OSKeyStore doesn't need its own thread and can use the background thread pool instead.
Differential Revision: https://phabricator.services.mozilla.com/D66692
--HG--
extra : moz-landing-system : lando
PKCS#11 requires that serial numbers be DER-encoded (essentially, the bytes of
the serialNumber component of TBSCertificate). On macOS,
SecCertificateCopySerialNumberData gives the contents of this component (so it
lacks the tag and length fields, and may or may not have leading 00 or FF bytes
to indicate sign). On Windows, CERT_INFO.SerialNumber is the value of the
integer with the least significant byte first, which is the opposite of DER
(which has the most significant byte first). It also lacks any leading 00 or FF
sign bytes. Since the OS APIs can't be used here, this patch introduces a
utility function to grab the value of the serialNumber component of a
DER-encoded certificate.
Differential Revision: https://phabricator.services.mozilla.com/D66327
--HG--
extra : moz-landing-system : lando
Before this patch, PSM would register content type handlers to handle certain
certificate types. This was an easy way to install a client certificate after
generating a key with <keygen>, but keygen has been removed. This was also an
easy way to install root certificates, but that's actually a considerable
security risk. We kept this functionality for so long because it was the only
way to add a 3rd-party root certificate to Fennec's certificate store. Now that
Fennec is EOL, we can remove it. (Fenix will need a way to trust 3rd party root
certificates, but the path forward there is to implement the enterprise roots
feature for Android.)
Differential Revision: https://phabricator.services.mozilla.com/D66118
--HG--
extra : moz-landing-system : lando
Bug 1512471 added VerifySSLServerCertParent.cpp, which uses
SSLServerCertVerificationJob::Dispatch, which isn't exposed in a header. It
works in unified builds where the chunking happens to put that file with
SSLServerCertVerification.cpp, but when that changes the build breaks.
Similarly, VerifySSLServerCertChild.cpp uses gPIPNSSLog without declaring it.
Differential Revision: https://phabricator.services.mozilla.com/D66618
--HG--
extra : moz-landing-system : lando
The special handling of PR_SET_NO_NEW_PRIVS can't be overridden with
Allow(); otherwise every thread in the process will repeatedly apply
copies of the policy to itself until it reaches whatever limits the
kernel imposes, and then we crash so we don't continue execution
seemingly unsandboxed. (See also bug 1257361.)
The prctl policy for the socket process is still allow-all after this
patch; it just prevents crashing the socket process on startup on
kernels before 3.17 (which don't support applying the policy atomically
to all threads).
This patch also adds a comment to try to document this failure mode.
Differential Revision: https://phabricator.services.mozilla.com/D66523
--HG--
extra : moz-landing-system : lando
This adds AddRestrictingRandomSid feature, which fixes our issues with
SetLockdownDefaultDacl, apart from when we are running from a network drive.
Differential Revision: https://phabricator.services.mozilla.com/D66610
--HG--
extra : moz-landing-system : lando
This adds AddRestrictingRandomSid feature, which fixes our issues with
SetLockdownDefaultDacl, apart from when we are running from a network drive.
Differential Revision: https://phabricator.services.mozilla.com/D66610
--HG--
extra : moz-landing-system : lando
Add, but don't enable, a sandbox policy to be used with the socket process.
A follow-up fix (bug 1611288) will change the socket process code to use the
sandbox. The macOS socket sandbox is similar to the utility sandbox (only
used for the RDD process), with additions to allow networking I/O, access to
files for DNS resolution, access to certificate stores, and notifications about
network configuration changes.
Differential Revision: https://phabricator.services.mozilla.com/D64682
--HG--
extra : moz-landing-system : lando
Crash annotations in content processes are currently sent over IPC via
shared memory buffers. To pave the way for the Rust rewrite of the exception
handler we are removing this code and gathering all the crash annotations
within the content processes themselves. This patch causes annotations to be
stored in the global table of each content process. They are then streamed
out to the parent process by the exception handler together with the
exception-time annotations.
This has a number of benefits:
* we have one less channel to exchange data between content processes and
the parent process
* we save memory because we don't need to allocate the shared memory buffers
* annotations are faster because we don't stream them all out every time one
changes
* we won't truncate annotations anymore if we run out of space in the shared
segment.
* we don't need delayed annotations anymore, so we can get rid of the
associated machinery
As I refactored the code I tried to adjust all the obsolete comments,
consolidate shared code and remove the redundant steps that were sometimes
present. In many places we had two entire crash annotation tables we merged to
change just a couple; that comes from the fact that historically we loaded
them from disk. Now it doesn't matter anymore and we can just go ahead and
change the ones we care about.
Differential Revision: https://phabricator.services.mozilla.com/D62586
--HG--
extra : moz-landing-system : lando
Cherry-picking the following commits from Chromium to keep file_version_info_win.cpp
up-to-date.
1. Use StringPiece rather than std::string for Version parsing.
15a9d1733f
2. [Cleanup] Un-const the result of base::Version::GetString()
fde745d058
3. Export Windows file version as base::Version
e93de3a37d
4. Tidy FileVersionInfoWin.
4bb23ded3a
Differential Revision: https://phabricator.services.mozilla.com/D65802
Depends on D65744
This patch partially implements `FileVersionInfoWin` and `base::FilePath` class of
Chromium sandbox so that a coming patch can use `base::win::OSInfo::Kernel32BaseVersion()`.
Differential Revision: https://phabricator.services.mozilla.com/D65744
2020-03-06 Kevin Jacobs <kjacobs@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.51 final
[d3e6d637eaec] [NSS_3_51_RTM] <NSS_3_51_BRANCH>
2020-03-03 Kevin Jacobs <kjacobs@mozilla.com>
* .hgtags:
Added tag NSS_3_51_BETA2 for changeset 6e610ed9b196
[bea0b3a5d451] <NSS_3_51_BRANCH>
Differential Revision: https://phabricator.services.mozilla.com/D65817
--HG--
extra : moz-landing-system : lando
When socket process is enabled, parent process needs some information in `CommonSocketControl`, but `CommonSocketControl` is only accessible in socket process.
This patch moves some data members from `CommonSocketControl` to `nsTransportSecurityInfo` and make it possible for parent process to get the needed data.
Differential Revision: https://phabricator.services.mozilla.com/D64084
--HG--
extra : moz-landing-system : lando
2020-02-27 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_gtest.gyp,
gtests/ssl_gtest/ssl_masking_unittest.cc,
gtests/ssl_gtest/tls_filter.cc, gtests/ssl_gtest/tls_filter.h,
gtests/ssl_gtest/tls_hkdf_unittest.cc,
gtests/ssl_gtest/tls_protect.cc, lib/ssl/dtls13con.c,
lib/ssl/ssl3con.c, lib/ssl/ssl3prot.h, lib/ssl/sslexp.h,
lib/ssl/sslimpl.h, lib/ssl/sslinfo.c, lib/ssl/sslprimitive.c,
lib/ssl/sslsock.c, lib/ssl/tls13con.c, lib/ssl/tls13esni.c,
lib/ssl/tls13hkdf.c, lib/ssl/tls13hkdf.h, lib/ssl/tls13replay.c:
Bug 1608892 - Update DTLS 1.3 to draft-34 r=mt
This patch updates the DTLS 1.3 implementation to draft-34. Notable
changes:
1) Key separation via `ssl_protocol_variant`. 2) No longer apply
sequence number masking when in `UNSAFE_FUZZER_MODE`. This allowed
removal of workarounds for unpadded (<16B) ciphertexts being used as
input to `SSL_CreateMask`. 3) Compile ssl_gtests in
`UNSAFE_FUZZER_MODE` iff `--fuzz=tls` was specified. Currently all
gtests are compiled this way if `--fuzz`, but lib/ssl only if
`--fuzz=tls`. (See above, we can't have ssl_gtests in fuzzer mode,
but not lib/ssl, since the masking mismatch will break filters). 4)
Parameterize masking tests, as appropriate. 5) Reject non-empty
legacy_cookie, and test. 6) Reject ciphertexts <16B in length in
`dtls13_MaskSequenceNumber` (if not `UNSAFE_FUZZER_MODE`).
[52a75c5373ef] [tip]
2020-02-24 Jean-Luc Bonnafoux <jeanluc.bonnafoux@wanadoo.fr>
* lib/cryptohi/secsign.c:
Bug 1617387 fix compiler warning r=jcj
[ab0e7e272e36]
2020-02-24 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/common/testvectors/p384ecdh-vectors.h,
gtests/common/testvectors/p521ecdh-vectors.h,
gtests/common/wycheproof/genTestVectors.py,
gtests/common/wycheproof/source_vectors/ecdh_secp384r1_test.json,
gtests/common/wycheproof/source_vectors/ecdh_secp521r1_test.json,
gtests/pk11_gtest/pk11_ecdh_unittest.cc:
Bug 1612259 - Add Wycheproof vectors for P384 and P521 ECDH.
r=bbeurdouche
[badb4da1ec85]
2020-02-19 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/freebl_gtest/mpi_unittest.cc, lib/freebl/mpi/mplogic.h:
Bug 1609751 - Additional tests for mp_comba r=mt
Verify that when clamping, the upper 4 bytes of an `mp_digit` is
checked.
[a5e8c14016cd]
2020-02-19 Jean-Luc Bonnafoux <jeanluc.bonnafoux@wanadoo.fr>
* lib/freebl/ecl/ecp_25519.c:
Bug 1561337: fix compiler warning r=jcj
[4c771e6a79db]
Differential Revision: https://phabricator.services.mozilla.com/D64683
--HG--
extra : moz-landing-system : lando
WebAuthn needs to write a test to confirm it's prohibited when accessed via
an IP address. This adds the capability to get a SecureContext for an IP host.
It uses 127.0.0.2 so as to bypass restrictions on 127.0.0.1, and the use of .1
as a special-market in ssltunnel.
Differential Revision: https://phabricator.services.mozilla.com/D63570
--HG--
extra : moz-landing-system : lando
Introduced in:
8aeca4fa64
Shipping in glib 2.63.5 (available in Debian experimental)
Thanks to @padenot for the suggestion!
Differential Revision: https://phabricator.services.mozilla.com/D63451
--HG--
extra : moz-landing-system : lando
This removes `nsAutoPtr` usage from ipc/. security/ failed to build due to missing includes so I fixed that as well. IDB was using `ThreadLocal` from ipc which had a member changed to a `UniquePtr` so needed to be updated as well. localstorage was missing some includes.
Differential Revision: https://phabricator.services.mozilla.com/D63745
--HG--
extra : moz-landing-system : lando
On macOS, dynamic libraries with thread-local-storage don't get unloaded. So,
if the osclientcerts library gets "unloaded", it doesn't actually go away. We
stop its background thread, so this isn't a problem, but if the osclientcerts
library gets re-enabled, all of its state comes back the same as before. So,
when NSS calls C_Initialize again, things like the manager proxy will already
be initialized. Before this patch, this situation would be an error. This patch
handles this case by dropping the old manager proxy and creating a new one.
Differential Revision: https://phabricator.services.mozilla.com/D63264
--HG--
extra : moz-landing-system : lando
Before this, every time NSS wanted to open a new session (C_OpenSession),
osclientcerts would look for new client certificates/keys in the OS store. It
turns out, NSS wants to open new sessions often, so this was slow. This patch
adds a timestamp to the manager and ensures that it searches for new objects no
more than once every 3 seconds.
Additionally, this patch adds the optimization that if NSS tries to search for
PKCS#11 objects with attributes that osclientcerts doesn't support,
osclientcerts returns an empty search early, rather than enumerating every
object and finding no matches.
In the future we may need to be smarter about how we match objects during
searches. Rather than iterating through every object, we could build lookup
tables that would be much more time efficient.
Differential Revision: https://phabricator.services.mozilla.com/D62982
--HG--
extra : moz-landing-system : lando
2020-02-18 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_version_unittest.cc, lib/ssl/dtlscon.c,
lib/ssl/tls13con.c, lib/ssl/tls13con.h, lib/ssl/tls13exthandle.c:
Bug 1615208 - Send DTLS version numbers in DTLS 1.3
supported_versions extension r=mt
This patch modifies `supported_versions` encodings to reflect DTLS
versions when DTLS1.3 is use. Previously, a DTLS1.3 CH would include
`[0x7f1e, 0x303, 0x302]` instead of the expected `[0x7f1e, 0xfefd,
0xfeff]`, causing compatibility issues.
[9e0d34a6cf91] [tip]
2020-02-12 Mikael Urankar <mikael.urankar@gmail.com>
* lib/freebl/Makefile, lib/freebl/freebl.gyp:
Bug 1612177 - Set -march=armv7 when compiling gcm-arm32-neon, in
order to enable NEON code generation.
[4413841bd26d]
2020-02-14 Dmitry Baryshkov <dbaryshkov@gmail.com>
* gtests/freebl_gtest/blake2b_unittest.cc, lib/freebl/blake2b.c:
Bug 1431940 - remove dereference before NULL check in BLAKE2B code.
r=kjacobs
[5e661906698f]
2020-02-12 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_resumption_unittest.cc, lib/ssl/sslnonce.c:
Bug 1614870 - Free sid->peerID before reallocating in
ssl_DecodeResumptionToken. r=mt
This patch adds a missing `PORT_Free()` when reallocating
`sid->PeerID`, and adds a test for a non-empty PeerID.
[1eb4e00b016e]
Differential Revision: https://phabricator.services.mozilla.com/D63220
--HG--
extra : moz-landing-system : lando
GENERATED_FILES now defaults to python3 unless py2=True is specified as
an argument. All existing GENERATED_FILES scripts and GeneratedFile
templates have the py2=True attribute added, so this patch should
effectively be a no-op.
Going forward, individual scripts can be converted to python3 and their
corresponding py2=True attribute can be deleted. In effect, this patch
will be backed out in pieces until all scripts run in python3, at which
point the py2 attribute itself can be removed.
Differential Revision: https://phabricator.services.mozilla.com/D60919
--HG--
extra : moz-landing-system : lando
GENERATED_FILES now defaults to python3 unless py2=True is specified as
an argument. All existing GENERATED_FILES scripts and GeneratedFile
templates have the py2=True attribute added, so this patch should
effectively be a no-op.
Going forward, individual scripts can be converted to python3 and their
corresponding py2=True attribute can be deleted. In effect, this patch
will be backed out in pieces until all scripts run in python3, at which
point the py2 attribute itself can be removed.
Differential Revision: https://phabricator.services.mozilla.com/D60919
--HG--
extra : moz-landing-system : lando
See bug 1613275 and bug 1607845. In bug 1607845, the aim was to regenerate all
test certificates that would be expiring. Unfortunately, a few were missed:
* build/pgo/certs/ certificate DBs and mochitest.client are regenerated in a
different way than the rest of the certificates in bug 1607845. These would
probably best be addressed by formally documenting the process of
re-generating all of the certificates.
* security/manager/ssl/tests/unit/test_certDB_import/ certificates were
missed by mistake. It's unclear how this happened.
* security/manager/ssl/tests/unit/test_intermediate_preloads/ were missed
because there was no test_intermediate_preloads entry in the TEST_DIRS
section of security/manager/ssl/tests/unit/moz.build, which means that the
build system never knew to re-generate those certificates, even after
un-commenting-out the contents of
security/manager/ssl/tests/unit/test_intermediate_preloads/moz.build
* security/manager/ssl/tests/unit/test_missing_intermediate/missing-intermediate.der
was DER, not PEM, and we don't have a way to automatically re-generate DER
certificates in the same way. However, it didn't even need to be DER.
Differential Revision: https://phabricator.services.mozilla.com/D61712
--HG--
extra : moz-landing-system : lando
GENERATED_FILES now defaults to python3 unless py2=True is specified as
an argument. All existing GENERATED_FILES scripts and GeneratedFile
templates have the py2=True attribute added, so this patch should
effectively be a no-op.
Going forward, individual scripts can be converted to python3 and their
corresponding py2=True attribute can be deleted. In effect, this patch
will be backed out in pieces until all scripts run in python3, at which
point the py2 attribute itself can be removed.
Differential Revision: https://phabricator.services.mozilla.com/D60919
--HG--
extra : moz-landing-system : lando
2020-02-10 Robert Relyea <rrelyea@redhat.com>
* lib/freebl/cmac.c:
Bug 1610687 - Crash on unaligned CMACContext.aes.keySchedule when
using AES-NI intrinsics r=kjacobs
[046a6f5bfb27]
* lib/util/pkcs11t.h:
Bug 1611209 - Value of CKM_AES_CMAC and CKM_AES_CMAC_GENERAL are
swapped r=rrelyea
[df142975f4f6]
2020-02-11 Victor Tapia <victor.tapia@canonical.com>
* lib/pk11wrap/pk11util.c, lib/sysinit/nsssysinit.c:
Bug 1582169 - Disable reading /proc/sys/crypto/fips_enabled if FIPS
is not enabled on build r=jcj,rrelyea
[55ba54adfcae]
2020-02-11 J.C. Jones <jjones@mozilla.com>
* lib/sysinit/nsssysinit.c:
Bug 1614786 - Fixup for ‘getFIPSEnv’ being unused r=kjacobs
Fixes a regression from Bug 1582169
../../lib/sysinit/nsssysinit.c:153:1: error: ‘getFIPSEnv’ defined
but not used [-Werror=unused-function]
[06925efe306b]
2020-02-11 Dana Keeler <dkeeler@mozilla.com>
* cmd/lib/secutil.c,
lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c:
bug 1538980 - null-terminate ascii input in SECU_ReadDERFromFile so
strstr is safe to call r=jcj,kjacobs
[735ed2e47040] [tip]
Differential Revision: https://phabricator.services.mozilla.com/D62451
--HG--
extra : moz-landing-system : lando
This patch implements osclientcerts for macOS.
Because the SDK we build with isn't recent enough, some of the functions we
need aren't guaranteed to be available. To handle this, we load the Security
framework at runtime and attempt to locate the symbols we need. If this
succeeds, then operation proceeds as normal. Otherwise, the module will report
that there are no certificates/keys available.
Differential Revision: https://phabricator.services.mozilla.com/D59957
--HG--
extra : moz-landing-system : lando
This patch implements osclientcerts for macOS.
Because the SDK we build with isn't recent enough, some of the functions we
need aren't guaranteed to be available. To handle this, we load the Security
framework at runtime and attempt to locate the symbols we need. If this
succeeds, then operation proceeds as normal. Otherwise, the module will report
that there are no certificates/keys available.
Differential Revision: https://phabricator.services.mozilla.com/D59957
--HG--
extra : moz-landing-system : lando
2020-02-07 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.50 final
[5bb3927fa234] [NSS_3_50_RTM] <NSS_3_50_BRANCH>
2020-02-05 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_50_BETA2 for changeset b91bbf7a88c9
[a8656c823c1f] <NSS_3_50_BRANCH>
Differential Revision: https://phabricator.services.mozilla.com/D62106
--HG--
extra : moz-landing-system : lando
See bug 1613275 and bug 1607845. In bug 1607845, the aim was to regenerate all
test certificates that would be expiring. Unfortunately, a few were missed:
* build/pgo/certs/ certificate DBs and mochitest.client are regenerated in a
different way than the rest of the certificates in bug 1607845. These would
probably best be addressed by formally documenting the process of
re-generating all of the certificates.
* security/manager/ssl/tests/unit/test_certDB_import/ certificates were
missed by mistake. It's unclear how this happened.
* security/manager/ssl/tests/unit/test_intermediate_preloads/ were missed
because there was no test_intermediate_preloads entry in the TEST_DIRS
section of security/manager/ssl/tests/unit/moz.build, which means that the
build system never knew to re-generate those certificates, even after
un-commenting-out the contents of
security/manager/ssl/tests/unit/test_intermediate_preloads/moz.build
* security/manager/ssl/tests/unit/test_missing_intermediate/missing-intermediate.der
was DER, not PEM, and we don't have a way to automatically re-generate DER
certificates in the same way. However, it didn't even need to be DER.
Differential Revision: https://phabricator.services.mozilla.com/D61712
--HG--
extra : moz-landing-system : lando
Upstream patch:
6bd491daaf%5E%21/#F0
_sifields is a glibc-internal field, and is not available on musl
libc. Instead, use the public-facing fields si_call_addr, si_syscall,
and si_arch, if they are available.
Differential Revision: https://phabricator.services.mozilla.com/D61051
--HG--
extra : moz-landing-system : lando
2020-02-05 J.C. Jones <jjones@mozilla.com>
* lib/softoken/exports.gyp, lib/softoken/manifest.mn,
lib/softoken/pkcs11.c, lib/softoken/sftkdb.c,
lib/softoken/softoken.gyp:
Bug 1609673 - Conditionally compile out all libnssdbm glue if
NSS_DISABLE_DBM is set r=mt
Remove `lgglue` from compilation entirely if DBM is disabled
[b91bbf7a88c9] [NSS_3_50_BETA2] <NSS_3_50_BRANCH>
2020-02-04 Kevin Jacobs <kjacobs@mozilla.com>
* .hgtags:
Added tag NSS_3_50_BETA1 for changeset de6ba04bb1f4
[1201d0d89b72] <NSS_3_50_BRANCH>
Differential Revision: https://phabricator.services.mozilla.com/D61770
--HG--
extra : moz-landing-system : lando
In order to reuse SSLServerCertVerificationJob, this patch exposes SSLServerCertVerificationJob and adds ServerCertVerificationResultCallback for delivering the verification result.
Differential Revision: https://phabricator.services.mozilla.com/D58604
--HG--
extra : moz-landing-system : lando
2020-02-03 Kai Engert <kaie@kuix.de>
* automation/release/nspr-version.txt:
Bug 1612623 - NSS 3.50 should depend on NSPR 4.25. r=kjacobs
[de6ba04bb1f4] [NSS_3_50_BETA1]
2020-01-27 Giulio Benetti <giulio.benetti@benettiengineering.com>
* coreconf/config.gypi, coreconf/config.mk, lib/freebl/Makefile,
lib/freebl/freebl.gyp, lib/freebl/gcm.h:
Bug 1608151 - Introduce NSS_DISABLE_ALTIVEC and disable_altivec
r=jcj
At the moment NSS assumes that every PowerPC64 architecture supports
Altivec but it's not true and this leads to build failure. So add
NSS_DISABLE_ALTIVEC environment variable(and disable_altivec for
gyp) to disable Altivec extension on PowerPC build that don't
support Altivec.
[f2d947817850]
Differential Revision: https://phabricator.services.mozilla.com/D61574
--HG--
extra : moz-landing-system : lando
2020-01-27 J.C. Jones <jjones@mozilla.com>
* lib/freebl/blinit.c:
Bug 1602386 - clang-format r=bustage
[4bf79c4d2954] [tip]
2020-01-27 Piotr Kubaj <pkubaj@FreeBSD.org>
* lib/freebl/Makefile, lib/freebl/blinit.c:
Bug 1602386 - Fix build on FreeBSD/powerpc platforms. r=jcj
FreeBSD has elf_aux_info instead of getauxval, but only since
FreeBSD 12. Previous versions (11 is still supported) don't have any
equivalent and users need to query sysctl manually.
[f2ac5e318886]
2020-01-27 Jan Beich <jbeich@FreeBSD.org>
* lib/freebl/blinit.c:
Bug 1609181 - Detect ARM CPU features on FreeBSD. r=jcj
Implement `getauxval` via `elf_aux_info` to avoid code duplication.
`AT_HWCAP*` can be used on powerpc* and riscv64 as well.
[edb60bae9219]
2020-01-22 Martin Thomson <mt@lowentropy.net>
* lib/zlib/README, lib/zlib/README.nss, lib/zlib/adler32.c,
lib/zlib/compress.c, lib/zlib/crc32.c, lib/zlib/crc32.h,
lib/zlib/deflate.c, lib/zlib/deflate.h, lib/zlib/gzguts.h,
lib/zlib/gzlib.c, lib/zlib/gzread.c, lib/zlib/gzwrite.c,
lib/zlib/infback.c, lib/zlib/inffast.c, lib/zlib/inffixed.h,
lib/zlib/inflate.c, lib/zlib/inflate.h, lib/zlib/inftrees.c,
lib/zlib/trees.c, lib/zlib/trees.h, lib/zlib/uncompr.c,
lib/zlib/zconf.h, lib/zlib/zlib.h, lib/zlib/zutil.c,
lib/zlib/zutil.h:
Bug 1547639 - Update zlib to 1.2.11, r=jcj
[91f3f0749d0b]
* lib/zlib/README.nss, lib/zlib/config.mk, lib/zlib/example.c,
lib/zlib/manifest.mn, lib/zlib/minigzip.c, lib/zlib/vendor.sh,
lib/zlib/zlib.gyp:
Bug 1547639 - Automatic vendoring of zlib, r=jcj
[fc128963a9aa]
Differential Revision: https://phabricator.services.mozilla.com/D61126
--HG--
extra : moz-landing-system : lando
At this point, there is no consumer that uses ContentBlockingLog stored
in the child. This patch removes the following code:
1. Removing nsGlobalWindowOuter::NotifyContentBlockingEvent
2. Removing nsDocLoader::OnContentBlockingEvent
3. Removing contentBlockingEvent in nsISecureBrowserUI.idl
4. Removing mContentBlockingLog from Document.cpp and APIs related to it.
Differential Revision: https://phabricator.services.mozilla.com/D56874
--HG--
extra : moz-landing-system : lando
At this point, there is no consumer that uses ContentBlockingLog stored
in the child. This patch removes the following code:
1. Removing nsGlobalWindowOuter::NotifyContentBlockingEvent
2. Removing nsDocLoader::OnContentBlockingEvent
3. Removing contentBlockingEvent in nsISecureBrowserUI.idl
4. Removing mContentBlockingLog from Document.cpp and APIs related to it.
Differential Revision: https://phabricator.services.mozilla.com/D56874
--HG--
extra : moz-landing-system : lando
MozTrees persist column ordering using the XUL persist="ordinal" attribute. This patch synchronizes MozTree with that old mechanism to restore the ability to save and restore column ordering. Because the persist data will be stored in the same place as before, this should prevent people from losing their column ordering data without requiring data migration.
Differential Revision: https://phabricator.services.mozilla.com/D59763
--HG--
extra : rebase_source : 0474619cb817263d7a56b970c44cf8987d719355
extra : histedit_source : d8ed787170f5dd3ac6e19bf318e1a69c9ad0eac5
2020-01-22 Kai Engert <kaie@kuix.de>
* lib/softoken/lowpbe.c:
Bug 1606992 - Follow-up to also cache most recent PBKDF1 hash (in
addition to PBKDF2 hash). r=kjacobs
[cd55a3a90502] [tip]
2020-01-22 Kevin Jacobs <kjacobs@mozilla.com>
* lib/freebl/aes-x86.c, lib/freebl/rijndael.c, lib/freebl/rijndael.h:
Bug 1608493 - Use AES-NI intrinsics for CBC and ECB decrypt when no
assembly implementation is available. r=mt
AES-NI is currently not used for //CBC// or //ECB decrypt// when an
assembly implementation (`intel-aes.s` or `intel-
aes-x86/64-masm.asm`) is not available. Concretely, this is the case
on MacOS, Linux32, and other non-Linux OSes such as BSD. This patch
adds the plumbing to use AES-NI intrinsics when available.
Before: ``` mode in symmkey opreps cxreps context op time(sec)
thrgput aes_ecb_d 78Mb 256 10T 0 0.000 395.000 0.395 197Mb aes_cbc_e
78Mb 256 10T 0 0.000 392.000 0.393 198Mb aes_cbc_d 78Mb 256 10T 0
0.000 425.000 0.425 183Mb
```
After: ``` mode in symmkey opreps cxreps context op time(sec)
thrgput aes_ecb_d 78Mb 256 10T 0 0.000 39.000 0.039 1Gb aes_cbc_e
78Mb 256 10T 0 0.000 94.000 0.094 831Mb aes_cbc_d 78Mb 256 10T 0
0.000 74.000 0.075 1Gb
```
[9804c76e76f3]
Differential Revision: https://phabricator.services.mozilla.com/D60763
--HG--
extra : moz-landing-system : lando
This was done by:
This was done by applying:
```
diff --git a/python/mozbuild/mozbuild/code-analysis/mach_commands.py b/python/mozbuild/mozbuild/code-analysis/mach_commands.py
index 789affde7bbf..fe33c4c7d4d1 100644
--- a/python/mozbuild/mozbuild/code-analysis/mach_commands.py
+++ b/python/mozbuild/mozbuild/code-analysis/mach_commands.py
@@ -2007,7 +2007,7 @@ class StaticAnalysis(MachCommandBase):
from subprocess import Popen, PIPE, check_output, CalledProcessError
diff_process = Popen(self._get_clang_format_diff_command(commit), stdout=PIPE)
- args = [sys.executable, clang_format_diff, "-p1", "-binary=%s" % clang_format]
+ args = [sys.executable, clang_format_diff, "-p1", "-binary=%s" % clang_format, '-sort-includes']
if not output_file:
args.append("-i")
```
Then running `./mach clang-format -c <commit-hash>`
Then undoing that patch.
Then running check_spidermonkey_style.py --fixup
Then running `./mach clang-format`
I had to fix four things:
* I needed to move <utility> back down in GuardObjects.h because I was hitting
obscure problems with our system include wrappers like this:
0:03.94 /usr/include/stdlib.h:550:14: error: exception specification in declaration does not match previous declaration
0:03.94 extern void *realloc (void *__ptr, size_t __size)
0:03.94 ^
0:03.94 /home/emilio/src/moz/gecko-2/obj-debug/dist/include/malloc_decls.h:53:1: note: previous declaration is here
0:03.94 MALLOC_DECL(realloc, void*, void*, size_t)
0:03.94 ^
0:03.94 /home/emilio/src/moz/gecko-2/obj-debug/dist/include/mozilla/mozalloc.h:22:32: note: expanded from macro 'MALLOC_DECL'
0:03.94 MOZ_MEMORY_API return_type name##_impl(__VA_ARGS__);
0:03.94 ^
0:03.94 <scratch space>:178:1: note: expanded from here
0:03.94 realloc_impl
0:03.94 ^
0:03.94 /home/emilio/src/moz/gecko-2/obj-debug/dist/include/mozmemory_wrap.h:142:41: note: expanded from macro 'realloc_impl'
0:03.94 #define realloc_impl mozmem_malloc_impl(realloc)
Which I really didn't feel like digging into.
* I had to restore the order of TrustOverrideUtils.h and related files in nss
because the .inc files depend on TrustOverrideUtils.h being included earlier.
* I had to add a missing include to RollingNumber.h
* Also had to partially restore include order in JsepSessionImpl.cpp to avoid
some -WError issues due to some static inline functions being defined in a
header but not used in the rest of the compilation unit.
Differential Revision: https://phabricator.services.mozilla.com/D60327
--HG--
extra : moz-landing-system : lando
rg -l 'mozilla/Move.h' | xargs sed -i 's/#include "mozilla\/Move.h"/#include <utility>/g'
Further manual fixups and cleanups to the include order incoming.
Differential Revision: https://phabricator.services.mozilla.com/D60323
--HG--
extra : moz-landing-system : lando
We need to stop relying on the global `this` in order to support ES Modules.
In this case we have `this.DER` (which is exported) and `class DER` in the
same module.
Because of this, changing `this.DER` to `const DER` would lead to an error.
So this change renames the class to avoid the conflict.
Differential Revision: https://phabricator.services.mozilla.com/D60078
--HG--
extra : moz-landing-system : lando
2020-01-15 Kevin Jacobs <kjacobs@mozilla.com>
* lib/freebl/chacha20poly1305.c:
Bug 1574643 - Check for AVX support before using vectorized ChaCha20
decrypt r=jcj
The addition of an AVX support check in `ChaCha20Poly1305_Seal`
seems to have stopped the Encrypt crashes on old Intel CPUs, however
we're seeing new reports from
`Hacl_Chacha20Poly1305_128_aead_decrypt` (which is called from
`ChaCha20Poly1305_Open`). This needs an AVX check as well...
[5f9f410d0b60] [tip]
2020-01-14 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc:
Bug 1573911 - Add RSA Encryption test r=jcj
Add a test for various sizes of RSA encryption input.
[4abc6ff828ab]
2020-01-13 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/common/testvectors/hkdf-vectors.h,
gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_hkdf_unittest.cc:
Bug 1585429 - Add HKDF test vectors r=jcj
Adds test vectors for SHA1/256/384/512 HKDF. This includes the RFC
test vectors, as well as upper-bound length checks for the output
key material.
[239797efc34b]
2020-01-14 J.C. Jones <jjones@mozilla.com>
* coreconf/config.gypi:
Bug 1608327 - Fixup for dc57fe5d65d4, add a default for
softfp_cflags r=bustage
[05b923624b73]
2020-01-14 Sylvestre Ledru <sledru@mozilla.com>
* automation/buildbot-slave/bbenv-example.sh, automation/buildbot-
slave/build.sh, automation/buildbot-slave/reboot.bat, automation
/buildbot-slave/startbuild.bat:
Bug 1607099 - Remove the buildbot configuration r=jcj
[7a87cef808f3]
2020-01-14 Greg V <greg@unrelenting.technology>
* lib/freebl/blinit.c:
Bug 1575843 - Detect AArch64 CPU features on FreeBSD r=jcj
Environment checks are reogranized to be separate from platform code
to make it impossible to forget to check disable_FEATURE on one
platform but not the other.
[fbde548e8114]
2020-01-14 Mike Hommey <mh@glandium.org>
* lib/freebl/Makefile, lib/freebl/aes-armv8.c, lib/freebl/freebl.gyp,
lib/freebl/gcm-arm32-neon.c, lib/freebl/gcm.c,
lib/freebl/rijndael.c:
Bug 1608327 - Fix freebl arm NEON code use on tier3 platforms. r=jcj
Despite the code having runtime detection of NEON and crypto
extensions, the optimized code using those instructions is disabled
at build time on platforms where the compiler doesn't enable NEON by
default of with the flags it's given for the caller code.
In the case of gcm, this goes as far as causing a build error.
What is needed is for the optimized code to be enabled in every
case, letting the caller code choose whether to use that code based
on the existing runtime checks.
But this can't be simply done either, because those optimized parts
of the code need to be built with NEON enabled, unconditionally, but
that is not compatible with platforms using the softfloat ABI. For
those, we need to use the softfp ABI, which is compatible. However,
the softfp ABI is not compatible with the hardfp ABI, so we also
can't unconditionally use the softfp ABI, so we do so only when the
compiler targets the softfloat ABI, which confusingly enough is
advertized via the `__SOFTFP__` define.
[dc57fe5d65d4]
2020-01-14 Franziskus Kiefer <franziskuskiefer@gmail.com>
* automation/saw/chacha20.saw, automation/taskcluster/docker-
builds/Dockerfile, automation/taskcluster/docker-
hacl/B6C8F98282B944E3B0D5C2530FC3042E345AD05D.asc,
automation/taskcluster/docker-hacl/Dockerfile,
automation/taskcluster/docker-hacl/bin/checkout.sh,
automation/taskcluster/docker-hacl/license.txt,
automation/taskcluster/docker-hacl/setup-user.sh,
automation/taskcluster/docker-hacl/setup.sh,
automation/taskcluster/graph/src/extend.js,
automation/taskcluster/scripts/run_hacl.sh,
gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
lib/freebl/Makefile, lib/freebl/blapii.h, lib/freebl/blinit.c,
lib/freebl/chacha20poly1305.c, lib/freebl/det_rng.c,
lib/freebl/ecl/curve25519_64.c, lib/freebl/freebl.gyp,
lib/freebl/freebl_base.gypi, nss-tool/hw-support.c:
Bug 1574643 - NSS changes for haclv2 r=jcj,kjacobs
This patch contains the changes in NSS, necessary to pick up HACL*v2
in D55413. It has a couple of TODOs:
* The chacha20 saw verification fails for some reason; it's disabled
pending Bug 1604130.
* The hacl task on CI requires Bug 1593647 to get fixed.
Depends on D55413.
[a8df94132dd3]
2019-12-21 Franziskus Kiefer <franziskuskiefer@gmail.com>
* lib/freebl/verified/FStar.c, lib/freebl/verified/FStar.h,
lib/freebl/verified/Hacl_Chacha20.c,
lib/freebl/verified/Hacl_Chacha20.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.h,
lib/freebl/verified/Hacl_Chacha20_Vec128.c,
lib/freebl/verified/Hacl_Chacha20_Vec128.h,
lib/freebl/verified/Hacl_Curve25519.c,
lib/freebl/verified/Hacl_Curve25519.h,
lib/freebl/verified/Hacl_Curve25519_51.c,
lib/freebl/verified/Hacl_Curve25519_51.h,
lib/freebl/verified/Hacl_Kremlib.h,
lib/freebl/verified/Hacl_Poly1305_128.c,
lib/freebl/verified/Hacl_Poly1305_128.h,
lib/freebl/verified/Hacl_Poly1305_32.c,
lib/freebl/verified/Hacl_Poly1305_32.h,
lib/freebl/verified/Hacl_Poly1305_64.c,
lib/freebl/verified/Hacl_Poly1305_64.h,
lib/freebl/verified/kremlib.h, lib/freebl/verified/kremlib_base.h,
lib/freebl/verified/kremlin/include/kremlin/internal/callconv.h,
lib/freebl/verified/kremlin/include/kremlin/internal/compat.h,
lib/freebl/verified/kremlin/include/kremlin/internal/target.h,
lib/freebl/verified/kremlin/include/kremlin/internal/types.h,
lib/freebl/verified/kremlin/include/kremlin/lowstar_endianness.h,
lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h, li
b/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128_Verifie
d.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt_8_1
6_32_64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/LowStar_
Endianness.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar
_uint128_gcc64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/f
star_uint128_msvc.h, lib/freebl/verified/libintvector.h,
lib/freebl/verified/specs/Spec.CTR.fst,
lib/freebl/verified/specs/Spec.Chacha20.fst,
lib/freebl/verified/specs/Spec.Curve25519.fst,
lib/freebl/verified/specs/Spec.Poly1305.fst,
lib/freebl/verified/vec128.h:
Bug 1574643 - haclv2 code r=kjacobs
This updates the in-tree version of our existing HACL* code to v2,
replacing what we have already. Once this landed NSS can pick up
more (faster) code from HACL*.
[5bf2547d671f]
2020-01-13 Kevin Jacobs <kjacobs@mozilla.com>
* automation/taskcluster/windows/build_gyp.sh:
Bug 1608895 - Install setuptools<45.0.0 until workers are upgraded
to python3 r=jcj
[[ https://setuptools.readthedocs.io/en/latest/history.html#v45-0-0
| Setuptools 45.0.0 ]] drops support for Python2, which our Windows
workers are running.
This patch installs the prior version during build, in order to
unblock CI until the workers can be upgraded.
[64c5410f98e0]
Differential Revision: https://phabricator.services.mozilla.com/D60086
--HG--
extra : moz-landing-system : lando
2020-01-13 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/common/testvectors/hkdf-vectors.h,
gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_hkdf_unittest.cc:
Bug 1585429 - Add HKDF test vectors r=jcj
Adds test vectors for SHA1/256/384/512 HKDF. This includes the RFC
test vectors, as well as upper-bound length checks for the output
key material.
[239797efc34b] [tip]
2020-01-14 J.C. Jones <jjones@mozilla.com>
* coreconf/config.gypi:
Bug 1608327 - Fixup for dc57fe5d65d4, add a default for
softfp_cflags r=bustage
[05b923624b73]
2020-01-14 Sylvestre Ledru <sledru@mozilla.com>
* automation/buildbot-slave/bbenv-example.sh, automation/buildbot-
slave/build.sh, automation/buildbot-slave/reboot.bat, automation
/buildbot-slave/startbuild.bat:
Bug 1607099 - Remove the buildbot configuration r=jcj
[7a87cef808f3]
2020-01-14 Greg V <greg@unrelenting.technology>
* lib/freebl/blinit.c:
Bug 1575843 - Detect AArch64 CPU features on FreeBSD r=jcj
Environment checks are reogranized to be separate from platform code
to make it impossible to forget to check disable_FEATURE on one
platform but not the other.
[fbde548e8114]
2020-01-14 Mike Hommey <mh@glandium.org>
* lib/freebl/Makefile, lib/freebl/aes-armv8.c, lib/freebl/freebl.gyp,
lib/freebl/gcm-arm32-neon.c, lib/freebl/gcm.c,
lib/freebl/rijndael.c:
Bug 1608327 - Fix freebl arm NEON code use on tier3 platforms. r=jcj
Despite the code having runtime detection of NEON and crypto
extensions, the optimized code using those instructions is disabled
at build time on platforms where the compiler doesn't enable NEON by
default of with the flags it's given for the caller code.
In the case of gcm, this goes as far as causing a build error.
What is needed is for the optimized code to be enabled in every
case, letting the caller code choose whether to use that code based
on the existing runtime checks.
But this can't be simply done either, because those optimized parts
of the code need to be built with NEON enabled, unconditionally, but
that is not compatible with platforms using the softfloat ABI. For
those, we need to use the softfp ABI, which is compatible. However,
the softfp ABI is not compatible with the hardfp ABI, so we also
can't unconditionally use the softfp ABI, so we do so only when the
compiler targets the softfloat ABI, which confusingly enough is
advertized via the `__SOFTFP__` define.
[dc57fe5d65d4]
2020-01-14 Franziskus Kiefer <franziskuskiefer@gmail.com>
* automation/saw/chacha20.saw, automation/taskcluster/docker-
builds/Dockerfile, automation/taskcluster/docker-
hacl/B6C8F98282B944E3B0D5C2530FC3042E345AD05D.asc,
automation/taskcluster/docker-hacl/Dockerfile,
automation/taskcluster/docker-hacl/bin/checkout.sh,
automation/taskcluster/docker-hacl/license.txt,
automation/taskcluster/docker-hacl/setup-user.sh,
automation/taskcluster/docker-hacl/setup.sh,
automation/taskcluster/graph/src/extend.js,
automation/taskcluster/scripts/run_hacl.sh,
gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
lib/freebl/Makefile, lib/freebl/blapii.h, lib/freebl/blinit.c,
lib/freebl/chacha20poly1305.c, lib/freebl/det_rng.c,
lib/freebl/ecl/curve25519_64.c, lib/freebl/freebl.gyp,
lib/freebl/freebl_base.gypi, nss-tool/hw-support.c:
Bug 1574643 - NSS changes for haclv2 r=jcj,kjacobs
This patch contains the changes in NSS, necessary to pick up HACL*v2
in D55413. It has a couple of TODOs:
* The chacha20 saw verification fails for some reason; it's disabled
pending Bug 1604130.
* The hacl task on CI requires Bug 1593647 to get fixed.
Depends on D55413.
[a8df94132dd3]
2019-12-21 Franziskus Kiefer <franziskuskiefer@gmail.com>
* lib/freebl/verified/FStar.c, lib/freebl/verified/FStar.h,
lib/freebl/verified/Hacl_Chacha20.c,
lib/freebl/verified/Hacl_Chacha20.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.h,
lib/freebl/verified/Hacl_Chacha20_Vec128.c,
lib/freebl/verified/Hacl_Chacha20_Vec128.h,
lib/freebl/verified/Hacl_Curve25519.c,
lib/freebl/verified/Hacl_Curve25519.h,
lib/freebl/verified/Hacl_Curve25519_51.c,
lib/freebl/verified/Hacl_Curve25519_51.h,
lib/freebl/verified/Hacl_Kremlib.h,
lib/freebl/verified/Hacl_Poly1305_128.c,
lib/freebl/verified/Hacl_Poly1305_128.h,
lib/freebl/verified/Hacl_Poly1305_32.c,
lib/freebl/verified/Hacl_Poly1305_32.h,
lib/freebl/verified/Hacl_Poly1305_64.c,
lib/freebl/verified/Hacl_Poly1305_64.h,
lib/freebl/verified/kremlib.h, lib/freebl/verified/kremlib_base.h,
lib/freebl/verified/kremlin/include/kremlin/internal/callconv.h,
lib/freebl/verified/kremlin/include/kremlin/internal/compat.h,
lib/freebl/verified/kremlin/include/kremlin/internal/target.h,
lib/freebl/verified/kremlin/include/kremlin/internal/types.h,
lib/freebl/verified/kremlin/include/kremlin/lowstar_endianness.h,
lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h, li
b/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128_Verifie
d.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt_8_1
6_32_64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/LowStar_
Endianness.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar
_uint128_gcc64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/f
star_uint128_msvc.h, lib/freebl/verified/libintvector.h,
lib/freebl/verified/specs/Spec.CTR.fst,
lib/freebl/verified/specs/Spec.Chacha20.fst,
lib/freebl/verified/specs/Spec.Curve25519.fst,
lib/freebl/verified/specs/Spec.Poly1305.fst,
lib/freebl/verified/vec128.h:
Bug 1574643 - haclv2 code r=kjacobs
This updates the in-tree version of our existing HACL* code to v2,
replacing what we have already. Once this landed NSS can pick up
more (faster) code from HACL*.
[5bf2547d671f]
2020-01-13 Kevin Jacobs <kjacobs@mozilla.com>
* automation/taskcluster/windows/build_gyp.sh:
Bug 1608895 - Install setuptools<45.0.0 until workers are upgraded
to python3 r=jcj
[[ https://setuptools.readthedocs.io/en/latest/history.html#v45-0-0
| Setuptools 45.0.0 ]] drops support for Python2, which our Windows
workers are running.
This patch installs the prior version during build, in order to
unblock CI until the workers can be upgraded.
[64c5410f98e0]
Differential Revision: https://phabricator.services.mozilla.com/D59928
--HG--
extra : moz-landing-system : lando
2020-01-11 Kai Engert <kaie@kuix.de>
* lib/softoken/lowpbe.c, lib/softoken/pkcs11.c:
Bug 1606992 - Cache the most recent PBKDF2 password hash, to speed
up repeated SDR operations. r=jcj
[a06bd0f6bbe8] [tip]
Differential Revision: https://phabricator.services.mozilla.com/D59741
--HG--
extra : moz-landing-system : lando
2020-01-07 J.C. Jones <jjones@mozilla.com>
* tests/fips/cavs_samples/KBKDF/fax/KBKDFCounter.fax.orig,
tests/fips/cavs_samples/KBKDF/req/KBKDFCounter.req.orig:
Bug 1599603 - Remove .orig files accidentally committed in
4349f611f7b96de63934837d6940095ac1a5db33 r=bustage
[4921046404f1] [tip]
2020-01-07 Giulio Benetti <giulio.benetti@benettiengineering.com>
* cmd/signtool/manifest.mn, lib/ssl/manifest.mn:
Bug 1603438 - Fix native tools build failure due to lack of zlib
include dir if external r=jcj
Add ZLIB_INCLUDE_DIR variable
On Linux platform[1], the build system forces to use zlib from the
system instead of compiling the one located intree.
The following error is raised when the zlib header is installed
somewhere else than in the default system include path:
ssl3con.c:39:18: fatal error: zlib.h: No such file or directory
#include "zlib.h"
The same trick setup for sqlite include directory is reproduced for
zlib. The build system disallows in any manner to give arguments to
the compiler explicity.
The variable ZLIB_INCLUDE_DIR point to the directory where the zlib
header is located.
[1]: https://hg.mozilla.org/projects/nss/file/NSS_3_33_BRANCH/coreco
nf/Linux.mk#l180 [2]: https://hg.mozilla.org/projects/nss/file/NSS_3
_33_BRANCH/lib/softoken/manifest.mn#l17
[477d370d1bab]
2020-01-06 Kevin Jacobs <kjacobs@mozilla.com>
* cpputil/databuffer.h, cpputil/scoped_ptrs_ssl.h,
cpputil/tls_parser.h, gtests/ssl_gtest/manifest.mn,
gtests/ssl_gtest/ssl_aead_unittest.cc,
gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
gtests/ssl_gtest/ssl_drop_unittest.cc,
gtests/ssl_gtest/ssl_gtest.gyp,
gtests/ssl_gtest/ssl_masking_unittest.cc,
gtests/ssl_gtest/ssl_primitive_unittest.cc,
gtests/ssl_gtest/ssl_record_unittest.cc,
gtests/ssl_gtest/ssl_recordsize_unittest.cc,
gtests/ssl_gtest/ssl_tls13compat_unittest.cc,
gtests/ssl_gtest/tls_agent.cc, gtests/ssl_gtest/tls_filter.cc,
gtests/ssl_gtest/tls_filter.h, gtests/ssl_gtest/tls_protect.cc,
gtests/ssl_gtest/tls_protect.h, lib/ssl/dtls13con.c,
lib/ssl/dtls13con.h, lib/ssl/dtlscon.c, lib/ssl/dtlscon.h,
lib/ssl/ssl3con.c, lib/ssl/ssl3gthr.c, lib/ssl/ssl3prot.h,
lib/ssl/sslexp.h, lib/ssl/sslimpl.h, lib/ssl/sslprimitive.c,
lib/ssl/sslsock.c, lib/ssl/sslspec.c, lib/ssl/sslspec.h,
lib/ssl/tls13con.c, lib/ssl/tls13con.h:
Bug 1599514 - Update DTLS 1.3 support to draft-30 r=mt
This patch updates the DTLS 1.3 implementation to draft version 30,
including unified header format and sequence number encryption.
Also added are new `SSL_CreateMask` experimental functions.
[8b7f0180c5b0]
2020-01-06 Robert Relyea <rrelyea@redhat.com>
* cmd/fipstest/fipstest.c, gtests/pk11_gtest/manifest.mn,
gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_kbkdf.cc,
lib/softoken/kbkdf.c, lib/softoken/manifest.mn,
lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c,
lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c,
lib/softoken/sftkhmac.c, lib/softoken/softoken.gyp,
lib/util/pkcs11n.h, lib/util/pkcs11t.h,
tests/fips/cavs_samples/KBKDF/fax/KBKDFCounter.fax,
tests/fips/cavs_samples/KBKDF/fax/KBKDFCounter.fax.orig,
tests/fips/cavs_samples/KBKDF/fax/README,
tests/fips/cavs_samples/KBKDF/req/KBKDFCounter.req,
tests/fips/cavs_samples/KBKDF/req/KBKDFCounter.req.orig,
tests/fips/cavs_samples/KBKDF/req/README,
tests/fips/cavs_scripts/README, tests/fips/cavs_scripts/kbkdf.sh,
tests/fips/cavs_scripts/runtest.sh:
This implements NIST SP800-108 Counter, Feedback, and Double
Pipeline mode KDFs suitable for use in SCP03 and other protocols.
These KDFs were introduced in PKCS#11 v3.0.
Resolves: BZ#1599603
[4349f611f7b9]
2020-01-03 J.C. Jones <jjones@mozilla.com>
* automation/abi-check/previous-nss-release, lib/nss/nss.h,
lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.50 Beta
[569ca5b163e7]
Differential Revision: https://phabricator.services.mozilla.com/D59210
--HG--
rename : security/nss/gtests/ssl_gtest/ssl_primitive_unittest.cc => security/nss/gtests/ssl_gtest/ssl_aead_unittest.cc
extra : moz-landing-system : lando
2020-01-03 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.49 final
[d41f5350554e] [NSS_3_49_RTM] <NSS_3_49_BRANCH>
2020-01-02 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_version_unittest.cc, lib/ssl/ssl3con.c:
Bug 1513586 - Set downgrade sentinel for client TLS versions lower
than 1.2. r=mt
Per-[[ https://tools.ietf.org/html/rfc8446#section-4.1.3 | RFC 8446
]], the downgrade sentinel must be set by a TLS 1.3 server (and
should be set by a TLS 1.2 server) that negotiates TLS 1.0 or 1.1.
This patch corrects the behavior and adds a test.
[993717228da0]
2020-01-02 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_49_BETA1 for changeset 9ecd41cd2fa3
[62d36f2ee1cc]
Differential Revision: https://phabricator.services.mozilla.com/D58655
--HG--
extra : moz-landing-system : lando
The remote agent is an implementation of a subset of
the Chromium Remote Debugging Protocol (CDP) for Gecko.
For similar reasons as Marionette it needs the ability to call
nsCertOverrideService::SetDisableAllSecurityChecksAndLetAttackersInterceptMyData().
It calls this method from remote/domains/parent/Security.jsm which
implements the Security.setIgnoreCertificateErrors protocol method.
The remote agent is slated to replace Marionette, but there is
currently no timeline for this.
Differential Revision: https://phabricator.services.mozilla.com/D58435
--HG--
extra : moz-landing-system : lando
It must only be possible to call
nsCertOverrideService::SetDisableAllSecurityChecksAndLetAttackersInterceptMyData()
when Marionette is actually active, but the MOZ_MARIONETTE environment
variable can in theory be set by any user.
MOZ_MARIONETTE was introduced to support in-application restarts
so that the forked main process knows to re-initialise Marionette.
This makes it approximately equivalent to passing the --marionette flag.
Because Marionette can be started and stopped at runtime through
modifying the marionette.enabled preference, and Marionette never
resets MOZ_MARIONETTE, this makes it theoretically possible that
a future caller could circumvent this security check.
This is however not a security problem at present because the
method is only ever called from within testing/marionette/cert.js,
which itself is never called unless Marionette indeed is active.
Still, it would be safer for this to use nsIMarionette.running()
which returns true whenever the Marionette server is listening for
connections, and false when the Marionette automation protocol is
not enabled.
Differential Revision: https://phabricator.services.mozilla.com/D58434
--HG--
extra : moz-landing-system : lando
The remote agent is an implementation of a subset of
the Chromium Remote Debugging Protocol (CDP) for Gecko.
For similar reasons as Marionette it needs the ability to call
nsCertOverrideService::SetDisableAllSecurityChecksAndLetAttackersInterceptMyData().
It calls this method from remote/domains/parent/Security.jsm which
implements the Security.setIgnoreCertificateErrors protocol method.
The remote agent is slated to replace Marionette, but there is
currently no timeline for this.
Differential Revision: https://phabricator.services.mozilla.com/D58435
--HG--
extra : moz-landing-system : lando
It must only be possible to call
nsCertOverrideService::SetDisableAllSecurityChecksAndLetAttackersInterceptMyData()
when Marionette is actually active, but the MOZ_MARIONETTE environment
variable can in theory be set by any user.
MOZ_MARIONETTE was introduced to support in-application restarts
so that the forked main process knows to re-initialise Marionette.
This makes it approximately equivalent to passing the --marionette flag.
Because Marionette can be started and stopped at runtime through
modifying the marionette.enabled preference, and Marionette never
resets MOZ_MARIONETTE, this makes it theoretically possible that
a future caller could circumvent this security check.
This is however not a security problem at present because the
method is only ever called from within testing/marionette/cert.js,
which itself is never called unless Marionette indeed is active.
Still, it would be safer for this to use nsIMarionette.running()
which returns true whenever the Marionette server is listening for
connections, and false when the Marionette automation protocol is
not enabled.
Differential Revision: https://phabricator.services.mozilla.com/D58434
--HG--
extra : moz-landing-system : lando
2020-01-02 Giulio Benetti <giulio.benetti@benettiengineering.com>
* lib/ssl/sslsnce.c:
Bug 1606025 - Remove -Wmaybe-uninitialized warning in sslsnce.c
r=jcj
(Amended by jcj to also set privKeyCopy to NULL)
[9ecd41cd2fa3] [NSS_3_49_BETA1]
* lib/freebl/gcm.h:
Bug 1606119 - Fix PPC HW Crypto build failure r=jcj
All Altivec *_be() functions are supported from gcc version 8.x not
5.x so modify gcc version check that at the moment cause build
failure due to missing Altivec *_be() functions.
[7ab634a7d772]
2020-01-01 Alex Henrie <alexhenrie24@gmail.com>
* cmd/modutil/install-ds.c:
Bug 1605545 - Fix memory leak in Pk11Install_Platform_Generate. r=mt
[748b308170a4]
Differential Revision: https://phabricator.services.mozilla.com/D58541
--HG--
extra : moz-landing-system : lando
2019-12-20 J.C. Jones <jjones@mozilla.com>
* lib/freebl/verified/FStar.c, lib/freebl/verified/FStar.h,
lib/freebl/verified/Hacl_Chacha20.c,
lib/freebl/verified/Hacl_Chacha20.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.h,
lib/freebl/verified/Hacl_Chacha20_Vec128.c,
lib/freebl/verified/Hacl_Chacha20_Vec128.h,
lib/freebl/verified/Hacl_Curve25519.c,
lib/freebl/verified/Hacl_Curve25519.h,
lib/freebl/verified/Hacl_Curve25519_51.c,
lib/freebl/verified/Hacl_Curve25519_51.h,
lib/freebl/verified/Hacl_Kremlib.h,
lib/freebl/verified/Hacl_Poly1305_128.c,
lib/freebl/verified/Hacl_Poly1305_128.h,
lib/freebl/verified/Hacl_Poly1305_32.c,
lib/freebl/verified/Hacl_Poly1305_32.h,
lib/freebl/verified/Hacl_Poly1305_64.c,
lib/freebl/verified/Hacl_Poly1305_64.h,
lib/freebl/verified/kremlib.h, lib/freebl/verified/kremlib_base.h,
lib/freebl/verified/kremlin/include/kremlin/internal/callconv.h,
lib/freebl/verified/kremlin/include/kremlin/internal/compat.h,
lib/freebl/verified/kremlin/include/kremlin/internal/target.h,
lib/freebl/verified/kremlin/include/kremlin/internal/types.h,
lib/freebl/verified/kremlin/include/kremlin/lowstar_endianness.h,
lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h, li
b/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128_Verifie
d.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt_8_1
6_32_64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/LowStar_
Endianness.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar
_uint128_gcc64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/f
star_uint128_msvc.h, lib/freebl/verified/libintvector.h,
lib/freebl/verified/specs/Spec.CTR.fst,
lib/freebl/verified/specs/Spec.Chacha20.fst,
lib/freebl/verified/specs/Spec.Curve25519.fst,
lib/freebl/verified/specs/Spec.Poly1305.fst,
lib/freebl/verified/vec128.h:
Backed out changeset c351b2f60b40 (Bug 1574643) for crashes on early
SSE4 CPUs
[b6eb18f04260] [tip]
* automation/saw/chacha20.saw, automation/taskcluster/docker-
builds/Dockerfile, automation/taskcluster/docker-
hacl/B6C8F98282B944E3B0D5C2530FC3042E345AD05D.asc,
automation/taskcluster/docker-hacl/Dockerfile,
automation/taskcluster/docker-hacl/bin/checkout.sh,
automation/taskcluster/docker-hacl/license.txt,
automation/taskcluster/docker-hacl/setup-user.sh,
automation/taskcluster/docker-hacl/setup.sh,
automation/taskcluster/graph/src/extend.js,
automation/taskcluster/scripts/run_hacl.sh,
gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
lib/freebl/Makefile, lib/freebl/blapii.h, lib/freebl/blinit.c,
lib/freebl/chacha20poly1305.c, lib/freebl/det_rng.c,
lib/freebl/ecl/curve25519_64.c, lib/freebl/freebl.gyp,
lib/freebl/freebl_base.gypi, nss-tool/hw-support.c:
Backed out changeset ac51d2490f9c (Bug 1574643) for crashes on early
SSE4 CPUs
[f6d8c73584e0]
2019-12-19 Giulio Benetti <giulio.benetti@benettiengineering.com>
* coreconf/Linux.mk, coreconf/config.gypi:
Bug 1602288 - Fix build failure due to missing posix signal.h
r=kjacobs
[82bae6299c8e]
2019-12-12 Makoto Kato <m_kato@ga2.so-net.ne.jp>
* lib/freebl/blinit.c, lib/freebl/ctr.c, lib/freebl/freebl.gyp,
lib/freebl/rijndael.c:
Bug 1588714 - Implement CheckARMSupport for Win64/aarch64. r=kjacobs
aarch64 doesn't have `cpuid` like instruction set. Actually, we use
getauxval system call on Linux/aarch64 to check CPU features.
Windows has `IsProcessorFeaturePresent` API to get CPU features, so
we should use it to check whether current CPU supports ARM Crypto
extension.
[3ba8a584ddea]
Differential Revision: https://phabricator.services.mozilla.com/D58060
--HG--
extra : moz-landing-system : lando
Bug 1603999 changed the environment so that whether you can enter the chroot is
passed as the first character in the environment variable. This caused all
content processes that don't enter the chroot to crash. This can happen
trivially with any sandbox level < 4.
Differential Revision: https://phabricator.services.mozilla.com/D57927
--HG--
extra : moz-landing-system : lando
This changeset is a simple find and replace of `MOZ_FALLTHROUGH` and `[[fallthrough]]`.
Unfortunately, the MOZ_FALLTHROUGH_ASSERT macro (to assert on case fallthrough in debug builds) is still necessary after switching from [[clang::fallthrough]] to [[fallthrough]] because:
* MOZ_ASSERT(false) followed by [[fallthrough]] triggers a -Wunreachable-code warning in DEBUG builds
* but MOZ_ASSERT(false) without [[fallthrough]] triggers a -Wimplicit-fallthrough warning in NDEBUG builds.
Differential Revision: https://phabricator.services.mozilla.com/D56440
--HG--
extra : moz-landing-system : lando
2019-12-18 Franziskus Kiefer <franziskuskiefer@gmail.com>
* automation/saw/chacha20.saw, automation/taskcluster/docker-
builds/Dockerfile, automation/taskcluster/docker-
hacl/B6C8F98282B944E3B0D5C2530FC3042E345AD05D.asc,
automation/taskcluster/docker-hacl/Dockerfile,
automation/taskcluster/docker-hacl/bin/checkout.sh,
automation/taskcluster/docker-hacl/license.txt,
automation/taskcluster/docker-hacl/setup-user.sh,
automation/taskcluster/docker-hacl/setup.sh,
automation/taskcluster/graph/src/extend.js,
automation/taskcluster/scripts/run_hacl.sh,
gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
lib/freebl/Makefile, lib/freebl/blapii.h, lib/freebl/blinit.c,
lib/freebl/chacha20poly1305.c, lib/freebl/det_rng.c,
lib/freebl/ecl/curve25519_64.c, lib/freebl/freebl.gyp,
lib/freebl/freebl_base.gypi, nss-tool/hw-support.c:
Bug 1574643 - NSS changes for haclv2 r=jcj,kjacobs
This patch contains the changes in NSS, necessary to pick up HACL*v2
in D55413. It has a couple of TODOs:
* The chacha20 saw verification fails for some reason; it's disabled
pending Bug 1604130.
* The hacl task on CI requires Bug 1593647 to get fixed.
Depends on D55413.
[ac51d2490f9c] [tip]
* lib/freebl/verified/FStar.c, lib/freebl/verified/FStar.h,
lib/freebl/verified/Hacl_Chacha20.c,
lib/freebl/verified/Hacl_Chacha20.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_128.h,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.c,
lib/freebl/verified/Hacl_Chacha20Poly1305_32.h,
lib/freebl/verified/Hacl_Chacha20_Vec128.c,
lib/freebl/verified/Hacl_Chacha20_Vec128.h,
lib/freebl/verified/Hacl_Curve25519.c,
lib/freebl/verified/Hacl_Curve25519.h,
lib/freebl/verified/Hacl_Curve25519_51.c,
lib/freebl/verified/Hacl_Curve25519_51.h,
lib/freebl/verified/Hacl_Kremlib.h,
lib/freebl/verified/Hacl_Poly1305_128.c,
lib/freebl/verified/Hacl_Poly1305_128.h,
lib/freebl/verified/Hacl_Poly1305_32.c,
lib/freebl/verified/Hacl_Poly1305_32.h,
lib/freebl/verified/Hacl_Poly1305_64.c,
lib/freebl/verified/Hacl_Poly1305_64.h,
lib/freebl/verified/kremlib.h, lib/freebl/verified/kremlib_base.h,
lib/freebl/verified/kremlin/include/kremlin/internal/callconv.h,
lib/freebl/verified/kremlin/include/kremlin/internal/compat.h,
lib/freebl/verified/kremlin/include/kremlin/internal/target.h,
lib/freebl/verified/kremlin/include/kremlin/internal/types.h,
lib/freebl/verified/kremlin/include/kremlin/lowstar_endianness.h,
lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h, li
b/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128_Verifie
d.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt_8_1
6_32_64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/LowStar_
Endianness.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar
_uint128_gcc64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/f
star_uint128_msvc.h, lib/freebl/verified/libintvector.h,
lib/freebl/verified/specs/Spec.CTR.fst,
lib/freebl/verified/specs/Spec.Chacha20.fst,
lib/freebl/verified/specs/Spec.Curve25519.fst,
lib/freebl/verified/specs/Spec.Poly1305.fst,
lib/freebl/verified/vec128.h:
Bug 1574643 - haclv2 code r=kjacobs
This updates the in-tree version of our existing HACL* code to v2,
replacing what we have already. Once this landed NSS can pick up
more (faster) code from HACL*.
[c351b2f60b40]
Differential Revision: https://phabricator.services.mozilla.com/D57821
--HG--
extra : moz-landing-system : lando
- make the fork server use the same sandbox level as content processes to make preloading work correctly.
- pass |canChroot| through env instead of hard coding.
Differential Revision: https://phabricator.services.mozilla.com/D57221
--HG--
extra : moz-landing-system : lando
Intermediate preloading telemetry is overwhelmingly "failedToObserve", which at
the moment is a catch-all indicating that something in
updatePreloadedIntermediates failed. We need to figure out why, so this patch
re-purposes the categories "emptyAttachment", "failedToFetch", and
"unexpectedLength", which are currently not used, to indicate failures in
specific sub-operations in that function.
Differential Revision: https://phabricator.services.mozilla.com/D57676
--HG--
extra : moz-landing-system : lando
The OS APIs used by the osclientcerts module aren't guaranteed to be
thread-safe. To deal with this, this patch introduces a dedicated thread to
perform these operations.
Differential Revision: https://phabricator.services.mozilla.com/D56465
--HG--
extra : moz-landing-system : lando
2019-11-25 Robert Relyea <rrelyea@redhat.com>
* lib/softoken/legacydb/keydb.c, lib/softoken/legacydb/lgcreate.c,
lib/softoken/legacydb/lgdb.h, lib/softoken/legacydb/lginit.c,
lib/softoken/lgglue.c, lib/softoken/lowpbe.c, lib/softoken/lowpbe.h,
lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h,
lib/softoken/pkcs11u.c, lib/softoken/sdb.c, lib/softoken/sdb.h,
lib/softoken/sftkdb.c, lib/softoken/sftkdb.h,
lib/softoken/sftkdbti.h, lib/softoken/sftkpwd.c, lib/util/pkcs11n.h:
Bug 1585189 - Changed the algorithm used to encrypt NSS database
entries, from 3DES to AES256.
Our NSS DB uses 3DES internally to encrypt their entries. This patch
changes the default algorithm for AES256 to increase the security.
This patch also adds code to use AES Wrap in the future. It also
adds an integrity check to the AES256 CBC. The change only affects
sqlite databases.
bob
[fc636973ad06] [tip]
2019-12-12 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
lib/softoken/pkcs11c.c:
Bug 1603257 - Fix UBSAN issue in softoken CKM_NSS_CHACHA20_CTR
initialization r=mt
This patch adds an explicit cast to fix a UBSAN issue that was
flagged in https://treeherder.mozilla.org/#/jobs?repo=nss-
try&selectedJob=280720441.
It also updates the test to use a random IV.
[9ca79efd6d29]
2019-12-10 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_hrr_unittest.cc:
Bug 1590001 - Additional HRR Tests. r=mt
This patch adds new tests for version limitations after a HRR.
[8a2bd40e7f89]
2019-12-11 Martin Thomson <mt@lowentropy.net>
* gtests/ssl_gtest/ssl_hrr_unittest.cc:
Bug 1600144 - clang-format, a=bustage
[014f37ecee3e]
2019-11-29 Martin Thomson <mt@lowentropy.net>
* gtests/ssl_gtest/ssl_hrr_unittest.cc, lib/ssl/dtlscon.c:
Bug 1600144 - Treat ClientHello with message_seq of 1 as a second
ClientHello, r=kjacobs
Summary: The logic that deals with stateless HelloRetryRequest in
DTLS allows this one-off increment to the message_seq field in case
the server was operating statelessly. However, when it does, it
should insist on the ClientHello carrying a cookie; concretely, it
should set the flag that says that a HelloRetryRequest was sent,
even if it doesn't currently remember that it sent one. That is the
only way that this condition could be met.
[f55fe2a2dab9]
2019-12-11 Martin Thomson <mt@lowentropy.net>
* gtests/ssl_gtest/tls_esni_unittest.cc:
Bug 1603027 - clang-format, a=bustage
[ca9adb8eb899]
2019-12-11 EKR <ekr@rtfm.com>
* gtests/ssl_gtest/tls_esni_unittest.cc:
Bug 1603027 - Check that ESNI gets regenerated with HRR r=mt
[6655d8a1f4bd]
2019-12-09 Andi-Bogdan Postelnicu <bpostelnicu@mozilla.com>
* mach:
Bug 1598485 - Exclude files that are not part of the nss repository
from the analysis artifact. r=jcj
[38a1c27aadf3]
Differential Revision: https://phabricator.services.mozilla.com/D57470
--HG--
extra : moz-landing-system : lando
2019-12-06 Daiki Ueno <dueno@redhat.com>
* lib/pki/pki3hack.c:
Bug 1593167, certdb: propagate trust information if trust module is
loaded afterwards, r=rrelyea,keeler
Summary: When the builtin trust module is loaded after some temp
certs being created, these temp certs are usually not accompanied by
trust information. This causes a problem in Firefox as it loads the
module from a separate thread while accessing the network cache
which populates temp certs.
This change makes it properly roll up the trust information, if a
temp cert doesn't have trust information.
Reviewers: rrelyea, keeler
Reviewed By: rrelyea, keeler
Subscribers: reviewbot, heftig
Bug #: 1593167
[c46bc59ce7d4] [tip]
2019-11-08 Martin Thomson <mt@lowentropy.net>
* lib/ssl/tls13subcerts.c:
Bug 1594965 - Include saltLength in DC SPKI, r=kjacobs
Summary: I discovered this when validating new additions to our root
store policy. The encodings there didn't line up with what we were
producing with DC.
[661058254ade]
2019-12-04 J.C. Jones <jjones@mozilla.com>
* automation/release/nss-release-helper.py:
Bug 1535787 - Further improvements to the release-helper API r=mt
[7baba392bf8b]
* automation/release/nss-release-helper.py:
Bug 1535787 - flake8 style updates to nss-release-helper.py
r=kjacobs
Depends on D23757
[b31e68a789fa]
* automation/release/nss-release-helper.py:
Bug 1535787 - Use Python for the regexes in nss-release-helper
r=keeler,kjacobs
automation/release/nss-release-helper.py doesn't actually edit the
files correctly on MacOS due to differences between GNU and BSD sed.
It's python, so let's just use python regexes.
[92271739e848]
2019-12-04 Franziskus Kiefer <franziskuskiefer@gmail.com>
* automation/taskcluster/graph/src/extend.js,
automation/taskcluster/graph/src/queue.js,
automation/taskcluster/scripts/check_abi.sh, build.sh,
coreconf/config.gypi, help.txt, lib/freebl/freebl_base.gypi, mach,
tests/all.sh, tests/common/init.sh, tests/remote/Makefile:
Bug 1594933 - disable libnssdbm by default; keep build on CI, r=jcj
Disale libnssdbm by default and add flag to enable it in builds. On
CI a build and certs test with enabled legacy DB are added.
Note that for some reason the coverage build fails. I have no idea
why. I'm open for ideas.
[c1fad130dce2]
2019-12-03 Makoto Kato <m_kato@ga2.so-net.ne.jp>
* lib/freebl/Makefile, lib/freebl/freebl.gyp, lib/freebl/gcm-
arm32-neon.c, lib/freebl/gcm.c:
Bug 1562548 - Improve GCM perfomance on aarch32 using NEON.
r=kjacobs
Optimize GCM perfomance using
https://conradoplg.cryptoland.net/files/2010/12/gcm14.pdf via ARM's
NEON.
[a9ba652046e6]
2019-12-03 J.C. Jones <jjones@mozilla.com>
* automation/abi-check/expected-report-libssl3.so.txt, automation/abi-
check/previous-nss-release, lib/nss/nss.h, lib/softoken/softkver.h,
lib/util/nssutil.h:
Set version numbers to 3.49 beta
[3051793c68fc]
2019-12-02 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_48_BETA1 for changeset 77976f3fefca
[06d5b4f91a9c]
Differential Revision: https://phabricator.services.mozilla.com/D56378
--HG--
extra : moz-landing-system : lando
This change modifies all tests that use key3/cert8 to use the new files. It
removes test_sdr_upgraded_with_password, as without the upgrade part that is now
the same test as test_sdr_preexisting_with_password.
Differential Revision: https://phabricator.services.mozilla.com/D55708
--HG--
rename : security/manager/ssl/tests/unit/test_sdr_preexisting/key4.db => security/manager/ssl/tests/unit/test_broken_fips/key4.db
extra : moz-landing-system : lando
This change modifies all tests that use key3/cert8 to use the new files. It
removes test_sdr_upgraded_with_password, as without the upgrade part that is now
the same test as test_sdr_preexisting_with_password.
Differential Revision: https://phabricator.services.mozilla.com/D55708
--HG--
rename : security/manager/ssl/tests/unit/test_sdr_preexisting/key4.db => security/manager/ssl/tests/unit/test_broken_fips/key4.db
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
This change removes the legacy libnssdbm database that we migrated away from since Firefox 60.
This change modifies all tests that use key3/cert8 to use the new files. It
removes test_sdr_upgraded_with_password, as without the upgrade part that is now
the same test as test_sdr_preexisting_with_password. It otherwise removes support for libnssdbm everywhere in Gecko.
Differential Revision: https://phabricator.services.mozilla.com/D55708
--HG--
rename : security/manager/ssl/tests/unit/test_sdr_preexisting/key4.db => security/manager/ssl/tests/unit/test_broken_fips/key4.db
extra : moz-landing-system : lando
Bug 1267643 changed how gecko finds client certificates to offer to the user to
use. This change was too permissive, so we reintroduced some filtering in bug
1590888 and bug 1592532. All of these changes together were too restrictive and
filtered out CA certificates, which some users evidently use as client
certificates. This bug removes the restriction that client certificates not be
CA certificates and hopefully arrives at pre-bug 1267643 behavior.
Differential Revision: https://phabricator.services.mozilla.com/D56618
--HG--
extra : moz-landing-system : lando
The test starts timed out after applying the changes in P1-P3. The main reason is that P1-P3 ensure SWM and the QuotaManger clear their storage in any condition in clear data service. However, since the SWM adds a shutdown blocker during the initialization and it's initialized during the profile-change-teardown because of the changes and the test scenario.
To fix that, ideally, SWM should differentiate if it's initialized before or during the profile-change-teardown and that requires a non-small change. Since we haven't got this signature in the real world and similar cases (SWM gets initialized during profile-change-teardown) have been taken care of, this patch only adds a workaround to avoid the issue.
Differential Revision: https://phabricator.services.mozilla.com/D56526
--HG--
extra : moz-landing-system : lando
To evaluate the performance impact of CRLite over OCSP, we need to measure when
CRLite is (presumably) faster and by how much. To do this, we measure the
duration of the respective operations and when both occur for the same
verification, we make a note in the appropriate histogram of how much faster
one was than the other.
data-review+ was already given in bug 1488865 comment 5
Differential Revision: https://phabricator.services.mozilla.com/D56508
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
If we turn on Rust PGO, the build system can't deal with the mixture of this NO_PGO library along with its PGO'ed Rust dependency. It seems that this NO_PGO might have been a copy/paste artifact anyway, so let's go ahead and remove it.
Differential Revision: https://phabricator.services.mozilla.com/D56587
--HG--
extra : moz-landing-system : lando
Most of these fixes involve fixing test XUL to not use <dialog> as a top level element or replacing calls to document.documentElement that expect it to return the dialog, now that the dialog is not the top level element anymore.
Differential Revision: https://phabricator.services.mozilla.com/D53722
--HG--
extra : moz-landing-system : lando
This patch also includes necessary JS changes to support this. Most commonly, the dialog was accessed with document.documentElement, which needed to be changed now that the dialog is not the top level element.
Differential Revision: https://phabricator.services.mozilla.com/D52411
--HG--
extra : moz-landing-system : lando
When cert_storage is disabled, the CRLite mode and telemetry fields don't get
used by NSSCertDBTrustDomain, so we get warnings-as-errors about unused fields.
This uses Unused to silence the warnings.
This also adds a missing #include to CertBlocklist.cpp.
Differential Revision: https://phabricator.services.mozilla.com/D56250
--HG--
extra : moz-landing-system : lando
Fix:
/var/lib/jenkins/workspace/firefox-clang-lld-last/security/sandbox/chromium/base/time/time.h:796:18: error: implicit conversion from 'long' to 'double' changes value from 922337203
return value > std::numeric_limits<int64_t>::max()
~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Upstream code is very different now (uses some saturated_cast):
https://chromium.googlesource.com/chromium/src/base/+/master/time/time.h#846
Differential Revision: https://phabricator.services.mozilla.com/D43786
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
When launching a sandboxed child process that uses `firefox.exe`, we now
perform early initialization of the DLL blocklist.
Differential Revision: https://phabricator.services.mozilla.com/D53679
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
The inclusions were removed with the following very crude script and the
resulting breakage was fixed up by hand. The manual fixups did either
revert the changes done by the script, replace a generic header with a more
specific one or replace a header with a forward declaration.
find . -name "*.idl" | grep -v web-platform | grep -v third_party | while read path; do
interfaces=$(grep "^\(class\|interface\).*:.*" "$path" | cut -d' ' -f2)
if [ -n "$interfaces" ]; then
if [[ "$interfaces" == *$'\n'* ]]; then
regexp="\("
for i in $interfaces; do regexp="$regexp$i\|"; done
regexp="${regexp%%\\\|}\)"
else
regexp="$interfaces"
fi
interface=$(basename "$path")
rg -l "#include.*${interface%%.idl}.h" . | while read path2; do
hits=$(grep -v "#include.*${interface%%.idl}.h" "$path2" | grep -c "$regexp" )
if [ $hits -eq 0 ]; then
echo "Removing ${interface} from ${path2}"
grep -v "#include.*${interface%%.idl}.h" "$path2" > "$path2".tmp
mv -f "$path2".tmp "$path2"
fi
done
fi
done
Differential Revision: https://phabricator.services.mozilla.com/D55444
--HG--
extra : moz-landing-system : lando
This patch implements CRLite lookups for TLS server certificate revocation
information in telemetry-only mode. It adds a new preference
"security.pki.crlite_mode" to control the behavior of this feature. Setting
this preference to 0 disables it completely. Setting it to 1 enables telemetry
collection only (the default). Setting it to 2 enables enforcing revocation
information found via CRLite.
Differential Revision: https://phabricator.services.mozilla.com/D54040
--HG--
rename : third_party/rust/bit_reverse/LICENSE-APACHE => third_party/rust/rental/LICENSE-APACHE
rename : third_party/rust/bit-vec/LICENSE-MIT => third_party/rust/rental/LICENSE-MIT
extra : moz-landing-system : lando
When launching a sandboxed child process that uses `firefox.exe`, we now
perform early initialization of the DLL blocklist.
Differential Revision: https://phabricator.services.mozilla.com/D53679
--HG--
extra : moz-landing-system : lando
2019-12-03 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.48 final
[65d3150a258e] [NSS_3_48_RTM] <NSS_3_48_BRANCH>
2019-12-02 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_48_BETA1 for changeset 77976f3fefca
[06d5b4f91a9c]
Differential Revision: https://phabricator.services.mozilla.com/D55994
--HG--
extra : moz-landing-system : lando
With a fork server, the parameters to fork a new content process are
passed through a socket. This patch does following tasks to adapt
sandbox to work with a fork server,
- passing a FD of a chroot server,
- passing flags of SandboxFork, and
- setting LaunchOptions and its fork_delegate field at a fork server.
Depends on D46878
Differential Revision: https://phabricator.services.mozilla.com/D46879
--HG--
extra : moz-landing-system : lando
I messed up and deleted my own fork once my PR was merged, given the owner said
they would do a release.
Differential Revision: https://phabricator.services.mozilla.com/D55894
--HG--
extra : moz-landing-system : lando
I want to start updating gecko to rand 0.7, and it'd be silly having three rand
versions in tree.
This uses my git repo while I wait for upstream to merge my PR
(https://github.com/mheese/rust-pkcs11/pull/16).
That PR is the only difference from upstream.
Differential Revision: https://phabricator.services.mozilla.com/D55351
--HG--
rename : third_party/rust/num-bigint/src/tests/bigint.rs => third_party/rust/num-bigint/tests/bigint.rs
rename : third_party/rust/num-bigint/src/tests/biguint.rs => third_party/rust/num-bigint/tests/biguint.rs
extra : moz-landing-system : lando
With a fork server, the parameters to fork a new content process are
passed through a socket. This patch does following tasks to adapt
sandbox to work with a fork server,
- passing a FD of a chroot server,
- passing flags of SandboxFork, and
- setting LaunchOptions and its fork_delegate field at a fork server.
Depends on D46878
Differential Revision: https://phabricator.services.mozilla.com/D46879
--HG--
extra : moz-landing-system : lando
2019-12-02 Kevin Jacobs <kjacobs@mozilla.com>
* lib/ssl/sslsnce.c:
Bug 1593401 - Fix race condition in self-encrypt functions r=mt,jcj
[77976f3fefca] [NSS_3_48_BETA1]
2019-12-02 J.C. Jones <jjones@mozilla.com>
* automation/release/nspr-version.txt:
Bug 1600775 - Require NSPR 4.24 for NSS 3.48 r=kaie,kjacobs
[b6141fb86799]
* gtests/ssl_gtest/tls_filter.h:
Bug 1599545 - fixup, clang-format r=me
[8ffef87ef51b]
2019-12-02 Kevin Jacobs <kjacobs@mozilla.com>
* cpputil/tls_parser.h, gtests/ssl_gtest/ssl_keyupdate_unittest.cc,
gtests/ssl_gtest/tls_filter.h, lib/ssl/tls13con.c:
Bug 1599545 - Fix assertion and add test for early Key Update
message r=mt
Remove an overzealous assertion when a Key Update message is
received too early, and add a test for the expected alert condition.
Also adds `TlsEncryptedHandshakeMessageReplacer` for replacing TLS
1.3 encrypted handshake messages. This is a simple implementation
where only the first byte of the message is changed to the new type
(so as to trigger the desired handler).
[a5dbf68d182d]
2019-11-27 J.C. Jones <jjones@mozilla.com>
* lib/ckfw/object.c:
Bug 1597799 - Guard against null ptrs in NSSCKFWObject r=kjacobs
There's a bunch of similar code that could use guards in here, but I
wanted to be minimal for this patch.
[eab4d3c8c76d]
Differential Revision: https://phabricator.services.mozilla.com/D55581
--HG--
extra : moz-landing-system : lando
This has the effect of reverting changeset 17183959c3a9 but with formatting
changes and other non-functional updates due to changes since the original
implementation was removed.
Differential Revision: https://phabricator.services.mozilla.com/D54790
--HG--
extra : moz-landing-system : lando
2019-11-20 Kevin Jacobs <kjacobs@mozilla.com>
* lib/ssl/ssl3con.c, lib/ssl/tls13con.c:
Bug 1590001 - Prevent negotiation of versions lower than 1.3 after
HelloRetryRequest. r=mt
This patch prevents negotiation of TLS versions lower than 1.3 after
an HRR has been sent.
[d64102b76a43] [tip]
2019-11-22 J.C. Jones <jjones@mozilla.com>
* lib/softoken/pkcs11u.c:
Bug 1596450 - Fixup, coverity CID 1455952 r=kjacobs
[46b1355d8765]
* lib/pk11wrap/pk11slot.c:
Bug 1522203 - Remove Pentium Pro workaround for PK11_GetAllTokens
r=kjacobs
The comment indicated the wasted effort was to work around a cache
issue on the Pentium Pro. I think it has served its purpose.
[27d9fb4ac69b]
2019-11-21 Franziskus Kiefer <franziskuskiefer@gmail.com>
* tests/gtests/gtests.sh:
Bug 1592557 - fix prng kat tests, r=jcj
fix for prng kat tests
[474334bb790b]
2019-11-20 Robert Relyea <rrelyea@redhat.com>
* lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h,
lib/softoken/sftkhmac.c:
Bug 1596450 - softoken: unified MAC implementation patch by Alex
Scheel review by rrelyea
[3147585149f0]
Differential Revision: https://phabricator.services.mozilla.com/D54637
--HG--
extra : moz-landing-system : lando
This function works on all GeckoProcessTypes, not just those for child
processes.
Differential Revision: https://phabricator.services.mozilla.com/D54375
--HG--
extra : moz-landing-system : lando
This function works on all GeckoProcessTypes, not just those for child
processes.
Differential Revision: https://phabricator.services.mozilla.com/D54375
--HG--
extra : moz-landing-system : lando
Sylvestre Ledru
Dana Keeler
Mathieu Leplatre
JulianWels
Noemi Erli
ffxbld
Simon Giesecke
Bogdan Tara
Ed Lee
Mihai Alexandru Michis
Jed Davis
Bob Owen
Narcis Beleuzu
Jared Wein
Haik Aftandilian
Kevin Jacobs
Dorel Luca
Emilio Cobos Álvarez
Mike Shal
Daniel Varga
Gabriele Svelto
Michael Froman
Mark Banner
Toshihito Kikuchi
Kershaw Chang
Moritz Birghan
shindli
manas
J.C. Jones
Eric Rahm
Csoregi Natalia
Cosmin Sabou
Andy Grover
Brindusan Cristian
Julian
J.C. Jones
Philipp Zech
David Major
Gian-Carlo Pascutto
Nika Layzell
Michael Forney
Christian Holler
Dimi Lee
Kirk Steuber
Victor Porof
Brian Grinstead
Masatoshi Kimura
Michael Kaply
Martin Thomson
Andreas Tolfsen
Coroiu Cristina
Chris Peterson
Thinker Li
Carolina
Andreea Pavel
Kris Maglione
Tom Tung
Tom Ritter
Aaron Klotz
Magnus Melin
Emma Malysz
Andrew McCreight