Граф коммитов

9199 Коммитов

Автор SHA1 Сообщение Дата
Mike Hommey 128c4e6069 Bug 1120937 - Properly initialize the session field from C_OpenSession in the PKCS#11 test module. r=dkeeler 2015-01-14 15:18:50 +09:00
Brian Smith 89a83cfb14 Bug 1118122: Reland Bug 1115903, Part 2: Delete most defaulted assignment operators and some defaulted copy constructors, r=jcj
--HG--
extra : rebase_source : 9fae7948648e355f2ac15275a343ac0806f82f3b
2015-01-12 23:12:01 -08:00
Cykesiopka 0b1422c813 Bug 1120098 - Re-enable test_ocsp_timeout.js on Windows. r=dkeeler 2015-01-10 08:41:00 +01:00
Steve Singer ed3b64fce0 Bug 1120125 - Fix compile error on big endian platforms. r=keeler 2015-01-10 14:31:00 +01:00
Masatoshi Kimura bf312ad056 Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo 2015-01-11 11:34:52 +09:00
Chris Peterson 9e23388ca8 Bug 1118076 - Remove MOZ_THIS_IN_INITIALIZER_LIST. r=Waldo 2015-01-06 21:39:46 -08:00
David Keeler 762d9b52df bug 1065909 - canonicalize hostnames in nsSiteSecurityService and PublicKeyPinningService r=mmc 2015-01-09 09:46:05 -08:00
Brad Lassey 854d7d9706 bug 1118554 - fix gcc4.9 warnings on Android, <cstdlib> instead of <stdlib.h> r=gcp
--HG--
extra : rebase_source : cbb04c5973878e350e890c4df2ce271d32b7587e
2015-01-08 10:19:39 -05:00
Jacek Caban 52f5ce5e18 Bug 1119179 - Avoid gmtime_r duplication if it's provided by mingw. r=bsmith 2015-01-09 11:41:15 +01:00
Mark Goodwin ext:(%2C%20Harsh%20Pathak%20%3Chpathak%40mozilla.com%3E) ea0e5ac119 Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler r=Unfocused 2015-01-07 06:08:00 +01:00
Ehsan Akhgari 4354953b4f Bug 1118486 - Part 1: Use `= delete` instead of MOZ_DELETE directly; r=Waldo
Most of this patch (with the exception of dom/bindings/Codegen.py) was
generated by the following bash script:

#!/bin/bash

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*/.hg*" \
       ! -wholename "*/.git*" \
       ! -wholename "obj-*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_DELETE '= delete'
2015-01-08 23:19:05 -05:00
David Keeler e7d2f9cd12 bug 1101194 - follow-up to fix bustage in TestCertDB r=bustage on a CLOSED TREE
Turns out there was a code path that resulted in attempting to acquire a lock
on the DataStorage mutex when one had already been acquired, resulting in
deadlock. This fixes it.
2015-01-08 10:56:07 -08:00
Kai Engert 9d9e763d45 Bug 1107731, upgrade Mozilla 37 to use NSS 3.18 (this is beta 5), r=wtc 2015-01-08 19:40:05 +01:00
David Keeler d11cf2ca74 bug 1101194 - add telemetry for DataStorage table size r=mgoodwin 2015-01-07 13:23:07 -08:00
Cykesiopka d98fab56db Bug 989485 - Split test_cert_eku.js into multiple files to avoid time outs. r=keeler 2015-01-08 01:15:00 -05:00
Brian Smith c1795f4024 Bug 1118599 - Remove now-unneeded MOZILLA_PKIX_ENUM_CLASS workaround for GCC enum class bugs. r=mmc 2015-01-06 18:28:09 -08:00
Michael Pruett 411a94b05a Bug 1118024 - Use new PL_DHashTable{Add,Lookup,Remove} functions. r=nfroyd 2015-01-05 20:27:28 -06:00
Mike Hommey 08e140cb0d Bug 1110760 - Build and Package Chromium Sandbox wow_helper. r=gps 2015-01-08 10:44:41 +09:00
Mike Hommey d4e8fd3af2 Bug 1110760 - Increase the chances of the wow_helper target code symbols being in the assumed order. r=aklotz 2015-01-08 10:44:41 +09:00
Bob Owen cc298a9892 Bug 1110760 - Import Chromium Sandbox wow_helper code. r=aklotz 2015-01-08 10:44:40 +09:00
David Keeler b29b970426 bug 1114741 - have nsRandomGenerator guard against NSS shutdown r=jcj
nsRandomGenerator uses NSS resources but does not prevent against NSS shutting
down while doing so. To fix this, nsRandomGenerator must implement
nsNSSShutDownObject.
2015-01-05 16:11:26 -08:00
Brad Lassey 33ab8e9b66 bug 1118554 - make android's stdcxx work r=glandium 2015-01-06 23:34:31 -05:00
Brian Smith b8ce64b2a8 Bug 1073867, Part 5: Make DSS test faster, r=mmc
--HG--
extra : rebase_source : 5d3ae5b6c777382d69134d5c38fca0c52c93c3a2
extra : histedit_source : 15209d1249d2eb638143409404cbbe15f0a2715b
2014-12-24 17:56:10 -08:00
Nicholas Nethercote f8c3848cd7 Bug 1117611 - Fix shadowed variable in SandboxBroker::SetSecurityLevelForContentProcess(). r=bobowen.
--HG--
extra : rebase_source : 29f25cc34bd5f66bac2454c30613344fb63a92b5
2015-01-05 15:54:22 -08:00
Ehsan Akhgari 665cc5846c Bug 1116559 - Remove the code to handle shutdown-cleanse from the cert override service code; r=keeler
shutdown-cleanse has not been a thing for quite a while.
2015-01-05 21:01:27 -05:00
Andrew Bartlett 1b02f46484 Bug 423758 - Add NTLMv2 to internal NTLM handler. r=keeler
NTLMv2 is the default.

This adds a new preference:
network.ntlm.force-generic-ntlm-v1

This is to allow use of NTLMv1 in case issues are found in the NTLMv2
handler, or when contacting a server or backing DC that does not
support NTLMv2 for any reason.

To support this, we also:
 - Revert "Bug 1030426 - network.negotiate-auth.allow-insecure-ntlm-v1-https allows sending NTLMv1 credentials in plain to HTTP proxies, r=mcmanus"

 - Revert "Bug 1023748 - Allow NTLMv1 over SSL/TLS by default, r=jduell"

 - Remove LM code from internal NTLM handler

   The LM response should essentially never be sent, the last practical
   use case was CIFS connections to Windows 9X, I have never seen a web
   server that could only do LM

   It is removed before the NTLMv2 work is done so as to avoid having 3
   possible states here (LM, NTLM, NTLMv2) to control via preferences.

Developed with Garming Sam <garming@catalyst.net.nz>
2014-12-22 15:55:00 -05:00
Brian Smith 566e222bca Bug 1117003 - Backout cset ca3c73188295 (Bug 1115903, Part 2), r=ehsan 2015-01-02 12:26:14 -08:00
Phil Ringnalda 9f997b2894 Merge m-i to m-c, a=merge 2015-01-03 20:02:33 -08:00
ffxbld cb0e685792 No bug, Automated HPKP preload list update from host bld-linux64-spot-100 - a=hpkp-update 2015-01-03 03:20:27 -08:00
ffxbld c84a6316bf No bug, Automated HSTS preload list update from host bld-linux64-spot-100 - a=hsts-update 2015-01-03 03:20:25 -08:00
Brian Smith ff754b5ae0 Bug 1115903, Part 2: Delete most defaulted assignment operators and some defaulted copy constructors, r=jcj
--HG--
extra : rebase_source : 6c8575de36355521baf69bba89eba530cd4e8b09
2014-12-26 23:49:47 -08:00
Brian Smith 68b341641d Bug 1115903, Remove VS2010 workarounds, r=mmc
--HG--
extra : rebase_source : 742973c0f2d547371fbeca72e384053c70b5ba0f
2014-12-26 21:39:54 -08:00
Brian Smith f52e40c633 Bug 1115761, Part 4: Add "fall through" comment, r=jcj
--HG--
extra : rebase_source : 1e40d7d7d85c1a02eb6195ecee1038ea40a6a9ab
2014-12-26 15:07:56 -08:00
Brian Smith f118650ad8 Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
2014-12-23 14:51:52 -08:00
Brian Smith 2d40b79203 Bug 1115761, Part 2: Use NotReached more consistently in pkixnss.cpp, r=jcj
--HG--
extra : rebase_source : 80647fc11d40d822dc042af1d797cb34062a84ab
2014-12-23 22:35:53 -08:00
Brian Smith 95a228e3fe Bug 1115761, Part 1: Remove obsolete references to NSS stuff in comments, r=jcj
--HG--
extra : rebase_source : 65af59d9695b424f057b40c54aab6973a39bcc25
2014-12-26 12:40:45 -08:00
Brian Smith a5f0730d19 Bug 1035414, Part 2: Always check subject's issuer matches issuer's subject, r=jcj
--HG--
extra : rebase_source : a75eca6ed909fa4f241b1a736656b7e8c99eb3ea
2014-12-26 10:13:18 -08:00
Brian Smith 13010b71a5 Bug 1035414, Part 1: Test issuer/subject name matching, r=jcj
--HG--
extra : rebase_source : 8faab27888502083565db3681f10a310b69b1845
2014-12-26 11:35:48 -08:00
Brian Smith aeda384b1a Bug 1073867, Part 4: Test that DSS end-entity certificates are rejected, r=mmc
--HG--
extra : rebase_source : 7cfdcdf08f2ae8909062b8803de6702ab47ec65a
2014-12-26 11:40:51 -08:00
Brian Smith dcacbfd4ce Bug 1073867, Part 3: Reject DSS end-entity certificates, r=mmc
--HG--
extra : rebase_source : 76546b57aade1a15b394a2e53d8c12d62906dcac
2014-12-24 00:51:52 -08:00
David Erceg 848f74a40d Bug 1111848 - Remove nsISiteSecurityService.shouldIgnoreHeaders and implementation. r=keeler 2014-12-22 20:26:49 +11:00
Ehsan Akhgari 580310c5b8 Bug 1115076 - Wait for about:privatebrowsing to load in test_sts_privatebrowsing_perwindowpb.html; r=jdm 2014-12-31 09:32:03 -05:00
Ehsan Akhgari 5f97b938f2 Bug 1117043 - Mark virtual overridden functions as MOZ_OVERRIDE in security; r=bsmith 2015-01-02 09:02:04 -05:00
ffxbld 5f30b892c8 No bug, Automated HPKP preload list update from host b-linux64-ix-0002 - a=hpkp-update 2014-12-27 03:21:29 -08:00
ffxbld 3739aa349f No bug, Automated HSTS preload list update from host b-linux64-ix-0002 - a=hsts-update 2014-12-27 03:21:25 -08:00
Kaspar Brand 3fdb27bb49 Bug 1112487 - The signing certificates with key usage only non-repudiation is taken as invalid for signing. r=keeler 2014-12-17 21:31:00 -05:00
Tom Schuster 057c4c5a8e Bug 1110835 - Simplify some code nsSecureBrowserUIImpl around UpdateSecurityState. r=keeler 2014-12-25 21:31:11 +01:00
Masatoshi Kimura a325bfdb20 Bug 1114295 - Remove the dead pref for TLS_DHE_DSS_WITH_AES_128_CBC_SHA. r=keeler 2014-12-24 22:21:12 +09:00
Tom Schuster b45a1a0c90 Bug 764496 - Make EV detection work in content processes. r=keeler,kanru 2014-12-24 14:04:24 +01:00
Brian Smith c5b4fd868c Bug 1115181: Remove pkixnss.h dependency from pkixcert_signature_algorithm_tests, r=keeler
--HG--
extra : rebase_source : 2a4e11338b06d33ab8ad1536dc05c082db330d68
2014-12-23 14:51:16 -08:00