This patch adds resumed attribute to nsISSLSocketControl, which is needed in tests that check SSL resumption (e.g. bug 1500533).
Differential Revision: https://phabricator.services.mozilla.com/D26597
--HG--
extra : moz-landing-system : lando
- modify line wrap up to 80 chars; (tw=80)
- modify size of tab to 2 chars everywhere; (sts=2, sw=2)
--HG--
extra : rebase_source : 7eedce0311b340c9a5a1265dc42d3121cc0f32a0
extra : amend_source : 9cb4ffdd5005f5c4c14172390dd00b04b2066cd7
Move all fields of nsISSLStatus to nsITransportSecurityProvider
Remove nsISSLStatus interface and definition
Update all code and test references to nsISSLStatus
Maintain ability to read in older version of serialized nsISSLStatus. This
is verified with psm_DeserializeCert gtest.
Differential Revision: https://phabricator.services.mozilla.com/D3704
--HG--
extra : moz-landing-system : lando
Move all fields of nsISSLStatus to nsITransportSecurityProvider
Remove nsISSLStatus interface and definition
Update all code and test references to nsISSLStatus
Maintain ability to read in older version of serialized nsISSLStatus. This
is verified with psm_DeserializeCert gtest.
Differential Revision: https://phabricator.services.mozilla.com/D3704
--HG--
extra : moz-landing-system : lando
- Access nsISSLStatus directly as a member of nsITransportSecurityInfo
and nsISecureBrowserUI. This is part of a larger effort to consolidate
nsISSLStatus and nsITransportSecurityInfo.
- The TabParent implementation of GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: Dzy6t2zYljL
--HG--
extra : rebase_source : 9c400bed3c9d29a186fc987c9bd0ffceb37bfd94
- Access nsISSLStatus directly as a member of nsITransportSecurityInfo
and nsISecureBrowserUI. This is part of a larger effort to consolidate
nsISSLStatus and nsITransportSecurityInfo.
- The TabParent implementation of GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: Dzy6t2zYljL
--HG--
extra : rebase_source : fbfbcf7608efbfb35c9be4018ff0f4e70b2768d2
- Access nsISSLStatus directly as a member of nsITransportSecurityInfo
and nsISecureBrowserUI. This is part of a larger effort to consolidate
nsISSLStatus and nsITransportSecurityInfo.
- The TabParent implementation of GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: Dzy6t2zYljL
--HG--
extra : rebase_source : b15f75e39d04c8485b4eb63416fd1f1e4175fafe
This patch is an automatic replacement of s/NS_NOTREACHED/MOZ_ASSERT_UNREACHABLE/. Reindenting long lines and whitespace fixups follow in patch 6b.
MozReview-Commit-ID: 5UQVHElSpCr
--HG--
extra : rebase_source : 4c1b2fc32b269342f07639266b64941e2270e9c4
extra : source : 907543f6eae716f23a6de52b1ffb1c82908d158a
This was done automatically replacing:
s/mozilla::Move/std::move/
s/ Move(/ std::move(/
s/(Move(/(std::move(/
Removing the 'using mozilla::Move;' lines.
And then with a few manual fixups, see the bug for the split series..
MozReview-Commit-ID: Jxze3adipUh
This patch moves all TLS error string handling to the frontend.
Dev-tools doesn't show the same error code as the page does anymore but only the error code as string.
All logging of these error messages has been removed.
Bug #: 1415279
Differential Revision: https://phabricator.services.mozilla.com/D607
--HG--
extra : rebase_source : 61e2d94cb21ef4c02b81448531609205c85a9707
The initialization path for the SOCKS proxy in firefox involves creating
a generic AF_INET socket, and then replacing it if the actual
configuration requires something else (either AF_INET6 or AF_LOCAL).
With syscall filtering configured to return an error in the event of
AF_INET or AF_INET6 socket creation, this initialization path fails. We
would like this capability so that we can prevent firefox from making
network requests outside of the Tor proxy.
This patch adds a check in the initial socket creation path to see if
the SOCKS proxy host begins with file:// with the assumption that such
URIs point to a UNIX Domain Socket (on Linux+macOS only). In that case,
we create an AF_LOCAL socket rather than the requested type. A similar
check for Windows already exists to determine if the proxy is actually a
named pipe.
In the subsequent replacing step no work occurs as the passed in socket
matches the type we need, so no changes need to be made there.
NOTE: With this change there is still a one-time request for an AF_INET6
socket that occurs. This code path exists to determine whether the
system supports IPv6; if socket(AF_INET6...) fails then it is assumed
that the system does not. However, this check only affects code that is
unreachable when using AF_LOCAL sockets so it seems safe leave as it is.
However, this does mean that firefox will still be incompatible with
seccomp policies which kill the calling thread in the event of a
socket(AF_INET6,...) call.
We should not be declaring forward declarations for nsString classes directly,
instead we should use nsStringFwd.h. This will make changing the underlying
types easier.
--HG--
extra : rebase_source : b2c7554e8632f078167ff2f609392e63a136c299
This flags is added in the http channel interface by which developers can control the TLS
connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for
plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS
module. We also added a unit test to make sure that separate connections are created if we
use different tlsFlags. Basically we used a concrete set of flag values that covers the
edge cases and check the hashkey generated in the connection info.
--HG--
rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
It's silly to use prmem.h within Firefox code given that in our configuration
its functions are just wrappers for malloc() et al. (Indeed, in some places we
mix PR_Malloc() with free(), or malloc() with PR_Free().)
This patch removes all uses, except for the places where we need to use
PR_Free() to free something allocated by another NSPR function; in those cases
I've added a comment explaining which function did the allocation.
--HG--
extra : rebase_source : 0f781bca68b5bf3c4c191e09e277dfc8becffa09
Sylvestre Ledru
Michal Novotny
Tooru Fujisawa
Benjamin Bouvier
Boris Zbarsky
Ehsan Akhgari
Dragana Damjanovic
Gurzau Raul
Noemi Erli
Dipen Patel
Csoregi Natalia
Andreea Pavel
shindli
Chris Peterson
Andi-Bogdan Postelnicu
Emilio Cobos Álvarez
Sebastian Hengst
Tristan Bourvon
Franziskus Kiefer
Richard Pospesel
Honza Bambas
Patrick McManus
Arthur Edelstein
Tom Ritter
Kris Maglione
Valentin Gosu
Eric Rahm
Sajjad Arshad
Nicholas Nethercote
Bill McCloskey
Carsten "Tomcat" Book