There are no longer any consumers of the JS-implemented
`FakeTransportSecurityInfo` class, so it can be removed. That removes the last
JS-implemented `nsITransportSecurityInfo` instance and it therefore can be
marked `builtinclass`.
Differential Revision: https://phabricator.services.mozilla.com/D40355
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer
use JS-implemented `nsITransportSecurityInfo` instances in test cases.
This patch migrates `test_sss_resetState.js` to use `add_connection_test()` to
get a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40352
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_sss_originAttributes.js` to use `add_connection_test()` to get a
valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40351
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer
use JS-implemented `nsITransportSecurityInfo` instances in test cases.
This patch migrates `test_sss_enumerate.js` to use `add_connection_test()` to
get a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40350
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_pinning_header_parsing.js` to use `add_connection_test()` to get
a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40349
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_ocsp_must_staple.js` to use `add_connection_test()` to get a
valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40348
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_forget_about_site_security_headers.js to use
`add_connection_test()` to get a valid `nsITransportSecurityInfo` instance for
the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40347
--HG--
extra : moz-landing-system : lando
There is now a contract ID for `nsITransportSecurityInfo`, allowing
`mozilla::psm::TransportSecurityInfo` instances to be created from JS. Tests
using a JS-implemented `nsITransportSecurityInfo` that were not modifying,
e.g., the `serverCert` attribute have been updated to create a
`mozilla::psm::TransportSecurityInfo` via the contract.
Differential Revision: https://phabricator.services.mozilla.com/D40346
--HG--
extra : moz-landing-system : lando
Don't show the login in about:logins if the username or password cannot be decrypted.
Differential Revision: https://phabricator.services.mozilla.com/D40845
--HG--
extra : moz-landing-system : lando
Set com.apple.security.cs.disable-library-validation=false in developer and production Hardened Runtime entitlements now that the definition has changed to mean allow/disallow unsigned libraries.
Differential Revision: https://phabricator.services.mozilla.com/D40525
--HG--
extra : moz-landing-system : lando
Allow access to timezone data files from the content/flash/GMP/utility sandbox.
Remove unneeded regex providing access to ^/private/tmp/KSInstallAction\. files.
Differential Revision: https://phabricator.services.mozilla.com/D41455
--HG--
extra : moz-landing-system : lando
Revset: reverse(89aa19677e37~-1::bbfc55939d75)
2019-08-14 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/tls_agent.cc:
Bug 1572593 - Re-revert call to CheckCertReqAgainstDefaultCAs to
avoid memory leak (filed as bug 1573945). r=jcj
Revert back to the changes Franziskus had made. Updated the in-
source bug number to point to the new memleak bug.
Differential Revision:
https://phabricator.services.mozilla.com/D42020
[bbfc55939d75] [tip]
2019-08-12 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/freebl_gtest/freebl_gtest.gyp,
gtests/mozpkix_gtest/mozpkix_gtest.gyp:
Bug 1415118 - Fix --enable-libpkix builds from build.sh r=mt,jcj
Differential Revision:
https://phabricator.services.mozilla.com/D41617
[f8926908be71]
2019-08-14 J.C. Jones <jjones@mozilla.com>
* gtests/ssl_gtest/tls_agent.cc, lib/ssl/ssl3ext.c:
Bug 1572593 - Reset advertised extensions in ssl_ConstructExtensions
r=mt,kjacobs
Reset the list of advertised extensions before sending a new set.
This reverts the changes of https://hg.mozilla.org/projects/nss/rev/
1ca362213631d6edc885b6b965b52ecffcf29afd
Differential Revision:
https://phabricator.services.mozilla.com/D41302
[b03ff661491e]
2019-08-14 Kevin Jacobs <kjacobs@mozilla.com>
* lib/freebl/ctr.c:
Bug 1539788 - UBSAN fixup for 128b counter. r=mt,jcj
Differential Revision:
https://phabricator.services.mozilla.com/D41884
[9d1f5e71773d]
2019-08-13 Kevin Jacobs <kjacobs@mozilla.com>
* lib/freebl/chacha20poly1305.c, lib/freebl/ctr.c, lib/freebl/gcm.c,
lib/freebl/intel-gcm-wrap.c, lib/freebl/rsapkcs.c:
Bug 1539788 - Add length checks for cryptographic primitives
r=mt,jcj
This patch adds additional length checks around cryptographic
primitives.
Differential Revision:
https://phabricator.services.mozilla.com/D36079
[dfd6996fe742]
2019-08-13 Marcus Burghardt <mburghardt@mozilla.com>
* gtests/freebl_gtest/mpi_unittest.cc, lib/freebl/mpi/README,
lib/freebl/mpi/mpi.c, lib/freebl/mpi/mpi.h:
Bug 1542077 - Added extra controls and tests to mp_set_int and
mp_set_ulong. r=jcj,kjacobs
Differential Revision:
https://phabricator.services.mozilla.com/D40649
[9bc47e69613e]
2019-08-13 J.C. Jones <jjones@mozilla.com>
* gtests/ssl_gtest/ssl_resumption_unittest.cc,
gtests/ssl_gtest/tls_agent.cc:
Bug 1572791 - Fixup clang-format r=bustage
[ec113de50cdd]
* gtests/ssl_gtest/tls_agent.cc,
gtests/ssl_gtest/tls_subcerts_unittest.cc, lib/ssl/tls13subcerts.c:
Bug 1572791 - Check for nulls in SSLExp_DelegateCredential and its
tests r=kjacobs
This particularly catches test errors in tls_subcerts_unittest when
the profile is stale.
Differential Revision:
https://phabricator.services.mozilla.com/D41429
[ed5067857563]
2019-08-13 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_auth_unittest.cc,
gtests/ssl_gtest/ssl_cert_ext_unittest.cc,
gtests/ssl_gtest/ssl_resumption_unittest.cc,
gtests/ssl_gtest/tls_agent.cc:
Bug 1572791 - Fix ASAN cert errors when SSL gtests run on empty
profile r=jcj
Differential Revision:
https://phabricator.services.mozilla.com/D41787
[cef2aa7f3b8c]
2019-08-09 Kevin Jacobs <kjacobs@mozilla.com>
* tests/common/cleanup.sh:
Bug 1560593 - Cleanup.sh to treat core dumps as test failures on
optimized builds. r=jcj
Differential Revision:
https://phabricator.services.mozilla.com/D41392
[360010725fdb]
Differential Revision: https://phabricator.services.mozilla.com/D42139
--HG--
extra : moz-landing-system : lando
This changes the way crash reports for child processes happening too early
during the child process' startup. Before bug 1547698 we wrote a partial
.extra file with those crashes that lacked the process type. The user would
not be notified of those crashes until she restarted Firefox and even when
submitted those crashes would be erroneously labeled as browser crashes.
After bug 1547698 we stopped writing .extra files entirely for those crashes
which left orphaned .dmp files among the pending crash reports.
This patch does three things to improve the situation:
* It writes a partial .extra file so that the crashes are detected at the next
startup. So the user is still not notified directly of these crashes but she
can report them later.
* It adds the process type to the .extra file so that the crash reporters are
labelled correctly.
* It fixes a leak in the `pidToMinidump` hash-map. Since the crashes were
not finalized the `ChildProcessData` strucutre associated with them would
never be fred.
Differential Revision: https://phabricator.services.mozilla.com/D40810
--HG--
extra : moz-landing-system : lando
Don't show the login in about:logins if the username or password cannot be decrypted.
Differential Revision: https://phabricator.services.mozilla.com/D40845
--HG--
extra : moz-landing-system : lando
security-prefs.js is #included into greprefs.js, but there's no good reason for
it to be separate from all.js. Having it separate makes it easier to overlook,
and all.js has a bunch of `security.*` prefs in it anyway.
This patch inlines it into all.js. It inlines it at the start of the file to
minimize the risk of the change, so that the prefs end up in greprefs.js in the
same order as before.
Differential Revision: https://phabricator.services.mozilla.com/D40919
--HG--
extra : moz-landing-system : lando
There are no longer any consumers of the JS-implemented
`FakeTransportSecurityInfo` class, so it can be removed. That removes the last
JS-implemented `nsITransportSecurityInfo` instance and it therefore can be
marked `builtinclass`.
Differential Revision: https://phabricator.services.mozilla.com/D40355
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer
use JS-implemented `nsITransportSecurityInfo` instances in test cases.
This patch migrates `test_sss_resetState.js` to use `add_connection_test()` to
get a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40352
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_sss_originAttributes.js` to use `add_connection_test()` to get a
valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40351
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer
use JS-implemented `nsITransportSecurityInfo` instances in test cases.
This patch migrates `test_sss_enumerate.js` to use `add_connection_test()` to
get a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40350
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_pinning_header_parsing.js` to use `add_connection_test()` to get
a valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40349
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_ocsp_must_staple.js` to use `add_connection_test()` to get a
valid `nsITransportSecurityInfo` instance for the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40348
--HG--
extra : moz-landing-system : lando
As part of making `nsITranportSecurityInfo` builtinclass, we can no longer use
JS-implemented `nsITransportSecurityInfo` instances in test cases. This patch
migrates `test_forget_about_site_security_headers.js to use
`add_connection_test()` to get a valid `nsITransportSecurityInfo` instance for
the unit tests.
Differential Revision: https://phabricator.services.mozilla.com/D40347
--HG--
extra : moz-landing-system : lando
Gian-Carlo Pascutto
Cosmin Sabou
Barret Rennie
Carolina
ffxbld
Christian Holler
Mark Banner
Matthew Noorenberghe
Gabriele Svelto
Csoregi Natalia
Bogdan Tara
Haik Aftandilian
Nicholas Nethercote
arthur.iakab
J.C. Jones
Sylvestre Ledru
J.C. Jones
Daniel Varga
Jared Wein
Tom Schuster
Jed Davis
Kevin Jacobs
Moritz Birghan
Andreea Pavel