Patrick McManus
Kai Engert
Masatoshi Kimura
Andrew Bartlett
Dave Townsend
Fabrice Desré
Blake Kaplan
Steven Michaud
Nathan Toone
Francois Marier
Ehsan Akhgari
André Reinald
Neil Deakin
Brian Smith
Landry Breuil
Jan Beich
David Cooper
Andrew McCreight
Jan-Ivar Bruaroey
Randell Jesup
Andrea Marchesini
Tanvi Vyas
Edwin Flores
Jonathan Griffin
Chuck Lee
Boris Zbarsky