c456d08848
Merge m-i to m-c, a=merge
2015-02-07 08:45:54 -08:00
a14db61a3f
No bug, Automated HPKP preload list update from host bld-linux64-spot-075 - a=hpkp-update
2015-02-07 03:24:40 -08:00
ae1fda75a2
No bug, Automated HSTS preload list update from host bld-linux64-spot-075 - a=hsts-update
2015-02-07 03:24:38 -08:00
1a4af9dc4c
Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg
2015-01-30 17:48:15 +00:00
562649fe82
Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler
2015-02-07 13:03:23 +09:00
d34f0301b8
Bug 1127201 (part 2) - Convert all NS_ABORT_IF_FALSE calls to MOZ_ASSERT. r=Waldo.
...
--HG--
extra : rebase_source : 99182e70335d2b5ff95f8c528ae992d37294be3a
2015-02-04 20:05:36 -08:00
21dab1da42
Bug 1128763 - Do insecure fallback after PR_CONNECT_RESET_ERROR for whitelisted sites only. r=keeler
2015-02-05 22:02:32 +09:00
6fbc2ae89f
Bug 1116891 - Do fallback with RC4 cipher suites after PR_CONNECT_RESET_ERROR. r=bsmith
2015-02-05 22:02:31 +09:00
b99b9fe12a
Bug 1127285 - Remove unused fallback reasons. r=keeler
2015-02-05 22:02:31 +09:00
03f599fcf0
Bug 1128917 - Replace getp12password.xul with a call to nsIPromptService::PromptPassword(). r=keeler
...
--HG--
extra : rebase_source : a92f80292395cbc9105cf9564f6f5005da2ff582
2015-02-05 03:28:00 +01:00
3cda0706de
Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
2015-01-23 06:17:00 +01:00
b5913e0b3d
Bug 1050035 (part 4) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj.
...
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.
--HG--
extra : rebase_source : eeba14d732077ef2e412f4caca852de6b6b85f55
2015-02-02 14:48:58 -08:00
9a36fdbde4
Bug 1050035 (part 2) - Remove the fallible version of PL_DHashTableInit(). r=froydnj,mrbkap.
...
Because it's no longer needed now that entry storage isn't allocated there.
(The other possible causes of failures are much less interesting and simply
crashing is a reasonable thing to do for them.)
This also makes PL_DNewHashTable() infallible.
--HG--
extra : rebase_source : 848cc9bbdfe434525857183b8370d309f3acbf49
2015-02-01 20:19:08 -08:00
dcc3953291
bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa
...
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
2015-01-15 11:01:10 -08:00
caa1e7521a
Bug 78808 - Enable Cert Manager buttons only when they would have an effect. Original patch by Scott Johnson. r=keeler
2015-01-31 14:20:00 +01:00
a35dbaeebf
Bug 1126593 - Add a global fallible instance, so that using fallible works directly, everywhere. r=njn
...
--HG--
rename : memory/mozalloc/fallible.h => memory/fallible/fallible.h
2015-02-02 09:56:13 +09:00
d3826daa16
Back out Bug 1127201 (part 2) for various problems.
2015-02-06 15:04:32 -08:00
eb24c24fb9
Bug 968560 - Return distinct error codes for certificates that are not valid yet, in mozilla::pkix. r=keeler
...
--HG--
extra : rebase_source : de63f37cdef477d96c1aef8253feca7013ba3bfd
2015-02-06 11:18:20 -08:00
06973aee53
Bug 968560 - Add missing Not-Yet-Valid cert override tests. r=dkeeler
...
--HG--
extra : rebase_source : 15d2774ad604561639306bb91134f6f63967e105
2015-02-06 11:18:04 -08:00
c408ae1430
Merge m-c to m-i
2015-01-31 09:13:30 -08:00
f34f010bc1
backout 3d4d4a91f29a (bug 1102632) as some web pages can no longer connect without enabling SSLv3
2015-01-31 22:16:48 +09:00
5a3089ce04
No bug, Automated HPKP preload list update from host bld-linux64-spot-015 - a=hpkp-update
2015-01-31 03:38:09 -08:00
f0761aa2b1
No bug, Automated HSTS preload list update from host bld-linux64-spot-015 - a=hsts-update
2015-01-31 03:38:07 -08:00
f62801541d
Merge fx-team to m-c a=merge CLOSED TREE
2015-01-29 15:27:17 -08:00
dcda8a64d4
Merge mozilla-central to fx-team
2015-01-29 16:20:17 +01:00
bf88ffa183
Bug 1123020 - Remove options to allow unrestricted renegotiation. r=keeler
2015-01-29 21:04:26 +09:00
36e608ec65
Bug 1126675 - indicate missing issuerName or subjectName as empty string, r=keeler
2015-01-28 15:42:41 +00:00
183a6391ad
Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy
2015-01-29 08:13:07 +00:00
718bcfa712
backout cd0ec3afca5a (bug 832837) for mochitest bustage
2015-01-30 11:25:24 -08:00
11b9c65608
bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa
...
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
2015-01-15 11:01:10 -08:00
a98467ac06
Bug 1107731 - Upgrade Mozilla 36 and 37 to use NSS 3.17.4, mark release candidate as RTM, DONTBUILD
2015-01-28 20:49:21 +01:00
4e8a902fda
Bug 1114816 - Implement TLS intolerance fallback whitelist. r=keeler
2015-01-29 03:52:42 +09:00
f82c430a64
Bug 1125865: Only log Windows sandbox violations to console when nsContentUtils is initialized. r=bbondy
2015-01-28 11:21:24 +00:00
ad8382e07c
Bug 1125478 - Refactor and clean up key size test files. r=keeler
2015-01-27 22:11:00 +01:00
3163cfc2c1
Bug 1124973 (part 2) - Introduce PL_DHashTableSearch(), and replace most PL_DHashTableLookup() calls with it. r=froydnj.
...
It feels safer to use a function with a new name, rather than just changing the
behaviour of the existing function.
For most of these cases the PL_DHashTableLookup() result was checked with
PL_DHASH_ENTRY_IS_{FREE,BUSY} so the conversion was easy. A few of them
preceded that check with a useless null check, but the intent of these was
still easy to determine.
I'll do the trickier ones in subsequent patches.
--HG--
extra : rebase_source : ab37a7a30be563861ded8631771181aacf054fd4
2015-01-22 21:06:55 -08:00
3752aec566
bug 1125503 - when canonicalizing hostnames, check string length before calling Last() r=mmc
...
--HG--
extra : amend_source : 9d07347f76b4d6b2fd1ab77f7025043575c3b4f9
2015-01-26 12:47:50 -08:00
b28b423c32
Bug 1126128 - Mark TestTrustDomain::VerifySignedData as override; r=bsmith
2015-01-27 08:33:24 -05:00
3584ed3e5f
Bug 691148 - Remove unused strings from pipnss.properties. r=keeler
2015-01-26 21:30:00 +01:00
41af2cb673
Bug 1125592 - Fix -Wmaybe-uninitialized warning in security/manager/ssl/src/nsNSSASN1Object.cpp. r=dkeeler
2015-01-23 22:58:43 -08:00
d080be3549
Backed out changeset 45921e3d9773 (bug 1117034) because of build bustage on a CLOSED TREE
2015-01-26 21:52:40 -05:00
56e3b70f4e
Bug 1117034 - Mark some overridden functions in the tree as override
2015-01-26 21:14:12 -05:00
1cd331c2e4
bug 1125261 - mozilla::pkix: handle comparing single, relative labels with wildcards r=briansmith
...
e.g. handle comparing "localhost" with "*.example.com"
2015-01-23 15:56:53 -08:00
4137bc060d
Bug 1125673: Mark method 'FindIssuer' as 'override' in pkixocsp_VerifyEncodedOCSPResponse.cpp, to fix clang warning. r=briansmith
2015-01-26 10:40:07 -08:00
9bff5f0ad0
Bug 1094370: Use the USER_LOCKDOWN access token for GMP processes. r=aklotz
2015-01-26 10:14:39 +00:00
a2c9403154
Merge m-i to m-c, a=merge
2015-01-24 08:27:17 -08:00
c0a485d057
No bug, Automated HPKP preload list update from host bld-linux64-spot-127 - a=hpkp-update
2015-01-24 03:27:50 -08:00
ecf187e0ce
No bug, Automated HSTS preload list update from host bld-linux64-spot-127 - a=hsts-update
2015-01-24 03:27:48 -08:00
2d09aed7ed
Bug 1123245 Part 2: Use the USER_NON_ADMIN access token level for Windows NPAPI processes. r=tabraldes
2015-01-23 08:32:21 +00:00
f6a727b6c9
Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes
2015-01-23 08:32:20 +00:00
0dff21f2ae
Bug 1077790 - Tests. r=keeler
...
--HG--
extra : rebase_source : c1f058a4d235651667b0cb7e84325bbc3d902966
2015-01-22 13:50:06 -08:00
Phil Ringnalda
ffxbld
Bob Owen
Masatoshi Kimura
Nicholas Nethercote
Cykesiopka
TheKK
David Keeler
Mike Hommey
Andrew McCreight
Wes Kocher
Carsten "Tomcat" Book
Gijs Kruitbosch
Kai Engert
Ehsan Akhgari
Chris Peterson
Daniel Holbert