This also removes any redundant Ci.nsISupports elements in the interface
lists.
This was done using the following script:
acecb401b7/processors/chromeutils-generateQI.jsm
MozReview-Commit-ID: AIx10P8GpZY
--HG--
extra : rebase_source : a29c07530586dc18ba040f19215475ac20fcfb3b
This modifies crtshToDNStruct.py to be able to produce SPKI or DN-based lists,
and adds a SPKI-search method to TrustOverrideUtils.h.
This also regenerates the TrustOverride files to use the new script.
MozReview-Commit-ID: BhMoJbYXs7Y
--HG--
rename : security/manager/tools/crtshToDNStruct/crtshToDNStruct.py => security/manager/tools/crtshToIdentifyingStruct/crtshToIdentifyingStruct.py
rename : security/manager/tools/crtshToDNStruct/requirements.txt => security/manager/tools/crtshToIdentifyingStruct/requirements.txt
extra : rebase_source : 9ae4999ceea2d4092119fe81b787c4d66a5e17b1
This patch does a few things:
1) It adds a permament test mechanism for the "imminent distrust" trust status
in nsNSSCallbacks: a simple xpcshell test to exercise a clause in the imminent
distrust logic in nsNSSCallbacks' IsCertificateDistrustImminent method.
2) This test removes test_symantec_apple_google_unaffected.js as its
functionality is rolled into the new test_imminent_distrust.js.
3) It updates the Symantec imminent distrust warning algorithm to remove the
validity date exception; this warns of the upcoming distrust for those affected
certs in Firefox 63.
This patch does not attempt to edit the browser chrome test that checks the
console; that is a subsequent patch.
MozReview-Commit-ID: 1HyVLfmEOP7
--HG--
extra : rebase_source : 3955e3dcd9a21421105d97bd65d3965041de9b8c
This modifies crtshToDNStruct.py to be able to produce SPKI or DN-based lists,
and adds a SPKI-search method to TrustOverrideUtils.h.
This also regenerates the TrustOverride files to use the new script.
MozReview-Commit-ID: BhMoJbYXs7Y
--HG--
rename : security/manager/tools/crtshToDNStruct/crtshToDNStruct.py => security/manager/tools/crtshToIdentifyingStruct/crtshToIdentifyingStruct.py
rename : security/manager/tools/crtshToDNStruct/requirements.txt => security/manager/tools/crtshToIdentifyingStruct/requirements.txt
extra : rebase_source : 335d7fc05fa35fbb54ee7ee518b9f4e0c7a00159
This patch does a few things:
1) It adds a permament test mechanism for the "imminent distrust" trust status
in nsNSSCallbacks: a simple xpcshell test to exercise a clause in the imminent
distrust logic in nsNSSCallbacks' IsCertificateDistrustImminent method.
2) This test removes test_symantec_apple_google_unaffected.js as its
functionality is rolled into the new test_imminent_distrust.js.
3) It updates the Symantec imminent distrust warning algorithm to remove the
validity date exception; this warns of the upcoming distrust for those affected
certs in Firefox 63.
This patch does not attempt to edit the browser chrome test that checks the
console; that is a subsequent patch.
MozReview-Commit-ID: 1HyVLfmEOP7
--HG--
extra : rebase_source : 48c9caae2d26a7e36102b4770c4044101acf0712
This patch was autogenerated by my decomponents.py
It covers almost every file with the extension js, jsm, html, py,
xhtml, or xul.
It removes blank lines after removed lines, when the removed lines are
preceded by either blank lines or the start of a new block. The "start
of a new block" is defined fairly hackily: either the line starts with
//, ends with */, ends with {, <![CDATA[, """ or '''. The first two
cover comments, the third one covers JS, the fourth covers JS embedded
in XUL, and the final two cover JS embedded in Python. This also
applies if the removed line was the first line of the file.
It covers the pattern matching cases like "var {classes: Cc,
interfaces: Ci, utils: Cu, results: Cr} = Components;". It'll remove
the entire thing if they are all either Ci, Cr, Cc or Cu, or it will
remove the appropriate ones and leave the residue behind. If there's
only one behind, then it will turn it into a normal, non-pattern
matching variable definition. (For instance, "const { classes: Cc,
Constructor: CC, interfaces: Ci, utils: Cu } = Components" becomes
"const CC = Components.Constructor".)
MozReview-Commit-ID: DeSHcClQ7cG
--HG--
extra : rebase_source : d9c41878036c1ef7766ef5e91a7005025bc1d72b
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm
MozReview-Commit-ID: 1Nc3XDu0wGl
--HG--
extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70
extra : intermediate-source : 34c999fa006bffe8705cf50c54708aa21a962e62
extra : histedit_source : b2be2c5e5d226e6c347312456a6ae339c1e634b0
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm
MozReview-Commit-ID: 1Nc3XDu0wGl
--HG--
extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm
MozReview-Commit-ID: 1Nc3XDu0wGl
--HG--
extra : rebase_source : c004a023389f1f6bf3d2f3efe93c13d423b23ccd
This is a JS style cleanup; it changes all relevant `var` decls to `let`, and
also moves the `gSSService` up to the top where globals should go.
MozReview-Commit-ID: 2yycCum6mRC
--HG--
extra : rebase_source : 63563665d4d9991e181562acbd7e53f66e4c13b9
The Chromium HSTS Preload list now includes a "policy" field that we can use
to filter and force some HSTS entries. This patch unconditionally accepts list
entries with the "google" or "public-suffix-requested" policies, and tests all
others via the existing connect-and-check (with failback tolerance) strategy.
In comment #0 of this bug [2], Lucas recommends we also filter the "all others"
to be the "bulk" entries. This patch does not do that to be conservative and
avoid de-listing sites at this time. We'll probably want a follow-on to
evaluate and potentially do that.
The patch also:
* renames `getHSTSStatuses` to `probeHSTSStatuses` to indicate more clearly that
it's an active network load.
* Sets an X-Automated-Tool: https://hg.mozilla.org/mozilla-central/file/tip/security/manager/tools/getHSTSPreloadList.js
[1] https://github.com/chromium/hstspreload.org/wiki/Preload-List-Processes#manual-hsts-entries
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1418112#c0
MozReview-Commit-ID: 2r1QYXtDfjw
--HG--
extra : rebase_source : 3110915d15ffe9ea1916a6bd4957911bac0493fb
This is the list of affected Symantec roots and the Apple and Google carved out
sub-CAs being whitelisted. These lists are created using the crtshToDNStruct
tool.
These sub-CAs are to be explicitly whitelisted in the distrust logic being
applied to Symantec root CAs.
Sources:
https://groups.google.com/d/msg/mozilla.dev.security.policy/FLHRT79e3XE/riCrpXsfAgAJhttps://groups.google.com/d/msg/mozilla.dev.security.policy/FLHRT79e3XE/90qkf8jsAQAJ
MozReview-Commit-ID: 3atUGcjG6GD
* * *
[mq]: crtsh_linting
MozReview-Commit-ID: 5gGq5DZXEIi
* * *
[mq]: fix_crtsh_script
MozReview-Commit-ID: JRgkD6OODnO
* * *
[mq]: fix_crtsh_also
MozReview-Commit-ID: Gza1HnYic2I
--HG--
extra : rebase_source : 8ca642964d3ce0308b8081fc52713d9f0104024d
Bug 1255425 changed an 'of' to an 'in', which caused the code that would keep
preexisting entries on the preload list if there was a connection error to loop
over the indices in the array and not the values themselves. Thanks, JavaScript.
MozReview-Commit-ID: DvVWhpImp8n
--HG--
extra : rebase_source : 149c8d0fb46d3b71a9de19aaedfb5e0dd5b9a460
PSM has various xpcshell scripts under the security/manager/tools/ folder. At
the moment, these scripts:
1. Duplicate code.
2. Aren't testable.
This patch introduces a common, unit tested JSM that these scripts can use.
MozReview-Commit-ID: 5NKRUeJgG8f
--HG--
extra : rebase_source : 5cfdf7fb72f3c0880bcaaf2060c7fcc6645f296a
This switches the STS preload list over to a more compact representation by
using a DAFSA. `getHSTSPreloadList.js` is updated to output data in the gperf
format expected by `make_dafsa.py`. We then add a generated file that gets
created by pumping `nsSTSPreloadList.inc` through `make_dafsa.py`.
`nsSiteSecurityService` is updated to use the DAFSA which either returns -1
(kNotFound) if an entry is not present or (0, 1) indicating whether or not to
use subdomains.
`nsSTSPreloadList.inc` is an automated conversion to the new gperf-like format.
This switches the STS preload list over to a more compact representation by
using a DAFSA. `getHSTSPreloadList.js` is updated to output data in the gperf
format expected by `make_dafsa.py`. We then add a generated file that gets
created by pumping `nsSTSPreloadList.inc` through `make_dafsa.py`.
`nsSiteSecurityService` is updated to use the DAFSA which either returns -1
(kNotFound) if an entry is not present or (0, 1) indicating whether or not to
use subdomains.
`nsSTSPreloadList.inc` is an automated conversion to the new gperf-like format.
The preload script currently imports XPCOMUtils.jsm like so:
> Cu.import("resource:///modules/XPCOMUtils.jsm");
As explained in Bug 1383215 comments [21, 24], this has been incorrect for
years, but happened to work.
The import URL is changed so it points at the correct thing now:
> Cu.import("resource://gre/modules/XPCOMUtils.jsm");
MozReview-Commit-ID: J6j594sJs60
--HG--
extra : rebase_source : 402808439e5fba8b4909dee9a96f1e44debfa6f0
Some entries in the existing list referred to roots that were removed from in
upstream NSS in Bug 1380941 (the equivalent change landed in Firefox's copy of
NSS in Bug 1370890). This broke the periodic HPKP script because it would still
try to find the roots within our built-in roots.
Running dumpGoogleRoots.js and pasting the output into the appropriate section
of PreloadedHPKPins.json fixes this.
MozReview-Commit-ID: Ck6WobCk9gl
--HG--
extra : rebase_source : 676e39c7e447f8e2db2cdb52bacaa57d20088a46
This mechanically replaces nsILocalFile with nsIFile in
*.js, *.jsm, *.sjs, *.html, *.xul, *.xml, and *.py.
MozReview-Commit-ID: 4ecl3RZhOwC
--HG--
extra : rebase_source : 412880ea27766118c38498d021331a3df6bccc70
As a result of CNNIC issuing an unconstrained intermediate certificate that
misissued an end-entity certificate for google.com (see bug 1146026 and
bug 1177209), we implemented a system that would in theory enable Firefox to
continue to trust certificates that were valid at the time but not newly issued
certificates. This consisted of a whitelist added in bug 1151512. The CNNIC
roots have since been removed from NSS in bug 1380868. We can now remove the
whitelist in Firefox.
MozReview-Commit-ID: 7VXOuvwzbct
--HG--
extra : rebase_source : 20e6e39c40417a9b7f2962e06cf9de85e3e08ee8
Add a field to the HSTS cache which indicates the source of the HSTS
entry if known, from the preload list, organically seen header, or HSTS
priming, or unknown otherwise. Also adds telemetry to collect the source
when upgrading in NS_ShouldSecureUpgrade.
MozReview-Commit-ID: 3IwyYe3Cn73
--HG--
extra : rebase_source : 9b8daac3aa02bd7a1b4285fb1e5731a817a76b7f
MozReview-Commit-ID: Gay4bliuiDc
This modifies getCTKnownLogs.py to inject 3 debug-only Certificate Transparency
log keys and 2 organizations ("Mozilla Test Org 1" and "2") for use with
integration tests. Also updates CTKnownLogs.h as generated by the python script.
The debug logs use the "default", "secp256r1", and "alternate" keys that are
already present in our testing infrastructure (see pykey.py).
--HG--
extra : rebase_source : 3d4fc736f840cd080fab6b8c6c5b53cc9361abf2
As requested by James Burton<jb@0.me.uk> and vouched for (via email) by
Lucas Garron <lgarron@google.com>.
MozReview-Commit-ID: HD9laXzJpRg
--HG--
extra : rebase_source : 7c632c6772509a3c4c03cf971ee0f62ad5225275
This lets us migrate off depending on real preloaded domains and onto
domains that are guaranteed to have the correct characteristics.
MozReview-Commit-ID: 4TyOfdIA9I7
--HG--
extra : rebase_source : f49109de9292dec31b72d87819dd52b5a6b659ed
nsIX509Cert.getAllTokenNames() is only used (improperly) to determine if a
certificate is a built-in. nsIX509Cert.isBuiltInRoot should be used instead.
MozReview-Commit-ID: LBwI8nTc05C
--HG--
extra : rebase_source : 9494cd1243395b0d293022e981f64be560a54dec
* Remove eslint rules for PSM which are redundant with toolkit/.eslintrc.js
* Fix missing plugins block in mochitest.eslintrc.js
* Disable brace-style checking in mixed-content mochitests which use boilerplate where calls to runTest and afterNavigationTest all use opening brace on newline. I've left this for a follow-up.
* Fix lint errors resulting from new rules defined by toolkit's eslintrc.js
MozReview-Commit-ID: EepCLrzAsdM
--HG--
extra : rebase_source : e74e008403d9cd70703d60cf829af01dbede0353
Smart string classes like nsCString are safer to use than raw |char*| strings,
and are typically easier to deal with as well.
MozReview-Commit-ID: 2PdrCa6cbpe
--HG--
extra : rebase_source : a8730dd48e954f4947534a0d4d524848061dac98
Kris Maglione
Sylvestre Ledru
Florian Quèze
J.C. Jones
Sebastian Hengst
Thomas Wisniewski
Andrew McCreight
Cosmin Sabou
Brindusan Cristian
Mark Banner
Franziskus Kiefer
David Keeler
Ryan VanderMeulen
Cykesiopka
Eric Rahm
Wes Kocher
Masatoshi Kimura
Nathan Froyd
Kate McKinley
Sam Foster
Jonathan Hao
David Major
Phil Ringnalda