7cfa924151
Bug 1829152 - Add example.net for http3 mochitests r=ahal
...
example.net is used in many devtools browser mochitests and should be available for http3 browser mochitests
Differential Revision: https://phabricator.services.mozilla.com/D176030
2023-04-20 20:05:10 +00:00
74407531f5
Bug 1289186 - wait for the server certificate to verify successfully before asking for a client auth certificate r=jschanck
...
If a TLS server asks for a client authentication certificate, no dialog asking
the user to select one should be shown until the server's certificate verifies
successfully.
Differential Revision: https://phabricator.services.mozilla.com/D175170
2023-04-13 18:52:18 +00:00
4d86ceed60
Backed out changeset a5064c22d601 (bug 1289186) for Bp-hybrid bustages on NSSSocketControl.h . CLOSED TREE
2023-04-12 22:03:22 +03:00
bfba45ee49
Bug 1289186 - wait for the server certificate to verify successfully before asking for a client auth certificate r=jschanck
...
If a TLS server asks for a client authentication certificate, no dialog asking
the user to select one should be shown until the server's certificate verifies
successfully.
Differential Revision: https://phabricator.services.mozilla.com/D175170
2023-04-12 16:21:38 +00:00
79403e1620
Bug 1809843 - Add DoH server and Http/3 server into mochitest, r=necko-reviewers,ahal,valentin,gbrown,jmaher
...
Differential Revision: https://phabricator.services.mozilla.com/D166644
2023-03-16 21:28:58 +00:00
ee72efd1e9
Backed out 5 changesets (bug 1809843) for causing Cargo related build bustages. CLOSED TREE
...
Backed out changeset 5c494680f448 (bug 1809843)
Backed out changeset 02742b38edab (bug 1809843)
Backed out changeset 2b9b32ca8294 (bug 1809843)
Backed out changeset 56631cb02ae6 (bug 1809843)
Backed out changeset 37e35a60a71f (bug 1809843)
2023-03-13 13:53:26 +02:00
2b54ddaca8
Bug 1809843 - Add DoH server and Http/3 server into mochitest, r=necko-reviewers,ahal,valentin,gbrown,jmaher
...
Differential Revision: https://phabricator.services.mozilla.com/D166644
2023-03-13 11:12:32 +00:00
0bf957f909
Bug 1815090 - regenerate certificates in build/pgo/certs/. a=me
...
* the build/pgo/certs/ changes were made using
`./mach python build/pgo/genpgocert.py`
2023-02-05 13:12:06 +01:00
eb8738dda3
Bug 1773701 - Part 4: Add a test to verify the email tracking telemetry. r=dimi
...
Differential Revision: https://phabricator.services.mozilla.com/D151524
2022-07-19 20:04:25 +00:00
3835f734ac
Backed out 4 changesets (bug 1773701) for causing hybrid build bustages. CLOSED TREE
...
Backed out changeset 8ec2108b4a5b (bug 1773701)
Backed out changeset 2d2f3f95544d (bug 1773701)
Backed out changeset 8d3727e19ade (bug 1773701)
Backed out changeset fab41f0c857f (bug 1773701)
2022-07-19 18:45:05 +03:00
9879eb3b7d
Bug 1773701 - Part 4: Add a test to verify the email tracking telemetry. r=dimi
...
Differential Revision: https://phabricator.services.mozilla.com/D151524
2022-07-19 14:46:08 +00:00
6028a138e9
Bug 1691122 - Remove subject common name fallback support in CertVerifier. r=keeler,necko-reviewers,kershaw
...
Differential Revision: https://phabricator.services.mozilla.com/D143808
2022-04-28 19:48:06 +00:00
94e2a597f6
Backed out changeset 0599b2a0913a (bug 1691122) for causing failures at test_peerConnection_basicAudioNATRelayTLS.html. CLOSED TREE
2022-04-28 03:58:05 +03:00
ea5479a8d7
Bug 1691122 - Remove subject common name fallback support in CertVerifier. r=keeler,necko-reviewers,kershaw
...
Differential Revision: https://phabricator.services.mozilla.com/D143808
2022-04-27 20:57:31 +00:00
740734288a
Bug 1748409 - regenerate expiring test certificates for 2022 r=jschanck
...
* the certificates were regenerated using `./mach generate-test-certs`
* the build/pgo/certs/ changes were made using
`./mach python build/pgo/genpgocert.py`
* the zip files in security/manager/ssl/tests/unit/test_signed_apps/ were
updated per the directions in the corresponding moz.build file
* security/manager/ssl/tests/unit/test_cert_override_read.js needed manual
updating
Differential Revision: https://phabricator.services.mozilla.com/D135283
2022-01-07 02:13:06 +00:00
3921691c94
Bug 1736509 - Add https://sub*.test*.example.org:443 to build/pgo/server-locations.txt r=jmaher
...
Differential Revision: https://phabricator.services.mozilla.com/D128865
2021-10-21 13:58:55 +00:00
bc498bd4aa
Bug 1736016: Add https://www.example.com:443 to build/pgo/server-locations.txt r=jmaher
...
Differential Revision: https://phabricator.services.mozilla.com/D128591
2021-10-15 16:54:26 +00:00
081e1015d9
Bug 1734787 - Add https://example.net:443 to build/pgo/server-locations.txt r=jmaher
...
Having 3 regular domains to test fission scenarios will help migrating to https-first for DevTools mochitests.
example.org and example.com are both available in http and https, but example.net is only available in http for now.
This patch was created by adding https://example.net to build/pgo/server-locations.txt and then running `./mach python build/pgo/genpgocert.py`
Differential Revision: https://phabricator.services.mozilla.com/D127922
2021-10-13 14:17:14 +00:00
259e0bfa1a
Bug 1724072 - replace RC4 capabilities in ssltunnel with 3DES r=rmf
...
This patch updates ssltunnel to have a configuration where it only uses a 3DES
ciphersuite, rather than RC4 ciphersuites. This has to be done in stages
because otherwise android tests will fail, because their hostutils doesn't
actually use what's in-tree, and has to be updated separately.
Differential Revision: https://phabricator.services.mozilla.com/D122393
2021-08-18 20:20:12 +00:00
625f7a5de1
Backed out changeset 4f793a75cd93 (bug 1724072) for geckoview failures . CLOSED TREE
2021-08-10 19:19:35 +03:00
2a64c08522
Bug 1724072 - allow enabling 3DES only when deprecated versions of TLS are enabled r=rmf
...
Chrome has removed 3DES completely[0], but we're still seeing some uses of it
in telemetry. Our assumption is that this is either due to old devices that
can't be upgraded, and hence probably use TLS 1.0, or servers that bafflingly
choose 3DES when there are other, better, ciphersuites in common.
This patch allows 3DES to only be enabled when deprecated versions of TLS are
enabled. This should protect users against the latter case (where 3DES is
unnecessary) while allowing them to use it in the former case (where it may be
necessary).
NB: The only 3DES ciphersuite gecko makes possible to enable is
TLS_RSA_WITH_3DES_EDE_CBC_SHA. This patch also changes the preference
corresponding to this ciphersuite from "security.ssl3.rsa_des_ede3_sha" to
"security.ssl3.deprecated.rsa_des_ede3_sha".
[0] https://www.chromestatus.com/feature/6678134168485888
Differential Revision: https://phabricator.services.mozilla.com/D121797
2021-08-10 15:25:37 +00:00
cc7f254576
Bug 1706126 - HTTPS- First doesn't upgrade redirection from exempt target domain to subdomain (which supports https) r=ckerschb,necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D118704
2021-07-07 14:19:09 +00:00
18f2473013
Bug 1665057 - Add www button on https-only error page - test r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D103700
2021-03-11 17:10:07 +00:00
d409537a62
Bug 1686615 - replace pgo certs. r=kjacobs
...
via `./mach python build/pgo/genpgocert.py` per https://bugzilla.mozilla.org/show_bug.cgi?id=1525191#c1
Differential Revision: https://phabricator.services.mozilla.com/D101697
2021-01-14 17:35:18 +00:00
75e57b5355
Bug 1672127 - Fix browser_fall_back_to_https.js to use actual host r=ckerschb
...
Adds secureonly.example.com:443 to server-locations.txt - this host is only available on HTTPS.
Regenerates certs using `./mach python build/pgo/genpgocert.py` command.
Sets network.dns.native-is-localhost pref in test so we don't trigger assertion.
Differential Revision: https://phabricator.services.mozilla.com/D94005
2020-10-20 10:26:41 +00:00
c8319be878
Bug 634697 - Add permanent storage to user's client certificate selection r=keeler,baku,fluent-reviewers,Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D58820
2020-08-03 13:24:34 +00:00
a07dcc53eb
Backed out changeset 441baa36ba93 (bug 634697) for failure at test_sss_readstate.js. CLOSED TREE
2020-07-29 19:39:44 +03:00
1bea811e47
Bug 634697 - Add permanent storage to user's client certificate selection r=keeler,baku,fluent-reviewers,Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D58820
2020-07-29 15:20:10 +00:00
78c662789a
Bug 1617987 - Fix URLs by prefixing www. when users encounter bad cert domain errors. r=nika,keeler
...
Differential Revision: https://phabricator.services.mozilla.com/D82024
2020-07-18 13:38:59 +00:00
326e14fb76
Backed out changeset 928233ea49ee (bug 634697) for causing leaks. CLOSED TREE
2020-07-15 16:39:11 +03:00
b22dbe4f47
Bug 634697 - Add permanent storage to user's client certificate selection r=keeler,baku,fluent-reviewers,Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D58820
2020-07-15 11:49:00 +00:00
e8ebc73d50
Bug 1630038 - remove HPKP entirely r=kjacobs,bbeurdouche
...
This removes processing of HTTP Public Key Pinning headers, remotely modifying
pinning information, and using cached pinning information, all of which was
already disabled in bug 1412438. Static pins that ship with the browser are
still enforced.
Differential Revision: https://phabricator.services.mozilla.com/D73352
2020-05-06 22:57:50 +00:00
d2c2253278
Backed out changeset 5616dd0ad683 (bug 1592877) for causing browser-chrome failures on browser_aboutCertError_manySANsError.js
...
CLOSED TREE
2020-04-08 15:26:13 +03:00
929140139b
Bug 1592877 - Truncate SANs to 50 in aboutNetError.js and add a test for it. r=johannh
...
Differential Revision: https://phabricator.services.mozilla.com/D68730
--HG--
extra : moz-landing-system : lando
2020-04-08 11:22:10 +00:00
5f3cbafe43
Bug 1616675 - Add an IPv4 secure service to mochitests' ssltunnel r=keeler
...
WebAuthn needs to write a test to confirm it's prohibited when accessed via
an IP address. This adds the capability to get a SecureContext for an IP host.
It uses 127.0.0.2 so as to bypass restrictions on 127.0.0.1, and the use of .1
as a special-market in ssltunnel.
Differential Revision: https://phabricator.services.mozilla.com/D63570
--HG--
extra : moz-landing-system : lando
2020-02-26 23:15:02 +00:00
3a0a8e2762
Bug 1613275 - Regenerate expired certs not handled by Bug 1607845 a=RyanVM CLOSED TREE
...
commands:
openssl x509 -in security/manager/ssl/tests/unit/test_missing_intermediate/missing-intermediate.pem -outform der -out security/manager/ssl/tests/unit/test_missing_intermediate/missing-intermediate.der
mach python ./build/pgo/genpgocert.py
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_certDB_import/emailEE.pem.certspec >security/manager/ssl/tests/unit/test_certDB_import/emailEE.pem
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_certDB_import/importedCA.pem.certspec >security/manager/ssl/tests/unit/test_certDB_import/importedCA.pem
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_intermediate_preloads/ee.pem.certspec >security/manager/ssl/tests/unit/test_intermediate_preloads/ee.pem
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_intermediate_preloads/ee2.pem.certspec >security/manager/ssl/tests/unit/test_intermediate_preloads/ee2.pem
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_intermediate_preloads/int.pem.certspec >security/manager/ssl/tests/unit/test_intermediate_preloads/int.pem
./mach python ./security/manager/ssl/tests/unit/pycert.py <security/manager/ssl/tests/unit/test_intermediate_preloads/int2.pem.certspec >security/manager/ssl/tests/unit/test_intermediate_preloads/int2.pem
Differential Revision: https://phabricator.services.mozilla.com/D61653
--HG--
extra : amend_source : ba63f416c91785a479695f342cf8db70ccd49cba
2020-02-04 20:17:49 -07:00
7f0b6eecd8
Bug 1584479 - Part 2: Update socialtracking test. r=Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D51444
--HG--
extra : moz-landing-system : lando
2019-11-02 09:53:51 +00:00
b9074d53a1
Backed out 4 changesets (bug 1584479) for Browser-chrome failures in toolkit/components/antitracking/test/browser/browser_socialtracking.js
...
Backed out changeset b0d9877bd8b0 (bug 1584479)
Backed out changeset d2c56bd61b08 (bug 1584479)
Backed out changeset 0edb22786545 (bug 1584479)
Backed out changeset 7e03b392edb3 (bug 1584479)
2019-11-02 01:18:42 +02:00
1429cf6a65
Bug 1584479 - Part 2: Update socialtracking test. r=Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D51444
--HG--
extra : moz-landing-system : lando
2019-11-01 22:02:12 +00:00
b93f23a66b
Bug 1535210 - Set SSL STATE_IS_BROKEN flag for TLS1.0 and TLS 1.1 connections. r=keeler
...
Differential Revision: https://phabricator.services.mozilla.com/D29576
--HG--
extra : moz-landing-system : lando
2019-05-15 23:34:52 +00:00
ccfae51c32
Bug 1500533 - Ensure that TLS session resumption tickets are only consumed if the channel isn't isolated by anti-tracking checks; r=michal,baku
...
Differential Revision: https://phabricator.services.mozilla.com/D26996
--HG--
extra : moz-landing-system : lando
2019-04-18 01:00:22 +00:00
76651301a1
Backed out changeset acb04833e713 (bug 1500533) for assertion failure in nsHttpChannel.cpp on a CLOSED TREE
2019-04-11 23:15:08 +03:00
bf2a5e6e54
Bug 1500533 - Ensure that TLS session resumption tickets are only consumed if the channel isn't isolated by anti-tracking checks; r=michal,baku
...
Differential Revision: https://phabricator.services.mozilla.com/D26996
--HG--
extra : moz-landing-system : lando
2019-04-11 18:36:16 +00:00
0f33068ca0
Bug 1483626 - Checks if subjectAltNames has elements that are not empty string, and if it has them, they will be remove, preventing incomplete r=johannh
...
messages to show to the user. r=johannh
Differential Revision: https://phabricator.services.mozilla.com/D21796
--HG--
extra : moz-landing-system : lando
2019-03-14 15:45:55 +00:00
cd3d3a8ab7
Bug 1456089 - Make a tutorial out of the genpgocerts.py README. r=jcj
...
Differential Revision: https://phabricator.services.mozilla.com/D20178
--HG--
extra : moz-landing-system : lando
2019-02-25 21:06:41 +00:00
731692a30b
Bug 1522565 - Tests for cryptominers and fingerprinters sub-panels. r=nhnt11
...
Differential Revision: https://phabricator.services.mozilla.com/D18827
--HG--
extra : rebase_source : f1e874a43c204f807259cc5249d4e872e25fba26
2019-02-06 14:12:20 +01:00
c03a82f8b5
Bug 1525191 - Regenerate certs CLOSED TREE a=tomprince
...
Differential Revision: https://phabricator.services.mozilla.com/D18632
--HG--
extra : amend_source : 028e3e34ede69bc05f9f8ea147bee02a4e9e2de5
2019-02-04 17:09:59 -08:00
dda53de0ba
Bug 1501991 - Add a sub-panel for Trackers in the control center. r=Ehsan,Jamie
...
Differential Revision: https://phabricator.services.mozilla.com/D11611
--HG--
extra : rebase_source : eebb084d0fed7a66b0dc5bbe7bc5e06b040a0275
extra : amend_source : f8070e363841ad3d9b2418920e0f695c906de105
2018-11-06 20:29:10 +01:00
d1b2c17c02
Backed out changeset eb21007e7da0 (bug 1501991) for geckoview failures on several tests.
2018-11-17 02:18:03 +02:00
624a3d5172
Bug 1501991 - Add a sub-panel for Trackers in the control center. r=Jamie,Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D11611
--HG--
extra : moz-landing-system : lando
2018-11-16 22:34:07 +00:00
Julian Descottes
Dana Keeler
Narcis Beleuzu
Kershaw Chang
Marian-Vasile Laza
Sebastian Hengst
Tim Huang
Cosmin Sabou
John Schanck
Butkovits Atila
Christoph Kerschbaumer
lyavor
leli
Aki Sasaki
Valentin Gosu
Moritz Birghan
prathiksha
Dorel Luca
Arthur Iakab
Lupita Arroyo
J.C. Jones
Nihanth Subramanya
Kevin Jacobs
Ehsan Akhgari
Oana Pop Rus
Carolina Jimenez Gomez
Johann Hofmann
Wes Kocher