It's not immediately obvious to me why we limit this check based on target;
I guess once upon a time there was no ELF or Mach-O support, so we wanted to
ensure people didn't shoot themselves in the foot. If that's the case,
testing indicates that Mach-O support isn't quite ready for prime-time and
we haven't got all the bits straightened out for our normal Linux builds.
So we're just going to enable it for Android here.
Differential Revision: https://phabricator.services.mozilla.com/D83560
It's not immediately obvious to me why we limit this check based on target;
I guess once upon a time there was no ELF or Mach-O support, so we wanted to
ensure people didn't shoot themselves in the foot. If that's the case,
testing indicates that Mach-O support isn't quite ready for prime-time and
we haven't got all the bits straightened out for our normal Linux builds.
So we're just going to enable it for Android here.
Differential Revision: https://phabricator.services.mozilla.com/D83560
It's not immediately obvious to me why we limit this check based on target;
I guess once upon a time there was no ELF or Mach-O support, so we wanted to
ensure people didn't shoot themselves in the foot. If that's the case,
testing indicates that Mach-O support isn't quite ready for prime-time and
we haven't got all the bits straightened out for our normal Linux builds.
So we're just going to enable it for Android here.
Differential Revision: https://phabricator.services.mozilla.com/D83560
This is just re-arranging the deckchairs in preparation for adding an
"update programs" build project. Here "update programs" refers to the
various standalone binaries we produce in order to update Firefox.
There's not strong conceptual coherence between them; rather, it's the
pieces that the Install/Update team generally work on.
Differential Revision: https://phabricator.services.mozilla.com/D82643
2020-06-01 Kevin Jacobs <kjacobs@mozilla.com>
* coreconf/config.gypi, lib/freebl/Makefile, lib/freebl/blinit.c,
lib/freebl/freebl.gyp, lib/freebl/sha256-armv8.c,
lib/freebl/sha256.h, lib/freebl/sha512.c, mach:
Bug 1528113 - Use ARM's crypto extension for SHA256
[ea54fd986036]
2020-04-08 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/expected-report-libssl3.so.txt,
gtests/ssl_gtest/libssl_internals.c,
gtests/ssl_gtest/libssl_internals.h, gtests/ssl_gtest/manifest.mn,
gtests/ssl_gtest/ssl_0rtt_unittest.cc,
gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_gtest.gyp, gtests/ssl_gtest/tls_agent.cc,
gtests/ssl_gtest/tls_agent.h, gtests/ssl_gtest/tls_connect.cc,
gtests/ssl_gtest/tls_connect.h,
gtests/ssl_gtest/tls_psk_unittest.cc, lib/ssl/manifest.mn,
lib/ssl/ssl.gyp, lib/ssl/ssl3con.c, lib/ssl/ssl3ext.c,
lib/ssl/ssl3ext.h, lib/ssl/sslerr.h, lib/ssl/sslexp.h,
lib/ssl/sslimpl.h, lib/ssl/sslinfo.c, lib/ssl/sslsecur.c,
lib/ssl/sslsock.c, lib/ssl/sslt.h, lib/ssl/tls13con.c,
lib/ssl/tls13con.h, lib/ssl/tls13exthandle.c, lib/ssl/tls13psk.c,
lib/ssl/tls13psk.h, lib/ssl/tls13replay.c:
Bug 1603042 - TLS 1.3 out-of-band PSK support
[a448d7919077]
2020-06-01 Makoto Kato <m_kato@ga2.so-net.ne.jp>
* coreconf/config.gypi, lib/freebl/Makefile, lib/freebl/blinit.c,
lib/freebl/freebl.gyp, lib/freebl/sha256-armv8.c,
lib/freebl/sha256.h, lib/freebl/sha512.c:
Bug 1528113 - Use ARM's crypto extension for SHA256 r=kjacobs
ARMv8 CPU has accelerated hardware instruction for SHA256 that
supports GCC 4.9+. We should use it if available.
[61c83f79e90c]
2020-06-02 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/expected-report-libssl3.so.txt,
gtests/ssl_gtest/libssl_internals.c,
gtests/ssl_gtest/libssl_internals.h, gtests/ssl_gtest/manifest.mn,
gtests/ssl_gtest/ssl_0rtt_unittest.cc,
gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_gtest.gyp, gtests/ssl_gtest/tls_agent.cc,
gtests/ssl_gtest/tls_agent.h, gtests/ssl_gtest/tls_connect.cc,
gtests/ssl_gtest/tls_connect.h,
gtests/ssl_gtest/tls_psk_unittest.cc, lib/ssl/manifest.mn,
lib/ssl/ssl.gyp, lib/ssl/ssl3con.c, lib/ssl/ssl3ext.c,
lib/ssl/ssl3ext.h, lib/ssl/sslerr.h, lib/ssl/sslexp.h,
lib/ssl/sslimpl.h, lib/ssl/sslinfo.c, lib/ssl/sslsecur.c,
lib/ssl/sslsock.c, lib/ssl/sslt.h, lib/ssl/tls13con.c,
lib/ssl/tls13con.h, lib/ssl/tls13exthandle.c, lib/ssl/tls13psk.c,
lib/ssl/tls13psk.h, lib/ssl/tls13replay.c:
Bug 1603042 - TLS 1.3 out-of-band PSK support r=mt
This patch adds support for External (out-of-band) PSKs in TLS 1.3.
An External PSK (EPSK) can be set by calling `SSL_AddExternalPsk`,
and removed with `SSL_RemoveExternalPsk`. `SSL_AddExternalPsk0Rtt`
can be used to add a PSK while also specifying a suite and
max_early_data_size for use with 0-RTT.
As part of handling PSKs more generically, the patch also changes
how resumption PSKs are handled internally, so as to rely on the
same mechanisms where possible.
A socket is currently limited to only one External PSK at a time. If
the server doesn't find the same identity for the configured EPSK,
it will fall back to certificate authentication.
[a2293e897889]
* lib/freebl/mpi/mplogic.c:
cast in LZCNTLOOP
[96e65b2e9531]
* lib/freebl/freebl.gyp:
Use KRML_VERIFIED_UINT128 on MSVC builds
[abd50c862bdb]
2020-06-03 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_exporter_unittest.cc, lib/ssl/sslinfo.c,
lib/ssl/tls13con.c:
Bug 1643123 - Allow External PSKs to be used with Early Export
[46ef0c025cfc]
2020-06-02 Sylvestre Ledru <sledru@mozilla.com>
* lib/ssl/tls13con.c:
Bug 1642809 - Fix an assert (we need a comparison, not assignment)
r=kjacobs
[d0789cb32d8e]
2020-06-03 Mike Hommey <mh@glandium.org>
* cmd/shlibsign/Makefile:
Bug 1642153 - Avoid infinite recursion when CHECKLOC is not set.
r=jcj
[e955ece90b05]
2020-06-03 Martin Thomson <mt@lowentropy.net>
* gtests/ssl_gtest/ssl_auth_unittest.cc,
gtests/ssl_gtest/ssl_resumption_unittest.cc, lib/ssl/tls13con.c:
Bug 1642871 - Allow tickets and PHA after resumption, r=kjacobs
The first part of this is fairly simple: we accidentally disabled
sending of session tickets after resumption.
The second part is much less obvious, because the spec is unclear.
This change takes the interpretation that it is OK to use post-
handshake authentication if the handshake is resumed, but not OK if
the handshake is based on a PSK. (This is based on a first-
principles understanding of resumption being a continuation of a
certificate-based connection rather than a reading of the spec, see
the bug for why the spec appears to be unhelpful on this point.)
This still prohibits the use of post-handshake authentication if an
external PSK was used, but that is more an abundance of caution than
anything principled.
[e9502f71b7fe]
2020-06-04 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/ssl_gtest/ssl_exporter_unittest.cc, lib/ssl/sslinfo.c,
lib/ssl/tls13con.c:
Bug 1643123 - Allow External PSKs to be used with Early Export r=mt
This patch adjusts `tls13_exporter` to pull the hash algorithm from
the first PSK when a suite is not configured yet, which allows early
export with external PSKs.
[d211f3013abb]
Differential Revision: https://phabricator.services.mozilla.com/D78578
We will eventually have a solution for what FOG does for Gecko when not in
Firefox Desktop, but for now skip the Android question entirely.
Differential Revision: https://phabricator.services.mozilla.com/D77854
Version of NSS >= 3.27 have a pkg-config file. We're now requiring 3.53,
so while moving, just use pkg-config, which is simpler.
The old-configure check that rejected some untested platforms for
in-tree NSS is actually rejecting none: the accepted platforms cover all
the supported ones, so we remove that check.
And because building with system NSS without system NSPR doesn't make
sense, imply the latter when the former is used.
Differential Revision: https://phabricator.services.mozilla.com/D77428
--enable-hardware-aec-ns option does nothing so it is deleted too.
removed `hardware_aec_ns` from gyp vars since it is never used
Differential Revision: https://phabricator.services.mozilla.com/D75798
Now that we've landed all the pieces for Rust `storage.sync`, and
intend to ship it for everyone in 78, we don't need to hide it behind a
build flag. Setting the `webextensions.storage.sync.kinto` pref to
false toggles the new Rust backend at runtime.
Differential Revision: https://phabricator.services.mozilla.com/D75872
iOS support for Gecko has not been tested in years and is most probably
out of date. The build system part of it, specifically the checks in
build/autoconf/ios.m4, are not trivial to port to python configure, and
they prevent other things from moving to python configure (because some
of them change value when MOZ_IOS is set).
The code is left alone, although it could probably be stripped off as
well, but I'll leave that as an exercise for someone else.
Differential Revision: https://phabricator.services.mozilla.com/D75463
Now that upstream winchecksec builds and works natively on Linux, use
that. That should solve the random crashes under Wine. If random crashes
still happen, it will be easier to debug anyways.
We bump to the last version that doesn't use vcpkg because vcpkg makes
things more difficult.
Differential Revision: https://phabricator.services.mozilla.com/D73405
Now that upstream winchecksec builds and works natively on Linux, use
that. That should solve the random crashes under Wine. If random crashes
still happen, it will be easier to debug anyways.
We bump to the last version that doesn't use vcpkg because vcpkg makes
things more difficult.
Differential Revision: https://phabricator.services.mozilla.com/D73405
Hooray, our first Application Services Rust component! This is a
mechanical run of `mach vendor rust`, split out into its own commit
to make reviewing the Firefox bindings easier.
Differential Revision: https://phabricator.services.mozilla.com/D71895
Hooray, our first Application Services Rust component! This is a
mechanical run of `mach vendor rust`, split out into its own commit
to make reviewing the Firefox bindings easier.
Differential Revision: https://phabricator.services.mozilla.com/D71895
This also upgrades the vendored Glean version, which thanks to our
upstream work doesn't change anything else (except one small
Mozilla-developed dependency)
It's still feature-gated to nightly.
In C++ there's now a `MOZ_GLEAN` define.
For Rust it's behind the `glean` feature (enabled on nightly only).
The `fog` crate is empty, so no Glean is actually instantiated.
Differential Revision: https://phabricator.services.mozilla.com/D68539
--HG--
rename : third_party/rust/glean-preview/src/metrics/mod.rs => toolkit/components/glean/src/lib.rs
extra : moz-landing-system : lando
This also upgrades the vendored Glean version, which thanks to our
upstream work doesn't change anything else (except one small
Mozilla-developed dependency)
It's still feature-gated to nightly.
In C++ there's now a `MOZ_GLEAN` define.
For Rust it's behind the `glean` feature (enabled on nightly only).
The `fog` crate is empty, so no Glean is actually instantiated.
Differential Revision: https://phabricator.services.mozilla.com/D68539
--HG--
rename : third_party/rust/glean-preview/src/metrics/mod.rs => toolkit/components/glean/src/lib.rs
extra : moz-landing-system : lando
This includes several fixes required to build against musl libc.
Conflicts were resolved in 00-arm-exidx-rollup.patch and
10-json-upload.patch. 08-dont-add-sp-to-clobber-list.patch was
applied upstream and is no longer needed. The others applied cleanly.
breakpad_getcontext.S is now built conditionally based upon the
available of getcontext() from libc, rather than only on Android.
The profiler was updated to reflect this change.
Differential Revision: https://phabricator.services.mozilla.com/D67108
--HG--
rename : toolkit/crashreporter/breakpad-patches/09-gnu-alt-form-minimal-support.patch => toolkit/crashreporter/breakpad-patches/08-gnu-alt-form-minimal-support.patch
rename : toolkit/crashreporter/breakpad-patches/10-json-upload.patch => toolkit/crashreporter/breakpad-patches/09-json-upload.patch
rename : toolkit/crashreporter/google-breakpad/src/common/android/breakpad_getcontext.S => toolkit/crashreporter/google-breakpad/src/common/linux/breakpad_getcontext.S
rename : toolkit/crashreporter/google-breakpad/src/common/android/breakpad_getcontext_unittest.cc => toolkit/crashreporter/google-breakpad/src/common/linux/breakpad_getcontext_unittest.cc
extra : moz-landing-system : lando
CLOSED TREE
Backed out changeset 85ea1d36da66 (bug 1515451)
Backed out changeset 779bc1fa07ae (bug 1515451)
Backed out changeset 0c6771b60b76 (bug 1515451)
With this and all the previous changes, the necessary mozconfig for
local cross-builds only contains DIA_SDK_PATH, WINDOWSSDKDIR and
--target.
Differential Revision: https://phabricator.services.mozilla.com/D65295
--HG--
extra : moz-landing-system : lando
Nathan Froyd
Ricky Stewart
Cosmin Sabou
Dorel Luca
Alex Chronopoulos
Nick Alexander
Kevin Jacobs
Chris H-C
Mike Hommey
Ryan Kelly
Bogdan Tara
Emilio Cobos Álvarez
Cameron McCormack
Corentin Arnould
Chris AtLee
Lina Cambridge
Greg V
Andreea Pavel
Mihai Alexandru Michis
shravanrn@gmail.com
Brindusan Cristian
Jan-Erik Rediger
Razvan Maries
Michael Forney
Michael Froman
Ciure Andrei
Molly Howell
Adam Gashlin