b20021a33c
Merge m-c to inbound. a=merge
2014-10-02 13:14:06 -04:00
1e1716e492
Bug 1072382 - Remove version intolerance marker on inappropriate_fallback alert, r=keeler
2014-10-02 10:03:30 -07:00
5a257b83f9
Bug 1062709 (part 2) - Clean up stack printing and fixing. r=dbaron.
...
--HG--
extra : rebase_source : 18158d4474cb8826813a3866eba57b710e14db99
2014-09-01 22:56:05 -07:00
c9c64de53c
Bug 1062709 (part 1) - Add a frame number argument to NS_WalkStackCallback. r=dbaron.
...
--HG--
extra : rebase_source : 0f9b2d6310433ed56f5552706fcf2a96571aee25
2014-09-10 21:47:01 -07:00
2f89ed3295
bug 1045739 - (part 2/2) mozilla::pkix: test that revocation checking doesn't occur for expired certificates r=mmc
2014-10-01 10:20:31 -07:00
864c184e30
bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler
2014-08-14 12:02:55 -07:00
5fe316221d
Bug 1075686, pick up NSS 3.17.2 beta 1 to fix bug 1057161
2014-10-01 19:30:41 +02:00
b37ac43e39
merge fx-team to mozilla-central a=merge
2014-09-30 15:10:47 +02:00
3ac8cb4ccb
Bug 1073865 - Add missing SSL_ERROR l10n strings v1. r=dkeeler
2014-09-27 14:02:00 +02:00
886005b84a
Bug 787133 - (hpkp) Part 2/2. Tests r=keeler
2014-09-29 20:31:08 -07:00
579061de7c
Mac v2 signing - Bug 1060562 - Update xpcshell-tests for the new v2 bundle structure on OSX. r=jmaher
2014-09-29 11:51:29 -07:00
a310d15a38
No bug, Automated HPKP preload list update from host bld-linux64-spot-046 - a=hpkp-update
2014-09-27 03:16:58 -07:00
bca9d93656
No bug, Automated HSTS preload list update from host bld-linux64-spot-046 - a=hsts-update
2014-09-27 03:16:56 -07:00
fd860abf57
bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
2014-09-25 11:18:56 -07:00
863d5f9477
bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco
2014-09-25 11:08:36 -07:00
c2c7007b5f
Bug 787133 - (hpkp) Part 1/2. Header Parsing and interface within PSM. r=keeler, r=mcmanus
2014-09-03 10:24:12 -07:00
27ae4de9b6
Bug 1068000 - Add client side chrome.* pipe rule for Windows content sandbox. r=tabraldes
2014-09-16 15:44:25 +01:00
bc0c8885af
Merge m-c to inbound a=merge
2014-09-23 16:48:23 -07:00
47e158094b
Merge inbound to m-c a=merge
2014-09-23 15:30:38 -07:00
761fee2128
Bug 1064636, upgrade to NSS 3.17.1 release, r=rrelyea, a=lmandel
2014-09-23 21:28:23 +02:00
6b1b9962f5
Fix more bad implicit constructors in security, blanket-rs=bsmith, no bug
2014-09-23 09:13:26 -04:00
9fd62691c6
Bug 1069700 - Fix recursive crash when non-content children violate sandbox policy. r=kang
2014-09-18 18:17:00 -04:00
f07a938b7c
Bug 1045973 - sec_error_extension_value_invalid: mozilla::pkix does not accept certificates with x509v3 extensions in x509v1 or x509v2 certificates r=keeler
2014-09-23 16:48:54 -04:00
06b4f5bba9
bug 1060929 - mozilla::pkix: allow explicit encodings of default-valued BOOLEANs for compatibility r=briansmith
2014-09-22 09:26:10 -07:00
8818f4947f
Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb
2014-09-22 07:58:59 -07:00
2915e7de92
Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler
2014-09-22 07:58:59 -07:00
79a0a7362d
merge b2g-inbound to mozilla-central a=merge
2014-09-22 13:06:09 +02:00
2ae977b21b
merge mozilla-inbound to mozilla-central a=merge
2014-09-22 12:58:26 +02:00
976d004bf3
No bug, Automated HPKP preload list update from host b-linux64-ix-0007 - a=hpkp-update
2014-09-20 03:17:29 -07:00
c78690b02d
No bug, Automated HSTS preload list update from host b-linux64-ix-0007 - a=hsts-update
2014-09-20 03:17:26 -07:00
e160a6a6da
Bug 1059204 - Prepare verification code for reuse. r=rlb
2014-09-19 20:13:47 -07:00
cb0c9e468d
Bug 967977 - Add pref to disable session identifiers (session tickets and session IDs). r=dkeeler
2014-09-08 15:32:00 -04:00
c5500b85df
Bug 1065264: Use MOZILLA_PKIX_MAP_LIST to define mozilla::pkix::Result, r=keeler
...
--HG--
extra : rebase_source : a91f7ab118f802fed6441edf00a245fe90c8e506
2014-09-10 00:17:24 -07:00
ddb8aedc17
Bug 1065173: Move more NSS dependencies to pkixtestnss.cpp, r=keeler
...
--HG--
extra : rebase_source : 205fa72506e175c0fe418c5428675e754a86c820
2014-09-08 20:41:53 -07:00
d4a0b9e59c
Bug 1063031: Remove mozilla::pkix::test::NSSTest, r=keeler
...
--HG--
rename : security/pkix/test/gtest/nssgtest.cpp => security/pkix/test/gtest/pkixgtest.cpp
extra : rebase_source : 205faf2054134b3a7aecd55d53f73d19f2f86103
2014-08-31 20:42:28 -07:00
5043e01249
Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted
2014-10-03 14:55:03 -07:00
235b069e72
bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler
2014-08-20 16:30:16 -04:00
36ef87e623
Bug 1075991 - Tracking cause of inappropriate TLS version fallback, r=keeler
2014-10-03 11:01:24 -07:00
e3fc75fe11
Bug 1075991 - Remember version intolerance reason code, r=keeler
2014-10-03 11:01:24 -07:00
af2478ad59
Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler)
2014-10-02 16:45:13 -07:00
d44051d068
bug 1055238 - add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process r=rbarnes
2014-09-16 15:49:37 -07:00
76d5bfab7d
bug 1055238 - clean up nsNSSCertificateFakeTransport.{cpp,h} for style nits r=rbarnes
2014-09-16 13:24:13 -07:00
4782afddb6
Bug 787133 - (hpkp) testing of internal storage and idl r=keeler.
...
--HG--
extra : rebase_source : c4f83f38a3b8f293a1ca61f2f0a6f90df6ff7840
2014-09-12 14:59:37 -07:00
d790eb8f88
Bug 787133 - (hpkp) Internal storage of hpkp data. r=keeler.
...
--HG--
extra : rebase_source : 1ef88ab5ebcf9634bd1de76ec1c9543eb87d265b
2014-09-12 14:59:37 -07:00
db0e8cfdbd
bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc
2014-09-12 13:20:43 -07:00
9a1ec24aef
Bug 1067565 - Built-in pins expires decades later. r=keeler
2014-09-15 17:17:12 -07:00
4728b78382
bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj
2014-09-15 19:46:14 -04:00
6e187f49f8
Merge m-c to inbound a=merge
2014-09-15 16:41:45 -07:00
bed71c1658
No bug, Automated HPKP preload list update from host bld-linux64-spot-318 - a=hpkp-update
2014-09-15 14:35:39 -07:00
cc3388a150
No bug, Automated HSTS preload list update from host bld-linux64-spot-318 - a=hsts-update
2014-09-15 14:35:37 -07:00
dce41c469b
bug 973048 - follow-up to add another missed #include r=bustage on a CLOSED TREE
2014-09-15 13:50:18 -07:00
c6dc096f07
bug 973048 - follow-up to add #include for ScopedPtr r=bustage on a CLOSED TREE
2014-09-15 13:02:47 -07:00
4113b4b466
bug 973048 - replace nsNSSCleaner with Scoped types r=rbarnes
2014-09-15 12:31:43 -07:00
d557d05d44
merge m-i to m-c a=merge
2014-09-12 15:07:38 +02:00
7d604b16de
No bug, Automated HPKP preload list update from host bld-linux64-spot-021 - a=hpkp-update
2014-09-11 20:51:37 -07:00
44fa5fca8f
No bug, Automated HSTS preload list update from host bld-linux64-spot-021 - a=hsts-update
2014-09-11 20:51:35 -07:00
ccbb9be8bc
Bug 1050518 - Remove nsICertificatePrincipal. r=keeler
2014-09-10 20:31:00 -04:00
61056aa4db
Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj
2014-09-10 12:36:17 +01:00
33eaabbf1f
Bug 1063455 - Define MOZ_STACKWALKING when NS_StackWalk is available and replace other instances of the same #if logic. r=mshal, r=froydnj
2014-09-08 18:25:20 +01:00
c857f8e0f4
Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler
...
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
2014-08-31 19:42:36 -07:00
030872a85c
Bug 1063013, Part 3: Move dependencies on pkixnss to pkixtestnss, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : b22bd341a5c72ba87efcf23a4e048bba8adf1544
2014-08-31 19:16:26 -07:00
18c10a4998
Bug 1063013, Part 2: Remove unnecessary pkixnss dependency from pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e91ec652edc54255cd29871c91550c3ee49438c5
2014-08-31 19:04:15 -07:00
06a6c4e0be
Bug 1063013, Part 1: Remove pkixnss dependency from pkixtestutil.cpp, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e55c2e0c73a59b84629d071a64d8597ec5cc56ae
2014-09-04 17:21:28 -07:00
8dbcf66d66
Bug 1063006: Centralize direct use of NSS for crypto in the mozilla::pkix test suite, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : 93515d39abf91168fa86268f9b26f8c62d0d411e
2014-08-31 17:47:09 -07:00
ba3ad3aa0e
Bug 1059924, Part 2: Test that the high tag number form is rejected, r=keeler
...
--HG--
extra : rebase_source : 66793ce13ed8635cd47051fc2c93651d6936614e
2014-08-21 15:48:40 -07:00
af04cea2d8
Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo
...
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
2014-08-29 10:11:00 +02:00
bd73520e3c
Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith
2014-09-08 20:47:36 -04:00
d577ecb4c1
bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc
2014-09-08 09:33:03 -07:00
75dcdffdac
merge mozilla-inbound to mozilla-central a=merge
2014-09-08 15:22:16 +02:00
fb37ddfbb4
No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update
2014-09-06 03:17:54 -07:00
335a88aab5
No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update
2014-09-06 03:17:51 -07:00
ca62a34614
Merge inbound to m-c a=merge
2014-09-05 19:04:52 -07:00
573218568c
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso)
2014-09-05 12:04:26 -07:00
a9431992d5
Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes
2014-09-03 10:31:53 +01:00
702384684c
bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes
2014-09-05 11:04:22 -07:00
2c36fac925
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler)
2014-09-05 12:04:26 -07:00
f19448274c
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
a37dba0312
Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage
...
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
2014-09-04 15:53:07 -07:00
418571330e
Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco
...
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
2014-08-31 22:03:22 -07:00
4170cfe622
Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler
...
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
2014-08-30 23:30:20 -07:00
6e2797899e
Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
2014-08-30 23:27:15 -07:00
26f076840d
Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler
...
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
2014-09-01 19:23:01 -07:00
1966d956d1
Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler
...
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
2014-08-30 23:09:18 -07:00
c7a8deb8a0
Bug 1061021, Part 13: Remove Output class, r=keeler
...
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
2014-08-30 20:47:58 -07:00
5419f381e4
Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
...
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
2014-08-30 20:42:19 -07:00
c697d86d9d
Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
2014-08-30 19:55:52 -07:00
dedfff0a81
Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler
...
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
2014-08-30 19:16:24 -07:00
d1e3997695
Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler
...
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
2014-08-30 18:00:02 -07:00
a67503eadb
Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler
...
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
2014-08-30 17:47:22 -07:00
24aa747308
Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
2014-08-30 17:40:41 -07:00
653ade1f65
Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler
...
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
2014-08-30 17:00:16 -07:00
3c92292236
Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler
...
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
2014-08-30 16:49:49 -07:00
61df71edb6
Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler
...
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
2014-08-30 16:33:47 -07:00
314958b44f
Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler
...
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
2014-08-30 16:15:11 -07:00
f854a1e2f2
Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler
...
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
2014-08-30 16:07:16 -07:00
8b26ecac0b
Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler
...
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
2014-08-30 23:11:23 -07:00
a6be0bc849
Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler
...
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
2014-09-02 22:03:30 -07:00
a891fc79d8
Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler
...
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
2014-08-29 16:06:38 -07:00
d219ed0d80
bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith
2014-09-04 10:42:31 -07:00
a250e4de47
bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith
2014-09-03 10:12:55 -07:00
Ryan VanderMeulen
Martin Thomson
Nicholas Nethercote
David Keeler
Brian Smith
Kai Engert
Carsten "Tomcat" Book
Cykesiopka
Camilo Viecco
Stephen Pohl
ffxbld
Bob Owen
Wes Kocher
Ehsan Akhgari
Jed Davis
Richard Barnes
Vlatko Markovic
Robin Thunell
Arthur Edelstein
Patrick McManus
Monica Chew
Trevor Saunders
Giovanni Sferro