45369f09f3
Bug 1445731, land NSS 2eefd697d661 UPGRADE_NSS_RELEASE, r=me
2018-04-11 12:54:08 +02:00
280690d83e
Merge mozilla-central to inbound
2018-04-11 01:02:05 +03:00
0c3ba13e4c
Bug 1437167 - Part 1: Stop using PRIntervalTime as the argument to CondVar::Wait and Monitor::Wait, r=mstange, r=froydnj
2018-04-10 17:49:47 -04:00
a822851bc4
No bug, Automated HPKP preload list update from host bld-linux64-spot-327 - a=hpkp-update
2018-04-10 13:54:43 -07:00
7951af6d38
No bug, Automated HSTS preload list update from host bld-linux64-spot-327 - a=hsts-update
2018-04-10 13:54:39 -07:00
4c4327e871
Bug 1452509 - Make -DMOZ_ALSA global and prune duplicate -DMOZ_PULSEAUDIO. r=froydnj
...
MozReview-Commit-ID: 6O0pkscXczw
--HG--
extra : rebase_source : 0d8dffa1f8e4942b3fe8832ad860409ec24784a2
2018-03-19 02:13:04 +00:00
fd3dbbaaa3
bug 1453741 - (2/2) remove nsIX509CertDB.findCertByEmailAddress r=fkiefer,jcj
...
nsIX509CertDB.findCertByEmailAddress performs multiple certificate verifications
on the main thread, which is bad because it blocks the main thread and can cause
nested event loop spinning. Firefox doesn't even use this function. Other
products that use this function will either have to re-implement it locally or
find some other workaround.
MozReview-Commit-ID: HShl0H8cgxs
--HG--
extra : rebase_source : 63ee16b600ca7c2867352ee1ad791eb79b82a77c
2018-04-12 12:46:25 -07:00
2b9926416f
bug 1453741 - (1/2) remove nsIX509CertDB.verifyCert{AtTime,Now} r=fkiefer,jcj
...
These functions perform certificate verification on the main thread, which is
already a bad idea. They can also cause OCSP requests to be made from the main
thread, which will cause nested event loop spinning, which is an even worse
idea. Luckily this really only affects tests.
MozReview-Commit-ID: LqDAgDmlyER
--HG--
extra : rebase_source : c86414db0b6d6e7e83b5e3f371506b773813cdbf
2018-04-11 16:23:48 -07:00
8e723a7457
Merge mozilla-inbound to mozilla-central. a=merge
2018-04-10 00:55:35 +03:00
be73b556ca
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-04-09 13:41:47 -07:00
f6fd590531
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-04-09 13:41:43 -07:00
aaef814fdc
Bug 1452090: Only enable handle verifier on 32-bit Nightly and debug builds. r=jimm
...
This also adds the ability to enable it using the environement variable
MOZ_ENABLE_HANDLE_VERIFIER.
2018-04-09 19:22:28 +01:00
ed89d1323c
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-04-08 13:36:33 -07:00
47fd054933
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-04-08 13:36:29 -07:00
115b36861c
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-04-07 13:43:15 -07:00
56215bff29
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-04-07 13:43:11 -07:00
eb61878455
Merge inbound to mozilla-central. a=merge
2018-04-07 00:55:15 +03:00
befd24c6b5
No bug, Automated HPKP preload list update from host bld-linux64-spot-327 - a=hpkp-update
2018-04-06 13:51:28 -07:00
22c60c2e4c
No bug, Automated HSTS preload list update from host bld-linux64-spot-327 - a=hsts-update
2018-04-06 13:51:24 -07:00
29fd899298
Bug 1450967 - mitm detection v0.0.1, r=keeler,johannh
...
Differential Revision: https://phabricator.services.mozilla.com/D839
--HG--
extra : amend_source : 7f1df88370d425230cfbe656742c30255dc6e08e
2018-03-16 11:36:50 +01:00
f148878e67
No bug, Automated HPKP preload list update from host bld-linux64-spot-326 - a=hpkp-update
2018-04-05 13:52:51 -07:00
5aba0e69b8
No bug, Automated HSTS preload list update from host bld-linux64-spot-326 - a=hsts-update
2018-04-05 13:52:47 -07:00
b9a5abc6cb
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-04-04 13:55:30 -07:00
2586dc163b
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-04-04 13:55:26 -07:00
0ae0457289
Backed out changeset 5be07e86738e (bug 1439383) for causing leaks (bug 1401883). a=backout
2018-04-04 21:03:38 +03:00
91c9d08e42
Merge inbound to mozilla-central. a=merge
2018-04-04 20:53:53 +03:00
ca277b407b
Merge mozilla-central to inbound. a=merge CLOSED TREE
2018-04-04 12:51:48 +03:00
688a9261d7
Bug 1445731 - land NSS 954032211d2d UPGRADE_NSS_RELEASE, r=me
2018-04-04 10:45:13 +02:00
ea8050e2b0
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2018-04-03 13:48:33 -07:00
08d5281463
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2018-04-03 13:48:29 -07:00
b861d14e56
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-04-04 00:56:56 +03:00
17bafad434
Bug 1450740 - Don't sandbox network namespace when X11 named sockets aren't accessible. r=gcp
...
MozReview-Commit-ID: KiL4GwMms3a
--HG--
extra : rebase_source : 08cfd2325d081eb95a4a69805077828bfbb521ac
2018-04-02 15:19:04 -06:00
5158a406f7
No bug, Automated HPKP preload list update from host bld-linux64-spot-324 - a=hpkp-update
2018-04-02 14:03:17 -07:00
68c7ae8378
No bug, Automated HSTS preload list update from host bld-linux64-spot-324 - a=hsts-update
2018-04-02 14:03:13 -07:00
dafc1094f6
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-04-01 19:11:09 -07:00
bc62258c3c
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-04-01 19:11:05 -07:00
f7fdb9dae5
No bug, Automated HPKP preload list update from host bld-linux64-spot-325 - a=hpkp-update
2018-03-31 14:00:13 -07:00
0cc199f815
No bug, Automated HSTS preload list update from host bld-linux64-spot-325 - a=hsts-update
2018-03-31 14:00:10 -07:00
dd8e8d3d86
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-03-30 21:57:51 -07:00
796d46d5c5
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-03-30 21:57:48 -07:00
c66f288715
Bug 1445731 - land NSS 6ae3ab8a1e7b UPGRADE_NSS_RELEASE, r=me
...
--HG--
extra : rebase_source : bffce425114dbe0f2cf6095dea5adc40aa09ea9e
2018-03-30 08:52:56 -07:00
3085269fe3
bug 1056341 - introduce a budget for path searching in mozilla::pkix to avoid unbounded search r=fkiefer,jcj
...
MozReview-Commit-ID: Ght1wx5lb34
--HG--
extra : rebase_source : 46ed1910c5c4fc5b3695f7ee593c2baebe45a9ff
2018-03-27 15:35:50 -07:00
5d841a3421
Merge inbound to mozilla-central. a=merge
2018-03-30 01:06:18 +03:00
a9fc548e72
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-03-29 13:39:43 -07:00
768c746599
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-03-29 13:39:39 -07:00
d8435632fc
bug 1424311 - don't persist the certificate exception dialog's size so it doesn't grow unboundedly r=jcj
...
window.sizeToContent() apparently interacts poorly with windows that have a
persisted size (see bug 90276, which is a 5-digit bug that hasn't been touched
in over a decade). As a workaround, don't persist the certificate exception
dialog's size. This means we have to call window.sizeToContent() more often and
unfortunately results in the window growing and shrinking again on Windows, but
at least it will always be the "right size" for its content.
MozReview-Commit-ID: 9UT3X8IEqZg
--HG--
extra : rebase_source : 9d968748bd77328eea4ae11e1ae746de9401fb4d
2018-03-28 13:43:03 -07:00
d117255a14
Merge inbound to mozilla-central. a=merge
2018-03-29 00:55:16 +03:00
3a0bbe90a6
No bug, Automated HPKP preload list update from host bld-linux64-spot-324 - a=hpkp-update
2018-03-28 13:43:42 -07:00
cb9393f7c7
No bug, Automated HSTS preload list update from host bld-linux64-spot-324 - a=hsts-update
2018-03-28 13:43:38 -07:00
cfaaf3c336
Bug 1449480: Don't crash in opt builds when scoped_handle.cc CloseHandleWrapper fails. r=jimm
...
I'm not adding a patch to security/sandbox/chromium-shim/patches for this,
because we need to get this fixed ASAP, certainly before we take another update.
2018-03-28 16:07:15 +01:00
7f19ad998a
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-03-28 00:59:33 +03:00
adebb06ac1
Merge inbound to mozilla-central. a=merge
2018-03-28 00:48:11 +03:00
a359cb4b0f
No bug, Automated HPKP preload list update from host bld-linux64-spot-326 - a=hpkp-update
2018-03-27 13:35:58 -07:00
75fdd4ddaf
No bug, Automated HSTS preload list update from host bld-linux64-spot-326 - a=hsts-update
2018-03-27 13:35:54 -07:00
302a55b534
Merge inbound to mozilla-central. a=merge
2018-03-27 12:12:57 +03:00
ed9d3656c8
Merge mozilla-central to inbound a=merge on a CLOSED TREE
2018-03-26 23:58:59 +03:00
a3336ea2e2
No bug, Automated HPKP preload list update from host bld-linux64-spot-324 - a=hpkp-update
2018-03-26 13:20:52 -07:00
9eb99d8544
No bug, Automated HSTS preload list update from host bld-linux64-spot-324 - a=hsts-update
2018-03-26 13:20:48 -07:00
77b94189e1
Bug 1448756 - Use AssignLiteral and AssignASCII for short zero-terminated strings in PSM. r=keeler.
...
MozReview-Commit-ID: 9GUHkUG6SlP
--HG--
extra : rebase_source : 593c57761877018db8c7f4acfd7f0f8251060074
2018-03-26 09:13:14 +03:00
b0d30e4bf9
bug 1449060 - remove some dynamic OIDs from the certificate viewer that don't serve any purpose r=fkiefer
...
MozReview-Commit-ID: IccdDvYMTP4
--HG--
extra : rebase_source : bedc23b8b49cc6f4fedf5d7f17932bc971e78d20
2018-03-26 17:21:04 -07:00
5c6b90f0b8
Bug 1448787 - separate error for self-signed certs, r=keeler,johannh
...
Reviewed By: keeler, johannh
Bug #: 1448787
Differential Revision: https://phabricator.services.mozilla.com/D805
--HG--
extra : rebase_source : 3a9317445c7df5f09675da67888930304b75fc4b
2018-03-29 11:51:33 +02:00
039665fa5e
Bug 1447019 Part 3: Use MITIGATION_WIN32K_DISABLE for GMP processes based on a pref. r=jimm
2018-03-27 14:09:32 +01:00
41ce6696f9
Bug 1447019 Part 2: Move running from a network drive check into WinUtils. r=jimm
2018-03-27 14:09:32 +01:00
806baa5430
Bug 1415279 - Move error strings for certError and netError pages to frontend, r=johannh,keeler,Honza,snorp
...
This patch moves all TLS error string handling to the frontend.
Dev-tools doesn't show the same error code as the page does anymore but only the error code as string.
All logging of these error messages has been removed.
Bug #: 1415279
Differential Revision: https://phabricator.services.mozilla.com/D607
--HG--
extra : rebase_source : 61e2d94cb21ef4c02b81448531609205c85a9707
2018-03-27 13:31:52 +02:00
5dd69d1516
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2018-03-25 13:32:21 -07:00
97b38a3ffb
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2018-03-25 13:32:17 -07:00
2640499cc4
Merge autoland to mozilla-central. a=merge
2018-03-25 12:32:20 +03:00
854a93183e
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-03-25 00:41:27 -07:00
65b51bcedd
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-03-25 00:41:23 -07:00
d380323764
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-03-24 00:08:51 -07:00
090a596545
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-03-24 00:08:47 -07:00
2e7f40ab63
Bug 1445731 - land NSS 1bde21f90bd1 UPGRADE_NSS_RELEASE, r=me
...
--HG--
extra : rebase_source : b23946c3f8f8ca33b1fe42f67febe604d36c6411
2018-03-22 14:40:30 -07:00
7874b62da6
Bug 1444290 - Forget bg SDR runnable reference when dispatching r=froydnj
...
We're seeing a crash in tests from trying to release the promise in
this runnable from the background thread we create to run this
method. The only way I can see that happening is that the bg thread
loses the race with the main thread to drop its reference to the
runnable, causing it to call the destructor. Rather than calling the
helper that adds a reference to the runnable and then forgets it,
let's just forget it here.
MozReview-Commit-ID: LXpC8Kr2SBb
--HG--
extra : rebase_source : bfed3ed4128c6a3ede6f06feed1f50cb9f30e485
2018-03-22 09:31:40 -07:00
76bc359e79
Bug 1397230 - Generalize blocklist clients to remote settings clients r=mgoodwin
...
MozReview-Commit-ID: 9VAsTFCuZUf
--HG--
rename : services/common/tests/unit/test_blocklist_updater.js => services/common/tests/unit/test_remote_settings_poll.js
extra : rebase_source : 9da338f18f3860e124b315a8be3340997343e2f3
2018-03-13 16:23:57 +01:00
ecdda28482
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2018-03-22 13:22:03 -07:00
a305f35f68
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2018-03-22 13:21:59 -07:00
55d5f75f65
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2018-03-21 13:10:14 -07:00
b8bfc106c1
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2018-03-21 13:10:10 -07:00
66b7c55e79
Merge mozilla-central to inbound. a=merge CLOSED TREE
2018-03-21 00:51:18 +02:00
52c9a5448e
Merge inbound to mozilla-central. a=merge
2018-03-21 00:24:33 +02:00
0457be96b5
Merge autoland to mozilla-central. a=merge
2018-03-21 00:23:17 +02:00
5fe3417f0b
No bug, Automated HPKP preload list update from host bld-linux64-spot-301 - a=hpkp-update
2018-03-20 13:10:29 -07:00
ff82f5097d
No bug, Automated HSTS preload list update from host bld-linux64-spot-301 - a=hsts-update
2018-03-20 13:10:25 -07:00
7780b45b3a
Bug 1445731 - land NSS c5dffd6269ea UPGRADE_NSS_RELEASE, r=me
...
--HG--
extra : rebase_source : a740ebebda8a9894cfebcff25d21a9430c478f96
2018-03-20 10:17:35 -07:00
175c45e2dc
Bug 1444440 - Ensure the correct error is emitted for policy distrusts r=keeler
...
Bug 1441223
2018-03-14 14:01:35 -07:00
922c555275
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-03-20 19:00:25 +02:00
bade5ee518
bug 1439383 - clean up the load loadable roots thread when we're done with it r=froydnj,jcj
...
MozReview-Commit-ID: J5GnpwxYguz
--HG--
extra : rebase_source : 14abdefbbee91b13ae26104d093e6fba20432c05
2018-03-16 16:50:19 -07:00
cf86e40aa1
Bug 1445167 Part 2: Make LOG_FATAL messages in chromium sandbox code crash. r=jld
2018-03-20 10:45:31 +00:00
af1e9f58c5
Bug 1445167 Part 1: Revert change to make USER_NON_ADMIN a blacklist. r=handyman
...
This is only used by default in the file content process now and we also have a
FILES_ALLOW_READONLY rule for all paths anyway.
2018-03-20 10:42:05 +00:00
19da7222e8
No bug, Automated HPKP preload list update from host bld-linux64-spot-326 - a=hpkp-update
2018-03-19 13:10:23 -07:00
43d9f7b3ef
No bug, Automated HSTS preload list update from host bld-linux64-spot-326 - a=hsts-update
2018-03-19 13:10:19 -07:00
7f196c986b
No bug, Automated HPKP preload list update from host bld-linux64-spot-307 - a=hpkp-update
2018-03-17 13:08:00 -07:00
36c23ec671
No bug, Automated HSTS preload list update from host bld-linux64-spot-307 - a=hsts-update
2018-03-17 13:07:56 -07:00
fed3513bca
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-03-16 12:56:58 -07:00
b97ded4fa8
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-03-16 12:56:54 -07:00
fa45a3c670
Bug 1443080 - Use the static call for static methods (not instance) r=Ehsan
...
MozReview-Commit-ID: JwHh4bzxuTR
--HG--
extra : rebase_source : 5f5e37517aa80c2e7b5933962178d761074886e7
2018-03-16 14:29:15 +01:00
331dda9367
Bug 1444291 - Part 3 - Add read access to the Mac Flash sandbox, support sandbox levels r=Alex_Gaynor
...
Replace the boolean pref "security.sandbox.mac.flash.enabled"
with "dom.ipc.plugins.sandbox-level.flash" to support sandbox
levels and be consistent with the Windows pref name.
Adds filesystem read access to the sandbox using sandbox extensions
granted by the file dialog machinery (level 1).
Add support for level 2 which blocks read access.
Allow the sandbox to be disabled with MOZ_DISABLE_NPAPI_SANDBOX.
MozReview-Commit-ID: 4rfobEoxQpF
--HG--
extra : rebase_source : 05dc54b46063967e959bc3fced21c61e5463de48
2018-03-15 20:23:19 -07:00
b8c5b2eae6
Bug 1444291 - Part 2 - Add additional sysctl access to the Mac Flash sandbox r=Alex_Gaynor
...
Adds additional sysctls that are used by the Flash plugin process and alphabetize the list.
MozReview-Commit-ID: 7CaPtaKe874
--HG--
extra : rebase_source : 909228ef9617029eaf7cb16565751150cd1c7404
2018-03-07 22:07:27 -08:00
09693ee75d
Bug 1444291 - Part 1 - Reduce Mac Flash sandbox cache and temp dir permissions r=Alex_Gaynor
...
Remove access to DARWIN_USER_CACHE_DIR. Limit DARWIN_USER_TEMP_DIR
access to the FlashTmp subdirectory. Remove xattr read access to
~/Library/Caches/ and ~/Library/Preferences.
MozReview-Commit-ID: 9svk0BoxVXs
--HG--
extra : rebase_source : 5ea9c7ecc0189455eceb190fb300170d42d0b890
2018-03-15 17:33:12 -07:00
d247fb5f4e
Bug 1445763 - Update moz.build meta data with "Firefox Build System". r=froydnj
...
MozReview-Commit-ID: 3FrWJ6441pe
--HG--
extra : rebase_source : c8f1dc45041132252e28869ada6a386270267431
2018-03-14 21:44:46 +01:00
Kai Engert
arthur.iakab
Nika Layzell
ffxbld
Jan Beich
David Keeler
Andreea Pavel
Bob Owen
Noemi Erli
Franziskus Kiefer
Cosmin Sabou
Margareta Eliza Balazs
Ciure Andrei
Jed Davis
J.C. Jones
Gurzau Raul
Bogdan Tara
Coroiu Cristina
Henri Sivonen
shindli
Doug Thayer
Mathieu Leplatre
Sylvestre Ledru
Haik Aftandilian
Sebastian Hengst