Phil Ringnalda
68f5ce100a
Merge autoland to m-c, a=merge
...
MozReview-Commit-ID: Gr2qiJufRRz
2017-07-01 17:34:20 -07:00
ffxbld
a1aa8b434a
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-07-01 08:42:21 -07:00
ffxbld
688fcf9801
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-07-01 08:42:18 -07:00
Nicholas Nethercote
3e439bb4f8
Bug 1376638 - Minimize uses of prmem.h. r=glandium.
...
It's silly to use prmem.h within Firefox code given that in our configuration
its functions are just wrappers for malloc() et al. (Indeed, in some places we
mix PR_Malloc() with free(), or malloc() with PR_Free().)
This patch removes all uses, except for the places where we need to use
PR_Free() to free something allocated by another NSPR function; in those cases
I've added a comment explaining which function did the allocation.
--HG--
extra : rebase_source : 0f781bca68b5bf3c4c191e09e277dfc8becffa09
2017-06-30 19:05:41 -07:00
Carsten "Tomcat" Book
2aefedb342
Merge mozilla-central to mozilla-inbound
2017-07-03 11:01:38 +02:00
Franziskus Kiefer
2e41bcc0ca
Bug 1370890 - land NSS 825e5d444e99 UPGRADE_NSS_RELEASE, r=me
2017-07-03 10:18:45 +02:00
ffxbld
dde5c48035
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-06-30 08:49:21 -07:00
ffxbld
68f3156646
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-06-30 08:49:18 -07:00
ffxbld
17ebac6811
No bug, Automated HPKP preload list update from host bld-linux64-spot-308 - a=hpkp-update
2017-06-29 08:52:25 -07:00
ffxbld
296804ce45
No bug, Automated HSTS preload list update from host bld-linux64-spot-308 - a=hsts-update
2017-06-29 08:52:22 -07:00
Jan Keromnes
09971ac7d3
Bug 1376643 - Use 'override' and '= default' on applicable methods in security/sandbox/. r=gcp
2017-06-27 17:57:00 +02:00
Jan Keromnes
df076300b1
Bug 1376643 - Use 'nullptr' where applicable in security/sandbox/. r=gcp
2017-06-27 17:56:00 +02:00
ffxbld
e43fbfafef
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2017-06-28 13:55:02 -07:00
ffxbld
d945533918
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2017-06-28 13:54:59 -07:00
Carsten "Tomcat" Book
7918eeee02
merge mozilla-inbound to mozilla-central a=merge
2017-06-28 13:23:29 +02:00
Ryan VanderMeulen
2edcd80e00
Merge m-c to autoland. a=merge
2017-06-27 20:07:08 -04:00
Jed Davis
8e5d5bda0f
Bug 1362537 - Re-disallow accept4 in Linux content processes. r=gcp
...
MozReview-Commit-ID: Gml8lR1Heu1
--HG--
extra : rebase_source : 6b466f887bd1802277a506295a9c6cc575196385
2017-06-27 14:52:25 -07:00
ffxbld
fdb811340a
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-06-27 08:39:08 -07:00
ffxbld
8a2097b4fd
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-06-27 08:39:05 -07:00
Phil Ringnalda
b9099ac2ed
Merge m-c to m-i
...
MozReview-Commit-ID: JGHd8l9bexC
2017-06-26 20:35:27 -07:00
ffxbld
b425854d9b
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-06-26 08:40:01 -07:00
ffxbld
68b6a86704
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-06-26 08:39:58 -07:00
Carsten "Tomcat" Book
259377b6ab
merge mozilla-inbound to mozilla-central a=merge
2017-06-26 13:25:51 +02:00
ffxbld
1b7b1ec949
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-06-25 08:35:48 -07:00
ffxbld
cdd2e436c7
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-06-25 08:35:45 -07:00
ffxbld
0042b377da
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-06-24 08:41:00 -07:00
ffxbld
f30338674d
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-06-24 08:40:57 -07:00
ffxbld
77b256dc98
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-06-23 08:34:57 -07:00
ffxbld
d9351ba8ef
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-06-23 08:34:54 -07:00
Nicholas Nethercote
f1364a75ea
Bug 1374580 (part 3) - Remove ns{,C}Substring typedefs. r=froydnj.
...
All the instances are converted as follows.
- nsSubstring --> nsAString
- nsCSubstring --> nsACString
--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
2017-06-20 19:19:52 +10:00
Nicholas Nethercote
fe9268c4cd
Bug 1374580 (part 2) - Remove nsAFlat{,C}String typedefs. r=froydnj.
...
All the instances are converted as follows.
- nsAFlatString --> nsString
- nsAFlatCString --> nsCString
--HG--
extra : rebase_source : b37350642c58a85a08363df2e7c610873faa6e41
2017-06-20 19:19:05 +10:00
Nicholas Nethercote
1572f96f5d
Bug 1374580 (part 1) - Remove nsASingleFragment{,C}String typedefs. r=froydnj.
...
All the instances are converted as follows.
- nsASingleFragmentString --> nsAString
- nsASingleFragmentCString --> nsACString
--HG--
extra : rebase_source : e6a1ddc8938fecd9a735b15e872c054edf4c7910
2017-06-20 19:18:17 +10:00
ffxbld
3291398f10
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2017-06-22 09:09:14 -07:00
ffxbld
f3958ec1f3
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2017-06-22 09:09:11 -07:00
Florian Quèze
66f6d259bc
Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop.
2017-06-22 12:51:42 +02:00
Nicholas Nethercote
23156fd9b3
Bug 1374920 - Change nsTokenEventRunnable::mType from |nsString| to |const char*|. r=dkeeler.
...
|const char*| is good enough for a field that can only take on the values
"smartcard-insert" or "smartcard-remove". And it avoids an
NS_ConvertUTF16toUTF8 conversion.
2017-06-22 15:39:15 +10:00
Alex Gaynor
f76801e348
Bug 1379803 - on macOS, only allow the creation of regular files and directories in writable directories; r=haik
...
This specifically disallows the creation of ttys and symlinks. Writable
directories are needed for plugins, which lazily create the plugintmp directory.
If/when the plugin API surface is reduced we can restrict down to just regular
files.
MozReview-Commit-ID: Ec6qeaiHSsB
--HG--
extra : rebase_source : 252a3cbf7954b9c09092b896ef8af45310438a86
2017-07-11 09:51:04 -04:00
Ryan VanderMeulen
a8806a9105
Merge m-c to inbound. a=merge
2017-06-27 20:06:39 -04:00
Wes Kocher
ac0fd2038c
Merge inbound to m-c a=merge
...
MozReview-Commit-ID: 3LXFVwSoMvs
2017-06-21 17:58:17 -07:00
Wes Kocher
7f420b59d4
Merge autoland to central, a=merge
...
MozReview-Commit-ID: C4bl6Ufaiwv
2017-06-21 16:54:41 -07:00
Nathan Froyd
27c58cf89f
Bug 1372670 - part 3 - add spinEventLoopUntil to nsIThreadManager; r=erahm,florian
2017-06-21 12:59:28 -04:00
ffxbld
ae94cfb36d
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-06-21 08:40:54 -07:00
ffxbld
00cfe814d5
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-06-21 08:40:51 -07:00
Mark Banner
70710367aa
Bug 1374674 - Enable more ESLint rules across the tree to help developers where we're already passing them (no-class-assign, no-const-assign, no-dupe-class-members). r=mossop
...
MozReview-Commit-ID: 6jJPhH08Ae7
--HG--
extra : rebase_source : 64efb6660fdd1a0d4390e8f9e4842199249ca54f
2017-06-20 16:16:12 +01:00
Wes Kocher
c0e1236f1a
Merge autoland to m-c a=merge
...
MozReview-Commit-ID: LFtpTAueYrF
2017-06-20 18:24:29 -07:00
Wes Kocher
586bef635e
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 1SvQU51m5qC
2017-06-20 17:58:46 -07:00
ffxbld
e1eeddde1e
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-06-20 08:47:01 -07:00
ffxbld
e22d02a6eb
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-06-20 08:46:58 -07:00
Wes Kocher
976d5437f9
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: 6A96Fe0GPjw
2017-06-19 17:37:53 -07:00
Wes Kocher
1e80580419
Merge autoland to central, a=merge
...
MozReview-Commit-ID: 4NzLU3zKJOz
2017-06-19 17:01:09 -07:00
ffxbld
2bcd258281
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-06-19 08:39:22 -07:00
ffxbld
604ae6476d
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-06-19 08:39:19 -07:00
Alex Gaynor
1141573ee9
Bug 1374660 - Removed redundant declarations from macOS content sandbox policy; r=haik
...
MozReview-Commit-ID: Gw6AnH8r9sL
--HG--
extra : rebase_source : 62bb4dc335ab3f38a42543a488d07129a8d92a33
2017-06-20 10:27:18 -04:00
Bill McCloskey
f115503a0b
Bug 1372405
- Provide names for all runnables in the tree (r=froydnj)
...
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-26 14:19:58 -07:00
Nicholas Nethercote
033f83145c
Bug 1375387 - Reorder and section-ify GeckoProfiler.h. r=mstange.
...
This patch gives some structure and order to the profiler's API.
It also renames AutoProfilerRegister as AutoProfilerRegisterThread, to match
profiler_register_thread().
2017-06-22 14:28:47 +10:00
David Keeler
52cc80c4fe
Bug 1368652
- Use Mozilla string types to display OIDs in the certificate viewer. r=Cykesiopka
2017-06-01 12:26:41 -07:00
Gian-Carlo Pascutto
f2e7c8b77a
Bug 1374281. r=jld
...
MozReview-Commit-ID: Ko5m5i4Wkd6
--HG--
extra : rebase_source : 3076315ef3639a89f752addbb01d5d08a9c2db75
2017-06-19 20:07:38 +02:00
Alex Gaynor
f514ff97b3
Bug 1379182 - Remove some unnecessary file-write permissions types from the content process on macOS; r=haik
...
On macOS, the file-write* permission type contains numerous sub-permissions (see
bug for full listing). Restrict the ones we allow to only the two we need:
file-write-create and file-write-data. This primarily reduces kernel attack
surface, I'm not aware of any bad things that could be done directly with the
removed permissions.
MozReview-Commit-ID: 3VvjFesy2qx
--HG--
extra : rebase_source : 934ec17c44c9ef3d7fab29919d66cf1a55d57697
2017-07-07 11:05:01 -04:00
Wes Kocher
5dd57ee395
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: IVwrN2VivZT
2017-07-07 17:30:32 -07:00
Alex Gaynor
d40ad40466
Bug 1376976 - Restrict sysctl access in the content process to a whitelist of sysctl names. r=jld, r=haik
...
MozReview-Commit-ID: 14yoiP1gskM
2017-06-29 13:55:15 -07:00
Carsten "Tomcat" Book
651904c8a0
Merge mozilla-central to autoland
2017-07-04 11:12:45 +02:00
Kate McKinley
396962011a
Bug 1363546 - Store and report HSTS upgrade source r=francois,keeler,mayhemer p=francois
...
Add a field to the HSTS cache which indicates the source of the HSTS
entry if known, from the preload list, organically seen header, or HSTS
priming, or unknown otherwise. Also adds telemetry to collect the source
when upgrading in NS_ShouldSecureUpgrade.
MozReview-Commit-ID: 3IwyYe3Cn73
--HG--
extra : rebase_source : 9b8daac3aa02bd7a1b4285fb1e5731a817a76b7f
2017-05-23 15:31:37 -07:00
Alex Gaynor
b636380391
Bug 1374557
- Part 1 - Add the ability to specify a list of paths to whitelist read access to in the macOS content sandbox; r=haik
...
MozReview-Commit-ID: HXBkyR7Tts2
--HG--
extra : rebase_source : 6daf50a4d7a4ff2ff85dfac43891149353e813aa
2017-06-21 10:19:28 -04:00
Carsten "Tomcat" Book
038afacb9f
Backed out changeset 2ae22a66e02d (bug 1366694) for memory leaks
2017-07-11 13:14:55 +02:00
Carsten "Tomcat" Book
05734fd002
Backed out changeset 88b71119fbf8 (bug 1366694)
2017-07-11 13:14:38 +02:00
Carsten "Tomcat" Book
7e0d52f50e
Merge mozilla-central to inbound
2017-07-11 13:00:28 +02:00
Bob Owen
db58bdb9ca
Bug 1377555 Part 3: Don't use restricting SIDs when running from a network drive. r=jimm
2017-07-11 09:44:21 +01:00
Bob Owen
bbf27f0cae
Bug 1377555 Part 2: Add option to Windows chromium sandbox policy to not use restricting SIDs. r=jimm
2017-07-11 09:44:20 +01:00
Bob Owen
01f2685a30
Bug 1377555 Part 1: Back out changesets 04edb03fb817 and d17ac655cc51. r=jimm
...
This backouts the previous change to detect and change the sandbox policy
when running from a network drive.
2017-07-11 09:44:20 +01:00
Bob Owen
25e5ff4cde
Bug 1366694 Part 2: Don't run sandbox file system test in DEBUG on Windows. r=jimm
...
This is because in DEBUG mode we currently give full access to TEMP dir
for logging purposes and the temporary profile is created in the TEMP dir.
2017-07-11 09:44:20 +01:00
Bob Owen
ecbd6ca808
Bug 1366694 Part 1: Allow user handles in the content process job in DEBUG builds. r=jimm
2017-07-07 15:51:17 +01:00
David Keeler
a196a1c7c3
bug 1291886 - clarify/fix locking in nsNSSComponent r=Cykesiopka,jcj
...
Some of the locking in nsNSSComponent was inconsistent and/or just wrong. This
clarifies what is protected by the lock and makes sure it is consistently
acquired when those resources are accessed.
This should also address potential deadlocks when other code would attempt to
acquire nsNSSComponent resources during shutdown.
This patch also removes some items in nsNSSComponent that are no longer
relevant.
MozReview-Commit-ID: 9iA5lfAixpj
--HG--
extra : rebase_source : 1c05788efe5d6345256cca505b089198bd7e4a20
2017-06-08 14:49:13 -07:00
Kate McKinley
a809b5b8d6
Bug 1374453 - turn HSTS priming on in Beta r=ckerschb
...
MozReview-Commit-ID: JHc47g8cDmb
--HG--
extra : rebase_source : cb67f51ac7fef74f43cc05d02bac4ef13c3ded15
2017-06-19 14:46:48 -07:00
Kate McKinley
9108666ee6
Bug 1374443 - Decrease HSTS priming timeout to 2s r=ckerschb
...
MozReview-Commit-ID: 7brYAUXwHvE
--HG--
extra : rebase_source : 4ef6f27cc855b828ac742f2990dc12668bd910aa
2017-06-19 14:35:27 -07:00
Paolo Amadini
10ee6a5c4e
Bug 1362970 - Part 2 - Script-generated patch to convert .then(null, ...) to .catch(...). r=florian
...
Changes to Promise tests designed to test .then(null) have been reverted, and the browser/extensions directory was excluded because the projects it contains have a separate process for accepting changes.
MozReview-Commit-ID: 1buqgX1EP4P
--HG--
extra : rebase_source : 3a9ea310d3e4a8642aabbc10636c04bfe2e77070
2017-06-19 11:32:37 +01:00
Carsten "Tomcat" Book
de892834ed
Merge mozilla-central to mozilla-inbound
2017-06-20 11:31:34 +02:00
Alex Gaynor
bb1ea70f5f
Bug 1357758 - Replace the file-read blacklist in the macOS sandbox policy with a whitelist of the allowed paths; r=haik
...
This makes the policy easier to audit, harder to regress, and easier to further prune the content processes's permissions.
MozReview-Commit-ID: 6VqEoGsWSGH
--HG--
extra : rebase_source : 58a9d35dd6e58624779294b49df5cc7e34cb4320
2017-04-18 15:57:54 -04:00
Wes Kocher
bfc45b98b9
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: 9XdoB5MuVz6
2017-07-05 17:17:41 -07:00
Bob Owen
1eb1c9091d
Bug 1378061: Only set user's SID in USER_LIMITED as deny only when not using restricting SIDs. r=jimm
2017-07-05 21:00:55 +01:00
Carsten "Tomcat" Book
ea1b86680c
Backed out changeset 9846de3bd954 (bug 1372405
)
...
--HG--
extra : rebase_source : 5d4a48e8ec394c329994689d938d2a6e9b2752b0
2017-06-20 08:27:02 +02:00
Bill McCloskey
4592152411
Bug 1372405
- Provide names for all runnables in the tree (r=froydnj)
...
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-19 22:25:47 -07:00
Bevis Tseng
d1637b9c5a
Bug 1372453 - Part 2: Name the caller of ProxyReleaseEvent. r=billm
...
MozReview-Commit-ID: LYhSWnZkq0i
2017-06-14 09:27:17 +08:00
ffxbld
7cc377ce3f
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2017-06-18 08:24:54 -07:00
ffxbld
a6c7ba400c
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2017-06-18 08:24:51 -07:00
ffxbld
b95a1a9583
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-06-17 08:38:30 -07:00
ffxbld
091d02c281
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-06-17 08:38:27 -07:00
ffxbld
b2d072aa58
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-06-16 08:37:44 -07:00
ffxbld
870c286510
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-06-16 08:37:41 -07:00
David Keeler
0b2a439e7e
bug 1373068 - fix the ctypes declaration of SSL_ClearSessionCache in head_psm.js r=Cykesiopka
...
SSL_ClearSessionCache is `void SSL_ClearSessionCache()`. In head_psm.js it was
being declared as `SECStatus SSL_ClearSessionCache()` and the "return value" was
being checked, which was incorrect. This apparently wasn't causing failures on
any of our test runs, but with tsan enabled the check would fail.
MozReview-Commit-ID: 6KosOVPu8K4
--HG--
extra : rebase_source : 73addb80a5ab5263a182207a0f4277daf8ae32a5
2017-06-14 15:10:28 -07:00
Andrew Halberstadt
c9beaa56b4
Bug 1373294 - Fix E305 (two blank lines after method or class) in files enabled by flake8 linter, r=jmaher
...
This is needed before we can upgrade to flake8 3.3.0, as that version starts flagging these errors.
These files were modified by running:
autopep8 --select E305 --in-place -r <dir>
on the affected directories. I did it one dir at a time and verified the result after each.
MozReview-Commit-ID: FmlsfiKIbtr
--HG--
extra : rebase_source : 9df32258cadff5d27a0e72113c57f782756c0b18
2017-06-15 12:10:59 -04:00
ffxbld
c365df1999
No bug, Automated HPKP preload list update from host bld-linux64-spot-382 - a=hpkp-update
2017-06-15 08:38:35 -07:00
ffxbld
fc60e8619a
No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update
2017-06-15 08:38:32 -07:00
ffxbld
c49a70b53f
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2017-06-14 08:33:27 -07:00
ffxbld
b98ce20b57
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2017-06-14 08:33:24 -07:00
Wes Kocher
ebf35623cd
Merge mozilla-central to autoland a=merge
...
UPGRADE_NSS_RELEASE
2017-06-13 18:57:32 -07:00
Wes Kocher
1af6d5cf57
Merge inbound to central, a=merge
...
UPGRADE_NSS_RELEASE
MozReview-Commit-ID: CBIFPwA5aNp
--HG--
extra : amend_source : 035a5be59d0046a643d0f836a95195e8c4ade4a6
2017-06-13 18:27:10 -07:00
ffxbld
13bca384b3
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2017-06-13 08:37:54 -07:00
ffxbld
cdd7ceaa16
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2017-06-13 08:37:50 -07:00
ffxbld
687bfe6a46
No bug, Automated HPKP preload list update from host bld-linux64-spot-304 - a=hpkp-update
2017-06-12 08:25:15 -07:00
ffxbld
1d51d00cbc
No bug, Automated HSTS preload list update from host bld-linux64-spot-304 - a=hsts-update
2017-06-12 08:25:12 -07:00