The functions aren't necessary now that we have BitwiseCast.
MozReview-Commit-ID: 2nzOuwAop4Y
--HG--
extra : rebase_source : 196449249eec75b8eb10e59662231c3f4e83c268
The functions aren't necessary now that we have BitwiseCast.
MozReview-Commit-ID: 2nzOuwAop4Y
--HG--
extra : rebase_source : 0cb2c16f484a81b2e77384564973b58ac2d10fb9
As of bug 1284946, nothing uses nsPSMBackgroundThread, so it's just dead code
that is removed by this patch.
MozReview-Commit-ID: 24HWFHIeCX9
--HG--
extra : rebase_source : 0cdf572fa2b742d9a78b6f099d8a2cf465813ccb
The root with the nickname "Equifax Secure CA" was removed from NSS in bug
1296689 (confusingly, "Equifax Secure CA" doesn't appear in the subject DN of
that certificate, which is "OU=Equifax Secure Certificate
Authority,O=Equifax,C=US"). This removes the dependency on that root as well as
fixes dumpGoogleRoots.js to automatically handle this sort of thing in the
future.
MozReview-Commit-ID: KIEPBnliufX
--HG--
extra : rebase_source : 819b0168e28d73c66f2e23d19f513cce214bcc78
This is to work around an issue where the call to CoInitializeSecurity in MainThreadRuntime::InitializeSecurity causes the impersonation token, used to give the pre-lockdown permissions, to be replaced with one with no rights.
This only seems to happen when the lockdown token is USER_NON_ADMIN, which is not a restricted token.
MozReview-Commit-ID: 6HFuDFmWLTf
This function is an infallible alternative to nsIURI::GetSpec(). It's useful
when it's appropriate to handle a GetSpec() failure with a failure string, e.g.
for log/warning/error messages. It allows code like this:
nsAutoCString spec;
uri->GetSpec(spec);
printf("uri: %s", spec.get());
to be changed to this:
printf("uri: %s", uri->GetSpecOrDefault().get());
This introduces a slight behavioural change. Previously, if GetSpec() failed,
an empty string would be used here. Now, "[nsIURI::GetSpec failed]" will be
produced instead. In most cases this failure string will make for a clearer
log/warning/error message than the empty string.
* * *
Bug 1297961 (part 1b) - More GetSpecOrDefault() additions. r=hurley.
I will fold this into part 1 before landing.
--HG--
extra : rebase_source : ddc19a5624354ac098be019ca13cc24b99b80ddc
Passes the profile dir to the content process as a -profile CLI option so
that the correct profile dir can be used in the OS X content sandbox rules.
Only enabled on OS X for now.
On Nightly, profile directories will now be read/write protected from the
content process (apart from a few profile subdirectories) even when they
don't reside in ~/Library.
MozReview-Commit-ID: rrTcQwTNdT
--HG--
extra : rebase_source : d91d8939cabb0eed36b640766756548a790a301c
Passes the profile dir to the content process as a -profile CLI option so
that the correct profile dir can be used in the OS X content sandbox rules.
Only enabled on OS X for now.
On Nightly, profile directories will now be read/write protected from the
content process (apart from a few profile subdirectories) even when they
don't reside in ~/Library.
--HG--
extra : rebase_source : 7bf426f14f31b35c8b541e6d21183226db9836c7
NSPR should generally be avoided in favour of modern C++ code.
This patch does not convert uses of the NSS Base64 functions. It does however
take the opportunity to switch over some IDL functions to use the safer Mozilla
string classes, and fixes Bug 1251050 along the way.
MozReview-Commit-ID: CM8g9DzIcnC
--HG--
extra : rebase_source : 9d07db1bcefc9d9ed6a1f7e102f5c01bd9caa522
enum classes are in general safer than plain enums, and as such should be
preferred.
MozReview-Commit-ID: 1FK89SNhdk4
--HG--
extra : rebase_source : 764c4855026c02d8c9e33ca33637fec54ea5ca31
The patch is generated from following command:
rgrep -l unused.h|xargs sed -i -e s,mozilla/unused.h,mozilla/Unused.h,
MozReview-Commit-ID: AtLcWApZfES
--HG--
rename : mfbt/unused.h => mfbt/Unused.h
The Mozilla string classes don't require manual memory management and
automatically keep track of length, making them a safer choice than raw C
strings.
MozReview-Commit-ID: EwCiiP9EhDr
--HG--
extra : transplant_source : %05%D4%B6s%C1%DBye%2C3%C3%85%DB%22%91h%B4%27%E1l
1. encrypt() and decrypt() are C++ only.
The only callers are in SecretDecoderRing.cpp, and binary add-ons aren't
supported anymore. So, there is no need for these methods to be defined in the
IDL, and they should be treated as private to the nsISecretDecoderRing
implementation.
2. nsISecretDecoderRingConfig has never been implemented.
The interface and implementation are currently just bloat. If there is a need
for specifying the window for prompts in the future, a better way can be devised
then.
MozReview-Commit-ID: 1wXCDTIBJA2
--HG--
extra : transplant_source : %D7%27%5E3%BF%E9%16%0E%A3%8B%E1%8E%ADj%3F%25%B3i%9Al
The interfaces defined within have basically nothing to do with Necko.
MozReview-Commit-ID: 5J4D3w61Yry
--HG--
rename : netwerk/base/nsISecretDecoderRing.idl => security/manager/ssl/nsISecretDecoderRing.idl
extra : transplant_source : %AAP%26%5D%DE%ED%F6Q%C4%5Eia%F1%84T%8D%A7E%8Aw
There are currently two ways of naming files containing the implementation of
interface nsIFoo:
1. nsFoo.(cpp|h) (previous convention)
2. Foo.(cpp|h) (new convention)
nsSDR.(cpp|h) matches neither of these. Renaming the files to follow convention
makes it easier to discover what the files implement, and increases codebase
consistency.
MozReview-Commit-ID: 3ThPxPouiie
--HG--
rename : security/manager/ssl/nsSDR.cpp => security/manager/ssl/SecretDecoderRing.cpp
rename : security/manager/ssl/nsSDR.h => security/manager/ssl/SecretDecoderRing.h
extra : transplant_source : %7D%FC%AD%9C%E8%AD%CFz%FE%F2%D6%1E%A0%0A%06sk%3D%AD%AC