Граф коммитов

9527 Коммитов

Автор SHA1 Сообщение Дата
Bob Owen d65b604e3b Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes 2015-05-06 10:11:56 +01:00
L. David Baron d8275d9234 Back out changeset a02ea85607a2 (bug 1038072) for widespread test failures (at least Linux, Android, and Mulet), on a CLOSED TREE. 2015-05-06 09:58:55 +02:00
Daniel Veditz a956162b00 Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler
--HG--
extra : rebase_source : 3afa62b566718cfbfaaf53765d385187388e83e5
2015-05-05 20:21:00 +02:00
Kai Engert c0e295b256 Bug 1144055, Upgrade Firefox to use NSS 3.19, landing NSS_3_19_RTM 2015-05-04 21:34:38 +02:00
Cykesiopka f7b3a781d8 Bug 1153446 - Replace instances of double spacing with single spacing in nsserrors.properties. r=dkeeler 2015-05-01 02:40:00 +02:00
Phil Ringnalda 0dc457eba2 Merge m-i to m-c, a=merge 2015-05-02 10:02:17 -07:00
ffxbld ba8964f0c6 No bug, Automated HPKP preload list update from host bld-linux64-spot-137 - a=hpkp-update 2015-05-02 03:30:49 -07:00
ffxbld aaf9d7d061 No bug, Automated HSTS preload list update from host bld-linux64-spot-137 - a=hsts-update 2015-05-02 03:30:48 -07:00
Mike Hommey 924c9eb636 Bug 1134923 - Remove NS_Alloc/NS_Realloc/NS_Free. r=nfroyd
They are kept around for the sake of the standalone glue, which is used
for e.g. webapprt, which doesn't have direct access to jemalloc, and thus
still needs a wrapper to go through the xpcom function list and get to
jemalloc from there.
2015-05-01 09:40:30 +09:00
Nicholas Nethercote c8ff2d51c8 Bug 1159972 - Remove the fallible version of PL_DHashTableInit(). r=froydnj.
It's no longer needed now that entry storage isn't allocated there. (The other
possible causes of failures in that function are less interesting and simply
crashing is a reasonable thing to do for them.)

This also makes PL_DNewHashTable() infallible, so I removed some
now-unnecessary checks of its result.

--HG--
extra : rebase_source : 4c6ab0c449bc18e8bace8bf036b5bd78d3a2f1c4
2015-04-29 16:38:29 -07:00
Bob Owen 2343aee19b Bug 1150515: Set the subsystem to WINDOWS,5.02 for wow_helper so that it runs on WinXP 64-bit. r=glandium 2015-04-30 09:48:03 +01:00
Masatoshi Kimura 8beb5af44d Bug 1145844 - Update fallback whitelist. r=keeler 2015-04-29 13:48:53 +09:00
Andrew Bartlett ca3e5326e2 Bug 734229 - Partially address by refusing to re-negotiate on NTLM. r=mayhemer, r=keeler
Now only one NTLM Negotiate packet will be sent per connection, rather
than again after a failed authentication.  The problem situation is
triggered due to failed Negotiate authentication, and is probably more
complex.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>

--HG--
extra : rebase_source : dc2bac8a3b7dab5e774dcfb9ce33b73c7233d686
2014-11-28 11:34:06 +13:00
David Major ebde6b9f4f Bug 1157835: Remove the MSVC_ENABLE_PGO flag from the build system. r=glandium
--HG--
extra : rebase_source : 0c47c99bb8b92f8361a51fd81b20a2cc8647a986
2015-04-27 19:59:27 -04:00
Carsten "Tomcat" Book 596e5f9960 merge fx-team to mozilla-central a=merge 2015-04-27 12:34:03 +02:00
Carsten "Tomcat" Book 107708af7c merge mozilla-inbound to mozilla-central a=merge 2015-04-27 12:00:14 +02:00
ffxbld 2ecabecaa7 No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update 2015-04-25 03:32:33 -07:00
ffxbld d0e7b73b16 No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update 2015-04-25 03:32:31 -07:00
Jed Davis 89c80effa2 Bug 1154184 - Don't use Linux sandbox gtest dir if not building tests. r=gps 2015-04-24 17:36:08 -07:00
Dave Townsend 7b5d12ad46 Bug 1038068: Check add-on signatures and refuse to install unsigned or broken add-ons (preffed off for now). r=dveditz
--HG--
extra : source : 3b48e1a81a170634dce964cd462c752d09680805
2015-03-31 11:32:40 -07:00
Carsten "Tomcat" Book cdf101ec43 merge mozilla-inbound to mozilla-central a=merge 2015-04-24 14:37:13 +02:00
Richard Barnes ee333796b2 Bug 1121982 - Update PSM to use NSS name constraints 2015-04-23 20:26:29 -04:00
Fabrice Desré 471d07992f Bug 1144600 - Don't crash when submitting <keygen> on b2g r=dkeeler 2015-04-23 13:35:49 -07:00
Blake Kaplan 24f35dfe49 Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
--HG--
extra : rebase_source : 11fb8b1c1a3044b82668136f4cfec4c758d9270c
2015-04-22 12:55:23 -07:00
Steven Michaud acb448f5f9 Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald 2015-04-22 14:56:09 -05:00
David Keeler a4f79b207d bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes
Also remove certificates where notBefore is on or after 1 April 2015.
2015-04-21 16:07:33 -07:00
Nathan Toone 0343243a12 Bug 1124076 followup - fix the build when PR_LOGGING is not defined. r=mrbkap 2015-04-23 13:24:57 -07:00
David Keeler 6c532d910b bug 1081128 - test_pinning.js takes ~300 seconds on b2g debug emulator - request a longer timeout for it r=Cykesiopka
--HG--
extra : amend_source : 9ba64939a0f277c9407f47731186cfea4da64774
2015-04-22 11:06:36 -07:00
Kai Engert 9470ab9873 Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, r=nss-confcall 2015-04-23 21:16:20 +02:00
Francois Marier 17b87281f2 Bug 1147212 - Add support for goog-unwanted-shavar. r=gcp,r=matej,r=smaug
--HG--
rename : toolkit/components/url-classifier/tests/mochitest/evilWorker.js => toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js
extra : rebase_source : efe09564160fb2fcb1adb5f6599183f053268c40
2015-04-22 21:01:37 +12:00
Carsten "Tomcat" Book ed2915b75f Backed out changeset 7f3cf84c11a9 (bug 1124076) for bustage on a CLOSED TREE 2015-04-22 13:44:23 +02:00
Blake Kaplan 3a94be560c Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
--HG--
extra : rebase_source : 00240091ae66180390a76a9613a4215cf591401d
2015-04-21 14:56:00 +02:00
Ehsan Akhgari 399276d5fc Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
2015-04-21 21:40:49 -04:00
André Reinald ec1aede15a Bug 1150765 - Add sandbox rules to allow hardware rendering of OpenGL on Mac. r=smichaud
--HG--
extra : rebase_source : 1fa38a01840f24b63f27254d434c9e0bc3382309
2015-04-21 11:17:16 +02:00
Patrick McManus 04795f03be bug 1153212 - Alt-Svc Fixes r=dkeeler r=hurley 2015-04-13 17:11:59 -04:00
Kai Engert 803079473a Bug 1144055, Upgrade Firefox 39 to use NSS 3.19, NSS_3_19_BETA4 to pick up bug 1155279 2015-04-20 21:46:19 +02:00
Phil Ringnalda 7d4e804ec6 Merge m-i to m-c, a=merge 2015-04-18 16:36:32 -07:00
ffxbld a178fd47b7 No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update 2015-04-18 03:29:47 -07:00
ffxbld aa4085d52f No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update 2015-04-18 03:29:45 -07:00
David Keeler e69f0f4b4b bug 1150114 - allow PrintableString to match UTF8String in name constraints checking r=briansmith 2015-04-08 16:17:39 -07:00
Kai Engert c2568b80a0 Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall 2015-04-17 13:49:43 +02:00
Neil Deakin af1ece91c4 Bug 1153248, re-enable a bunch of tests that now work with e10s, r=billm 2015-04-16 15:38:12 -04:00
David Keeler 5ff51a7744 bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes 2015-04-07 17:29:05 -07:00
Kai Engert d15620fcea Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA3, r=nss-confcall 2015-04-17 18:43:30 +02:00
David Keeler 81764496cd bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past 2015-03-25 11:04:49 -07:00
Brian Smith 95bd8011e6 Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler
--HG--
extra : rebase_source : caf903d29b0adc22fcc7e87e4fa0019cfa48007e
2015-04-14 05:33:03 -10:00
Brian Smith f124561818 Bug 1154399 - Part 3: Simplify OptionalExtensions. r=keeler
We used to avoid using Nested and NestedOf because they were based on
bind and it was difficult to maintain our std::bind polyfill. Now that
we use lambdas, it is easy to use Nested and NestedOf, so we should do
so wherever it makes the code clearer.

--HG--
extra : rebase_source : 1157d16320b3b211e3ce612b75782e8bd9c55f30
2015-04-14 05:32:46 -10:00
Brian Smith d09798e9f5 Bug 1154399 - Part 2: Simplify and un-inline OptionalVersion. r=keeler
Also fixes the wrong comment. The syntax for version in OCSP and X.509
certs is identical.

--HG--
extra : rebase_source : 744a2998ce8c55a61fbbc1966bc22e4903fa2484
2015-04-14 05:32:29 -10:00
Brian Smith 0cac719ba9 Bug 1154399 - Part 1: De-templatize and un-inline IntegralValue. r=keeler
--HG--
extra : rebase_source : 899eaed19b13edc9c257f0ab212d447bb54e607d
2015-04-14 05:06:41 -10:00
Nathan Froyd 5389bbbf54 Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase.  For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
2015-02-27 12:50:49 -05:00