When we migrate SpecialPowers to a JSWindowActor, it will no longer be able to
use synchronous IPC messaging, which means that its current synchronous APIs
will have to become asynchronous.
This patch doesn't change the behavior of those functions, but it does change
their callers to `await` their return values rather than using them directly.
This pattern will work the same whether the functions return a promise or a
plain value, which simplifies the migration.
Differential Revision: https://phabricator.services.mozilla.com/D35053
--HG--
extra : rebase_source : baffba2107b175250573baae3f54d48becbd2a16
extra : source : b4ed40bea2698802ef562a0931c0b560737fb89d
When we migrate SpecialPowers to a JSWindowActor, it will no longer be able to
use synchronous IPC messaging, which means that its current synchronous APIs
will have to become asynchronous.
This patch doesn't change the behavior of those functions, but it does change
their callers to `await` their return values rather than using them directly.
This pattern will work the same whether the functions return a promise or a
plain value, which simplifies the migration.
Differential Revision: https://phabricator.services.mozilla.com/D35053
--HG--
extra : rebase_source : 71821b4292a7c8f76d37ce372ddd9c2612973e7e
Previously, OneCRL was part of the add-on blocklist system. Now that we use
kinto/remote settings, using AddonTestUtils in test_blocklist_onecrl.js is
unnecessary (and it was exposing a preexisting issue with how CacheObserver uses
prefs).
Differential Revision: https://phabricator.services.mozilla.com/D36377
--HG--
extra : moz-landing-system : lando
Avoid race between off-main-thread loading of roots and flipping the
pref by making sure initialization is done.
Differential Revision: https://phabricator.services.mozilla.com/D36348
--HG--
extra : rebase_source : 56c035d5a8c429f99c8b1dfcfe3e014d8f02a6c0
Now that UniqueFileHandle can be used more widely, and with
ipc::FileDescriptor being essentially a copyable UniqueFileHandle, it
makes sense to add a move constructor and a "forget"-like method to
convert between them when needed.
Depends on D26737
Differential Revision: https://phabricator.services.mozilla.com/D26738
--HG--
extra : moz-landing-system : lando
Now that UniqueFileHandle can be used more widely, and with
ipc::FileDescriptor being essentially a copyable UniqueFileHandle, it
makes sense to add a move constructor and a "forget"-like method to
convert between them when needed.
Depends on D26737
Differential Revision: https://phabricator.services.mozilla.com/D26738
--HG--
extra : moz-landing-system : lando
This patche changes only security/manager/ssl/SSLServerCertVerification.cpp.
Differential Revision: https://phabricator.services.mozilla.com/D28741
--HG--
extra : moz-landing-system : lando
Change the Mac GMP process launch to include sandboxing params on the command line to allow the sandbox to be started earlier during GMP process launch. Content, extension, and RDD processes have already been changed to start the sandbox earlier.
Update GMPProcessParent to override GeckoChildProcessHost methods used to construct sandboxing parameters. Pass the plugin path as a sandbox parameter so that the sandbox rules can whitelist the plugin directory which is now read after the sandbox is enabled in the plugin process. On development builds, pass "testingReadPath" params so directories needed during automated tests can be whitelisted.
Update Mac sandboxing code to detect GMP sandbox params on the command line and enable the sandbox with additional arguments needed for early sandbox start.
Allow reverting to the old implementation by setting security.sandbox.gmp.mac.earlyinit to false.
Differential Revision: https://phabricator.services.mozilla.com/D34085
--HG--
extra : moz-landing-system : lando
Change the Mac GMP process launch to include sandboxing params on the command line to allow the sandbox to be started earlier during GMP process launch. Content, extension, and RDD processes have already been changed to start the sandbox earlier.
Update GMPProcessParent to override GeckoChildProcessHost methods used to construct sandboxing parameters. Pass the plugin path as a sandbox parameter so that the sandbox rules can whitelist the plugin directory which is now read after the sandbox is enabled in the plugin process. On development builds, pass "testingReadPath" params so directories needed during automated tests can be whitelisted.
Update Mac sandboxing code to detect GMP sandbox params on the command line and enable the sandbox with additional arguments needed for early sandbox start.
Allow reverting to the old implementation by setting security.sandbox.gmp.mac.earlyinit to false.
Differential Revision: https://phabricator.services.mozilla.com/D34085
--HG--
extra : moz-landing-system : lando
Change the Mac GMP process launch to include sandboxing params on the command line to allow the sandbox to be started earlier during GMP process launch. Content, extension, and RDD processes have already been changed to start the sandbox earlier.
Update GMPProcessParent to override GeckoChildProcessHost methods used to construct sandboxing parameters. Pass the plugin path as a sandbox parameter so that the sandbox rules can whitelist the plugin directory which is now read after the sandbox is enabled in the plugin process. On development builds, pass "testingReadPath" params so directories needed during automated tests can be whitelisted.
Update Mac sandboxing code to detect GMP sandbox params on the command line and enable the sandbox with additional arguments needed for early sandbox start.
Allow reverting to the old implementation by setting security.sandbox.gmp.mac.earlyinit to false.
Differential Revision: https://phabricator.services.mozilla.com/D34085
--HG--
extra : moz-landing-system : lando
This also removes the two extra copies of the byte buffer that we had; we don't
need to copy it more than once. Once we have it in an std::vector, we can pass
that around by reference, not by value or by creating new vectors from copies
of its buffer.
Differential Revision: https://phabricator.services.mozilla.com/D34630
--HG--
extra : moz-landing-system : lando
The UTF-16 to UTF-8 conversion is now handled by XPConnect, because we're using AUTF8String for the type.
Differential Revision: https://phabricator.services.mozilla.com/D34560
--HG--
extra : moz-landing-system : lando
Change the Mac GMP process launch to include sandboxing params on the command line to allow the sandbox to be started earlier during GMP process launch. Content, extension, and RDD processes have already been changed to start the sandbox earlier.
Update GMPProcessParent to override GeckoChildProcessHost methods used to construct sandboxing parameters. Pass the plugin path as a sandbox parameter so that the sandbox rules can whitelist the plugin directory which is now read after the sandbox is enabled in the plugin process. On development builds, pass "testingReadPath" params so directories needed during automated tests can be whitelisted.
Update Mac sandboxing code to detect GMP sandbox params on the command line and enable the sandbox with additional arguments needed for early sandbox start.
Allow reverting to the old implementation by setting security.sandbox.gmp.mac.earlyinit to false.
Differential Revision: https://phabricator.services.mozilla.com/D34085
--HG--
extra : moz-landing-system : lando
At some point in the past, test_cert_storage.js needed to initialize the add-on
system to start the blocklist system, which is where revocation updates used to
come from. This appears to no longer be the case and the code in question can be
removed (and it should be removed because it's causing intermittent failures).
Differential Revision: https://phabricator.services.mozilla.com/D33993
--HG--
extra : moz-landing-system : lando
This patch saves the CRLite enrollment state of every preloaded intermediate to
cert_storage. This is an intermediate (hah) step towards actually checking
CRLite state. We still have to implement downloading and updating the CRLite
bloom filter cascades and implement checking these filters when we encounter a
certificate issued from an enrolled intermediate (this work will be done in
future bugs).
Differential Revision: https://phabricator.services.mozilla.com/D33074
--HG--
extra : moz-landing-system : lando
CryptoTask is a helper class that makes it easier to implement code that runs on
a background thread and then notifies completion on the main thread (this is
useful for not blocking the main thread with long-running cryptography or I/O).
Before this patch, each CryptoTask would create a new thread each time it ran,
which was inefficient. This patch updates CryptoTask to use the stream transport
service (which is essentially a pool of threads for doing exactly these kinds of
things and notably is not to be confused with the socket transport service) to
run each task. Additionally, there were a few places in PSM where we
unnecessarily created new threads to perform similar tasks. These now use the
stream transport service as well.
Differential Revision: https://phabricator.services.mozilla.com/D33534
--HG--
extra : moz-landing-system : lando
PSM has two instances of TLS bookkeeping structures ("SharedSSLState"): a
"public" one for most connections and a "private" one that automatically clears
its state when the last private browsing context (usually a window) closes.
Since we moved to separating connections by origin attributes, the latter is
largely redundant because keying by origin attributes already separates
connections from different contexts, even when using the "public" shared TLS
state structure. However, it still has the advantage of clearing its state when
the last private browsing context closes. This patch updates the decision of
which SharedSSLState to use by taking into account origin attributes. That is,
if the origin attributes of the connection has a private browsing ID that isn't
the default (unset), we'll use the auto-clearing SharedSSLState. This has the
effect of auto-clearing cached client auth certificate state for private
contexts when the last private browsing window closes. It also clears
accumulated TLS intolerance state in the private context, but that isn't as
relevant any more since we don't do TLS fallback by default.
Differential Revision: https://phabricator.services.mozilla.com/D33099
--HG--
extra : moz-landing-system : lando
There are ongoing lmdb issues we need to sort out before we can ship
cert_storage (see e.g. bug 1538541 and bug 1550174).
Differential Revision: https://phabricator.services.mozilla.com/D32885
--HG--
extra : moz-landing-system : lando
The initial implementation made some incorrect assumptions about the data that
was in our data set and used the wrong field to identify the certificates to
delete when they are removed from our preload list. Now that the data set has
the expected field (the hash of the whole certificate), we can use it instead.
Differential Revision: https://phabricator.services.mozilla.com/D32380
--HG--
extra : moz-landing-system : lando
This fixes issues with the NSS and LibSecret keystore not correctly rejecting unlocking of the key store.
Updated for dynamic loading of LibSecret and a bug workaround added elsewhere (updated green try below)
Depends on D9969.
Differential Revision: https://phabricator.services.mozilla.com/D7713
--HG--
extra : moz-landing-system : lando
Per https://bugzilla.mozilla.org/show_bug.cgi?id=1550625#c5 there is no
mechanism available for FIDO U2F JS API operations on Android. The exposed API
is FIDO2/WebAuthn-only. As such, Firefox cannot support FIDO U2F JS API
operations on Android, and we should disable the u2f preference so that
window.u2f is not set inappropriately.
Updated to fix test_interfaces.js
Differential Revision: https://phabricator.services.mozilla.com/D31695
--HG--
extra : moz-landing-system : lando
There's a bug in ole32.dll on arm64 versions of Windows prior to 1809, that crashes our content processes if we enable CFG. We've reported the issue, but even if it gets fixed, we can't assume users will have the update.
This patch uses process mitigation policy flags to disable CFG on arm64 before 1809. Based on testing, we only need to do this in the sandbox for child processes, and it's not strictly necessary for the launcher stub to set the flag on the main process. But I've included that anyway as a guard against some yet-undiscovered scenario that might hit the issue and make the browser unusable.
The effects of this patch won't be visible until we actually enable CFG in a subsequent landing.
Differential Revision: https://phabricator.services.mozilla.com/D29474
--HG--
extra : moz-landing-system : lando
In bug 1056341 we introduced a search budget to mozilla::pkix to attempt to work
around the problem of having an extremely large search space given a set of
certificates all with the same subject and issuer distinguished names but
different public keys. In the end, though, there is probably no good value to
choose for the budget that is small enough to run quickly on the wide range of
hardware our users have and yet is large enough that we're confident won't break
someone's complicated pki setup (looking at you, the US federal government).
To address this, use the observation that as long as an intermediate can't *add*
information necessary to build a certificate chain (e.g. stapled SCTs), we
should never need a self-signed intermediate (as in, its own key verifies the
signature on it and its subject and issuer distinguished names are identical) to
build a trusted chain (since the exact same chain without that intermediate
should be valid). Given this, we simply skip all self-signed non-trust anchor
CA certificates during path building.
Differential Revision: https://phabricator.services.mozilla.com/D31368
--HG--
extra : moz-landing-system : lando
There's a bug in ole32.dll on arm64 versions of Windows prior to 1809, that crashes our content processes if we enable CFG. We've reported the issue, but even if it gets fixed, we can't assume users will have the update.
This patch uses process mitigation policy flags to disable CFG on arm64 before 1809. Based on testing, we only need to do this in the sandbox for child processes, and it's not strictly necessary for the launcher stub to set the flag on the main process. But I've included that anyway as a guard against some yet-undiscovered scenario that might hit the issue and make the browser unusable.
The effects of this patch won't be visible until we actually enable CFG in a subsequent landing.
Differential Revision: https://phabricator.services.mozilla.com/D29474
--HG--
extra : moz-landing-system : lando
Per https://bugzilla.mozilla.org/show_bug.cgi?id=1550625#c5 there is no
mechanism available for FIDO U2F JS API operations on Android. The exposed API
is FIDO2/WebAuthn-only. As such, Firefox cannot support FIDO U2F JS API
operations on Android, and we should disable the u2f preference so that
window.u2f is not set inappropriately.
Differential Revision: https://phabricator.services.mozilla.com/D31695
--HG--
extra : moz-landing-system : lando
This also enables using cert_storage for OneCRL, since it and intermediate
preloading both use the same backend.
Differential Revision: https://phabricator.services.mozilla.com/D31345
--HG--
extra : moz-landing-system : lando
PGO instrumentation interacts badly with this code, and it's not crucial
that this code be lightning fast.
Differential Revision: https://phabricator.services.mozilla.com/D31131
--HG--
extra : moz-landing-system : lando
If an XPIDL interface has a method or attribute that is [notxpcom],
then it is implicitly treated as [builtinclass], even if it is not
marked as such. For clarity, this patch goes through and marks every
place that relies on this behavior (aside from some test code).
Differential Revision: https://phabricator.services.mozilla.com/D30714
--HG--
extra : moz-landing-system : lando
SSLTokensCache is a simple memory only storage for resumption tokens which are get and set using API for external TLS session caches in NSS.
Differential Revision: https://phabricator.services.mozilla.com/D29465
--HG--
extra : moz-landing-system : lando
Support using the Google Play-provided FIDO2 API for Web Authentication.
FIDO U2F API support is being handled subsequently in Bug 1550625.
This patch uses the privileged APIs and thus will only work on Fennec Nightly, Beta, and Release builds.
Differential Revision: https://phabricator.services.mozilla.com/D1148
--HG--
extra : moz-landing-system : lando
Summary:
Our previous approach to making this intermediate available relied on being able
to add it to the user's NSS cert DB. This does work in the majority of cases,
but there are some situations where it doesn't work (e.g. if the user's DB is
set to read only, if they've configured Firefox to run in "nocertdb" mode, if
they have a master password but forgot it, and so on). This patch compiles the
intermediate in to Firefox in the same way we incorporate the root, so it should
always be available.
At the same time, this patch reverts the changes from
023dd959512e2cfa685187616560f91efa91183c and
1d35f8d88bdd007e01d42c4ff76c6d10d7c01a98 (the patches that implemented the
original approach) because they should no longer be necessary.
Reviewers: jcj!, kmag!
Tags: #secure-revision
Bug #: 1549249
Differential Revision: https://phabricator.services.mozilla.com/D30090
--HG--
extra : amend_source : dd475918be3f263a4a363c66a60edc708d3bdcca
extra : histedit_source : b6861a1d7c7ddbe07d5df73d76734d9a48ee3164%2C54cbc4b0446ff1ee3dc860bb2d3798ba8f662566
SECItem uses an unsigned int to indicate its length. We need to cast a size_t
down to the appropriate size. This is safe because what we're casting will
always fit in an unsigned int on the platforms we're using (it's just the size
of the intermediate certificate we added).
Differential Revision: https://phabricator.services.mozilla.com/D30144
--HG--
extra : source : 24bb6566385fc566f1a6b98ea24cad7d0af7e3a3
It turns out that an rkv database created on a 32-bit platform cannot be used on
a 64-bit platform and vice-versa. To work around this for now, we delete and
recreate the DB backing cert_storage and set flags to let our consumers know
to re-load all known data.
Differential Revision: https://phabricator.services.mozilla.com/D29591
--HG--
extra : moz-landing-system : lando
Conditionally include WindowServer access in the GMP sandbox so that it is only allowed for the Widevine CDM plugin, and not OpenH264.
Differential Revision: https://phabricator.services.mozilla.com/D29586
--HG--
extra : moz-landing-system : lando
Replace the MacSandboxType_Plugin sandbox type with MacSandboxType_Flash and MacSandboxType_GMP so that there is a 1:1 association between MacSandboxType values and sandbox policies.
Remove the MacSandboxPluginType enum. Instead of having different MacSandboxPluginTypes, we will just have MacSandboxType_GMP. We only use GMP for two plugin types, Widevine and OpenH264, and they only differ in that Widevine requires accss to the WindowServer.
Remove the MacSandboxPluginInfo struct and move the two needed fields pluginPath and pluginBinaryPath to MacSandboxInfo.
Differential Revision: https://phabricator.services.mozilla.com/D29585
--HG--
extra : moz-landing-system : lando
Now that ContentVerifier has been removed (bug 1441989), the only API of
nsIContentSignatureVerifier that is actually being used is
verifyContentSignature. As a result, we can vastly simplify the implementation
(ContentSignatureVerifier) to prepare for improvements such as having it not
block the main thread (bug 1534600).
Differential Revision: https://phabricator.services.mozilla.com/D29295
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
Intermediate preloading was including cookies during attachment fetches to our
Kinto attachment servers. There's no reason for that, so let's not.
Differential Revision: https://phabricator.services.mozilla.com/D26193
--HG--
extra : rebase_source : b3fbb6c80c56b8428434fb177cad3424a66b837d
extra : source : 87be514024ac53ab6362ffc26610c063d50abe07
This updates cert_storage to be able to store certificates indexed by subject DN
for easy lookup by NSSCertDBTrustDomain during path building. This also updates
RemoteSecuritySettings to store newly-downloaded preloaded intermediates in
cert_storage.
Differential Revision: https://phabricator.services.mozilla.com/D27991
--HG--
extra : moz-landing-system : lando
Crashes as a result of 2e4a7bcc1a95 indicate that InitializeNSSWithFallbacks is
failing. Hopefully this will give us more information as to why.
Differential Revision: https://phabricator.services.mozilla.com/D29034
--HG--
extra : moz-landing-system : lando
If OCSP request is blocked, we can't get the certificate revocation
informatoin.
Add nsIChannel::LOAD_BYPASS_URL_ClASSIFIER to enfore URL classifier
bypasses OCSP request.
Differential Revision: https://phabricator.services.mozilla.com/D29230
--HG--
extra : moz-landing-system : lando
This allows us to loosen the coupling between the sandbox and code that needs
to run as soon as the token has been lowered.
We use std::list here because the observer service is not yet initialized.
Differential Revision: https://phabricator.services.mozilla.com/D28392
--HG--
extra : moz-landing-system : lando
Intermediate preloading was including cookies during attachment fetches to our
Kinto attachment servers. There's no reason for that, so let's not.
Differential Revision: https://phabricator.services.mozilla.com/D26193
--HG--
extra : moz-landing-system : lando
test_toolkit_securityreporter.js uses BadCertServer, which uses hard-coded
ports, so it needs to run sequentially.
Differential Revision: https://phabricator.services.mozilla.com/D28709
--HG--
extra : moz-landing-system : lando
Allow access to Apple's Metal shader language compiler in our content process sandbox. Limit the sandbox policy change to 10.14 and newer OS versions to reduce risk given that problems have only been reported on 10.14.5.
Differential Revision: https://phabricator.services.mozilla.com/D28904
--HG--
extra : moz-landing-system : lando
Crashes resulting from the diagnostic assertions added in 2ca136370e18 suggest
that certificate decoding is faiiling in the content process (which seems
impossible given that presumably we successfully decoded the very same
certificate in the parent). This should tell us what error code NSS is
returning when this happens, which may illustrate the issue.
Differential Revision: https://phabricator.services.mozilla.com/D27998
--HG--
extra : moz-landing-system : lando
The attributes for an interface should be on the line right before the
interface.
Interface attributes should be separated by spaces.
Clean up some trailing whitespace in widget/.
Differential Revision: https://phabricator.services.mozilla.com/D28234
--HG--
extra : moz-landing-system : lando
Add entitlement files for Hardened Runtime configuration to be used by Release Engineering for official builds and try builds and developers for local builds. These entitlement files are input to the codesign command.
Hardened Runtime and codesigning is not yet enabled for local builds or try builds so for now these files will only be used by Release Engineering.
production.entitlements.xml is intended to be used for official channel builds that will be codesigned, notarized, and shipped to users.
developer.entitlements.xml is intended to be used for developer and try builds that will be codesigned, but not notarized or shipped to users. The developer file enables debugging which is not compatible with notarization, but is otherwise the same as the production file.
codesign.bash is a stop-gap script to allow developers who setup Apple Developer ID certificates to codesign Nightly themselves and enabled Hardened Runtime.
Differential Revision: https://phabricator.services.mozilla.com/D27396
--HG--
extra : moz-landing-system : lando
Before this patch, test_toolkit_securityreporter.js would unconditionally try to
get the value of the "Cookie" header. If a header isn't available, httpd.js
apparently throws an exception. Interestingly, exceptions thrown in httpd.js
path handlers aren't reported to the test framework, so we weren't aware of
this. Additionally, the test didn't have any way of waiting until the security
report it was expecting had arrived, so it just continued on and "succeeded".
This patch addresses these issues by using "throws" to make sure no cookies are
available and by inserting extra add_test/run_next_test pairs when the test is
waiting for a report.
Differential Revision: https://phabricator.services.mozilla.com/D27613
--HG--
extra : moz-landing-system : lando
If the system doesn't support seccomp-bpf, the parent process won't
try to set up sandboxing, but the child process has a separate check that
didn't test for this, and ends up failing a release assertion (in
SandboxReporterClient, but we also release-assert that installing the
seccomp-bpf policy succeeds).
This patch just fixes the child-side conditional to match the intended
behavior, but in the long term we should consider redesigning SandboxInfo
to avoid this.
Differential Revision: https://phabricator.services.mozilla.com/D27624
--HG--
extra : moz-landing-system : lando
This adds a config option to enable client authentication through the TLS 1.3 post-handshake auth mechanism.
Differential Revision: https://phabricator.services.mozilla.com/D26540
--HG--
extra : moz-landing-system : lando
This excludes dom/, otherwise the file size is too large for phabricator to handle.
This is an autogenerated commit to handle scripts loading mochitest harness files, in
the simple case where the script src is on the same line as the tag.
This was generated with https://bug1544322.bmoattachments.org/attachment.cgi?id=9058170
using the `--part 2` argument.
Differential Revision: https://phabricator.services.mozilla.com/D27456
--HG--
extra : moz-landing-system : lando
This patch adds resumed attribute to nsISSLSocketControl, which is needed in tests that check SSL resumption (e.g. bug 1500533).
Differential Revision: https://phabricator.services.mozilla.com/D26597
--HG--
extra : moz-landing-system : lando
Previously cert_storage could use negative values as unsigned values when
determining if its data was sufficiently fresh, which could cause assertion
failures when doing time math.
This patch changes the behavior to just use 0 if values are either unavailable
or negative, which means we fail closed and say everything is out of date if we
otherwise don't have the information to make the correct decision.
Differential Revision: https://phabricator.services.mozilla.com/D27196
--HG--
extra : moz-landing-system : lando
Previously this functionality created a CryptoTask to do this work, but that
would cause a new thread to be created for each list of intermediates. This was
slow both because of all of the threads and because they could be scheduled
while other work was happening. Moving these tasks to the low-priority event
queue for threads in the certificate verification thread pool means no new
threads are created and the work only happens when these threads are idle
anyway.
Differential Revision: https://phabricator.services.mozilla.com/D26630
--HG--
extra : moz-landing-system : lando
Bug 1478124 and bug 1524687 converted many things to static xpcom
component registration, but somehow left the corresponding C++
initialization.
Differential Revision: https://phabricator.services.mozilla.com/D26697
--HG--
extra : moz-landing-system : lando
When the test font is activated, the notification of the font configuration change
may be handled asynchronously by content processes, so that it's possible the content
process has not yet handled the update at the point when registerFont() detects the
change and returns to the test script.
(This issue becomes more acute with the upcoming shared-font-list system, where the
OS notification is not handled by the content process at all; it's only handled by
the parent process, which then notifies content processes *after* it has updated the
font list. So there's an inherent latency between the update being recognized by the
chrome process - and therefore "ready" as far as the test script is concerned - and
content processes receiving and handling the change.)
To handle this, we can explicitly wait for the width of the rendered content to change,
which will indicate that the font configuration change has been handled by the content
process.
Differential Revision: https://phabricator.services.mozilla.com/D26570
--HG--
extra : moz-landing-system : lando
Allow read access to /System/Library for accessing system libraries.
Depends on D26397
Differential Revision: https://phabricator.services.mozilla.com/D26626
--HG--
extra : moz-landing-system : lando
This also removes the lalrpop files from the .git/hgignore as that
breaks the build since lalrpop now includes lrgrammar in the published
crate and that file needs to be vendored
--HG--
extra : histedit_source : e31c07645a87a11b19a0b7e44f2a48d791b5f396
We already have a null-terminated `nsString` in this code; we don't need
to turn it into another null-terminated `nsString`.
Depends on D26355
Differential Revision: https://phabricator.services.mozilla.com/D26356
--HG--
extra : moz-landing-system : lando
We flatten an nsAString before calling GetPublicKey, but GetPublicKey
doesn't actually care about whether the string is null-terminated or
not. Let's save a tiny amount of work by not doing the flattening.
Differential Revision: https://phabricator.services.mozilla.com/D26355
--HG--
extra : moz-landing-system : lando
Before bug 938437, we had a rather large and error-prone
nsStaticXULComponents.cpp used to register all modules. That was
replaced with clever use of the linker, which allowed to avoid the mess
that maintaining that file was.
Fast forward to now, where after bug 1524687 and other work that
preceded it, we have a much smaller number of remaining static xpcom
components, registered via this linker hack, and don't expect to add
any new ones. The list should eventually go down to zero.
Within that context, it seems to be the right time to get rid of the
magic, and with it the problems it causes on its own.
Some of those components could probably be trivially be converted to
static registration via .conf files, but I didn't want to deal with the
possible need to increase the number of dummy modules in XPCOMInit.cpp.
They can still be converted as a followup.
Differential Revision: https://phabricator.services.mozilla.com/D26076
--HG--
extra : moz-landing-system : lando
ffxbld
Sylvestre Ledru
Noemi Erli
J.C. Jones
Victor Porof
Razvan Maries
Csoregi Natalia
Oana Pop Rus
Narcis Beleuzu
Tim Nguyen
Dana Keeler
Haik Aftandilian
Dorel Luca
Kris Maglione
Gurzau Raul
shindli
Julien Cristau
Jared Wein
Tom Ritter
Aaron Klotz
Andrea Marchesini
Jed Davis
Myk Melez
Ciure Andrei
Mathieu Leplatre
Masatoshi Kimura
prathiksha
Dragana Damjanovic
Boris Zbarsky
Bogdan Tara
Andreea Pavel
Jonathan Kingston
Cosmin Sabou
Zibi Braniecki
Gian-Carlo Pascutto
Nihanth Subramanya
J.C. Jones
Mihai Alexandru Michis
arthur.iakab
Ehsan Akhgari
Kevin Jacobs
David Major
Coroiu Cristina
Nathan Froyd
Andrew McCreight
Michal Novotny
Daniel Varga
Gijs Kruitbosch
monikamaheshwari
Brindusan Cristian
Mark Goodwin
Sebastian Hengst
dlee
Brian Grinstead
Daiki Ueno
Mike Hommey
Jonathan Kew
Bastien Orivel
Bob Owen
Jeremy Lempereur
Carolina Jimenez Gomez