libprio does not currently build with MSVC (since it only supports
C90 as a compiler), this is being worked on upstream at https://github.com/mozilla/libprio/issues/17
As we are almost certainly not going to ship Firefox build with MSVC anymore,
let's disable this to get it working on this Tier-2 platform.
Differential Revision: https://phabricator.services.mozilla.com/D4292
--HG--
extra : moz-landing-system : lando
This is tracked upstream at https://github.com/mozilla/libprio/issues/15
MozReview-Commit-ID: L5VWKdEitfB
--HG--
extra : rebase_source : c19472a8658c01a2edc69904e36a2c5409af1396
yasm doesn't support aarch64, and trying to use GNU as with an MSVC
build seems like sadness waiting to happen. Instead, we'll generate our
own assembly file that armasm64 will accept.
The deletions in xptcall are when we don't even have support for the CPU
in moz.configure, so I assume that people haven't been compiling on
those architectures for quite some time.
libffi has assembly files on Windows that need to be preprocessed. Previously
this was handled by using a wrapper shell script as the assembler. This
patch handles them in GENERATED_FILES with a Python script that performs
an equivalent transformation.
MozReview-Commit-ID: 3w0HNpUb8TA
--HG--
extra : rebase_source : 284a3825cdaf2957507d60276a772f88f8c96488
extra : source : 3f422cbd4f222bc0b19f0a9e76878787652b3788
Since we set WINVER=601 after dropping Windows XP support, it is unnecessary to define LOCALE_SNAME. So, we should remove it to remove compiler warning.
MozReview-Commit-ID: EawbHAznXNA
--HG--
extra : histedit_source : d3157300315052048756c22ac2c999523d28679d
Build system switch for optional inclusion of libaom
for support of the Alliance for Open Media AV1 video
codec.
MozReview-Commit-ID: 2C4o1ogRS9v
--HG--
extra : rebase_source : d4a68f1fc4654895f62a905666f0b75726e20e7f
To validate the PSSH init data passed to EME, I'd like to reuse the same
PSSH parser that the ClearKey CDM shared library uses. So move the code
out of gmp-clearkey and into its own library, so we can link it statically
into code that needs to use it.
MozReview-Commit-ID: 7xSUSmCueJz
--HG--
rename : media/gmp-clearkey/0.1/ClearKeyCencParser.cpp => media/psshparser/PsshParser.cpp
rename : media/gmp-clearkey/0.1/ClearKeyCencParser.h => media/psshparser/PsshParser.h
extra : source : 78dcbc5d3c26547c63269eb14034a67863cf28de
To support android/aarch64, I want to remove the requirement of system's libffi.
MozReview-Commit-ID: Lc3POx09Cks
--HG--
extra : rebase_source : 384852e7b9e61d0d7a950159535e3ddc8457e889
We don't need to hear about ICU redefining macros we set up or about
include paths that are Microsoft-specific, but still resolve to where
they need to go.
MozReview-Commit-ID: D9lFiNCvkOh
--HG--
extra : rebase_source : 66848780bb4e2473a7f1df9a621f0b2f54171e70
as opposed to passing down LINK when cross compiling.
Until bug 1290334, LINK was the variable used by the NSS build system
for the linker on Windows, but it now uses LD, like on other platforms.
But its default value on Windows is "link", which can pick /usr/bin/link
on msys2, instead of MSVC's so, pass down LD from the Gecko build
system. And do so an all platforms in all cases, because it shouldn't
hurt.
--HG--
extra : rebase_source : 3eb8236a8f032468d10c874be2daa1c66986bd47
Configure uses the value of the MT environment variable before falling back
to mt(.exe), but the build system was completely ignoring the MT
environment variable.
--HG--
extra : rebase_source : 8c9b43aeb08493ae5bd6d6361f4f18f097ea0553
This removes the unnecessary setting of c-basic-offset from all
python-mode files.
This was automatically generated using
perl -pi -e 's/; *c-basic-offset: *[0-9]+//'
... on the affected files.
The bulk of these files are moz.build files but there a few others as
well.
MozReview-Commit-ID: 2pPf3DEiZqx
--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
B2g came with its own version of 'libgabi++' in its toolchain. Gecko
on b2g isn't build any longer with this toolchain. With this patch
applied, Gecko's internal version of 'libgabi++' is used for building.
MozReview-Commit-ID: KU4OBYQ6cAW
Per froydnj in bug 1186064 comment #23, "it makes sense to proceed with removing
MSVC 2013 support." This commit does that.
We also go a step further and require VS2015 Update 2 instead of just
update 1. This temporarily brings us down to just 1 officially supported
Visual Studio version. However, VS2015u3 was just released and is
unofficially supported.
Since MOZ_CRT is no longer set, references to it have been removed.
MozReview-Commit-ID: 8MUR6qLzQA5
--HG--
extra : rebase_source : 8f5061080a3d56dd484f9be03649fb65f0145f67
Per froydnj in bug 1186064 comment #23, "it makes sense to proceed with removing
MSVC 2013 support." This commit does that.
We also go a step further and require VS2015 Update 2 instead of just
update 1. This temporarily brings us down to just 1 officially supported
Visual Studio version. However, VS2015u3 was just released and is
unofficially supported.
Since MOZ_CRT is no longer set, references to it have been removed.
MozReview-Commit-ID: 8MUR6qLzQA5
--HG--
extra : rebase_source : 22ab4f47661ead4995d0c5261104abfb02b82aa2
Per froydnj in bug 1186064 comment #23, "it makes sense to proceed with removing
MSVC 2013 support." This commit does that.
We also go a step further and require VS2015 Update 2 instead of just
update 1. This temporarily brings us down to just 1 officially supported
Visual Studio version. However, VS2015u3 was just released and is
unofficially supported.
Since MOZ_CRT is no longer set, references to it have been removed.
MozReview-Commit-ID: 8MUR6qLzQA5
--HG--
extra : rebase_source : 94527a0be3f107991998185903f1c6cf6e190f9f
Previously this implementation would use the expected names of the built-in
module and slot to get a handle on them. This doesn't work on distributions that
use other names. The new implementation searches through the slots from the
default module list for one where PK11_HasRootCerts returns true (which
indicates that NSS considers that slot to contain the default built-in root
list).
MozReview-Commit-ID: LmX27hQfFJU
--HG--
extra : rebase_source : 50383dcc77257fe08ce2c7d908e95cda7c4bbe9d
The intent in bug 1271829 was to make all the XCFLAGS set in
config/external/nss/Makefile.in accumulate instead of replacing each
other. Unfortunately, there is also an AC_SUBST variable named XCFLAGS,
use for other purposes, and we ended up adding on top of that variable.
Using a different local variable allows to still accumulate the values,
while keeping away from the XCFLAGS from autoconf.mk.
This updates the nss build to require SSE2 instructions on win32.
By default nss builds with -arch:IA32 for maximum compatibility.
Firefox 49 dropped support for non-SSE2 platforms, so propagate
that to the nss external build. XCFLAGS come after the nss build's
default settings, and the last -arch switch will override the
previous ones.
Bump CLOBBER because we've had trouble with file removal permission
errors on integration builds.
MozReview-Commit-ID: 2lfDq0e0T7Y
Previously, this clobbered the XCFLAGS set by MOZ_FOLD_LIBS_FLAGS.
Combine them instead so we can pass multiple options through
this override mechanism.
This is a behaviour change building with --enable-llvm-hacks.
MozReview-Commit-ID: 4WP0asnc7Z6
Key size enforcement for TLS certificates happens at two levels: PSM and NSS.
PSM enforces a minimum of 1024 bits. NSS enforces a minimum of 1023 bits by
default. The NSS error is not overridable, but the PSM error is. This change
allows users to connect to devices with small RSA keys (as little as 512 bits)
using the certificate error override functionality.
MozReview-Commit-ID: 2TZ8c4I3hXC
--HG--
extra : rebase_source : a9c550f15261c711e789a670c90c129c65802ff0
- Merge in test changes from Bug 1255784.
- Remove the unnecessary mutex
- Stop doing direct memory work in NSS Token
- Clean up direct memory work in ContentParent
- In order to store persistent crypto parameters, the NSSToken had to move
onto the main thread and be interfaced with via IDL/IPDL.
- Support Register/Sign via NSS using a long-lived secret key
- Rename the softtoken/usbtoken "enable" prefs, because of hierarchy issues
with the WebIDL Pref shadowing.
- Also orders the includes on nsNSSModule.cpp
- Attestation Certificates are in Part 2.
Updates per keeler review comments:
- Use //-style comments everywhere
- Refactor the PrivateKeyFromKeyHandle method
- Rename the logging and fix extraneous NS_WARN_IF/logging combinations
- Other updates from review
April 11-12:
- Correct usage of the "usageCount" flag for PK11_UnwrapPrivKey
- Rebase up to latest
April 15:
- Rebase to latest
MozReview-Commit-ID: 6T8jNmwFvHJ
--HG--
extra : transplant_source : w%26%CES%2Cu%04%3EAl%04%2Cb%E2v%C9%08%3A%CC%F4
In contrast to the GNU AS manual, the syntax for the .section directive
uses '%progbits' instead of '@progbits'; at least on ARM. Looking at the
ICU tools and the generated files confirms this.
Also fixes bug 926980 - load ICU data from an archive file.
Stop invoking ICU's autoconf build system. Instead, have hand-authored
moz.build files under config/external/icu to build what we need. In addition,
we'll commit a pre-built copy of the ICU data file (currently icudt56l.dat)
under config/external/icu/data to avoid having to build ICU host tools to
generate it. config/external/icu/data also contains some assembly files
which can generate an object file containing the ICU data file contents
so that the JS shell (or standalone JS builds) can be linked directly to
the data without having to deal with the external data file. This requires
yasm or GNU as.
Various bits of packaging have been updated to account for the ICU data file.
XPCOM initialization now sets the ICU data directory so ICU can locate its
data file.
The update-icu.sh script has been modified to read the list of C/C++ source
files out of the ICU Makefiles and update `sources.mozbuild` files under
config/external/icu, as well as build a local copy of ICU using its
autoconf build system to generate the ICU data file to be committed in-tree.
MozReview-Commit-ID: 8Pfkzqt6S1W
--HG--
extra : rebase_source : 31426cddddb5543e0191059ba2f2eb069abe7727
When a built-in root certificate has its trust changed from the default value,
the platform has to essentially create a copy of it in the read/write
certificate database with the new trust settings. At that point, the desired
behavior is that the platform still considers that certificate a built-in root.
Before this patch, this would indeed happen for the duration of that run of the
platform, but as soon as it restarted, the certificate in question would only
appear to be from the read/write database, and thus was not considered a
built-in root. This patch changes the test of built-in-ness to explicitly
search the built-in certificate slot for the certificate in question. If found,
it is considered a built-in root.
MozReview-Commit-ID: HCtZpPQVEGZ
--HG--
extra : rebase_source : 759e9c5a7bb14f14a77e62eae2ba40c085f04ccd
ALLOW_COMPILERS_WARNINGS is set in moz.build files, which end up producing backend.mk files, which are loaded as part of config/rules.mk.
--HG--
extra : rebase_source : 75643ff0a30be733216d5572668a52ab365d7c59