36ef87e623
Bug 1075991 - Tracking cause of inappropriate TLS version fallback, r=keeler
2014-10-03 11:01:24 -07:00
e3fc75fe11
Bug 1075991 - Remember version intolerance reason code, r=keeler
2014-10-03 11:01:24 -07:00
af2478ad59
Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler)
2014-10-02 16:45:13 -07:00
e75e48ed45
Bug 1054498 - Report pinning violations by CA r=keeler
2014-10-17 10:33:50 -07:00
e5ad1e7db2
Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests
2014-10-17 13:14:29 +02:00
d893b9cc90
Backed out changeset f5fa8ea86d3b (bug 622859)
2014-10-17 13:13:01 +02:00
67e50f1aa1
Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang
2014-10-16 12:42:00 +02:00
ef48a9fa7c
Bug 622859 - Tests for bug 622859. r=briansmith,keeler
2014-10-16 05:22:00 +02:00
01941f880c
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
2014-10-16 05:13:00 +02:00
b9708b293b
Bug 1083701: When pre-Vista, for testing purposes allow stdout/err to be inherited by sandboxed process when an env var is set. r=tabraldes
2014-10-17 09:42:09 +01:00
d44051d068
bug 1055238 - add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process r=rbarnes
2014-09-16 15:49:37 -07:00
76d5bfab7d
bug 1055238 - clean up nsNSSCertificateFakeTransport.{cpp,h} for style nits r=rbarnes
2014-09-16 13:24:13 -07:00
4782afddb6
Bug 787133 - (hpkp) testing of internal storage and idl r=keeler.
...
--HG--
extra : rebase_source : c4f83f38a3b8f293a1ca61f2f0a6f90df6ff7840
2014-09-12 14:59:37 -07:00
d790eb8f88
Bug 787133 - (hpkp) Internal storage of hpkp data. r=keeler.
...
--HG--
extra : rebase_source : 1ef88ab5ebcf9634bd1de76ec1c9543eb87d265b
2014-09-12 14:59:37 -07:00
db0e8cfdbd
bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc
2014-09-12 13:20:43 -07:00
9a1ec24aef
Bug 1067565 - Built-in pins expires decades later. r=keeler
2014-09-15 17:17:12 -07:00
4728b78382
bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj
2014-09-15 19:46:14 -04:00
6e187f49f8
Merge m-c to inbound a=merge
2014-09-15 16:41:45 -07:00
bed71c1658
No bug, Automated HPKP preload list update from host bld-linux64-spot-318 - a=hpkp-update
2014-09-15 14:35:39 -07:00
cc3388a150
No bug, Automated HSTS preload list update from host bld-linux64-spot-318 - a=hsts-update
2014-09-15 14:35:37 -07:00
dce41c469b
bug 973048 - follow-up to add another missed #include r=bustage on a CLOSED TREE
2014-09-15 13:50:18 -07:00
c6dc096f07
bug 973048 - follow-up to add #include for ScopedPtr r=bustage on a CLOSED TREE
2014-09-15 13:02:47 -07:00
4113b4b466
bug 973048 - replace nsNSSCleaner with Scoped types r=rbarnes
2014-09-15 12:31:43 -07:00
d557d05d44
merge m-i to m-c a=merge
2014-09-12 15:07:38 +02:00
7d604b16de
No bug, Automated HPKP preload list update from host bld-linux64-spot-021 - a=hpkp-update
2014-09-11 20:51:37 -07:00
44fa5fca8f
No bug, Automated HSTS preload list update from host bld-linux64-spot-021 - a=hsts-update
2014-09-11 20:51:35 -07:00
ccbb9be8bc
Bug 1050518 - Remove nsICertificatePrincipal. r=keeler
2014-09-10 20:31:00 -04:00
61056aa4db
Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj
2014-09-10 12:36:17 +01:00
33eaabbf1f
Bug 1063455 - Define MOZ_STACKWALKING when NS_StackWalk is available and replace other instances of the same #if logic. r=mshal, r=froydnj
2014-09-08 18:25:20 +01:00
c857f8e0f4
Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler
...
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
2014-08-31 19:42:36 -07:00
030872a85c
Bug 1063013, Part 3: Move dependencies on pkixnss to pkixtestnss, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : b22bd341a5c72ba87efcf23a4e048bba8adf1544
2014-08-31 19:16:26 -07:00
18c10a4998
Bug 1063013, Part 2: Remove unnecessary pkixnss dependency from pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e91ec652edc54255cd29871c91550c3ee49438c5
2014-08-31 19:04:15 -07:00
06a6c4e0be
Bug 1063013, Part 1: Remove pkixnss dependency from pkixtestutil.cpp, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e55c2e0c73a59b84629d071a64d8597ec5cc56ae
2014-09-04 17:21:28 -07:00
8dbcf66d66
Bug 1063006: Centralize direct use of NSS for crypto in the mozilla::pkix test suite, r=keeler
...
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : 93515d39abf91168fa86268f9b26f8c62d0d411e
2014-08-31 17:47:09 -07:00
ba3ad3aa0e
Bug 1059924, Part 2: Test that the high tag number form is rejected, r=keeler
...
--HG--
extra : rebase_source : 66793ce13ed8635cd47051fc2c93651d6936614e
2014-08-21 15:48:40 -07:00
af04cea2d8
Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo
...
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
2014-08-29 10:11:00 +02:00
bd73520e3c
Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith
2014-09-08 20:47:36 -04:00
d577ecb4c1
bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc
2014-09-08 09:33:03 -07:00
75dcdffdac
merge mozilla-inbound to mozilla-central a=merge
2014-09-08 15:22:16 +02:00
fb37ddfbb4
No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update
2014-09-06 03:17:54 -07:00
335a88aab5
No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update
2014-09-06 03:17:51 -07:00
ca62a34614
Merge inbound to m-c a=merge
2014-09-05 19:04:52 -07:00
573218568c
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso)
2014-09-05 12:04:26 -07:00
a9431992d5
Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes
2014-09-03 10:31:53 +01:00
702384684c
bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes
2014-09-05 11:04:22 -07:00
2c36fac925
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler)
2014-09-05 12:04:26 -07:00
f19448274c
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
a37dba0312
Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage
...
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
2014-09-04 15:53:07 -07:00
418571330e
Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco
...
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
2014-08-31 22:03:22 -07:00
4170cfe622
Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler
...
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
2014-08-30 23:30:20 -07:00
6e2797899e
Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
...
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
2014-08-30 23:27:15 -07:00
26f076840d
Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler
...
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
2014-09-01 19:23:01 -07:00
1966d956d1
Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler
...
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
2014-08-30 23:09:18 -07:00
c7a8deb8a0
Bug 1061021, Part 13: Remove Output class, r=keeler
...
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
2014-08-30 20:47:58 -07:00
5419f381e4
Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
...
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
2014-08-30 20:42:19 -07:00
c697d86d9d
Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
2014-08-30 19:55:52 -07:00
dedfff0a81
Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler
...
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
2014-08-30 19:16:24 -07:00
d1e3997695
Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler
...
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
2014-08-30 18:00:02 -07:00
a67503eadb
Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler
...
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
2014-08-30 17:47:22 -07:00
24aa747308
Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler
...
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
2014-08-30 17:40:41 -07:00
653ade1f65
Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler
...
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
2014-08-30 17:00:16 -07:00
3c92292236
Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler
...
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
2014-08-30 16:49:49 -07:00
61df71edb6
Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler
...
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
2014-08-30 16:33:47 -07:00
314958b44f
Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler
...
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
2014-08-30 16:15:11 -07:00
f854a1e2f2
Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler
...
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
2014-08-30 16:07:16 -07:00
8b26ecac0b
Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler
...
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
2014-08-30 23:11:23 -07:00
a6be0bc849
Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler
...
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
2014-09-02 22:03:30 -07:00
a891fc79d8
Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler
...
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
2014-08-29 16:06:38 -07:00
d219ed0d80
bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith
2014-09-04 10:42:31 -07:00
a250e4de47
bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith
2014-09-03 10:12:55 -07:00
d578571a85
Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage
2014-09-04 15:14:41 +02:00
39fa254326
Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage
2014-09-04 15:13:14 +02:00
ad41895771
Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes
2014-09-03 10:31:53 +01:00
0fdb849687
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
4b99580194
Bug 1059113 - Use templates for shared libraries and frameworks. r=gps
...
Also force to use the existing template for XPCOM components.
2014-09-04 09:04:45 +09:00
0060683747
Bug 1059090 - Don't require SOURCES to be set for CPP_UNIT_TESTS and SIMPLE_PROGRAMS. r=mshal
2014-09-03 14:16:37 +09:00
ed70c5f377
Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps
2014-09-03 14:10:54 +09:00
c1853c5db4
bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
2014-09-03 11:44:08 -07:00
1dfa299843
Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium
2014-08-31 23:23:00 +02:00
6deacdf4e9
Bug 1061942 - Switch back security/certverifier and security/manager to use unified builds; r=bsmith
2014-09-02 18:28:11 -04:00
c0770e9a92
Backed out 1 changesets (bug 1050546) for build bustage
...
Backed out changeset c7a9e8177202 (bug 1050546)
2014-09-02 16:49:51 -07:00
18cd42500e
bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
2014-09-02 12:10:47 -07:00
5bffafdd26
Bug 1061061 - Fix more bad implicit constructors in misc. code; r=bsmedberg
2014-09-02 18:24:24 -04:00
d75ed5bf7f
bug 1059490 - mark more classes MOZ_FINAL r=froydnj
2014-08-27 14:26:48 -04:00
7e9f88e039
Bug 1036737 - Adding fallback SCSV use. r=dkeeler
2014-08-29 14:59:00 +02:00
aafc47e9e9
Bug 1060975 - Fix bad implicit constructors in security; r=bsmith
2014-08-31 19:26:27 -04:00
7b968ad142
Bug 1039166 - Fix intermittent gtest ASAN errors. r=dkeeler
2014-08-28 15:33:10 -07:00
c30a1809d2
Merge inbound to m-c. a=merge
2014-08-30 12:25:27 -04:00
61a875d894
No bug, Automated HPKP preload list update from host bld-linux64-spot-456 - a=hpkp-update
2014-08-30 03:23:01 -07:00
ea9d818f0d
No bug, Automated HSTS preload list update from host bld-linux64-spot-456 - a=hsts-update
2014-08-30 03:22:59 -07:00
1ea7e357ca
Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium
...
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.
This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.
--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
2014-08-28 23:23:13 -07:00
a47a7b45b5
Bug 1052099 - August 2014 batch of EV root CA changes. r=keeler
...
--HG--
extra : rebase_source : 4303f1fb6988ff462edd908295708788a24a64f1
2014-08-27 11:31:20 -07:00
4b04dd58f3
bug 1009161 - follow-up: add test_nsCertType.js to xpcshell.ini so it'll actually run r=mmc
2014-08-28 11:38:31 -07:00
db45c0b01a
Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes
...
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
2014-08-28 14:50:10 +12:00
fd5e2abf5a
bug 1058925 - don't convert nullptr to bool in ClientAuthServer.cpp r=keeler
2014-08-27 19:12:22 -04:00
e7899e86a5
Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes
...
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
2014-08-27 15:42:41 -07:00
5c4a88776f
Bug 1004781: Enable pinning in test mode for facebook (r=cviecco)
2014-08-27 14:18:25 -07:00
ba6539ecd7
bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent.
2014-08-29 17:34:26 -07:00
127e03fe0a
Bug 1059926: Give DottedOIDToCode.py the ability to generate more encodings, r=keeler
...
--HG--
extra : rebase_source : 8fabeb5802530789925ae47d1f1cc4b27e4bf899
extra : histedit_source : 1329e925ada56b29c9e05991b85b320d4ae0e3a3
2014-08-28 09:58:13 -07:00
6452321116
Bug 1057793: Fix build warning on MSVC 2013, r=keeler
...
--HG--
extra : rebase_source : eb908d0f3d313991cab78d707c7f666ab9d9eaf5
extra : histedit_source : 3d69a511f82895d8b741960205e96488b4f2ebbb
2014-08-17 16:49:19 -07:00
ede2da1dd5
Bug 1057791: Switch PR_ASSERT to assert in pkixcheck.cpp, r=keeler
...
--HG--
extra : rebase_source : a63e822eed9914046127c466f7e5c4f0e3e84361
extra : histedit_source : fc9d16f67cc349f5c7d3964c5dc58de1e5b9e986
2014-08-17 16:50:45 -07:00
5846749954
Bug 1057790: Limit scope of CERTCertificate-related stuff to the scope it is used, r=keeler
...
--HG--
extra : rebase_source : 41b84cc08a928d0cdf57062d89f6d9495351437f
extra : histedit_source : bfbc35434d1318b6e6259bca72e6e1688842e5ad
2014-08-04 15:32:15 -07:00
01f0b82f34
Bug 1053924: Remove dependencies on PRTime in mozilla::pkix's test code, r=keeler
...
--HG--
extra : rebase_source : deb2dcec5c56ef86d95df319b5a61165d9d761a7
2014-08-08 10:33:18 -07:00
3f1e2a85b6
Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium
...
See also bug 1059038.
2014-08-26 19:23:44 -07:00
3ae6c90876
Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang
2014-08-26 13:54:16 -07:00
23c21aa709
Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium
...
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).
The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
2014-08-26 13:54:09 -07:00
e020caf2de
Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang
2014-08-26 13:54:03 -07:00
bfd5ec525f
Bug 1052529 - Add missing l10n strings for mozilla::pkix errors. r=keeler
2014-08-26 00:03:00 +02:00
dfc4c053b1
Bug 1056936 - Specify full path to plugin-container in sandbox rules. r=rjesup
2014-08-25 15:01:04 -05:00
77bfad00a6
Bug 1045801 - Rename SafeCast to AssertedCast. r=Waldo
2014-08-25 12:17:32 -07:00
d026d78753
bug 1034124 - allow overrides when a CA cert is used as an end-entity cert r=briansmith
2014-08-22 12:07:08 -07:00
800c5b4b9f
bug 1009161 - mozilla::pkix: allow the Netscape certificate type extension if more standardized information is present r=briansmith
2014-08-25 09:25:36 -07:00
81342753e0
Merge inbound to m-c. a=merge
...
CLOSED TREE
2014-08-25 11:49:37 -04:00
07de5c29aa
No bug, Automated HPKP preload list update from host bld-linux64-spot-317 - a=hpkp-update
2014-08-23 03:29:03 -07:00
8f1e08d168
No bug, Automated HSTS preload list update from host bld-linux64-spot-317 - a=hsts-update
2014-08-23 03:29:01 -07:00
c725a726be
Merge inbound to m-c a=merge
2014-08-22 16:47:32 -07:00
b562d97c7e
Bug 1042006 - Replace reviewers-dev certificate. r=fabrice
...
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
2014-08-21 00:12:00 -04:00
1f84bc411b
bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes
2014-08-21 10:37:23 -07:00
fd5e9d1fcc
bug 1047696 - mark a number of classes MOZ_FINAL to get compilers to devirtualize more r=froydnj
2014-08-05 13:33:55 -04:00
4c5f0ef40a
Bug 1047177 - Treat v4 certs as v3 certs. Tests (2/2). r=keeler.
...
--HG--
extra : rebase_source : 58be8a1ac652636fea80e83fc8eae2b7092c6edd
2014-08-21 14:49:00 -07:00
a7b51fb02b
Bug 1047177 - Treat v4 certs as v3 certs (1/2). r=keeler.
...
--HG--
extra : rebase_source : 4cfb69672aa54274bb4ee850f23f0bbbe8e9e49f
2014-08-21 14:47:25 -07:00
f2fb78225b
Bug 1055541 - Fix build failure on VS2013 with --enable-warnings-as-errors due to Warning C4996. r=ehsan
2014-08-20 04:09:03 +09:00
300766f367
bug 1050063 - consider tls client hello version in alpn/npn offer list r=hurley r=keeler
2014-08-15 09:39:53 -04:00
a8d80abaf6
Merge m-c to inbound a=merge
2014-08-22 17:05:17 -07:00
d72906c30d
Bug 314095 - Eliminate nsIContent::GetDocument, r=jst
...
--HG--
extra : rebase_source : dd8f690940825b298a478b65b68a57418a9962ff
2014-08-22 23:11:27 +03:00
4ee21d300f
bug 1057128 - add --clobber to generate_certs.sh, disabled by default (don't unnecessarily regenerate all certificates) r=rbarnes DONTBUILD because NPOTB
2014-08-22 10:25:46 -07:00
3e8057dc3d
bug 775370 - (part 1/2) introduce DataStorage r=froydnj r=mmc
2013-09-09 13:37:21 -07:00
cdfed1ffd4
Bug 1063445: Update to NSS_3_17_1_BETA2.
...
Includes the fixes for bug 1041326, bug 1058933, bug 1001332, bug 1057783.
2014-09-05 08:18:18 -07:00
64bed2314d
Bug 1052033 - Fix warnings in security/sandbox and mark as FAIL_ON_WARNINGS. r=smichaud
2014-08-09 14:25:24 -07:00
5fe0932115
Merge inbound to m-c. a=merge
2014-08-16 17:42:29 -04:00
e3b3b65eb1
No bug, Automated HPKP preload list update from host bld-linux64-spot-329 - a=hpkp-update
2014-08-16 03:15:25 -07:00
93cb810873
No bug, Automated HSTS preload list update from host bld-linux64-spot-329 - a=hsts-update
2014-08-16 03:15:23 -07:00
90fa6beb03
Bug 1029155 - Tests for storing failed certificate chains r=keeler
2014-08-15 11:27:31 -07:00
691dcd68c1
Bug 1029155 - Store peer certificate chain from failed connections on TransportSecurityInfo r=keeler
2014-08-15 11:27:22 -07:00
026854c3f0
Bug 1053627, Part 2: Use MOZILLA_PKIX_ARRAY_LENGTH instead of PR_ARRAY_SIZE, r=keeler
...
--HG--
extra : rebase_source : b9ae99d93921cb2f3a8f4395e9240389752fd2de
2014-08-13 21:01:35 -07:00
edb0ac64e0
Bug 1053627, Part 1: use sizeof instead of PR_ARRAY_SIZE for byte arrays, r=keeler
...
--HG--
extra : rebase_source : a01364ed6b64800142f18d3d350f50ca178ea4bb
2014-08-04 19:21:52 -07:00
5a78d0179b
Bug 1053621: Stop using PR_NOT_REACHED in mozilla::pkix, r=keeler
...
--HG--
extra : rebase_source : b70a3ca2f3dade0439cf902bf4042716e7d1bbd3
2014-08-04 19:19:29 -07:00
1709415e43
Bug 1053620: Replaces uses of PR_Abort with std::abort in mozilla::pkix, r=keeler
...
--HG--
extra : rebase_source : 2e1f3eec5305e89bfa28fbda856b4e36515a2819
2014-08-04 19:12:34 -07:00
d08286d3d3
Bug 1053617: Reduce scope of DER encoding debugging logic to the file it is used in, r=keeler
...
--HG--
extra : rebase_source : c22f7e96dfdd1997626769ac03c6d189321eec1a
2014-08-04 19:07:26 -07:00
9a2a60943d
Bug 1053616: Remove uses of PR_SetError from mozilla::pkix tests, r=keeler
...
--HG--
extra : rebase_source : 1fc7ce9ab400c39e3c4afb68940be93cc2a0b848
2014-08-13 17:50:42 -07:00
f4a67332e8
Bug 1052257 - Add and use error code specific to inadequate key sizes. r=keeler
2014-08-12 22:24:00 -04:00
1c8a8d2d9b
No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang
...
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
2014-08-14 15:39:14 -07:00
c3d3df58ac
bug 1030963 - remove non-standard window.crypto functions/properties r=jst r=briansmith r=glandium
2014-08-14 09:38:42 -07:00
3e57ff4e5a
Bug 1048642, Part 3: Remove SECStatus GTest utilities, r=cviecco
...
--HG--
extra : rebase_source : f77202ad8d271604d7620cc5f704a51338c356ab
2014-08-03 22:45:05 -07:00
065cf239b1
Bug 1048642, Part 2: Change GenerateKeyPair return type from SECStatus to Result, r=cviecco
...
--HG--
extra : rebase_source : 652277e952d224175ea57d4509124ff8180440cb
2014-08-04 10:59:21 -07:00
4a58c8b13e
Bug 1048642, Part 1: Change TamperOnce return type from SECStatus to Result, r=cviecco
...
--HG--
extra : rebase_source : 1d2e8014153d8bfc6f9008dd9b6b9e4d5ac5dcb7
2014-08-03 22:49:10 -07:00
bca16ce1ed
Bug 1049006 - Update Mozilla 33 to use NSS 3.17 final and NSPR 4.10.7 final, r=wtc
2014-08-13 21:47:00 +02:00
033a6785eb
Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang
...
Also refactors how sandbox support and disabling are handled, and allows
simulating a lack of sandbox support with an env var (for testing
without rebuilding a kernel).
2014-08-12 21:28:27 -07:00
3d57f23fab
bug 1040446 - mozilla::pkix: add error code for CA cert used as end-entity cert r=briansmith
2014-08-11 12:35:45 -07:00
9c4276d25b
Bug 1048070, Part 2: Remove uses of PR_NOT_REACHED and PR_ARRAY_SIZE in mozilla::pkix, r=keeeler
...
--HG--
extra : rebase_source : d373a7526c1048770bed8bacb7e14c8f10e832cb
2014-08-03 18:24:35 -07:00
3f64294312
Bug 1048070, Part 1: Replace uses of PR_ASSERT in mozilla::pkix, r=keeler
...
--HG--
extra : rebase_source : 3f1dbb4babb6d575bde3088c92aeb6f28d689210
2014-08-02 09:17:59 -07:00
ea0e98acf5
Bug 1042479: Accept the OIW sha1WithRSASignature OID, r=keeler
...
--HG--
extra : rebase_source : 98dfbf1b5130898604e86c54ad4a8453aa87bde4
2014-08-04 16:34:47 -07:00
b82e230f36
bug 1040323 - SecureBrowserUI needs to consider scheme, not just security of connection r=dkeeler
2014-07-28 14:37:41 -04:00
0e89667592
Merge inbound to m-c. a=merge
2014-08-09 11:19:46 -04:00
40f698d0cb
No bug, Automated HPKP preload list update from host bld-linux64-spot-011 - a=hpkp-update
2014-08-09 03:14:42 -07:00
509bcaeb60
No bug, Automated HSTS preload list update from host bld-linux64-spot-011 - a=hsts-update
2014-08-09 03:14:40 -07:00
98f9eac6dd
Merge m-c to inbound on a CLOSED TREE
2014-08-08 14:15:34 -07:00
844fdf04eb
Bug 1012949 - Sandbox the OpenH264 plugin for Mac r=rjesup,areinald,ted a=PatchNeedsToLandToday
2014-08-08 11:55:22 -05:00
ce8794da11
Bug 1040130 - Allow specifying a client cert for sockets. r=keeler, r=mcmanus
2014-08-07 16:32:00 -04:00
a7cf4142b4
Bug 1050009 - Initialize pldhash tables with a length, not a capacity. r=roc.
...
* * *
imported patch rm-dummy-params
--HG--
extra : rebase_source : c25987eb11bae197218d5fc53b77def19afa36ac
2014-08-06 06:31:21 -07:00
9bddbaa73e
Bug 1048643: extended nsDocShell with flags to indicate tracking protection status (similar to mixed content blocked/loaded status)
2014-08-07 13:35:03 -07:00
14eafa8e5d
Bug 1036546 - Soft-disable proprietary window.crypto functions via the pref dom.unsafe_legacy_crypto.enabled. r=smaug
2014-08-05 10:48:24 -07:00
89777800f9
Bug 1047267 - Move remaining OS_LIBS and EXTRA_LIBS to moz.build. r=gps
...
* * *
Bug 1047267 - To fold with "Move remaining OS_LIBS and EXTRA_LIBS to moz.build"
2014-08-07 14:21:03 +09:00
e8b438350d
Bug 1049281 - Move third-party build system "drivers" to config/external, and stop using static dirs. r=gps
...
--HG--
rename : intl/icu/Makefile.in => config/external/icu/Makefile.in
rename : config/nspr/Makefile.in => config/external/nspr/Makefile.in
rename : config/nspr/moz.build => config/external/nspr/moz.build
rename : security/build/Makefile.in => config/external/nss/Makefile.in
rename : security/build/moz.build => config/external/nss/moz.build
rename : security/build/nspr-dummy.def => config/external/nss/nspr-dummy.def
rename : security/build/nss.def => config/external/nss/nss.def
rename : security/build/nss.mk => config/external/nss/nss.mk
2014-08-07 02:58:52 +09:00
4a01b3b147
Bug 1048993 - Use nsinstall from $(topobjdir)/config instead of $(DIST)/bin to avoid races when make wants to reinstall it for some reason. r=mshal
2014-08-07 02:58:50 +09:00
e1583db863
Bug 1042226 - move DEFINES += -DAB_CD=$(AB_CD) pattern into config.mk; r=mshal
2014-08-01 12:53:05 -04:00
afefa8ea41
Bug 1047560: Enable pinning on dropbox (r=keeler)
2014-08-01 13:12:38 -07:00
d9443ec932
Bug 1045783 - Move most OS_LIBS to moz.build and do some related cleanup. r=mshal
2014-08-06 07:25:33 +09:00
a5a24cc8bb
Bug 1049006 - Update Mozilla to use NSS 3.17, r=wtc
2014-08-05 22:22:19 +02:00
7257b2f870
Bug 579517 follow-up: Remove NSPR types that crept in
2014-08-08 08:39:07 -04:00
d926cc34de
Bug 996237 - Fix nss.def for Android/B2G. r=wtc
2014-08-04 11:51:00 -04:00
0403683a4f
Bug 1047782 - Fix some bad impliciit constructors in netwerk/; r=mcmanus
2014-08-05 09:20:50 -04:00
b0bd63525b
Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang
...
--HG--
extra : rebase_source : 1b2ec6491277a9dc451ab767d8563076cf522c27
2014-08-04 15:11:33 -07:00
9d31844f0c
Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted
...
--HG--
extra : rebase_source : 1b890000d5b8d2a8954cdd1118a1023eba829c29
2014-08-04 15:11:18 -07:00
d2d145dc65
Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang
...
--HG--
extra : rebase_source : e93a4a76f8188d715886e263a366d694c28b4525
2014-08-04 15:11:04 -07:00
6fc80c7e16
Bug 1047176 - Part 1: Disable warning C4640 in certverifier. r=keeler
...
--HG--
extra : rebase_source : a608f8704f57312902b05258ff53a4d1f2010cbc
2014-08-04 11:29:25 -07:00
f8a14606da
bug 1027720 - enforce h2 requirement that sever uses aead r=hurley r=dkeeler
2014-08-04 16:54:10 -04:00
9239e94fea
Backed out changeset fa05c69d7de1 (bug 996237)
2014-08-04 15:34:15 +01:00
b3853a0865
Bug 996237 - Fix nss.def for Android/B2G. r=wtc
2014-08-01 14:44:00 -04:00
606b89b834
Backed out changeset 972daa5dd3c5 (bug 1027720) for build failures
2014-08-04 14:33:14 +01:00
004b6798a9
bug 1027720 - enforce h2 requirement that sever uses aead r=hurley r=dkeeler
2014-08-01 16:59:00 -04:00
7feeef7c09
Merge mozilla-central and inbound
2014-08-04 12:23:28 +01:00
b17124bab9
Backed out changeset cabe3163d4bc (bug 1047560) for conflicting with the automated HPKP preload list update
2014-08-04 12:22:36 +01:00
efe972f974
Merge latest green b2g-inbound changeset and mozilla-central; a=merge
2014-08-04 12:13:23 +01:00
a86bcdd47d
No bug, Automated HPKP preload list update from host bld-linux64-spot-075 - a=hpkp-update
2014-08-02 03:22:22 -07:00
b2a536ffc2
No bug, Automated HSTS preload list update from host bld-linux64-spot-075 - a=hsts-update
2014-08-02 03:22:20 -07:00
8c896093c8
Bug 1045646 - Part 2: Replace AutoPushJSContext in nsCryptoRunnable::Run. r=bholley
2014-08-01 09:00:58 +01:00
0ccaf0860c
Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
...
--HG--
extra : rebase_source : 2cc39d3c322c1355aad003f2497659a091febac2
2014-08-02 08:49:12 -07:00
de725ae5ef
Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler
...
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
2014-08-01 23:16:21 -07:00
25a73829af
Bug 1041344: Refactor mozilla::pkix::CheckCertificatePolicies, r=cviecco
...
--HG--
extra : rebase_source : d40184b986e9c6ed44c0b39a485292a91f924f13
2014-07-19 18:51:10 -07:00
6eea93a408
Bug 1047560: Enable pinning on dropbox (r=keeler)
2014-08-01 13:12:38 -07:00
9b70e225e5
Bug 1046525 - Allow get{e,}gid and sched_{g,s}etparam in sandboxed content processes. r=kang
...
Some of these were already in the desktop whitelist; those duplicates
are removed.
--HG--
extra : amend_source : 3ab4b50e3f1980b4d7b93cc17f34b926e2aa2396
2014-08-01 15:05:44 -07:00
18c07f1b91
Bug 1041186, Part 3: More renaming, r=keeler
...
--HG--
extra : rebase_source : e4d70240f25f566c3bde91d515739bf46853fe8d
2014-07-31 20:55:52 -07:00
d77dac0580
Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
...
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
2014-07-31 12:17:31 -07:00
ffe743ee06
Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
...
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
2014-07-18 22:30:51 -07:00
5f56fc60d6
Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco
...
--HG--
extra : rebase_source : d5c07dc29a95ccb75a7a8f199de26d43950b9ed4
2014-07-20 11:06:26 -07:00
a95b2088a5
Bug 1039601: Use bounds-checked DERArray instead of plain arrays in pkixocsp.cpp, r=cviecco
...
--HG--
extra : rebase_source : cbe6257fc470069de0f7cb4f9f169550980a6b98
2014-07-16 09:54:10 -07:00
c45dc156d1
Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
...
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
2014-07-18 11:48:49 -07:00
12c76f15f7
Bug 1042878 - part 2 - move MOZ_CAIRO_CFLAGS et al additions to C*FLAGS into moz.build; r=glandium
2014-07-24 11:55:33 -04:00
426692835a
Bug 1029151 - Remove dangerous public destructor of nsNSSCertificate. r=keeler
2014-07-30 13:00:29 -07:00
Martin Thomson
Monica Chew
J.C. Jones
Carsten "Tomcat" Book
Jed Davis
Cykesiopka
Bob Owen
David Keeler
Camilo Viecco
Trevor Saunders
Wes Kocher
ffxbld
Giovanni Sferro
Brian Smith
Ehsan Akhgari
Mike Hommey
Ryan VanderMeulen
David Major
Wan-Teh Chang
Tim Abraldes
Steven Michaud
Birunthan Mohanathas
Marco Castelluccio
Masatoshi Kimura
Patrick McManus
Olli Pettay
Chris Peterson
Garrett Robinson
Kai Engert
J. Ryan Stinnett
Nicholas Nethercote
Georgios Kontaxis
Nathan Froyd
Eric Rahm
Ed Morley
Andrew McCreight