6dbfc47ad8
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald
2015-09-03 19:28:30 -05:00
db0b8dcf48
bug 1196853 - convert test_cert_signatures.js to generate certificates at build time r=jcj
...
Also add additional testcases that weren't in the original test (tampered
signatures had been tested, but tampered certificates hadn't been covered).
2015-08-19 15:59:49 -07:00
d5250da6de
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2015-09-03 13:59:53 -07:00
1d00751ccd
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2015-09-03 13:59:50 -07:00
dbfc3317da
Bug 1201024 - Disable unrestricted RC4 fallback and add RC4-only servers to the fallback whitelist. r=cykesiopka
2015-09-03 21:50:52 +09:00
5744a154e2
Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka
2015-09-03 22:07:42 +12:00
dbd45351dc
Bug 1195789 - Update fallback whitelist. r=cykesiopka
2015-09-02 00:44:04 +09:00
f44287005f
Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium.
...
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.
--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
2015-08-27 20:44:53 -07:00
c7fdbe4d0f
Backed out changeset 982be1bbebdf (bug 1199624) for Windows bustage.
2015-08-30 17:09:09 -04:00
c8309c6328
Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith
2015-08-29 07:59:00 -04:00
0d6549c972
Bug 1197644 - Remove the security.ssl.warn_missing_rfc5746 pref. r=keeler
...
--HG--
extra : transplant_source : %90%28%11%DB%E53%93%7C%F2%D6%5Ek%CC%DC%BE%FAe%F2%896
2015-08-24 22:53:42 -07:00
7073895edf
Bug 1196403 - Apply crbug/522201 to support Windows 10 build 10525. r=bobowen
2015-08-25 19:21:08 +09:00
dbaa85ce62
Bug 1188468 - Allow script to force updating a generated file even if the file is actually not changed. r=gps
...
--HG--
extra : source : 47b56f2495030d77c446215d8822c31fc32f23b7
2015-08-25 10:07:43 +10:00
2ee5d006b7
bug 1194013 - convert test_name_constraints.js to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-11 16:40:38 -07:00
5b75ad5195
Merge inbound to m-c. a=merge
2015-08-23 17:18:36 -04:00
3a47f061c9
Bug 1196988 - Remove THA support. r=gwagner
2015-08-21 10:00:54 -07:00
369ec3ac0f
Bug 1136892 - Create an xpcshell-addons tag for running addon-specific xpcshell tests, r=chmanchester
...
--HG--
extra : commitid : 6kGKslC9h14
2015-08-18 11:26:14 -07:00
641cf3a3ad
Bug 1194135, set NSS version to final 3.20 tag, no code change, DONTBUILD
2015-08-19 18:41:53 +02:00
fe6faf7d6b
Backed out changeset 688775a8227f (bug 1136892) for mass bustage prompting a CLOSED TREE
2015-08-18 11:58:05 -07:00
10a7d6a5b9
Bug 1195606 - Use channel->ascynOpen2 in security/manager/ssl/nsNSSCallbacks.cpp (r=sicking)
2015-08-18 09:54:09 -07:00
f2b116c0d6
Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)
2015-08-21 15:14:08 +01:00
7da4ee35ba
Bug 1189891 - Avoid including <cstring> from pkix/Input.h. r=bsmith
2015-08-21 15:27:22 +09:00
b85471d7e8
Backout changesets af1b36497559 and 1d52ab626597 (bug 1189891) for pkix bustage
2015-08-21 15:05:38 +09:00
067b45951a
Bug 1189891 - Avoid including <cstring> from pkix/Input.h. r=bsmith
2015-08-21 14:29:19 +09:00
c51baf3ae9
bug 1116409: switch update server to sha2 cert; update in-tree pinning. r=rstrong,snorp,mfinkle,dkeeler
2015-08-20 17:50:51 -04:00
b4174da7d8
Bug 1195615 - Log a web console warning when a HPKP header is ignored due to a non-built in root cert. r=keeler
2015-08-20 14:33:29 -07:00
dde975f7a0
Bug 1136892 - Create an xpcshell-addons tag for running addon-specific xpcshell tests, r=chmanchester
...
--HG--
extra : commitid : FN6nc0Yis2o
2015-08-18 11:26:14 -07:00
2755fa9a57
Bug 1190086 - Use new String::Contains(char) method more widely r=froydnj
...
--HG--
extra : rebase_source : 81df1495200d3734ea1c4c13818ae764a445f4b3
2015-08-14 00:49:15 +02:00
23a9820f27
bug 1190603 - rename prime256v1 to secp256r1 in test_keysize.js to reduce confusion r=Cykesiopka
...
OpenSSL refers to the curve in question as 'prime256v1', but rfc 5480,
mozilla::pkix, and the test framework refer to it as secp256r1, so we
should be consistent.
--HG--
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp256k1_256-int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256k1_256-int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_rsa_1016-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_rsa_1016-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_secp224r1_224-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp224r1_224-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_prime256v1_256-root_secp224r1_224.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp256r1_256-root_secp224r1_224.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_prime256v1_256-root_secp256k1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp256r1_256-root_secp256k1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp384r1_384-int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp384r1_384-int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp521r1_521-int_secp384r1_384-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp521r1_521-int_secp384r1_384-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_rsa_1016-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_rsa_1016-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_secp224r1_224-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp224r1_224-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_secp224r1_224.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp224r1_224.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_secp256k1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp256k1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_secp384r1_384-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp384r1_384-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/root_secp256r1_256.pem.certspec
2015-08-05 13:39:11 -07:00
70897766ec
bug 1190603 - convert test_keysize.js to generate certificates at build time r=Cykesiopka
2015-08-03 17:02:58 -07:00
ff2ceb15ed
Bug 1193298 - Part 2: Use .get() to convert from RefPtr to raw pointer. r=froydnj
2015-08-11 06:45:00 -04:00
b7a032eb04
Bug 1004011 - Support SECCOMP_FILTER_FLAG_TSYNC if available. r=kang
...
--HG--
extra : rebase_source : 32be610d889fedb518e062a4a416331be21378d3
2015-08-11 16:30:00 -04:00
7b0ea8ee04
Bug 1182551 - Updating nsSecureBrowserUIImpl so that insecure pages with mixed content iframes don't get marked as broken. r=keeler
2015-08-13 17:13:48 -07:00
531a2c1719
Bug 1194135, Update Mozilla to NSS 3.20, r=mt
2015-08-13 11:31:23 +02:00
8f318ea950
Bug 1193021 - clean up reference-counting in security/; r=keeler
2015-07-01 13:10:53 -04:00
7ce068b7e9
bug 1190532 - change default key specification from implicit to explicit in pycert.py r=Cykesiopka
...
Previously using an empty string would result in pycert.py returning the
default shared RSA key. This resulted in empty keyspec files being added
to the tree, which was confusing. This should end the confusion by making
the key specification process explicit rather than implicit.
2015-08-06 11:35:40 -07:00
948094db6e
bug 1189427 - convert test_ocsp_fetch_method.js to generate certificates at build time r=mgoodwin
2015-07-30 10:20:52 -07:00
8238eb63a4
Bug 1190794, land final NSS_3_19_3_RTM tag, no code change, DONTBUILD
2015-08-07 20:19:06 +02:00
c3c571a9ee
Bug 1166323 - Fix unexpcetd changed on previous landed. r=dkeeler
2015-08-07 13:41:49 +09:00
d9d018971e
Bug 1164609 - Remove EV treatment for expired Buypass Class 3 CA 1 root certificate. r=keeler
...
--HG--
extra : rebase_source : 65e2c8746098d8fb2cd5347b557c23a3832d435a
2015-08-07 00:21:00 +02:00
fca5cdc8bc
Backed out changeset 9618f92995ab (bug 1166323) for linux x64 test bustage on a CLOSED TREE
2015-08-07 07:24:40 +02:00
6fb6d7a35c
Bug 1166323 - Fix unexpcetd changed on previous landed. r=dkeeler
2015-08-07 13:41:49 +09:00
ba03e3c181
Backed out 2 changesets (bug 1016555, bug 1189427) for making Android 4.3 API11+ debug X3 perma fail in test_ev_certs.js
...
Backed out changeset ebd4e3880403 (bug 1189427
2015-08-06 11:51:27 +02:00
d93ee984a0
Bug 1124649 - Part 1 - Add specific error messages for various types of STS and PKP header failures. r=keeler,hurley
...
--HG--
extra : rebase_source : 8210ed5f89cec8c42d5a78b9101f1c54d91e04c6
2015-08-05 07:51:00 +02:00
ae2c1351bc
bug 1189427 - convert test_ocsp_fetch_method.js to generate certificates at build time r=mgoodwin
2015-07-30 10:20:52 -07:00
7315345693
Bug 1191100 - Remove XPIDL signature comments in .cpp files. r=ehsan
...
Comment-only so DONTBUILD.
2015-08-04 16:17:36 -07:00
80c4460491
Bug 1190794, Update to NSS 3.19.3 to pick up ca-certificates v 2.5, landing NSS_3_19_3_RC0, r=kwilson
2015-08-04 22:37:05 +02:00
59ef11f506
bug 1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js r=mcmanus
...
--HG--
rename : security/manager/ssl/tests/unit/test_client_cert/cert_dialog.js => netwerk/test/unit/client_cert_chooser.js
rename : security/manager/ssl/tests/unit/test_client_cert/cert_dialog.manifest => netwerk/test/unit/client_cert_chooser.manifest
extra : amend_source : 249efd8e1bc537cf14b3199865df18b8aba62d10
2015-07-29 14:27:54 -07:00
49d83b3b7d
Merge mozilla-central to mozilla-inbound
2015-08-03 15:45:57 +02:00
6b441cd90a
merge mozilla-inbound to mozilla-central a=merge
2015-08-03 13:56:39 +02:00
Steven Michaud
David Keeler
ffxbld
Masatoshi Kimura
Nick Thomas
Nicholas Nethercote
Ryan VanderMeulen
Jacek Caban
Cykesiopka
Makoto Kato
Xidorn Quan
Fabrice Desré
Jonathan Griffin
Kai Engert
Wes Kocher
Christoph Kerschbaumer
Mark Goodwin
Mike Hommey
Ben Hearsum
Arnaud Bienner
Aryeh Gregor
Jed Davis
Tanvi Vyas
Nathan Froyd
Carsten "Tomcat" Book
Birunthan Mohanathas