Граф коммитов

97 Коммитов

Автор SHA1 Сообщение Дата
Simon Giesecke 971b645fe3 Bug 1660470 - Add missing include directives/forward declarations. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D87865
2020-11-23 16:21:38 +00:00
Jeff Walden 49d77af36e Bug 1663365 - Move |JSJitInfo| out of jsfriendapi.h to its own experimental header. r=jandem
Differential Revision: https://phabricator.services.mozilla.com/D89332
2020-09-08 22:52:34 +00:00
Simon Giesecke 9364b353d4 Bug 1648010 - Remove NS_NAMED_LITERAL_CSTRING and NS_NAMED_LITERAL_STRING macros. r=froydnj
Differential Revision: https://phabricator.services.mozilla.com/D80631
2020-07-01 08:42:31 +00:00
J.C. Jones f2ef3fe72c Bug 1630088 - WebAuthn requests need to retain the Browsing Context ID r=keeler
The browsing context ID is useful for UX and UX improvements, particularly
for making progress on Bug 1540309.

Differential Revision: https://phabricator.services.mozilla.com/D71702
2020-04-24 22:57:33 +00:00
Boris Zbarsky c6c4a83796 Bug 1535530. Fix can-run-script analysis to not mishandle on-stack refs to RefPtrs. r=andi,masayuki
The key here is to test the type of the variable declaration for being a
smartptr type, instead of testing the type of the variable _use_.

Differential Revision: https://phabricator.services.mozilla.com/D65581

--HG--
extra : moz-landing-system : lando
2020-03-06 09:57:45 +00:00
MahakBansal 6fb7b7ee42 Bug 1603100 - Remove the unused line in U2F.cpp. r=sylvestre
Differential Revision: https://phabricator.services.mozilla.com/D61428

--HG--
extra : moz-landing-system : lando
2020-02-03 16:13:34 +00:00
Gabriele Svelto ace6d1063f Bug 1600545 - Remove useless inclusions of header files generated from IDL files in dom/ r=Ehsan
The inclusions were removed with the following very crude script and the
resulting breakage was fixed up by hand. The manual fixups did either
revert the changes done by the script, replace a generic header with a more
specific one or replace a header with a forward declaration.

find . -name "*.idl" | grep -v web-platform | grep -v third_party | while read path; do
    interfaces=$(grep "^\(class\|interface\).*:.*" "$path" | cut -d' ' -f2)
    if [ -n "$interfaces" ]; then
        if [[ "$interfaces" == *$'\n'* ]]; then
          regexp="\("
          for i in $interfaces; do regexp="$regexp$i\|"; done
          regexp="${regexp%%\\\|}\)"
        else
          regexp="$interfaces"
        fi
        interface=$(basename "$path")
        rg -l "#include.*${interface%%.idl}.h" . | while read path2; do
            hits=$(grep -v "#include.*${interface%%.idl}.h" "$path2" | grep -c "$regexp" )
            if [ $hits -eq 0 ]; then
                echo "Removing ${interface} from ${path2}"
                grep -v "#include.*${interface%%.idl}.h" "$path2" > "$path2".tmp
                mv -f "$path2".tmp "$path2"
            fi
        done
    fi
done

Differential Revision: https://phabricator.services.mozilla.com/D55442

--HG--
extra : moz-landing-system : lando
2019-12-06 09:24:56 +00:00
Dorel Luca a381d5c96d Backed out changeset f6e53d1c6518 (bug 1600545) for Android build bustage. CLOSED TREE 2019-12-04 17:32:27 +02:00
Gabriele Svelto bc9290f767 Bug 1600545 - Remove useless inclusions of header files generated from IDL files in dom/ r=Ehsan
The inclusions were removed with the following very crude script and the
resulting breakage was fixed up by hand. The manual fixups did either
revert the changes done by the script, replace a generic header with a more
specific one or replace a header with a forward declaration.

find . -name "*.idl" | grep -v web-platform | grep -v third_party | while read path; do
    interfaces=$(grep "^\(class\|interface\).*:.*" "$path" | cut -d' ' -f2)
    if [ -n "$interfaces" ]; then
        if [[ "$interfaces" == *$'\n'* ]]; then
          regexp="\("
          for i in $interfaces; do regexp="$regexp$i\|"; done
          regexp="${regexp%%\\\|}\)"
        else
          regexp="$interfaces"
        fi
        interface=$(basename "$path")
        rg -l "#include.*${interface%%.idl}.h" . | while read path2; do
            hits=$(grep -v "#include.*${interface%%.idl}.h" "$path2" | grep -c "$regexp" )
            if [ $hits -eq 0 ]; then
                echo "Removing ${interface} from ${path2}"
                grep -v "#include.*${interface%%.idl}.h" "$path2" > "$path2".tmp
                mv -f "$path2".tmp "$path2"
            fi
        done
    fi
done

Differential Revision: https://phabricator.services.mozilla.com/D55442

--HG--
extra : moz-landing-system : lando
2019-12-04 15:01:19 +00:00
Boris Zbarsky 6b623aa87a Bug 1554223. Add a version of JS::NewFunctionFromSpec that does not require passing an id. r=jandem
Differential Revision: https://phabricator.services.mozilla.com/D32527

--HG--
extra : moz-landing-system : lando
2019-05-27 13:26:04 +00:00
Boris Zbarsky e379022658 Bug 1551282 and bug 1553436. Allow pages to override window.u2f but not the "sign" and "register" properties on the U2F object. r=jcj,smaug
There are two related problems this patch is trying to address.  The first, and
simpler, one is bug 1553436: there are websites that use existing variables and
functions named "u2f" and adding a non-replaceable readonly property with that
name on Window breaks them.  The fix for this is straightforward: mark the
property [Replaceable].

The second problem, covered by bug 1551282, involves sites that use the Google
U2F polyfill.  The relevant parts of that polyfill look like this:

  'use strict';
  var u2f = u2f || {};
  u2f.register = some_function_that_only_works_right_in_Chrome;
  u2f.sign = some_function_that_only_works_right_in_Chrome;

The failure mode for that code before this fix is that the assignment to "u2f"
throws because it's a readonly property and we're in strict mode, so any code
the page concatenates in the same file after the polyfill does not get run.
That's what bug 1551282 is about.  The [Replaceable] annotation fixes that
issue, because now the polyfill gets the value of window.u2f and then redefines
the property (via the [Replaceable] setter) to be a value property with that
value.  So far, so good.

But then we need to prevent the sets of u2f.register
and u2f.sign from taking effect, because if they are allowed to happen, the
actual sign/register functionality on the page will not work in Firefox.  We
can't just make the properties readonly, because then the sets will throw due
to being in strict mode, and we still have bug 1551282.  The proposed fix is to
make these accessor properties with a no-op setter, which is exactly what
[LenientSetter] gives us.

The rest of the patch is just setting up infrastructure for generating the
normal bits we would generate if "sign" and "register" were methods and using
that to create the JSFunctions at the point when the getter is called.  The
JSFunctions then get cached on the u2f instance object.

Differential Revision: https://phabricator.services.mozilla.com/D32357

--HG--
extra : moz-landing-system : lando
2019-05-24 20:40:59 +00:00
shindli 54646b5a7c Backed out changeset 823ab2e5430a (bug 1551282) for Windows build bustages CLOSED TREE 2019-05-24 21:15:20 +03:00
Boris Zbarsky cd062bb5d7 Bug 1551282 and bug 1553436. Allow pages to override window.u2f but not the "sign" and "register" properties on the U2F object. r=jcj,smaug
There are two related problems this patch is trying to address.  The first, and
simpler, one is bug 1553436: there are websites that use existing variables and
functions named "u2f" and adding a non-replaceable readonly property with that
name on Window breaks them.  The fix for this is straightforward: mark the
property [Replaceable].

The second problem, covered by bug 1551282, involves sites that use the Google
U2F polyfill.  The relevant parts of that polyfill look like this:

  'use strict';
  var u2f = u2f || {};
  u2f.register = some_function_that_only_works_right_in_Chrome;
  u2f.sign = some_function_that_only_works_right_in_Chrome;

The failure mode for that code before this fix is that the assignment to "u2f"
throws because it's a readonly property and we're in strict mode, so any code
the page concatenates in the same file after the polyfill does not get run.
That's what bug 1551282 is about.  The [Replaceable] annotation fixes that
issue, because now the polyfill gets the value of window.u2f and then redefines
the property (via the [Replaceable] setter) to be a value property with that
value.  So far, so good.

But then we need to prevent the sets of u2f.register
and u2f.sign from taking effect, because if they are allowed to happen, the
actual sign/register functionality on the page will not work in Firefox.  We
can't just make the properties readonly, because then the sets will throw due
to being in strict mode, and we still have bug 1551282.  The proposed fix is to
make these accessor properties with a no-op setter, which is exactly what
[LenientSetter] gives us.

The rest of the patch is just setting up infrastructure for generating the
normal bits we would generate if "sign" and "register" were methods and using
that to create the JSFunctions at the point when the getter is called.  The
JSFunctions then get cached on the u2f instance object.

Differential Revision: https://phabricator.services.mozilla.com/D32357

--HG--
extra : moz-landing-system : lando
2019-05-24 17:19:23 +00:00
Dana Keeler 7c34defd31 bug 1524478 - don't create JS objects from WebAuthnManager or U2F destructors r=qdot
Before this patch, the WebAuthnManager/U2F destructors would call MaybeReject on
existing transaction promises. Doing this leaks JS objects. If
WebAuthnManager/U2F are being destructed, though, the window is going away, so
it shouldn't be necessary to reject any outstanding promises. This patch just
clears the transactions.

Differential Revision: https://phabricator.services.mozilla.com/D27346

--HG--
extra : moz-landing-system : lando
2019-04-12 18:18:57 +00:00
J.C. Jones aaa18d99e7 Bug 1541085 - Web Authentication - Only reset mTransaction on cycle collection r=keeler
This stack is pretty clear that calling StopListeningForVisibilityEvents
(via ClearTransaction) is a no-go from the cycle collector. We need to instead
just do the minimum version of bug 1540378, just reset mTransaction and move on.

Differential Revision: https://phabricator.services.mozilla.com/D25804

--HG--
extra : moz-landing-system : lando
2019-04-02 17:56:47 +00:00
J.C. Jones bfdf3e2380 Bug 1540378 - Web Authentication: Fix teardown during cycle collection r=keeler,mccr8
In Bug 1448408 ("Don't listen to visibility events"), it became possible to
close a tab without a visibility event to cause transactions to cancel. This
is a longstanding bug that was covered up by the visibility events. This patch
updates the cycle collection code to ensure that transactions get cleared out
safely, and we don't proceed to RejectTransaction (and subsequent code) on
already-cycle-collected objects.

Differential Revision: https://phabricator.services.mozilla.com/D25641

--HG--
extra : moz-landing-system : lando
2019-04-01 23:13:26 +00:00
J.C. Jones f7a8b4c054 Bug 1448408 - Web Authentication - Don't immediately abort on visibility events r=keeler
The published recommendation of L1 for WebAuthn changed the visibility/focus
listening behaviors to a SHOULD [1], and Chromium, for reasons like our SoftU2F
bug [0], opted to not interrupt on tabswitch/visibility change.

Let's do the same thing.

This changes the visibility mechanism to set a flag on an ongoing transaction,
and then, upon multiple calls to the FIDO/U2F functions, only aborts if
visibility had changed. Otherwise, subsequent callers return early.

This is harder to explain than it is really to use as a user. I think. At least,
my testing feels natural when I'm working within two windows, both potentially
prompting WebAuthn.

Note: This also affects FIDO U2F API.

[0] https://bugzilla.mozilla.org/show_bug.cgi?id=1448408#c0
[1] https://www.w3.org/TR/webauthn-1/#abortoperation

Differential Revision: https://phabricator.services.mozilla.com/D25160

--HG--
extra : moz-landing-system : lando
2019-03-29 17:59:08 +00:00
J.C. Jones 1746417e71 Bug 1539541 - Enable FIDO U2F API, and permit registrations for Google Accounts r=keeler,qdot
Per the thread "Intent-to-Ship: Backward-Compatibility FIDO U2F support for
Google Accounts" on dev-platform [0], this bug is to:

  1. Enable the security.webauth.u2f by default, to ride the trains

  2. Remove the aOp == U2FOperation::Sign check from EvaluateAppID in
     WebAuthnUtil.cpp, permitting the Google override to work for Register as
     well as Sign.

This would enable Firefox users to use FIDO U2F API on most all sites, subject
to the algorithm limitations discussed in the section "Thorny issues in
enabling our FIDO U2F API implementation" of that post.

[0] https://groups.google.com/d/msg/mozilla.dev.platform/q5cj38hGTEA/lC834665BQAJ

Differential Revision: https://phabricator.services.mozilla.com/D25241

--HG--
extra : moz-landing-system : lando
2019-03-29 17:16:13 +00:00
Boris Zbarsky 081fa29a04 Bug 1536719. Fix handling of member method calls in the MOZ_CAN_RUN_SCRIPT analysis. r=andi
The old code for member method calls did the following:

 1) Find the member method calls.
 2) Look at their "this" expression.
 3) If the "this" is an operator call, check for any of the arguments of the
    operator call being invalid.
 4) Otherwise (if not an operator call) check for the "this" value being
    invalid.

This wasn't right, because the "is invalid" check checks the type and only
considers refcounted things.  So if the code looked something like
"foo[i]->call_method()", we would look at the types of "foo" and "i" and
determine that none of those are refcounted types so there is nothing invalid
here (since "foo" is some sort of array type and "i" is an integer).  The new
setup just checks whether the "this" value is invalid, which does the type
check on the "this" value itself; in the "foo[i]->call_method()" case on
"foo[i]".  We then adjust the exclusions in InvalidArg to consider operator->
on known-live things valid, to allow the thing that we were really trying to
accomplish with the "check for an operator call" bits:
"stackRefPtr->some_method()".

The test coverage being added for the made-up TArray type is meant to catch
things like the geolocation issue that was being hidden by the buggy behavior.
I'm not using nsTArray itself because some header included by nsTArray.h
tries to define operator new/delete bits inline and that triggers warnings that
then cause a clang-plugin test failure, because they're unexpected.

Differential Revision: https://phabricator.services.mozilla.com/D24117

--HG--
extra : moz-landing-system : lando
2019-03-21 11:48:33 +00:00
Brindusan Cristian 044c3936c7 Backed out 6 changesets (bug 1536736, bug 1536336, bug 1536719, bug 1536825, bug 1537537, bug 1536724) for build bustages at TestCanRunScript. CLOSED TREE
Backed out changeset f754116e738e (bug 1537537)
Backed out changeset f9df48cfea43 (bug 1536736)
Backed out changeset 7a9888e700cf (bug 1536825)
Backed out changeset e2551303c5cf (bug 1536724)
Backed out changeset f497ce3b7419 (bug 1536719)
Backed out changeset fd59264c47c1 (bug 1536336)
2019-03-21 07:33:33 +02:00
Boris Zbarsky 14f6385d4b Bug 1536719. Fix handling of member method calls in the MOZ_CAN_RUN_SCRIPT analysis. r=andi
The old code for member method calls did the following:

 1) Find the member method calls.
 2) Look at their "this" expression.
 3) If the "this" is an operator call, check for any of the arguments of the
    operator call being invalid.
 4) Otherwise (if not an operator call) check for the "this" value being
    invalid.

This wasn't right, because the "is invalid" check checks the type and only
considers refcounted things.  So if the code looked something like
"foo[i]->call_method()", we would look at the types of "foo" and "i" and
determine that none of those are refcounted types so there is nothing invalid
here (since "foo" is some sort of array type and "i" is an integer).  The new
setup just checks whether the "this" value is invalid, which does the type
check on the "this" value itself; in the "foo[i]->call_method()" case on
"foo[i]".  We then adjust the exclusions in InvalidArg to consider operator->
on known-live things valid, to allow the thing that we were really trying to
accomplish with the "check for an operator call" bits:
"stackRefPtr->some_method()".

The test coverage being added for the made-up TArray type is meant to catch
things like the geolocation issue that was being hidden by the buggy behavior.
I'm not using nsTArray itself because some header included by nsTArray.h
tries to define operator new/delete bits inline and that triggers warnings that
then cause a clang-plugin test failure, because they're unexpected.

Differential Revision: https://phabricator.services.mozilla.com/D24117

--HG--
extra : moz-landing-system : lando
2019-03-20 18:08:16 +00:00
Alex Gaynor b6f7702cfa Bug 1536097 - Part 3 - convert WebAuthnMaybeGetAssertionExtraInfo to use a native IPDL maybe; r=jcj
Depends on D24063

Differential Revision: https://phabricator.services.mozilla.com/D24064

--HG--
extra : moz-landing-system : lando
2019-03-19 23:26:00 +00:00
Alex Gaynor 936775f7b8 Bug 1536097 - Part 2 - convert WebAuthnMaybeMakeCredentialExtraInfo to use a native IPDL maybe; r=jcj
Depends on D24062

Differential Revision: https://phabricator.services.mozilla.com/D24063

--HG--
extra : moz-landing-system : lando
2019-03-19 23:26:20 +00:00
Sylvestre Ledru 4aa92e3091 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D22514
2019-03-13 10:19:06 +01:00
Akshay Kumar 47cdd9e060 Bug 1528097 U2F doesn't work on Windows 10 19H1/20H1 Insider builds r=jcj,keeler
Differential Revision: https://phabricator.services.mozilla.com/D22343

--HG--
extra : moz-landing-system : lando
2019-03-06 22:59:29 +00:00
Ryan Hunt 00e98538aa Bug 1523969 part 6 - Move method definition inline comments to new line in 'dom/'. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D21106

--HG--
extra : rebase_source : ea3f51c2c11247114deccbc86e90fb02b8a97257
2019-02-25 16:05:29 -06:00
Andrew McCreight 9e451b1da0 Bug 1517611 - Cycle collect WebAuthnManager and U2F more. r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D17026

--HG--
extra : moz-landing-system : lando
2019-01-18 23:21:46 +00:00
Emilio Cobos Álvarez d2ed260822 Bug 1517241 - Rename nsIDocument to mozilla::dom::Document. r=smaug
Summary: Really sorry for the size of the patch. It's mostly automatic
s/nsIDocument/Document/ but I had to fix up in a bunch of places manually to
add the right namespacing and such.

Overall it's not a very interesting patch I think.

nsDocument.cpp turns into Document.cpp, nsIDocument.h into Document.h and
nsIDocumentInlines.h into DocumentInlines.h.

I also changed a bunch of nsCOMPtr usage to RefPtr, but not all of it.

While fixing up some of the bits I also removed some unneeded OwnerDoc() null
checks and such, but I didn't do anything riskier than that.
2019-01-03 17:48:33 +01:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Jeff Gilbert 5b753da289 Bug 1470325 - s/FooBinding/Foo_Binding/g - r=qdot
MozReview-Commit-ID: JtTcLL5OPF0
2018-06-26 17:05:01 -07:00
Miko Mynttinen 4c85ef17cc Bug 1465060 - Part 1: Fix warnings for std::move() use r=froydnj
MozReview-Commit-ID: HpdFXqQdIOO

--HG--
extra : rebase_source : 1e7eea4f2d4ec16ec0c559a8afb26976ddbf4d07
2018-06-01 17:59:07 +02:00
arthur.iakab 7e765f798b Backed out 2 changesets (bug 1465060) for build bustages on security/sandbox/linux/reporter/SandboxReporter.cpp
Backed out changeset 7c8905b6b226 (bug 1465060)
Backed out changeset 10446073eca8 (bug 1465060)
2018-06-03 19:25:41 +03:00
Miko Mynttinen 8d9dc85cd4 Bug 1465060 - Part 1: Fix warnings for std::move() use r=froydnj
MozReview-Commit-ID: HpdFXqQdIOO

--HG--
extra : rebase_source : 619d0e0ff63a2453c80f0c4d9beb906d43fa9b01
2018-06-01 17:59:07 +02:00
Emilio Cobos Álvarez fffb25b74f Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
This was done automatically replacing:

  s/mozilla::Move/std::move/
  s/ Move(/ std::move(/
  s/(Move(/(std::move(/

Removing the 'using mozilla::Move;' lines.

And then with a few manual fixups, see the bug for the split series..

MozReview-Commit-ID: Jxze3adipUh
2018-06-01 10:45:27 +02:00
Tim Taubert 2a252e45a4 Bug 1464015 - Web Authentication - Rework IPC layer for future Android/Windows support r=jcj
Reviewers: jcj

Reviewed By: jcj

Subscribers: mgoodwin

Bug #: 1464015

Differential Revision: https://phabricator.services.mozilla.com/D1378
2018-05-30 16:06:09 +02:00
J.C. Jones b1cbda2eea Bug 1460767 - Return device ineligible when appropriate for U2F r=ttaubert
Summary:
FIDO U2F's specification says that when the wrong security key responds to a
signature, or when an already-registered key exists, that the UA should return
error code 4, DEVICE_INELIGIBLE. We used to do that, but adjusted some things
for WebAuthn and now we don't. This changes the soft token to return that at
the appropriate times, and updates the expectations of U2F.cpp that it should
use InvalidStateError as the signal to reutrn DEVICE_INELIGIBLE.

Also, note that WebAuthn's specification says that if any authenticator returns
"InvalidStateError" that it should be propagated, as it indicates that the
authenticator obtained user consent and failed to complete its job [1].

This change to the Soft Token affects the WebAuthn tests, but in a good way.
Reading the WebAuthn spec, we should not be returning NotAllowedError when there
is consent from the user via the token (which the softtoken always deliveres).

As such, this adjusts the affected WebAuthn tests, and adds a couple useful
checks to test_webauthn_get_assertion.html for future purposes.

[1] https://w3c.github.io/webauthn/#createCredential section 5.1.3 "Create a new
    credential", Step 20, Note 2: "If any authenticator returns an error status
    equivalent to "InvalidStateError"..."

Test Plan: https://treeherder.mozilla.org/#/jobs?repo=try&revision=f2fc930f7fc8eea69b1ebc96748fe95e150a92a4

Reviewers: ttaubert

Bug #: 1460767

Differential Revision: https://phabricator.services.mozilla.com/D1269

--HG--
extra : transplant_source : M%5B%93%81%29%7E%B2%E8%24%05%A6%96%8BUN%C9%FB%3E%B3h
2018-05-10 16:36:18 -07:00
Tim Taubert 6ded2cf370 Bug 1430150 - Implement WebAuthentication permission prompts r=jcj,johannh
Reviewers: jcj, johannh

Reviewed By: jcj, johannh

Bug #: 1430150

Differential Revision: https://phabricator.services.mozilla.com/D638

--HG--
rename : dom/webauthn/tests/cbor/cbor.js => dom/webauthn/tests/cbor.js
extra : amend_source : f137c2aebea5797cd07d4500cb71c2b9be4e4844
2018-03-11 18:47:14 +01:00
Tim Taubert 0af61da4ec Bug 1406471 - Web Authentication - Implement FIDO AppID Extension r=jcj,smaug
Reviewers: jcj, smaug

Reviewed By: jcj

Bug #: 1406471

Differential Revision: https://phabricator.services.mozilla.com/D595
2018-02-22 10:53:49 +01:00
Tim Taubert bc18da5fe7 Bug 1437616 - Use proper WebAuthn result types defined in the .pidl r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1437616

Differential Revision: https://phabricator.services.mozilla.com/D582
2018-02-12 21:08:54 +01:00
J.C. Jones baed063f21 Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert
This patch support already-enrolled U2F devices at Google Accounts by adding a
hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1].

This adds no tests, as this is not testable in our infrastructure. It will
require cooporation with Google Accounts to validate.

[1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ

MozReview-Commit-ID: 1YLd5sfeTKv

--HG--
extra : rebase_source : 96bfb92819be2c6e549dae0a5df0525587f894b8
2018-02-06 16:59:00 -07:00
Dorel Luca efcf9560cb Backed out changeset 89ac5a28c228 (bug 1436078) for build bustage on multiple platforms on a CLOSED TREE
--HG--
extra : amend_source : 7ee1cef1a20118db34783bae4631e79191439a44
2018-02-07 17:42:52 +02:00
J.C. Jones a0b8058fdf Bug 1436078 - Hard-code U2F permissions for Google Accounts r=ttaubert
This patch support already-enrolled U2F devices at Google Accounts by adding a
hard-coded "OK" into the U2F EvaluateAppID method, per the intent-to-ship [1].

This adds no tests, as this is not testable in our infrastructure. It will
require cooporation with Google Accounts to validate.

[1] https://groups.google.com/d/msg/mozilla.dev.platform/Uiu3fwnA2xw/201ynAiPAQAJ

MozReview-Commit-ID: 1YLd5sfeTKv

--HG--
extra : rebase_source : bfdb407cec61c4f4e5efaf85d1590fe287aaea4c
2018-02-06 16:59:00 -07:00
Tim Taubert c3180f09e1 Bug 1406467 - Web Authentication - WD-07 Updates to Make Assertion r=jcj,smaug
Summary:
Add support for PublicKeyCredentialRequestOptions.userVerification. For now
this basically means that we'll abort the operation with NotAllowed, as we
don't support user verification yet.

Pass PublicKeyCredentialDescriptor.transports through to the token manager
implementations. The softoken will ignore those and pretend to support all
transports defined by the spec. The USB HID token will check for the "usb"
transport and either ignore credentials accordingly, or abort the operation.

Note: The `UserVerificationRequirement` in WebIDL is defined at https://w3c.github.io/webauthn/#assertion-options

Reviewers: jcj, smaug

Reviewed By: jcj, smaug

Bug #: 1406467

Differential Revision: https://phabricator.services.mozilla.com/D338

--HG--
extra : amend_source : 314cadb3bc40bbbee2a414bc5f13caed55f9d720
2018-01-09 07:27:35 +01:00
Tim Taubert 975f015349 Bug 1422661 - Fix U2F test failures in new microtask scheduling r=jcj
Summary:
Ensure that transactions are cleared before U2FCallbacks are called, to allow
reentrancy from microtask checkpoints.

Move the two possible callbacks into U2FTransaction so we have nicer invariants
and know that there's a callback as long as we have a transaction.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1422661

Differential Revision: https://phabricator.services.mozilla.com/D329

--HG--
extra : amend_source : 7097f38199a5bc4a215377e4f1a64079cf6d6a24
2017-12-08 16:55:52 +01:00
Tim Taubert b5c19b9f90 Bug 1396907 - Abstract a BaseAuthManager for dom/u2f and dom/webauthn r=jcj
Summary: We can probably abstract more stuff in the future, but this seems like a good start.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1396907

Differential Revision: https://phabricator.services.mozilla.com/D323
2017-12-06 18:41:58 +01:00
Tim Taubert 91a23b2116 Bug 1421723 - Allow localhost as appId for U2F r=jcj
Reviewers: jcj

Reviewed By: jcj

Bug #: 1421723

Differential Revision: https://phabricator.services.mozilla.com/D321
2017-12-06 16:28:20 +01:00
Tim Taubert a3256fcae8 Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj
Summary:
We currently have a single WebAuthnManager instance per process that's shared
between all CredentialContainers. That way the nsPIDOMWindowInner parent has
to be tracked by the transaction, as multiple containers could kick off
requests simultaneously.

This patch lets us we have one WebAuthnManager instance per each
CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current
U2F implementation where there is one instance per parent window too.

This somewhat simplifies the communication diagram (at least in my head), as
each U2F/WebAuthnManager instance also has their own TransactionChild/Parent
pair for IPC protocol communication. The manager and child/parent pair are
destroyed when the window is.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1421616

Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 19:05:06 +01:00
Tim Taubert 587ed9ddc7 Backed out changeset bb739695f566 (bug 1421616) 2017-12-05 19:24:22 +01:00
Tim Taubert a0935f0ff1 Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj
Summary:
We currently have a single WebAuthnManager instance per process that's shared
between all CredentialContainers. That way the nsPIDOMWindowInner parent has
to be tracked by the transaction, as multiple containers could kick off
requests simultaneously.

This patch lets us we have one WebAuthnManager instance per each
CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current
U2F implementation where there is one instance per parent window too.

This somewhat simplifies the communication diagram (at least in my head), as
each U2F/WebAuthnManager instance also has their own TransactionChild/Parent
pair for IPC protocol communication. The manager and child/parent pair are
destroyed when the window is.

Reviewers: jcj

Reviewed By: jcj

Bug #: 1421616

Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 19:05:06 +01:00
Tim Taubert c5eda6e272 Bug 1406462 - Web Authentication - Add support for authenticator selection criteria and attachment types r=jcj,smaug
Reviewers: jcj, smaug

Reviewed By: jcj, smaug

Bug #: 1406462

Differential Revision: https://phabricator.services.mozilla.com/D278
2017-11-29 13:58:33 +01:00