Phil Ringnalda
c456d08848
Merge m-i to m-c, a=merge
2015-02-07 08:45:54 -08:00
ffxbld
a14db61a3f
No bug, Automated HPKP preload list update from host bld-linux64-spot-075 - a=hpkp-update
2015-02-07 03:24:40 -08:00
ffxbld
ae1fda75a2
No bug, Automated HSTS preload list update from host bld-linux64-spot-075 - a=hsts-update
2015-02-07 03:24:38 -08:00
Bob Owen
1a4af9dc4c
Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg
2015-01-30 17:48:15 +00:00
Masatoshi Kimura
562649fe82
Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler
2015-02-07 13:03:23 +09:00
Nicholas Nethercote
d34f0301b8
Bug 1127201 (part 2) - Convert all NS_ABORT_IF_FALSE calls to MOZ_ASSERT. r=Waldo.
...
--HG--
extra : rebase_source : 99182e70335d2b5ff95f8c528ae992d37294be3a
2015-02-04 20:05:36 -08:00
Masatoshi Kimura
21dab1da42
Bug 1128763 - Do insecure fallback after PR_CONNECT_RESET_ERROR for whitelisted sites only. r=keeler
2015-02-05 22:02:32 +09:00
Masatoshi Kimura
6fbc2ae89f
Bug 1116891 - Do fallback with RC4 cipher suites after PR_CONNECT_RESET_ERROR. r=bsmith
2015-02-05 22:02:31 +09:00
Masatoshi Kimura
b99b9fe12a
Bug 1127285 - Remove unused fallback reasons. r=keeler
2015-02-05 22:02:31 +09:00
Cykesiopka
03f599fcf0
Bug 1128917 - Replace getp12password.xul with a call to nsIPromptService::PromptPassword(). r=keeler
...
--HG--
extra : rebase_source : a92f80292395cbc9105cf9564f6f5005da2ff582
2015-02-05 03:28:00 +01:00
TheKK
3cda0706de
Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
2015-01-23 06:17:00 +01:00
Nicholas Nethercote
b5913e0b3d
Bug 1050035 (part 4) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj.
...
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.
--HG--
extra : rebase_source : eeba14d732077ef2e412f4caca852de6b6b85f55
2015-02-02 14:48:58 -08:00
Nicholas Nethercote
9a36fdbde4
Bug 1050035 (part 2) - Remove the fallible version of PL_DHashTableInit(). r=froydnj,mrbkap.
...
Because it's no longer needed now that entry storage isn't allocated there.
(The other possible causes of failures are much less interesting and simply
crashing is a reasonable thing to do for them.)
This also makes PL_DNewHashTable() infallible.
--HG--
extra : rebase_source : 848cc9bbdfe434525857183b8370d309f3acbf49
2015-02-01 20:19:08 -08:00
David Keeler
dcc3953291
bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa
...
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
2015-01-15 11:01:10 -08:00
Cykesiopka
caa1e7521a
Bug 78808 - Enable Cert Manager buttons only when they would have an effect. Original patch by Scott Johnson. r=keeler
2015-01-31 14:20:00 +01:00
Mike Hommey
a35dbaeebf
Bug 1126593 - Add a global fallible instance, so that using fallible works directly, everywhere. r=njn
...
--HG--
rename : memory/mozalloc/fallible.h => memory/fallible/fallible.h
2015-02-02 09:56:13 +09:00
Andrew McCreight
d3826daa16
Back out Bug 1127201 (part 2) for various problems.
2015-02-06 15:04:32 -08:00
Cykesiopka
eb24c24fb9
Bug 968560 - Return distinct error codes for certificates that are not valid yet, in mozilla::pkix. r=keeler
...
--HG--
extra : rebase_source : de63f37cdef477d96c1aef8253feca7013ba3bfd
2015-02-06 11:18:20 -08:00
Cykesiopka
06973aee53
Bug 968560 - Add missing Not-Yet-Valid cert override tests. r=dkeeler
...
--HG--
extra : rebase_source : 15d2774ad604561639306bb91134f6f63967e105
2015-02-06 11:18:04 -08:00
Phil Ringnalda
c408ae1430
Merge m-c to m-i
2015-01-31 09:13:30 -08:00
Masatoshi Kimura
f34f010bc1
backout 3d4d4a91f29a (bug 1102632) as some web pages can no longer connect without enabling SSLv3
2015-01-31 22:16:48 +09:00
ffxbld
5a3089ce04
No bug, Automated HPKP preload list update from host bld-linux64-spot-015 - a=hpkp-update
2015-01-31 03:38:09 -08:00
ffxbld
f0761aa2b1
No bug, Automated HSTS preload list update from host bld-linux64-spot-015 - a=hsts-update
2015-01-31 03:38:07 -08:00
Wes Kocher
f62801541d
Merge fx-team to m-c a=merge CLOSED TREE
2015-01-29 15:27:17 -08:00
Carsten "Tomcat" Book
dcda8a64d4
Merge mozilla-central to fx-team
2015-01-29 16:20:17 +01:00
Masatoshi Kimura
bf88ffa183
Bug 1123020 - Remove options to allow unrestricted renegotiation. r=keeler
2015-01-29 21:04:26 +09:00
Gijs Kruitbosch
36e608ec65
Bug 1126675 - indicate missing issuerName or subjectName as empty string, r=keeler
2015-01-28 15:42:41 +00:00
Bob Owen
183a6391ad
Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy
2015-01-29 08:13:07 +00:00
David Keeler
718bcfa712
backout cd0ec3afca5a (bug 832837) for mochitest bustage
2015-01-30 11:25:24 -08:00
David Keeler
11b9c65608
bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa
...
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
2015-01-15 11:01:10 -08:00
Kai Engert
a98467ac06
Bug 1107731 - Upgrade Mozilla 36 and 37 to use NSS 3.17.4, mark release candidate as RTM, DONTBUILD
2015-01-28 20:49:21 +01:00
Masatoshi Kimura
4e8a902fda
Bug 1114816 - Implement TLS intolerance fallback whitelist. r=keeler
2015-01-29 03:52:42 +09:00
Bob Owen
f82c430a64
Bug 1125865: Only log Windows sandbox violations to console when nsContentUtils is initialized. r=bbondy
2015-01-28 11:21:24 +00:00
Cykesiopka
ad8382e07c
Bug 1125478 - Refactor and clean up key size test files. r=keeler
2015-01-27 22:11:00 +01:00
Nicholas Nethercote
3163cfc2c1
Bug 1124973 (part 2) - Introduce PL_DHashTableSearch(), and replace most PL_DHashTableLookup() calls with it. r=froydnj.
...
It feels safer to use a function with a new name, rather than just changing the
behaviour of the existing function.
For most of these cases the PL_DHashTableLookup() result was checked with
PL_DHASH_ENTRY_IS_{FREE,BUSY} so the conversion was easy. A few of them
preceded that check with a useless null check, but the intent of these was
still easy to determine.
I'll do the trickier ones in subsequent patches.
--HG--
extra : rebase_source : ab37a7a30be563861ded8631771181aacf054fd4
2015-01-22 21:06:55 -08:00
David Keeler
3752aec566
bug 1125503 - when canonicalizing hostnames, check string length before calling Last() r=mmc
...
--HG--
extra : amend_source : 9d07347f76b4d6b2fd1ab77f7025043575c3b4f9
2015-01-26 12:47:50 -08:00
Ehsan Akhgari
b28b423c32
Bug 1126128 - Mark TestTrustDomain::VerifySignedData as override; r=bsmith
2015-01-27 08:33:24 -05:00
Cykesiopka
3584ed3e5f
Bug 691148 - Remove unused strings from pipnss.properties. r=keeler
2015-01-26 21:30:00 +01:00
Chris Peterson
41af2cb673
Bug 1125592 - Fix -Wmaybe-uninitialized warning in security/manager/ssl/src/nsNSSASN1Object.cpp. r=dkeeler
2015-01-23 22:58:43 -08:00
Ehsan Akhgari
d080be3549
Backed out changeset 45921e3d9773 (bug 1117034) because of build bustage on a CLOSED TREE
2015-01-26 21:52:40 -05:00
Ehsan Akhgari
56e3b70f4e
Bug 1117034 - Mark some overridden functions in the tree as override
2015-01-26 21:14:12 -05:00
David Keeler
1cd331c2e4
bug 1125261
- mozilla::pkix: handle comparing single, relative labels with wildcards r=briansmith
...
e.g. handle comparing "localhost" with "*.example.com"
2015-01-23 15:56:53 -08:00
Daniel Holbert
4137bc060d
Bug 1125673: Mark method 'FindIssuer' as 'override' in pkixocsp_VerifyEncodedOCSPResponse.cpp, to fix clang warning. r=briansmith
2015-01-26 10:40:07 -08:00
Bob Owen
9bff5f0ad0
Bug 1094370: Use the USER_LOCKDOWN access token for GMP processes. r=aklotz
2015-01-26 10:14:39 +00:00
Phil Ringnalda
a2c9403154
Merge m-i to m-c, a=merge
2015-01-24 08:27:17 -08:00
ffxbld
c0a485d057
No bug, Automated HPKP preload list update from host bld-linux64-spot-127 - a=hpkp-update
2015-01-24 03:27:50 -08:00
ffxbld
ecf187e0ce
No bug, Automated HSTS preload list update from host bld-linux64-spot-127 - a=hsts-update
2015-01-24 03:27:48 -08:00
Bob Owen
2d09aed7ed
Bug 1123245 Part 2: Use the USER_NON_ADMIN access token level for Windows NPAPI processes. r=tabraldes
2015-01-23 08:32:21 +00:00
Bob Owen
f6a727b6c9
Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes
2015-01-23 08:32:20 +00:00
Cykesiopka
0dff21f2ae
Bug 1077790 - Tests. r=keeler
...
--HG--
extra : rebase_source : c1f058a4d235651667b0cb7e84325bbc3d902966
2015-01-22 13:50:06 -08:00