Граф коммитов

12843 Коммитов

Автор SHA1 Сообщение Дата
Margareta Eliza Balazs 4551f2e31e Merge inbound to mozilla-central r=merge a=merge 2017-12-12 23:58:36 +02:00
ffxbld 01c7631757 No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update 2017-12-12 12:10:25 -08:00
ffxbld 561b61d3ff No bug, Automated HSTS preload list update from host bld-linux64-spot-035 - a=hsts-update 2017-12-12 12:10:21 -08:00
ffxbld fc20a5a0ab No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update 2017-12-12 11:23:12 -08:00
ffxbld 4338c47957 No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update 2017-12-12 11:23:09 -08:00
ffxbld 7a8fc93f68 No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update 2017-12-11 12:07:39 -08:00
ffxbld 00d93b43c8 No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update 2017-12-11 12:07:35 -08:00
ffxbld cba1cda89a No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update 2017-12-11 11:37:07 -08:00
ffxbld 2077079b20 No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update 2017-12-11 11:37:03 -08:00
Andrea Marchesini b32bea6044 Bug 1424809 - Get rid of NS_NewPostDataStream, r=valentin 2017-12-12 06:01:17 -06:00
cku 07e7f9f727 Bug 1399787 - Part 9. Sandbox the PDFium process. r=bobowen,jwatt
MozReview-Commit-ID: 6ED7EPZvOMR

--HG--
extra : rebase_source : d8ddd2bb3551cf25c0f18151c4340e1f48d659ca
extra : intermediate-source : d90c5064d88a6468c1209f4a78ec7631592eec98
extra : source : 91b761e38efd28a69647c38531f5418fffee8f50
2017-10-18 20:52:45 +08:00
ffxbld 7b5a586bff No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update 2017-12-10 12:02:11 -08:00
ffxbld 20053f4730 No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update 2017-12-10 12:02:07 -08:00
ffxbld 4d1e04053a No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update 2017-12-10 11:22:34 -08:00
ffxbld 31d8adf7f1 No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update 2017-12-10 11:22:30 -08:00
Andreea Pavel 5ba2665757 Merge inbound to mozilla-central r=merge a=merge 2017-12-09 22:21:17 +02:00
ffxbld 317996d0b6 No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update 2017-12-09 12:01:49 -08:00
ffxbld 0aba3da0bd No bug, Automated HSTS preload list update from host bld-linux64-spot-035 - a=hsts-update 2017-12-09 12:01:45 -08:00
ffxbld b6ea2cfac7 No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update 2017-12-09 11:07:05 -08:00
ffxbld 90b3db49cd No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update 2017-12-09 11:07:01 -08:00
Gurzau Raul 096b0974bc Merge autoland to mozilla-central r=merge a=merge 2017-12-08 23:56:46 +02:00
ffxbld 8f7724e963 No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update 2017-12-08 12:00:55 -08:00
ffxbld ab5cafe292 No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update 2017-12-08 12:00:51 -08:00
ffxbld 4d2f167f48 No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update 2017-12-08 11:11:49 -08:00
ffxbld 2582928f13 No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update 2017-12-08 11:11:46 -08:00
Eric Rahm 6058ba50a3 Bug 1423798 - Remove headers included for backwards compat in nsString.h. r=njn on a CLOSED TREE
Remove the headers included for "backwards compatibility" and just include them
where required.

--HG--
extra : source : e2beba7e6875120ebbbcadf24bcbcb5b86411a94
extra : amend_source : 11f07a27431cd468511f0bd45afe36150c6e342c
2017-12-06 19:36:57 -08:00
Csoregi Natalia f488657fbd Backed out changeset e2beba7e6875 (bug 1423798) for failing Browser Chrome tests browser_temporary_permissions_expiry.js on Windows 7 debug. r=backout on a CLOSED TREE 2017-12-09 07:23:35 +02:00
Gurzau Raul 0fcc1a37e6 Merge mozilla-central to mozilla-inbound. r=merge a=merge CLOSED TREE 2017-12-09 00:57:59 +02:00
Eric Rahm 74880b3483 Bug 1423798 - Remove headers included for backwards compat in nsString.h. r=njn
Remove the headers included for "backwards compatibility" and just include them
where required.

--HG--
extra : rebase_source : 03e703a81ed4b80f4f116ff36d8787464ce5acba
2017-12-06 19:36:57 -08:00
shindli 2f09c0a994 Merge mozilla-central to inbound. r=merge a=merge CLOSED TREE 2017-12-08 00:26:07 +02:00
shindli 0bed6b5d6d Merge inbound to mozilla-central r=merge a=merge 2017-12-08 00:12:14 +02:00
ffxbld 8e05423bf3 No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update 2017-12-07 12:05:58 -08:00
ffxbld 62f9cfe3ca No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update 2017-12-07 12:05:54 -08:00
ffxbld 10287820a9 No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update 2017-12-07 11:18:38 -08:00
ffxbld e88025e01c No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update 2017-12-07 11:18:34 -08:00
Andreea Pavel 89531e8dc3 Backed out 9 changesets (bug 1412456) for crashing talos g2 and unexpected network connections in browser-chrome's browser_searchEngine_behaviors.js r=backout a=backout on a CLOSED TREE
Backed out changeset 0c01a98f4fd5 (bug 1412456)
Backed out changeset 27077db47231 (bug 1412456)
Backed out changeset f35ec2a884f8 (bug 1412456)
Backed out changeset 602b30ac3c69 (bug 1412456)
Backed out changeset b1ff1050c589 (bug 1412456)
Backed out changeset f100d953f9eb (bug 1412456)
Backed out changeset d85af60fe259 (bug 1412456)
Backed out changeset 736f38486832 (bug 1412456)
Backed out changeset 13a637602dc2 (bug 1412456)
2017-12-07 12:20:21 +02:00
Bob Owen 8ba04e79f9 Bug 1422053: Create Windows sandbox sLaunchErrors hashtable on the main thread. r=aklotz 2017-12-07 09:07:43 +00:00
Bill McCloskey 9f4d083047 Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-07 12:55:24 -08:00
Bob Owen cd83addd77 Bug 1395187: Use STARTF_FORCEOFFFEEDBACK flag when starting Windows child processes to prevent app starting cursor. r=jimm 2017-12-07 10:24:38 +00:00
Bill McCloskey bef7c122df Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 21:17:05 -08:00
Dorel Luca eb65c24c7b Backed out 8 changesets (bug 1412456) for ESlint failure on browser_urlbarKeepStateAcrossTabSwitches.js:13:49 r=backout on a CLOSED TREE
Backed out changeset 0e88de036c55 (bug 1412456)
Backed out changeset 49b93f807db0 (bug 1412456)
Backed out changeset 039e980b7dc6 (bug 1412456)
Backed out changeset c7698410ddbd (bug 1412456)
Backed out changeset e56a1ba26b7c (bug 1412456)
Backed out changeset 0c4506e124ac (bug 1412456)
Backed out changeset a7aec2ce903b (bug 1412456)
Backed out changeset 3e9fb71f1e8e (bug 1412456)
2017-12-07 07:09:33 +02:00
Bob Owen e19c11cd2a Bug 1423296: Don't use MITIGATION_IMAGE_LOAD_NO_LOW_LABEL when running from a network drive. r=jimm 2017-12-08 19:00:54 +00:00
Bill McCloskey be77cf4a01 Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 20:46:58 -08:00
Dorel Luca 777fa218a9 Backed out changeset 4928928a5e46 (bug 1417680) for leaks detected by valgrind r=backout on a CLOSED TREE
--HG--
extra : amend_source : 48d7d6291b7f1e68cc554caa3374cda326d17681
2017-12-07 02:14:25 +02:00
David Keeler 094791c2d0 bug 1417680 - explore the feasibility of not shutting down NSS by no-op-ing the guts of the shutdown infrastructure r=jcj r=franziskus
Adapted from https://wiki.mozilla.org/SecurityEngineering/NSS_Startup_and_Shutdown_in_Gecko :

Properly implementing the coordinated shutdown of NSS has, to date, proved
intractable. For architectural reasons and due to the significant complexity
involved, the NSS resource tracking and shutdown infrastructure has been an
ongoing source of crashes and hangs in Firefox. To that end, we have been
exploring the possibility of not shutting down NSS at all. For this to work, we
have had to address a number of potential concerns.

Certificate and key database corruption: In theory, if Firefox were to exit
without coordinating with NSS, data stored in the certificate and key databases
(backed by BerkeleyDB) could be lost. To mitigate this, we have migrated to
using the sqlite-backed implementation. The databases are now journaled, and
short of a bug in sqlite, we do not anticipate data loss due to database
corruption.

PKCS#11 devices: In theory, if Firefox were to exit without coordinating with
NSS and thus any attached PKCS#11 devices, data could be lost on these devices.
However, it is our understanding that these devices must be robust against
unexpected physical removal. Uncoordinated shutdown should present no worse a
risk to user data.

FIPS 140-2 mode: While Mozilla does not ship a version of Firefox that supports
FIPS mode out of the box, Red Hat does. It is our understanding that clearing
key material is a requirement of FIPS and that not shutting down NSS may pose a
problem for this requirement. Red Hat's FIPS 140-2 Security Policy[0] specifies
that the application (i.e. Firefox) using the module (i.e. NSS) is responsible
for zeroization of key material. More specifically, it says "All plaintext
secret and private keys must be zeroized when the Module is shut down (with a
FC_Finalize call), reinitialized (with a FC_InitToken call), or when the session
is closed (with a FC_CloseSession or FC_CloseAllSessions call)." Thus, if
Firefox never shuts down NSS, this requirement is trivially met.

Leak detection: By not shutting down NSS, technically we leak some allocated
memory until shutdown. This could cause problems if our test infrastructure
detected and reported these leaks. However, it appears not to (which itself is
somewhat concerning). In any case, we will have to deal with this if and when we
can detect these leaks.

Given that these concerns all have at least a preliminary answer, we will move
forward with attempting to not shut down NSS in Firefox. This may expose
unexpected issues that may lead to a reassessment of the situation, so this will
be on a trial basis only in Nightly.

[0] https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3070.pdf

MozReview-Commit-ID: LjgEl1UZqkC

--HG--
extra : rebase_source : 99bf715f7f6566ec92ca763eefdbd8d2f69d2ba2
extra : amend_source : d4177cc87f54fccbd49312feef7e29b77bf01432
2017-11-10 15:03:23 -08:00
Dorel Luca ada131e8c5 Merge autoland to mozilla-central r=merge a=merge 2017-12-06 23:57:33 +02:00
ffxbld 638c4fcef4 No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update 2017-12-06 12:06:18 -08:00
ffxbld d4149255ed No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update 2017-12-06 12:06:14 -08:00
ffxbld 283abf5e1b No bug, Automated HPKP preload list update from host bld-linux64-spot-033 - a=hpkp-update 2017-12-06 11:12:09 -08:00
ffxbld 7711ad2f7d No bug, Automated HSTS preload list update from host bld-linux64-spot-033 - a=hsts-update 2017-12-06 11:12:06 -08:00