Currently the Gecko Profiler defines a moderate amount of stuff when
MOZ_GECKO_PROFILER is undefined. It also #includes various headers, including
JS ones. This is making it difficult to separate Gecko's media stack for
inclusion in Servo.
This patch greatly simplifies how things are exposed. The starting point is:
- GeckoProfiler.h can be #included unconditionally;
- everything else from the profiler must be guarded by MOZ_GECKO_PROFILER.
In practice this introduces way too many #ifdefs, so the patch loosens it by
adding no-op macros for a number of the most common operations.
The net result is that #ifdefs and macros are used a bit more, but almost
nothing is exposed in non-MOZ_GECKO_PROFILER builds (including
ProfilerMarkerPayload.h and GeckoProfiler.h), and understanding what is exposed
is much simpler than before.
Note also that in BHR, ThreadStackHelper is now entirely absent in
non-MOZ_GECKO_PROFILER builds.
Before this patch, if a user set their TLS version range preferences to only
allow TLS 1.3, any connections made with the BE_CONSERVATIVE flag or via the
telemetry studies flags would fail because we would attempt to set an
inconsistent TLS version range (the minimum was greater than the maximum). This
fixes that by setting the minimum to the flag-configured maximum. This
intentionally overrides the user's preferences because it is in the context of
browser-critical services (i.e. update servers) or telemetry studies.
MozReview-Commit-ID: 1kKE5nOVQz8
--HG--
extra : rebase_source : 047aa03f401d75aba3f6c5f4c572d2cc451a329e
The PRFileDesc* returned by PR_PopIOLayer must be used rather than a preexisting
pointer to the layer in question.
MozReview-Commit-ID: 8PsCA5npaj6
--HG--
extra : rebase_source : 7488d70ffd428b103ae51d1ebcf15745acd9bf12
Move constructors are more appropriate for these classes, since the
underlying hashtable code will be moving them around, not copying them.
We can take this opportunity to fix a bug in nsClientAuthRememberEntry:
it wasn't transferring the value of mEntryKey, which would have been
disastrous if the underlying hash table was ever resized.
Incidentally, this means we can remove certificateUsageVerifyCA and
certificateUsageStatusResponder from CertVerifier, since we no longer use them.
MozReview-Commit-ID: Bbqn8fShfTm
--HG--
extra : rebase_source : 012cb08dcbe33fe889c9f6824959b1a02cd0bdc7
In bug 1386754 we disabled 3DES after determining that it had a similar-ish
usage level as RC4. We gathered compatibility reports and telemetry for the last
two months and see that while 3DES usage is fairly low, it is the only
ciphersuite available for a variety of websites, including many government
systems.
3DES, while legacy, is not known to be insecure. Therefore, we're going to call
this experiment complete, use the collected WebCompat issues from Bug 1386908
for future reference, and re-enable 3DES.
MozReview-Commit-ID: 3lY1zHLNO9l
--HG--
extra : rebase_source : ecb51c6dbc6862991083b1f46920d86d7480582f
Sebastian Hengst
ffxbld
Nicholas Nethercote
David Keeler
Nathan Froyd
Wes Kocher
Kai Engert
Mark Goodwin
J.C. Jones
Kris Maglione