0aeaee1eb9
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-03-15 08:12:33 -07:00
00c6b3b68c
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-03-15 08:12:30 -07:00
0902d5e08e
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: AzYu7EXTIlg
2017-03-14 17:23:26 -07:00
ca7015fa45
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-03-14 08:14:06 -07:00
9f405f7b6e
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-03-14 08:14:03 -07:00
99f016e209
Bug 1346486 - Add a memory reporter for PSM DataStorage caches; r=keeler
2017-03-14 14:34:30 -04:00
5e6b22bdde
Bug 1346671 - Enable the no-useless-concat eslint rule in toolkit/ r=jaws
...
MozReview-Commit-ID: 1a422BiLEhK
--HG--
extra : rebase_source : a83b8d753e2a48593904ef0755d5517908588b93
2017-03-13 17:34:24 -05:00
dc67bfc9a3
Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron
...
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());
This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.
I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.
MozReview-Commit-ID: Kh1rUziVllo
--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
2017-03-14 15:26:27 +13:00
5cece96e1c
Backed out 12 changesets (bug 1344629) for stylo build bustage
...
Backed out changeset cf4273d3ac30 (bug 1344629)
Backed out changeset a96390e044e0 (bug 1344629)
Backed out changeset d9b330f9bc24 (bug 1344629)
Backed out changeset 2b460fe020af (bug 1344629)
Backed out changeset 0ada91b0452e (bug 1344629)
Backed out changeset 083304fcd6bd (bug 1344629)
Backed out changeset 53d7d1ce2c97 (bug 1344629)
Backed out changeset 55eee7078ae4 (bug 1344629)
Backed out changeset 7d3c06b3eca9 (bug 1344629)
Backed out changeset e5df14c3db61 (bug 1344629)
Backed out changeset 636095ff2815 (bug 1344629)
Backed out changeset 0be052ad24c1 (bug 1344629)
2017-03-14 11:52:24 +08:00
40f4821701
Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron
...
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());
This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.
I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.
MozReview-Commit-ID: Kh1rUziVllo
--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
2017-03-14 15:26:27 +13:00
f69c130b16
bug 1239344 - remove error alert for successful PKCS12 operations r=Cykesiopka
...
MozReview-Commit-ID: Hr6s2v2GmZQ
--HG--
extra : rebase_source : 232c80db1816ab7045cc5dec42c1aeeae3fc6042
2017-03-03 11:12:54 -08:00
a5c2b27889
No bug, Automated HPKP preload list update from host bld-linux64-spot-389 - a=hpkp-update
2017-03-13 07:39:08 -07:00
556a1935e6
No bug, Automated HSTS preload list update from host bld-linux64-spot-389 - a=hsts-update
2017-03-13 07:39:06 -07:00
c1edc7067d
merge mozilla-inbound to mozilla-central a=merge
2017-03-13 15:22:26 +01:00
70def79ce3
merge autoland to mozilla-central a=merge
2017-03-13 15:19:25 +01:00
ef0b6a528e
No bug, Automated HPKP preload list update from host bld-linux64-spot-084 - a=hpkp-update
2017-03-12 07:51:58 -07:00
49c84ad753
No bug, Automated HSTS preload list update from host bld-linux64-spot-084 - a=hsts-update
2017-03-12 07:51:55 -07:00
36c8dd04de
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-03-11 08:02:19 -08:00
ffc08830b6
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-03-11 08:02:16 -08:00
e9489ae053
Bug 1345368 - land NSS 09c491ef3b41, r=me
...
--HG--
extra : rebase_source : 586448bdfc1cb86dd086c39c9b20f98ac10cc98e
2017-03-13 06:01:21 +01:00
dc19643b13
Merge m-c to autoland. a=merge
2017-03-10 12:17:27 -05:00
4ae625dbd1
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-03-10 07:45:24 -08:00
0f55e2e2c7
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-03-10 07:45:21 -08:00
70631ff92d
bug 1339267 - re-work NSS initialization wrt thread/process etc. r=Cykesiopka,jcj
...
MozReview-Commit-ID: 2U4c8Xgf0bv
--HG--
extra : rebase_source : 14113cd3c823180c26398d4efb4d61d6f4f88dbc
2017-02-09 16:25:55 -08:00
65140a44e3
Merge inbound to central, a=merge CLOSED TREE
...
MozReview-Commit-ID: Gj4s6DtqKmw
2017-03-09 16:33:31 -08:00
9bf077a4c7
Merge m-c to autoland, a=merge CLOSED TREE
...
MozReview-Commit-ID: BG12zoWP3dQ
2017-03-09 14:12:34 -08:00
395f8ef03d
Merge m-c to inbound, a=merge CLOSED TREE
...
MozReview-Commit-ID: 9rWj5LVFZMq
2017-03-09 14:11:57 -08:00
562f1b6a0e
No bug, Automated HPKP preload list update from host bld-linux64-spot-380 - a=hpkp-update
2017-03-09 07:20:05 -08:00
fbff6ea92e
No bug, Automated HSTS preload list update from host bld-linux64-spot-380 - a=hsts-update
2017-03-09 07:20:02 -08:00
cb9616fb60
Bug 1343557 - Disable -pedantic-errors for pkix gtests; r=keeler
...
MozReview-Commit-ID: FEeAF9Vm3PJ
--HG--
extra : rebase_source : f62dfac39f8021f7cda8240bf680612847e5fd8b
2017-03-02 17:12:14 -05:00
c44c40b272
Bug 1344442 - Part 4: Misc cleanups. r=keeler
...
MozReview-Commit-ID: KRQGF3mUxEb
--HG--
extra : rebase_source : 8dcca6b5cee0d22d5af79a864bb3b881665da3b0
2017-03-08 20:54:02 +08:00
eac955eb32
Bug 1344442 - Part 3: Use smart pointers. r=keeler
...
MozReview-Commit-ID: 58BwdPYdjM5
--HG--
extra : rebase_source : 38d0b1af05cbc8991b5ed777bdafa9a8540a9cb1
2017-03-08 20:53:50 +08:00
2681aed2c3
Bug 1344442 - Part 2: Improve test coverage of nsICryptoHash and nsICryptoHMAC implementations. r=keeler
...
The equivalent base 64 digests for the existing test cases were obtained using:
> python2
> import binascii
> binascii.b2a_base64(binascii.unhexlify(<input hex>))
The large input hash digest was obtained like so:
> python2
> import hashlib
> hashlib.md5(" " * 4100).hexdigest()
The large input HMAC digest was obtained like so:
> python2
> import hashlib
> import hmac
> hmac.new("test", " " * 4100, hashlib.md5).hexdigest()
MozReview-Commit-ID: K0BxZdNemu6
--HG--
extra : rebase_source : e8fc9cb9c6b1d70c9162c6ed9fd49e6945dc57f4
2017-03-08 20:47:22 +08:00
8b9461cac0
Bug 1344442 - Part 1: Remove MD2 support from nsICryptoHMAC. r=keeler
...
There are several reasons for doing this:
1. Nothing appears to be using MD2 with nsICryptoHMAC.
2. There don't seem to be any test vectors available.
3. Bug 160161 suggests the MD2 case doesn't work anyways.
MozReview-Commit-ID: CW1PX7z09kB
--HG--
extra : rebase_source : de8b7e6f3fe03f5cd9d687fa7d410a2ca041b68e
2017-03-08 20:44:52 +08:00
6b0596a14c
Bug 1344441 - Move various Necko IDLs that really ought to be PSM IDLs. r=keeler,mcmanus
...
These IDLs conceptually are PSM APIs, and are implemented in PSM as well.
nsICryptoFIPSInfo.idl is similar but is removed instead because:
1. It's unused even by addons.
2. The only thing it provides is also available through nsIPKCS11ModuleDB.idl.
MozReview-Commit-ID: K8R0wDAhjLq
--HG--
rename : netwerk/base/nsICryptoHMAC.idl => security/manager/ssl/nsICryptoHMAC.idl
rename : netwerk/base/nsICryptoHash.idl => security/manager/ssl/nsICryptoHash.idl
rename : netwerk/base/nsINSSErrorsService.idl => security/manager/ssl/nsINSSErrorsService.idl
extra : rebase_source : 3eca83901e14cea714d402046303790d283cff74
2017-03-05 18:30:31 +08:00
78ac0ceba9
merge mozilla-inbound to mozilla-central a=merge
2017-03-08 16:59:42 +01:00
db9f30ffce
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-03-08 07:37:49 -08:00
87294b1e74
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-03-08 07:37:46 -08:00
dac8dc0c7b
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 96co4Bbby7W
2017-03-07 16:40:44 -08:00
589c1b5503
Bug 1344308 - Extend toolkit's eslint rules and fix lint errors in PSM r=jaws
...
* Remove eslint rules for PSM which are redundant with toolkit/.eslintrc.js
* Fix missing plugins block in mochitest.eslintrc.js
* Disable brace-style checking in mixed-content mochitests which use boilerplate where calls to runTest and afterNavigationTest all use opening brace on newline. I've left this for a follow-up.
* Fix lint errors resulting from new rules defined by toolkit's eslintrc.js
MozReview-Commit-ID: EepCLrzAsdM
--HG--
extra : rebase_source : e74e008403d9cd70703d60cf829af01dbede0353
2017-03-07 10:15:49 -08:00
e119b5436c
Merge mozilla-central to mozilla-inbound
2017-03-07 17:14:39 +01:00
b208913028
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-03-07 07:29:46 -08:00
4fa257851d
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-03-07 07:29:43 -08:00
37bbced84d
Bug 1344711 - hand cleanup of remaining useless try blocks around get*Pref calls identified by eslint, r=jaws.
...
--HG--
extra : rebase_source : 18c027010838faba91f0ac699f9bde07f85500e7
2017-03-07 15:29:48 +01:00
087da3f0d9
merge mozilla-inbound to mozilla-central a=merge
2017-03-07 15:13:31 +01:00
9d62681259
Bug 1345253 - Use element.firstChild.remove() instead of element.removeChild(element.firstChild), r=jaws.
2017-03-08 10:17:52 +01:00
aa22632bd1
Bug 1345368 - land NSS 6fafb8fd9ff4, r=me
...
--HG--
extra : rebase_source : 947524eb4e61414a5809df3453946b32882fdf17
2017-03-08 08:40:46 +01:00
a51561a1c4
Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes
...
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.
This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.
- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
- Fix a sneaky memory leak re: CryptoBuffer.ToSECItem
MozReview-Commit-ID: Jf6gNPauT4Y
--HG--
extra : rebase_source : 4ff5898e93e4a0a75576e5e54035a1cb6dd952d7
2017-02-01 15:21:04 -07:00
e559e3333d
Bug 1343731 - Remove the sync IPC during DataStorage initialization; r=keeler,billm
...
Instead of initializing DataStorage objects on demand in the content
process, we initialize them at content process startup by getting the
parent to send down the information about the existing DataStorages at
child process startup. After that point, the dynamic change
notifications added in bug 1215723 will take care of keeping the
information in sync.
2017-03-10 22:35:07 -05:00
77632ccd1b
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: JXQqoTEXxwz
2017-03-10 17:22:54 -08:00
8a3717250a
Merge m-c to inbound. a=merge
2017-03-10 12:16:23 -05:00
ff280be102
Merge mozilla-central to mozilla-inbound
2017-03-10 11:42:15 +01:00
83cdc02ec0
Bug 1345368 - land NSS 848abc2061a4, r=me
...
--HG--
rename : security/nss/fuzz/git-copy.sh => security/nss/fuzz/config/git-copy.sh
rename : security/nss/fuzz/certDN.options => security/nss/fuzz/options/certDN.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-add.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-addmod.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-div.options
rename : security/nss/fuzz/mpi-expmod.options => security/nss/fuzz/options/mpi-expmod.options
rename : security/nss/fuzz/mpi-invmod.options => security/nss/fuzz/options/mpi-invmod.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-mod.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-mulmod.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-sqr.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-sqrmod.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-sub.options
rename : security/nss/fuzz/mpi-mod.options => security/nss/fuzz/options/mpi-submod.options
rename : security/nss/fuzz/quickder.options => security/nss/fuzz/options/quickder.options
rename : security/nss/fuzz/tls-client.options => security/nss/fuzz/options/tls-client-no_fuzzer_mode.options
rename : security/nss/fuzz/tls-client.options => security/nss/fuzz/options/tls-client.options
2017-03-10 06:01:18 +01:00
41e6060a92
Bug 1344829 - add BUG_COMPONENT to security/* files. r=keeler
...
MozReview-Commit-ID: AS6e14FOqsb
2017-03-09 05:33:30 -05:00
b2f5aa5c23
Bug 1337331 Part 5: Re-apply - Add KEY_WOW64_64Key and KEY_WOW64_32KEY to the Chromium sandbox allowed registry read flags. r=aklotz
...
Carrying r=aklotz from previous changset:
https://hg.mozilla.org/mozilla-central/rev/d24db55deb85
2016-12-22 11:11:07 +00:00
0aa3a82f68
Bug 1310127 - Part 10: Handle netwerk/protocol/http MOZ_MUST_USE functions in PSM. r=wcpan
...
The only unhandled call updates nsHTTPListener::mHttpResponseContentType, but
nothing actually uses the value of mHttpResponseContentType.
MozReview-Commit-ID: FQXESvoO2ZN
--HG--
extra : rebase_source : 547158311de136054acff2539ea6a8bdbfb8227b
2016-12-28 16:25:22 +08:00
ed0b8f8653
Bug 1344615: Remove nsXPCOMStrings.{h,cpp} r=bsmedberg
...
These are now dead code.
MozReview-Commit-ID: AClU0Qx3kmN
--HG--
extra : rebase_source : df83cf89292da1519bb26027c11e14923d5c54a0
2017-03-06 17:52:54 +13:00
86d9d13c29
No bug, Automated HPKP preload list update from host bld-linux64-spot-393 - a=hpkp-update
2017-03-06 07:21:45 -08:00
31efc98388
No bug, Automated HSTS preload list update from host bld-linux64-spot-393 - a=hsts-update
2017-03-06 07:21:43 -08:00
cec6c3f714
merge autoland to mozilla-central a=merge
2017-03-06 10:51:51 +01:00
e844f7b79d
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-03-05 08:00:14 -08:00
330b3dec22
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-03-05 08:00:12 -08:00
8dcf6f318c
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2017-03-04 07:58:31 -08:00
e9085b277f
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2017-03-04 07:58:28 -08:00
06813a3df9
Merge mozilla-central to mozilla-inbound
2017-03-03 13:06:37 +01:00
901a8c09c1
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: AZeTEvGhLd1
2017-03-02 15:03:44 -08:00
546a05fec0
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-03-02 07:42:44 -08:00
52a438e1a4
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-03-02 07:42:42 -08:00
5716d510ff
Bug 1279479 - Remove DHE cipher suites from TLS 1.3 ClientHello. r=keeler,mt
...
Hiding cipher suites behind fallback to measure the impact of DHE removal. This patch itself will not improve security because MITM can trigger the fallback.
Unlike the previous attempt, this patch will not affect WebRTC because it does not touch default cipher prefs.
MozReview-Commit-ID: 82paUEuPu99
--HG--
extra : rebase_source : dd08b00ca0d618d0e2ac9c79ae8f32610e724dbd
2017-03-01 20:57:08 +09:00
d19d7643c7
Bug 1334127 - land NSS dec8c06d7ed9, r=me
...
--HG--
extra : rebase_source : 02a6633fa7c02bd65c76cb1aad8c3875aca305ea
2017-03-03 11:44:57 +01:00
24004054a8
Bug 1334975 - Get rid of nsIFilePicker.show() use in gecko, r=ochameau
2017-03-03 09:42:27 +01:00
9746f81e53
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: FzykkWPQCrq
--HG--
rename : browser/modules/test/browser_UsageTelemetry_content.js => browser/modules/test/browser/browser_UsageTelemetry_content.js
rename : browser/modules/test/browser_UsageTelemetry_content_aboutHome.js => browser/modules/test/browser/browser_UsageTelemetry_content_aboutHome.js
rename : browser/modules/test/browser_UsageTelemetry_searchbar.js => browser/modules/test/browser/browser_UsageTelemetry_searchbar.js
rename : browser/modules/test/browser_UsageTelemetry_urlbar.js => browser/modules/test/browser/browser_UsageTelemetry_urlbar.js
2017-03-01 17:48:44 -08:00
3cbb52bd7d
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 7vInHaD1geB
2017-03-01 17:18:37 -08:00
5fd3e1e3aa
No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update
2017-03-01 07:47:15 -08:00
c5c4be92d2
No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update
2017-03-01 07:47:12 -08:00
3f87d6f0d5
Merge m-c to autoland, a=merge b557bdc314e7
...
MozReview-Commit-ID: HDM5eTkVNDa
2017-03-01 16:27:28 -08:00
0c87943561
Bug 1334127 - land NSS 6511e19a2c6c, r=me
...
--HG--
extra : rebase_source : 966e28d8676669276d9fd01d47315c5cafa4ee24
2017-02-28 13:52:02 +01:00
24bb9f3ffe
Merge mozilla-central to mozilla-inbound
2017-02-28 13:03:04 +01:00
1b29a33fce
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: K0Q4b2wzvlJ
2017-03-03 17:29:54 -08:00
8f8a9f5255
Bug 1344106 - Remove Linux todos() now that Linux sandboxing is riding the trains. r=haik
...
MozReview-Commit-ID: 9tI2S6fEYkD
--HG--
extra : rebase_source : 0a5d00f8498861e7ea281e527b2be6b2c4e472d6
2017-03-03 09:50:29 +01:00
d30aee57bf
Bug 1339729: Remove wow_helper from Windows process sandboxing. r=glandium
2017-03-01 10:41:07 +00:00
895edf7133
Bug 1338895 - Avoid non-smart string IDL types in remaining PSM IDL files. r=aklotz,keeler
...
Smart string classes like nsCString are safer to use than raw |char*| strings,
and are typically easier to deal with as well.
MozReview-Commit-ID: 18C293zWrJw
--HG--
extra : rebase_source : 350191d4c3047fb38d18e8c6d9370cd059007861
2017-02-26 20:36:40 +08:00
ce968eef85
Bug 1346305 - Unbreak --enable-warnings-as-errors on FreeBSD after bug 1343557. r=keeler
...
MozReview-Commit-ID: 3gZCXTK1GJI
--HG--
extra : rebase_source : 0de5fc52517c71db1c74814b5dcf096a8ceac593
2017-03-10 18:02:44 +00:00
0d98f89e16
Bug 1343216 - Add blocklist tags in xpcshell tests r=kmag
...
MozReview-Commit-ID: 8HDgdSSFxyU
--HG--
extra : rebase_source : 49a73ffcd60ea9f770ad7bc600512be19551fe5e
2017-03-02 11:23:24 +01:00
654b5c9af9
Bug 1320458 - Make logging by sandboxed child processes to a file work on Windows, r=aklotz
...
MozReview-Commit-ID: 7eiW3Lo6q8Z
2017-03-06 17:42:31 +01:00
672079f03f
Bug 1329328 - Permit sandboxed processes to access Flash temporary files. r=bobowen
...
Allows the creation/use of temp files when the user has already green-lit
the use of a file for write purposes in that folder.
2017-02-27 14:15:52 -08:00
1e95bd721f
Merge inbound to central, a=merge
...
MozReview-Commit-ID: F0XvCKnh8H7
2017-02-27 13:34:55 -08:00
4039fb4c58
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-02-27 07:28:02 -08:00
c8f79e9d17
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-02-27 07:28:00 -08:00
bcd3dcc6b3
Bug 1342385: Allow mremap on linux32 for wasm; r=jld
...
MozReview-Commit-ID: 82f8ryvd57S
--HG--
extra : rebase_source : 0e74611052853f149eb0fefe8fef849a8f8978b0
extra : amend_source : ff91bb31d45ca4783da391e519f10e3613f0f890
2017-02-24 13:18:57 +01:00
90e8bc1b28
Bug 1026589 - Enable more GCC/Clang compiler warnings (-Wextra) for security/certverifier. r=keeler
...
Original patch by Camilo Viecco.
MozReview-Commit-ID: 4LWpueoyQHL
--HG--
extra : rebase_source : 85563711287ad851019c4031d97c1d309f066139
2017-02-23 23:19:55 +08:00
58de7b2c68
Bug 1342075 - Make nsCertOverride::OverrideBits an enum class. r=keeler
...
MozReview-Commit-ID: 3aLyL9VDvpf
--HG--
extra : rebase_source : 3b4a1837ed8233ab5a1af71707ca92d7f3699041
2017-02-23 23:16:53 +08:00
90d1cbb4fd
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2017-02-26 07:19:31 -08:00
5c63ba8319
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2017-02-26 07:19:28 -08:00
93f1641e39
No bug, Automated HPKP preload list update from host bld-linux64-spot-361 - a=hpkp-update
2017-02-25 07:22:43 -08:00
baf95bc4f8
No bug, Automated HSTS preload list update from host bld-linux64-spot-361 - a=hsts-update
2017-02-25 07:22:41 -08:00
2c84b59bb2
No bug, Automated HPKP preload list update from host bld-linux64-spot-025 - a=hpkp-update
2017-02-24 08:12:13 -08:00
53ced57059
No bug, Automated HSTS preload list update from host bld-linux64-spot-025 - a=hsts-update
2017-02-24 08:12:11 -08:00
39dbca81b0
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: BYjLy4wkFjg
2017-02-23 16:57:34 -08:00
60ae6514e4
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-02-23 07:36:26 -08:00
ad3be07b91
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-02-23 07:36:24 -08:00
e6b82618f4
merge mozilla-inbound to mozilla-central a=merge
2017-02-23 14:59:37 +01:00
fca1830f46
bug 1341905 - double-check that uses of CERT_LIST_* are safe in PSM r=jcj
...
MozReview-Commit-ID: BhGHd9xUUbP
--HG--
extra : amend_source : b7f8260719a3d918867a8ed7cf092e2909193bb5
2017-02-22 15:07:05 -08:00
d5deea2a4f
Bug 1338374 - Make Vector not use AlignedStorage for its inline element storage. r=froydnj, r=keeler
...
--HG--
extra : rebase_source : 81eb5278404b4843ed5a59819f6000f74200aa41
2017-01-30 15:56:05 -08:00
29443ed98c
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: HDHJC8X9xWG
2017-02-22 15:06:46 -08:00
b7294d3167
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 2R3yE5OIznC
2017-02-22 15:01:04 -08:00
5a7f5284cd
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 5l8P3DzMNXz
2017-02-22 14:55:21 -08:00
fb7e5cbb5d
Bug 1324096, PSM should check the roots module for a flag, that allows to distinguish between Mozilla-CA-Policy CAs and other CAs, r=dkeeler
2017-02-22 18:02:48 +01:00
b1044cf7c2
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-02-22 08:08:41 -08:00
138dd68d33
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-02-22 08:08:39 -08:00
5295bd9f91
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: AoD5GpFatBw
2017-02-21 17:41:05 -08:00
13e1cccb3f
Merge inbound to central, a=merge
...
MozReview-Commit-ID: EEMZdLCheAm
2017-02-21 17:35:01 -08:00
0de0267fd3
Backed out changeset d0a0da23ac05 (bug 1334975) for frequent failures of test_chrome_ext_downloads_saveAs.html. r=backout
2017-02-21 17:54:27 +01:00
fa4cd674a4
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2017-02-21 07:31:37 -08:00
a3f4155b6b
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2017-02-21 07:31:35 -08:00
9956afa503
Backed out changeset 597004bec637 (bug 1334975) for test failures in test_chrome_ext_downloads_saveAs.html
2017-02-21 10:30:41 +01:00
a01b0b45dd
Bug 1286865 - Step 4: Report rejected syscall info in Telemetry. r=gcp r=francois
...
MozReview-Commit-ID: 7R755WT1Ftu
--HG--
extra : rebase_source : 77356e29da9a02a3a4392be3de0e9e88ed9e131e
extra : histedit_source : 813980d967009d4270143ce3a503836c7337941f
2017-02-20 19:55:56 +01:00
886c391f8f
Bug 1334975 - Get rid of nsIFilePicker.show() use in gecko, r=Gijs, r=ochameau
2017-02-21 15:04:32 +01:00
9fcb9743ee
Bug 1334127 - land NSS 93b99b0936d3, r=me
...
--HG--
extra : rebase_source : 5793f0f4595bb1bbff9338dca3e4f5068db5a47f
2017-02-21 13:55:41 +01:00
f0666046d6
Bug 1286865 - Step 2: Add XPCOM bindings for sandbox syscall reporter. r=gcp r=glandium
...
MozReview-Commit-ID: GERRsOJ7H2w
--HG--
extra : rebase_source : 8ff688150ccf417a266a663ed0973d4850f51e63
2017-01-30 18:50:41 -07:00
f2fa27edca
Bug 1286865 - Step 1: Gather syscall info from SIGSYS handlers into the parent process. r=gcp
...
MozReview-Commit-ID: 8GfFo4xso65
--HG--
extra : rebase_source : 1596a79d65d30dc72d8b84fc4f1639de377f554a
2017-01-30 18:49:53 -07:00
eb0d19601a
Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on non-nightly. r=gcp
...
MozReview-Commit-ID: 1It6HNizbAc
--HG--
extra : rebase_source : 1e96f11904abf2c38c5b4e50de7609ddc86cdd8a
2017-01-27 14:25:50 -07:00
5da6bc7a06
Bug 1334975 - Get rid of nsIFilePicker.show() use in gecko, r=Gijs, r=ochameau
2017-02-21 07:51:00 +01:00
16d671402f
Merge autoland to m-c, a=merge
2017-02-20 20:26:48 -08:00
4ccad03e67
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-02-20 07:40:40 -08:00
289045d108
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-02-20 07:40:37 -08:00
15a77169b7
Merge mozilla-central to mozilla-inbound
2017-02-20 15:30:29 +08:00
e6df08c941
No bug, Automated HPKP preload list update from host bld-linux64-spot-078 - a=hpkp-update
2017-02-19 09:10:48 -08:00
b705ab918d
No bug, Automated HSTS preload list update from host bld-linux64-spot-078 - a=hsts-update
2017-02-19 09:10:46 -08:00
12cf113033
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-02-18 07:00:40 -08:00
755899dd22
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-02-18 07:00:37 -08:00
8c4ce17711
Merge inbound to m-c a=merge
...
MozReview-Commit-ID: DCUf7VEDrTt
2017-02-17 13:38:51 -08:00
700ed47352
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 3ZIZ9QEVArE
2017-02-17 12:45:42 -08:00
a565a10373
No bug, Automated HPKP preload list update from host bld-linux64-spot-381 - a=hpkp-update
2017-02-17 07:06:37 -08:00
5c04bdbade
No bug, Automated HSTS preload list update from host bld-linux64-spot-381 - a=hsts-update
2017-02-17 07:06:35 -08:00
87ae1a50e4
Backed out 5 changesets (bug 1284897) for mozilla::SandboxPermissions::RemovePermissionsForProcess crashes
...
Backed out changeset 19b2fcee13a9 (bug 1284897)
Backed out changeset a5171791437f (bug 1284897)
Backed out changeset 3ea8b8a18515 (bug 1284897)
Backed out changeset 21497a4e3bde (bug 1284897)
Backed out changeset 12e17d5f0fa9 (bug 1284897)
2017-02-16 22:14:15 -08:00
7d4bd52fae
Bug 1330907 - Rename Telemetry::ID to Telemetry::HistogramID. r=dexter
...
Changed |print("enum ID : uint32_t {", file=output)| to |print("enum HistogramID : uint32_t {", file=output)| at line 53 of the file |toolkit/components/telemetry/gen-histogram-enum.py|, and then replaced all the textual occurrences of |Telemetry::ID| to |Telemetry::HistogramID| and |ID| to |HistogramID| in 43 other files.
2017-02-16 00:45:15 +05:30
85079555b0
Merge mozilla-central to autoland
2017-02-20 14:12:30 +01:00
68e7240c0c
Backed out changeset 71b9ac06a60a (bug 1284897)
2017-02-21 23:13:29 +01:00
0155610268
Backed out changeset 0740284125d3 (bug 1284897)
2017-02-21 23:13:24 +01:00
caac1dd24c
Bug 1340854 - Properly report TLS handshake telemetry for 0 length reads. r=mt
2017-02-18 11:27:21 -08:00
7f64ae96ea
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
--HG--
extra : rebase_source : f1ddd3bdfb52cef0a2dc8bfbae4ba5c78e7fd7eb
2017-01-20 08:27:57 -08:00
26437f4ecd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : 4d5637bcdbeae605b0b99e9192598d48f371b698
2017-02-14 15:08:40 -08:00
3fd846f6a8
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
2017-01-20 08:27:57 -08:00
e9bcaf4cbe
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
2017-02-14 15:08:40 -08:00
fff91cf0bf
Bug 1335632 - Split out the const and mutable parts of myTrustedEVInfos. r=keeler
...
.rdata: 5536 bytes change
.data: -5760 bytes change
--HG--
extra : rebase_source : 2aa718f0744760cab5f5146d73139dace24a3225
2017-02-17 15:31:05 +13:00
4b081ff27d
bug 1301407 - enable nsNSSComponent initialization diagnostic crash report on all platforms r=dragana
...
--HG--
extra : amend_source : 56900b3bf87a8d927a9aa91672aa8593bdfe3e69
2017-02-15 14:51:45 -08:00
5b871d6f30
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen
...
Hook this into the browser via the XREAppData. This patch contains only the changes to Chromium source code.
--HG--
extra : rebase_source : 309715aa2449d53456934495b1f5e854df599bfb
extra : histedit_source : 26761a6a33e4e5b2bb559caf3b3eb51c249f2bcd
2017-01-20 08:27:57 -08:00
82eb0f3fdd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : e34e8b50101cc40ded26e80791052123b24c8243
extra : histedit_source : 69c9b2dc91546adbfdad03b5d43842809191ffb9
2017-02-14 15:08:40 -08:00
d8ab2e5bec
Bug 1338574 - Part 6: Use MOZ_CRASH_UNSAFE_PRINTF in NSS. r=keeler
...
--HG--
extra : rebase_source : 85173c8c8becd9f25f5ee0385c3b7ecdc8e85cce
2017-02-21 18:02:00 +01:00
a2f6f5b441
No bug, Automated HPKP preload list update from host bld-linux64-spot-022 - a=hpkp-update
2017-02-16 08:04:27 -08:00
86974fabaf
No bug, Automated HSTS preload list update from host bld-linux64-spot-022 - a=hsts-update
2017-02-16 08:04:24 -08:00
72ecfb5fd6
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: 7gVISUXnm2Q
2017-02-22 15:07:12 -08:00
c69d150710
Bug 1339669 - Update security.mixed_content.hsts_priming_cache_timeout default r=mayhemer
...
MozReview-Commit-ID: CNFrPUyrdO8
--HG--
extra : rebase_source : 858da20cf65369ede5908b07921dfba501956b84
2017-02-16 10:48:59 +09:00
017c515285
Merge inbound to m-c a=merge
...
MozReview-Commit-ID: IKI0zVtF1n9
2017-02-15 16:18:13 -08:00
ec985117e6
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 9FDTT0Vkl0L
2017-02-15 15:26:11 -08:00
c1cc1aa5b1
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-02-15 07:22:17 -08:00
c9a6d4e82f
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-02-15 07:22:14 -08:00
ed3d8d8286
merge mozilla-inbound to mozilla-central a=merge
2017-02-15 12:21:44 +01:00
f85117da36
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: 1c81Eie63Pe
2017-02-14 14:45:40 -08:00
cac6cb6a10
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 1D2zbWPC8TT
2017-02-14 13:12:20 -08:00
ac8a72f2d5
No bug, Automated HPKP preload list update from host bld-linux64-spot-086 - a=hpkp-update
2017-02-14 07:14:02 -08:00
b904921c76
No bug, Automated HSTS preload list update from host bld-linux64-spot-086 - a=hsts-update
2017-02-14 07:13:59 -08:00
785f12a554
Bug 1331280 - Generic telemetry probe for TLS handshake status. r=keeler
...
--HG--
extra : rebase_source : 69a2e93a5cd8d500702a670dfaa5e6cebb822ff0
2017-02-14 13:12:00 -05:00
8c454e1c69
Merge mozilla-central to mozilla-inbound
2017-02-15 12:43:50 +01:00
209be0e8ce
Bug 1339389: Remove legacy build config from Windows SandboxBroker moz.build. r=glandium
...
MozReview-Commit-ID: KA3dCxrCZRo
2017-02-15 08:31:14 +00:00
5583be3ddf
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: KkIFx9ndC8y
2017-02-14 14:46:45 -08:00
2950b86660
bug 1339010 - ensure pinning and CT telemetry info has been initialized r=jcj
...
MozReview-Commit-ID: F7pOqCK145n
--HG--
extra : rebase_source : 7138aca9769f6719e35073f16b835159c7929684
2017-02-13 16:47:43 -08:00
415dbf1a26
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: JuiEcsYYLS3
2017-02-13 17:08:00 -08:00
05bee27cec
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 3sGhLpcvp7K
2017-02-13 16:49:15 -08:00
e80ac94bd8
No bug, Automated HPKP preload list update from host bld-linux64-spot-308 - a=hpkp-update
2017-02-13 07:05:42 -08:00
7027f8a7e2
No bug, Automated HSTS preload list update from host bld-linux64-spot-308 - a=hsts-update
2017-02-13 07:05:39 -08:00
ea85356f95
Merge m-c to m-i
2017-02-12 15:33:29 -08:00
66f98480ef
Bug 1335294: Remove const from data tables under security/ for better codegen on Windows. r=keeler
...
MozReview-Commit-ID: 3k1Gpm0ugY2
2017-02-13 09:41:20 +13:00
9057f0c449
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-02-12 07:27:38 -08:00
dfb75b1bd9
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-02-12 07:27:36 -08:00
3f38ad8e9c
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-02-11 07:51:02 -08:00
f27f804b88
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-02-11 07:50:59 -08:00
71842da0e8
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 8GR9XTMPAjp
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
2017-02-10 14:32:26 -08:00
7de3f46c87
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-02-10 07:05:40 -08:00
7f6d91a361
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-02-10 07:05:38 -08:00
24ddf955dd
Backed out changeset e887fb5d5d06 (bug 1337748) for eslint failure
...
--HG--
rename : security/manager/ssl/security-prefs.js => netwerk/base/security-prefs.js
2017-02-10 14:00:02 +08:00
2154e8d95a
Bug 1337748 - Move security-prefs.js from netwerk/ to security/manager/. r=keeler,mcmanus
...
MozReview-Commit-ID: 2TOJG6tRWJZ
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
extra : rebase_source : 4127a5c9676f24d17a0f38efed8e9ad558044b07
2017-02-08 21:16:27 +09:00
b5acb9b812
Backed out 2 changesets (bug 1336867) for (at least) eslint failures
...
CLOSED TREE
Backed out changeset 0a4f283638cb (bug 1336867)
Backed out changeset 837766805d75 (bug 1336867)
--HG--
rename : security/manager/ssl/tests/unit/test_sts_parser.js => security/manager/ssl/tests/gtest/STSParserTest.cpp
2017-02-09 19:02:32 -08:00
ef8f78b212
Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService r=keeler,mgoodwin,past
...
--HG--
extra : rebase_source : e4a69e18154adf22e045c820ae2b3fd8a77877a6
2017-02-08 11:17:29 +08:00
c449723684
Bug 1336867 - Move STSParserTest.cpp to test_sts_parser.js r=keeler
...
--HG--
rename : security/manager/ssl/tests/gtest/STSParserTest.cpp => security/manager/ssl/tests/unit/test_sts_parser.js
extra : rebase_source : dfadaa8f9f0030e07a4ea7bf64e36a7b4d959521
2017-02-07 10:23:45 +08:00
e28cb314a8
Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService r=keeler,mgoodwin,past
...
--HG--
extra : rebase_source : 3b14ddfcb4107eeeb15ba5498d0b516310847c58
2017-02-08 11:17:29 +08:00
8b8bdd6f07
Bug 1336867 - Move STSParserTest.cpp to test_sts_parser.js r=keeler
...
--HG--
rename : security/manager/ssl/tests/gtest/STSParserTest.cpp => security/manager/ssl/tests/unit/test_sts_parser.js
extra : rebase_source : dfadaa8f9f0030e07a4ea7bf64e36a7b4d959521
2017-02-07 10:23:45 +08:00
e27ab18a24
Merge autoland to central, a=merge
...
MozReview-Commit-ID: Cu9iXbDAS7t
2017-02-09 16:36:11 -08:00
7d72c6ef47
No bug, Automated HPKP preload list update from host bld-linux64-spot-387 - a=hpkp-update
2017-02-09 07:37:08 -08:00
7efff53231
No bug, Automated HSTS preload list update from host bld-linux64-spot-387 - a=hsts-update
2017-02-09 07:37:04 -08:00
35ac12c63d
Bug 1331983 - Avoid non-smart string IDL types in nsIX509CertDB.idl. r=gcp,keeler,nwgh
...
Smart string classes like nsCString are safer to use than raw |char*| strings,
and are typically easier to deal with as well.
MozReview-Commit-ID: 2PdrCa6cbpe
--HG--
extra : rebase_source : a8730dd48e954f4947534a0d4d524848061dac98
2017-02-09 23:11:29 +08:00
448874c0f1
Bug 1337748 - Move security-prefs.js from netwerk/ to security/manager/. r=keeler,mcmanus
...
MozReview-Commit-ID: 2TOJG6tRWJZ
--HG--
rename : netwerk/base/security-prefs.js => security/manager/ssl/security-prefs.js
extra : rebase_source : e11ef6fa7264edd41e77d65512a2183c737f34dd
2017-02-08 21:16:27 +09:00
a280d5294c
bug 1338701 - constify all TransportSecurityPreloads, use mozilla::BinarySearch over bsearch r=Cykesiopka
...
MozReview-Commit-ID: Lu3H9SpyJgR
--HG--
extra : rebase_source : 7a958793523bc8d4e9d34a7b3b26760a3c1da0f9
2017-02-10 15:52:26 -08:00
26605e4a7d
Bug 1337358 - Converts for(...; ...; ...) loops to use the new range-based loops in C++11 in security/sandbox/ r=gcp
...
MozReview-Commit-ID: Iwj7i07LkJ0
--HG--
extra : rebase_source : 88a71d78dd6d3e4cf603047a5714631b4ae4542b
2017-02-08 11:59:38 +01:00
aba86ae938
Bug 1337358 - Converts for(...; ...; ...) loops to use the new range-based loops in C++11 in security/ r=keeler
...
MozReview-Commit-ID: yfkQVEp2do
--HG--
extra : rebase_source : 048f30343b9eb353bbc15fbde157ffbb3b2da8ec
2017-02-07 13:22:44 +01:00
6215212efa
Merge mozilla-central to mozilla-inbound
2017-02-14 13:41:43 +01:00
0686551eab
Bug 1325227 - Part 3: Allow child process to share semaphore handles with the parent/gpu processes. r=bobowen
2017-02-04 23:19:03 +13:00
455bdf24fe
Bug 1338086 - Remove useless else blocks in order to reduce complexity in security/sandbox/linux/ r=gcp
...
MozReview-Commit-ID: 5UWtAe6THd6
--HG--
extra : rebase_source : 17af6640439f209cb37e91552cf0f97043bd9e91
2017-02-09 10:56:05 +01:00
f7fe4cbe12
Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain (ForgetAboutSite) r=keeler,mossop
...
MozReview-Commit-ID: LjYb5coVxJl
--HG--
extra : rebase_source : 0a1cc4b70b266958c478ff48d9edc1e669ebb33f
2017-02-14 10:29:54 +08:00
4489e44dc2
Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain (PSM) r=Cykesiopka,keeler
...
MozReview-Commit-ID: HhFFqtpBNjO
--HG--
extra : rebase_source : 980dfd035efc4886a7ca393923c2c2783cc76a7d
2017-02-14 10:29:10 +08:00
166c51d181
No bug, Automated HPKP preload list update from host bld-linux64-spot-013 - a=hpkp-update
2017-02-08 07:19:15 -08:00
8a301bbd0d
No bug, Automated HSTS preload list update from host bld-linux64-spot-013 - a=hsts-update
2017-02-08 07:19:13 -08:00
78e9074835
Bug 1334127 - land NSS e3bca65235d5, r=me
2017-02-08 06:00:53 +01:00
5f8f360823
Bug 1060419 - make log_print use Printf.h, r=froydnj
...
MozReview-Commit-ID: BIZ1GQEZ1vs
--HG--
extra : rebase_source : 2f1f0aa12493c44f352d9a7e8683e7bb72d2d75b
2016-12-15 20:16:31 -07:00
f8ab4ddf02
Bug 1060419 - remove unneeded includes of prprf.h, r=froydnj
...
MozReview-Commit-ID: JifhpA3oOeH
--HG--
extra : rebase_source : 08460997dc3fd91f3065c718e17b41bb4acf8bae
2016-12-09 10:00:01 -10:00
c8dbb3b86e
Bug 1334127 - update firefox nss.symbols, r=franziskus
...
--HG--
extra : rebase_source : ae7d157350878c0988f39ac49a9d8731be9a8632
2017-02-10 02:29:00 +01:00
6d466422fe
Bug 1334127 - land NSS 01d6c0dff06f, r=me
...
--HG--
extra : rebase_source : 37ce5889894c3a0208c91c2fa254ab6a8c9ba080
2017-02-13 14:27:06 +01:00
8fa9a9c682
bug 1294580 - prevent end-entity certificates from being their own trust anchors r=Cykesiopka
...
MozReview-Commit-ID: KaZaFG8AWwl
--HG--
extra : rebase_source : 8cba6d29febc73e65ff54bc754ab9d016e140d6f
2017-02-24 12:32:41 -08:00
d80bc035b4
Bug 1342736 - Remove nsIX509CertDB.verifySignedManifestAsync(). r=mgoodwin
...
verifySignedManifestAsync() was added in Bug 1059216 to support Trusted Hosted
Apps.
However, Bug 1196988 removed THA and no add-ons use this method, so there's no
point in keeping it around.
MozReview-Commit-ID: 6xBRxvRZfjh
--HG--
extra : rebase_source : 5b8cf9c5863187b55325a8f9929bbe52c6478ec5
2017-02-26 20:25:36 +08:00
672c83ed65
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 5H1ZxSV0XuM
2017-02-07 16:33:31 -08:00
eba276a4fb
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 8yDHss0OAAq
2017-02-07 15:56:57 -08:00
5586217f34
No bug, Automated HPKP preload list update from host bld-linux64-spot-055 - a=hpkp-update
2017-02-07 07:33:06 -08:00
3139a8b47f
No bug, Automated HSTS preload list update from host bld-linux64-spot-055 - a=hsts-update
2017-02-07 07:33:04 -08:00
fa71c479fc
Bug 1332636 - Remove PSM support for Firefox Marketplace apps and Trusted Hosted Apps. r=keeler
...
THA was removed in Bug 1196988.
After Bug 1235869 and Bug 1238079, Firefox Marketplace apps are at most
supported by B2G, and B2G only code doesn't need to be in m-c anymore.
MozReview-Commit-ID: DAx5lRdYQo0
--HG--
extra : rebase_source : e7fc32195def3acda2d53a6e3cb969f1e8a9a9a1
2017-02-06 23:43:38 +08:00
fe1e99cceb
Bug 1333681 - Part 2 - Adds tests for reading of the profile dir; r=bobowen,gcp
...
Adds additional tests that try to read files and get directory listings from
both a web content process and a file content process.
Tests include attempting to read the profile directory and cookies file from
a web content process and validating that this is prevented by the sandbox
when the sandbox level (security.sandbox.content.level) is set high enough.
Only Mac (for now) uses a level that includes read access blocking of the
profile directory.
Tests also attempt to read the profile and cookies file from a file content
process which should be allowed.
MozReview-Commit-ID: KfyT9ohsuuG
--HG--
extra : rebase_source : f1c5aa2fef58a6bb859623072770ea918f8f4df1
2017-02-01 21:26:23 -08:00
848c29538a
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 2yQjOIMCCiO
2017-02-06 17:45:21 -08:00
e88bb6a257
Merge autoland to m-c a=merge
...
MozReview-Commit-ID: EcBWp8VLx1x
2017-02-06 17:37:51 -08:00
e53176272b
No bug, Automated HPKP preload list update from host bld-linux64-spot-1037 - a=hpkp-update
2017-02-06 08:13:57 -08:00
07ad576454
No bug, Automated HSTS preload list update from host bld-linux64-spot-1037 - a=hsts-update
2017-02-06 08:13:55 -08:00
c7118bb741
bug 1335576 - stop passing nsINSSComponent around everywhere in nsNSSCertHelper.cpp r=Cykesiopka
...
MozReview-Commit-ID: LW4JEnvh1tR
--HG--
extra : rebase_source : fd8bfc7343419ff5412b32042ce98d27eea7c350
2017-01-31 14:08:56 -08:00
6cb15d5fe6
bug 1335576 - run clang-format on nsNSSCertHelper.cpp r=Cykesiopka
...
MozReview-Commit-ID: 61ocKUdur9G
--HG--
extra : rebase_source : 34fffd66e627f9ab8a38a4c779da2abfd3bef954
2017-01-31 13:23:55 -08:00
775c0b6d2b
Merge mozilla-central to mozilla-inbound
2017-02-07 14:14:38 +01:00
0b173d4f36
Bug 1321724: Change USER_NON_ADMIN access token level from whitelist to blacklist containing Admin SIDs. r=jimm
...
MozReview-Commit-ID: 9cx2R6kMUwa
2017-02-07 10:59:43 +00:00
ac8a2fb906
Backed out changeset a608c5cc4ff8 (bug 1321725) for landing with wrong bug number
...
--HG--
extra : rebase_source : 1d7b5b836c1e67507c6592c11d1bfe50623eee84
2017-02-07 11:50:54 +01:00
2ca65ce116
Bug 1321725: Change USER_NON_ADMIN access token level from whitelist to blacklist containing Admin SIDs. r=jimm
...
MozReview-Commit-ID: 9cx2R6kMUwa
2017-02-07 10:38:24 +00:00
467786d86a
Bug 1335329 - Improve handling of mkdir() on preexisting directories in Linux sandbox file broker. r=gcp
...
If the path given doesn't have write+create permissions in the broker
policy, but does have MAY_ACCESS (i.e., if checking for its existence
with lstat() or access() would be allowed), then check for its existence
and fail with EEXIST the way the the real mkdir() would.
Note that mkdir() fails with EEXIST even the existing file isn't a
directory, including if it's a broken symlink.
MozReview-Commit-ID: 13Cwnq1nRrw
--HG--
extra : rebase_source : c37caa091583fa85a0a72ed62fa9f12a3523e8f4
2017-02-02 11:56:21 -07:00
2b1b7ba92f
Bug 1334127 - land NSS 0750d7a0402b, r=me
...
--HG--
extra : rebase_source : db118d989a2dd5a964230369bfe27297cf073ca4
2017-02-06 06:02:12 +01:00
24209083be
No bug, Automated HPKP preload list update from host bld-linux64-spot-018 - a=hpkp-update
2017-02-05 07:38:32 -08:00
7b0a9b6ebf
No bug, Automated HSTS preload list update from host bld-linux64-spot-018 - a=hsts-update
2017-02-05 07:38:30 -08:00
56e8c0db4a
Merge autoland to m-c, a=merge
2017-02-04 16:36:35 -08:00
80fd210dd6
No bug, Automated HPKP preload list update from host bld-linux64-spot-017 - a=hpkp-update
2017-02-04 07:26:25 -08:00
933525c585
No bug, Automated HSTS preload list update from host bld-linux64-spot-017 - a=hsts-update
2017-02-04 07:26:23 -08:00
a643925da8
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-02-03 07:17:03 -08:00
b0c736bd73
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-02-03 07:17:01 -08:00
0f7202f3c2
Bug 1334127 - land NSS 0a7ba014dbb3, r=me
2017-02-03 06:00:56 +01:00
9df4609d47
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 2YFPzTIzJeU
2017-02-02 15:55:40 -08:00
6f0eb0ec8e
No bug, Automated HPKP preload list update from host bld-linux64-spot-018 - a=hpkp-update
2017-02-02 07:29:08 -08:00
a367e03beb
No bug, Automated HSTS preload list update from host bld-linux64-spot-018 - a=hsts-update
2017-02-02 07:29:06 -08:00
0efec638f3
Merge m-c to a CLOSED TREE autoland
2017-02-01 20:42:06 -08:00
d20e4431d0
Backed out changeset b03c9f4ac1b0 (bug 1335294) for Windows PGO bustage
...
CLOSED TREE
2017-02-01 19:17:21 -08:00
320bc0a242
No bug, backed out 2 changesets (HPKP and HSTS updates) for being generated by a patch being backed out
...
CLOSED TREE
Backed out changeset 35aecea31459
Backed out changeset 5fb02eba033b
MozReview-Commit-ID: JJaJQS98OJn
2017-02-01 19:16:41 -08:00
9bd2796d0c
No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update
2017-02-01 08:17:00 -08:00
25558d37ea
No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update
2017-02-01 08:16:58 -08:00
9d099e6afc
Bug 1334127 - land NSS 650e5f6cb617, r=me
2017-02-01 06:01:01 +01:00
369d1056a8
Bug 1335294: Add constexpr to data tables under security/ for better codegen on Windows. r=keeler
...
MozReview-Commit-ID: 3OMBGfLKP9I
--HG--
extra : rebase_source : 9422b385ce03ddef674167df41665224e4f9b6f3
2017-02-01 14:59:57 +13:00
9ebd31f2b7
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-01-31 07:20:28 -08:00
74d092c90f
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-01-31 07:20:26 -08:00
927eb5ce69
Merge m-c to autoland
2017-01-31 13:10:38 +01:00
5de2e3d5f6
Bug 1335323 - Move vector include to sandbox header to fix bustage. r=bustage-fix a=bustage-fix
2017-01-31 13:06:22 +01:00
ffxbld
Wes Kocher
Ehsan Akhgari
Jim Porter
David Major
Iris Hsiao
David Keeler
Carsten "Tomcat" Book
Franziskus Kiefer
Ryan VanderMeulen
Dan Minor
Cykesiopka
Sam Foster
Florian Quèze
J.C. Jones
Joel Maher
Bob Owen
Masatoshi Kimura
Andrea Marchesini
Haik Aftandilian
Jan Beich
Mathieu Leplatre
Honza Bambas
David Parks
Benjamin Bouvier
Jeff Walden
Kai Engert
Sebastian Hengst
Jed Davis
Phil Ringnalda
Vedant Sareen
EKR
Emanuel Hoogeveen
Kate McKinley
Jonathan Hao
Sylvestre Ledru
Matt Woodrow
Tom Tromey
Kai Engert
Olli Pettay