Masatoshi Kimura
926928febc
Bug 1138882 - Add a pref to enable unrestricted RC4 fallback. r=keeler
2015-03-05 22:51:31 +09:00
Cykesiopka
73a56cbbda
Bug 1121117 - Add some logging to test_ocsp_timeout.js to ease debugging. r=dkeeler
2015-03-03 14:25:00 +01:00
Wes Kocher
6fef6d1fd8
Merge b2g-inbound to m-c a=merge CLOSED TREE
2015-03-03 17:02:21 -08:00
Chuck Lee
ae761fb055
Bug 1012549 - 0004. Support read private key in keystore. r=dkeeler r=qdot
2015-02-28 21:54:24 +08:00
David Keeler
292ae08e69
bug 1085506 - gather telemetry for TLS handshake certificate verification errors r=rbarnes
2015-02-27 11:14:29 -08:00
Mark Goodwin
3c388dbb12
Bug 1130757 - tests for bug 1130757. r=dkeeler
2015-03-02 08:19:00 +01:00
Mark Goodwin
663d50d01d
Bug 1130757 - Move OneCRL check to NSSCertDBTrustDomain::GetCertTrust. r=dkeeler
2015-02-26 04:38:00 +01:00
Cykesiopka
d4fbd76026
Bug 1130418 - Remove broken e-mail cert trust editing UI. r=emk
2015-03-02 19:54:00 +01:00
Cykesiopka
427f94114a
Bug 1130413 - Remove unused nsITokenPasswordDialogs::GetPassword() function. r=jjones
2015-02-26 13:05:00 +01:00
Wes Kocher
e8af47da16
Merge inbound to m-c a=merge
2015-03-02 12:12:47 -08:00
ffxbld
9ef92bbf7c
No bug, Automated HPKP preload list update from host bld-linux64-spot-044 - a=hpkp-update
2015-02-28 03:27:43 -08:00
ffxbld
1893a50754
No bug, Automated HSTS preload list update from host bld-linux64-spot-044 - a=hsts-update
2015-02-28 03:27:41 -08:00
Kai Engert
43f744a2b0
Bug 1137470 - Upgrade Firefox to NSS 3.18, landing NSS_3_18_BETA7, r=nss-confcall
2015-02-26 23:29:08 +01:00
David Keeler
04a248a258
bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
2015-02-24 15:48:05 -08:00
Boris Zbarsky
8d06e45b3d
Bug 1136388. Change nsIDocumentLoaderFactory and nsIURIContentListener to take MIME types as an XPCOM string, not a char*. r=smaug
2015-02-25 10:26:51 -05:00
Jed Davis
232064fbf4
Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes. r=gdestuynder
2015-02-20 12:16:00 +01:00
Brian Smith
745bea4592
Bug 1077864, Part 3: update nsserrors.properties so error message gets localized.
2015-02-23 16:04:23 -08:00
Brian Smith
e4dfaf9d35
Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler
2015-02-14 16:59:02 -08:00
Brian Smith
a44a7d430b
Bug 1077864, Part 2: Override the trust level for OCSP response signer certs so that they are never considered trust anchors, r=keeler
2015-02-14 15:59:38 -08:00
Brian Smith
8aa85cf009
Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler
2015-02-22 16:59:03 -08:00
Brian Smith
3365c67a40
Bug 1135407: Factor out duplicate logic in tests, r=keeler
2015-02-21 14:12:38 -08:00
Ehsan Akhgari
7270bff2c4
Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith
2015-02-23 13:40:09 -05:00
Ryan VanderMeulen
f1dae981be
Merge inbound to m-c. a=merge
2015-02-21 16:40:27 -05:00
ffxbld
eef00bd3dc
No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update
2015-02-21 03:32:26 -08:00
ffxbld
a0e4678d63
No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update
2015-02-21 03:32:24 -08:00
André Reinald
7f6c61c6b3
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
...
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
André Reinald
0f64952695
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud
...
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
2015-02-18 14:10:27 +01:00
Brian Smith
bfd52ee2fd
Bug 1133618 - Move test SHA1 function to pkixtestutil.cpp. r=mmc
...
--HG--
extra : histedit_source : ef579a4958356a12974b1f0f69ab2d6070ff8e65
2015-02-16 16:37:03 -08:00
Brian Smith
56eb4fcacf
Bug 1130754 - Make PublicKeyAlgorithm an enum class. r=keeler
...
--HG--
extra : histedit_source : 14d321bc2cbdf749fd05994571ca439ee62ab973
2015-02-14 13:25:09 -08:00
Masatoshi Kimura
50d0e8393e
Bug 1127339 - Detect SSLv3-only server in PSM. r=keeler
2015-02-21 17:20:22 +09:00
Cykesiopka
9d854c725f
Bug 1097622 - Add test cases for certs that have notBefore times earlier than the UNIX epoch. r=dkeeler
2015-02-17 06:15:00 -05:00
Cykesiopka
46f192d5a1
Bug 1097622 - Return ERROR_INVALID_TIME when decoding invalid time values. r=dkeeler
2015-02-18 15:56:00 -05:00
Cykesiopka
e2b4441c11
Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler
2015-02-17 06:12:00 -05:00
Masatoshi Kimura
d2252a6393
Bug 1133187 - Update fallback whitelist. r=keeler
2015-02-19 04:12:59 +09:00
Masatoshi Kimura
e322360a68
Bug 1124039 - Allow RC4 only for whitelisted hosts. r=keeler
2015-02-19 04:12:58 +09:00
Masatoshi Kimura
4dcc62555f
Bug 1137179 - Add wildcard support to the static fallback list. r=keeler
2015-02-28 08:53:44 +09:00
Cykesiopka
43d63e50dc
Bug 1136471 - Remove unused nsIIdentityInfo.getValidEVPolicyOid(). r=dkeeler
2015-02-26 13:05:00 -05:00
André Reinald
29bb5c62b7
Bug 1083344 - Add "allow" sandbox rules to fix mochitests on OSX 10.9 and 10.10. r=smichaud
2015-02-27 16:55:35 +01:00
Chris Peterson
949860b4a1
Bug 1133283 - Remove nonstandard expression closures from security/manager/ssl/tests. r=keeler
2015-01-24 23:48:22 -08:00
David Keeler
ea529f0499
bug 1123671 - if a non-overridable error is encountered when processing an overridable certificate error, report the non-overridable error r=mmc r=jcj
...
Also, SEC_ERROR_UNTRUSTED_ISSUER and SEC_ERROR_UNTRUSTED_CERT are not actually overridable, so don't pretend they are.
2015-01-23 14:04:44 -08:00
Chuck Lee
ac8c6a4cd0
Bug 1012549 - 0001. Support import PKCS12 certificate. r=dkeeler r=vchang
2015-02-28 21:54:16 +08:00
Christoph Kerschbaumer
aa5bc08574
Bug 1099296 - Attach LoadInfo to remaining callers of ioService and ProtocolHandlers - in security/ (r=keeler)
2015-02-17 10:09:40 -08:00
Carsten "Tomcat" Book
635a599417
Merge mozilla-central to mozilla-inbound
2015-02-16 16:14:51 +01:00
Carsten "Tomcat" Book
92151b28e6
merge mozilla-inbound to mozilla-central a=merge
2015-02-16 15:59:56 +01:00
ffxbld
bb7473b29b
No bug, Automated HPKP preload list update from host bld-linux64-spot-1093 - a=hpkp-update
2015-02-14 03:21:57 -08:00
ffxbld
b949878087
No bug, Automated HSTS preload list update from host bld-linux64-spot-1093 - a=hsts-update
2015-02-14 03:21:55 -08:00
Masatoshi Kimura
c8e087c026
Bug 1131880 - Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback. r=keeler
2015-02-16 20:03:06 +09:00
Masatoshi Kimura
150d422525
Backout 9507662057de (bug 1130670) and c731517a47e8 (bug 1124039) due to compatibility issues
2015-02-16 19:55:15 +09:00
Mike Hommey
5d1757358f
Bug 1120937 - Properly initialize string fields from the PKCS#11 test module. r=keeler
...
The string fields need to be padded with spaces, according to what
PK11_MakeString does to find the end of the string.
While here, factor all the string manipulations in the test module and
use some C++ template magic to do the right thing.
This changes the static asserts from (with clang):
pkcs11testmodule.cpp:45:3: error: static_assert failed
"TestManufacturerID too long - make it shorter"
static_assert(sizeof(TestManufacturerID) <= sizeof(pInfo->manufacturerID),
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
to:
pkcs11testmodule.cpp:46:3: error: static_assert failed
"DestSize >= SrcSize - 1"
static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1");
^ ~~~~~~~~~~~~~~~~~~~~~~~
pkcs11testmodule.cpp:58:3: note: in instantiation of function
template specialization 'CopyString<32, 63>' requested here
CopyString(pInfo->manufacturerID, TestManufacturerID);
^
which actually gives more information than before: it gives the length of
both buffers.
2015-02-13 10:29:18 +09:00
Masatoshi Kimura
e34dc73e15
Bug 1130670 - Remove dead code that tracks strongCipherStatus. r=keeler
2015-02-14 15:16:04 +09:00
