Граф коммитов

9727 Коммитов

Автор SHA1 Сообщение Дата
Jed Davis 315c4ad9c2 Bug 1186709 - Remove MOZ_IMPLICIT from security/sandbox/chromium. r=bobowen 2015-07-23 08:28:00 -04:00
Jed Davis 39f6ab2a28 Bug 1157864 - Record chromium patch applied in previous commit. r=me 2015-07-22 15:48:49 -07:00
Felix Janda acfe5cf4cf Bug 1157864 - chromium sandbox: Fix compilation for systems without <sys/cdefs.h>. r=jld 2015-02-05 22:41:38 +01:00
Masatoshi Kimura 0e28f550d3 Bug 1181562 - Update fallback whitelist. r=keeler 2015-07-22 20:35:26 +09:00
Nicholas Nethercote 1ac7d5d5b1 Bug 1182959 (part 5) - Use nsTHashtable::Iterator in nsCertOverrideService. r=honzab.
--HG--
extra : rebase_source : c36d0f9e4a2242a934e2848b6f977f33d6ac76cc
2015-07-20 17:12:03 -07:00
Nicholas Nethercote 746d9d6e0a Bug 1182959 (part 4) - Remove BlocklistSaveInfo. r=honzab.
--HG--
extra : rebase_source : c46e23885d97ef05504db32e0fd8cae05b55232a
2015-07-20 17:12:03 -07:00
Nicholas Nethercote 6ceff73a0f Bug 1182959 (part 3) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
--HG--
extra : rebase_source : 4df2d9845e7a04c11bc6076ea7844fba7b5ca3a9
2015-07-20 17:12:03 -07:00
Nicholas Nethercote e0bd2455c1 Bug 1182959 (part 2) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
--HG--
extra : rebase_source : f2b69832a8f789919db84706591e96bcf4bd0a1d
2015-07-20 17:12:03 -07:00
Nicholas Nethercote 489123be0f Bug 1182959 (part 1) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
--HG--
extra : rebase_source : cdef0d25cd3dcc63313ab391c0c7fe37d048eb1a
2015-07-20 17:12:03 -07:00
Jed Davis fc9b22c883 Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).

This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-09 12:09:00 +02:00
Jed Davis 06bdcaaa33 Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
This also imports the unit tests but doesn't arrange to run them.
Including the tests in our xul-gtest is possible but not trivial: there
are logging dependencies, and they use a different #include path for
gtest.h (which we'd need to patch).

Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-09 12:04:00 +02:00
David Keeler b0d4abd2b1 bug 1178988 - GenerateOCSPResponse: load certs/keys in two phases r=Cykesiopka
This was initially done to work around a readdir-related bug in the B2G ICS
emulator, but then it turned out that test_ocsp_url.js still fails in ways that
are unreproducible outside of mozilla-inbound on that platform, so it was
disabled (r=sworkman). It's still a good idea, though, to avoid any potential
future issues with readdir not being reentrant.
2015-07-15 14:12:02 -07:00
David Keeler fd5e8893a4 bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler 3999edd791 bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Ryan VanderMeulen 1c6931cc67 Merge m-c to inbound. a=merge 2015-07-19 22:38:28 -04:00
Benjamin Peterson 2751f97bb3 no bug - fix typo and grammar in comment r=me DONTBUILD 2015-07-19 18:07:43 -07:00
ffxbld 3267aeb6a8 No bug, Automated HPKP preload list update from host bld-linux64-spot-135 - a=hpkp-update 2015-07-18 03:35:51 -07:00
ffxbld f12b366895 No bug, Automated HSTS preload list update from host bld-linux64-spot-135 - a=hsts-update 2015-07-18 03:35:49 -07:00
Mark Goodwin 4ba2d72200 Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler) 2015-07-17 17:07:50 +01:00
Mark Goodwin fce204e0e0 Bug 1183822 - fix OCSP verification failures (r=keeler)
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
2015-07-17 17:07:48 +01:00
Mark Goodwin 30d8779d49 Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka) 2015-07-17 17:07:47 +01:00
Wes Kocher b9baa34b08 Backed out 3 changesets (bug 1178988) for ocsp orange CLOSED TREE
Backed out changeset 7fb6a9114916 (bug 1178988)
Backed out changeset 2700ec4adc3e (bug 1178988)
Backed out changeset 07b9c2331ac1 (bug 1178988)
2015-07-17 17:49:46 -07:00
Mark Goodwin 806731fbb7 Backed out changeset ec1b5a7d05e9 (bug 1183065) 2015-07-17 10:37:00 +01:00
Mark Goodwin c7285efe5a Backed out changeset fb6cbb4ada54 (bug 1183822) 2015-07-17 10:36:58 +01:00
Mark Goodwin e2ee16093c Backed out changeset f324dcfaab40 (bug 1183822) 2015-07-17 10:36:56 +01:00
Mark Goodwin e57ac71ec4 Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler) 2015-07-17 10:04:17 +01:00
Mark Goodwin 0bfd3046ed Bug 1183822 - fix OCSP verification failures (r=keeler)
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
2015-07-17 10:03:56 +01:00
Mark Goodwin 810c972b95 Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka) 2015-07-17 10:03:21 +01:00
David Keeler da7508611c bug 1178988 - work around PR_ReadDir bug on B2G ICS emulator by loading certs/keys in two phases r=Cykesiopka 2015-07-15 14:12:02 -07:00
David Keeler 9e28b0964f bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler 9b96df5045 bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Cykesiopka 7bb4919849 Bug 1179678 - Add result strings to misc PSM xpcshell tests. r=keeler 2015-07-14 23:19:00 +02:00
Wes Kocher c00da5ced5 Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE
Backed out changeset fbf7aca43c3a (bug 1181704)
Backed out changeset 8864c0587ced (bug 1181704)
2015-07-13 16:51:17 -07:00
Jed Davis 60984b0ab1 Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).

This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-13 16:17:58 -07:00
Jed Davis c5ffe92d42 Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
This does not include the upstream unit tests.  Including the tests
in our xul-gtest is possible but not trivial: there are logging
dependencies, and they use a different #include path for gtest.h (which
we'd need to patch).

Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-13 16:17:58 -07:00
Birunthan Mohanathas a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
2015-07-13 08:25:42 -07:00
Carsten "Tomcat" Book 4a67c881e4 merge mozilla-inbound to mozilla-central a=merge 2015-07-13 11:51:14 +02:00
ffxbld e2ec40e62a No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update 2015-07-11 03:33:38 -07:00
ffxbld f596fa8330 No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update 2015-07-11 03:33:36 -07:00
David Keeler 72c6934fcc bug 1181376 - convert test_bug480619.html to an xpcshell test r=mgoodwin
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug480619.html => security/manager/ssl/tests/unit/test_logoutAndTeardown.js
2015-07-07 16:09:56 -07:00
Geoff Brown 52d4e225a0 Bug 1026290 - Update mochitest-chrome manifests for android; r=jgriffin 2015-07-10 14:41:59 -06:00
Mark Goodwin 98a776cea1 Bug 1159155 - Add telemetry probe for SHA-1 usage - some tests (r=keeler) 2015-07-09 07:22:32 +01:00
Mark Goodwin 91782dab68 Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler) 2015-07-09 07:22:29 +01:00
Phil Ringnalda 6565c918a7 Back out 2 changesets (bug 1178988) for b2g emulator opt xpcshell failure in test_ocsp_url.js
CLOSED TREE

Backed out changeset 2c5d5eb434b9 (bug 1178988)
Backed out changeset 936d991c4cbc (bug 1178988)
2015-07-08 22:49:12 -07:00
David Keeler 0d33e93440 bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler c4edcb819d bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Carsten "Tomcat" Book da83a15284 Merge mozilla-central to fx-team 2015-07-08 12:04:53 +02:00
Steven Englehardt 73079800c9 Bug 1153010 - Disambiguate error messages for mixed content and weak/broken cipher. r=keeler,tanvi,dolske 2015-07-08 09:04:11 +02:00
Nicholas Nethercote f976bf5495 Bug 1179071 - Merge RemovingIterator into Iterator. r=froydnj.
The original motivation for the Iterator/RemovingIterator split was that
PLDHashTable Checker class would treat them differently. But that didn't end up
happening (see bug 1131308). So this patch merges them. This is a small code
size win now but it will become bigger when I add iterators to nsTHashTable and
nsBaseHashtable.

The only complication is that PLDHashTable::Iter() is now non-const, which is
a problem if you use it in a const method. So I added PLDHashTable::ConstIter()
which is used in just two places. It's a bit of a hack -- effectively a
const_cast -- but I don't think it's too bad.
2015-07-06 22:02:26 -07:00
Dragana Damjanovic 7987d2203e Bug 905127 - Part 2 - remove unnecessary nsNetUtil.h includes r=jduell 2015-07-06 07:55:00 +02:00