wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
243,267 Commits 1 Branch 166 Tags 1.2 GiB
1e32ed323a
Commit Graph

140 Commits

Author SHA1 Message Date
Eric Rahm
0652af4ffc Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj 
PR_LOGGING is now always defined, we can remove #ifdefs checking for it.
 2015-05-08 14:36:33 -07:00
Mark Goodwin
d9db423681 Bug 1128607 - Add freshness check for OneCRL (r=keeler) 2015-05-07 18:54:05 +01:00
Richard Barnes
5491d34ed0 Bug 1121982 - Update PSM to use NSS name constraints 2015-04-23 20:26:29 -04:00
David Keeler
d3dd0e4ad0 bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes 
Also remove certificates where notBefore is on or after 1 April 2015.
 2015-04-21 16:07:33 -07:00
David Keeler
87964c3250 bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes 2015-04-07 17:29:05 -07:00
David Keeler
ef38913727 bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past 2015-03-25 11:04:49 -07:00
Jan Beich
b9b92e7e47 Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith 2015-04-14 14:30:09 +02:00
Brian Smith
2bbc1d7a0d Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler 2015-04-12 19:57:48 -10:00
Mark Goodwin
2098eab23a Bug 1132689 - Feb 2015 batch of EV root CA Changes. r=keeler 2015-03-30 08:57:00 +02:00
Brian Smith
3509081d96 Bug 1146057: Remove support for GCC 4.6, r=keeler 
Since Gecko now requires GCC 4.7 or later, we no longer need to
work around the lack of support for "override" and "final" in
earlier versions of GCC.
 2015-03-30 20:18:46 -10:00
Mark Goodwin
13b7190f95 Bug 1138848 - Modify OneCRL blocklist for subject / public key blocking (r=keeler, unfocused) 2015-03-31 15:10:09 -07:00
Ehsan Akhgari
5cccea6f0f Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj 
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
 2015-03-21 12:28:04 -04:00
Cykesiopka
fa772c674c Bug 1139177 - RSA public key size checking cleanups. r=keeler 2015-03-05 16:41:00 +01:00
Mark Goodwin
957e3792cf Bug 1130757 - Move OneCRL check to NSSCertDBTrustDomain::GetCertTrust. r=dkeeler 2015-02-26 04:38:00 +01:00
David Keeler
1f3f600cd6 bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith 2015-02-24 15:48:05 -08:00
Brian Smith
48b59204aa Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler 2015-02-14 16:59:02 -08:00
Brian Smith
859c0d622a Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler 2015-02-07 12:14:31 -08:00
Brian Smith
70541ae471 Bug 1122841, Part 2: Centralize checking of public key, r=keeler 2015-02-02 16:17:08 -08:00
TheKK
cd4a17333c Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz 2015-01-23 06:17:00 +01:00
Brian Smith
8c8b82fc94 Bug 1115906, Part 1: Add workarounds for missing final/override support in GCC before version 4.7, r=keeler 2015-01-07 14:53:11 -08:00
Chris Peterson
90751d5a6c Bug 1118076 - Remove MOZ_THIS_IN_INITIALIZER_LIST. r=Waldo 2015-01-06 21:39:46 -08:00
Mark Goodwin ext:(%2C%20Harsh%20Pathak%20%3Chpathak%40mozilla.com%3E)
02a6ae6ff4 Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler r=Unfocused 2015-01-07 06:08:00 +01:00
Brian Smith
82cf37d92b Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj 
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
 2014-12-23 14:51:52 -08:00
Kaspar Brand
b69cec92c3 Bug 1112487 - The signing certificates with key usage only non-repudiation is taken as invalid for signing. r=keeler 2014-12-17 21:31:00 -05:00
Brian Smith
fb1f442e36 Bug 1107666, Part 2: Further fix for SSL_OCSP_STAPLING telemetry, r=keeler 
--HG--
extra : rebase_source : b2dbbd4eaa8aea019b40eddfc19fb8af20ef3a4c
 2014-12-20 07:03:57 -08:00
Brian Smith
ddd90fc492 Bug 1107666: Fix OCSP stapling telemetry (SSL_OCSP_STAPLING), r=keeler 
--HG--
extra : rebase_source : 926f091b2a361d7dce30bee918d6659259f1b3e4
 2014-12-11 23:22:35 -08:00
Cykesiopka
5353aea9a4 Bug 1085074 - Part 2 - Use explicit bit sizes for key size cert file names. r=briansmith 2014-12-07 20:41:00 +01:00
David Keeler
e95893c802 bug 1020237 - follow-up to fix build bustage r=bustage on a CLOSED TREE 2014-12-05 10:12:58 -08:00
David Keeler
759f3cf5f1 bug 1020237 - prefer root certificates to non-root certificates in NSSCertDBTrustDomain::FindIssuer r=briansmith 2014-12-04 13:37:01 -08:00
Carsten "Tomcat" Book
1200163a61 Backed out changeset b38a8e2203a1 (bug 1024809) for Android 4 perma failures 2014-11-28 12:23:19 +01:00
Mark Goodwin ext:(%2C%20Harsh%20Pathak%20%3Chpathak%40mozilla.com%3E)
4e185c2f83 Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. (r=keeler,Unfocused) 2014-11-27 23:36:00 +01:00
Carsten "Tomcat" Book
50164ea992 Backed out changeset 761071f57ab6 (bug 1024809) for emulator ics bustage 2014-11-27 16:30:41 +01:00
Mark Goodwin ext:(%2C%20Harsh%20Pathak%20%3Chpathak%40mozilla.com%3E)
614a479757 Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler,Unfocused 2014-11-27 04:12:00 +01:00
Rob Stradling
0bcb1776da bug 1104109 - follow-up to fix new EV OID description strings (they need to match if the OIDs are the same) r=keeler 2014-11-26 11:28:17 -08:00
J.C. Jones
6534c72e84 Bug 1104109 - December 2014 batch of EV root CA Changes. r=keeler 2014-11-24 16:36:00 +01:00
David Keeler
2f8b344d84 bug 1079436 - fix validThrough as returned by VerifyEncodedOCSPResponse r=briansmith 
validThrough should now be the time through which, if passed in as the given
time to validate an OCSP response at, VerifyEncodedOCSPResponse will still
consider it trustworthy. After that time, it will be expired. This makes it
so the OCSP cache compares validity period responses consistently with
mozilla::pkix.
 2014-11-21 10:43:43 -08:00
Chris Peterson
d1148c0fca Bug 1092710 - Fix -Wunused-const-variable warning-as-error in non-unified security/certverifier. r=keeler 
--HG--
extra : rebase_source : c13f7e565c8459263191f9bb16d4221b6f163443
 2014-11-01 12:14:41 -07:00
Brian Smith
8f74650db9 Reland Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : 3a5e3bc2e113035e9c88b571bac68f3dbe2c8f04
 2014-10-28 15:28:38 -07:00
Brian Smith
55f774a344 Back out cset 9b72d139e817 (Bug 1063281, Part 9) due to compatibility regressions on a CLOSED TREE, a=ryanvm 
--HG--
extra : rebase_source : cd9b43c3f66df3c5de337f2013fe61fae798b3ba
 2014-10-28 12:30:53 -07:00
Brian Smith
be86e7036f Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : 340eb682ba1f9dbd51652438433e7d0196494e1f
 2014-09-21 17:43:29 -07:00
Cykesiopka
63327b6ddd Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Cykesiopka
da52458817 Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Carsten "Tomcat" Book
99e8a2748c Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Carsten "Tomcat" Book
9679e704b6 Backed out changeset f5fa8ea86d3b (bug 622859) 2014-10-17 13:13:01 +02:00
Cykesiopka
da9e1d2029 Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Cykesiopka
501a609466 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
Camilo Viecco
3353899ecd Bug 787133 - (hpkp) Part 1/2. Header Parsing and interface within PSM. r=keeler, r=mcmanus 2014-09-03 10:24:12 -07:00
David Keeler
21d0ab6ab3 bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco 2014-09-25 11:18:56 -07:00
David Keeler
3e19283352 bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco 2014-09-25 11:08:36 -07:00
David Keeler
bc48dc5b1b bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc 2014-09-12 13:20:43 -07:00