Now that ContentVerifier has been removed (bug 1441989), the only API of
nsIContentSignatureVerifier that is actually being used is
verifyContentSignature. As a result, we can vastly simplify the implementation
(ContentSignatureVerifier) to prepare for improvements such as having it not
block the main thread (bug 1534600).
Differential Revision: https://phabricator.services.mozilla.com/D29295
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
Intermediate preloading was including cookies during attachment fetches to our
Kinto attachment servers. There's no reason for that, so let's not.
Differential Revision: https://phabricator.services.mozilla.com/D26193
--HG--
extra : rebase_source : b3fbb6c80c56b8428434fb177cad3424a66b837d
extra : source : 87be514024ac53ab6362ffc26610c063d50abe07
This updates cert_storage to be able to store certificates indexed by subject DN
for easy lookup by NSSCertDBTrustDomain during path building. This also updates
RemoteSecuritySettings to store newly-downloaded preloaded intermediates in
cert_storage.
Differential Revision: https://phabricator.services.mozilla.com/D27991
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
If OCSP request is blocked, we can't get the certificate revocation
informatoin.
Add nsIChannel::LOAD_BYPASS_URL_ClASSIFIER to enfore URL classifier
bypasses OCSP request.
Differential Revision: https://phabricator.services.mozilla.com/D29230
--HG--
extra : moz-landing-system : lando
Intermediate preloading was including cookies during attachment fetches to our
Kinto attachment servers. There's no reason for that, so let's not.
Differential Revision: https://phabricator.services.mozilla.com/D26193
--HG--
extra : moz-landing-system : lando
test_toolkit_securityreporter.js uses BadCertServer, which uses hard-coded
ports, so it needs to run sequentially.
Differential Revision: https://phabricator.services.mozilla.com/D28709
--HG--
extra : moz-landing-system : lando
Crashes resulting from the diagnostic assertions added in 2ca136370e18 suggest
that certificate decoding is faiiling in the content process (which seems
impossible given that presumably we successfully decoded the very same
certificate in the parent). This should tell us what error code NSS is
returning when this happens, which may illustrate the issue.
Differential Revision: https://phabricator.services.mozilla.com/D27998
--HG--
extra : moz-landing-system : lando
The attributes for an interface should be on the line right before the
interface.
Interface attributes should be separated by spaces.
Clean up some trailing whitespace in widget/.
Differential Revision: https://phabricator.services.mozilla.com/D28234
--HG--
extra : moz-landing-system : lando
Before this patch, test_toolkit_securityreporter.js would unconditionally try to
get the value of the "Cookie" header. If a header isn't available, httpd.js
apparently throws an exception. Interestingly, exceptions thrown in httpd.js
path handlers aren't reported to the test framework, so we weren't aware of
this. Additionally, the test didn't have any way of waiting until the security
report it was expecting had arrived, so it just continued on and "succeeded".
This patch addresses these issues by using "throws" to make sure no cookies are
available and by inserting extra add_test/run_next_test pairs when the test is
waiting for a report.
Differential Revision: https://phabricator.services.mozilla.com/D27613
--HG--
extra : moz-landing-system : lando
This adds a config option to enable client authentication through the TLS 1.3 post-handshake auth mechanism.
Differential Revision: https://phabricator.services.mozilla.com/D26540
--HG--
extra : moz-landing-system : lando
This excludes dom/, otherwise the file size is too large for phabricator to handle.
This is an autogenerated commit to handle scripts loading mochitest harness files, in
the simple case where the script src is on the same line as the tag.
This was generated with https://bug1544322.bmoattachments.org/attachment.cgi?id=9058170
using the `--part 2` argument.
Differential Revision: https://phabricator.services.mozilla.com/D27456
--HG--
extra : moz-landing-system : lando
This patch adds resumed attribute to nsISSLSocketControl, which is needed in tests that check SSL resumption (e.g. bug 1500533).
Differential Revision: https://phabricator.services.mozilla.com/D26597
--HG--
extra : moz-landing-system : lando
Previously cert_storage could use negative values as unsigned values when
determining if its data was sufficiently fresh, which could cause assertion
failures when doing time math.
This patch changes the behavior to just use 0 if values are either unavailable
or negative, which means we fail closed and say everything is out of date if we
otherwise don't have the information to make the correct decision.
Differential Revision: https://phabricator.services.mozilla.com/D27196
--HG--
extra : moz-landing-system : lando
Bug 1478124 and bug 1524687 converted many things to static xpcom
component registration, but somehow left the corresponding C++
initialization.
Differential Revision: https://phabricator.services.mozilla.com/D26697
--HG--
extra : moz-landing-system : lando
Myk Melez
ffxbld
Mark Goodwin
Dana Keeler
Sylvestre Ledru
Dorel Luca
J.C. Jones
Sebastian Hengst
Csoregi Natalia
Brindusan Cristian
dlee
Narcis Beleuzu
Noemi Erli
Cosmin Sabou
monikamaheshwari
Mathieu Leplatre
Brian Grinstead
Andreea Pavel
Andrew McCreight
Ehsan Akhgari
Daiki Ueno
Michal Novotny
Oana Pop Rus
Mike Hommey