345b36dfd5
Backed out changeset ec63befb3ad7 (bug 1041775)
2014-11-20 16:11:12 +01:00
0100273df4
Backed out changeset ebe866ff8a44 (bug 1041775)
2014-11-20 16:11:06 +01:00
3cd3e496aa
bug 1079436 - fix validThrough as returned by VerifyEncodedOCSPResponse r=briansmith
...
validThrough should now be the time through which, if passed in as the given
time to validate an OCSP response at, VerifyEncodedOCSPResponse will still
consider it trustworthy. After that time, it will be expired. This makes it
so the OCSP cache compares validity period responses consistently with
mozilla::pkix.
2014-11-21 10:43:43 -08:00
e5b2da099b
Bug 1041775 Part 3: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
...
Originally landed as changsets:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
9559e348ee
Bug 1041775 Part 2: Re-apply warn only sandbox changes to Chromium code after merge. r=tabraldes
...
Originally landed as changsets:
https://hg.mozilla.org/mozilla-central/rev/e7eef85c1b0a
https://hg.mozilla.org/mozilla-central/rev/8d0aca89e1b2
2014-11-18 15:09:55 +00:00
af79dfc438
Bug 1041775 Part 1: Update Chromium sandbox code to commit 9522fad406dd161400daa518075828e47bd47f60. r=jld,aklotz
...
--HG--
rename : security/sandbox/chromium/sandbox/linux/sandbox_export.h => security/sandbox/chromium/sandbox/sandbox_export.h
2014-11-18 13:48:21 +00:00
ab80d0c717
bug 1091232 - update PSM data structures that are affected by root CA changes r=mmc
2014-11-18 16:41:18 -08:00
7531911bed
Bug 1089305 - Switch EV tests to SQL DB and partially clean up scripts. r=keeler
2014-11-17 21:12:00 +01:00
419fa97eb6
Bug 1092606: Filter out duplicate pinsets as well as domains (r=keeler)
2014-11-17 12:54:42 -08:00
63ef926a61
Bug 1088969 - Upgrade Mozilla 36 to use NSS 3.18 - NSS_3_18_BETA2
2014-11-17 14:57:45 +01:00
ff26474af6
Bug 1084606 - Allow overrides for MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE. r=dkeeler
2014-11-11 00:59:00 +01:00
17920b30c8
Merge inbound to m-c; a=merge
...
--HG--
extra : amend_source : 2e89bf359e356566aee6b04bb864979539e1c90d
2014-11-15 13:57:08 -08:00
4bccbd33d3
No bug, Automated HPKP preload list update from host b-linux64-ix-0011 - a=hpkp-update
2014-11-15 03:21:19 -08:00
1ffd463d9d
No bug, Automated HSTS preload list update from host b-linux64-ix-0011 - a=hsts-update
2014-11-15 03:21:16 -08:00
ceaa910cc6
bug 940994 - follow-up to fix some issues that were missed in review r=mmc
2014-11-14 16:46:23 -08:00
f991b325aa
Bug 1098288: Enable pinning on spideroak (r=keeler)
2014-11-14 11:17:40 -08:00
6887042777
Bug 1094495 - Disable C4480 in security/pkix. r=keeler
2014-11-12 07:41:42 +09:00
36057e75f9
Bug 1057035 - Fix terminology used in the certificate exception dialog. r=keeler
2014-10-27 21:06:00 -04:00
6a185fd3d7
Bug 1093595 - Change strings to add a description about weak encryption. r=dolske
2014-11-11 07:29:44 +09:00
9a7fd683bc
Bug 1093595 - Treat SSL3 and RC4 as broken. r=keeler
2014-11-11 07:29:44 +09:00
2f5bf545b6
merge mozilla-inbound to mozilla-central a=merge
2014-11-10 14:24:51 +01:00
c53adb3b3f
No bug, Automated HPKP preload list update from host bld-linux64-spot-144 - a=hpkp-update
2014-11-08 03:20:20 -08:00
52c804c4de
No bug, Automated HSTS preload list update from host bld-linux64-spot-144 - a=hsts-update
2014-11-08 03:20:17 -08:00
a89f219bef
Bug 1030135: Promote pin for services.mozilla.com to production mode (r=keeler)
2014-11-07 12:00:50 -08:00
cfb6b6200c
Bug 940994 - Adding '.p7b' to 'known file types' list of 'Certificate Manager'. r=keeler
2014-10-07 14:30:00 +02:00
ba22404db5
Bug 1095926 - Fix -Wcomment warning in OCSP test and mark some OCSP tests as FAIL_ON_WARNINGS. r=briansmith
2014-10-11 20:13:45 -07:00
926bf1ca5d
Bug 1090913 - Make mochitests fail when it has 0 passes and 0 fails r=jmaher
2014-11-05 16:00:52 +00:00
59573e5f85
Bug 1077057 - Expose Linux sandboxing information to JS via nsSystemInfo. r=kang r=froydnj
...
This adds "hasSeccompBPF" for seccomp-bpf support; other "has" keys
will be added in the future (e.g., user namespaces).
This also adds "canSandboxContent" and "canSandboxMedia", which are
absent if the corresponding type of sandboxing isn't enabled at build
type (or is disabled with environment variables), and otherwise present
as a boolean indicating whether that type of sandboxing is supported.
Currently this is always the same as hasSeccompBPF, but that could change
in the future.
Some changes have been made to the "mozilla/Sandbox.h" interface to
support this; the idea is that the MOZ_DISABLE_*_SANDBOX environment
variables should be equivalent to disabling MOZ_*_SANDBOX at build time.
2014-11-06 13:11:00 +01:00
fc748d0372
bug 1039642 - follow-up to fix non-unified build bustage (missing include and namespace) r=bustage a=metered
2014-11-06 14:23:21 -08:00
1218b5626e
bug 1039642 - clean up the implementation of nsPkcs11 for style and safety r=jcj r=mmc a=metered
2014-11-05 14:05:46 -08:00
25ee944cea
bug 1039642 - test that smart card events are no longer emitted after removing a PKCS#11 module r=jcj r=mmc a=metered
...
--HG--
rename : security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js => security/manager/ssl/tests/unit/test_pkcs11_no_events_after_removal.js
2014-11-05 13:54:21 -08:00
2a4f463dac
bug 1039642 - stop PKCS#11 module threads before deleting them r=jcj r=mmc a=metered
2014-11-05 13:53:28 -08:00
e6ede214a5
Bug 1093893 - Fix B2G sandbox for ICS Bionic pthread_kill(). r=kang
2014-11-06 11:04:14 -08:00
312462d737
Bug 1092710 - Fix -Wunused-const-variable warning-as-error in non-unified security/certverifier. r=keeler
...
--HG--
extra : rebase_source : c13f7e565c8459263191f9bb16d4221b6f163443
2014-11-01 12:14:41 -07:00
78d081c21d
Bug 1087213 - Implenent bind function in nsNSSIOLayer. r=honza
2014-10-22 02:06:00 +02:00
d68cf9f6e1
Bug 1004781: Remove unnecessary cert for facebook (r=keeler)
2014-11-04 10:54:26 -08:00
eeb4a7f756
Bug 1092606: Don't import Chromium pinsets for domains that are already in our list (r=keeler,jcj)
2014-11-04 10:53:52 -08:00
98fef4165e
bug 1079658 - follow-up bustage fix (unnecessary multi-line C++-style comment) r=bustage on a CLOSED TREE
2014-11-03 13:48:48 -08:00
cd0d5fbdc0
bug 1079658 - check for the id-pkix-ocsp-nocheck extension when decoding certificates r=briansmith
2014-11-03 11:35:15 -08:00
5cc944a89b
Bug 1076903: Add a Chromium LICENSE file to security/sandbox/win/src. r=gerv
2014-11-03 15:34:26 +00:00
4a7b70b334
Bug 1092028 - Fix -Wunused-const-variable warning-as-error in security/pkix/test/gtest. r=bsmith
2014-10-30 23:17:27 -07:00
cd1c581c5d
No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update
2014-11-01 03:19:47 -07:00
5c654c7c4c
No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update
2014-11-01 03:19:44 -07:00
6f9b6ed2cf
Bug 846489 - Part 1 - Expose error code on TransportSecurityInfo. r=keeler
2014-10-30 12:50:00 +01:00
b82ba6feba
Backed out changeset 5fb2f4662098 (bug 846498) for wrong bug number in commit message
2014-10-31 10:03:53 +01:00
bcda188339
Bug 1088915 - Stop offering RC4 in the first handshakes. r=keeler
2014-10-22 01:11:29 +09:00
2b45a125ae
Bug 947149 - Remove useless and even misleading word and dead code. r=keeler, dolske
2014-10-30 15:22:00 +01:00
d7c1f641cc
Bug 846498 - Expose error code on TransportSecurityInfo. r=keeler
2014-10-30 12:50:00 +01:00
2d31127cff
Reland Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : 3a5e3bc2e113035e9c88b571bac68f3dbe2c8f04
2014-10-28 15:28:38 -07:00
774861532b
Bug 1089104: Add support for TeletexString-encoded CN-IDs to CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : 320794deae857a574f509b7277ea64576abd37b3
2014-10-29 17:19:45 -07:00
228f03d6d1
Bug 1089393: Fix hex excape sequences ('\0x' -> '\x') in pkixnames_tests.cpp, r=mmc
...
--HG--
extra : rebase_source : a0136045ce9b957976f8eb2ef8ad6c9eae0a8ad7
2014-10-26 11:29:42 -07:00
3e0f2fd921
Bug 1004781: Actually remove the pinset (r=keeler)
2014-10-30 16:21:09 -07:00
1e19be7e65
Bug 1004781: Remove our pinset for facebook since it's in chromium now (r=keeler)
2014-10-30 16:14:19 -07:00
07d210cc76
bug 1085509 - follow-up to include forgotten Telemetry.h header (non-unified build bustage) r=bustage
2014-10-30 13:12:01 -07:00
2fa7ba1743
bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj
2014-10-29 16:25:16 -07:00
13b42021f6
bug 1085509 - fix nsCertOverrideService so its initialization doesn't depend on NSS r=mmc
2014-10-24 10:46:30 -07:00
436338cb49
Bug 1076385 - Sandbox the content process on Mac. r=smichaud
2014-10-30 13:33:17 -05:00
421fb1a714
Backed out changeset b4665be856d7 (bug 1089305) for frequent b2g/android xpcshell test failures
2014-10-30 15:26:02 +01:00
9c4c923488
Bug 1089305 - Switch EV tests to SQL DB and partially clean up scripts. r=keeler
2014-10-29 11:09:00 +01:00
2656d11288
Bug 1088950 - Adding some testing. r=dkeeler
2014-10-27 17:48:00 +01:00
2aa2c784b9
Bug 1088950 - Fix handling of inappropriate_fallback alert. r=keeler
2014-10-27 17:47:00 +01:00
47c853314f
Bug 1077148 part 4 - Add and use new moz.build templates for Gecko programs and libraries. r=gps
...
There are, sadly, many combinations of linkage in use throughout the tree.
The main differentiator, though, is between program/libraries related to
Gecko or not. Kind of. Some need mozglue, some don't. Some need dependent
linkage, some standalone.
Anyways, these new templates remove the need to manually define the
right dependencies against xpcomglue, nspr, mozalloc and mozglue
in most cases.
Places that build programs and were resetting MOZ_GLUE_PROGRAM_LDFLAGS
or that build libraries and were resetting MOZ_GLUE_LDFLAGS can now
just not use those Gecko-specific templates.
2014-10-30 13:06:12 +09:00
c7e81fdad6
Back out cset 9b72d139e817 (Bug 1063281, Part 9) due to compatibility regressions on a CLOSED TREE, a=ryanvm
...
--HG--
extra : rebase_source : cd9b43c3f66df3c5de337f2013fe61fae798b3ba
2014-10-28 12:30:53 -07:00
98dda84064
Backed out changeset 50650e0f0edf (bug 1085509) for causing perma failure in win7 xperf
2014-10-28 14:10:38 +01:00
b4bfea0bd6
Backed out changeset b591ad43d53e (bug 1085509)
2014-10-28 14:09:44 +01:00
90283cf32b
bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj
2014-10-27 09:32:33 -07:00
84883c42e4
bug 1085509 - fix nsCertOverrideService so its initialization doesn't depend on NSS r=mmc
2014-10-24 10:46:30 -07:00
97c5c90a44
Merge m-i to m-c, a=merge
2014-10-26 09:12:36 -07:00
a92f2bc083
No bug, Automated HPKP preload list update from host bld-linux64-spot-115 - a=hpkp-update
2014-10-25 03:19:28 -07:00
3d5dc9dcf8
No bug, Automated HSTS preload list update from host bld-linux64-spot-115 - a=hsts-update
2014-10-25 03:19:26 -07:00
e8c341b1fd
Bug 1083539: Fix dropped return value check (r=keeler)
2014-10-23 17:07:45 -07:00
0130a12af3
Bug 886752 - Show TLS/SSL version in page info dialog. r=dao
2014-10-24 13:53:35 +02:00
cba793218d
Bug 886752 - Add TLS version to SSLStatus and additional cleanup. r=keeler
2014-10-24 13:53:34 +02:00
9c8e9bee73
Bug 1088969 - Upgrade Mozilla 36 to use NSS 3.18, landing beta 1, r=wtc
2014-10-25 00:34:34 +02:00
5ec3c350dd
Bug 1081242 - Make ASAN's error reporting work while sandboxed on Linux. r=kang
2014-10-21 11:18:00 +02:00
cfc481b264
Bug 1085497: Add Input::size_type, r=mmc
...
--HG--
extra : rebase_source : 098eae9234be99e683c0d44b35e1ec7058a086dd
2014-10-16 18:23:27 -07:00
e93675a04e
Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : 340eb682ba1f9dbd51652438433e7d0196494e1f
2014-09-21 17:43:29 -07:00
6926e8bc53
Bug 1063281, Part 8: Rewrite PresentedDNSIDMatchesReferenceDNSID, r=keeler
...
--HG--
extra : rebase_source : a74e8d89a3ddfe5f6af70f32d31f1dc06600d90a
2014-10-15 19:21:35 -07:00
d7d68e721d
Bug 1063281, Part 7: Implement IsValidPresentedDNSID, r=keeler
...
--HG--
extra : rebase_source : 32d85980d8d486bb806e169a8241256ad57fa9d1
2014-10-16 15:59:34 -07:00
8d32c13ab3
Bug 1083539: Factor out common SEQUENCE unwrapping logic into reusable functions, r=mmc
...
--HG--
extra : rebase_source : 93d669d3cbe178339fe59c1d9345c773b4e238d4
2014-10-14 02:07:08 -07:00
bda4ef165a
Bug 1063281, Part 6: Implement CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : c28fe67d319f64b2efa326fd8649ef529c487c05
2014-10-15 16:10:32 -07:00
72d294039c
Bug 1063281, Part 5: Implement DNS ID matching, r=keeler
...
--HG--
extra : rebase_source : 5221245ce8da065d64a7ff17bdfde0e617562447
2014-09-30 19:40:15 -07:00
149817ebfc
Bug 1063281, Part 4: Implement ParseIPv6Address, r=keeler
...
--HG--
extra : rebase_source : 9a75a81a840591aaf73acd5be4d7ca504b6432e5
2014-09-06 01:10:24 -07:00
0e87ec98c7
Bug 1063281, Part 3: Implement ParseIPv4Address, r=keeler
...
--HG--
extra : rebase_source : fbafcb7573be8fa83036a8fadbfa74938ab7a4a6
2014-09-05 23:20:18 -07:00
4a2c8b5274
Bug 1063281, Part 2: Implement IsValidDNSName, r=keeler
...
--HG--
extra : rebase_source : 202898df26c7321f543ab7aeb222cdc6db67fe0d
2014-09-30 14:41:39 -07:00
3b8c2fc2a8
Bug 1063281, Part 1: Expose moilla::pkix::BackCert::GetSubjectAltName, r=keeler
...
--HG--
extra : rebase_source : c89ae439a21f11fce66a785e8732ca8793d51936
2014-08-17 17:24:20 -07:00
c78d7b0266
backout f69fa3c13d1f (bug 1085509) for causing test_cert_overrides.js to fail
2014-10-23 11:50:17 -07:00
39a7d91875
bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj
2014-10-23 10:10:57 -07:00
918c518e8b
No bug, Automated HPKP preload list update from host bld-linux64-spot-1094 - a=hpkp-update
2014-10-22 14:02:48 -07:00
7c18fd1d5d
No bug, Automated HSTS preload list update from host bld-linux64-spot-1094 - a=hsts-update
2014-10-22 14:02:46 -07:00
46c48f2321
bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB
2014-10-21 15:20:02 -07:00
e4182ac689
Bug 1083058 - Adding pref to control TLS version fallback, r=keeler
...
From af667978f8915e6ebfaf02f8967b3d320d409a24 Mon Sep 17 00:00:00 2001
---
netwerk/base/public/security-prefs.js | 1 +
security/manager/ssl/src/nsNSSIOLayer.cpp | 21 +++++-
security/manager/ssl/src/nsNSSIOLayer.h | 2 +
.../manager/ssl/tests/gtest/TLSIntoleranceTest.cpp | 76 +++++++++++++++++++---
4 files changed, 90 insertions(+), 10 deletions(-)
2014-10-02 16:36:48 -07:00
82a97e04c9
Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang
...
--HG--
extra : amend_source : f80a3a672f5496f76d8649f0c8ab905044ea81ac
2014-10-20 12:29:25 -07:00
db53227352
merge mozilla-inbound to mozilla-central a=merge
2014-10-20 14:34:56 +02:00
0c786b120d
No bug, Automated HPKP preload list update from host bld-linux64-spot-069 - a=hpkp-update
2014-10-18 03:18:53 -07:00
a20f696cba
No bug, Automated HSTS preload list update from host bld-linux64-spot-069 - a=hsts-update
2014-10-18 03:18:51 -07:00
5dcb538c28
Bug 1083325 - Gracefully deal with null ssl status when serializing/deserializing TransportSecurityInfo. r=dkeeler
2014-10-16 14:11:19 -05:00
1c4af4e6a1
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
2014-10-18 15:18:00 +02:00
c30bd575d3
Bug 622859 - Tests for bug 622859. r=briansmith,keeler
2014-10-16 05:22:00 +02:00
12cc245a41
Bug 418354 - update test for bug 455367. Insecure image loads should be considered mixed display content regardless of whether image data was actually returned. r=honzab
2014-10-18 13:21:23 -07:00
8c488b9625
bug 1042889 - test certificate overrides for untrusted x509v1 certificates used as CAs r=mmc
2014-10-15 10:42:13 -07:00
36e798be2b
bug 1042889 - allow overrides for untrusted x509v1 certificates used as CAs r=mmc
2014-10-15 10:39:57 -07:00
0a4f56b330
bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith
2014-10-15 10:38:51 -07:00
64a69cb8af
Bug 1080567: Don't report registry NAME_NOT_FOUND errors for the Windows warn only sandbox. r=tabraldes
2014-10-13 15:12:28 +01:00
e10ee742fd
Bug 1076983 - Disabling SSL 3.0 with pref
2014-10-14 17:17:35 -07:00
1700296f02
Bug 979835: Port BoxObject and its subclasses to WebIDL. r=khuey sr=bz
...
--HG--
rename : layout/xul/nsIPopupBoxObject.idl => dom/webidl/PopupBoxObject.webidl
rename : layout/xul/tree/nsITreeBoxObject.idl => dom/webidl/TreeBoxObject.webidl
rename : layout/xul/nsBoxObject.cpp => layout/xul/BoxObject.cpp
rename : layout/xul/nsBoxObject.h => layout/xul/BoxObject.h
rename : layout/xul/nsListBoxObject.cpp => layout/xul/ListBoxObject.cpp
rename : layout/xul/nsMenuBoxObject.cpp => layout/xul/MenuBoxObject.cpp
rename : layout/xul/nsPopupBoxObject.cpp => layout/xul/PopupBoxObject.cpp
2014-10-14 13:15:21 -07:00
56cddbd763
Bug 1080077 - For sandbox failures with no crash reporter, log the C stack. r=kang
...
This is mostly for ASAN builds, which --disable-crash-reporter, but also
fixes a related papercut: debug builds don't use the crash reporter
unless overridden with an environment variable.
Note: this is Linux-only, so NS_StackWalk is always part of the build;
see also bug 1063455.
2014-10-13 18:48:17 -07:00
951b27b2b0
Bug 1080994 - Build libclearkey without a dependency on mozalloc or mozglue. r=dkeeler,r=cpearce
2014-10-14 07:13:25 +09:00
20095be902
Bug 1081935 - Missing UUID bump. r=gavin a=me
2014-10-13 17:27:42 +02:00
ad3210dd8e
Merge inbound to m-c. a=merge
2014-10-11 16:16:00 -04:00
aa2c9e3dc4
No bug, Automated HPKP preload list update from host bld-linux64-spot-412 - a=hpkp-update
2014-10-11 03:18:06 -07:00
662e6c9a21
No bug, Automated HSTS preload list update from host bld-linux64-spot-412 - a=hsts-update
2014-10-11 03:18:03 -07:00
0b58cd9573
Bug 1077282: Cleanup uses of GreD vs GreBinD, introcuded by v2 signature changes on OSX. Based on initial patch by rstrong. r=bsmedberg
2014-10-10 15:06:57 -04:00
2251b66f13
Bug 1075686, Update Mozilla 35 to use NSS 3.17.2, RTM
2014-10-10 19:16:08 +02:00
9c3bce6805
bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler
2014-08-20 16:30:16 -04:00
0cacd2ed70
Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler
2014-10-05 17:18:11 -07:00
da90427b6c
Backed out changeset b885a82dc02a (bug 1078108) for breaking B2g ICS Builds
2014-10-10 09:01:45 +02:00
2565f9b33d
Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler
...
--HG--
extra : rebase_source : 3115275b2b1c5337cbea0fd43a2221fcd54dadc1
extra : source : bb5694e268255b6549ccaaaddca74fbb83d4bda1
2014-10-05 17:18:11 -07:00
201e27f5f3
Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
...
--HG--
extra : rebase_source : 8734920020e0889ea6cac1e878b182326bbf81d6
2014-10-07 18:30:47 -07:00
de5513f839
Bug 1075686: Update Mozilla 35 to use NSS 3.17.2 Beta 2.
...
This fixes bug 1049435.
2014-10-09 10:58:30 -07:00
a052b67f71
bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith
2014-10-08 09:48:15 -07:00
af214d36f8
bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith
2014-10-08 09:33:59 -07:00
42cd9ec5ca
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
2014-10-07 09:35:42 -07:00
7fffd05532
Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
2014-10-08 13:19:14 -07:00
8d715a7fe4
Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
2014-10-08 13:17:32 -07:00
71bd008415
backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:10:46 -07:00
6e65e0bca0
backout 9692998f547e (bug 1058812 2/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:10:10 -07:00
4279bb931d
backout 0097b4ffaf33 (bug 1058812 3/3) for mochitest orange on a CLOSED TREE
2014-10-08 12:09:26 -07:00
3718659874
bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith
2014-10-08 09:48:15 -07:00
7ad555939c
bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith
2014-10-08 09:33:59 -07:00
5606be5b15
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
2014-10-07 09:35:42 -07:00
7c87c719cd
Bug 1077887: Work around old GCC "enum class" bug, r=mmc
...
--HG--
extra : rebase_source : 983e8d8bcfded10d1d1dca793d610996b40b444d
2014-10-04 18:45:31 -07:00
121791c43f
Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc
...
--HG--
extra : rebase_source : f0483e775c6fefc256fc9527b1b1118086cc121f
2014-10-03 15:52:38 -07:00
d292ee73f1
Bug 1066735 - Remove root b2g and android specific xpcshell manifests, r=chmanchester
2014-10-07 18:18:28 -04:00
4ae95106e2
bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB
2014-10-06 11:28:15 -07:00
15ca5186a6
Fix one bad implicit constructor in pkix, no bug, blanket-rs=bsmith
2014-10-07 09:46:59 -04:00
811400331c
Backed out changeset 76000f9f12da (bug 1077859) for causing frequent Mac OSX XPCshell test failures
2014-10-07 12:53:42 +02:00
f3c6c6a49b
Backed out changeset 16fe1b9eb9e6 (bug 1077887)
2014-10-07 12:53:03 +02:00
2dbcab7289
Backed out changeset 124b04c01c71 (bug 1077926)
2014-10-07 12:52:49 +02:00
655ade7a8b
Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
...
--HG--
extra : rebase_source : 360fe925397688c1d0a2386c4974def6b571f0d4
2014-10-05 00:29:43 -07:00
1fc729071e
Bug 1077887: Work around old GCC "enum class" bug, r=mmc
...
--HG--
extra : rebase_source : ce707672dfc0587760c09701fd6adbe26c874916
2014-10-04 18:45:31 -07:00
9e344e0256
Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc
...
--HG--
extra : rebase_source : 78e1410ab6c94bd6b20a78208a2421db338aed94
2014-10-03 15:52:38 -07:00
445e1466e9
Backed out 5 changesets (bug 806819) for WinXP test failures on a CLOSED TREE
...
Backed out changeset 009ae35b0c67 (bug 806819)
Backed out changeset 5a57f87f5061 (bug 806819)
Backed out changeset f06cd735b5b3 (bug 806819)
Backed out changeset e25a2a8d4af4 (bug 806819)
Backed out changeset 70a167982c3f (bug 806819)
2014-10-06 16:32:50 -07:00
53a247fb00
Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
...
--HG--
extra : rebase_source : 49a3f57d94fc94702f1604175c4e206091b67197
2014-10-06 13:11:24 -07:00
80d2b8bba6
Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
...
--HG--
extra : rebase_source : c96eea1c12ea8c19314393f0e8b4b57a4316a61d
2014-10-06 13:08:20 -07:00
94adb30f77
Bug 1062709 (part 2, attempt 2) - Clean up stack printing and fixing. r=dbaron.
...
--HG--
extra : rebase_source : 626fd23a14ec90cfc9807c3d555169ec6463d19d
2014-09-01 22:56:05 -07:00
2eb56008e2
Bug 1062709 (part 1, attempt 2) - Add a frame number argument to NS_WalkStackCallback. r=dbaron.
...
--HG--
extra : rebase_source : 4f7060a9ae0bed180899651c50e8ea8857e72d63
2014-09-10 21:47:01 -07:00
4ee6d12382
Bug 1075976 Clean up XPCOM string usage r=keeler
2014-10-05 22:09:39 +01:00
9764e19e06
Merge m-i to m-c, a=merge
2014-10-05 09:34:55 -07:00
145d867409
Backed out 2 changesets (bug 1003448) since their dependency was backed out
...
CLOSED TREE
Backed out changeset 61f98b1d29f9 (bug 1003448)
Backed out changeset 8e947d1636f1 (bug 1003448)
2014-10-04 20:10:19 -07:00
58b5016fa7
No bug, Automated HPKP preload list update from host bld-linux64-spot-197 - a=hpkp-update
2014-10-04 03:19:30 -07:00
9583d80353
No bug, Automated HSTS preload list update from host bld-linux64-spot-197 - a=hsts-update
2014-10-04 03:19:28 -07:00
2d0f9579b5
Backed out changeset a0b82c954206 (bug 1062709) for Windows mochitest 5 hangs
2014-10-03 15:06:16 +01:00
9e223d8a19
Backed out changeset 7a1b7d7eba12 (bug 1062709)
2014-10-03 15:05:26 +01:00
4e2581f465
Backed out 3 changesets (bug 1076129, bug 1003448) for frequent xpcshell crashes on a CLOSED TREE.
...
Backed out changeset 3034162ee435 (bug 1003448)
Backed out changeset 086fe4b0ba14 (bug 1003448)
Backed out changeset 1babd65ebec7 (bug 1076129)
2014-10-02 15:53:21 -04:00
39d073c8d5
bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler
2014-08-20 16:30:16 -04:00
b20021a33c
Merge m-c to inbound. a=merge
2014-10-02 13:14:06 -04:00
1e1716e492
Bug 1072382 - Remove version intolerance marker on inappropriate_fallback alert, r=keeler
2014-10-02 10:03:30 -07:00
5a257b83f9
Bug 1062709 (part 2) - Clean up stack printing and fixing. r=dbaron.
...
--HG--
extra : rebase_source : 18158d4474cb8826813a3866eba57b710e14db99
2014-09-01 22:56:05 -07:00
c9c64de53c
Bug 1062709 (part 1) - Add a frame number argument to NS_WalkStackCallback. r=dbaron.
...
--HG--
extra : rebase_source : 0f9b2d6310433ed56f5552706fcf2a96571aee25
2014-09-10 21:47:01 -07:00
2f89ed3295
bug 1045739 - (part 2/2) mozilla::pkix: test that revocation checking doesn't occur for expired certificates r=mmc
2014-10-01 10:20:31 -07:00
864c184e30
bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler
2014-08-14 12:02:55 -07:00
5fe316221d
Bug 1075686, pick up NSS 3.17.2 beta 1 to fix bug 1057161
2014-10-01 19:30:41 +02:00
b37ac43e39
merge fx-team to mozilla-central a=merge
2014-09-30 15:10:47 +02:00
3ac8cb4ccb
Bug 1073865 - Add missing SSL_ERROR l10n strings v1. r=dkeeler
2014-09-27 14:02:00 +02:00
886005b84a
Bug 787133 - (hpkp) Part 2/2. Tests r=keeler
2014-09-29 20:31:08 -07:00
579061de7c
Mac v2 signing - Bug 1060562 - Update xpcshell-tests for the new v2 bundle structure on OSX. r=jmaher
2014-09-29 11:51:29 -07:00
a310d15a38
No bug, Automated HPKP preload list update from host bld-linux64-spot-046 - a=hpkp-update
2014-09-27 03:16:58 -07:00
bca9d93656
No bug, Automated HSTS preload list update from host bld-linux64-spot-046 - a=hsts-update
2014-09-27 03:16:56 -07:00
fd860abf57
bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
2014-09-25 11:18:56 -07:00
863d5f9477
bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco
2014-09-25 11:08:36 -07:00
c2c7007b5f
Bug 787133 - (hpkp) Part 1/2. Header Parsing and interface within PSM. r=keeler, r=mcmanus
2014-09-03 10:24:12 -07:00
27ae4de9b6
Bug 1068000 - Add client side chrome.* pipe rule for Windows content sandbox. r=tabraldes
2014-09-16 15:44:25 +01:00
bc0c8885af
Merge m-c to inbound a=merge
2014-09-23 16:48:23 -07:00
47e158094b
Merge inbound to m-c a=merge
2014-09-23 15:30:38 -07:00
761fee2128
Bug 1064636, upgrade to NSS 3.17.1 release, r=rrelyea, a=lmandel
2014-09-23 21:28:23 +02:00
6b1b9962f5
Fix more bad implicit constructors in security, blanket-rs=bsmith, no bug
2014-09-23 09:13:26 -04:00
9fd62691c6
Bug 1069700 - Fix recursive crash when non-content children violate sandbox policy. r=kang
2014-09-18 18:17:00 -04:00
f07a938b7c
Bug 1045973 - sec_error_extension_value_invalid: mozilla::pkix does not accept certificates with x509v3 extensions in x509v1 or x509v2 certificates r=keeler
2014-09-23 16:48:54 -04:00
06b4f5bba9
bug 1060929 - mozilla::pkix: allow explicit encodings of default-valued BOOLEANs for compatibility r=briansmith
2014-09-22 09:26:10 -07:00
8818f4947f
Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb
2014-09-22 07:58:59 -07:00
2915e7de92
Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler
2014-09-22 07:58:59 -07:00
79a0a7362d
merge b2g-inbound to mozilla-central a=merge
2014-09-22 13:06:09 +02:00
2ae977b21b
merge mozilla-inbound to mozilla-central a=merge
2014-09-22 12:58:26 +02:00
976d004bf3
No bug, Automated HPKP preload list update from host b-linux64-ix-0007 - a=hpkp-update
2014-09-20 03:17:29 -07:00
c78690b02d
No bug, Automated HSTS preload list update from host b-linux64-ix-0007 - a=hsts-update
2014-09-20 03:17:26 -07:00
e160a6a6da
Bug 1059204 - Prepare verification code for reuse. r=rlb
2014-09-19 20:13:47 -07:00
cb0c9e468d
Bug 967977 - Add pref to disable session identifiers (session tickets and session IDs). r=dkeeler
2014-09-08 15:32:00 -04:00
c5500b85df
Bug 1065264: Use MOZILLA_PKIX_MAP_LIST to define mozilla::pkix::Result, r=keeler
...
--HG--
extra : rebase_source : a91f7ab118f802fed6441edf00a245fe90c8e506
2014-09-10 00:17:24 -07:00
ddb8aedc17
Bug 1065173: Move more NSS dependencies to pkixtestnss.cpp, r=keeler
...
--HG--
extra : rebase_source : 205fa72506e175c0fe418c5428675e754a86c820
2014-09-08 20:41:53 -07:00
d4a0b9e59c
Bug 1063031: Remove mozilla::pkix::test::NSSTest, r=keeler
...
--HG--
rename : security/pkix/test/gtest/nssgtest.cpp => security/pkix/test/gtest/pkixgtest.cpp
extra : rebase_source : 205faf2054134b3a7aecd55d53f73d19f2f86103
2014-08-31 20:42:28 -07:00
5043e01249
Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted
2014-10-03 14:55:03 -07:00
235b069e72
bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler
2014-08-20 16:30:16 -04:00
36ef87e623
Bug 1075991 - Tracking cause of inappropriate TLS version fallback, r=keeler
2014-10-03 11:01:24 -07:00
e3fc75fe11
Bug 1075991 - Remember version intolerance reason code, r=keeler
2014-10-03 11:01:24 -07:00
af2478ad59
Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler)
2014-10-02 16:45:13 -07:00
e75e48ed45
Bug 1054498 - Report pinning violations by CA r=keeler
2014-10-17 10:33:50 -07:00
e5ad1e7db2
Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests
2014-10-17 13:14:29 +02:00
d893b9cc90
Backed out changeset f5fa8ea86d3b (bug 622859)
2014-10-17 13:13:01 +02:00
67e50f1aa1
Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang
2014-10-16 12:42:00 +02:00
ef48a9fa7c
Bug 622859 - Tests for bug 622859. r=briansmith,keeler
2014-10-16 05:22:00 +02:00
01941f880c
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
2014-10-16 05:13:00 +02:00
b9708b293b
Bug 1083701: When pre-Vista, for testing purposes allow stdout/err to be inherited by sandboxed process when an env var is set. r=tabraldes
2014-10-17 09:42:09 +01:00
d44051d068
bug 1055238 - add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process r=rbarnes
2014-09-16 15:49:37 -07:00
76d5bfab7d
bug 1055238 - clean up nsNSSCertificateFakeTransport.{cpp,h} for style nits r=rbarnes
2014-09-16 13:24:13 -07:00
4782afddb6
Bug 787133 - (hpkp) testing of internal storage and idl r=keeler.
...
--HG--
extra : rebase_source : c4f83f38a3b8f293a1ca61f2f0a6f90df6ff7840
2014-09-12 14:59:37 -07:00
d790eb8f88
Bug 787133 - (hpkp) Internal storage of hpkp data. r=keeler.
...
--HG--
extra : rebase_source : 1ef88ab5ebcf9634bd1de76ec1c9543eb87d265b
2014-09-12 14:59:37 -07:00
db0e8cfdbd
bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc
2014-09-12 13:20:43 -07:00
9a1ec24aef
Bug 1067565 - Built-in pins expires decades later. r=keeler
2014-09-15 17:17:12 -07:00
4728b78382
bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj
2014-09-15 19:46:14 -04:00
6e187f49f8
Merge m-c to inbound a=merge
2014-09-15 16:41:45 -07:00
bed71c1658
No bug, Automated HPKP preload list update from host bld-linux64-spot-318 - a=hpkp-update
2014-09-15 14:35:39 -07:00
cc3388a150
No bug, Automated HSTS preload list update from host bld-linux64-spot-318 - a=hsts-update
2014-09-15 14:35:37 -07:00
dce41c469b
bug 973048 - follow-up to add another missed #include r=bustage on a CLOSED TREE
2014-09-15 13:50:18 -07:00
c6dc096f07
bug 973048 - follow-up to add #include for ScopedPtr r=bustage on a CLOSED TREE
2014-09-15 13:02:47 -07:00
4113b4b466
bug 973048 - replace nsNSSCleaner with Scoped types r=rbarnes
2014-09-15 12:31:43 -07:00
d557d05d44
merge m-i to m-c a=merge
2014-09-12 15:07:38 +02:00
7d604b16de
No bug, Automated HPKP preload list update from host bld-linux64-spot-021 - a=hpkp-update
2014-09-11 20:51:37 -07:00
44fa5fca8f
No bug, Automated HSTS preload list update from host bld-linux64-spot-021 - a=hsts-update
2014-09-11 20:51:35 -07:00
ccbb9be8bc
Bug 1050518 - Remove nsICertificatePrincipal. r=keeler
2014-09-10 20:31:00 -04:00
61056aa4db
Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj
2014-09-10 12:36:17 +01:00
33eaabbf1f
Bug 1063455 - Define MOZ_STACKWALKING when NS_StackWalk is available and replace other instances of the same #if logic. r=mshal, r=froydnj
2014-09-08 18:25:20 +01:00
c857f8e0f4
Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler
...
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
2014-08-31 19:42:36 -07:00
030872a85c
Bug 1063013, Part 3: Move dependencies on pkixnss to pkixtestnss, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : b22bd341a5c72ba87efcf23a4e048bba8adf1544
2014-08-31 19:16:26 -07:00
18c10a4998
Bug 1063013, Part 2: Remove unnecessary pkixnss dependency from pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e91ec652edc54255cd29871c91550c3ee49438c5
2014-08-31 19:04:15 -07:00
06a6c4e0be
Bug 1063013, Part 1: Remove pkixnss dependency from pkixtestutil.cpp, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e55c2e0c73a59b84629d071a64d8597ec5cc56ae
2014-09-04 17:21:28 -07:00
8dbcf66d66
Bug 1063006: Centralize direct use of NSS for crypto in the mozilla::pkix test suite, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : 93515d39abf91168fa86268f9b26f8c62d0d411e
2014-08-31 17:47:09 -07:00
ba3ad3aa0e
Bug 1059924, Part 2: Test that the high tag number form is rejected, r=keeler
...
--HG--
extra : rebase_source : 66793ce13ed8635cd47051fc2c93651d6936614e
2014-08-21 15:48:40 -07:00
af04cea2d8
Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo
...
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
2014-08-29 10:11:00 +02:00
bd73520e3c
Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith
2014-09-08 20:47:36 -04:00
d577ecb4c1
bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc
2014-09-08 09:33:03 -07:00
75dcdffdac
merge mozilla-inbound to mozilla-central a=merge
2014-09-08 15:22:16 +02:00
fb37ddfbb4
No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update
2014-09-06 03:17:54 -07:00
335a88aab5
No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update
2014-09-06 03:17:51 -07:00
ca62a34614
Merge inbound to m-c a=merge
2014-09-05 19:04:52 -07:00
573218568c
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso)
2014-09-05 12:04:26 -07:00
a9431992d5
Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes
2014-09-03 10:31:53 +01:00
702384684c
bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes
2014-09-05 11:04:22 -07:00
2c36fac925
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler)
2014-09-05 12:04:26 -07:00
f19448274c
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
a37dba0312
Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage
...
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
2014-09-04 15:53:07 -07:00
418571330e
Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco
...
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
2014-08-31 22:03:22 -07:00
4170cfe622
Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler
...
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
2014-08-30 23:30:20 -07:00
6e2797899e
Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
2014-08-30 23:27:15 -07:00
26f076840d
Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler
...
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
2014-09-01 19:23:01 -07:00
1966d956d1
Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler
...
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
2014-08-30 23:09:18 -07:00
c7a8deb8a0
Bug 1061021, Part 13: Remove Output class, r=keeler
...
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
2014-08-30 20:47:58 -07:00
5419f381e4
Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
...
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
2014-08-30 20:42:19 -07:00
c697d86d9d
Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
2014-08-30 19:55:52 -07:00
dedfff0a81
Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler
...
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
2014-08-30 19:16:24 -07:00
d1e3997695
Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler
...
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
2014-08-30 18:00:02 -07:00
a67503eadb
Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler
...
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
2014-08-30 17:47:22 -07:00
24aa747308
Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
2014-08-30 17:40:41 -07:00
653ade1f65
Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler
...
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
2014-08-30 17:00:16 -07:00
3c92292236
Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler
...
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
2014-08-30 16:49:49 -07:00
61df71edb6
Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler
...
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
2014-08-30 16:33:47 -07:00
314958b44f
Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler
...
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
2014-08-30 16:15:11 -07:00
f854a1e2f2
Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler
...
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
2014-08-30 16:07:16 -07:00
8b26ecac0b
Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler
...
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
2014-08-30 23:11:23 -07:00
a6be0bc849
Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler
...
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
2014-09-02 22:03:30 -07:00
a891fc79d8
Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler
...
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
2014-08-29 16:06:38 -07:00
d219ed0d80
bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith
2014-09-04 10:42:31 -07:00
a250e4de47
bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith
2014-09-03 10:12:55 -07:00
d578571a85
Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage
2014-09-04 15:14:41 +02:00
39fa254326
Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage
2014-09-04 15:13:14 +02:00
ad41895771
Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes
2014-09-03 10:31:53 +01:00
0fdb849687
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
4b99580194
Bug 1059113 - Use templates for shared libraries and frameworks. r=gps
...
Also force to use the existing template for XPCOM components.
2014-09-04 09:04:45 +09:00
0060683747
Bug 1059090 - Don't require SOURCES to be set for CPP_UNIT_TESTS and SIMPLE_PROGRAMS. r=mshal
2014-09-03 14:16:37 +09:00
ed70c5f377
Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps
2014-09-03 14:10:54 +09:00
c1853c5db4
bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
2014-09-03 11:44:08 -07:00
1dfa299843
Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium
2014-08-31 23:23:00 +02:00
6deacdf4e9
Bug 1061942 - Switch back security/certverifier and security/manager to use unified builds; r=bsmith
2014-09-02 18:28:11 -04:00
c0770e9a92
Backed out 1 changesets (bug 1050546) for build bustage
...
Backed out changeset c7a9e8177202 (bug 1050546)
2014-09-02 16:49:51 -07:00
18cd42500e
bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
2014-09-02 12:10:47 -07:00
5bffafdd26
Bug 1061061 - Fix more bad implicit constructors in misc. code; r=bsmedberg
2014-09-02 18:24:24 -04:00
d75ed5bf7f
bug 1059490 - mark more classes MOZ_FINAL r=froydnj
2014-08-27 14:26:48 -04:00
7e9f88e039
Bug 1036737 - Adding fallback SCSV use. r=dkeeler
2014-08-29 14:59:00 +02:00
aafc47e9e9
Bug 1060975 - Fix bad implicit constructors in security; r=bsmith
2014-08-31 19:26:27 -04:00
7b968ad142
Bug 1039166 - Fix intermittent gtest ASAN errors. r=dkeeler
2014-08-28 15:33:10 -07:00
c30a1809d2
Merge inbound to m-c. a=merge
2014-08-30 12:25:27 -04:00
61a875d894
No bug, Automated HPKP preload list update from host bld-linux64-spot-456 - a=hpkp-update
2014-08-30 03:23:01 -07:00
ea9d818f0d
No bug, Automated HSTS preload list update from host bld-linux64-spot-456 - a=hsts-update
2014-08-30 03:22:59 -07:00
1ea7e357ca
Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium
...
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.
This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.
--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
2014-08-28 23:23:13 -07:00
a47a7b45b5
Bug 1052099 - August 2014 batch of EV root CA changes. r=keeler
...
--HG--
extra : rebase_source : 4303f1fb6988ff462edd908295708788a24a64f1
2014-08-27 11:31:20 -07:00
4b04dd58f3
bug 1009161 - follow-up: add test_nsCertType.js to xpcshell.ini so it'll actually run r=mmc
2014-08-28 11:38:31 -07:00
db45c0b01a
Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes
...
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
2014-08-28 14:50:10 +12:00
fd5e2abf5a
bug 1058925 - don't convert nullptr to bool in ClientAuthServer.cpp r=keeler
2014-08-27 19:12:22 -04:00
e7899e86a5
Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes
...
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
2014-08-27 15:42:41 -07:00
5c4a88776f
Bug 1004781: Enable pinning in test mode for facebook (r=cviecco)
2014-08-27 14:18:25 -07:00
ba6539ecd7
bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent.
2014-08-29 17:34:26 -07:00
127e03fe0a
Bug 1059926: Give DottedOIDToCode.py the ability to generate more encodings, r=keeler
...
--HG--
extra : rebase_source : 8fabeb5802530789925ae47d1f1cc4b27e4bf899
extra : histedit_source : 1329e925ada56b29c9e05991b85b320d4ae0e3a3
2014-08-28 09:58:13 -07:00
6452321116
Bug 1057793: Fix build warning on MSVC 2013, r=keeler
...
--HG--
extra : rebase_source : eb908d0f3d313991cab78d707c7f666ab9d9eaf5
extra : histedit_source : 3d69a511f82895d8b741960205e96488b4f2ebbb
2014-08-17 16:49:19 -07:00
ede2da1dd5
Bug 1057791: Switch PR_ASSERT to assert in pkixcheck.cpp, r=keeler
...
--HG--
extra : rebase_source : a63e822eed9914046127c466f7e5c4f0e3e84361
extra : histedit_source : fc9d16f67cc349f5c7d3964c5dc58de1e5b9e986
2014-08-17 16:50:45 -07:00
5846749954
Bug 1057790: Limit scope of CERTCertificate-related stuff to the scope it is used, r=keeler
...
--HG--
extra : rebase_source : 41b84cc08a928d0cdf57062d89f6d9495351437f
extra : histedit_source : bfbc35434d1318b6e6259bca72e6e1688842e5ad
2014-08-04 15:32:15 -07:00
01f0b82f34
Bug 1053924: Remove dependencies on PRTime in mozilla::pkix's test code, r=keeler
...
--HG--
extra : rebase_source : deb2dcec5c56ef86d95df319b5a61165d9d761a7
2014-08-08 10:33:18 -07:00
3f1e2a85b6
Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium
...
See also bug 1059038.
2014-08-26 19:23:44 -07:00
3ae6c90876
Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang
2014-08-26 13:54:16 -07:00
23c21aa709
Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium
...
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).
The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
2014-08-26 13:54:09 -07:00
e020caf2de
Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang
2014-08-26 13:54:03 -07:00
Carsten "Tomcat" Book
David Keeler
Bob Owen
Cykesiopka
Monica Chew
Kai Engert
Gregory Szorc
ffxbld
Masatoshi Kimura
Shashank Sabniveesu
Chris Peterson
Michael Ratcliffe
Jed Davis
Dragana Damjanovic
Garrett Robinson
Brian Smith
André Reinald
Martin Thomson
Mike Hommey
Phil Ringnalda
Tom Schuster
Jim Mathies
Tanvi Vyas
Jon Morton
Sylvestre Ledru
Ryan VanderMeulen
Stephen Pohl
Patrick McManus
Wan-Teh Chang
Eric Rahm
Andrew Halberstadt
Ehsan Akhgari
Wes Kocher
Nicholas Nethercote
Neil Rashbrook
Ed Morley
Camilo Viecco
Richard Barnes
Vlatko Markovic
Robin Thunell
Arthur Edelstein
J.C. Jones
Trevor Saunders
Giovanni Sferro
David Major
Tim Abraldes