David Keeler
51a37ae665
bug 1241650 - remove nsIX509CertDB.findCertNicknames r=mgoodwin
...
MozReview-Commit-ID: JtU7H5qGvge
--HG--
extra : rebase_source : fae856a160e5cc987702794f805030b2d1cc3533
2016-01-21 15:14:31 -08:00
Ben Kelly
156ed9a0ed
Bug 1247580
P2 Add gtest to ensure we can continue to deserialize old security info strings. r=bz
2016-02-17 07:18:00 -08:00
Ben Kelly
7382b7bc31
Bug 1247580
P1 Allow old nsIX509Cert serialized objects to be read off disk. r=bz
2016-02-17 07:18:00 -08:00
Cykesiopka
e5ab49e43e
Bug 1247847 - Use smart pointers in nsNSSCertHelper.cpp to manage NSS resources. r=keeler
...
This lets us remove things like gotos in the code, and makes resource ownership slightly clearer.
MozReview-Commit-ID: Kucn7exhLd7
--HG--
extra : transplant_source : %27%FF%D2tjLI%9B5ep%21%B7%FA%92%08%14%07%12%C6
2016-02-16 16:25:09 -08:00
Cykesiopka
eb91d4f287
Bug 1244245 - Enable eslint "curly" rule for PSM. r=keeler
...
Also includes minor cleanup.
MozReview-Commit-ID: CHgbTIa3s2O
--HG--
extra : transplant_source : %FD%ACi%DE%3E%28%0D%D2_%5Dc%1Dk%E6%E8%EDw%D5%FA%93
2016-02-16 17:27:49 -08:00
ISHIKAWA, Chiaki
be2b50a7f8
Bug 1248252 - Improper outdated octal constant syntax in M-C tree. Use '0o' prefix. r=dao
...
Be warned. Do not attemp to change the .js "test" source code in ./js
They are meant to check
- the outdated 0666 octal constant is still parsed correctly,
- the outdated 0666 octal constant raises syntax error flag
in strict mode, etc.
So leave them alone.
2016-02-15 08:57:00 +01:00
Sebastian Hengst
be7b0e4539
Backed out 2 changesets (bug 1247250) for bustage. r=bustage on a CLOSED TREE
...
Backed out changeset 8aded3a039f5 (bug 1247250)
Backed out changeset 374e6d0abf0e (bug 1247250)
2016-02-12 00:42:48 +01:00
Masatoshi Kimura
8e3a5c71be
Bug 1247250 - followup: fix comments to reflect the review comment. r=keeler DONTBUILD
2016-02-12 07:43:21 +09:00
Masatoshi Kimura
e40094eb48
Bug 1247250 - Enable TLS 1.3 draft 11 anti-downgrade on non-secure fallback. r=keeler
2016-02-12 07:36:37 +09:00
Cykesiopka
103a609a33
Bug 1243193 - Use Assert.throws() more in PSM tests. r=keeler
2016-02-10 21:40:00 +01:00
Aidin Gharibnavaz
686438c658
Bug 1164581 - Adding an overload for NS_ProxyRelease that accepts already_AddRefed, and removing all the others. r=bobbyholley
2016-02-10 08:23:00 +01:00
David Keeler
28c09863cb
bug 1241564 - remove EV treatment for TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı SHA-1 root certificate r=Cykesiopka
...
MozReview-Commit-ID: 9ktEj2kgfYo
2016-02-09 13:30:22 -08:00
David Keeler
5ceb0c8a89
bug 1246765 - remove unnecessary resource://app/ registration from getHSTSPreloadList.js r=Cykesiopka DONTBUILD NPOTB
2016-02-08 12:56:34 -08:00
Cykesiopka
19922e4976
Bug 503515 - Try and ensure exported certificates include an extension by default. r=keeler
...
--HG--
extra : rebase_source : b3d595ae962d70afc208b34afe616b6ef88133a8
2016-02-09 00:17:00 +01:00
Bob Owen
ed46787107
Bug 1219369: In Windows debug builds allow write access to TEMP for logging purposes. r=tabraldes
2016-02-09 08:31:18 +00:00
Kai Engert
880b7f8386
Bug 1245053, land NSS_3_23_BETA4, r=me, includes a makefile change to adjust for NSS changes, patch by EKR, r=kaie
2016-02-08 16:16:25 +01:00
Carsten "Tomcat" Book
5b358688b7
Backed out changeset c18e29c1b369 (bug 1164581) for cpp unit tests test failures
...
--HG--
extra : rebase_source : fb6fd434c8e3f4b5fa53ea645a54c07cab207894
2016-02-08 11:17:38 +01:00
Masatoshi Kimura
7c3a491022
Bug 1247250 - Enable TLS 1.3 anti-downgrade on non-secure fallback. r=keeler
2016-02-24 19:35:00 +09:00
Aidin Gharibnavaz
69cf7e035f
Bug 1164581 - Adding an overload for NS_ProxyRelease that accepts already_AddRefed, and removing all the others. r=bobbyholley
...
--HG--
extra : rebase_source : 3c6bba6613a14e48239d302bdd0f7fe2e322265d
2016-02-07 10:56:00 +01:00
Cykesiopka
7e014d6be0
Bug 1243182 - Enable eslint "space-infix-ops" rule for PSM. r=keeler
...
Also includes minor cleanups.
2016-02-06 21:05:02 -08:00
Cykesiopka
6a5e8155c8
Bug 1064402 - Part 2: Remove nsIX509CertDB.importServerCertificate() and nsIX509Cert::SERVER_CERT support in importCertsFromFile(). r=keeler
2016-02-06 20:41:11 -08:00
Cykesiopka
370bac0f07
Bug 1064402 - Part 1: Remove Import button in Servers tab of the Certificate Manager. r=keeler
...
It no longer serves any useful purpose:
1. It is no longer possible to add explicit trust for server certs post Bug 825583.
1A. The Add Exception feature is better suited for this anyways.
2. It isn't possible to set explicit distrust in the Cert Manager, only remove explicit trust.
3. Importing may also inadvertently cause verification failures (see Bug 1202636
).
2016-02-06 20:40:57 -08:00
Cykesiopka
1e1cca77d4
Bug 1243180 - Enable eslint "no-trailing-spaces" rule for PSM. r=keeler
...
Also does some minor cleanup.
2016-02-03 01:51:00 +01:00
simplyblue
addf646a4c
Bug 1241646 - remove unused token arguments from nsIX509CertDB r=keeler
2016-01-30 13:50:58 +05:30
Kai Engert
d3fd404b9b
Bug 1244062, NSPR_4_12_BETA2, and Bug 1245053, NSS_3_23_BETA2
2016-02-02 11:50:47 +01:00
Bob Owen
73686ad0d7
Bug 1173371
Part 2: Change Chromium sandbox to allow rules for files on network drives to be added. a=aklotz
2016-02-01 08:59:00 +00:00
Bob Owen
0b2edad801
Bug 1173371
Part 1: Take Chromium commit 0e49d029d5a1a25d971880b9e44d67ac70b31a80 for sandbox code. r=aklotz
...
From Chromium commit comment:
Sandbox: Add support for file system policies that use implied device paths.
A policy rule of the form \HarddiskVolume0\Foo\bar allows sandboxed code
to use \\.\HarddiskVolume0\Foo\bar directly.
2016-02-01 08:59:00 +00:00
Mark Goodwin
282a183d55
Bug 1241821 - Create a SecurityReporter component for TLS Error Reports r=mossop, keeler
...
This takes the TLS Error Reporting functionality used in the aboutNetError.xhtml
and aboutCertError.xhtml error pages and moves it to its own component. This
allows us to make use of this same error reporting functionality from elsewhere.
Notably, this allows us to send error reports for issues that occur when loading
subresources.
The xpcshell test included is in security/manager/ssl/tests because we need to
make use of tlsserver functionality from the PSM tests.
2016-01-30 08:07:38 +00:00
Kyle Huey
91efc5a86c
Bug 1241764: Replace nsPIDOMWindow with nsPIDOMWindowInner/Outer. r=mrbkap,smaug
2016-01-30 09:05:36 -08:00
Wes Kocher
543c164cdc
Backed out 2 changesets (bug 1241821) for android build bustage CLOSED TREE
...
Backed out changeset ae7246d654c8 (bug 1241821)
Backed out changeset bdecb787f1a2 (bug 1241821)
--HG--
extra : commitid : HdwYW6HntXi
2016-01-29 14:57:27 -08:00
Wes Kocher
1f2034ed37
Followup to Bug 1241821 - ESLint fix
...
--HG--
extra : commitid : 5Pf2Sf7gxj9
2016-01-29 14:36:13 -08:00
Mark Goodwin
e7ee60296d
Bug 1241821 - Create a SecurityReporter component for TLS Error Reports r=mossop, keeler
...
This takes the TLS Error Reporting functionality used in the aboutNetError.xhtml
and aboutCertError.xhtml error pages and moves it to its own component. This
allows us to make use of this same error reporting functionality from elsewhere.
Notably, this allows us to send error reports for issues that occur when loading
subresources.
The xpcshell test included is in security/manager/ssl/tests because we need to
make use of tlsserver functionality from the PSM tests.
2016-01-29 13:45:17 +00:00
Wes Kocher
a40af4aa59
Backed out changeset 7ec471c99263 (bug 1219482) to hopefully fix the intermittent hazard failures CLOSED TREE
...
--HG--
extra : commitid : B8zmd9Xadpz
2016-01-29 10:15:34 -08:00
Kai Engert
2f1d53a477
Bug 1228410
, land NSS_3_22_RTM, r=nss-confcall
2016-01-29 12:16:10 +01:00
Bill McCloskey
c663839ade
Bug 1240871 - Don't allow implicit "async" in IPDL (r=mccr8,billm)
2016-01-28 20:56:37 -08:00
sajitk
1b0525a9d3
Bug 1219482 - Replace PRLogModuleInfo with LazyLogModule in security subdirectory. r=froydnj
...
--HG--
extra : rebase_source : 7aed4d8669dccd1270a88a0cacfa254e3b9f5950
2016-01-28 10:36:00 -05:00
David Keeler
1890b549c4
bug 1242032 - change some pipnss logging output from Debug to Verbose r=Cykesiopka
...
Logging output that happens with every TLS socket poll, read, or write
should really be Verbose, not Debug.
--HG--
extra : amend_source : 455a72faa041e51b5356410d7c216aa1fdadc6c6
2016-01-27 13:04:33 -08:00
David Keeler
32b5d6c545
bug 1241317 - gather telemetry on prevalence of FIPS r=jcj r=vladan
2016-01-21 11:22:12 -08:00
Carsten "Tomcat" Book
92b2943e68
Merge mozilla-central to mozilla-inbound
2016-01-27 12:10:56 +01:00
Carsten "Tomcat" Book
b9e929e1a7
merge mozilla-inbound to mozilla-central a=merge
2016-01-27 11:59:49 +01:00
Cykesiopka
7ccd56ad60
Bug 1242254 - Enable initial set of eslint rules for PSM. r=dkeeler
...
These rules are copied from toolkit/.eslintrc (with non-passing rules excluded and previously commented out and passing rules included).
--HG--
extra : rebase_source : 0afa42350cc961cbb3cf6d985b3978f4dc5d3dcb
2016-01-24 02:35:36 -08:00
Cykesiopka
c9747f9ecf
Bug 1232582 - Sort PSM xpcshell.ini and fix --tag psm to actually run all tests. r=keeler
2016-01-26 20:23:00 +01:00
Gijs Kruitbosch
90dcd6df86
Bug 1241614 - don't overflow:auto the container, use em to size the dialog to avoid hidpi visibility issues, r=dolske,ttaubert
...
--HG--
extra : commitid : DaBFhFU1YtS
extra : rebase_source : 28c1f92fcabe8a46fe40e805a763f7a508b592c0
2016-01-22 11:18:54 +00:00
Kai Engert
c12302354f
Bug 1228410
, land NSS 3.22 Beta 2, r=nss-confcall
...
--HG--
rename : security/nss/tests/ssl_gtests/parsereport.sed => security/nss/tests/common/parsegtestreport.sed
2016-01-25 16:14:18 +01:00
Cykesiopka
adf7436ccc
Bug 1235089 - Split out OCSP Must Staple tests from test_ocsp_stapling.js to avoid intermittent time outs. r=keeler
...
test_ocsp_stapling.js can take ~290s to run on e.g. b2g-emu-x86-kk, which is very close to the default 300s limit.
Splitting out some tests should reduce the intermittent time outs.
--HG--
rename : security/manager/ssl/tests/unit/test_ocsp_stapling.js => security/manager/ssl/tests/unit/test_ocsp_must_staple.js
2016-01-24 02:24:00 -05:00
Phil Ringnalda
a747e7e178
Merge m-i to m-c, a=merge
2016-01-23 17:42:50 -08:00
ffxbld
09dc03c5a7
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2016-01-23 04:36:34 -08:00
ffxbld
3da59d3c6d
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2016-01-23 04:36:32 -08:00
Cykesiopka
e2fe0b8f62
Bug 1233328 - Part 2: Use SHA-256 StaticFingerprints directly instead of StaticPinset since the SHA-1 StaticFingerprints entry will always be null. r=keeler
2016-01-20 20:45:29 -08:00
Cykesiopka
638ba07af3
Bug 1233328 - Part 1: Ignore SHA-1 pins in PublicKeyPinningService.cpp. r=keeler
2016-01-20 20:40:01 -08:00
Sylvestre Ledru
ab4e3a0d42
Bug 1218816 - Remove useless semicolons. Found by coccinelle. r=Ehsan
...
--HG--
extra : rebase_source : 7d2cc56b6553cd7a8d848d3c660f30735bd82eec
2016-01-22 16:58:49 +01:00
David Keeler
2af33cad3c
bug 1240173 - improve nsIX509Cert.dbKey r=Cykesiopka
...
--HG--
extra : rebase_source : 43ceae97c5188fff16e18a66d25a9fdba320bcc8
2016-01-15 14:33:56 -08:00
David Keeler
113252b726
bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=Cykesiopka,mgoodwin,rbarnes
...
Before this patch, we were measuring where SHA-1 was being used in TLS
certificates: nowhere, in end-entities, in intermediates, or in both. However,
the possible SHA-1 policies don't differentiate between end-entities and
intermediates and instead depended on whether or not each certificate has a
notBefore value after 2015 (i.e. >= 0:00:00 1 January 2016 UTC). We need to
gather telemetry on the possible policy configurations.
--HG--
extra : rebase_source : 301c821c8de16ffb924cd198dd0a4d3139536019
2016-01-13 12:50:42 -08:00
David Keeler
263b6bd7fe
bug 1239609
- audit nsNSSShutDownObject destructors for correctness r=Cykesiopka,sworkman
...
--HG--
extra : rebase_source : 3a20138211bfab811fb3adb2d7b0030a3b742b3b
2016-01-22 14:49:39 -08:00
Patrick McManus
e9fb442d3d
Bug 1240168 - weak_crypto test assumed blocking semantics from main thread r=keeler
2016-01-15 15:30:20 -05:00
Tim Taubert
38e4db6e5e
Bug 1191936
- Implement RSA-PSS signing and verification r=rbarnes,smaug
2015-10-13 20:22:43 +02:00
Ryan VanderMeulen
7d1bbd8088
Merge inbound to m-c. a=merge
2016-01-17 14:37:29 -05:00
ffxbld
45b07b40c1
No bug, Automated HPKP preload list update from host bld-linux64-spot-439 - a=hpkp-update
2016-01-16 04:03:46 -08:00
ffxbld
a2da16b4a2
No bug, Automated HSTS preload list update from host bld-linux64-spot-439 - a=hsts-update
2016-01-16 04:03:44 -08:00
Jan de Mooij
68d44577b4
Bug 1237232 - Properly check the result of Vector append() calls in security/. r=keeler
2016-01-13 22:05:08 +01:00
David Keeler
17c8d8e45c
bug 1232766 - update the preloaded pinset for Google domains r=rbarnes
...
Also includes a script for making this process faster in the future.
2015-12-28 12:30:14 -08:00
Chris Peterson
3f4e7bf8d5
Bug 1235188 - Fix -Wformat warnings in security/certverifier/. r=keeler
...
security/certverifier/NSSCertDBTrustDomain.cpp:433:26 [-Wformat] format specifies type 'long' but the argument has underlying type 'int'
security/certverifier/NSSCertDBTrustDomain.cpp:433:48 [-Wformat] format specifies type 'long long' but the argument has type 'mozilla::pkix::Time'
2015-12-28 18:41:54 -07:00
ffxbld
9c54b2fdae
No bug, Automated HPKP preload list update from host bld-linux64-spot-506 - a=hpkp-update
2016-01-09 04:38:50 -08:00
ffxbld
98b790fabc
No bug, Automated HSTS preload list update from host bld-linux64-spot-506 - a=hsts-update
2016-01-09 04:38:48 -08:00
Shu-yu Guo
1768759efb
Bug 1220564 - Update chrome code uses of genexprs and legacy comprehensions. (r=billm)
2016-01-06 16:02:16 -08:00
David Keeler
83aec61b67
bug 1230377 - part 2/2: simplify nsIKeyObject and nsIKeyObjectFactory r=jcj
...
nsIKeyObject and nsIKeyObjectFactory defined an interface that was largely
unimplemented. This cuts the interface back to what actually exists in code.
--HG--
extra : rebase_source : 6241e801c3bd7f17518af648158fcfdcd0bda9cf
2015-12-04 10:36:51 -08:00
David Keeler
3da7665447
bug 1230377 - part 1/2: ensure nsKeyObject releases NSS resources on shutdown r=jcj
...
--HG--
extra : rebase_source : 869dfb9450224677a05ac8566056872e8ff82c82
2015-12-03 16:22:34 -08:00
Ehsan Akhgari
1f26ea8aca
Bug 1214305 - Part 10: Clean up global DataStorage references in the child process; r=keeler
2016-01-04 16:30:02 -05:00
ffxbld
67ff8ead96
No bug, Automated HPKP preload list update from host bld-linux64-spot-389 - a=hpkp-update
2016-01-02 04:05:33 -08:00
ffxbld
5b3f84c48b
No bug, Automated HSTS preload list update from host bld-linux64-spot-389 - a=hsts-update
2016-01-02 04:05:31 -08:00
Chris Peterson
4034ee65b8
Bug 1235308 - Fix -Wimplicit-fallthrough warnings in security/. r=keeler
...
security/certverifier/NSSCertDBTrustDomain.cpp:282:5 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
security/manager/ssl/nsNSSComponent.cpp:149:3 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
security/manager/ssl/nsSecureBrowserUIImpl.cpp:1406:5 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
2015-12-25 00:03:35 -07:00
ffxbld
eb1ef42d57
No bug, Automated HPKP preload list update from host bld-linux64-spot-593 - a=hpkp-update
2015-12-26 04:05:29 -08:00
ffxbld
3af3c75cc9
No bug, Automated HSTS preload list update from host bld-linux64-spot-593 - a=hsts-update
2015-12-26 04:05:27 -08:00
Mike Hommey
d7478b6b1e
Bug 1234955 - Make TEST_DIRS a SPECIAL_VARIABLE. r=gps
...
Using TEST_DIRS is nothing more than a shortcut for
if CONFIG['ENABLE_TESTS']:
DIRS += [...]
As such, we might as well remove it being a separate variable, and use some
Context magic to just fill DIRS when ENABLE_TESTS is set.
The security/manager/ssl/tests/unit/moz.build change ensures that the order
of DIRS before the change is kept, not because it matters, but because it
allows to confirm that nothing else is modified by this change.
2015-12-24 13:12:49 +09:00
Nathan Froyd
2c2f66f499
Bug 1232454 - use UniquePtr<T[]> instead of nsAutoArrayPtr<T> in security/apps/; r=keeler
...
As a nice side effect, we also fix a (rare) memory leak in
AppTrustDomain::SetTrustedRoot.
2015-12-06 08:06:03 -05:00
Wes Kocher
b71c3763d0
Backed out changeset f103fd636405 (bug 1232582) for b2g debug xpcshell failures in test_name_constraints.js
2015-12-21 11:01:22 -08:00
Carsten "Tomcat" Book
537c84d51c
Merge mozilla-central to mozilla-inbound
2015-12-21 11:54:26 +01:00
ffxbld
0349798a7f
No bug, Automated HPKP preload list update from host bld-linux64-spot-573 - a=hpkp-update
2015-12-19 04:09:26 -08:00
ffxbld
beab6972e5
No bug, Automated HSTS preload list update from host bld-linux64-spot-573 - a=hsts-update
2015-12-19 04:09:24 -08:00
Cykesiopka
20d4ccd20d
Bug 1232582 - Sort PSM xpcshell.ini and fix --tag psm to actually run all tests. r=dkeeler
...
--HG--
extra : transplant_source : X%02%F1%9Cq%90%8B%0D%04K%C1%1E%A0%BB%F5%7D%2Bs%1BQ
2015-12-17 07:55:54 -08:00
Cykesiopka
05919374b8
Bug 1229284 - Remove support for SHA-1 hashes in genHPKPStaticPins.js. r=keeler
2015-12-17 07:52:00 +01:00
David Keeler
cf2300da93
bug 1230994 - December 2015 batch of EV root CA changes r=mgoodwin
...
Adds:
bug 1193480:
CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
bug 1147675:
CN=TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6,O=TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A...,L=Ankara,C=TR
bug 1230985:
OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
bug 1213044:
CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
2015-12-14 14:44:44 -08:00
Carsten "Tomcat" Book
ee3a10a104
Merge mozilla-central to mozilla-inbound
2015-12-16 12:03:47 +01:00
Nick Alexander
151142df55
Bug 1227248 - Part 2: Add GeneratedTest{Certificate,Key} mozbuild templates. r=gps
...
--HG--
extra : commitid : 793A1duvlom
extra : rebase_source : 5a8fa9f0fb76dceb19525986381cb2a28676601b
extra : histedit_source : aebc6e99e83aaafba08626517850ff4ee23e4c82
2015-12-14 11:50:56 -08:00
Jed Davis
48de284e31
Bug 1222500 - Handle unexpected thread creation better on desktop Linux. r=gdestuynder
2015-11-30 18:21:00 +01:00
Masatoshi Kimura
4bd144165f
Bug 1224875 - Enable TLS extended master secret. r=keeler
2015-12-13 12:09:18 +09:00
ffxbld
d729dd725a
No bug, Automated HPKP preload list update from host bld-linux64-spot-1077 - a=hpkp-update
2015-12-12 04:08:02 -08:00
ffxbld
28f9941a1a
No bug, Automated HSTS preload list update from host bld-linux64-spot-1077 - a=hsts-update
2015-12-12 04:08:00 -08:00
Magnus Melin
b3dba24f5a
Bug 1200567 - ensure shipped blocklist.xml doesn't affect the test_cert_blocklist.js. r=dkeeler
...
Caused comm-central TEST-UNEXPECTED-FAIL | security/manager/ssl/tests/unit/test_cert_blocklist.js | - revocations.txt should be as expected
2015-12-10 19:08:09 +02:00
Ryan VanderMeulen
ec5f2e23e7
Merge m-c to inbound. a=merge
...
--HG--
rename : browser/.eslintrc => storage/.eslintrc
rename : devtools/.eslintrc => toolkit/components/extensions/.eslintrc
extra : rebase_source : 5b2d39a455c81a001bd26e7bc85e7fbacdb79171
2015-12-05 15:27:33 -05:00
Ryan VanderMeulen
289a16635a
Merge fx-team to m-c. a=merge
2015-12-05 15:09:41 -05:00
ffxbld
4dd525a926
No bug, Automated HPKP preload list update from host bld-linux64-spot-049 - a=hpkp-update
2015-12-05 04:05:19 -08:00
ffxbld
d2a4d282da
No bug, Automated HSTS preload list update from host bld-linux64-spot-049 - a=hsts-update
2015-12-05 04:05:17 -08:00
Panos Astithas
92b2551106
Bug 1207146 - Add a link to expert technical information in the cert error page. r=Gijs,keeler
2015-12-04 19:46:13 +02:00
Bob Owen
05eb71c3a0
Bug 1229804: Use the correct string length in Windows sandbox logging. r=tabraldes
2015-12-03 11:19:14 +00:00
Carsten "Tomcat" Book
df451fe7b0
merge mozilla-inbound to mozilla-central a=merge
2015-12-03 12:00:42 +01:00
ffxbld
d661411aa5
No bug, Automated HPKP preload list update from host bld-linux64-spot-369 - a=hpkp-update
2015-12-02 14:59:16 -08:00
ffxbld
eb8afa37f2
No bug, Automated HSTS preload list update from host bld-linux64-spot-369 - a=hsts-update
2015-12-02 14:59:14 -08:00
Mike Hommey
4005d567f9
Bug 1225682 - Don't use nsAuto{,C}String as class member variables in security/manager/. r=keeler
2015-12-02 11:04:37 +09:00
Xidorn Quan
fb855297f6
Bug 1229587 part 2 - Use verbose format to disable C4061 to workaround bug of VS2015u1. r=keeler
...
--HG--
extra : source : 96b812b70961a22ae01a377eb9aaaf405ed13349
2015-12-03 09:29:42 +11:00
Xidorn Quan
8cd346c251
Bug 1229587 part 1 - Disable C4464 warning newly added in VS2015u1. r=keeler
...
--HG--
extra : source : 1c79d789b2de950e8024d857f9315ea362141969
2015-12-03 09:29:42 +11:00
Cykesiopka
cb705a63a6
Bug 1224968 - Support public key input to unbreak periodic HPKP updates. r=keeler
...
be448badb1
%5E!/#F0 switched SHA1 hashes to public keys for static pins. This broke genHPKPStaticPins.js and thus periodic HPKP updates, since the file doesn't handle public keys.
The changes here mostly mirror ba1f296240
.
2015-12-01 00:30:00 +01:00
Cykesiopka
ee7d82a508
Bug 1228794 - Convert test_getchain.js to generate certificates at build time. r=keeler
...
With this change, CertUtils.py is no longer needed.
--HG--
extra : rebase_source : 2e7c7f82c17fd44d97fc68f657f3c313f4b4d125
2015-12-01 00:28:00 +01:00
Bogdan Postelnicu
d61cdc0082
Bug 1228346 - initialize mOCSPMustStapleEnabled in constructor. r=dkeeler
...
--HG--
extra : rebase_source : be8c14f84b53f6e546ff242b40208ec3a1f1be03
2015-11-26 07:40:00 +01:00
David Keeler
a328c0c4e8
bug 986956 - only ever initialize NSS once per process r=Cykesiopka r=mgoodwin
...
As a consequence, if NSS is initialized when there is no profile directory, NSS
will not persist changes. Other failures may occur (e.g. see bug 1216882).
2015-11-19 13:31:52 -08:00
Mark Goodwin
7c0ac05619
Bug 1227970 - Perform preference checks to allow OCSP Bypass for OneCRL via Kinto r=keeler
...
--HG--
extra : commitid : 5UjOTtwGffb
extra : rebase_source : 3ab4f4702056bde2fc6a1c4b22f5ed6abc59b918
2015-11-26 16:57:21 +00:00
Carsten "Tomcat" Book
4e4b15962c
Merge mozilla-central to mozilla-inbound
2015-11-25 13:57:30 +01:00
Jonathan Hao
7882aa6f0e
Bug 1225422 - Update the PrivilegedPackageRoot certificate. r=keeler
2015-11-19 15:08:05 +08:00
Julian Hector
4b2655c8d9
Bug 1215303 - Part 2 - automatically enable broker when in permissive mode r=jld
2015-11-13 12:29:47 +00:00
Julian Hector
46f56a1f0e
Bug 1215303 - Part 1 - add permissive mode r=jld
2015-11-13 12:27:45 +00:00
Ben Bucksch
2572e8c3db
Bug 1200802 - Accept RFC1929 SOCKS credentials in proxyInfo. r=michal
2015-11-24 22:56:00 +01:00
Carsten "Tomcat" Book
5f1ac1afb3
merge mozilla-inbound to mozilla-central a=merge
2015-11-23 14:08:50 +01:00
ffxbld
8ad105e9a0
No bug, Automated HPKP preload list update from host bld-linux64-spot-1073 - a=hpkp-update
2015-11-21 03:49:57 -08:00
ffxbld
71a59e9585
No bug, Automated HSTS preload list update from host bld-linux64-spot-1073 - a=hsts-update
2015-11-21 03:49:55 -08:00
David Keeler
05b2bbbd51
bug 1230234 - fix a leak in client auth certificate handling r=Cykesiopka
...
Looks like this was essentially a copy/paste error. See changeset 04b4ea333800,
which appears to have landed as part of bug 675221 (the bug number annotation in
that commit message is incorrect).
2015-12-03 12:43:23 -08:00
Mark Goodwin
854efb9851
Bug 1224467 - Add a preference for controlling whether oneCRL blocklists are updated via AMO. Also add a test. r=keeler,mossop
2015-11-18 11:53:54 +00:00
Carsten "Tomcat" Book
a22ff2640a
Merge mozilla-central to mozilla-inbound
2015-11-17 12:33:46 +01:00
Carsten "Tomcat" Book
6f7666a6c8
merge fx-team to mozilla-central a=merge
2015-11-17 12:10:03 +01:00
ffxbld
869bf240ee
No bug, Automated HPKP preload list update from host bld-linux64-spot-383 - a=hpkp-update
2015-11-17 00:44:58 -08:00
ffxbld
a3e192d586
No bug, Automated HSTS preload list update from host bld-linux64-spot-383 - a=hsts-update
2015-11-17 00:44:56 -08:00
Cykesiopka
af62dfe8e5
Bug 1224478 - Replace do_check_* calls with their Assert.jsm equivalents in PSM xpcshell tests. r=keeler
...
Also replaces if-do_throw() blocks with equivalent Assert.jsm method calls.
2015-11-16 22:53:00 +01:00
Wes Kocher
c0ece6bf0d
Merge m-c to fx-team, a=merge
...
--HG--
extra : commitid : 2bzybQqlwy0
2015-11-16 17:28:26 -08:00
Panos Astithas
d9c75611cd
Make 'Go Back' button work even when there is nothing to go back to (bug 1221084); r=paolo
2015-11-16 15:37:27 +02:00
Cykesiopka
c10edfff85
Bug 1224481 - Comment out CA certs removed in NSS 3.21 in PreloadedHPKPins.json to keep periodic Static HPKP updates working. r=dkeeler
...
--HG--
extra : transplant_source : %EAM%5D1%93%28H%BA%82%C0%0F%BB%3D%9E%40%8B%BCx%EB%03
2015-11-13 07:28:28 -08:00
Cykesiopka
fedad480ea
Bug 1222903 - Reject EV status for EV EE certs that are valid for longer than 27 months as well. r=keeler
2015-11-13 07:42:00 +01:00
David Keeler
eae048cea6
bug 1222179 - remove unnecessary observation topics in nsNSSComponent r=Cykesiopka
...
nsNSSComponent would (unnecessarily) observe "profile-change-net-teardown" and
"profile-change-net-restore". Now it no longer does.
2015-11-12 16:21:33 -08:00
Mark Goodwin
9f468cf8f0
Bug 921907 - Enable OCSP must-staple. r=keeler
...
--HG--
extra : commitid : LvP86DDj772
extra : rebase_source : e06438c614c00fd9d77ca88886368948f13d6454
extra : histedit_source : f72078bac3dd14d4166ddd3bf24b582b13de1519
2015-11-20 11:44:25 +00:00
Kai Engert
826cd3d4e3
Bug 1211568, land NSS_3_21_RTM r=martin.thomson, and adjust Makefiles r=mh
2015-11-13 18:03:01 +01:00
Mark Goodwin
a954826958
Bug 901698 - Some tests for OCSP-must-staple; r=keeler
2015-11-13 16:49:09 +00:00
Mark Goodwin
31adb1a5c5
Bug 901698 - Implement OCSP-must-staple; r=keeler
2015-11-13 16:49:08 +00:00
David Keeler
a1cf24355b
bug 1223466 - update extended validation information to deal with root removals in NSS 3.21 r=mgoodwin
...
These entries were removed:
from bug 1204962:
CN=TC TrustCenter Universal CA III,OU=TC TrustCenter Universal CA,O=TC TrustCenter GmbH,C=DE
SHA-256: 309B4A87F6CA56C93169AAA99C6D988854D7892BD5437E2D07B29CBEDA55D35D
SHA-1: 9656CD7B57969895D0E141466806FBB8C6110687
from bug 1204997:
CN=A-Trust-nQual-03,OU=A-Trust-nQual-03,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT
SHA-256: 793CBF4559B9FDE38AB22DF16869F69881AE14C4B0139AC788A78A1AFCCA02FB
SHA-1: D3C063F219ED073E34AD5D750B327629FFD59AF2
from bug 1208461:
CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
SHA-256: 85FB2F91DD12275A0145B636534F84024AD68B69B8EE88684FF711375805B348
SHA-1: 58119F0E128287EA50FDD987456F4F78DCFAD6D4
2015-11-10 10:13:18 -08:00
Wes Kocher
ea2623adb5
Merge m-c to inbound, a=merge
...
--HG--
extra : commitid : 93SodIi80b2
2015-11-11 17:12:26 -08:00
Masatoshi Kimura
fa64c65e7c
Bug 1219088 - Clear the session cache when a weak crypto override is revoked. r=keeler
2015-11-11 23:13:34 +09:00
Masatoshi Kimura
4b8e5ced0f
Bug 1223131 - Don't remove a host from the whitelist if the version fallback was needed. r=keeler
2015-11-12 07:18:37 +09:00
Ehsan Akhgari
eac2db7101
Bug 1215723 - Part 5: Add an automated test; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
eb4d13fb3b
Bug 1215723 - Part 4: Make isSecureHost and isSecureURI usable from the content process; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
78ee50aca4
Bug 1215723 - Part 3: Propagate updates to DataStorage from the parent process to the content processes; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
9aa975d49d
Bug 1215723 - Part 2: Initialize DataStorage items in the content process from the data in the parent; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
3810eb599b
Bug 1215723 - Part 1: Make DataStorage a singleton for each file name; r=keeler
...
This is needed so that we'd be able to identify a DataStorage instance
based on its file name.
2015-11-02 12:33:00 -05:00
David Keeler
29b3d15dde
bug 1220223 - don't load PKCS11 modules in safe mode r=mgoodwin r=bsmedberg
2015-10-30 10:37:22 -07:00
Wes Kocher
4c7afc9339
Backed out 5 changesets (bug 1215723) for android S4 bustage
...
Backed out changeset 2a945ce1cd40 (bug 1215723)
Backed out changeset dd7f58b60ddc (bug 1215723)
Backed out changeset 62dbb95bd79a (bug 1215723)
Backed out changeset b31ac98bb3c8 (bug 1215723)
Backed out changeset 228cdfaa82c1 (bug 1215723)
--HG--
extra : commitid : 70ygtTBi2V5
2015-11-06 15:19:35 -08:00
Ehsan Akhgari
334376c936
Bug 1215723 - Part 5: Add an automated test; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
498c385ee1
Bug 1215723 - Part 4: Make isSecureHost and isSecureURI usable from the content process; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
06479e6793
Bug 1215723 - Part 3: Propagate updates to DataStorage from the parent process to the content processes; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
999f1ba408
Bug 1215723 - Part 2: Initialize DataStorage items in the content process from the data in the parent; r=keeler
2015-10-30 15:30:00 -04:00
Ehsan Akhgari
6e561438d9
Bug 1215723 - Part 1: Make DataStorage a singleton for each file name; r=keeler
...
This is needed so that we'd be able to identify a DataStorage instance
based on its file name.
2015-11-02 12:33:00 -05:00
David Keeler
7380482a28
bug 1218596 - remove nsPSMInitPanic and other unnecessary things from nsNSSComponent r=Cykesiopka r=jcj
2015-10-26 16:02:19 -07:00
Wes Kocher
37b7f2920b
Backed out changeset ae1885cf1fd6 (bug 1218596) for windows build bustage CLOSED TREE
...
--HG--
extra : commitid : 6GZJDFkoL81
2015-11-05 17:48:53 -08:00
Mike Hommey
762aba02cd
Bug 1221453 - Use ObjDirPaths for GENERATED_INCLUDES and merge with LOCAL_INCLUDES. r=gps
2015-11-06 09:59:21 +09:00
David Keeler
9d11e85ed9
bug 1218596 - remove nsPSMInitPanic and other unnecessary things from nsNSSComponent r=Cykesiopka r=jcj
2015-10-26 16:02:19 -07:00
Chris Manchester
8ffd9ff2ed
Bug 1218999 - Back out changeset 5f32b2bcfa43 (bug 1188468) in favor of a more efficient solution. r=glandium
...
Bug 118468 landed an option for FileAvoidWrite to always write to an output
file, whether or not the contents would be changed. This was to address a
problem caused by not updating mtimes when building GENERATED_FILES, but
undoes the purpose of FileAvoidWrite and isn't really necessary.
This is addressed in a subsequent commit by unconditionally updating
mtimes when processing GENERATED_FILES.
--HG--
extra : commitid : AfOhgUstokq
2015-11-03 10:23:04 -08:00
Cykesiopka
34ca9c027f
Bug 1110935 - Part 3 - Remove now unnecessary temp variables. r=keeler
2015-11-02 22:11:00 +01:00
Cykesiopka
f625d9c9b9
Bug 1110935 - Part 2 - Remove ReentrantMonitor and ReentrantMonitorAutoEnter uses. r=keeler
2015-11-02 22:10:00 +01:00
Cykesiopka
9e34144349
Bug 1110935 - Part 1 - Assert we're on the main thread on public methods. r=keeler
2015-11-02 22:09:00 +01:00
Phil Ringnalda
7c5e9caf26
Back out changeset bda43f333e1a (bug 1211568) for "Could not find EV root in NSS storage" assertion failures
...
CLOSED TREE
2015-11-10 08:18:47 -08:00
Kai Engert
a24d95bb6d
Bug 1211568, land NSS_3_21_RTM r=martin.thomson, and adjust Makefiles r=mh
2015-11-10 16:24:15 +01:00
Jed Davis
8be1ae39c7
Bug 1207790 - Fix sandbox build for older Linux distributions. r=gdestuynder
2015-10-30 15:13:00 +01:00
Birunthan Mohanathas
9985829ecc
Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj
2015-11-02 07:53:26 +02:00
Cykesiopka
581125e850
Bug 1186817 - Replace nsBaseHashtable::EnumerateRead() calls in security/ with iterators. r=keeler
...
--HG--
extra : histedit_source : ec44c79c05d3fb73cd720a9d5315ff781af812f1
2015-10-30 07:50:09 -07:00
David Keeler
1443993537
bug 1218515 - flip pinning-test.badssl.com into production mode r=jcj DONTBUILD NPOTB
...
pinning-test.badssl.com is a test domain for preloaded HPKP (HTTP Public Key
Pinning - see RFC 7469). By specifying a pinset corresponding to no known keys,
this domain should fail with a key pinning error by default. Also, the
includeSubdomains option is set, so any subdomains should fail as well.
Since Gecko incorporates preloaded pinsets from Chromium, this pinset is already
defined. This patch merely switches it from test mode to production mode (well,
to be more accurate, this patch sets up the input for the automated script that
will make the code change that will put the pinset into production mode).
2015-10-26 14:39:25 -07:00
Birunthan Mohanathas
44936aabb2
Bug 1217320 - Remove more XPIDL signature comments in .cpp files. r=froydnj
...
Comment-only, DONTBUILD.
2015-10-27 06:54:25 +02:00
David Keeler
3b82e8f390
bug 1217602 - remove nsIPKIParamBlock r=Cykesiopka
...
nsIPKIParamBlock was unnecessary.
2015-10-22 13:11:40 -07:00
Ryan VanderMeulen
44509e6e7e
Merge m-c to inbound.
...
--HG--
extra : rebase_source : b7fe225cdd43cb770c7d7a1e8d2be6a52678aa7a
2015-10-24 15:03:15 -04:00
ffxbld
53f7cca550
No bug, Automated HPKP preload list update from host bld-linux64-spot-508 - a=hpkp-update
2015-10-24 03:47:13 -07:00
ffxbld
dfb1f8693f
No bug, Automated HSTS preload list update from host bld-linux64-spot-508 - a=hsts-update
2015-10-24 03:47:11 -07:00
Cykesiopka
4ec261d0e7
Bug 1194419 - Remove signature algorithm duplicate use in serial number determination in pycert. r=keeler
2015-10-23 05:13:00 -04:00
Jonathan Hao
3d02a2da65
Bug 1216469 - Bypass verification for signed packages from trust origins. r=valentin
2015-10-22 17:09:44 +08:00
David Keeler
23a0cee1a8
bug 1215690 - remove nsPSMUITracker r=Cykesiopka r=mgoodwin
...
nsPSMUITracker was problematic. Apparently it was originally intended to prevent
NSS shutdown while NSS-related UI operations were going on (such as choosing a
client certificate). However, when nsNSSComponent would receive the event that
told it to shutdown NSS, it would attempt to call
mShutdownObjectList->evaporateAllNSSResources(), which would call
mActivityState.restrictActivityToCurrentThread(), which failed if such a UI
operation was in progress. This actually prevented the important part of
evaporateAllNSSResources, which is the releasing of all NSS objects in use by
PSM objects. Importantly, nsNSSComponent didn't check for or handle this failure
and proceeded to call NSS_Shutdown(), leaving PSM in an inconsistent state where
it thought it was okay to keep using the NSS objects it had when in fact it
wasn't.
In any case, nsPSMUITracker isn't really necessary as long as we have the
nsNSSShutDownPreventionLock mechanism, which mostly works and is what we should
use instead (or not at all, if no such lock is needed for the operation being
performed (for example, if no NSS functions are being called)).
2015-10-16 14:31:57 -07:00
Jed Davis
e31f20875c
Bug 1215734 - Expand GeckoMediaPlugin sandbox policy for Clang 3.7 ASan. r=kang
2015-10-22 11:19:37 -07:00
Andrew McCreight
0cb71c483c
Bug 1157515 - CipherSuiteChangeObserver should clean itself up. r=keeler
2015-10-22 09:21:51 -07:00
Martin Thomson
9507291e59
Bug 1211568 - Update NSS to 3.21 Beta 3, r=kaie
...
--HG--
extra : commitid : 2fCIZ27Gd2I
extra : rebase_source : 57ff0dcc9361618ea53aac7ebea83460cba1c390
2015-10-23 11:39:23 -07:00
Masatoshi Kimura
6ad41c8aee
Bug 1215796 - Remove the static fallback whitelist. r=keeler
2015-10-22 21:37:40 +09:00
Masatoshi Kimura
5feda64143
Bug 1214981 - Disable output stream buffering. r=keeler
2015-10-21 15:23:00 -04:00
Wes Kocher
ceefa2939a
Merge b2ginbound to central, a=merge
2015-10-21 16:37:24 -07:00
Wes Kocher
b8596f28a2
Merge inbound to m-c a=merge
2015-10-21 16:28:43 -07:00
J. Ryan Stinnett
7eceb8f4c5
Bug 1203159 - Clean up various tests after DevTools resource move. r=me
2015-10-21 14:18:29 -05:00
Jonathan Hao
e4b1f62b85
Bug 1178448 - Use imported CA in developer mode. r=keeler,valentin
2015-10-08 17:08:45 +08:00
Masatoshi Kimura
886c72f81f
Bug 1215795 - Fix documentation in nsIWeakCryptoOverride.idl. r=keeler IGNORE IDL
2015-10-20 20:29:56 +09:00
Carsten "Tomcat" Book
ea5d701c66
Backed out changeset 11e681d48acd (bug 1194419) for S4 Test failures
2015-10-20 12:40:18 +02:00
Kai Engert
a922dcab99
Bug 1215200, NSPR_4_10_10_RTM and NSS 3_20_1_RTM, bump version requirements, r=keeler
2015-10-20 12:34:15 +02:00
Cykesiopka
f21d36e95a
Bug 1215779 - Remove broken (non-EC) DSA keygen code. r=keeler
2015-10-19 22:54:00 +02:00
Cykesiopka
fa99ba4063
Bug 1194419 - Remove signature algorithm duplicate use in serial number determination in pycert. r=dkeeler
...
--HG--
extra : rebase_source : 14756428ea3f8bc41d746a2e71a5d4914e96f33c
2015-10-17 09:04:43 -07:00
Bob Owen
2233e7518a
Bug 1187031: Move back to using USER_LOCKDOWN for the GMP sandbox policy on Windows. r=aklotz
...
This also removes turning off optimization for the Load function. That was an
attempt to fix the side-by-side loading. It may also have helped with ensuring
that the memsets were not optimized, but that has been fixed by Bug 1208892.
2015-10-21 08:46:57 +01:00
Nathan Froyd
01583602a9
Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat
...
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout. The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.
CLOSED TREE makes big refactorings like this a piece of cake.
# The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
xargs perl -p -i -e '
s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
s/nsRefPtr ?</RefPtr</g; # handle declarations and variables
'
# Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h
# Handle nsRefPtr.h itself, a couple places that define constructors
# from nsRefPtr, and code generators specially. We do this here, rather
# than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
# things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
mfbt/nsRefPtr.h \
xpcom/glue/nsCOMPtr.h \
xpcom/base/OwningNonNull.h \
ipc/ipdl/ipdl/lower.py \
ipc/ipdl/ipdl/builtin.py \
dom/bindings/Codegen.py \
python/lldbutils/lldbutils/utils.py
# In our indiscriminate substitution above, we renamed
# nsRefPtrGetterAddRefs, the class behind getter_AddRefs. Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'
if [ -d .git ]; then
git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi
--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
2015-10-18 01:24:48 -04:00
Nathan Froyd
583afa0965
Bug 1207245 - part 3 - switch all uses of mozilla::RefPtr<T> to nsRefPtr<T>; r=ehsan
...
This commit was generated using the following script, executed at the
top level of a typical source code checkout.
# Don't modify select files in mfbt/ because it's not worth trying to
# tease out the dependencies currently.
#
# Don't modify anything in media/gmp-clearkey/0.1/ because those files
# use their own RefPtr, defined in their own RefCounted.h.
find . -name '*.cpp' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
grep -v 'mfbt/RefPtr.h' | \
grep -v 'mfbt/nsRefPtr.h' | \
grep -v 'mfbt/RefCounted.h' | \
grep -v 'media/gmp-clearkey/0.1/' | \
xargs perl -p -i -e '
s/mozilla::RefPtr/nsRefPtr/g; # handle declarations in headers
s/\bRefPtr</nsRefPtr</g; # handle local variables in functions
s#mozilla/RefPtr.h#mozilla/nsRefPtr.h#; # handle #includes
s#mfbt/RefPtr.h#mfbt/nsRefPtr.h#; # handle strange #includes
'
# |using mozilla::RefPtr;| is OK; |using nsRefPtr;| is invalid syntax.
find . -name '*.cpp' -o -name '*.mm' | xargs sed -i -e '/using nsRefPtr/d'
# RefPtr.h used |byRef| for dealing with COM-style outparams.
# nsRefPtr.h uses |getter_AddRefs|.
# Fixup that mismatch.
find . -name '*.cpp' -o -name '*.h'| \
xargs perl -p -i -e 's/byRef/getter_AddRefs/g'
2015-10-18 00:40:10 -04:00
Phil Ringnalda
9ea53214d8
Merge f-t to m-c, a=merge
2015-10-17 11:19:46 -07:00
Phil Ringnalda
df1ce0b4c5
Merge m-i to m-c, a=merge
2015-10-17 10:16:55 -07:00
ffxbld
39d37ae7b8
No bug, Automated HPKP preload list update from host bld-linux64-spot-1092 - a=hpkp-update
2015-10-17 04:10:53 -07:00
ffxbld
7b8e76fcc8
No bug, Automated HSTS preload list update from host bld-linux64-spot-1092 - a=hsts-update
2015-10-17 04:10:51 -07:00
Masatoshi Kimura
82af783064
Bug 1207137 - Set a security state flag when weak crypto override is needed. r=keeler
2015-10-17 09:38:30 +09:00
Kai Engert
3556fa0bdc
Bug 1215200, NSPR_4_10_10_RC1 and NSS_3_20_1_RC0, r=dkeeler
2015-10-16 15:29:23 +02:00
David Keeler
3c1a47a734
bug 1215270 - remove some unused functions from nsNSSShutDown.h r=Cykesiopka
...
nsNSSShutDownList::isUIActive() and areSSLSocketsActive() should probably have
been removed as part of bug 807757.
2015-10-15 13:22:13 -07:00
Nigel Babu
d45a6e832d
Backed out changeset b46b688e6295 (bug 1215200) for build bustage ON A CLOSED TREE
2015-10-16 11:52:10 +05:30
Kai Engert
8826499e8a
Bug 1215200, Upgrade to NSPR 4.10.10 and NSS 3.20.1, landing release candidate tags, r=dkeeler
2015-10-16 08:04:16 +02:00
Masatoshi Kimura
f4c563b057
Bug 1168635 - Add an XPCOM interface to allow RC4. r=keeler
...
--HG--
rename : netwerk/test/unit/test_tls_server.js => security/manager/ssl/tests/unit/test_weak_crypto.js
2015-10-15 05:48:27 +09:00
Carsten "Tomcat" Book
17a3104f22
Backed out changeset 66e3972e9150 (bug 1168635)
2015-10-14 16:28:41 +02:00
Masatoshi Kimura
00d864d313
Bug 1168635 - Add an XPCOM interface to allow RC4. r=keeler
...
--HG--
rename : netwerk/test/unit/test_tls_server.js => security/manager/ssl/tests/unit/test_weak_crypto.js
2015-10-14 21:12:35 +09:00
David Keeler
49f91fb31f
bug 1209695 - fold mochitest test_bug413909.html into xpcshell test_cert_overrides.js r=mgoodwin
...
test_bug413909.html doesn't need to be a mochitest. Furthermore,
test_cert_overrides.js tests a lot of the same functionality.
This just moves the unique parts from the old test to a new home
in the xpcshell test (to be specific, some IDN handling and that
"port" -1 is the same as port 443).
2015-09-29 13:24:19 -07:00
Carsten "Tomcat" Book
a5c0ea6d4f
Merge m-c to mozilla-inbound
2015-10-12 11:58:46 +02:00
Carsten "Tomcat" Book
2b1a321946
merge mozilla-inbound to mozilla-central a=merge
2015-10-12 11:57:06 +02:00
ffxbld
214a24da25
No bug, Automated HPKP preload list update from host bld-linux64-spot-138 - a=hpkp-update
2015-10-10 03:46:02 -07:00
ffxbld
8aa9ed515a
No bug, Automated HSTS preload list update from host bld-linux64-spot-138 - a=hsts-update
2015-10-10 03:46:00 -07:00
Hiroyuki Ikezoe
3363f1775d
Bug 1167627 - Part 6: Use mozinfo in security/. r=dkeeler
2015-10-11 21:49:00 +02:00
Ehsan Akhgari
e6a62c4d9d
Bug 1213151 - Part 2: Use SpecialPowers.cleanUpSTSData() in a few tests; r=jdm
2015-10-09 10:56:19 -04:00
Jed Davis
faf361396a
Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud
...
--HG--
extra : rebase_source : 68565c447e3731e9c562514e8355044cfd8c28b9
2015-10-07 13:41:00 +02:00
Cykesiopka
2be3b53afa
Bug 1205962 - Address some pylint complaints about pycert.py and pykey.py, r=keeler
...
Also adds more uses of enumerate() to simplify code.
--HG--
extra : amend_source : 758eee481fa2d93f984f090aaa443b3b5756fb1f
2015-10-05 23:24:14 -07:00
Jed Davis
1ae9d0519b
Bug 930258 - Part 3: a file broker policy for the B2G emulator. r=kang
2015-10-07 22:13:08 -07:00
Jed Davis
562c4e7b57
Bug 930258 - Part 2: seccomp-bpf integration. r=kang
2015-10-07 22:13:08 -07:00
Jed Davis
bd859174ac
Bug 930258 - Part 1: The file broker, and unit tests for it. r=kang f=froydnj
2015-10-07 22:13:08 -07:00
David Keeler
9b75f2c0d5
bug 975763 - move test_certificate_overrides.html to test_cert_override_bits_mismatches.js r=mgoodwin
...
test_certificate_overrides.html didn't need to be a mochitest.
2015-09-29 12:39:54 -07:00
Carsten "Tomcat" Book
08997000eb
Backed out 2 changesets (bug 1202902
) to recking bug 1202902
to be able to reopen inbound on a CLOSED TREE
...
Backed out changeset 647025383676 (bug 1202902
)
Backed out changeset d70c7fe532c6 (bug 1202902
)
2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book
e7ef778c9d
Backed out 1 changesets (bug 1202902
) for causing merge conflicts to mozilla-central
...
Backed out changeset cfc1820361f5 (bug 1202902
)
--HG--
extra : rebase_source : 5d3db72337754bc7ab0ed0c30b2896100411ff92
2015-10-07 12:13:45 +02:00
Shu-yu Guo
d06b6030f6
Bug 1202902
- Scripted fix the world.
2015-10-06 14:00:31 -07:00
Ben Kelly
65ad5a613b
Bug 1210941 P10 Use LOAD_BYPASS_SERVICE_WORKER in nsNSSCallbacks. r=ehsan
2015-10-06 06:37:07 -07:00
Kate McKinley
5955ecaffd
Bug 1191414 - gather telemetry on usage of <keygen>. r=keeler,r=vladan
...
--HG--
extra : rebase_source : 69aed7cd26800c9a6c6975ab24bf3e5bb3c77730
2015-09-22 09:52:58 -07:00
Wes Kocher
9bd6e9ee5a
Backed out changeset c288fb0952fb (bug 1211568) for build bustage CLOSED TREE
2015-10-05 15:56:08 -07:00
Kai Engert
118b9ae5d0
Bug 1211568 - Upgrade Firefox 44 to NSS 3.21, landing NSS_3_21_Beta2, r=mt
...
--HG--
extra : rebase_source : 498e86da715351a7d1712d07e790f8691fd8d213
2015-10-05 22:42:28 +02:00
Jed Davis
0db519c66f
Bug 1207401 - Send B2G sandbox logging to both stderr and logcat. r=kang
2015-10-05 09:21:39 -07:00
Bob Owen
96010550f8
Bug 1207972: Move to using USER_INTERACTIVE and JOB_INTERACTIVE by default for the Windows content sandbox. r=tabraldes
2015-10-05 11:10:46 +01:00
Nicholas Nethercote
7d1c7e0014
Bug 1209351 (part 5) - Optimize nsTHashTable::RemoveEntry() usage in security/. r=keeler.
...
--HG--
extra : rebase_source : 74877baad7a7e019c7151efaad96d7b8ccc4b6f5
2015-09-24 20:44:31 -07:00
Phil Ringnalda
1d51d1b32a
Merge m-i to m-c, a=merge
2015-10-03 15:37:39 -07:00
ffxbld
30f46ea33e
No bug, Automated HPKP preload list update from host bld-linux64-spot-410 - a=hpkp-update
2015-10-03 03:44:51 -07:00
ffxbld
bde4cad906
No bug, Automated HSTS preload list update from host bld-linux64-spot-410 - a=hsts-update
2015-10-03 03:44:49 -07:00
David Keeler
a81ffd22d7
bug 1205767 - prevent memory leak when generating an EC key with <keygen> r=ttaubert
2015-09-17 14:57:24 -07:00
Tooru Fujisawa
ab6dcb335c
Bug 1207499 - Part 8: Remove use of expression closure from security/. r=keeler
...
--HG--
extra : commitid : CRZpUoDhoRa
extra : rebase_source : b04cc9260a59cc53f406181c67e6db4560677022
2015-09-23 18:42:19 +09:00
Kaspar Brand
f0941953dd
Bug 278689 - Multiple Certificates with the same subject are not shown in the digital signature select cert combo (only one is shown) r=dkeeler
...
--HG--
extra : rebase_source : 442661d99de1c5786c04d49cfcd96a672d3077be
2015-09-05 07:52:00 +02:00
David Keeler
30706f9f69
bug 1187994 - remove unused file CryptoUtil.h r=jcj
...
This probably should have been removed as part of bug 891066.
2015-07-27 09:56:14 -07:00
David Keeler
ae6538ad30
bug 1203312 - split tlsserver certificates into ocsp_certs and bad_certs r=mgoodwin
...
The B2G emulators apparently take ~5 minutes to read 50 certificates into
memory, which causes intermittent test timeouts. This is an attempt to
reduce the number of certificates needed to be read at any given time.
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/badSubjectAltNames.pem.certspec => security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpoch.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpochINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpochIssuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ca-used-as-end-entity.pem.certspec => security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.key.keyspec => security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/eeIssuedByNonCA.pem.certspec => security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/eeIssuedByV1Cert.pem.certspec => security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expired-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expired-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expiredINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expiredINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expiredissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.key.keyspec => security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/inadequateKeySizeEE.pem.certspec => security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/inadequatekeyusage-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ipAddressAsDNSNameInSAN.pem.certspec => security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/md5signature-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/md5signature.pem.certspec => security/manager/ssl/tests/unit/bad_certs/md5signature.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-notYetValid.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-untrusted-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-untrusted.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatchCN.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/moz.build => security/manager/ssl/tests/unit/bad_certs/moz.build
rename : security/manager/ssl/tests/unit/tlsserver/noValidNames.pem.certspec => security/manager/ssl/tests/unit/bad_certs/noValidNames.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValid.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValid.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValidINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValidIssuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeCritical.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeCriticalWithExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeNotCritical.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-issuer-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.key.keyspec => security/manager/ssl/tests/unit/bad_certs/other-test-ca.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.pem.certspec => security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/self-signed-EE-with-cA-true.pem.certspec => security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/selfsigned-inadequateEKU.pem.certspec => security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/selfsigned.pem.certspec => security/manager/ssl/tests/unit/bad_certs/selfsigned.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-ca.pem.certspec => security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int.pem.certspec => security/manager/ssl/tests/unit/bad_certs/test-int.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/unknownissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/untrusted-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/untrustedissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/v1Cert.pem.certspec => security/manager/ssl/tests/unit/bad_certs/v1Cert.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ca-used-as-end-entity.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ca-used-as-end-entity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/default-ee.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/default-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/delegatedSHA1Signer.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/delegatedSHA1Signer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/delegatedSigner.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/delegatedSigner.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerFromIntermediate.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerFromIntermediate.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerKeyUsageCrlSigning.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerKeyUsageCrlSigning.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerNoExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerNoExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerWrongExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerWrongExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ocspEEWithIntermediate.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ocspEEWithIntermediate.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ocspOtherEndEntity.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ocspOtherEndEntity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/other-test-ca.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/other-test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/rsa-1016-keysizeDelegatedSigner.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/rsa-1016-keysizeDelegatedSigner.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-ca.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/test-int.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/same-issuer-ee.pem.certspec => security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int-ee.pem.certspec => security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec
2015-09-22 17:03:15 -07:00
David Keeler
74e470d1ac
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
ffxbld
03aa14625c
No bug, Automated HPKP preload list update from host bld-linux64-spot-363 - a=hpkp-update
2015-09-26 03:40:59 -07:00
ffxbld
1b40f22c12
No bug, Automated HSTS preload list update from host bld-linux64-spot-363 - a=hsts-update
2015-09-26 03:40:57 -07:00
Jonathan Hao
e2da61623b
Bug 1178518 - Add an AppTrustedRoot for signed packaged app. r=keeler
2015-09-07 15:28:21 +08:00
ffxbld
51c75f9eac
No bug, Automated HPKP preload list update from host bld-linux64-spot-560 - a=hpkp-update
2015-09-19 03:46:51 -07:00
ffxbld
c354c7fbb7
No bug, Automated HSTS preload list update from host bld-linux64-spot-560 - a=hsts-update
2015-09-19 03:46:49 -07:00
Wes Kocher
21a9e609d5
Backed out changeset a08287c70962 (bug 1203312) for b2g xpcshell failures
2015-09-18 12:53:24 -07:00
David Keeler
4cfc799e53
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
Kate McKinley
163979ae9f
Bug 1196039 - Telemetry for certificate lifetime. r=rbarnes,vladan
2015-09-17 10:04:52 -07:00
Nicholas Nethercote
647b520991
Bug 1201135 - Rename pldhash.{h,cpp} to PLDHashTable.{h,cpp}. r=mccr8.
...
--HG--
rename : xpcom/glue/pldhash.cpp => xpcom/glue/PLDHashTable.cpp
rename : xpcom/glue/pldhash.h => xpcom/glue/PLDHashTable.h
extra : rebase_source : 06b9d30db96ed78500fd44d9c0b51609103508a3
2015-09-15 20:49:53 -07:00
Ehsan Akhgari
e23a8d38a3
Bug 1205302 - Disallow intercepting OCSP requests; r=jdm
2015-09-16 19:15:32 -04:00
Nicholas Nethercote
2ee4fd783b
Bug 1121760 (part 6) - Move all remaining PL_DHash*() functions into PLDHashTable. r=poiru.
...
--HG--
extra : rebase_source : 3cdc975507170d783b02d70f7c7d95c6bf2e1bcd
2015-09-14 14:23:47 -07:00
Nicholas Nethercote
59683492e5
Bug 1121760 (part 3) - Remove PL_DHashTableRemove(). r=poiru.
...
--HG--
extra : rebase_source : c34d693de4aca45f2ea05c2767c8b1007c89df29
2015-09-14 14:23:24 -07:00
Nicholas Nethercote
479244f7c9
Bug 1121760 (part 2) - Remove PL_DHashTableAdd(). r=poiru.
...
--HG--
extra : rebase_source : 41eb939bfb5c925cba58b1af57abce9a4e5fdb30
2015-09-14 14:23:12 -07:00
Nicholas Nethercote
fcfdd8f54b
Bug 1121760 (part 1) - Remove PL_DHashTableSearch(). r=poiru.
...
--HG--
extra : rebase_source : 770e1f49a451ecbadd778e071b204611e27cf701
2015-05-21 00:34:25 -07:00
Shu-yu Guo
64db2267cf
Bug 1202902
- Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff)
2015-09-15 11:19:45 -07:00
Cykesiopka
2cdc0c814f
Bug 443811 - Use long date format for cert date output. r=keeler
...
--HG--
extra : rebase_source : cdd9b41b40125489e55171c1ece54bbd2a0cf947
2015-09-13 23:33:00 +02:00
Richard Barnes
990593f9cf
Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
2015-09-11 14:52:30 -04:00
ffxbld
c09a97364f
No bug, Automated HPKP preload list update from host bld-linux64-spot-542 - a=hpkp-update
2015-09-12 03:39:46 -07:00
ffxbld
28a278226f
No bug, Automated HSTS preload list update from host bld-linux64-spot-542 - a=hsts-update
2015-09-12 03:39:44 -07:00
Steven Michaud
218db8d580
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald
2015-09-10 15:32:42 -05:00
Mark Goodwin
b212375b7e
Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler
...
1) Added some comments to firefox.js to explain the relationship between
extensions.blocklist.interval and security.onecrl.maximum_staleness_in_seconds
2) Modified default values in firefox.js and mobile.js to set maximum staleness
to 1.25x blocklist interval
3) modified the tests_ev_certs.js xpcshell test to cope with larger maximum
staleness values to address test failures
2015-09-10 11:10:07 +01:00