Mike Hommey
128c4e6069
Bug 1120937 - Properly initialize the session field from C_OpenSession in the PKCS#11 test module. r=dkeeler
2015-01-14 15:18:50 +09:00
Brian Smith
89a83cfb14
Bug 1118122: Reland Bug 1115903, Part 2: Delete most defaulted assignment operators and some defaulted copy constructors, r=jcj
...
--HG--
extra : rebase_source : 9fae7948648e355f2ac15275a343ac0806f82f3b
2015-01-12 23:12:01 -08:00
Cykesiopka
0b1422c813
Bug 1120098 - Re-enable test_ocsp_timeout.js on Windows. r=dkeeler
2015-01-10 08:41:00 +01:00
Steve Singer
ed3b64fce0
Bug 1120125 - Fix compile error on big endian platforms. r=keeler
2015-01-10 14:31:00 +01:00
Masatoshi Kimura
bf312ad056
Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo
2015-01-11 11:34:52 +09:00
Chris Peterson
9e23388ca8
Bug 1118076 - Remove MOZ_THIS_IN_INITIALIZER_LIST. r=Waldo
2015-01-06 21:39:46 -08:00
David Keeler
762d9b52df
bug 1065909 - canonicalize hostnames in nsSiteSecurityService and PublicKeyPinningService r=mmc
2015-01-09 09:46:05 -08:00
Brad Lassey
854d7d9706
bug 1118554 - fix gcc4.9 warnings on Android, <cstdlib> instead of <stdlib.h> r=gcp
...
--HG--
extra : rebase_source : cbb04c5973878e350e890c4df2ce271d32b7587e
2015-01-08 10:19:39 -05:00
Jacek Caban
52f5ce5e18
Bug 1119179 - Avoid gmtime_r duplication if it's provided by mingw. r=bsmith
2015-01-09 11:41:15 +01:00
Mark Goodwin ext:(%2C%20Harsh%20Pathak%20%3Chpathak%40mozilla.com%3E)
ea0e5ac119
Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler r=Unfocused
2015-01-07 06:08:00 +01:00
Ehsan Akhgari
4354953b4f
Bug 1118486 - Part 1: Use `= delete` instead of MOZ_DELETE directly; r=Waldo
...
Most of this patch (with the exception of dom/bindings/Codegen.py) was
generated by the following bash script:
#!/bin/bash
function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
! -wholename "*security/nss*" \
! -wholename "*/.hg*" \
! -wholename "*/.git*" \
! -wholename "obj-*" \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert MOZ_DELETE '= delete'
2015-01-08 23:19:05 -05:00
David Keeler
e7d2f9cd12
bug 1101194 - follow-up to fix bustage in TestCertDB r=bustage on a CLOSED TREE
...
Turns out there was a code path that resulted in attempting to acquire a lock
on the DataStorage mutex when one had already been acquired, resulting in
deadlock. This fixes it.
2015-01-08 10:56:07 -08:00
Kai Engert
9d9e763d45
Bug 1107731, upgrade Mozilla 37 to use NSS 3.18 (this is beta 5), r=wtc
2015-01-08 19:40:05 +01:00
David Keeler
d11cf2ca74
bug 1101194 - add telemetry for DataStorage table size r=mgoodwin
2015-01-07 13:23:07 -08:00
Cykesiopka
d98fab56db
Bug 989485 - Split test_cert_eku.js into multiple files to avoid time outs. r=keeler
2015-01-08 01:15:00 -05:00
Brian Smith
c1795f4024
Bug 1118599 - Remove now-unneeded MOZILLA_PKIX_ENUM_CLASS workaround for GCC enum class bugs. r=mmc
2015-01-06 18:28:09 -08:00
Michael Pruett
411a94b05a
Bug 1118024 - Use new PL_DHashTable{Add,Lookup,Remove} functions. r=nfroyd
2015-01-05 20:27:28 -06:00
Mike Hommey
08e140cb0d
Bug 1110760 - Build and Package Chromium Sandbox wow_helper. r=gps
2015-01-08 10:44:41 +09:00
Mike Hommey
d4e8fd3af2
Bug 1110760 - Increase the chances of the wow_helper target code symbols being in the assumed order. r=aklotz
2015-01-08 10:44:41 +09:00
Bob Owen
cc298a9892
Bug 1110760 - Import Chromium Sandbox wow_helper code. r=aklotz
2015-01-08 10:44:40 +09:00
David Keeler
b29b970426
bug 1114741 - have nsRandomGenerator guard against NSS shutdown r=jcj
...
nsRandomGenerator uses NSS resources but does not prevent against NSS shutting
down while doing so. To fix this, nsRandomGenerator must implement
nsNSSShutDownObject.
2015-01-05 16:11:26 -08:00
Brad Lassey
33ab8e9b66
bug 1118554 - make android's stdcxx work r=glandium
2015-01-06 23:34:31 -05:00
Brian Smith
b8ce64b2a8
Bug 1073867, Part 5: Make DSS test faster, r=mmc
...
--HG--
extra : rebase_source : 5d3ae5b6c777382d69134d5c38fca0c52c93c3a2
extra : histedit_source : 15209d1249d2eb638143409404cbbe15f0a2715b
2014-12-24 17:56:10 -08:00
Nicholas Nethercote
f8c3848cd7
Bug 1117611 - Fix shadowed variable in SandboxBroker::SetSecurityLevelForContentProcess(). r=bobowen.
...
--HG--
extra : rebase_source : 29f25cc34bd5f66bac2454c30613344fb63a92b5
2015-01-05 15:54:22 -08:00
Ehsan Akhgari
665cc5846c
Bug 1116559 - Remove the code to handle shutdown-cleanse from the cert override service code; r=keeler
...
shutdown-cleanse has not been a thing for quite a while.
2015-01-05 21:01:27 -05:00
Andrew Bartlett
1b02f46484
Bug 423758 - Add NTLMv2 to internal NTLM handler. r=keeler
...
NTLMv2 is the default.
This adds a new preference:
network.ntlm.force-generic-ntlm-v1
This is to allow use of NTLMv1 in case issues are found in the NTLMv2
handler, or when contacting a server or backing DC that does not
support NTLMv2 for any reason.
To support this, we also:
- Revert "Bug 1030426 - network.negotiate-auth.allow-insecure-ntlm-v1-https allows sending NTLMv1 credentials in plain to HTTP proxies, r=mcmanus"
- Revert "Bug 1023748 - Allow NTLMv1 over SSL/TLS by default, r=jduell"
- Remove LM code from internal NTLM handler
The LM response should essentially never be sent, the last practical
use case was CIFS connections to Windows 9X, I have never seen a web
server that could only do LM
It is removed before the NTLMv2 work is done so as to avoid having 3
possible states here (LM, NTLM, NTLMv2) to control via preferences.
Developed with Garming Sam <garming@catalyst.net.nz>
2014-12-22 15:55:00 -05:00
Brian Smith
566e222bca
Bug 1117003 - Backout cset ca3c73188295 (Bug 1115903, Part 2), r=ehsan
2015-01-02 12:26:14 -08:00
Phil Ringnalda
9f997b2894
Merge m-i to m-c, a=merge
2015-01-03 20:02:33 -08:00
ffxbld
cb0e685792
No bug, Automated HPKP preload list update from host bld-linux64-spot-100 - a=hpkp-update
2015-01-03 03:20:27 -08:00
ffxbld
c84a6316bf
No bug, Automated HSTS preload list update from host bld-linux64-spot-100 - a=hsts-update
2015-01-03 03:20:25 -08:00
Brian Smith
ff754b5ae0
Bug 1115903, Part 2: Delete most defaulted assignment operators and some defaulted copy constructors, r=jcj
...
--HG--
extra : rebase_source : 6c8575de36355521baf69bba89eba530cd4e8b09
2014-12-26 23:49:47 -08:00
Brian Smith
68b341641d
Bug 1115903, Remove VS2010 workarounds, r=mmc
...
--HG--
extra : rebase_source : 742973c0f2d547371fbeca72e384053c70b5ba0f
2014-12-26 21:39:54 -08:00
Brian Smith
f52e40c633
Bug 1115761, Part 4: Add "fall through" comment, r=jcj
...
--HG--
extra : rebase_source : 1e40d7d7d85c1a02eb6195ecee1038ea40a6a9ab
2014-12-26 15:07:56 -08:00
Brian Smith
f118650ad8
Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj
...
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
2014-12-23 14:51:52 -08:00
Brian Smith
2d40b79203
Bug 1115761, Part 2: Use NotReached more consistently in pkixnss.cpp, r=jcj
...
--HG--
extra : rebase_source : 80647fc11d40d822dc042af1d797cb34062a84ab
2014-12-23 22:35:53 -08:00
Brian Smith
95a228e3fe
Bug 1115761, Part 1: Remove obsolete references to NSS stuff in comments, r=jcj
...
--HG--
extra : rebase_source : 65af59d9695b424f057b40c54aab6973a39bcc25
2014-12-26 12:40:45 -08:00
Brian Smith
a5f0730d19
Bug 1035414, Part 2: Always check subject's issuer matches issuer's subject, r=jcj
...
--HG--
extra : rebase_source : a75eca6ed909fa4f241b1a736656b7e8c99eb3ea
2014-12-26 10:13:18 -08:00
Brian Smith
13010b71a5
Bug 1035414, Part 1: Test issuer/subject name matching, r=jcj
...
--HG--
extra : rebase_source : 8faab27888502083565db3681f10a310b69b1845
2014-12-26 11:35:48 -08:00
Brian Smith
aeda384b1a
Bug 1073867, Part 4: Test that DSS end-entity certificates are rejected, r=mmc
...
--HG--
extra : rebase_source : 7cfdcdf08f2ae8909062b8803de6702ab47ec65a
2014-12-26 11:40:51 -08:00
Brian Smith
dcacbfd4ce
Bug 1073867, Part 3: Reject DSS end-entity certificates, r=mmc
...
--HG--
extra : rebase_source : 76546b57aade1a15b394a2e53d8c12d62906dcac
2014-12-24 00:51:52 -08:00
David Erceg
848f74a40d
Bug 1111848 - Remove nsISiteSecurityService.shouldIgnoreHeaders and implementation. r=keeler
2014-12-22 20:26:49 +11:00
Ehsan Akhgari
580310c5b8
Bug 1115076 - Wait for about:privatebrowsing to load in test_sts_privatebrowsing_perwindowpb.html; r=jdm
2014-12-31 09:32:03 -05:00
Ehsan Akhgari
5f97b938f2
Bug 1117043 - Mark virtual overridden functions as MOZ_OVERRIDE in security; r=bsmith
2015-01-02 09:02:04 -05:00
ffxbld
5f30b892c8
No bug, Automated HPKP preload list update from host b-linux64-ix-0002 - a=hpkp-update
2014-12-27 03:21:29 -08:00
ffxbld
3739aa349f
No bug, Automated HSTS preload list update from host b-linux64-ix-0002 - a=hsts-update
2014-12-27 03:21:25 -08:00
Kaspar Brand
3fdb27bb49
Bug 1112487 - The signing certificates with key usage only non-repudiation is taken as invalid for signing. r=keeler
2014-12-17 21:31:00 -05:00
Tom Schuster
057c4c5a8e
Bug 1110835 - Simplify some code nsSecureBrowserUIImpl around UpdateSecurityState. r=keeler
2014-12-25 21:31:11 +01:00
Masatoshi Kimura
a325bfdb20
Bug 1114295 - Remove the dead pref for TLS_DHE_DSS_WITH_AES_128_CBC_SHA. r=keeler
2014-12-24 22:21:12 +09:00
Tom Schuster
b45a1a0c90
Bug 764496 - Make EV detection work in content processes. r=keeler,kanru
2014-12-24 14:04:24 +01:00
Brian Smith
c5b4fd868c
Bug 1115181: Remove pkixnss.h dependency from pkixcert_signature_algorithm_tests, r=keeler
...
--HG--
extra : rebase_source : 2a4e11338b06d33ab8ad1536dc05c082db330d68
2014-12-23 14:51:16 -08:00