For cases where the class has direct calls (that is, we cast `this` to the
subclass before making the call) no longer declare Recv/Answer methods on the
base class at all. This should ensure that slots for them are not generated in
vtables, and also allow the derived class to choose the method signature (e.g.
whether it wants to take something by reference or by value).
Differential Revision: https://phabricator.services.mozilla.com/D18132
--HG--
extra : moz-landing-system : lando
Summary:
Scripts:
https://gist.github.com/jcjones/b25e07de3a48c3ed084f0f9e26911693
# From the above gist
./jcj-regenerate-certspecs
# This is a DER form, not a PEM.
openssl x509 -in security/manager/ssl/tests/unit/test_signed_apps/xpcshellTestRoot.pem -outform der > security/manager/ssl/tests/unit/test_signed_apps/xpcshellTestRoot.der
rm security/manager/ssl/tests/unit/test_signed_apps/xpcshellTestRoot.pem
# These don't seem to be checked in
rm services/common/tests/unit/test_blocklist_signatures/*.pem
Reviewers: ccoroiu
Bug #: 1525191
Differential Revision: https://phabricator.services.mozilla.com/D18638
--HG--
extra : histedit_source : f6e29ef6f3d012e42cda980abbb13bc4276702d6
Before this patch, if the enterprise roots feature were enabled, nsNSSComponent
would gather any such roots and temporarily import them into NSS so that
CertVerifier could use them during path building and trust querying. This turned
out to be problematic in part because doing so would require unlocking the
user's key DB if they had a password. This patch implements a scheme whereby
nsNSSComponent can give these extra roots directly to CertVerifier, thus
bypassing NSS and any need to unlock/modify any DBs. This should also provide a
path forward for other improvements such as not repeatedly searching through all
certificates on all tokens, which has inefficiencies (see e.g. bug 1478148).
Differential Revision: https://phabricator.services.mozilla.com/D18156
--HG--
extra : moz-landing-system : lando
Whitelist the /Library and ~/Library ColorSync profile directories allowing gfx.color_management.display_profile to be used to load color profiles from those locations.
Differential Revision: https://phabricator.services.mozilla.com/D18390
--HG--
extra : moz-landing-system : lando
The sandbox already permits the process to create/delete the folder and access files in it. This patch gives is access to the folder itself, namely it allows NtQueryAttributesFile to evaluate it. For complex reasons, this fixes Flash's ability to store local objects (see AS3's SharedObject API).
Differential Revision: https://phabricator.services.mozilla.com/D18299
--HG--
extra : moz-landing-system : lando
The Family Safety TLS interception feature is seldom used and security-wise is
essentially equivalent to the enterprise or third-party roots feature. To
simplify future improvements, this patch folds them together by automatically
importing third-party roots if Firefox detects that the Family Safety TLS
interception feature has been enabled. This affects Windows 8.1 only. When
usage of Windows 8.1 is low enough, we will remove the feature altogether.
Differential Revision: https://phabricator.services.mozilla.com/D16727
--HG--
extra : moz-landing-system : lando
This stops the use of some win32k calls during start-up that will fail and in
some cases cause a crash.
It also moves the MITIGATION_DYNAMIC_CODE_DISABLE to be enabled after start-up.
This is required because the hooks to fake the user32 and gdi32 initialization
are applied as the DLLs load and the dynamic code disable blocks that.
Add "(with no-log)" to the iokit-get-properties and other extra deny types in the content and GMP sandbox profiles.
Differential Revision: https://phabricator.services.mozilla.com/D17285
--HG--
extra : moz-landing-system : lando
NSS 3.42 added a new build flag, enable_sslkeylogfile, to toggle the
availability of the SSLKEYLOGFILE variable (see Bug 1515236 and Bug 1519209).
Differential Revision: https://phabricator.services.mozilla.com/D17588
--HG--
extra : moz-landing-system : lando
***
Bug 1514594: Part 3a - Change ChromeUtils.import to return an exports object; not pollute global. r=mccr8
This changes the behavior of ChromeUtils.import() to return an exports object,
rather than a module global, in all cases except when `null` is passed as a
second argument, and changes the default behavior not to pollute the global
scope with the module's exports. Thus, the following code written for the old
model:
ChromeUtils.import("resource://gre/modules/Services.jsm");
is approximately the same as the following, in the new model:
var {Services} = ChromeUtils.import("resource://gre/modules/Services.jsm");
Since the two behaviors are mutually incompatible, this patch will land with a
scripted rewrite to update all existing callers to use the new model rather
than the old.
***
Bug 1514594: Part 3b - Mass rewrite all JS code to use the new ChromeUtils.import API. rs=Gijs
This was done using the followng script:
https://bitbucket.org/kmaglione/m-c-rewrites/src/tip/processors/cu-import-exports.jsm
***
Bug 1514594: Part 3c - Update ESLint plugin for ChromeUtils.import API changes. r=Standard8
Differential Revision: https://phabricator.services.mozilla.com/D16747
***
Bug 1514594: Part 3d - Remove/fix hundreds of duplicate imports from sync tests. r=Gijs
Differential Revision: https://phabricator.services.mozilla.com/D16748
***
Bug 1514594: Part 3e - Remove no-op ChromeUtils.import() calls. r=Gijs
Differential Revision: https://phabricator.services.mozilla.com/D16749
***
Bug 1514594: Part 3f.1 - Cleanup various test corner cases after mass rewrite. r=Gijs
***
Bug 1514594: Part 3f.2 - Cleanup various non-test corner cases after mass rewrite. r=Gijs
Differential Revision: https://phabricator.services.mozilla.com/D16750
--HG--
extra : rebase_source : 359574ee3064c90f33bf36c2ebe3159a24cc8895
extra : histedit_source : b93c8f42808b1599f9122d7842d2c0b3e656a594%2C64a3a4e3359dc889e2ab2b49461bab9e27fc10a7
For sandbox early startup, ensure violation logging is only enabled when the parent passes the -sbLogging flag.
Differential Revision: https://phabricator.services.mozilla.com/D17013
--HG--
extra : moz-landing-system : lando
In Bug 1462100 we started casting to void* because mingw doesn't do
automatic conversions like MSVC does. In Bug 1498695 I backed out that
change because I (mistakenly) thought it wasn't necessary for mingw-clang
when in actuality, I simply wasn't hitting the code path due to
SANDBOX_EXPORTS being defined.
Since we want to _not_ define SANDBOX_EXPORTS I need to put the original
patch back in place.
--HG--
extra : amend_source : a26eec746e7881fa88b963c8dd3c1fa900b6a8b6
Before this patch, NSSCertDBTrustDomain::FindIssuer would iterate over its
candidate list (a CERTCertList) twice. This would have made it difficult to add
in candidate issuers from other sources (see e.g. bug 1514118, wherein the goal
is to bypass NSS' view of what certificates exist to facilitate third
party/enterprise roots). This patch reorganizes this function to make future
improvements easier.
Differential Revision: https://phabricator.services.mozilla.com/D16341
--HG--
extra : moz-landing-system : lando
As originally written, the keychain-backed secret storing implementation would
not overwrite a secret if prompted to generate or recover one with a label that
was already in use. Since libsecret and credential manager both do this by
default, this change makes the keychain-backed implementation behave the same
way.
Differential Revision: https://phabricator.services.mozilla.com/D15697
--HG--
extra : moz-landing-system : lando
Only STATE_SECURE_HIGH is used, and that's only in instances where
STATE_IS_SECURE is also used, so we can remove the security level
flags and just assume STATE_IS_SECURE is also STATE_SECURE_HIGH.
Differential Revision: https://phabricator.services.mozilla.com/D15600
--HG--
extra : moz-landing-system : lando
Enough linux-based systems don't have libsecret that we can't make it a
requirement on linux. For those that do, however, we can dynamically load the
library at runtime. For those that don't, we can fall back to NSS.
Differential Revision: https://phabricator.services.mozilla.com/D9969
--HG--
extra : moz-landing-system : lando
Allow access to device-id and vendor-id IOKit properties needed for AppleIntelHD3000GraphicsGLDriver.
Fixes a crash in the AppleIntelHD3000GraphicsGLDriver userland driver which is used in some 2011-era Macs.
Differential Revision: https://phabricator.services.mozilla.com/D15528
--HG--
extra : moz-landing-system : lando
Alex Gaynor
Tim Nguyen
ui.manish
Razvan Maries
Jan de Mooij
J.C. Jones
Coroiu Cristina
Sylvestre Ledru
J.C. Jones
ffxbld
Dana Keeler
Haik Aftandilian
David Parks
Andrea Marchesini
Myk Melez
shindli
Bob Owen
arthur.iakab
Kris Maglione
Byron Campen [:bwc]
Sebastian Hengst
Ciure Andrei
Gurzau Raul
Tom Ritter
Cosmin Sabou
Noemi Erli
Ehsan Akhgari
Valentin Gosu
Jared Wein
Dorel Luca
Oana Pop Rus
Franziskus Kiefer
Neil Deakin
Gian-Carlo Pascutto
Kyle Machulis
Daniel Varga
Narcis Beleuzu
Gijs Kruitbosch