wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Merge mozilla-central to fx-team

Browse Source
This commit is contained in:
Carsten "Tomcat" Book 2014-02-10 12:55:17 +01:00
commit 6a33f12449
119 changed files with 1900 additions and 1573 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
b2g/config/emulator-ics/sources.xml
View File

@ -12,7 +12,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="platform_hardware_ril" path="hardware/ril" remote="b2g" revision="eda08beb3ba9a159843c70ffde0f9660ec351eb9"/>

4
b2g/config/emulator-jb/sources.xml
View File

@ -11,7 +11,7 @@
</project>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="fake-libdvm" path="dalvik" remote="b2g" revision="d50ae982b19f42f0b66d08b9eb306be81687869f"/>
<project name="gaia" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="moztt" path="external/moztt" remote="b2g" revision="e33ea242b4328fb0d1824c951f379332b5021512"/>
<project name="apitrace" path="external/apitrace" remote="apitrace" revision="788d9ce293a9b44f64536130cf4ad577e8101dbe"/>
@ -124,7 +124,7 @@
<project name="platform_external_qemu" path="external/qemu" remote="b2g" revision="8f7c9ac889ae2c778197b4a4c0529d60530f480b"/>
<project name="platform/external/wpa_supplicant_8" path="external/wpa_supplicant_8" revision="0e56e450367cd802241b27164a2979188242b95f"/>
<project name="platform_hardware_ril" path="hardware/ril" remote="b2g" revision="2838a77ce4b8c09fa6a46fe25410bb3a4474cbd4"/>
<project name="platform_system_nfcd" path="system/nfcd" remote="b2g" revision="5af419c0af0650066c0c58a5e99125b1002a62c5"/>
<project name="platform_system_nfcd" path="system/nfcd" remote="b2g" revision="a962b2ed2195038cd566493c3f7968bea9d20189"/>
<project name="platform/development" path="development" revision="1f18cfe031ce23b7fb838fe3d4379dd802b49e71"/>
<project name="android-sdk" path="sdk" remote="b2g" revision="8b1365af38c9a653df97349ee53a3f5d64fd590a"/>
</manifest>

2
b2g/config/emulator/sources.xml
View File

@ -12,7 +12,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="platform_hardware_ril" path="hardware/ril" remote="b2g" revision="eda08beb3ba9a159843c70ffde0f9660ec351eb9"/>

2
b2g/config/gaia.json
View File

@ -1,4 +1,4 @@
{
"revision": "5db3ae28ac3a44dd2c08c41732758cdf4e7116f2",
"revision": "25b78e722d958fe667061a2d9e0733d0877607ac",
"repo_path": "/integration/gaia-central"
}

2
b2g/config/hamachi/sources.xml
View File

@ -11,7 +11,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="librecovery" path="librecovery" remote="b2g" revision="84f2f2fce22605e17d511ff1767e54770067b5b5"/>

2
b2g/config/helix/sources.xml
View File

@ -10,7 +10,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="librecovery" path="librecovery" remote="b2g" revision="84f2f2fce22605e17d511ff1767e54770067b5b5"/>

2
b2g/config/inari/sources.xml
View File

@ -12,7 +12,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="librecovery" path="librecovery" remote="b2g" revision="84f2f2fce22605e17d511ff1767e54770067b5b5"/>

2
b2g/config/leo/sources.xml
View File

@ -11,7 +11,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="librecovery" path="librecovery" remote="b2g" revision="84f2f2fce22605e17d511ff1767e54770067b5b5"/>

4
b2g/config/mako/sources.xml
View File

@ -11,7 +11,7 @@
</project>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="fake-libdvm" path="dalvik" remote="b2g" revision="d50ae982b19f42f0b66d08b9eb306be81687869f"/>
<project name="gaia" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="moztt" path="external/moztt" remote="b2g" revision="e33ea242b4328fb0d1824c951f379332b5021512"/>
<project name="apitrace" path="external/apitrace" remote="apitrace" revision="788d9ce293a9b44f64536130cf4ad577e8101dbe"/>
@ -121,7 +121,7 @@
<project name="device-mako" path="device/lge/mako" remote="b2g" revision="78d17f0c117f0c66dd55ee8d5c5dde8ccc93ecba"/>
<project name="device/generic/armv7-a-neon" path="device/generic/armv7-a-neon" revision="3a9a17613cc685aa232432566ad6cc607eab4ec1"/>
<project name="device/lge/mako-kernel" path="device/lge/mako-kernel" revision="d1729e53d71d711c8fde25eab8728ff2b9b4df0e"/>
<project name="platform_system_nfcd" path="system/nfcd" remote="b2g" revision="5af419c0af0650066c0c58a5e99125b1002a62c5"/>
<project name="platform_system_nfcd" path="system/nfcd" remote="b2g" revision="a962b2ed2195038cd566493c3f7968bea9d20189"/>
<project name="platform/external/libnfc-nci" path="external/libnfc-nci" revision="7d33aaf740bbf6c7c6e9c34a92b371eda311b66b"/>
<project name="platform/external/wpa_supplicant_8" path="external/wpa_supplicant_8" revision="0e56e450367cd802241b27164a2979188242b95f"/>
<project name="platform/hardware/broadcom/wlan" path="hardware/broadcom/wlan" revision="0e1929fa3aa38bf9d40e9e953d619fab8164c82e"/>

2
b2g/config/wasabi/sources.xml
View File

@ -11,7 +11,7 @@
<copyfile dest="Makefile" src="core/root.mk"/>
</project>
<project name="fake-dalvik" path="dalvik" remote="b2g" revision="ca1f327d5acc198bb4be62fa51db2c039032c9ce"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="c273bd6525f7f295539592ce74d5e6b225d53be1"/>
<project name="gaia.git" path="gaia" remote="mozillaorg" revision="7ef494164bcd840dc23c7db106dff0a98f8ff15f"/>
<project name="gonk-misc" path="gonk-misc" remote="b2g" revision="0a8bdd0f43e2d8fc7d45b3b0d97125834c0ac72f"/>
<project name="rilproxy" path="rilproxy" remote="b2g" revision="827214fcf38d6569aeb5c6d6f31cb296d1f09272"/>
<project name="librecovery" path="librecovery" remote="b2g" revision="84f2f2fce22605e17d511ff1767e54770067b5b5"/>

2
configure.in
View File

@ -3689,7 +3689,7 @@ MOZ_ARG_WITH_BOOL(system-nss,
_USE_SYSTEM_NSS=1 )
if test -n "$_USE_SYSTEM_NSS"; then
AM_PATH_NSS(3.15.5, [MOZ_NATIVE_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])])
AM_PATH_NSS(3.16, [MOZ_NATIVE_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])])
fi
if test -n "$MOZ_NATIVE_NSS"; then

2
content/canvas/src/WebGLElementArrayCache.cpp
View File

@ -134,7 +134,7 @@ struct WebGLElementArrayCacheTree
private:
WebGLElementArrayCache& mParent;
nsTArray<T> mTreeData;
FallibleTArray<T> mTreeData;
size_t mNumLeaves;
bool mInvalidated;
size_t mFirstInvalidatedLeaf;

2
content/canvas/src/WebGLProgram.h
View File

@ -122,7 +122,7 @@ protected:
CheckedUint32 mGeneration;
// post-link data
nsTArray<bool> mAttribsInUse;
FallibleTArray<bool> mAttribsInUse;
nsAutoPtr<CStringMap> mIdentifierMap, mIdentifierReverseMap;
nsAutoPtr<CStringToUniformInfoMap> mUniformInfoMap;
int mAttribMaxNameLength;

2
dom/bluetooth/bluez/linux/BluetoothDBusService.cpp
View File

@ -2677,7 +2677,7 @@ public:
DBUS_TYPE_OBJECT_PATH, &deviceAgentPath,
DBUS_TYPE_STRING, &capabilities,
DBUS_TYPE_INVALID);
NS_ENSURE_SUCCESS_VOID(success);
NS_ENSURE_TRUE_VOID(success);
mRunnable.forget();

12
dom/bluetooth/tests/marionette/head.js
View File

@ -183,8 +183,10 @@ function waitForManagerEvent(aEventName) {
* @return A deferred promise.
*/
function setBluetoothEnabledAndWait(aEnabled) {
return setBluetoothEnabled(aEnabled)
.then(waitForManagerEvent.bind(null, aEnabled ? "enabled" : "disabled"));
return Promise.all([
setBluetoothEnabled(aEnabled),
waitForManagerEvent(aEnabled ? "enabled" : "disabled"),
]);
}
/* Get default adapter.
@ -265,8 +267,10 @@ function startBluetoothTest(aReenable, aTestCaseMain) {
.then(function() {
if (needEnable) {
log(" Enable 'bluetooth.enabled' ...");
return setBluetoothEnabledAndWait(true)
.then(waitForManagerEvent.bind(null, "adapteradded"));
return Promise.all([
setBluetoothEnabledAndWait(true),
waitForManagerEvent("adapteradded"),
]);
}
})
.then(getDefaultAdapter)

52
dom/bluetooth/tests/marionette/test_dom_BluetoothManager_enabled.js
View File

@ -7,14 +7,21 @@
MARIONETTE_TIMEOUT = 60000;
MARIONETTE_HEAD_JS = 'head.js';
let enabledEventReceived;
function onEnabled() {
enabledEventReceived = true;
}
function waitEitherEnabledOrDisabled() {
let deferred = Promise.defer();
let disabledEventReceived;
function onDisabled() {
disabledEventReceived = true;
function onEnabledDisabled(aEvent) {
bluetoothManager.removeEventListener("enabled", onEnabledDisabled);
bluetoothManager.removeEventListener("disabled", onEnabledDisabled);
ok(true, "Got event " + aEvent.type);
deferred.resolve(aEvent.type === "enabled");
}
bluetoothManager.addEventListener("enabled", onEnabledDisabled);
bluetoothManager.addEventListener("disabled", onEnabledDisabled);
return deferred.promise;
}
function test(aEnabled) {
@ -22,43 +29,34 @@ function test(aEnabled) {
let deferred = Promise.defer();
enabledEventReceived = false;
disabledEventReceived = false;
Promise.all([setBluetoothEnabled(aEnabled),
waitEitherEnabledOrDisabled()])
.then(function(aResults) {
/* aResults is an array of two elements:
* [ <result of setBluetoothEnabled>,
* <result of waitEitherEnabledOrDisabled> ]
*/
log(" Examine results " + JSON.stringify(aResults));
setBluetoothEnabled(aEnabled).then(function() {
log(" Settings set. Waiting 3 seconds and examine results.");
window.setTimeout(function() {
is(bluetoothManager.enabled, aEnabled, "bluetoothManager.enabled");
is(enabledEventReceived, aEnabled, "enabledEventReceived");
is(disabledEventReceived, !aEnabled, "disabledEventReceived");
is(aResults[1], aEnabled, "'enabled' event received");
if (bluetoothManager.enabled === aEnabled &&
enabledEventReceived === aEnabled &&
disabledEventReceived === !aEnabled) {
if (bluetoothManager.enabled === aEnabled && aResults[1] === aEnabled) {
deferred.resolve();
} else {
deferred.reject();
}
}, 3000);
});
});
return deferred.promise;
}
startBluetoothTestBase(["settings-read", "settings-write"],
function testCaseMain() {
bluetoothManager.addEventListener("enabled", onEnabled);
bluetoothManager.addEventListener("disabled", onDisabled);
return getBluetoothEnabled()
.then(function(aEnabled) {
log("Original 'bluetooth.enabled' is " + aEnabled);
// Set to !aEnabled and reset back to aEnabled.
return test(!aEnabled).then(test.bind(null, aEnabled));
})
.then(function() {
bluetoothManager.removeEventListener("enabled", onEnabled);
bluetoothManager.removeEventListener("disabled", onDisabled);
});
});

29
dom/ipc/ContentParent.cpp
View File

@ -1599,25 +1599,25 @@ ContentParent::RecvSetClipboardText(const nsString& text,
nsCOMPtr<nsISupportsString> dataWrapper =
do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, true);
rv = dataWrapper->SetData(text);
NS_ENSURE_SUCCESS(rv, true);
nsCOMPtr<nsITransferable> trans = do_CreateInstance("@mozilla.org/widget/transferable;1", &rv);
NS_ENSURE_SUCCESS(rv, true);
trans->Init(nullptr);
// If our data flavor has already been added, this will fail. But we don't care
trans->AddDataFlavor(kUnicodeMime);
trans->SetIsPrivateData(isPrivateData);
nsCOMPtr<nsISupports> nsisupportsDataWrapper =
do_QueryInterface(dataWrapper);
rv = trans->SetTransferData(kUnicodeMime, nsisupportsDataWrapper,
text.Length() * sizeof(char16_t));
NS_ENSURE_SUCCESS(rv, true);
clipboard->SetData(trans, nullptr, whichClipboard);
return true;
}
@ -1632,43 +1632,44 @@ ContentParent::RecvGetClipboardText(const int32_t& whichClipboard, nsString* tex
nsCOMPtr<nsITransferable> trans = do_CreateInstance("@mozilla.org/widget/transferable;1", &rv);
NS_ENSURE_SUCCESS(rv, true);
trans->Init(nullptr);
trans->AddDataFlavor(kUnicodeMime);
clipboard->GetData(trans, whichClipboard);
nsCOMPtr<nsISupports> tmp;
uint32_t len;
rv = trans->GetTransferData(kUnicodeMime, getter_AddRefs(tmp), &len);
if (NS_FAILED(rv))
return false;
return true;
nsCOMPtr<nsISupportsString> supportsString = do_QueryInterface(tmp);
// No support for non-text data
if (!supportsString)
return false;
return true;
supportsString->GetData(*text);
return true;
}
bool
ContentParent::RecvEmptyClipboard()
ContentParent::RecvEmptyClipboard(const int32_t& whichClipboard)
{
nsresult rv;
nsCOMPtr<nsIClipboard> clipboard(do_GetService(kCClipboardCID, &rv));
NS_ENSURE_SUCCESS(rv, true);
clipboard->EmptyClipboard(nsIClipboard::kGlobalClipboard);
clipboard->EmptyClipboard(whichClipboard);
return true;
}
bool
ContentParent::RecvClipboardHasText(bool* hasText)
ContentParent::RecvClipboardHasText(const int32_t& whichClipboard, bool* hasText)
{
nsresult rv;
nsCOMPtr<nsIClipboard> clipboard(do_GetService(kCClipboardCID, &rv));
NS_ENSURE_SUCCESS(rv, true);
clipboard->HasDataMatchingFlavors(sClipboardTextFlavors, 1,
nsIClipboard::kGlobalClipboard, hasText);
clipboard->HasDataMatchingFlavors(sClipboardTextFlavors, 1,
whichClipboard, hasText);
return true;
}

4
dom/ipc/ContentParent.h
View File

@ -408,8 +408,8 @@ private:
const bool& isPrivateData,
const int32_t& whichClipboard) MOZ_OVERRIDE;
virtual bool RecvGetClipboardText(const int32_t& whichClipboard, nsString* text) MOZ_OVERRIDE;
virtual bool RecvEmptyClipboard() MOZ_OVERRIDE;
virtual bool RecvClipboardHasText(bool* hasText) MOZ_OVERRIDE;
virtual bool RecvEmptyClipboard(const int32_t& whichClipboard) MOZ_OVERRIDE;
virtual bool RecvClipboardHasText(const int32_t& whichClipboard, bool* hasText) MOZ_OVERRIDE;
virtual bool RecvGetSystemColors(const uint32_t& colorsCount,
InfallibleTArray<uint32_t>* colors) MOZ_OVERRIDE;

6
dom/ipc/PContent.ipdl
View File

@ -439,13 +439,11 @@ parent:
// nsIPermissionManager messages
sync ReadPermissions() returns (Permission[] permissions);
// These clipboard methods are only really used on Android since
// the clipboard is not available in the content process.
SetClipboardText(nsString text, bool isPrivateData, int32_t whichClipboard);
sync GetClipboardText(int32_t whichClipboard)
returns (nsString text);
EmptyClipboard();
sync ClipboardHasText()
EmptyClipboard(int32_t whichClipboard);
sync ClipboardHasText(int32_t whichClipboard)
returns (bool hasText);
sync GetSystemColors(uint32_t colorsCount)

15
editor/libeditor/base/nsEditorEventListener.cpp
View File

@ -232,6 +232,21 @@ nsEditorEventListener::Disconnect()
return;
}
UninstallFromEditor();
nsIFocusManager* fm = nsFocusManager::GetFocusManager();
if (fm) {
nsCOMPtr<nsIDOMElement> domFocus;
fm->GetFocusedElement(getter_AddRefs(domFocus));
nsCOMPtr<nsINode> focusedElement = do_QueryInterface(domFocus);
mozilla::dom::Element* root = mEditor->GetRoot();
if (focusedElement && root &&
nsContentUtils::ContentIsDescendantOf(focusedElement, root)) {
// Reset the Selection ancestor limiter and SelectionController state
// that nsEditor::InitializeSelection set up.
mEditor->FinalizeSelection();
}
}
mEditor = nullptr;
}

24
editor/reftests/969773-ref.html Normal file
View File

@ -0,0 +1,24 @@
<!DOCTYPE html>
<html class="reftest-wait">
<head>
<meta charset="utf-8">
<title>Contenteditable Selection Test Case</title>
<script>
function runTests() {
var text = document.getElementById("text");
text.focus();
setTimeout(function () {
document.body.offsetHeight;
document.documentElement.removeAttribute('class');
}, 0);
}
document.addEventListener('MozReftestInvalidate', runTests, false);
</script>
</head>
<body>
<div>This is a contenteditable.</div>
<div id="text" tabindex="0">This is focusable text</div>
</body>
</html>

29
editor/reftests/969773.html Normal file
View File

@ -0,0 +1,29 @@
<!DOCTYPE html>
<html class="reftest-wait">
<head>
<meta charset="utf-8">
<title>Contenteditable Selection Test Case</title>
<script>
function runTests() {
var editable = document.getElementById("editable");
var text = document.getElementById("text");
editable.focus();
setTimeout(function () {
editable.setAttribute("contenteditable", "false");
text.focus();
setTimeout(function () {
document.body.offsetHeight;
document.documentElement.removeAttribute('class');
}, 0);
}, 0);
}
document.addEventListener('MozReftestInvalidate', runTests, false);
</script>
</head>
<body>
<div id="editable" contenteditable="true" tabindex="0" spellcheck="false">This is a contenteditable.</div>
<div id="text" tabindex="0">This is focusable text</div>
</body>
</html>

1
editor/reftests/reftest.list
View File

@ -125,3 +125,4 @@ needs-focus == spellcheck-contenteditable-focused-reframe.html spellcheck-conten
== spellcheck-contenteditable-attr-dynamic-override-inherit.html spellcheck-contenteditable-disabled-ref.html
== spellcheck-contenteditable-property-dynamic-override.html spellcheck-contenteditable-disabled-ref.html
== spellcheck-contenteditable-property-dynamic-override-inherit.html spellcheck-contenteditable-disabled-ref.html
needs-focus == 969773.html 969773-ref.html

2
gfx/layers/YCbCrImageDataSerializer.cpp
View File

@ -253,7 +253,7 @@ TemporaryRef<DataSourceSurface>
YCbCrImageDataDeserializer::ToDataSourceSurface()
{
RefPtr<DataSourceSurface> result =
Factory::CreateDataSourceSurface(GetYSize(), gfx::SurfaceFormat::R8G8B8X8);
Factory::CreateDataSourceSurface(GetYSize(), gfx::SurfaceFormat::B8G8R8X8);
DataSourceSurface::MappedSurface map;
result->Map(DataSourceSurface::MapType::WRITE, &map);

2
gfx/layers/client/CanvasClient.cpp
View File

@ -53,7 +53,7 @@ CanvasClient2D::Update(gfx::IntSize aSize, ClientCanvasLayer* aLayer)
{
if (mBuffer &&
(mBuffer->IsImmutable() || mBuffer->GetSize() != aSize)) {
GetForwarder()->AddForceRemovingTexture(mBuffer);
GetForwarder()->HoldUntilTransaction(mBuffer);
mBuffer = nullptr;
}

2
gfx/layers/client/ClientLayerManager.cpp
View File

@ -388,7 +388,7 @@ ClientLayerManager::ForwardTransaction(bool aScheduleComposite)
NS_WARNING("failed to forward Layers transaction");
}
mForwarder->ForceRemoveTexturesIfNecessary();
mForwarder->RemoveTexturesIfNecessary();
mPhase = PHASE_NONE;
// this may result in Layers being deleted, which results in

19
gfx/layers/client/ImageClient.cpp
View File

@ -103,7 +103,7 @@ void
ImageClientSingle::FlushAllImages(bool aExceptFront)
{
if (!aExceptFront && mFrontBuffer) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
mFrontBuffer = nullptr;
}
}
@ -112,11 +112,11 @@ void
ImageClientBuffered::FlushAllImages(bool aExceptFront)
{
if (!aExceptFront && mFrontBuffer) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
mFrontBuffer = nullptr;
}
if (mBackBuffer) {
GetForwarder()->AddForceRemovingTexture(mBackBuffer);
GetForwarder()->HoldUntilTransaction(mBackBuffer);
mBackBuffer = nullptr;
}
}
@ -140,14 +140,9 @@ ImageClientSingle::UpdateImage(ImageContainer* aContainer,
// fast path: no need to allocate and/or copy image data
RefPtr<TextureClient> texture = image->AsSharedImage()->GetTextureClient();
if (texture->IsSharedWithCompositor()) {
// XXX - temporary fix for bug 911941
// This will be changed with bug 912907
return false;
}
if (mFrontBuffer) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
}
mFrontBuffer = texture;
if (!AddTextureClient(texture)) {
@ -164,7 +159,7 @@ ImageClientSingle::UpdateImage(ImageContainer* aContainer,
}
if (mFrontBuffer && mFrontBuffer->IsImmutable()) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
mFrontBuffer = nullptr;
}
@ -207,7 +202,7 @@ ImageClientSingle::UpdateImage(ImageContainer* aContainer,
gfx::IntSize size = gfx::IntSize(image->GetSize().width, image->GetSize().height);
if (mFrontBuffer) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
mFrontBuffer = nullptr;
}
@ -228,7 +223,7 @@ ImageClientSingle::UpdateImage(ImageContainer* aContainer,
if (mFrontBuffer &&
(mFrontBuffer->IsImmutable() || mFrontBuffer->GetSize() != size)) {
GetForwarder()->AddForceRemovingTexture(mFrontBuffer);
GetForwarder()->HoldUntilTransaction(mFrontBuffer);
mFrontBuffer = nullptr;
}

5
gfx/layers/client/TextureClient.cpp
View File

@ -161,8 +161,11 @@ TextureClient::DestroyIPDLActor(PTextureChild* actor)
bool
TextureClient::InitIPDLActor(CompositableForwarder* aForwarder)
{
MOZ_ASSERT(!mActor);
MOZ_ASSERT(aForwarder);
if (mActor && mActor->GetForwarder() == aForwarder) {
return true;
}
MOZ_ASSERT(!mActor, "Cannot use a texture on several IPC channels.");
SurfaceDescriptor desc;
if (!ToSurfaceDescriptor(desc)) {

17
gfx/layers/ipc/CompositableForwarder.h
View File

@ -162,13 +162,13 @@ public:
virtual void RemoveTexture(TextureClient* aTexture) = 0;
/**
* Forcibly remove texture data from TextureClient
* after a tansaction with Compositor.
* Holds a reference to a TextureClient until after the next
* compositor transaction, and then drops it.
*/
virtual void AddForceRemovingTexture(TextureClient* aClient)
virtual void HoldUntilTransaction(TextureClient* aClient)
{
if (aClient) {
mForceRemovingTextures.AppendElement(aClient);
mTexturesToRemove.AppendElement(aClient);
}
}
@ -176,12 +176,9 @@ public:
* Forcibly remove texture data from TextureClient
* This function needs to be called after a tansaction with Compositor.
*/
virtual void ForceRemoveTexturesIfNecessary()
virtual void RemoveTexturesIfNecessary()
{
for (uint32_t i = 0; i < mForceRemovingTextures.Length(); i++) {
mForceRemovingTextures[i]->ForceRemove();
}
mForceRemovingTextures.Clear();
mTexturesToRemove.Clear();
}
/**
@ -244,7 +241,7 @@ public:
protected:
TextureFactoryIdentifier mTextureFactoryIdentifier;
bool mMultiProcess;
nsTArray<RefPtr<TextureClient> > mForceRemovingTextures;
nsTArray<RefPtr<TextureClient> > mTexturesToRemove;
};
} // namespace

5
gfx/layers/ipc/CompositableTransactionParent.cpp
View File

@ -230,6 +230,11 @@ CompositableParentManager::ReceiveCompositableUpdate(const CompositableOperation
if (IsAsync()) {
ScheduleComposition(op);
// Async layer updates don't trigger invalidation, manually tell the layer
// that its content have changed.
if (compositable->GetLayer()) {
compositable->GetLayer()->SetInvalidRectToVisibleRegion();
}
}
break;
}

10
gfx/layers/ipc/ImageBridgeChild.cpp
View File

@ -453,15 +453,15 @@ ImageBridgeChild::BeginTransaction()
mTxn->Begin();
}
class MOZ_STACK_CLASS AutoForceRemoveTextures
class MOZ_STACK_CLASS AutoRemoveTextures
{
public:
AutoForceRemoveTextures(ImageBridgeChild* aImageBridge)
AutoRemoveTextures(ImageBridgeChild* aImageBridge)
: mImageBridge(aImageBridge) {}
~AutoForceRemoveTextures()
~AutoRemoveTextures()
{
mImageBridge->ForceRemoveTexturesIfNecessary();
mImageBridge->RemoveTexturesIfNecessary();
}
private:
ImageBridgeChild* mImageBridge;
@ -473,7 +473,7 @@ ImageBridgeChild::EndTransaction()
MOZ_ASSERT(!mTxn->Finished(), "forgot BeginTransaction?");
AutoEndTransaction _(mTxn);
AutoForceRemoveTextures autoForceRemoveTextures(this);
AutoRemoveTextures autoRemoveTextures(this);
if (mTxn->IsEmpty()) {
return;

1
js/src/builtin/TypedObject.cpp
View File

@ -1341,6 +1341,7 @@ void
TypedDatum::attach(TypedDatum &datum, uint32_t offset)
{
JS_ASSERT(datum.getReservedSlot(JS_DATUM_SLOT_OWNER).isObject());
JS_ASSERT(offset + size() <= datum.size());
// find the location in memory
uint8_t *mem = datum.typedMem(offset);

7
js/src/builtin/TypedObject.h
View File

@ -516,7 +516,12 @@ class TypedDatum : public JSObject
}
uint8_t *typedMem(size_t offset) const {
JS_ASSERT(offset < size());
// It seems a bit surprising that one might request an offset
// == size(), but it can happen when taking the "address of" a
// 0-sized value. (In other words, we maintain the invariant
// that `offset + size <= size()` -- this is always checked in
// the caller's side.)
JS_ASSERT(offset <= size());
return typedMem() + offset;
}
};

9
js/src/jit-test/tests/TypedObject/bug969159.js Normal file
View File

@ -0,0 +1,9 @@
// Test access to a 0-sized element (in this case,
// a zero-length array).
if (!this.hasOwnProperty("TypedObject"))
quit();
var AA = TypedObject.uint8.array(0.).array(5);
var aa = new AA();
var aa0 = aa[0];

6
layout/base/ActiveLayerTracker.cpp
View File

@ -115,7 +115,11 @@ LayerActivityTracker::NotifyExpired(LayerActivity* aObject)
nsIFrame* f = aObject->mFrame;
aObject->mFrame = nullptr;
f->SchedulePaint();
// The pres context might have been detached during the delay -
// that's fine, just skip the paint.
if (f->PresContext()->GetContainerWeak()) {
f->SchedulePaint();
}
f->RemoveStateBits(NS_FRAME_HAS_LAYER_ACTIVITY_PROPERTY);
f->Properties().Delete(LayerActivityProperty());
}

3
layout/base/nsPresContext.cpp
View File

@ -2354,8 +2354,7 @@ nsPresContext::NotifyInvalidation(const nsIntRect& aRect, uint32_t aFlags)
void
nsPresContext::NotifyInvalidation(const nsRect& aRect, uint32_t aFlags)
{
// Disabled temporarily for happening too frequently. (bug 967758)
//MOZ_ASSERT(GetContainerWeak(), "Invalidation in detached pres context");
MOZ_ASSERT(GetContainerWeak(), "Invalidation in detached pres context");
// If there is no paint event listener, then we don't need to fire
// the asynchronous event. We don't even need to record invalidation.

1
layout/base/nsPresShell.cpp
View File

@ -5902,6 +5902,7 @@ PresShell::Paint(nsView* aViewToPaint,
}
if (mNextPaintCompressed) {
flags |= nsLayoutUtils::PAINT_COMPRESSED;
mNextPaintCompressed = false;
}
if (frame) {

3
layout/generic/nsFrame.cpp
View File

@ -4896,8 +4896,7 @@ nsIFrame::SchedulePaint(PaintType aType)
return;
}
// Disabled temporarily for happening too frequently. (bug 967758)
//MOZ_ASSERT(pres->GetContainerWeak(), "SchedulePaint in a detached pres context");
MOZ_ASSERT(pres->GetContainerWeak(), "SchedulePaint in a detached pres context");
pres->PresShell()->ScheduleViewManagerFlush(aType == PAINT_DELAYED_COMPRESS ?
nsIPresShell::PAINT_DELAYED_COMPRESS :
nsIPresShell::PAINT_DEFAULT);

32
layout/style/test/chrome/test_author_specified_style.html
View File

@ -26,19 +26,27 @@ var properties = [
"background", "none repeat scroll 0% 0% "
];
var span = document.createElement("span");
for (var j = 0; j < properties.length; j += 2) {
var propertyName = properties[j];
var expectedPrefix = properties[j + 1];
for (var i = 0; i < values.length; i += 2) {
var value = values[i];
var expected = values[i + 1];
span.setAttribute("style", propertyName + ": " + value);
is(span.style.getAuthoredPropertyValue(propertyName), expectedPrefix + expected, "specified " + value);
function runTest() {
var span = document.createElement("span");
for (var j = 0; j < properties.length; j += 2) {
var propertyName = properties[j];
var expectedPrefix = properties[j + 1];
for (var i = 0; i < values.length; i += 2) {
var value = values[i];
var expected = values[i + 1];
span.setAttribute("style", propertyName + ": " + value);
is(span.style.getAuthoredPropertyValue(propertyName), expectedPrefix + expected, "specified " + value);
}
}
// also test a custom property
span.setAttribute("style", "var-color: rgb(10%,25%,99%)");
is(span.style.getAuthoredPropertyValue("var-color"), " rgb(10%,25%,99%)", "specified var-color");
SimpleTest.finish();
}
// also test a custom property
span.setAttribute("style", "var-color: rgb(10%,25%,99%)");
is(span.style.getAuthoredPropertyValue("var-color"), " rgb(10%,25%,99%)", "specified var-color");
SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({ set: [["layout.css.variables.enabled", true]] },
runTest);
</script>

35
layout/style/test/test_value_storage.html
View File

@ -105,6 +105,7 @@ var gPrereqDeclaration =
function test_property(property)
{
ok(SpecialPowers.getBoolPref("layout.css.variables.enabled"), "pref not set #2");
var info = gCSSProperties[property];
var test_computed = !("backend_only" in info);
@ -286,24 +287,30 @@ function test_property(property)
}
// To avoid triggering the slow script dialog, we have to test one
// property at a time.
SimpleTest.waitForExplicitFinish();
SimpleTest.requestLongerTimeout(2);
var props = [];
for (var prop in gCSSProperties)
props.push(prop);
props = props.reverse();
function do_one() {
if (props.length == 0) {
SimpleTest.finish();
return;
function runTest() {
// To avoid triggering the slow script dialog, we have to test one
// property at a time.
ok(SpecialPowers.getBoolPref("layout.css.variables.enabled"), "pref not set #1");
var props = [];
for (var prop in gCSSProperties)
props.push(prop);
props = props.reverse();
function do_one() {
if (props.length == 0) {
SimpleTest.finish();
return;
}
test_property(props.pop());
SimpleTest.executeSoon(do_one);
}
test_property(props.pop());
SimpleTest.executeSoon(do_one);
}
SimpleTest.executeSoon(do_one);
SimpleTest.waitForExplicitFinish();
SimpleTest.requestLongerTimeout(2);
SpecialPowers.pushPrefEnv({ set: [["layout.css.variables.enabled", true]] },
runTest);
</script>
</pre>
</body>

31
layout/style/test/test_variable_serialization_computed.html
View File

@ -4,7 +4,7 @@
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" href="/tests/SimpleTest/test.css" type="text/css">
<div style="var-z:an-inherited-value">
<div>
<span></span>
</div>
@ -52,14 +52,25 @@ var values = [
["var-a: url(\"http://example.org/\\", "var-a", " url(\"http://example.org/\")"]
];
var span = document.querySelector("span");
function runTest() {
var div = document.querySelector("div");
var span = document.querySelector("span");
values.forEach(function(entry, i) {
var declaration = entry[0];
var property = entry[1];
var expected = entry[2];
span.setAttribute("style", declaration);
var cs = getComputedStyle(span, "");
is(cs.getPropertyValue(property), expected, "subtest #" + i);
});
div.setAttribute("style", "var-z:an-inherited-value");
values.forEach(function(entry, i) {
var declaration = entry[0];
var property = entry[1];
var expected = entry[2];
span.setAttribute("style", declaration);
var cs = getComputedStyle(span, "");
is(cs.getPropertyValue(property), expected, "subtest #" + i);
});
SimpleTest.finish();
}
SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({ set: [["layout.css.variables.enabled", true]] },
runTest);
</script>

20
layout/style/test/test_variable_serialization_specified.html
View File

@ -98,11 +98,19 @@ function test_specified_value_serialization(value, expected) {
decl.removeProperty("margin");
}
values_with_unchanged_specified_value_serialization.forEach(function(value) {
test_specified_value_serialization(value, value);
});
function runTest() {
values_with_unchanged_specified_value_serialization.forEach(function(value) {
test_specified_value_serialization(value, value);
});
values_with_changed_specified_value_serialization.forEach(function(pair) {
test_specified_value_serialization(pair[0], pair[1]);
});
values_with_changed_specified_value_serialization.forEach(function(pair) {
test_specified_value_serialization(pair[0], pair[1]);
});
SimpleTest.finish();
}
SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({ set: [["layout.css.variables.enabled", true]] },
runTest);
</script>

24
layout/style/test/test_variables.html
View File

@ -5,22 +5,21 @@
<link rel="stylesheet" href="/tests/SimpleTest/test.css" type="text/css">
<style id="test1">
p { var-a:123!important; }
</style>
<style id="test2">
p { var-a: a !important; }
</style>
<style id="test3">
p { border-left-style: inset; padding: 1px; var-decoration: line-through; }
</style>
<script>
var tests = [
function() {
// https://bugzilla.mozilla.org/show_bug.cgi?id=773296#c121
var declaration = document.getElementById("test1").sheet.cssRules[0].style;
var test1 = document.getElementById("test1");
test1.textContent = "p { var-a:123!important; }";
var declaration = test1.sheet.cssRules[0].style;
declaration.cssText;
declaration.setProperty("color", "black");
is(declaration.getPropertyValue("var-a"), "123");
@ -28,16 +27,27 @@ var tests = [
function() {
// https://bugzilla.mozilla.org/show_bug.cgi?id=773296#c121
var declaration = document.getElementById("test2").sheet.cssRules[0].style;
var test2 = document.getElementById("test2");
test2.textContent = "p { var-a: a !important; }";
var declaration = test2.sheet.cssRules[0].style;
is(declaration.getPropertyPriority("var-a"), "important");
},
function() {
// https://bugzilla.mozilla.org/show_bug.cgi?id=955913
var declaration = document.getElementById("test3").sheet.cssRules[0].style;
var test3 = document.getElementById("test3");
test3.textContent = "p { border-left-style: inset; padding: 1px; var-decoration: line-through; }";
var declaration = test3.sheet.cssRules[0].style;
is(declaration[declaration.length - 1], "var-decoration");
},
];
tests.forEach(function(fn) { fn(); });
function runTest() {
tests.forEach(function(fn) { fn(); });
SimpleTest.finish();
}
SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({ set: [["layout.css.variables.enabled", true ]] },
runTest);
</script>

2
media/webrtc/signaling/src/sipcc/core/sdp/sdp_attr_access.c
View File

@ -12534,7 +12534,7 @@ u16 sdp_attr_get_extmap_id(void *sdp_ptr, u16 level,
sdp_attr_t *attr_p;
if (sdp_verify_sdp_ptr(sdp_p) == FALSE) {
return (NULL);
return 0;
}
attr_p = sdp_find_attr(sdp_p, level, 0, SDP_ATTR_EXTMAP, inst_num);

17
python/lldbutils/README.txt
View File

@ -143,6 +143,23 @@ the "expr -R -- EXPR" command can be used to show its actual member variables.
nsACString_internal = "text/html"
}
* nscolor
nscolors (32-bit RGBA colors) have a type summary that shows the color as
one of the CSS 2.1 color keywords, a six digit hex color, an rgba() color,
or the "transparent" keyword.
(lldb) p this
(nsTextFrame *) $0 = 0x00000001168245e0
(lldb) p *this->StyleColor()
(const nsStyleColor) $1 = {
mColor = lime
}
(lldb) expr -R -- *this->StyleColor()
(const nsStyleColor) $2 = {
mColor = 4278255360
}
* nsIAtom
Atoms have a type summary that shows the string value inside the atom.

2
python/lldbutils/lldbutils/__init__.py
View File

@ -1,6 +1,6 @@
import lldb
__all__ = ['content', 'general', 'layout', 'utils']
__all__ = ['content', 'general', 'gfx', 'layout', 'utils']
def init():
for name in __all__:

34
python/lldbutils/lldbutils/gfx.py Normal file
View File

@ -0,0 +1,34 @@
import lldb
def summarize_nscolor(valobj, internal_dict):
colors = {
"#800000": "maroon",
"#ff0000": "red",
"#ffa500": "orange",
"#ffff00": "yellow",
"#808000": "olive",
"#800080": "purple",
"#ff00ff": "fuchsia",
"#ffffff": "white",
"#00ff00": "lime",
"#008000": "green",
"#000080": "navy",
"#0000ff": "blue",
"#00ffff": "aqua",
"#008080": "teal",
"#000000": "black",
"#c0c0c0": "silver",
"#808080": "gray"
}
value = valobj.GetValueAsUnsigned(0)
if value == 0:
return "transparent"
if value & 0xff000000 != 0xff000000:
return "rgba(%d, %d, %d, %f)" % (value & 0xff, (value >> 8) & 0xff, (value >> 16) & 0xff, ((value >> 24) & 0xff) / 255.0)
color = "#%02x%02x%02x" % (value & 0xff, (value >> 8) & 0xff, (value >> 16) & 0xff)
if color in colors:
return colors[color]
return color
def init(debugger):
debugger.HandleCommand("type summary add nscolor -v -F lldbutils.gfx.summarize_nscolor")

2
security/nss/TAG-INFO
View File

@ -1 +1 @@
NSS_3_15_5_RC0
NSS_3_16_BETA1

4
security/nss/coreconf/config.mk
View File

@ -166,6 +166,10 @@ ifdef NSS_DISABLE_DBM
DEFINES += -DNSS_DISABLE_DBM
endif
ifdef NSS_PKIX_NO_LDAP
DEFINES += -DNSS_PKIX_NO_LDAP
endif
# Avoid building object leak test code for optimized library
ifndef BUILD_OPT
ifdef PKIX_OBJECT_LEAK_TEST

1
security/nss/coreconf/coreconf.dep
View File

@ -10,4 +10,3 @@
*/
#error "Do not include this header file."

23
security/nss/lib/certhigh/certvfy.c
View File

@ -506,7 +506,18 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
LOG_ERROR_OR_EXIT(log, issuerCert, count+1, pathLengthLimit);
}
/* make sure that the entire chain is within the name space of the
* current issuer certificate.
*/
rv = CERT_CompareNameSpace(issuerCert, namesList, certsList,
arena, &badCert);
if (rv != SECSuccess || badCert != NULL) {
PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
goto loser;
}
/* XXX - the error logging may need to go down into CRL stuff at some
* point
*/
@ -628,16 +639,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
}
}
/* make sure that the entire chain is within the name space of the
** current issuer certificate.
*/
rv = CERT_CompareNameSpace(issuerCert, namesList, certsList,
arena, &badCert);
if (rv != SECSuccess || badCert != NULL) {
PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
goto loser;
}
/* make sure that the issuer is not self signed. If it is, then
* stop here to prevent looping.
*/

1648
security/nss/lib/ckfw/builtins/certdata.txt
View File

File diff suppressed because it is too large Load Diff

4
security/nss/lib/ckfw/builtins/nssckbi.h
View File

@ -45,8 +45,8 @@
* of the comment in the CK_VERSION type definition.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 96
#define NSS_BUILTINS_LIBRARY_VERSION "1.96"
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 97
#define NSS_BUILTINS_LIBRARY_VERSION "1.97"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1

4
security/nss/lib/freebl/config.mk
View File

@ -54,9 +54,9 @@ RES = $(OBJDIR)/$(LIBRARY_NAME).res
RESNAME = freebl.rc
ifdef NS_USE_GCC
OS_LIBS += -lshell32
OS_LIBS += -ladvapi32
else
OS_LIBS += shell32.lib
OS_LIBS += advapi32.lib
endif
ifdef NS_USE_GCC

10
security/nss/lib/freebl/rsapkcs.c
View File

@ -24,16 +24,14 @@
/*
* RSA block types
*
* The actual values are important -- they are fixed, *not* arbitrary.
* The explicit value assignments are not needed (because C would give
* us those same values anyway) but are included as a reminder...
* The values of RSA_BlockPrivate and RSA_BlockPublic are fixed.
* The value of RSA_BlockRaw isn't fixed by definition, but we are keeping
* the value that NSS has been using in the past.
*/
typedef enum {
RSA_BlockUnused = 0, /* unused */
RSA_BlockPrivate = 1, /* pad for a private-key operation */
RSA_BlockPublic = 2, /* pad for a public-key operation */
RSA_BlockRaw = 4, /* simply justify the block appropriately */
RSA_BlockTotal
RSA_BlockRaw = 4 /* simply justify the block appropriately */
} RSA_BlockType;
/* Needed for RSA-PSS functions */

5
security/nss/lib/freebl/sysrand.c
View File

@ -8,7 +8,9 @@
#include "seccomon.h"
#ifndef XP_WIN
static size_t rng_systemFromNoise(unsigned char *dest, size_t maxLen);
#endif
#if defined(XP_UNIX) || defined(XP_BEOS)
#include "unix_rand.c"
@ -20,6 +22,7 @@ static size_t rng_systemFromNoise(unsigned char *dest, size_t maxLen);
#include "os2_rand.c"
#endif
#ifndef XP_WIN
/*
* Normal RNG_SystemRNG() isn't available, use the system noise to collect
* the required amount of entropy.
@ -43,4 +46,4 @@ rng_systemFromNoise(unsigned char *dest, size_t maxLen)
}
return retBytes;
}
#endif

251
security/nss/lib/freebl/win_rand.c
View File

@ -3,24 +3,10 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "secrng.h"
#include "secerr.h"
#ifdef XP_WIN
#include <windows.h>
#include <shlobj.h> /* for CSIDL constants */
#include <time.h>
#include <io.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include "prio.h"
#include "prerror.h"
static PRInt32 filesToRead;
static DWORD totalFileBytes;
static DWORD maxFileBytes = 250000; /* 250 thousand */
static DWORD dwNumFiles, dwReadEvery, dwFileToRead;
static PRBool usedWindowsPRNG;
static BOOL
CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow)
@ -84,168 +70,6 @@ size_t RNG_GetNoise(void *buf, size_t maxbuf)
return n;
}
typedef PRInt32 (* Handler)(const PRUnichar *);
#define MAX_DEPTH 2
#define MAX_FOLDERS 4
#define MAX_FILES 1024
static void
EnumSystemFilesInFolder(Handler func, PRUnichar* szSysDir, int maxDepth)
{
int iContinue;
unsigned int uFolders = 0;
unsigned int uFiles = 0;
HANDLE lFindHandle;
WIN32_FIND_DATAW fdData;
PRUnichar szFileName[_MAX_PATH];
if (maxDepth < 0)
return;
// append *.* so we actually look for files.
_snwprintf(szFileName, _MAX_PATH, L"%s\\*.*", szSysDir);
szFileName[_MAX_PATH - 1] = L'\0';
lFindHandle = FindFirstFileW(szFileName, &fdData);
if (lFindHandle == INVALID_HANDLE_VALUE)
return;
do {
iContinue = 1;
if (wcscmp(fdData.cFileName, L".") == 0 ||
wcscmp(fdData.cFileName, L"..") == 0) {
// skip "." and ".."
} else {
// pass the full pathname to the callback
_snwprintf(szFileName, _MAX_PATH, L"%s\\%s", szSysDir,
fdData.cFileName);
szFileName[_MAX_PATH - 1] = L'\0';
if (fdData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
if (++uFolders <= MAX_FOLDERS)
EnumSystemFilesInFolder(func, szFileName, maxDepth - 1);
} else {
iContinue = (++uFiles <= MAX_FILES) && !(*func)(szFileName);
}
}
if (iContinue)
iContinue = FindNextFileW(lFindHandle, &fdData);
} while (iContinue);
FindClose(lFindHandle);
}
static BOOL
EnumSystemFiles(Handler func)
{
PRUnichar szSysDir[_MAX_PATH];
static const int folders[] = {
CSIDL_BITBUCKET,
CSIDL_RECENT,
CSIDL_INTERNET_CACHE,
CSIDL_HISTORY,
0
};
int i = 0;
if (_MAX_PATH > (i = GetTempPathW(_MAX_PATH, szSysDir))) {
if (i > 0 && szSysDir[i-1] == L'\\')
szSysDir[i-1] = L'\0'; // we need to lop off the trailing slash
EnumSystemFilesInFolder(func, szSysDir, MAX_DEPTH);
}
for(i = 0; folders[i]; i++) {
DWORD rv = SHGetSpecialFolderPathW(NULL, szSysDir, folders[i], 0);
if (szSysDir[0])
EnumSystemFilesInFolder(func, szSysDir, MAX_DEPTH);
szSysDir[0] = L'\0';
}
return PR_TRUE;
}
static PRInt32
CountFiles(const PRUnichar *file)
{
dwNumFiles++;
return 0;
}
static int
ReadSingleFile(const char *filename)
{
PRFileDesc * file;
unsigned char buffer[1024];
file = PR_Open(filename, PR_RDONLY, 0);
if (file != NULL) {
while (PR_Read(file, buffer, sizeof buffer) > 0)
;
PR_Close(file);
}
return (file != NULL);
}
static PRInt32
ReadOneFile(const PRUnichar *szFileName)
{
char narrowFileName[_MAX_PATH];
if (dwNumFiles == dwFileToRead) {
int success = WideCharToMultiByte(CP_ACP, 0, szFileName, -1,
narrowFileName, _MAX_PATH,
NULL, NULL);
if (success)
success = ReadSingleFile(narrowFileName);
if (!success)
dwFileToRead++; /* couldn't read this one, read the next one. */
}
dwNumFiles++;
return dwNumFiles > dwFileToRead;
}
static PRInt32
ReadFiles(const PRUnichar *szFileName)
{
char narrowFileName[_MAX_PATH];
if ((dwNumFiles % dwReadEvery) == 0) {
++filesToRead;
}
if (filesToRead) {
DWORD prevFileBytes = totalFileBytes;
int iContinue = WideCharToMultiByte(CP_ACP, 0, szFileName, -1,
narrowFileName, _MAX_PATH,
NULL, NULL);
if (iContinue) {
RNG_FileForRNG(narrowFileName);
}
if (prevFileBytes < totalFileBytes) {
--filesToRead;
}
}
dwNumFiles++;
return (totalFileBytes >= maxFileBytes);
}
static void
ReadSystemFiles(void)
{
// first count the number of files
dwNumFiles = 0;
if (!EnumSystemFiles(CountFiles))
return;
RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
// now read the first 10 readable files, then 10 or 11 files
// spread throughout the system directory
filesToRead = 10;
if (dwNumFiles == 0)
return;
dwReadEvery = dwNumFiles / 10;
if (dwReadEvery == 0)
dwReadEvery = 1; // less than 10 files
dwNumFiles = 0;
totalFileBytes = 0;
EnumSystemFiles(ReadFiles);
}
void RNG_SystemInfoForRNG(void)
{
DWORD dwVal;
@ -308,91 +132,28 @@ void RNG_SystemInfoForRNG(void)
RNG_RandomUpdate(&dwNumClusters, sizeof(dwNumClusters));
}
// Skip the potentially slow file scanning if the OS's PRNG worked.
if (!usedWindowsPRNG)
ReadSystemFiles();
nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
RNG_RandomUpdate(buffer, nBytes);
}
static void rng_systemJitter(void)
{
dwNumFiles = 0;
EnumSystemFiles(ReadOneFile);
dwFileToRead++;
if (dwFileToRead >= dwNumFiles) {
dwFileToRead = 0;
}
}
void RNG_FileForRNG(const char *filename)
{
FILE* file;
int nBytes;
struct stat stat_buf;
unsigned char buffer[1024];
/* windows doesn't initialize all the bytes in the stat buf,
* so initialize them all here to avoid UMRs.
*/
memset(&stat_buf, 0, sizeof stat_buf);
if (stat((char *)filename, &stat_buf) < 0)
return;
RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
file = fopen((char *)filename, "r");
if (file != NULL) {
for (;;) {
size_t bytes = fread(buffer, 1, sizeof(buffer), file);
if (bytes == 0)
break;
RNG_RandomUpdate(buffer, bytes);
totalFileBytes += bytes;
if (totalFileBytes > maxFileBytes)
break;
}
fclose(file);
}
nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
RNG_RandomUpdate(buffer, nBytes);
}
/*
* Windows XP and Windows Server 2003 and later have RtlGenRandom,
* which must be looked up by the name SystemFunction036.
* The RtlGenRandom function is declared in <ntsecapi.h>, but the
* declaration is missing a calling convention specifier. So we
* declare it manually here.
*/
typedef BOOLEAN
(APIENTRY *RtlGenRandomFn)(
#define RtlGenRandom SystemFunction036
DECLSPEC_IMPORT BOOLEAN WINAPI RtlGenRandom(
PVOID RandomBuffer,
ULONG RandomBufferLength);
size_t RNG_SystemRNG(void *dest, size_t maxLen)
{
HMODULE hModule;
RtlGenRandomFn pRtlGenRandom;
size_t bytes = 0;
usedWindowsPRNG = PR_FALSE;
hModule = LoadLibrary("advapi32.dll");
if (hModule == NULL) {
return bytes;
}
pRtlGenRandom = (RtlGenRandomFn)
GetProcAddress(hModule, "SystemFunction036");
if (pRtlGenRandom && pRtlGenRandom(dest, maxLen)) {
if (RtlGenRandom(dest, maxLen)) {
bytes = maxLen;
usedWindowsPRNG = PR_TRUE;
}
FreeLibrary(hModule);
return bytes;
}
#endif /* is XP_WIN */

2
security/nss/lib/libpkix/include/pkix_errorstrings.h
View File

@ -576,7 +576,9 @@ PKIX_ERRORENTRY(INFOACCESSCREATELISTFAILED,pkix_pl_InfoAccess_CreateList failed,
PKIX_ERRORENTRY(INFOACCESSGETLOCATIONFAILED,PKIX_PL_InfoAccess_GetLocation failed,0),
PKIX_ERRORENTRY(INFOACCESSGETLOCATIONTYPEFAILED,PKIX_PL_InfoAccess_GetLocationType failed,0),
PKIX_ERRORENTRY(INFOACCESSGETMETHODFAILED,PKIX_PL_InfoAccess_GetMethod failed,0),
#ifndef NSS_PKIX_NO_LDAP
PKIX_ERRORENTRY(INFOACCESSPARSELOCATIONFAILED,pkix_pl_InfoAccess_ParseLocation failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
#endif
PKIX_ERRORENTRY(INFOACCESSPARSETOKENSFAILED,pkix_pl_InfoAccess_ParseTokens failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
PKIX_ERRORENTRY(INITIALIZECHECKERSFAILED,pkix_InitializeCheckers failed,0),
PKIX_ERRORENTRY(INITIALIZEFAILED,PKIX_PL_Initialize failed,0),

6
security/nss/lib/libpkix/include/pkix_pl_pki.h
View File

@ -1269,6 +1269,9 @@ PKIX_PL_Cert_AreCertPoliciesCritical(
* Must be non-NULL.
* "nameConstraints"
* Address of CertNameConstraints that need to be satisfied.
* "treatCommonNameAsDNSName"
* PKIX_TRUE if the subject common name should be considered a dNSName
* when evaluating name constraints.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
@ -1282,6 +1285,7 @@ PKIX_Error *
PKIX_PL_Cert_CheckNameConstraints(
PKIX_PL_Cert *cert,
PKIX_PL_CertNameConstraints *nameConstraints,
PKIX_Boolean treatCommonNameAsDNSName,
void *plContext);
/*
@ -1827,7 +1831,9 @@ PKIX_PL_Cert_GetCrlDp(PKIX_PL_Cert *cert,
#define PKIX_INFOACCESS_LOCATION_UNKNOWN 0
#define PKIX_INFOACCESS_LOCATION_HTTP 1
#ifndef NSS_PKIX_NO_LDAP
#define PKIX_INFOACCESS_LOCATION_LDAP 2
#endif
/*
* FUNCTION: PKIX_PL_InfoAccess_GetMethod

2
security/nss/lib/libpkix/include/pkix_sample_modules.h
View File

@ -117,6 +117,7 @@ PKIX_PL_Pk11CertStore_Create(
PKIX_CertStore **pPk11CertStore,
void *plContext);
#ifndef NSS_PKIX_NO_LDAP
/* PKIX_PL_LdapCertStore
*
* A PKIX_PL_LdapCertStore retrieves certificates and CRLs from an LDAP server
@ -249,6 +250,7 @@ PKIX_PL_LdapCertStore_Create(
PKIX_PL_LdapClient *client,
PKIX_CertStore **pCertStore,
void *plContext);
#endif /* !NSS_PKIX_NO_LDAP */
/* PKIX_PL_NssContext
*

8
security/nss/lib/libpkix/pkix/certsel/pkix_certselector.c
View File

@ -425,9 +425,13 @@ pkix_CertSelector_Match_NameConstraints(
PKIX_COMCERTSELPARAMSGETNAMECONSTRAINTSFAILED);
if (nameConstraints != NULL) {
/* As only the end-entity certificate should have
* the common name constrained as if it was a dNSName,
* do not constrain the common name when building a
* forward path.
*/
PKIX_CHECK(PKIX_PL_Cert_CheckNameConstraints
(cert, nameConstraints, plContext),
(cert, nameConstraints, PKIX_FALSE, plContext),
PKIX_CERTCHECKNAMECONSTRAINTSFAILED);
}

9
security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.c
View File

@ -167,6 +167,7 @@ pkix_NameConstraintsChecker_Check(
PKIX_PL_CertNameConstraints *nameConstraints = NULL;
PKIX_PL_CertNameConstraints *mergedNameConstraints = NULL;
PKIX_Boolean selfIssued = PKIX_FALSE;
PKIX_Boolean lastCert = PKIX_FALSE;
PKIX_ENTER(CERTCHAINCHECKER, "pkix_NameConstraintsChecker_Check");
PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
@ -178,6 +179,7 @@ pkix_NameConstraintsChecker_Check(
PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
state->certsRemaining--;
lastCert = state->certsRemaining == 0;
/* Get status of self issued */
PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext),
@ -185,13 +187,14 @@ pkix_NameConstraintsChecker_Check(
/* Check on non self-issued and if so only for last cert */
if (selfIssued == PKIX_FALSE ||
(selfIssued == PKIX_TRUE && state->certsRemaining == 0)) {
(selfIssued == PKIX_TRUE && lastCert)) {
PKIX_CHECK(PKIX_PL_Cert_CheckNameConstraints
(cert, state->nameConstraints, plContext),
(cert, state->nameConstraints, lastCert,
plContext),
PKIX_CERTCHECKNAMECONSTRAINTSFAILED);
}
if (state->certsRemaining != 0) {
if (!lastCert) {
PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
(cert, &nameConstraints, plContext),

6
security/nss/lib/libpkix/pkix/params/pkix_trustanchor.c
View File

@ -369,7 +369,11 @@ PKIX_TrustAnchor_CreateWithCert(
anchor->caName = NULL;
anchor->caPubKey = NULL;
anchor->nameConstraints = NULL;
PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
(anchor->trustedCert, &anchor->nameConstraints, plContext),
PKIX_CERTGETNAMECONSTRAINTSFAILED);
*pAnchor = anchor;
anchor = NULL;

2
security/nss/lib/libpkix/pkix/top/pkix_build.h
View File

@ -11,7 +11,9 @@
#ifndef _PKIX_BUILD_H
#define _PKIX_BUILD_H
#include "pkix_tools.h"
#ifndef NSS_PKIX_NO_LDAP
#include "pkix_pl_ldapt.h"
#endif
#include "pkix_ekuchecker.h"
#ifdef __cplusplus

20
security/nss/lib/libpkix/pkix_pl_nss/module/config.mk
View File

@ -13,3 +13,23 @@ SHARED_LIBRARY =
IMPORT_LIBRARY =
PROGRAM =
ifdef NSS_PKIX_NO_LDAP
LDAP_HEADERS =
LDAP_CSRCS =
else
LDAP_HEADERS = \
pkix_pl_ldapt.h \
pkix_pl_ldapcertstore.h \
pkix_pl_ldapresponse.h \
pkix_pl_ldaprequest.h \
pkix_pl_ldapdefaultclient.h \
$(NULL)
LDAP_CSRCS = \
pkix_pl_ldaptemplates.c \
pkix_pl_ldapcertstore.c \
pkix_pl_ldapresponse.c \
pkix_pl_ldaprequest.c \
pkix_pl_ldapdefaultclient.c \
$(NULL)
endif

12
security/nss/lib/libpkix/pkix_pl_nss/module/manifest.mn
View File

@ -12,11 +12,7 @@ PRIVATE_EXPORTS = \
pkix_pl_colcertstore.h \
pkix_pl_httpcertstore.h \
pkix_pl_httpdefaultclient.h \
pkix_pl_ldapt.h \
pkix_pl_ldapcertstore.h \
pkix_pl_ldapresponse.h \
pkix_pl_ldaprequest.h \
pkix_pl_ldapdefaultclient.h \
$(LDAP_HEADERS) \
pkix_pl_nsscontext.h \
pkix_pl_pk11certstore.h \
pkix_pl_socket.h \
@ -32,11 +28,7 @@ CSRCS = \
pkix_pl_colcertstore.c \
pkix_pl_httpcertstore.c \
pkix_pl_httpdefaultclient.c \
pkix_pl_ldaptemplates.c \
pkix_pl_ldapcertstore.c \
pkix_pl_ldapresponse.c \
pkix_pl_ldaprequest.c \
pkix_pl_ldapdefaultclient.c \
$(LDAP_CSRCS) \
pkix_pl_nsscontext.c \
pkix_pl_pk11certstore.c \
pkix_pl_socket.c \

12
security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
View File

@ -11,6 +11,7 @@
#include "pkix_pl_aiamgr.h"
extern PKIX_PL_HashTable *aiaConnectionCache;
#ifndef NSS_PKIX_NO_LDAP
/* --Virtual-LdapClient-Functions------------------------------------ */
PKIX_Error *
@ -51,6 +52,7 @@ cleanup:
PKIX_RETURN(LDAPCLIENT);
}
#endif /* !NSS_PKIX_NO_LDAP */
/* --Private-AIAMgr-Functions----------------------------------*/
@ -81,7 +83,9 @@ pkix_pl_AIAMgr_Destroy(
PKIX_DECREF(aiaMgr->aia);
PKIX_DECREF(aiaMgr->location);
PKIX_DECREF(aiaMgr->results);
#ifndef NSS_PKIX_NO_LDAP
PKIX_DECREF(aiaMgr->client.ldapClient);
#endif
cleanup:
@ -114,6 +118,7 @@ pkix_pl_AIAMgr_RegisterSelf(void *plContext)
PKIX_RETURN(AIAMGR);
}
#ifndef NSS_PKIX_NO_LDAP
/*
* FUNCTION: pkix_pl_AiaMgr_FindLDAPClient
* DESCRIPTION:
@ -212,6 +217,7 @@ cleanup:
PKIX_RETURN(AIAMGR);
}
#endif /* !NSS_PKIX_NO_LDAP */
PKIX_Error *
pkix_pl_AIAMgr_GetHTTPCerts(
@ -388,6 +394,7 @@ cleanup:
PKIX_RETURN(AIAMGR);
}
#ifndef NSS_PKIX_NO_LDAP
PKIX_Error *
pkix_pl_AIAMgr_GetLDAPCerts(
PKIX_PL_AIAMgr *aiaMgr,
@ -496,6 +503,7 @@ cleanup:
PKIX_RETURN(AIAMGR);
}
#endif /* !NSS_PKIX_NO_LDAP */
/*
* FUNCTION: PKIX_PL_AIAMgr_Create
@ -632,10 +640,12 @@ PKIX_PL_AIAMgr_GetAIACerts(
PKIX_CHECK(pkix_pl_AIAMgr_GetHTTPCerts
(aiaMgr, ia, &nbio, &certs, plContext),
PKIX_AIAMGRGETHTTPCERTSFAILED);
#ifndef NSS_PKIX_NO_LDAP
} else if (iaType == PKIX_INFOACCESS_LOCATION_LDAP) {
PKIX_CHECK(pkix_pl_AIAMgr_GetLDAPCerts
(aiaMgr, ia, &nbio, &certs, plContext),
PKIX_AIAMGRGETLDAPCERTSFAILED);
#endif
} else {
/* We only support http and ldap requests. */
PKIX_DECREF(ia);
@ -677,7 +687,9 @@ cleanup:
if (PKIX_ERROR_RECEIVED) {
PKIX_DECREF(aiaMgr->aia);
PKIX_DECREF(aiaMgr->results);
#ifndef NSS_PKIX_NO_LDAP
PKIX_DECREF(aiaMgr->client.ldapClient);
#endif
}
PKIX_DECREF(certs);

4
security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h
View File

@ -27,7 +27,9 @@ struct PKIX_PL_AIAMgrStruct {
PKIX_PL_GeneralName *location;
PKIX_List *results;
union {
#ifndef NSS_PKIX_NO_LDAP
PKIX_PL_LdapClient *ldapClient;
#endif
struct {
const SEC_HttpClientFcn *httpClient;
SEC_HTTP_SERVER_SESSION serverSession;
@ -41,6 +43,7 @@ struct PKIX_PL_AIAMgrStruct {
PKIX_Error *pkix_pl_AIAMgr_RegisterSelf(void *plContext);
#ifndef NSS_PKIX_NO_LDAP
PKIX_Error *PKIX_PL_LdapClient_InitiateRequest(
PKIX_PL_LdapClient *client,
LDAPRequestParams *requestParams,
@ -53,6 +56,7 @@ PKIX_Error *PKIX_PL_LdapClient_ResumeRequest(
void **pPollDesc,
PKIX_List **pResponse,
void *plContext);
#endif /* !NSS_PKIX_NO_LDAP */
#ifdef __cplusplus
}

8
security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
View File

@ -3135,6 +3135,7 @@ PKIX_Error *
PKIX_PL_Cert_CheckNameConstraints(
PKIX_PL_Cert *cert,
PKIX_PL_CertNameConstraints *nameConstraints,
PKIX_Boolean treatCommonNameAsDNSName,
void *plContext)
{
PKIX_Boolean checkPass = PKIX_TRUE;
@ -3151,11 +3152,14 @@ PKIX_PL_Cert_CheckNameConstraints(
PKIX_ERROR(PKIX_OUTOFMEMORY);
}
/* This NSS call returns both Subject and Subject Alt Names */
/* This NSS call returns Subject Alt Names. If
* treatCommonNameAsDNSName is true, it also returns the
* Subject Common Name
*/
PKIX_CERT_DEBUG
("\t\tCalling CERT_GetConstrainedCertificateNames\n");
nssSubjectNames = CERT_GetConstrainedCertificateNames
(cert->nssCert, arena, PR_TRUE);
(cert->nssCert, arena, treatCommonNameAsDNSName);
PKIX_CHECK(pkix_pl_CertNameConstraints_CheckNameSpaceNssNames
(nssSubjectNames,

4
security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c
View File

@ -481,9 +481,11 @@ PKIX_PL_InfoAccess_GetLocationType(
PKIX_STRINGGETENCODEDFAILED);
PKIX_OID_DEBUG("\tCalling PORT_Strcmp).\n");
#ifndef NSS_PKIX_NO_LDAP
if (PORT_Strncmp(location, "ldap:", 5) == 0){
type = PKIX_INFOACCESS_LOCATION_LDAP;
} else
#endif
if (PORT_Strncmp(location, "http:", 5) == 0){
type = PKIX_INFOACCESS_LOCATION_HTTP;
}
@ -499,6 +501,7 @@ cleanup:
PKIX_RETURN(INFOACCESS);
}
#ifndef NSS_PKIX_NO_LDAP
/*
* FUNCTION: pkix_pl_InfoAccess_ParseTokens
* DESCRIPTION:
@ -868,3 +871,4 @@ cleanup:
PKIX_RETURN(INFOACCESS);
}
#endif /* !NSS_PKIX_NO_LDAP */

2
security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h
View File

@ -32,6 +32,7 @@ pkix_pl_InfoAccess_CreateList(
PKIX_List **pAiaList, /* of PKIX_PL_InfoAccess */
void *plContext);
#ifndef NSS_PKIX_NO_LDAP
PKIX_Error *
pkix_pl_InfoAccess_ParseLocation(
PKIX_PL_GeneralName *generalName,
@ -39,6 +40,7 @@ pkix_pl_InfoAccess_ParseLocation(
LDAPRequestParams *request,
char **pDomainName,
void *plContext);
#endif /* !NSS_PKIX_NO_LDAP */
#ifdef __cplusplus
}

4
security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h
View File

@ -38,7 +38,9 @@
/* private PKIX_PL_NSS system headers */
#include "pkix_pl_object.h"
#include "pkix_pl_string.h"
#ifndef NSS_PKIX_NO_LDAP
#include "pkix_pl_ldapt.h"
#endif /* !NSS_PKIX_NO_LDAP */
#include "pkix_pl_aiamgr.h"
#include "pkix_pl_bigint.h"
#include "pkix_pl_oid.h"
@ -62,9 +64,11 @@
#include "pkix_pl_ocspresponse.h"
#include "pkix_pl_pk11certstore.h"
#include "pkix_pl_socket.h"
#ifndef NSS_PKIX_NO_LDAP
#include "pkix_pl_ldapcertstore.h"
#include "pkix_pl_ldaprequest.h"
#include "pkix_pl_ldapresponse.h"
#endif /* !NSS_PKIX_NO_LDAP */
#include "pkix_pl_nsscontext.h"
#include "pkix_pl_httpcertstore.h"
#include "pkix_pl_httpdefaultclient.h"

2
security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c
View File

@ -204,9 +204,11 @@ PKIX_PL_Initialize(
pkix_ForwardBuilderState_RegisterSelf(plContext);
pkix_SignatureCheckerState_RegisterSelf(plContext);
pkix_NameConstraintsCheckerState_RegisterSelf(plContext);
#ifndef NSS_PKIX_NO_LDAP
pkix_pl_LdapRequest_RegisterSelf(plContext);
pkix_pl_LdapResponse_RegisterSelf(plContext);
pkix_pl_LdapDefaultClient_RegisterSelf(plContext);
#endif
pkix_pl_Socket_RegisterSelf(plContext);
pkix_ResourceLimits_RegisterSelf(plContext); /* 51-59 */

2
security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h
View File

@ -33,10 +33,12 @@
#include "pkix_pl_crlentry.h"
#include "pkix_pl_crl.h"
#include "pkix_pl_colcertstore.h"
#ifndef NSS_PKIX_NO_LDAP
#include "pkix_pl_ldapcertstore.h"
#include "pkix_pl_ldapdefaultclient.h"
#include "pkix_pl_ldaprequest.h"
#include "pkix_pl_ldapresponse.h"
#endif /* !NSS_PKIX_NO_LDAP */
#include "pkix_pl_socket.h"
#include "pkix_pl_infoaccess.h"
#include "pkix_store.h"

6
security/nss/lib/nss/nss.h
View File

@ -33,10 +33,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define NSS_VERSION "3.15.5" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
#define NSS_VERSION "3.16" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
#define NSS_VMAJOR 3
#define NSS_VMINOR 15
#define NSS_VPATCH 5
#define NSS_VMINOR 16
#define NSS_VPATCH 0
#define NSS_VBUILD 0
#define NSS_BETA PR_TRUE

12
security/nss/lib/softoken/sdb.c
View File

@ -2012,7 +2012,17 @@ s_open(const char *directory, const char *certPrefix, const char *keyPrefix,
/* how long does it take to test for a non-existant file in our working
* directory? Allows us to test if we may be on a network file system */
accessOps = sdb_measureAccess(directory);
accessOps = 1;
{
char *env;
env = PR_GetEnv("NSS_SDB_USE_CACHE");
/* If the environment variable is set to yes or no, sdb_init() will
* ignore the value of accessOps, and we can skip the measuring.*/
if (!env || ((PORT_Strcasecmp(env, "no") != 0) &&
(PORT_Strcasecmp(env, "yes") != 0))){
accessOps = sdb_measureAccess(directory);
}
}
/*
* open the cert data base

6
security/nss/lib/softoken/softkver.h
View File

@ -25,10 +25,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define SOFTOKEN_VERSION "3.15.5" SOFTOKEN_ECC_STRING " Beta"
#define SOFTOKEN_VERSION "3.16" SOFTOKEN_ECC_STRING " Beta"
#define SOFTOKEN_VMAJOR 3
#define SOFTOKEN_VMINOR 15
#define SOFTOKEN_VPATCH 5
#define SOFTOKEN_VMINOR 16
#define SOFTOKEN_VPATCH 0
#define SOFTOKEN_VBUILD 0
#define SOFTOKEN_BETA PR_TRUE

11
security/nss/lib/ssl/sslsock.c
View File

@ -1348,10 +1348,13 @@ ssl_ImportFD(PRFileDesc *model, PRFileDesc *fd, SSLProtocolVariant variant)
SET_ERROR_CODE
return NULL;
}
ns = ssl_FindSocket(fd);
PORT_Assert(ns);
if (ns)
ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
#if defined(DEBUG) || defined(FORCE_PR_ASSERT)
{
sslSocket * ss = ssl_FindSocket(fd);
PORT_Assert(ss == ns);
}
#endif
ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
return fd;
}

6
security/nss/lib/util/nssutil.h
View File

@ -19,10 +19,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
#define NSSUTIL_VERSION "3.15.5 Beta"
#define NSSUTIL_VERSION "3.16 Beta"
#define NSSUTIL_VMAJOR 3
#define NSSUTIL_VMINOR 15
#define NSSUTIL_VPATCH 5
#define NSSUTIL_VMINOR 16
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 0
#define NSSUTIL_BETA PR_TRUE

131
security/nss/tests/chains/scenarios/nameconstraints.cfg
View File

@ -7,16 +7,147 @@ scenario TrustAnchors
db trustanchors
import NameConstraints.ca:x:CT,C,C
import NameConstraints.ncca:x:CT,C,C
# Name Constrained CA: Name constrained to permited DNSName ".example"
# Intermediate 1: Name constrained to permited DNSName ".example"
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=test.invalid"
# altDNS: test.invalid
# Fail: CN not in name constraints, altDNS not in name constraints
verify NameConstraints.server1:x
cert NameConstraints.intermediate:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=another_test.invalid", no SAN
# Fail: CN not in name constraints
verify NameConstraints.server2:x
cert NameConstraints.intermediate:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=test.example"
# altDNS: test.example
verify NameConstraints.server3:x
cert NameConstraints.intermediate:x
result pass
# Intermediate 2: No name constraints, signed by Intermediate 1 (inherits name constraints)
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=test.invalid"
# altDNS: test.invalid
# Fail: CN not in name constraints, altDNS not in name constraints
verify NameConstraints.server4:x
cert NameConstraints.intermediate2:x
cert NameConstraints.intermediate:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=another_test.invalid", no SAN
# Fail: CN not in name constraints
verify NameConstraints.server5:x
cert NameConstraints.intermediate2:x
cert NameConstraints.intermediate:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=test.example"
# altDNS: test.example
verify NameConstraints.server6:x
cert NameConstraints.intermediate2:x
cert NameConstraints.intermediate:x
result pass
# Intermediate 3: Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=NSS Intermediate CA3"
# Name constrained to a permitted DirectoryName of "C=US, ST=CA, O=Foo"
# and a permitted DNSName of "foo.example"
# Intermediate 4: Subject: "C=US, ST=CA, O=Foo, CN=NSS Intermediate CA 2"
# No name constraints present
# Signed by Intermediate 3 (inherits name constraints)
# Subject: "C=US, ST=CA, O=Foo, OU=bar, CN=bat.foo.example", no SAN
verify NameConstraints.server7:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result pass
# Subject: "C=US, ST=CA, O=Foo, CN=bat.foo.example", no SAN
verify NameConstraints.server8:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result pass
# Subject: "C=US, O=Foo, CN=bat.foo.example", no SAN
# Fail: ST is missing in the DirectoryName, thus not matching name constraints
verify NameConstraints.server9:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result fail
# Subject: "C=US, ST=CA, O=Foo, CN=bar.example"
# Fail: CN not in name constraints
verify NameConstraints.server10:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result fail
# Subject: "C=US, ST=CA, O=Foo, CN=site.example"
# altDNS:foo.example
# Pass: Ignores CN constraint name violation because SAN is present
verify NameConstraints.server11:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result pass
# Subject: "C=US, ST=CA, O=Foo, CN=Honest Achmed"
# Fail: CN does not match DNS name constraints - even though is not 'DNS shaped'
verify NameConstraints.server12:x
cert NameConstraints.intermediate4:x
cert NameConstraints.intermediate3:x
result fail
# Intermediate 5: Subject: "C=US, ST=CA, O=OtherOrg, CN=NSS Intermediate CA 2"
# No name constraints present
# Signed by Intermediate 3.
# Intermediate 5's subject is not in Intermediate 3's permitted
# names, so all certs issued by it are invalid.
# Subject: "C=US, ST=CA, O=OtherOrg, CN=bat.foo.example"
# Fail: Org matches Intermediate 5's name constraints, but does not match
# Intermediate 3' name constraints
verify NameConstraints.server13:x
cert NameConstraints.intermediate5:x
cert NameConstraints.intermediate3:x
result fail
# Subject: "C=US, ST=CA, O=Foo, CN=another.foo.example"
# Fail: Matches Intermediate 5's name constraints, but fails because
# Intermediate 5 does not match Intermediate 3's name constraints
verify NameConstraints.server14:x
cert NameConstraints.intermediate5:x
cert NameConstraints.intermediate3:x
result fail
# Intermediate 6: Subject: "C=US, ST=CA, O=OtherOrg, CN=NSS Intermediate CA6"
# No name constraints present
# Signed by Named Constrained CA (inherits root name constraints)
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=testfoo.invalid"
# altDNS: testfoo.invalid
# Fail: CN not in name constraints, altDNS not in name constraints
verify NameConstraints.server15:x
cert NameConstraints.intermediate6:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=another_test3.invalid", no SAN
# Fail: CN not in name constraints
verify NameConstraints.server16:x
cert NameConstraints.intermediate6:x
result fail
# Subject: "C=US, ST=California, L=Mountain View, O=BOGUS NSS, CN=test4.example"
# altDNS: test4.example
verify NameConstraints.server17:x
cert NameConstraints.intermediate6:x
result pass

BIN
security/nss/tests/libpkix/certs/NameConstraints.ca.cert
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate.cert
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate2.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate3.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate4.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate5.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.intermediate6.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.ncca.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server1.cert
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server10.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server11.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server12.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server13.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server14.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server15.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server16.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server17.cert Normal file
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server2.cert
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server3.cert
View File

Binary file not shown.

BIN
security/nss/tests/libpkix/certs/NameConstraints.server4.cert Normal file
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More