168eaceb20
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: IHPBV4z9vPi
2017-08-22 17:14:32 -07:00
a5363edfb5
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-08-22 10:07:25 -07:00
3d0753d911
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-08-22 10:07:21 -07:00
092af8e0a1
Bug 1390428 (part 5) - Remove more nsXPIDLCString uses. r=erahm.
...
These are all simple cases, with similarities to previous patches in this
series.
--HG--
extra : rebase_source : 6ef36382df9fef217d5cb737e218d65ac062f90a
2017-08-16 14:07:18 +10:00
b0c8473e3b
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 6Q3iErm6jCn
2017-08-21 14:30:39 -07:00
48ea452803
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-08-21 10:16:06 -07:00
e66765550e
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-08-21 10:16:02 -07:00
a2bdc51dd8
Bug 1384986 - Adjust sandbox policy for dconf's `mkdir -p` behavior. r=gcp
...
MozReview-Commit-ID: HNvOXNJTc1W
--HG--
extra : rebase_source : 76edd1008731838fc89a5581fee818328d5847e1
2017-08-10 19:02:22 -06:00
3460ce99ac
Bug 1384986 - Prevent sandbox file broker rules from removing rights granted by more general rules. r=gcp
...
Generally, the intent for the Add* methods is that they always grant
rights in addition to what's already in the policy, not remove them;
this makes subtree rules that overlap single-file rules follow that
principle.
This requires a global analysis because the conflicting rules can be
added in any order. It does not currently attempt to handle prefix
rules that aren't at a path component boundary, because that's not a
problem we currently have.
MozReview-Commit-ID: 4kv6QoGCBTV
--HG--
extra : rebase_source : 9e41263bbb1c07b8cde40ec2e72d746f17278fcb
2017-08-10 21:38:25 -06:00
e126b4f2a9
merge autoland to mozilla-central. r=merge a=merge
...
MozReview-Commit-ID: o58z45INT1
2017-08-20 23:21:44 +02:00
b258e6864e
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2017-08-20 10:09:42 -07:00
2e52859c9d
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2017-08-20 10:09:39 -07:00
9359f5bf39
Merge inbound to m-c, a=merge
...
MozReview-Commit-ID: LCCoXUsCtmv
2017-08-19 15:29:10 -07:00
17fd8b2be0
Merge autoland to m-c, a=merge
...
MozReview-Commit-ID: KDZlJPKkuwR
2017-08-19 15:28:08 -07:00
4a4349b10c
Backed out changeset 10660affe7a3 (bug 1387569)
2017-08-19 20:21:55 +02:00
7d43c93d35
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-08-19 10:10:48 -07:00
22960f90f0
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-08-19 10:10:45 -07:00
b1fc5e008c
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 4cWGBbMEU2x
2017-08-18 15:53:07 -07:00
5fa2384aeb
Merge autoland to central, a=merge
...
MozReview-Commit-ID: IhZjTRz0dA5
2017-08-18 13:10:54 -07:00
5327d60f27
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2017-08-18 10:33:38 -07:00
5e356769cf
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2017-08-18 10:33:34 -07:00
9ce1ea9579
Bug 1389851 - sandbox: Suppress -Wunreachable-code-return warning in third-party Chromium sandbox code. r=jld
...
security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc:277:12: warning: 'return' will never be executed [-Wunreachable-code-return]
This return statement is unreachable because SANDBOX_DIE() is a noreturn function:
https://searchfox.org/mozilla-central/rev/a887f0edbd9f6b176b64111455ba62bb0cf356a6/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc#270-274
MozReview-Commit-ID: HDxBJe2ZtPN
--HG--
extra : rebase_source : 07f6cbcf901a54901cc5ea85b84030ea27a668ba
extra : source : f39f78b1a9851d97c6fd7dcbbd1d7ba93e933e08
2017-08-09 18:45:16 -07:00
153fae058e
merge mozilla-central to mozilla-inbound. r=merge a=backout on a CLOSED TREE
2017-08-17 19:34:04 +02:00
04391741c9
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-08-17 10:13:33 -07:00
a012130123
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-08-17 10:13:29 -07:00
113c7ca5f7
Backed out changeset 0777ec282546 (bug 1386955) due to test bustage UPGRADE_NSS_RELEASE,
...
--HG--
extra : amend_source : 54f64cfc4296249d79d9374be3c8f2ee89f26400
2017-08-17 16:16:08 +02:00
99aa3f8e70
Merge mozilla-central to mozilla-inbound
2017-08-17 13:13:10 +02:00
74e77f7e73
Bug 1386955 - land NSS 984849c0a0f1 UPGRADE_NSS_RELEASE, r=me
2017-08-17 11:57:16 +02:00
025461bde7
Bug 1390428 (part 1) - Remove many nsXPIDLCString local variables. r=erahm.
...
These are all easy cases where an nsXPIDLCString local variable is set via
getter_Copies() and then is only used in ways that nsCStrings can also be used
(i.e. no null checks or implicit conversions to |char*|).
In every case the patch trivially replaces the nsXPIDLCString with an
nsCString. (Also, there are a couple of unused nsXPIDLCString variables that
the patch simply removes.)
2017-08-16 13:58:35 +10:00
e15bcf0f43
Bug 1387569 - Also enable -Wno-implicit-fallthrough for gcc for a chromium file (exists from gcc 7) r=gcp
...
MozReview-Commit-ID: cuQuFcAnWL
--HG--
extra : rebase_source : 37dec684e14b1d02dab04729c718b5da1fcb25a4
2017-08-06 19:06:36 +02:00
366675feaa
Merge m-c to autoland
...
MozReview-Commit-ID: GCxEZcmHL2w
2017-08-19 15:34:44 -07:00
7b612087c3
Bug 1387569 - Also enable -Wno-implicit-fallthrough for gcc for a chromium file (exists from gcc 7) r=gcp
...
MozReview-Commit-ID: cuQuFcAnWL
--HG--
extra : rebase_source : d67074f94feabc1b32f64e6e988fa2222db626d7
2017-08-06 19:06:36 +02:00
c043502159
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: 7sFZmPUXSx6
2017-08-18 17:21:29 -07:00
1ca83fd296
Backed out 5 changesets (bug 1387569) for Windows static build bustage
...
Backed out changeset eeda521ba0ad (bug 1387569)
Backed out changeset 8d23caf2ccc7 (bug 1387569)
Backed out changeset b5f969313f81 (bug 1387569)
Backed out changeset f642bc883aa5 (bug 1387569)
Backed out changeset 20151eabffea (bug 1387569)
MozReview-Commit-ID: IH0XXePvhiL
2017-08-19 12:20:26 -07:00
deeb6caa20
Bug 1387569 - Also enable -Wno-implicit-fallthrough for gcc for a chromium file (exists from gcc 7) r=gcp
...
MozReview-Commit-ID: cuQuFcAnWL
--HG--
extra : rebase_source : 28b30810aa4cf45d1d393bd94815b39ca81f43da
2017-08-06 19:06:36 +02:00
366445521c
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: DjSlrmDFfe3
2017-08-16 17:14:41 -07:00
9aa04a95f3
Merge autoland to central, a=merge
...
MozReview-Commit-ID: Fv1T41t9Gof
2017-08-16 15:30:39 -07:00
5ce320a16f
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-08-16 10:10:45 -07:00
8b97f39049
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-08-16 10:10:42 -07:00
9a955fd0b3
Backed out 2 changesets (bug 1380701) for bustage in SandboxBroker a=backout
...
Backed out changeset 6cef83dd4d11 (bug 1380701)
Backed out changeset 4456ebfe5657 (bug 1380701)
MozReview-Commit-ID: Cnfj7TZvCbv
2017-08-16 09:46:48 -07:00
a83fefd956
Bug 1390036 (part 1) - Remove most remaining uses of nsXPIDLString. r=erahm.
...
CompareCacheHashEntry::mCrit[] is the only case where the nsXPIDLString-ness
was important. The patch adds an explicit SetIsVoid() call to that class's
constructor and changes some null checks to IsVoid() checks.
--HG--
extra : rebase_source : e68befcde4dd098bac2a550bc666eaf3bf1298d7
2017-08-11 18:31:22 +10:00
898bd21752
Bug 1380701 - Remove the file broker protocol support for two-path operations. r=gcp
...
Now that all of the operations that took two paths are removed, we can
have less string manipulation running on untrusted inputs in a trusted
context.
Note that the path isn't null-terminated in transit, because we know
the message length and there's no longer any need to delimit anything.
(This is how the protocol worked before the two-path operations were
added.)
MozReview-Commit-ID: 5VHkMoPlWmU
--HG--
extra : rebase_source : 2108a4f7c7bf5098f2ef63786c3675367bd56e19
2017-08-16 15:09:56 -06:00
13148faaa9
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2017-08-15 10:02:09 -07:00
e0eb15e049
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2017-08-15 10:02:05 -07:00
a7d1fe2b5f
Bug 1380701 - Remove brokering for link, unlink, and rename. r=gcp
...
In testing (local and CI) these seem to no longer be used.
MozReview-Commit-ID: 2D3C8eWoIsB
--HG--
extra : rebase_source : dde2015af1d036c32631d185703f1149285b253e
2017-07-20 13:43:59 -06:00
cb3e58d017
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: ENNd2QVktmQ
2017-08-16 17:07:52 -07:00
404facfbbc
Bug 1388925 - Add an opaque flags to have a fine-grained control over TLS configurations. r=mcmanus, r=keeler
...
This flags is added in the http channel interface by which developers can control the TLS
connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for
plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS
module. We also added a unit test to make sure that separate connections are created if we
use different tlsFlags. Basically we used a concrete set of flag values that covers the
edge cases and check the hashkey generated in the connection info.
--HG--
rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
2017-08-16 12:41:16 -07:00
74e07cd141
Bug 1388580 - [Mac] Remove miscellaneous iokit open permissions r=Alex_Gaynor
...
MozReview-Commit-ID: 3StDmeSwZUG
--HG--
extra : rebase_source : 66d73d82f54a9bdd0ebbc35abf0badc2657e5750
2017-08-08 15:57:21 -07:00
f798c65a8e
Bug 1183008 - Modify test_ocsp_caching.js to use modified thisUpdate rather than sleep. r=keeler
...
MozReview-Commit-ID: K9JKCkWOO31
--HG--
extra : rebase_source : ea4c2997652695c2fbff35f238690843ed591ca2
2017-08-17 17:36:04 +01:00
2254f82025
Bug 1387742 - Whitelist default dynamic linker paths, including /lib64. r=jld
...
MozReview-Commit-ID: B4HpKZQL8Y0
--HG--
extra : rebase_source : 8303bcc547d5802280c1a1b18fd98c632cc4d387
2017-08-17 17:53:11 +02:00
Wes Kocher
ffxbld
Nicholas Nethercote
Jed Davis
Sebastian Hengst
Phil Ringnalda
Chris Peterson
Franziskus Kiefer
Carsten "Tomcat" Book
Sylvestre Ledru
Sajjad Arshad
Haik Aftandilian
Mark Goodwin
Gian-Carlo Pascutto