2b8c0a2be5
No bug, Automated HPKP preload list update from host bld-linux64-spot-341 - a=hpkp-update
2017-11-29 10:13:03 -08:00
73f3ea227b
No bug, Automated HSTS preload list update from host bld-linux64-spot-341 - a=hsts-update
2017-11-29 10:12:59 -08:00
b3d418aa6c
Merge autoland to mozilla-central r=merge a=merge
2017-11-29 12:09:11 +02:00
f54d52a50d
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-28 11:45:43 -08:00
61c54f501b
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-28 11:45:40 -08:00
d7a19d2216
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-11-28 10:46:06 -08:00
812cb244f0
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-11-28 10:46:03 -08:00
13b5a0e017
bug 1421413 - add a preference to control which add-on signature algorithms are valid r=jcj
...
MozReview-Commit-ID: EwkpY9ADAtw
--HG--
extra : rebase_source : 7fce75b0ff7b42057840df0450d97ce840a69c89
2017-11-28 14:24:11 -08:00
52d69a63ca
Bug 1421372 - simplify the macOS content sandbox rules by splitting the file process rules out; r=haik
...
MozReview-Commit-ID: GJukCOAyE10
--HG--
extra : rebase_source : 7bfdd02482d45e72a785ec2abe2260577238406d
2017-11-28 14:06:06 -05:00
a04e49663b
No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update
2017-11-27 11:34:28 -08:00
f5bdc50a83
No bug, Automated HSTS preload list update from host bld-linux64-spot-035 - a=hsts-update
2017-11-27 11:34:24 -08:00
5fd51d8f5b
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-27 11:04:50 -08:00
6c2b138c87
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-27 11:04:46 -08:00
899f55bc70
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-11-26 11:29:24 -08:00
b7e36e0dad
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-11-26 11:29:20 -08:00
a1b8503be3
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-26 10:57:54 -08:00
ad8f2d950c
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-26 10:57:51 -08:00
fde154d757
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-11-25 11:31:33 -08:00
b75d3913b0
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-11-25 11:31:30 -08:00
24ce5b57e7
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-11-25 10:49:45 -08:00
80fa133054
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-11-25 10:49:41 -08:00
327405164b
Merge inbound to mozilla-central r=merge a=merge
2017-11-25 00:04:02 +02:00
b8d5e9b625
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-11-24 11:37:55 -08:00
1f4c6721e4
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-11-24 11:37:51 -08:00
75089cd8b7
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-24 11:00:34 -08:00
a29abc7f7d
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-24 11:00:30 -08:00
5083a36782
Bug 1420060 - FIPS can no longer be toggled in Firefox with the builtin NSS, r=ttaubert
...
MozReview-Commit-ID: 5lgEBiFozSG
Differential Revision: https://phabricator.services.mozilla.com/D282
--HG--
extra : rebase_source : 795b81b79f5c407cbfed3c0607c479d9880f0deb
2017-11-24 09:01:49 +01:00
34900c8a57
Bug 1420060 - land NSS ceb8b9290b35 UPGRADE_NSS_RELEASE, r=me
...
MozReview-Commit-ID: KprUV50uNDs
--HG--
extra : rebase_source : d67b83423351ac6581889cc95ec979a6f12adc07
2017-11-24 09:00:26 +01:00
21905d169e
Merge mozilla-central to mozilla-inbound. r=merge a=merge CLOSED TREE
2017-11-24 00:38:13 +02:00
da0a72a9d7
Merge inbound to mozilla-central r=merge a=merge
2017-11-24 00:28:29 +02:00
7ede3e4787
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-11-23 11:37:49 -08:00
eb15ed90ea
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-11-23 11:37:46 -08:00
4018e652ff
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-23 10:42:06 -08:00
ce8ed40893
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-23 10:42:02 -08:00
a5d613086a
Merge mozilla-inbound to mozilla-central r=merge a=merge
2017-11-23 11:42:46 +02:00
7b10164f9f
Bug 1403840 - add cose rust lib with a test, r=keeler,ttaubert
...
Summary:
This adds the COSE rust library from https://github.com/franziskuskiefer/cose-rust with its C API from https://github.com/franziskuskiefer/cose-c-api to gecko with a basic test.
The COSE library will be used for verifying add-on signatures in future.
Reviewers: keeler, ttaubert
Reviewed By: keeler
Bug #: 1403840
Differential Revision: https://phabricator.services.mozilla.com/D232
--HG--
extra : rebase_source : 433ca6894d88ccda333bfac53507eba4e84924fb
2017-11-22 16:37:15 +01:00
a0b20fcb81
Merge mozilla-central to mozilla-autoland. r=merge a=merge CLOSED TREE
2017-11-22 23:42:02 +02:00
82254ca1cf
Merge inbound to mozilla-central r=merge a=merge
2017-11-22 23:29:44 +02:00
ad970571e9
No bug, Automated HPKP preload list update from host bld-linux64-spot-032 - a=hpkp-update
2017-11-22 11:38:06 -08:00
013da9f3f3
No bug, Automated HSTS preload list update from host bld-linux64-spot-032 - a=hsts-update
2017-11-22 11:38:02 -08:00
2795ad9547
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2017-11-22 10:46:15 -08:00
36b4732f5f
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2017-11-22 10:46:12 -08:00
96f9c8ac5c
Bug 1418752 - Firefox instahang on start after landing patch from bug #1392841 . r=ttaubert
...
EnsureNSSInitializedChromeOrContent() sends sync event to main thread from non-main thread even if it's already initialized. This can make fix at https://searchfox.org/mozilla-central/rev/919dce54f43356c22d6ff6b81c07ef412b1bf933/netwerk/protocol/http/nsHttpHandler.cpp#2105 inefficient and can lead to a deadlock.
--HG--
extra : rebase_source : 18333d17e1d959accd667c8ce25a20ea51c15266
2017-11-22 12:46:08 -05:00
80fbb39861
Bug 1402519 - Remove MOZ_CRASHREPORTER directives from security; r=ttaubert
...
MozReview-Commit-ID: CfPBvffjEhq
--HG--
extra : rebase_source : 51c522746b48f0819b926607ceebf7d070df4ffd
2017-10-10 15:25:39 +02:00
5fbf717e5b
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-11-21 11:48:53 -08:00
d05982f0f1
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-11-21 11:48:49 -08:00
511b2cf5e6
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-21 11:14:55 -08:00
cf7bf94e79
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-21 11:14:52 -08:00
cde731d2d0
No bug, Automated HPKP preload list update from host bld-linux64-spot-034 - a=hpkp-update
2017-11-20 11:37:26 -08:00
d7e570ab96
No bug, Automated HSTS preload list update from host bld-linux64-spot-034 - a=hsts-update
2017-11-20 11:37:22 -08:00
21d7bcc344
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-20 10:57:37 -08:00
2fb6a219c1
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-20 10:57:34 -08:00
b3f0c3ded3
Merge mozilla-central to autoland. r=merge a=merge on a CLOSED TREE
2017-11-20 00:17:43 +02:00
c21102410d
No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update
2017-11-19 11:40:51 -08:00
502a538775
No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update
2017-11-19 11:40:47 -08:00
3fc5579f87
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-11-19 10:55:01 -08:00
6b1e59b641
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-11-19 10:54:58 -08:00
79f64eb568
Merge inbound to mozilla-central r=merge a=merge
2017-11-18 22:48:47 +02:00
22b9cb8f84
No bug, Automated HPKP preload list update from host bld-linux64-spot-037 - a=hpkp-update
2017-11-18 11:41:00 -08:00
2d07f0f683
No bug, Automated HSTS preload list update from host bld-linux64-spot-037 - a=hsts-update
2017-11-18 11:40:56 -08:00
973e21879e
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-18 11:05:10 -08:00
aa9e3a35ac
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-18 11:05:07 -08:00
b0ee34bea3
Bug 1416466 - Wait for the next event tick before resolving Promise for onload event in tests in security/manager/ssl/tests/mochitest/browser/. r=mossop
2017-11-18 22:57:18 +09:00
34be833347
Bug 1416016 - Add ../config to the sandbox whitelist for older Mesa. r=jld
...
MozReview-Commit-ID: KahivmVJR1l
--HG--
extra : rebase_source : 7d77f0ee77813a1214cfa5bc618b57c3208443c3
2017-11-17 15:23:28 +01:00
c979b7a21f
Bug 1416808 - Add "$XDG_DATA_(HOME|DIRS)"/fonts to the sandbox whitelist. r=jld
...
MozReview-Commit-ID: DwwltKQg8x4
--HG--
extra : rebase_source : e92b60e320bb26e66bfb38039f141ec83a34fff7
2017-11-17 15:45:11 +01:00
696ac83de9
Merge mozilla-central to mozilla-autoland. r=merge a=merge CLOSED TREE
2017-11-18 02:55:06 +02:00
1d5be20b0d
Merge autoland to mozilla-central r=merge a=merge
2017-11-18 00:00:22 +02:00
4f3980082f
No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update
2017-11-17 11:41:51 -08:00
794ea08b42
No bug, Automated HSTS preload list update from host bld-linux64-spot-035 - a=hsts-update
2017-11-17 11:41:47 -08:00
4da78d1a66
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-17 11:02:48 -08:00
8591b856f3
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-17 11:02:45 -08:00
5a64c2aeb7
Bug 1417959: Bump Alternate Desktop to Level 5 and make that the Default on Nightly. r=jimm
2017-11-16 18:10:00 +00:00
cdac966d1b
bug 1417677 - remove "security.use_sqldb" and always use the sqlite-backed NSS DBs r=jcj
...
MozReview-Commit-ID: 2qoJz5gDPyY
--HG--
extra : rebase_source : 89ccda87138ac02004d290f621e9d53dcddc08ff
2017-11-15 15:24:58 -08:00
68dd6026ab
bug 1418135 - asynchronously determine the chain to display in the details pane of the certificate viewer r=mgoodwin
...
The current certificate viewer uses "getChain" to determine what chain to show
in the details pane. This is problematic for a number of reasons including a)
it's synchronous (and potentially slow) and b) getChain may return something
almost entirely quite unlike any actual trusted path (see bug 1004580 comment
0).
This won't fix the whole problem (whatever's opening the certificate viewer
should really be passing in the chain itself), but that's hard, so this would at
least change the determination to be asynchronous and at least won't result in
something completely bogus.
MozReview-Commit-ID: J9uqRgxL52j
--HG--
extra : rebase_source : 0cb0a02564f7d962a57af90a9d1177ff41f064fe
2017-11-16 15:48:47 -08:00
cdb95907ba
Merge mozilla-central to autoland r=merge a=merge on a CLOSED TREE
2017-11-16 00:41:40 +02:00
d0a4ab96a0
Merge inbound to mozilla-central r=merge a=merge
2017-11-16 00:24:15 +02:00
6c10f7d914
No bug, Automated HPKP preload list update from host bld-linux64-spot-036 - a=hpkp-update
2017-11-15 11:31:52 -08:00
393e147523
No bug, Automated HSTS preload list update from host bld-linux64-spot-036 - a=hsts-update
2017-11-15 11:31:48 -08:00
dd02544d02
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-15 10:54:33 -08:00
bab5f228d3
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-15 10:54:29 -08:00
304ec4c15e
Bug 1417420 - Add the path used by FontAgent to the sandbox rules on macOS. r=haik
2017-11-15 17:59:44 +00:00
ab21773795
bug 1417277 - remove support for MOZPSM_NSSDBDIR_OVERRIDE r=jcj
...
MOZPSM_NSSDBDIR_OVERRIDE was added in bug 462919 for integration with xulrunner
applications. Upcoming changes we're aiming to make with how PSM handles NSS and
the certificate/key databases (e.g. making the sqlite-backed implementation
mandatory) mean we have to take this feature into account. xulrunner isn't
supported any longer. Searching the web for "MOZPSM_NSSDBDIR_OVERRIDE" yields
two kinds of results: mozilla-central source code and a man page for nss-gui,
which it seems is the only project that ever made use of
MOZPSM_NSSDBDIR_OVERRIDE (and hasn't been updated since 2013, from what I can
tell). I think it's fair to conclude that this isn't a widely-used (let alone
known) feature. To make development easier, we should remove it.
MozReview-Commit-ID: 56vcTYSzDPq
--HG--
extra : rebase_source : 683a65bcd79182c04524562bc26ed5925f5d902b
2017-11-14 16:38:34 -08:00
7af6788dd0
No bug, Automated HPKP preload list update from host bld-linux64-spot-038 - a=hpkp-update
2017-11-14 11:51:23 -08:00
1d90c326d7
No bug, Automated HSTS preload list update from host bld-linux64-spot-038 - a=hsts-update
2017-11-14 11:51:19 -08:00
e943551045
No bug, Automated HPKP preload list update from host bld-linux64-spot-030 - a=hpkp-update
2017-11-14 10:58:36 -08:00
cc72aaf33e
No bug, Automated HSTS preload list update from host bld-linux64-spot-030 - a=hsts-update
2017-11-14 10:58:32 -08:00
ba94a5128c
Bug 1371293 - Fix instances of missing 'use strict;' in html files as found after ESLint 4 upgrade. r=mossop
...
MozReview-Commit-ID: 2q3nqLaXA3E
--HG--
extra : rebase_source : 971ee6ae4dd565ead6f4aa16e06638445ecc5da0
2017-10-31 16:40:37 +00:00
3039b5c625
Backed out 1 changesets (bug 1417677) for failing security/manager/ssl/tests/unit/test_broken_fips.js r=backout on a CLOSED TREE
...
Backed out changeset 614a09e35ff0 (bug 1417677)
2017-11-17 12:49:16 +02:00
fdbe147ffb
Merge mozilla-central to autoland. r=merge a=merge CLOSED TREE
2017-11-17 12:09:31 +02:00
82c2e0ec18
bug 1413336 - (7/7) regenerate all the certificates! r=Cykesiopka
...
Also regenerate the test_signed_app.js testcases.
MozReview-Commit-ID: 483uNQT0wuG
--HG--
extra : rebase_source : 4dfddf89d151dceb970a1a9139a5c90e6b578f8c
2017-11-08 12:57:03 -08:00
cfc4721f33
bug 1413336 - (6/7) replace setComponentByName with direct property setters r=Cykesiopka
...
MozReview-Commit-ID: EIIzP04YHo9
--HG--
extra : rebase_source : bf04301265175f59a3db429667322caffeeeb767
2017-11-14 13:35:10 -08:00
d64022f084
bug 1413336 - (5/7) ensure text files generated by pycert et. al. have trailing newlines r=Cykesiopka
...
MozReview-Commit-ID: KduWJRzTxBp
--HG--
extra : rebase_source : 74c5baf9747a85d71bc93d7459a8b519b40f6dd4
2017-10-25 16:59:18 -07:00
d6bd3927e3
bug 1413336 - (4/7) make certificate serial number generation not depend on pyasn1 object string representation r=Cykesiopka
...
MozReview-Commit-ID: 69GjudEKwQM
--HG--
extra : rebase_source : 707413a77478e17a398fbb3c75eb27b64486b313
2017-11-08 14:12:03 -08:00
4a5bf460ad
bug 1413336 - (3/7) fix pycert.py and pykey.py with respect to pyasn1/pyasn1-modules updates r=Cykesiopka
...
MozReview-Commit-ID: CsxOF7LdEHB
--HG--
extra : rebase_source : 09b901b640779a9fe33de9d8c160b6918e6f12f7
2017-11-08 13:23:17 -08:00
dcb596244e
bug 1417677 - remove "security.use_sqldb" and always use the sqlite-backed NSS DBs r=jcj
...
MozReview-Commit-ID: 2qoJz5gDPyY
--HG--
extra : rebase_source : c84d7975fa30c753af7481d04e2db8c19daff180
2017-11-15 15:24:58 -08:00
2d6eb184f1
bug 1368868 - give up on ocsp stapling strictness because we can't have nice things r=jcj
...
MozReview-Commit-ID: nbX0c251oC
--HG--
extra : rebase_source : 2adda43c5ea137c17474e4b9303107f4ba3815ff
2017-11-08 15:50:26 -08:00
d49916e353
bug 1415991 - remove support for signed unpacked addons r=jcj,rhelmer
...
Unfortunately we have a number of add-on installation tests that rely on
unpacked addons verifying as signed. The test infrastructure achieves this by
monkey-patching nsIX509CertDB.verifySignedDirectoryAsync to always succeed.
These tests are, in general, not actually testing the successful verification of
signed unpacked add-ons but rather other aspects of add-on installation,
updating, etc.. Some of these tests are certainly no longer relevant now that
legacy add-ons aren't supported, but we don't have the time to go through all of
them at the moment (this blocks updating add-on signature verification to use
COSE signatures, which we need to ship in 59 or we're probably not shipping at
all).
MozReview-Commit-ID: 3TVPK703mUy
--HG--
extra : rebase_source : 5bf0b72a4d7c8ade702334345fdc3bf6a8761b15
2017-11-09 11:19:23 -08:00
e520b4f458
Merge mozilla-central to mozilla-autoland. r=merge a=merge CLOSED TREE
2017-11-14 00:59:27 +02:00
6f5e1e666f
No bug, Automated HPKP preload list update from host bld-linux64-spot-031 - a=hpkp-update
2017-11-13 11:38:59 -08:00
4d11774312
No bug, Automated HSTS preload list update from host bld-linux64-spot-031 - a=hsts-update
2017-11-13 11:38:56 -08:00
ffxbld
Dorel Luca
David Keeler
Alex Gaynor
Ciure Andrei
Franziskus Kiefer
Gurzau Raul
Tiberius Oros
Cosmin Sabou
shindli
Michal Novotny
Gabriele Svelto
Bogdan Tara
Tooru Fujisawa
Gian-Carlo Pascutto
Noemi Erli
Bob Owen
Brindusan Cristian
Jonathan Kew
Mark Banner
Andreea Pavel
Csoregi Natalia