449d05b144
Merge m-i to m-c, a=merge
2014-06-15 09:28:20 -07:00
3f294eaae3
No bug, Automated HSTS preload list update from host bld-linux64-spot-006 - a=hsts-update
2014-06-14 03:14:44 -07:00
d0d221e8d4
Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 4. Includes fixes for
...
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150, bug 1007126, bug 1021102.
2014-06-13 14:17:18 -07:00
a8ba8291e3
Bug 998513 - Test GeneralizedTime encodings in mozilla::pkix. r=keeler.
2014-06-13 12:50:11 -07:00
e8bddeb342
Merge m-c to fx-team
2014-06-11 18:52:12 -07:00
e49e9fc82b
Bug 1004352: Enable pinning for Google in production mode (r=keeler)
2014-06-11 15:32:37 -07:00
3d4de50d8e
Bug 908534 - change of event sink should trigger OnSecurityChange notifications, r=dkeeler
2014-06-11 11:19:17 +01:00
636e3ceae7
bug 1017160 - remove nsINSSCertErrorDialog and implementation r=cviecco
2014-06-09 16:35:35 -07:00
8bf1ded425
bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith
2014-06-09 13:57:44 -07:00
572c9b9d33
Bug 997370 - Update comment in nsIX509Cert.idl to reflect certificate fingerprint instead of public key. r=cviecco
2014-06-09 10:58:00 -04:00
56e2c15baf
Merge m-c to inbound on a CLOSED TREE. a=me
2014-06-07 13:36:44 -04:00
d1e9c22279
No bug, Automated HSTS preload list update from host bld-linux64-spot-051 - a=hsts-update
2014-06-07 03:18:25 -07:00
5f24a86888
bug 1019198 - fail handshake if given an expired OCSP response and fetching a new one fails r=briansmith
2014-06-06 09:20:50 -07:00
de303fb49e
Bug 1000548 - Leaking arenas allocated in mozilla::pkix r=keeler
...
--HG--
extra : rebase_source : 6b0aaef098a4fa4d5749013a332b6b7602640b36
2014-06-05 16:28:46 -07:00
50fc55199f
Backed out changeset 189492a9a115 (bug 1020695) for mochitest-2 failures in test_WebCrypto.html; CLOSED TREE
2014-06-05 15:52:01 +01:00
890d6ae640
Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
...
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-05 07:06:32 -07:00
f64f892d7c
Revert 8406a2b981c5 to fix build bustage.
...
> Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
> bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
> bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
> bug 963150.
2014-06-04 21:26:33 -07:00
a1f15c3eeb
Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
...
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-04 21:03:47 -07:00
8292161969
bug 1003566 - part 2/2: prevent OCSP requests from being upgraded to HTTPS by HSTS r=cviecco
2014-06-04 09:58:28 -07:00
ec7f60ff2a
Bug 1021797 - Rename ArenaFalseCleaner to PORT_FreeArena_false. r=keeler
...
--HG--
extra : rebase_source : e7316ee06f58f42afbaf68d7e5f7948277fd15fd
2014-06-06 14:11:08 -07:00
916aa7eb2c
Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler)
2014-06-06 13:44:59 -07:00
8b0f8d773d
Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE
...
--HG--
extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369
2014-06-06 12:04:36 -07:00
e0cd7eb210
Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco
...
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
2014-06-04 01:28:44 -07:00
f9aa591c9a
Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler
...
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
2014-06-04 00:03:28 -07:00
67bd0799fb
Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
...
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
2014-06-05 15:18:32 -07:00
86f062c18f
Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler
...
--HG--
extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b
2014-05-31 18:54:34 -07:00
b161fa67a5
Bug 1027890 - Remove all sorts of build system code dedicated to pymake. r=gps
2014-06-25 08:38:28 +09:00
0fb3cb7f61
Bug 1014299 - Add times() to seccomp whitelist. r=kang
...
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
2014-06-02 14:52:00 +02:00
5f0477861d
Bug 1019722 - Remove a double assignment to lastRdn to fix a minor warning found by scan-build, the LLVM/Clang static analyzer. r=keeler
2014-06-02 20:16:14 +02:00
bd925d243d
Bug 1009988 - OCSP tests: Precompute responses to prevent timeouts. r=cviecco
2014-06-02 11:35:27 -07:00
d31edbefe1
Bug 1019772: Enable production mode on pinning AMO (r=keeler)
2014-06-03 11:00:39 -07:00
279c66a9b8
Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler
...
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
2014-06-03 10:47:25 -07:00
ecfed7ae84
Bug 1019109: Add DottedOIDToCode.py tool, r=keeler
...
--HG--
extra : rebase_source : 44a92234f884af4500bc6eb5a1fc4dd4cfd38dc2
2014-06-02 10:50:04 -07:00
8ab2f2c793
Bug 235230 - Change IDL type of nsIX509Cert::windowTitle to AString; Original patch by Zack Weinberg. r=keeler
2014-06-01 13:59:00 +02:00
d7a28e81d0
Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco
...
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
2014-05-31 16:32:58 -07:00
151ad4b5a6
Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco
...
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
2014-05-31 16:55:54 -07:00
e508e0ac8a
Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco
...
--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
2014-05-30 16:46:49 -07:00
efadae2e83
Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc
...
--HG--
extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494
2014-05-29 22:09:45 -07:00
4c65ffea41
Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc
...
--HG--
extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56
2014-05-29 23:36:30 -07:00
00ff571d69
Merge m-i to m-c
2014-05-31 20:29:24 -07:00
e85dc8f55e
No bug, Automated HSTS preload list update from host bld-linux64-spot-176 - a=hsts-update
2014-05-31 03:14:44 -07:00
fe5e0f327b
Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson
2014-05-30 00:01:00 -04:00
d4c50fa1b7
Bug 991815 - Part 2/2 - Tests for OCSP responses up to 1 year old. r=keeler
...
--HG--
extra : rebase_source : cc012870da3a165a0a3d0d5c6c9671eeeda37f3f
2014-05-28 14:08:02 -07:00
5bce267045
Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler
...
--HG--
extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8
2014-05-30 16:12:36 -07:00
7ac1ddf1f6
Bug 1017661 - remove MOZ_NSS_PATCH functionality; r=glandium
2014-05-29 12:16:58 -04:00
3b00a198b6
Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler
...
--HG--
extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f
2014-05-29 23:37:40 -07:00
30d9839f83
Bug 1018041: Fix linking error in pkix_ocsp_request_tests when GTest is enabled on Windows, r=keeler
...
--HG--
extra : rebase_source : 36c5ee4f5cc40adb1079e34bd309147a662fc45f
2014-05-29 23:06:10 -07:00
71bc4ceab5
Bug 1018018: Remove support/mention of proprietary Netscape certificate extensions from PSM, r=cviecco
...
--HG--
extra : rebase_source : 758ff9384c040084b1015f8025a4ff9f33590176
2014-05-29 20:38:25 -07:00
103251c410
Bug 1010634, Part 6: Enable -Wall with a few exceptions for certverifier, r=cviecco
...
--HG--
extra : rebase_source : 611f0d65e7edb74345a4a599a6606de37e3da75e
2014-05-15 21:56:23 -07:00
ce6d7b1f43
Bug 1010634, Part 5: Add private destructor to NSSErrorService in line with the XPCOM recommendations, r=cviecco
...
--HG--
extra : rebase_source : 1f8b4558114eef0e1a15f51f0c814f16e05f6f76
2014-05-29 20:18:17 -07:00
84170040f4
Bug 1010634, Part 3: Fix more warnings in CertVerifier, r=cviecco
...
--HG--
extra : rebase_source : 21e79fbc472aeccec7df213e0cd8d99bebfbff75
2014-05-29 20:17:53 -07:00
4434286b6b
bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith
2014-05-28 15:28:03 -07:00
b337f160ed
Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler
...
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
2014-05-23 09:47:41 -07:00
f051695b8d
Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler
...
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
2014-05-21 15:42:21 -07:00
6c3ad9ab91
bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer
2014-01-10 11:13:03 -08:00
b14f27897b
Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco
...
--HG--
extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc
2014-07-10 22:38:59 -07:00
a7e335a16d
Merge m-c to inbound. a=merge
2014-07-11 16:38:04 -04:00
3fc891026c
bug 1031543 - allow importing user certificates via certificate manager r=honzab
2014-07-11 11:19:24 -07:00
af3daeff63
Bug 1031542: Add test case for key usage without any value bits, r=keeler
...
--HG--
extra : rebase_source : 25bdc0db6b042fe6fbba61b80cb8a4ac7cb588eb
2014-06-27 15:21:48 -07:00
2d9e74e8ee
Bug 975229: Remove NSS-based certificate verification, r=keeler
...
--HG--
extra : rebase_source : 49cb20f1b51e2d9993a35decd820764e20ad9be9
2014-06-16 23:13:29 -07:00
ca4f473450
Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler
...
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
2014-06-20 10:10:51 -07:00
14a4d7a9df
bug 1028178 - re-add nsICertificateDialogs to nsNSSDialogs' NS_IMPL_ISUPPORTS declaration r=briansmith
2014-06-20 09:38:08 -07:00
c13f6d39c7
bug 997509 - heed expired Revoked or Unknown OCSP responses r=briansmith
2014-06-20 09:01:57 -07:00
00f176ef95
Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler
2014-05-27 20:58:00 +02:00
b07e3b1b23
Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc
...
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
2014-05-27 10:53:40 -07:00
d142e79073
Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures.
...
CLOSED TREE
2014-05-27 14:27:40 -04:00
82eb078310
bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer
2014-01-10 11:13:03 -08:00
8d8df0c940
Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler
2014-05-23 15:29:00 +02:00
785d39a051
No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update
2014-05-24 03:14:12 -07:00
5d9a310465
Bug 1004351: Enable production mode for twitter pins (r=keeler)
2014-05-22 15:11:07 -07:00
404c8597ce
Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler)
2014-05-22 15:09:45 -07:00
4f4ef533f5
Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes
...
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
2014-05-22 12:31:09 -07:00
d0a5ea9350
Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler
2014-05-22 00:52:00 +02:00
aea8617b92
Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan
2014-05-22 06:48:51 +03:00
58641805f1
Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan
2014-05-22 06:48:51 +03:00
189593520f
Bug 869836 - Part 4: Use EqualsLiteral instead of `Equals(NS_LITERAL_STRING(...))`. r=ehsan
2014-05-22 06:48:51 +03:00
0e6f3a6562
Bug 869836 - Part 3: Use `Append('c')` instead of `AppendLiteral("c")`. r=ehsan
2014-05-22 06:48:51 +03:00
19bebbc68d
Bug 869836 - Part 2: Use AppendLiteral instead of `Append(NS_LITERAL_STRING(...))`. r=ehsan
2014-05-22 06:48:50 +03:00
d16b3320e8
Bug 1010594 - Part 2/2 tests - r=keeler
...
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
2014-05-19 13:26:23 -07:00
0c9b112b38
Bug 1010594 - Part 1/2 OCSP url check - r=briansmith
...
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
2014-05-16 13:53:14 -07:00
e7518a4528
Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler
...
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
2014-05-15 08:04:54 -07:00
2b33a87b1f
Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler
2014-05-16 15:47:00 -04:00
a597c57860
Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz
2014-05-14 16:09:31 +01:00
9f78dc2ea0
Bug 920372 - Fix socketcall whitelisting on i386. r=kang
2014-05-20 18:38:14 -07:00
f6ffcab30d
Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang
2014-05-20 18:38:06 -07:00
ebb89f61f4
Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang
2014-05-20 18:37:53 -07:00
9e94aea459
Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang
...
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h
Updated:
* base/basictypes.h
* base/macros.h
At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require. However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
2014-05-20 18:37:45 -07:00
e9868c3934
Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler)
2014-05-20 13:25:02 -07:00
5f5fc30c16
Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched
2014-05-03 08:50:00 +02:00
84e89d2fa5
Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith
2014-05-17 20:12:10 -07:00
88108c8e9f
Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler)
2014-05-19 13:24:41 -07:00
7683ced05a
Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler)
2014-05-19 13:04:40 -07:00
cc40dbbc9d
bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc
2014-05-19 12:14:51 -07:00
3a148b5121
bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc
2014-05-19 12:14:44 -07:00
c7191763ea
bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith
2014-05-14 10:05:32 -07:00
1793f7acdc
bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith
2014-05-19 11:13:04 -07:00
51f64d5cbb
Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith
2014-05-18 15:42:42 +02:00
5b464da977
No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update
2014-05-17 03:15:04 -07:00
fe9fcc5bec
Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco
...
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
2014-05-14 17:46:32 -07:00
2912321bc5
Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
...
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
2014-05-15 18:59:52 -07:00
f834909bb0
Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler
...
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
2014-05-14 19:30:09 -07:00
077fb4cfcf
Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
...
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
2014-05-14 01:02:34 -07:00
921579aca0
Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler
...
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
2014-04-25 20:27:27 -07:00
33238b8f26
Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler
...
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
2014-05-05 09:55:57 -07:00
94e8967a9f
Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler)
2014-05-15 16:56:51 -07:00
010f4a4ced
Bug 1006594: Implement moz-specific telemetry (r=keeler)
2014-05-14 16:36:46 -07:00
aa1dddedcd
backout dfc04fd0a41f (bug 1002814) for gtest breakage
2014-05-14 11:08:20 -07:00
478d0a6460
bug 1005266 - disable strict timeout checking in test_ocsp_timeout.js on WinXP because of frequent failures r=mmc
2014-05-14 09:57:10 -07:00
cd165343b0
bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith
2014-05-14 10:05:32 -07:00
1e673cbacc
bug 1006804 - psm interface for kea size and make kea available in preliminary handshake r=keeler r=honzab
2014-05-06 17:22:25 -04:00
a28ceb8833
Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith.
2014-05-14 14:37:25 +01:00
730c8da49a
Bug 1009720: Telemetry for CERT_PINNING_TEST_RESULTS (r=keeler)
2014-05-13 13:50:13 -07:00
2bf68f16b6
bug 1005355 - look for PSM test binaries in /data/local/xpcb/ on Android/B2G r=mmc
2014-05-12 14:38:00 -07:00
9aae1d6105
Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler)
2014-05-08 17:18:50 -07:00
364ad99c8f
Merge mozilla-central to mozilla-inbound
2014-05-12 13:48:01 +02:00
0eef94abf9
merge mozilla-inbound to mozilla-central
2014-05-12 13:33:19 +02:00
849b0f7cb9
No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update
2014-05-10 03:26:08 -07:00
729caf70d4
Bug 1005309 - Fixed MSVC detection.
...
--HG--
extra : rebase_source : 0b61de1270eb861234539de675c2d381e217f55c
2014-05-12 11:01:22 +02:00
e1c350091f
bug 1005266 - specify a timeout for the socket in test_ocsp_timeout.js r=mmc
2014-05-09 15:17:43 -07:00
4f866e23df
Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc
2014-05-09 10:58:47 -07:00
675aff56b2
bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc
2014-05-08 15:33:38 -07:00
ea0182ae63
bug 1007813 - match CreateEncodedCertificate declaration to its definition r=mmc
2014-05-08 11:51:50 -07:00
fe569bf1f2
Bug 979703: Update NSS to NSS_3_16_2_BETA1.
...
Fix bugs in intel-gcm-x86-masm.asm and re-enable the
Intel AES assembly code. (The fix is by Shay Gueron of Intel.)
Remove an unnecessary loop in intel-gcm-x64-masm.asm r=agl.
2014-05-08 14:28:47 -07:00
baff68ca81
Bug 1000354: Fix comment and make test clearer (r=keeler)
2014-05-07 15:48:23 -07:00
5a3bee8d99
Bug 997987 - Remove usage of nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger
2014-05-06 15:43:03 -07:00
3ab8eb01df
Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang
2014-05-02 16:57:00 +02:00
b529036d7c
Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler
...
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
2014-05-05 13:59:32 -07:00
d4f27e6065
Bug 993569: Update to NSS 3.16.1 and NSPR 4.10.5. r=kaie.
2014-05-05 13:51:39 -07:00
7b1596592f
Bug 1005364: Disable pinning for all mozilla properties (r=keeler)
2014-05-04 15:36:38 -07:00
c92ecd7e9b
Bug 1005667: Fix build warning due to buggy test code in pkixtestutil.cpp, r=dholbert
2014-05-04 11:04:48 -07:00
75f6d3a530
Bug 1005309, Part 2: Enable extended compiler warnings (-W4 -Wall) in mozilla::pkix, r=mmc
...
--HG--
extra : rebase_source : 033574a0b26582753baec003becfaf15bbd85003
extra : histedit_source : 2d52c47f92b8f694203c2eb580b37be78ccf2f9c
2014-05-03 17:50:26 -07:00
fc861849bc
Bug 1005309, Part 1: Improve type conversion and error checking for hashing done in mozilla::pkix's pkixocsp.cpp. r=mmc
...
--HG--
extra : rebase_source : 79c248ebc45d722249ae7adbbd2527dc9985f6f0
extra : histedit_source : 8ea66942cec4252d9d7e625da22b5ad9964485a1
2014-05-02 11:53:06 -07:00
f0a3398f72
Bug 1005256: Improve parameter validation in mozilla::pkix::der::Input::GetSECItem, r=mmc
...
--HG--
extra : rebase_source : 93b65e103c86747ddaf463e639aacffdf7ccb08f
extra : histedit_source : 10ef0ab13fb9de710ea3c589600db4632f9cf4a0
2014-05-02 11:52:10 -07:00
a46aa03484
Bug 1005208: Rename issuerKeyHash to keyHash in mozilla::pkix's pkixocsp.cpp, r=mmc
...
--HG--
extra : rebase_source : ede4ed17cb56e3e52325ecadc2c5ded33c4a6013
extra : histedit_source : b727000e81bbc8afa6b9f8188b97065f59da45ad
2014-05-02 10:40:03 -07:00
20a90d85b4
Bug 1005198: Make it easy to create test certificates in GTest tests, r=keeler
...
--HG--
extra : rebase_source : 0b1ec263a5a1ce1856afb12f11ea4c35c2aa55d0
extra : histedit_source : 40a3a3fc1993de0fcdeb5593a1a1df4dc94832b8
2014-04-25 19:57:40 -07:00
46be226687
No bug, Automated HSTS preload list update from host bld-linux64-spot-043 - a=hsts-update
2014-05-03 03:18:44 -07:00
4cbe45bef4
bug 1004270 - use SQL cert/key DBs in PSM tests so we can run them on Android r=briansmith
2014-05-02 15:06:29 -07:00
1388a9d276
Bug 951315 - Add telemetry to PK pinning. r=dkeeler
2014-04-30 17:04:00 -07:00
8d3acf320f
Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler
...
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
2014-05-01 14:48:37 -07:00
9bf8c7f01d
bug 982248 - NSSCertDBTrustDomain: specify timeout for OCSP requests r=briansmith
2014-05-01 15:07:55 -07:00
6c43d7c225
Bug 1003290: Fix OID parser template type, r=keeler
...
--HG--
extra : rebase_source : c33e450b84234ae7471118c2f8749593a59d9298
2014-04-25 16:31:30 -07:00
9ae1a34e11
Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc
...
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
2014-04-25 16:29:26 -07:00
456d4f8a4d
Bug 1002929: Avoid implicit conversion of Result to boolean in mozilla::der::GeneralizedTime, r=keeler
...
--HG--
extra : rebase_source : 8966d41f1837611b83ac84b347aeddfade9bc949
2014-04-24 16:08:30 -07:00
7de05bc8ba
Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler)
2014-04-30 20:11:35 -07:00
1d5150d986
Backed out changeset 9c8fbf297d51
...
Camilo did not land his patch that this depends on, my bad.
2014-04-30 20:01:34 -07:00
68b3043845
Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler)
2014-04-30 19:56:03 -07:00
18421a4364
Bug 998057: Add test pinset to the pin generator (r=cviecco)
...
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.der => security/manager/boot/src/default-ee.der
2014-04-30 15:30:44 -07:00
a54a4f05cf
Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler
...
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
2014-02-05 14:49:10 -08:00
aaca84b128
Bug 1003604 - Make nsNSSShutDownObject::isAlreadyShutDown() const. r=dkeeler
2014-04-29 17:45:00 +02:00
3a5329b969
Bug 952650 (part 11) - Remove JSVAL_TO_INT. r=njn.
...
--HG--
extra : rebase_source : 41923458bbf8fd957c9a57685df4969f1190bd9f
2014-04-27 19:55:08 -07:00
9a92d22f5a
Bug 952650 (part 9) - Remove JSVAL_IS_INT. r=njn.
...
--HG--
extra : rebase_source : dc0c170914c2370c218cdbbe671d2a68628f5a87
2014-04-27 19:47:02 -07:00
d3fe3aaf5d
Bug 952650 (part 1) - Remove JSVAL_IS_NULL. r=terrence.
...
--HG--
extra : rebase_source : 83d1cdaf71260fd99b688c23303ceb2de7b00031
2014-04-27 19:30:51 -07:00
5cf2107a2e
Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 4. This disables
...
the new Intel AES assembly code on Windows. r=kaie.
2014-04-29 16:13:03 -07:00
9d294dbe70
Bug 744204 - Allow Key pining part 1 - Built-in Pinning Service. r=keeler
2013-06-20 10:35:43 -07:00
388e440bec
bug 977865 - mozilla::pkix: add backoff for ocsp fetching when a responder fails r=cviecco
2014-04-28 16:38:15 -07:00
4cbf0ef630
Bug 998067: Add utility code for making it easier to create GTests based on NSS, r=keeler
...
--HG--
extra : rebase_source : 8ae08d1ccc9329aa567cfc7ac590ddb026155bae
2014-04-16 21:38:01 -07:00
8c0e54d6a8
Bug 1000544: Use "Fail(x, y)" instead of "PR_SetError(y, 0); return x;" more consistently, r=mmc
...
--HG--
extra : rebase_source : 96addac738b8ffe39c7a92d546388d5f13fc2340
2014-04-23 14:13:32 -07:00
bd4b0a0668
Bug 1000482: Remove unused stapledOCSPResponse parmaeter from BuildForwardInner, r=mmc, r=keeler
...
--HG--
extra : rebase_source : b5d67d3488aa3df5690a7dd2b76495ac4986a723
2014-04-23 13:42:38 -07:00
d6bedee1bf
Bug 1000483: Remove unused isTrustAnchor parameter from CheckKeyUsage, r=cviecco
...
--HG--
extra : rebase_source : 96e7b76362d6219193c814d35c332aae2ed5b48f
2014-04-23 13:38:19 -07:00
8063163ac9
Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 3. The main change
...
is https://hg.mozilla.org/projects/nss/rev/7e8485a5ed49 .
2014-04-27 20:39:24 -07:00
5f1fde8824
Bug 900908 - Part 3: Change uses of numbered macros in nsIClassInfoImpl.h/nsISupportsImpl.h to the variadic variants. r=froydnj
2014-04-27 03:06:00 -04:00
345123d0ec
Merge m-c to inbound.
2014-04-26 21:41:26 -04:00
01fcf1ea9e
No bug, Automated HSTS preload list update from host bld-linux64-spot-425 - a=hsts-update
2014-04-26 03:23:23 -07:00
f64a832fc8
Bug 1001585 - Don't build tests directory if --disable-tests is specified. r=briansmith
2014-04-26 11:29:00 -04:00
4136c664aa
Bug 474369 - remove nsVoidArray includes; r=ehsan
...
--HG--
extra : rebase_source : dd3abeb623fd8b784fd6ba639c88def84a4daf58
2014-04-26 16:12:45 +02:00
80ec7bb1fa
Bug 915930 - Make mozilla::pkix the default certificate verifier for all (not just desktop) r=briansmith
...
--HG--
extra : rebase_source : 56402e60078298dc64cf5476afda7c95671a7092
2014-04-25 13:22:30 -07:00
f8b638754f
Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 2.
2014-04-25 06:06:01 -07:00
caddd65460
Bug 999306 - Add 'allow-insecure-ntlm-v1' preference for the generic NTLM v1 authentication module, r=jduell
2014-04-24 18:50:46 +02:00
4c3ba2b965
Bug 968490: Add mozilla::pkix::der unit tests (r=cviecco)
2014-03-26 16:00:03 -07:00
a39021aa83
Bug 996487: don't null out mThread while committing thread suicide r=bsmedberg
2014-04-22 15:32:13 -04:00
a57f7dc2fb
Bug 995528 - Certificate viewer describes not-valid-before date as issue date. r=honzab, ui-r=philipp
2014-04-21 10:58:04 -04:00
792720cccb
No bug, Automated HSTS preload list update from host bld-linux64-spot-454 - a=hsts-update
2014-04-19 03:14:16 -07:00
302ba02d64
Bug 988881: clean up CryptoTask (SignedJar) tasks instead of leaking them r=bsmedberg,mayhemer
2014-04-17 02:18:04 -04:00
8360610c1d
Bug 897359 - Remove unimplemented popChallengeResponse, random, and disableRightClick methods. r=bz
2014-04-18 09:32:52 -04:00
ca673b66f0
bug 991898 - mozilla::pkix: temporarily allow empty Extensions in OCSP responses r=briansmith
2014-04-17 16:01:18 -07:00
86f7e1e45e
Bug 997795 - Cleanup decodings. r=dkeeler
2014-04-17 14:42:05 -07:00
3fd7deadb7
Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang
2014-04-17 16:23:23 -04:00
c75a74a16f
Bug 992972 - Add sha256SubjectPublicKeyInfoDigest attribute to nsIX509Cert. sr=bsmith
2014-04-07 10:35:57 -07:00
0860109f89
bug 997843 - mozilla::pkix::der::Input::Expect should take a uint16_t as its length argument r=briansmith
2014-04-17 09:50:06 -07:00
b720c442dc
bug 993591 - PSM HTTP Fetch should own streamloader data r=dkeller r=mayhemmer
2014-04-09 17:48:17 -04:00
5490002e36
bug 982774 - der::ExpectTagAndGetLength: check that input has enough capacity for the length described r=briansmith
2014-04-16 13:30:09 -07:00
b3c8e42deb
bug 972753 - OCSP testing: delegated responses and including multiple certificates r=cviecco
2014-04-16 09:31:27 -07:00
a5d3b3eea3
Bug 934676 - Remove unused variable 'extracted' in ClientAuthDataRunnable::RunOnTargetThread. r=keeler
2014-04-15 15:46:00 +02:00
5bda1ea0d1
Bug 991177: Disallow overrides for SEC_ERROR_CA_CERT_INVALID (r=keeler)
2014-04-15 15:35:41 -07:00
2c8f15bb95
Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan
...
--HG--
extra : rebase_source : 0d14e02c64d548fd3177681248d722683aaa87c3
2014-04-14 12:04:25 -07:00
d14751b88b
bug 994932 - fix error checking in GetOCSPResponseForType r=retornam
2014-04-15 14:21:08 -07:00
59ee14f2ce
Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang
2014-04-11 13:09:00 +02:00
3de1018bbe
Bug 989528 - Rename AutoSystemCaller to AutoNoJSAPI, and assert against pre-existing exceptions. r=bz
2014-04-14 20:27:00 -07:00
d3859c597c
Backed out changesets ddbac34527fe and fa82f32d0c39 (bug 991812) for B2G bustage.
...
CLOSED TREE
2014-04-14 16:16:18 -04:00
74215b6cbb
Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan
2014-04-14 12:04:25 -07:00
cbdabd4cd4
Merge m-c to inbound on a CLOSED TREE.
2014-04-13 22:52:50 -04:00
e6e67e15d9
No bug, Automated HSTS preload list update from host bld-linux64-spot-327 - a=hsts-update
2014-04-12 03:21:26 -07:00
3f38fa6efe
Bug #993846 - Add missing stringbundle, r=kaie
2014-04-11 10:07:02 -05:00
13f4429374
bug 993186 - improve test_cert_eku generator r=cviecco
2014-04-09 11:04:00 -07:00
7f0d9d7eb4
Bug 993145 - Skip attempting seccomp sandboxing if seccomp unavailable. r=kang
2014-04-09 15:23:00 +02:00
e5a5d4a701
Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz
2014-04-08 16:25:18 +01:00
e3cb82bf06
Bug 995047 followup. Fix a caller that I missed because it's only compiled on some platforms, so we can reopen the CLOSED TREE
2014-04-12 00:38:06 -04:00
e23cf356dc
bug 991209 - mozilla::pkix: allow non-end-entity certs to have OCSP signing EKU r=briansmith
2014-04-10 10:15:02 -07:00
79dab91ff6
Bug 991742 part 8. Remove the "aScope" argument of WebIDL/nsWrapperCache WrapObject() methods. r=bholley
...
This patch was mostly generated with the following command:
find . -name "*.h" -o -name "*.cpp" | xargs sed -e '/WrapObject(JSContext/ {; N; s/\(WrapObject(JSContext *\* *a\{0,1\}[Cc]x\),\n\{0,1\} *JS::Handle<JSObject\*> a\{0,1\}[sS]cope/\1/ ; }' -i ""
and then reverting the changes that made to
dom/bindings/BindingUtils.h, since those WrapObject methods are not
the ones we're trying to change here, plus a bunch of manual fixups
for cases that this command did not catch (including all the callsites
of WrapObject()).
2014-04-08 18:27:18 -04:00
d4bd64ee2c
Bug 991742 part 6. Remove the "aScope" argument of binding Wrap() methods. r=bholley
...
This patch was mostly generated with this command:
find . -name "*.h" -o -name "*.cpp" | xargs sed -e 's/Binding::Wrap(aCx, aScope, this/Binding::Wrap(aCx, this/' -e 's/Binding_workers::Wrap(aCx, aScope, this/Binding_workers::Wrap(aCx, this/' -e 's/Binding::Wrap(cx, scope, this/Binding::Wrap(cx, this/' -i ""
plus a few manual fixes to dom/bindings/Codegen.py, js/xpconnect/src/event_impl_gen.py, and a few C++ files that were not caught in the search-and-replace above.
2014-04-08 18:27:17 -04:00
816a5b2291
Bug 993569 - Update Mozilla 31 to use NSS 3.16.1. (beta1) r=kaie
2014-04-08 11:38:37 -07:00
6d40cad913
Bug 984608 - SECKEY_EncodeDERSubjectPublicKeyInfo and PK11_DEREncodePublicKey take non-const SECKEYPublicKey*. r=briansmith
2014-04-08 11:27:31 -07:00
7271837f38
bug 990603 - test override for server certificate with basic constraints: CA=true r=briansmith
2014-04-08 09:51:45 -07:00
281f1bd79b
bug 990603 - mozilla::pkix: defer reporting end-entity cert errors until after path building r=briansmith
2014-04-08 09:49:36 -07:00
c89c077c14
Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz.
...
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 687daf9d78e69fe6ae21f7c1a26503cf88a18b97
2014-02-15 22:12:34 +01:00
a5967a49cb
Back out 75c95dac7fe0 (bug 984497) and f1b0d3d13755 (bug 990475) to fix bustage on a CLOSED TREE.
...
--HG--
extra : rebase_source : a63315cd428faeb95464f6ad76946d1c0c6d36c3
2014-04-07 22:18:53 +02:00
12b990ebb7
Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz.
...
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 3662ae8b0f35fefb250c9cd048e848d662863855
2014-02-15 22:12:34 +01:00
58623399e3
Bug 989509 - Part 3: security/ (r=cviecco,dkeeler)
2014-04-03 19:29:40 -07:00
f59fb034f2
Bug 987816 - Part 2/3. Update tests to match un-regressed behaviour. r=dkeeler
...
--HG--
extra : rebase_source : 7bccc66831f56cede353ec33275449b7bf2560b1
2014-03-31 09:10:13 -07:00
a4f1be8b68
Bug 987816 - Part 2/3. Test verifying certificateUsageVerifyCA can return OK. r= dkeeler
...
--HG--
extra : rebase_source : 8e3f50d58c3c61e0fc843a053370f74d9adac8c0
2014-03-31 09:10:11 -07:00
930ccc7d4e
Bug 987816 - Part 1/3. Allow verifying with certificateUsageVerifyCA. r=dkeeler
...
--HG--
extra : rebase_source : 7530839c9c02d56936e322f897de96d80a60a18f
2014-03-28 10:21:30 -07:00
fb6ccb11db
Bug 959787 - Handlify JS_ExecuteScript and JS::Evaluate APIs r=terrence r=bz
2014-04-01 11:34:39 +01:00
490ed7cdd4
Bug 988168 - Better integrate gtest libxul in the build system. r=mshal. DONTBUILD
...
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
2014-03-31 13:21:38 +02:00
421099347a
Backed out changeset 561b9329d832 (bug 988168) for wrong attribution.
2014-04-01 13:17:50 +09:00
46abe3117f
Bug 988168 - Better integrate gtest libxul in the build system. r=mshal
...
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
2014-03-31 13:21:38 +02:00
e1d0b6f106
Bug 967704 - Skip a few more tests on Android 2.3
2014-03-31 21:30:07 -06:00
dd61cf2b05
bug 989516 - mozilla::pkix: temporarily allow improper basicConstraint:cA encodings r=cviecco
2014-03-31 11:06:43 -07:00
be06439979
bug 987295 - mozilla::pkix: test ocsp extension decoding r=cviecco
2014-03-31 10:54:53 -07:00
8c4f3cc754
bug 987295 - mozilla::pkix: fix decoding OCSP response extensions r=cviecco
2014-03-31 13:24:16 -07:00
7bd8fdcd55
Bug 986156 - Test anypolicyoid (no inhibit policy) for EV . r=dkeeler
...
--HG--
extra : rebase_source : 004dbe5fc1b168c43f62c5bed8e71d4d67b04754
2014-03-28 10:00:45 -07:00
95b0ba15e7
Bug 986156 - Allow anypolicyoid and reject on inhibitAnypolicy (mozilla::pkix). r=bsmith
...
--HG--
extra : rebase_source : dd61d4bfa64ed65582f3a1b4662f16740983a3ce
2014-03-28 10:00:29 -07:00
73bdeac562
Merge m-i to m-c
2014-03-29 09:00:18 -07:00
844dcffae8
No bug, Automated HSTS preload list update from host bld-linux64-spot-403 - a=hsts-update
2014-03-29 03:14:50 -07:00
084f4bf6b5
Backout changesets ca413634eba3 and a92851ff7444 (bug 988168) for likely windows PGO perf regression
2014-03-29 16:49:19 +09:00
628fb11481
Bug 989172 - Re-add sigaltstack to seccomp whitelist. r=kang
...
This reinstates the patch from bug 983518, which was unintentionally
dropped while merging with the reorganization in bug 985227.
2014-03-28 17:58:26 -07:00
116cedb60f
Backed out 2 changesets (bug 987816) for xpcshell orange
...
Backed out changeset 245d0cb5a7b3 (bug 987816)
Backed out changeset b714220dd39d (bug 987816)
2014-03-28 16:57:12 -07:00
828e5f79ad
Bug 987816 - certificateUsageVerifyCA is OK verifcation option. r=dkeeler
...
--HG--
extra : rebase_source : 0e000dc85705e1c61773e8fc73425fe80e0b9134
2014-03-28 10:21:30 -07:00
da71fd6bfa
Bug 987816 - test certificateUsageVerifyCA can return success. r=dkeeler
...
--HG--
rename : toolkit/library/libxul.mk => toolkit/library/Makefile.in
rename : toolkit/library/libxul.mozbuild => toolkit/library/moz.build
extra : rebase_source : 145fd4fce17325ca9e34681f3451c66c33bfd1a1
2014-03-28 15:53:08 -07:00
0e1dd1fe7c
Bug 988168 - Better integrate gtest libxul in the build system. r=mshal
...
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
2014-03-29 07:50:08 +09:00
1b528b9fbe
Bug 982292 - Enhance EKU testing. r=dkeeler
2014-03-18 08:59:37 -07:00
d130bf6c69
Bug 982292 - Allow nsSGC to 'nest' TLS Web Server Authentication EKU in moz::pkix. r=bsmith
2014-03-13 11:06:44 -07:00
2244b78e3a
Bug 987888 - --enable-content-sandbox breaks 64-bit builds. r=dkeeler,r=mshal
2014-03-28 13:59:16 +09:00
6a59538495
Bug 982778: Initialize parameters of output value of der::AlgorithmIdentifier, r=keeler
2014-03-13 21:26:03 -07:00
4e7ed8db6e
Bug 988718 - Mark nsSecurityHeaderParser explicit. r=dkeeler
2014-03-27 12:51:25 -04:00
846a3f333c
Bug 880043 - Signed packaged installation test certificate generation. r=cviecco
...
--HG--
rename : security/manager/ssl/tests/unit/test_signed_apps/nss_ctypes.py => security/manager/ssl/tests/unit/test_signed_apps/gentestfiles/nss_ctypes.py
rename : security/manager/ssl/tests/unit/test_signed_apps/sign_b2g_app.py => security/manager/ssl/tests/unit/test_signed_apps/gentestfiles/sign_b2g_app.py
2014-03-27 11:02:27 -04:00
744496ea74
bug 986171 - mozilla::pkix: telemetry for what cert validation library is in use r=cviecco
2014-03-26 09:41:08 -07:00
299f77a203
Backed out changeset d9e136a02980 (bug 986171) for build bustage r=backout
2014-03-25 14:02:42 -07:00
a5607957c9
bug 986171 - mozilla::pkix: telemetry for what cert validation library is in use r=cviecco
2014-03-25 13:43:01 -07:00
dc2c4359dc
bug 987217 - free leaking encodedRequest in GenerateCRMFRequest r=cviecco
2014-03-25 10:38:03 -07:00
20e4991585
Bug 969188 - Part 3/3 - Test handling of v1/v2/v3 certificates from PSM. r=keeler
...
--HG--
extra : rebase_source : 321d603913f07a0afe64400e300146873e8a81af
2014-02-25 15:37:22 -08:00
0b1f14ef5a
Bug 969188 - Part 2/3 - mozilla::pkix only decode v3 extensions in v3 certificates. r=briansmith
...
--HG--
extra : rebase_source : 86e58ccf8538d0f40d3b24b89a92dceac095cb21
2014-03-06 10:04:04 -08:00
a97f568c99
Bug 969188 - Part 1/3 - Fix mozilla::pkix handling of trusted v1 certificates. r=briansmith
...
--HG--
extra : rebase_source : 242b4849a7820d23518936a8c86ddcb7d9684394
2014-03-06 10:04:04 -08:00
a54f1591df
Bug 986875: Don't set the obsolete NSS makefile variable STANDARDS_CFLAGS.
...
r=glandium.
2014-03-24 16:53:33 -07:00
26057e30a1
bug 987262 - mozilla::pkix: refactor Nested AtEnd() checks in pkixder.h r=briansmith
2014-03-24 13:12:56 -07:00
8322201880
Merge m-c to m-i
2014-03-22 08:09:46 -07:00
9592dabe91
No bug, Automated HSTS preload list update from host bld-linux64-spot-008 - a=hsts-update
2014-03-22 03:20:45 -07:00
e79c0e95dc
backout bug 985021 (8d622f4ec6e9) for another build breakage on a CLOSED TREE r=backout
2014-03-21 11:47:06 -07:00
c5bfa2424f
bug 969758 - ignore "snionly" property in Google's HSTS preload list r=cviecco DONTBUILD because NPOTB
2014-03-21 14:09:04 -07:00
26eb4bc123
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
2014-03-21 10:38:36 -07:00
d20d064223
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
2014-03-21 11:52:01 -07:00
Phil Ringnalda
ffxbld
Wan-Teh Chang
Camilo Viecco
Wes Kocher
Monica Chew
Gijs Kruitbosch
David Keeler
Harsh Pathak
Ryan VanderMeulen
Ed Morley
Brian Smith
Mike Hommey
Jed Davis
Sébastien Blin
Cykesiopka
Nathan Froyd
Richard Barnes
Birunthan Mohanathas
Bob Owen
Chris Peterson
Marco Castelluccio
Patrick McManus
Gervase Markham
Carsten "Tomcat" Book
Jacek Caban
Bobby Holley
Rodrigo Rodriguez Jr.
Nathan Toone
Arpad Borsos
Honza Bambas
Stefan Arentz
Randell Jesup
YFdyh000
Anuj Agarwal
Raymond Etornam Agbeame(:retornam)
Kyle Huey
Mike Kaply
Boris Zbarsky
Michael Shuen
Peter Van der Beken
Shu-yu Guo
Jon Coppeard
Geoff Brown
Makoto Kato
Benjamin Peterson
Antonio M. Amaya