bcf400ed70
No bug, Automated HPKP preload list update from host bld-linux64-spot-324 - a=hpkp-update
2018-01-12 10:58:23 -08:00
600c92d089
No bug, Automated HSTS preload list update from host bld-linux64-spot-324 - a=hsts-update
2018-01-12 10:58:19 -08:00
508c6b8852
No bug, Automated HPKP preload list update from host bld-linux64-spot-326 - a=hpkp-update
2018-01-11 11:24:52 -08:00
74d31a9bf9
No bug, Automated HSTS preload list update from host bld-linux64-spot-326 - a=hsts-update
2018-01-11 11:24:48 -08:00
f7400ad72e
Merge inbound to mozilla-central r=merge a=merge
2018-01-11 11:54:56 +02:00
e97980a95e
Bug 1424917 - Remove support for HSTS Priming. r=mayhemer, r=ckerschb
...
This patch removes support and tests for HSTS priming from the tree.
2018-01-10 11:07:00 -05:00
5e902ff6cd
Backed out changeset 28f876e75d47 (bug 1417680)for failing GTest
...
--HG--
extra : rebase_source : 2890c797a7cf05d6e82d84e64fd4cd5ed6ec5eb9
2018-01-11 02:56:49 +02:00
8c8754b21f
Bug 1428538 - Use UTF-8 file paths for NSS database. r=keeler
2017-12-28 20:56:33 +09:00
ccebfc1873
Merge mozilla-central to autoland r=merge
2018-01-11 00:03:38 +02:00
59fa32fd74
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-01-10 11:13:16 -08:00
69f2798cbe
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-01-10 11:13:12 -08:00
fb578c1b74
Merge mozilla-central to inbound. r=merge a=merge on a CLOSED TREE
2018-01-10 02:02:13 +02:00
3c8c1653f7
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-01-09 11:06:09 -08:00
782a0a23af
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-01-09 11:06:06 -08:00
a881c4a167
Bug 1403844 - Verify COSE signature on add-ons, r=keeler
...
Summary:
MozReview-Commit-ID: 6YorBs4mY8B
Check for COSE signatures in add-ons.
Reviewers: keeler
Bug #: 1403844
Differential Revision: https://phabricator.services.mozilla.com/D298
--HG--
rename : security/manager/ssl/tests/unit/test_signed_apps/cose_multiple_signed.zip => security/manager/ssl/tests/unit/test_signed_apps/cose_multiple_signed_with_pkcs7.zip
rename : security/manager/ssl/tests/unit/test_signed_apps/cose_signed.zip => security/manager/ssl/tests/unit/test_signed_apps/cose_signed_with_pkcs7.zip
rename : third_party/rust/cose/src/cbor/mod.rs => third_party/rust/moz_cbor/src/lib.rs
extra : rebase_source : 0494590eb222e2c936e353e4dd6cf9fac8d822f3
2018-01-08 11:46:51 +01:00
3ba27ce458
Bug 1428918 - Enable Web Authentication in Nightly r=keeler,smaug
...
In advance of enabling Web Authentication in Firefox 60 [1], let's turn it on
for Nightly users.
[1] https://groups.google.com/forum/#!msg/mozilla.dev.platform/tsevyqfBHLE/lccldWNNBwAJ
MozReview-Commit-ID: ALyjBwojKtA
--HG--
extra : rebase_source : c51aef6bf12e1e26faa3d86269132eef7057c889
2018-01-08 18:37:35 -07:00
0c092c0ffe
bug 1428498 - don't require importing the server certificate for overrides to succeed r=jcj
...
Previously, adding a permanent certificate error override would depend on
successfully importing the server's certificate into the user's certificate
database. Consequently, if the user's database were in read-only mode (or if the
database couldn't be created due to code page issues on Windows), this would
prevent adding new certificate error overrides. It turns out this isn't even
necessary, because the implementation relies on the stored hash of the
certificate rather than the certificate itself. The stored certificate is only
for display purposes (and there's a fallback if the certificate can't be
stored).
There are remaining issues with non-ASCII characters in 8.3 paths on Windows
when the code page isn't western, but this is a larger issue that must be
addressed in other layers (i.e. NSS/NSPR).
MozReview-Commit-ID: KEzjxtAoeb4
--HG--
rename : security/manager/ssl/tests/unit/test_cert_overrides.js => security/manager/ssl/tests/unit/test_cert_overrides_read_only.js
extra : rebase_source : b41e863d8c85d80335dd56c8f5765b19b1de4e0c
2018-01-04 11:31:22 -08:00
4f97a97069
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-01-07 11:04:07 -08:00
80e05c0b9a
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-01-07 11:04:03 -08:00
9a6945c623
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2018-01-06 11:09:40 -08:00
892f4bd3a1
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2018-01-06 11:09:36 -08:00
0f63741b8e
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2018-01-05 12:22:25 -08:00
0046f0f438
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2018-01-05 12:22:21 -08:00
a2f5eacf1f
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2018-01-04 14:13:48 -08:00
df3bec329c
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2018-01-04 14:13:44 -08:00
ac67a1c73c
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2018-01-03 14:38:40 -08:00
f4ac363948
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2018-01-03 14:38:36 -08:00
770685e15e
Bug 1425688 - Enable ESLint rule mozilla/use-services for security/. r=gcp,keeler
...
MozReview-Commit-ID: 4Kd9L8ExNGl
--HG--
extra : rebase_source : 02a5242629c7b597d7fd4e5e1373781fcbb82905
2017-12-16 13:10:40 -06:00
d8534b8f72
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2018-01-01 12:43:20 -08:00
0a2ba4b6b2
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2018-01-01 12:43:16 -08:00
223ae3afdc
No bug, Automated HPKP preload list update from host bld-linux64-spot-033 - a=hpkp-update
2017-12-31 22:11:20 -08:00
9cb7fb2148
No bug, Automated HSTS preload list update from host bld-linux64-spot-033 - a=hsts-update
2017-12-31 22:11:16 -08:00
dd07d453a1
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-12-30 13:43:47 -08:00
c510020205
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-12-30 13:43:44 -08:00
42fc6a7ffa
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-12-29 15:38:33 -08:00
8195cf9180
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-12-29 15:38:29 -08:00
65b3bb229e
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-28 11:09:38 -08:00
33bbc65536
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-28 11:09:34 -08:00
6c33dde6ca
Backed out 2 changesets (bug 1425688) on request from jorgk for breaking the Certificate Manager r=backout a=backout
...
Backed out changeset f73324a4d033 (bug 1425688)
Backed out changeset bd2bf7b7fead (bug 1425688)
2017-12-28 15:26:09 +02:00
257b1043cb
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-27 11:02:53 -08:00
3fb919b0ad
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-27 11:02:49 -08:00
0ab5eb206e
No bug, Automated HPKP preload list update from host bld-linux64-spot-303 - a=hpkp-update
2017-12-26 10:57:37 -08:00
f305f918c6
No bug, Automated HSTS preload list update from host bld-linux64-spot-303 - a=hsts-update
2017-12-26 10:57:33 -08:00
2fd2c44b24
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-25 10:35:57 -08:00
245024e56a
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-25 10:35:54 -08:00
4194d5dc45
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-24 10:42:34 -08:00
a72af473e1
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-24 10:42:31 -08:00
b1c15473e8
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-23 10:38:20 -08:00
4f04e9c623
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-23 10:38:17 -08:00
56c9489582
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-22 10:35:04 -08:00
c8bb922a65
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-22 10:35:01 -08:00
610ad46e20
Merge Autoland to mozilla-central r=merge a=merge
2017-12-22 00:15:51 +02:00
60a54d3ea6
No bug, Automated HPKP preload list update from host bld-linux64-spot-324 - a=hpkp-update
2017-12-21 10:34:39 -08:00
54e9b9f089
No bug, Automated HSTS preload list update from host bld-linux64-spot-324 - a=hsts-update
2017-12-21 10:34:36 -08:00
0f55cd45be
Bug 1421992 - script-generated patch to replace do_execute_soon, do_print and do_register_cleanup with executeSoon, info and registerCleanupFunction, rs=Gijs.
2017-12-21 11:10:23 +01:00
032c961e0a
Bug 1421992 - script-generated patch to replace do_check_* functions with their Assert.* equivalents, rs=Gijs.
2017-12-21 11:08:17 +01:00
1c0199be67
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-20 10:37:32 -08:00
e95c193a16
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-20 10:37:28 -08:00
32a0630b56
Bug 1418752 - Firefox instahang on start after landing patch from bug #1392841.vr=honzab
...
Initialize in advance all security services whose initialization on background thread could cause a deadlock.
--HG--
extra : rebase_source : 399f9acf736f9a06665d45a71b354076c1b85fa6
2017-12-19 21:08:15 -05:00
9ac9aa3461
Merge mozilla-central to inbound. r=merge a=merge on a CLOSED TREE
2017-12-20 00:17:00 +02:00
f64b319956
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-19 10:36:42 -08:00
f3af52924b
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-19 10:36:38 -08:00
da627bdc03
Bug 1420060 - land NSS 04fc9a90997b UPGRADE_NSS_RELEASE, r=me
...
MozReview-Commit-ID: 5VMV4wtzMKA
--HG--
extra : rebase_source : 43ea63a50d243bcc46fbae3b65f5d117e8fba771
2017-12-19 15:26:12 +01:00
0d3cfac1b7
Backed out changeset 5eff2c0351a9 (bug 1418752) for marionette harness fails on OS X at /builds/worker/workspace/build/src/netwerk/base/nsNetUtil.cpp:2669 r=backout on a CLOSED TREE
2017-12-18 19:50:00 +02:00
6c2705da74
Bug 1418752 - Firefox instahang on start after landing patch from bug #1392841 , r=honzab
...
Initialize in advance all security services whose initialization on background thread could cause a deadlock.
2017-12-15 05:45:00 +02:00
869f194506
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-17 10:58:36 -08:00
c9d95edd9f
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-17 10:58:33 -08:00
0e3e215a27
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-16 10:39:43 -08:00
d762c29622
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-16 10:39:40 -08:00
27da53bcf6
bug 1425032 - use new "cancel all connections" notification for PKCS#11 logout r=mgoodwin
...
When the user performs a PKCS#11 logout, we need to cancel all in-progress
network connections. Before this patch, PSM would track all the sockets it
created to implement this feature. However, bug 1411316 added the ability to
cancel these connections by sending the notification
"net:cancel-all-connections". This patch removes the now-unnecessary tracking
machinery in favor of delegating this to necko.
MozReview-Commit-ID: 7IzC14bH2R4
--HG--
extra : rebase_source : 57ff2121a2395cb2b012785ec3a11f75d923e675
2017-12-13 17:41:02 -06:00
eea8fcf5e8
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-12-15 11:20:42 -08:00
cce9ab656b
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-12-15 11:20:38 -08:00
e5088d2dbb
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-15 11:02:59 -08:00
b18ce43492
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-15 11:02:55 -08:00
b73dac9611
Merge autoland to mozilla-central. r=merge a=merge on a CLOSED TREE
2017-12-15 03:43:08 +02:00
4c5305936a
No bug, Automated HPKP preload list update from host bld-linux64-spot-306 - a=hpkp-update
2017-12-14 11:19:41 -08:00
96bf1438a5
No bug, Automated HSTS preload list update from host bld-linux64-spot-306 - a=hsts-update
2017-12-14 11:19:38 -08:00
7fccec6502
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-12-14 10:39:44 -08:00
5d995473be
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-12-14 10:39:40 -08:00
95159e1851
bug 1424392 - remove unnecessary nsINSSComponent usage in nsNSSCallbacks r=mgoodwin
...
PK11PasswordPromptRunnable::RunOnTargetThread instantiates nsINSSComponent and
calls GetPIPNSSBundleString/PIPBundleFormatStringFromName to get some localized
strings. Since that runs on the main thread, we can call the helpers in
nsNSSCertHelper instead.
MozReview-Commit-ID: GsHoGDKBKdB
--HG--
extra : rebase_source : 7c18498ad0d01ab01f6e7d8c3d2ccdb1d6e20734
2017-12-08 14:07:04 -08:00
c958fc3b7b
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-12-13 12:01:21 -08:00
1377bf03a3
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-12-13 12:01:17 -08:00
354a4163c6
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-12-13 11:24:25 -08:00
2db6eb28d0
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-12-13 11:24:21 -08:00
4551f2e31e
Merge inbound to mozilla-central r=merge a=merge
2017-12-12 23:58:36 +02:00
01c7631757
No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update
2017-12-12 12:10:25 -08:00
561b61d3ff
No bug, Automated HSTS preload list update from host bld-linux64-spot-035 - a=hsts-update
2017-12-12 12:10:21 -08:00
fc20a5a0ab
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-12-12 11:23:12 -08:00
4338c47957
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-12-12 11:23:09 -08:00
7a8fc93f68
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2017-12-11 12:07:39 -08:00
00d93b43c8
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2017-12-11 12:07:35 -08:00
cba1cda89a
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-12-11 11:37:07 -08:00
2077079b20
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-12-11 11:37:03 -08:00
b32bea6044
Bug 1424809 - Get rid of NS_NewPostDataStream, r=valentin
2017-12-12 06:01:17 -06:00
bed9b1d6c8
Bug 1425688 - Enable ESLint rule mozilla/use-services for security/. r=gcp,keeler
...
MozReview-Commit-ID: 4Kd9L8ExNGl
--HG--
extra : rebase_source : d8383ef464e9f0d19c7642a07967f3e2fa56d0dc
2017-12-16 13:10:40 -06:00
a19f5582cc
Merge mozilla-central to mozilla-inbound r=merge
2018-01-11 00:05:23 +02:00
dc98f8d1f2
bug 1417680 - explore the feasibility of making XPCOM responsible for shutting down NSS r=jcj r=franziskus r=erahm
...
Historically, PSM has handled tracking NSS resources, releasing them, and
shutting down NSS in a coordinated manner (i.e. preventing races,
use-after-frees, etc.). This approach has proved intractable. This patch
introduces a new approach: have XPCOM shut down NSS after all threads have been
joined and the component manager has been shut down (and so there shouldn't be
any XPCOM objects holding NSS resources).
Note that this patch only attempts to determine if this approach will work. If
it does, we will have to go through alter and remove the remnants of the old
approach (i.e. nsNSSShutDownPreventionLock and related machinery). This will be
done in bug 1421084.
MozReview-Commit-ID: LjgEl1UZqkC
--HG--
extra : rebase_source : 95050b060a93223c6f2fce90f44e563fa6ed4fa2
2017-11-10 15:03:23 -08:00
7b5a586bff
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-12-10 12:02:11 -08:00
20053f4730
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-12-10 12:02:07 -08:00
4d1e04053a
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-12-10 11:22:34 -08:00
ffxbld
Ciure Andrei
Kate McKinley
arthur.iakab
Masatoshi Kimura
Dorel Luca
Narcis Beleuzu
Franziskus Kiefer
J.C. Jones
David Keeler
Mark Banner
Cosmin Sabou
Florian Quèze
Michal Novotny
Bogdan Tara
Michal Novotny
Margareta Eliza Balazs
Andrea Marchesini