Commit Graph

1633 Commits

Author SHA1 Message Date
Brian Smith
fdb83baba8 Bug 952874: Fix telemetry for RSA/DHE key sizes of 1025-1280 bits and fix misspelling, r=keeler 2014-01-18 17:59:24 -08:00
Brian Smith
a7de8dd058 Bug 950858: Make cipher suite telemetry code less crash-prone, r=keeler 2014-01-18 16:52:16 -08:00
Phil Ringnalda
09777cb478 Merge m-i to m-c 2014-01-18 15:17:10 -08:00
ffxbld
6cad0e7b51 No bug, Automated HSTS preload list update from host bld-linux64-ec2-438 - a=hsts-update 2014-01-18 03:20:19 -08:00
Brian Smith
9713f359fa Bug 960714: Make NPN and ALPN prefs dynamic, r=keeler, r=mcmanus
--HG--
extra : rebase_source : 42ff8c05b682e755d51ec79e2cb26db7cedd382f
2014-01-16 21:38:59 -08:00
David Keeler
a868e1c605 bug 960723 - fix failingOCSPResponder in test_ev_certs.js r=briansmith 2014-01-16 13:18:38 -08:00
Patrick McManus
eed1f67347 Bug 890994: ALPN support for Gecko, r=briansmith 2014-01-14 15:34:23 -05:00
Brian Smith
76194088fb Bug 958916: Update NSS to NSS 3.15.5 beta 2 (NSS_3_15_5_BETA2) plus private patch for bug 950129, CLOBBER, r=me
--HG--
extra : rebase_source : a0a28ba744ecf81510a4c5bec3a353e4fe275f5a
extra : amend_source : e8b89e0560fc75de5557b8e4543269363f417132
2014-01-16 13:18:55 -08:00
Wes Kocher
d73c5e3013 Backed out changeset 8526c7a38761 (bug 951354) for CPP unittest bustage 2014-01-17 17:50:17 -08:00
David Keeler
e5d8b74d4e bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings 2014-01-17 16:22:51 -08:00
Raymond Etornam Agbeame(:retornam)
374ffaece6 Bug 950169 - remove unused arguments for LogInvalidCertError r=keeler 2014-01-17 11:57:57 -08:00
David Keeler
9aca2e7e9a bug 950240 - don't do DV fallback for nsIIdentityInfo.isExtendedValidation r=briansmith 2014-01-17 11:04:09 -08:00
David Keeler
a421073e54 bug 947759 - unconditionally add Google sites to the HSTS preload list r=cviecco DONTBUILD NPOTB 2014-01-15 11:22:06 -08:00
David Keeler
d28656fb1a bug 959796 - refactor error reporting in getHSTSPreloadList.js r=cviecco DONTBUILD NPOTB 2014-01-15 11:20:55 -08:00
Brian Smith
8565c44c20 Bug 923304, Part 2: Adjust EV tests, r=keeler
--HG--
extra : rebase_source : f0cfd0089a99dddd8852e0613bc2a31e5c12b1de
2014-01-14 15:22:09 -08:00
Brian Smith
921c2d255a Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith
--HG--
extra : rebase_source : 7cafe0781563382c2221e865201beb023fea3628
2014-01-13 02:33:08 -08:00
Brian Smith
36ee5b6000 Bug 950129: Make OCSP fetching policy for OCSP response signing certificates consistent, r=wtc, r=rrelyea
--HG--
extra : rebase_source : 2369fcd80eb6ed5ec7e96657cdf8b43514c8357b
2014-01-12 23:13:10 -08:00
David Keeler
dc049e658e bug 957368 - standardize and simplify nsNSSShutDownObject implementations r=cviecco r=briansmith 2014-01-14 09:28:43 -08:00
Garrett Robinson
3ceb749a52 Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap 2014-01-02 11:14:06 -08:00
Brian Smith
4268442c28 Bug 957667: Decouple OCSP stapling pref from the OCSP fetching pref, and couple the OCSP required pref to the OCSP fetching pref, r=keeler
--HG--
extra : rebase_source : 86cb86f76f4def579fcf07e479025852849c34f8
extra : source : 08115711a4e6e77971c9e872fb6c68e88ac9693e
2014-01-08 08:51:06 -08:00
Brian Smith
225d0f3c9e Bug 959026: Add telemetry about cases where we don't do OCSP fetching when we expect to, r=keeler
--HG--
extra : rebase_source : f7e9826569325f497273a92eec5127c414baa8bc
extra : source : bb5bb5a1b571e54695a4c8d5be0cc447f29f0358
2014-01-12 19:31:40 -08:00
Ryan VanderMeulen
614d80980a Backed out changesets 1b892043a386 and 0e14b3468b94 (bug 923304) and changeset 2e2c276950b9 (bug 950129) for xpcshell failures. 2014-01-13 18:00:34 -05:00
Ryan VanderMeulen
4d0972315d Merge inbound to m-c. 2014-01-13 17:44:24 -05:00
Brian Smith
0d8a085890 Bug 923304, Part 2: Adjust EV tests, r=keeler
--HG--
extra : source : 97bf218ac3bb44e81074ca95877ca8b6414265b3
2013-12-28 11:28:49 -08:00
Brian Smith
a6fda06c4f Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith
--HG--
extra : source : e7afcba6743e40755d28a296b00c395392864657
2014-01-13 02:33:08 -08:00
Brian Smith
9e081845fc Bug 950129: Make OCSP fetching policy for OCSP response signing certificates consistent, r=wtc, r=rrelyea
--HG--
extra : source : 44afac41de6a81c1e4430afa10e6f2836599ecd8
2014-01-12 23:13:10 -08:00
Brian Smith
8642936ac2 Bug 958916: Update to NSS 3.15.5 beta 1 (NSS_3_15_5_BETA1), r=me
--HG--
extra : rebase_source : 19606540e96bd00b737bc9c5782f8c445e006189
2014-01-12 22:09:19 -08:00
Patrick McManus
fa1a932713 bug 951199 - Interface for Socket Level Access to TLS Version Used r=dkeeler r=bsmith 2013-10-09 17:21:48 -07:00
Nemina Amarasinghe
fe42b2da6d Bug 946075 - Remove extra space from ssl_error_bad_cert_domain error message contains in TransportSecurityInfo.cpp. r=dkeeler 2014-01-13 09:28:14 -05:00
Brian Smith
54577ca0b6 Bug 957665: Add telemetry to measure how many people have OCSP enabled, r=keeler
--HG--
extra : rebase_source : e6dd0d7d06ce0eb5b2f34a77a851dd7c0655ac3e
2014-01-08 08:59:53 -08:00
Jed Davis
81f5ace514 Bug 945330 - Reword and slightly improve sandbox violation log message. r=kang
The main goal is to have a message that unambiguously indicates a crash,
so mozharness can grep for it even if some of the details change later.

Also now includes the entire argument list; most syscalls don't use all
six, so the last few will be meaningless, but it can't hurt to log them.
2014-01-10 08:22:58 -05:00
David Keeler
af14c1e77c bug 950268 - fix leak in nsCertTree::GetDispInfoAtIndex r=cviecco 2014-01-09 10:02:08 -08:00
Phil Ringnalda
b1d0a82ada Back out 2e7e2de7b13e (bug 948574) for b2g mochitest crashes
CLOSED TREE
2014-01-07 21:10:23 -08:00
David Keeler
312c00712f bug 948574 - remote nsISiteSecurityService::IsSecureURI r=bz 2014-01-07 11:31:30 -08:00
Brian Smith
47f12dab81 Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 2014-01-06 14:45:35 -08:00
Brian Smith
34c79e6c63 Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 2014-01-06 14:41:04 -08:00
Wes Kocher
e58ffe9455 Backed out changeset 75e5396d0847 (bug 933109) for xpcshell bustage 2014-01-06 17:50:53 -08:00
Wes Kocher
f21b041b0f Backed out changeset b8f1b1cfc9e2 (bug 952876) 2014-01-06 17:50:23 -08:00
Brian Smith
e5e4f7555e Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler
--HG--
extra : rebase_source : d83e4b3681b36616441e6fd412969998a19eae4c
extra : amend_source : 475bff5dd333fb54729fdace0f295c6e026c5a18
2014-01-06 14:45:35 -08:00
Brian Smith
1bd1da9540 Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler
--HG--
extra : rebase_source : 4e73c5812e75adf053f2158a88a6a8e58307c9d7
2014-01-06 14:41:04 -08:00
David Keeler
15f6ba41c8 bug 951354 - nsNSSCertificateDB: call shutdown(calledFromObject) in destructor r=cviecco a=abillings 2013-12-19 11:45:50 -08:00
Brian Smith
94ac987daf Bug 898431: Update NSS to NSS 3.15.4 RTM (NSS_3_15_4_RTM), r=me 2014-01-06 14:31:01 -08:00
Ehsan Akhgari
ebd358dfd7 Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc
This patch was automatically generated by the following script:

#!/bin/bash
# Command to convert PRUnichar to char16_t

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*modules/libmar*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name prtypes.h \
       ! -name Char16.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert PRUnichar char16_t
2014-01-04 10:02:17 -05:00
ffxbld
1e84c8d649 No bug, Automated HSTS preload list update from host bld-linux64-ec2-441 - a=hsts-update 2014-01-04 03:20:04 -08:00
ffxbld
1b45db05aa No bug, Automated HSTS preload list update from host bld-linux64-ec2-018 - a=hsts-update 2013-12-28 03:23:00 -08:00
Brian Smith
e3fcf76058 Bug 898431: Update NSS to NSS 3.15.4 beta 10 (NSS_3_15_4_BETA10), r=me 2013-12-21 23:15:41 -08:00
ffxbld
4b0fae6f2f No bug, Automated HSTS preload list update from host bld-centos6-hp-016 - a=hsts-update 2013-12-21 03:14:20 -08:00
Wan-Teh Chang
d2b3e048e1 Bug 898431: Update NSS to NSS_3_15_4_BETA9. Includes the fixes for
bug 946147, bug 930874, bug 930857, bug 934545, bug 915408.
2013-12-20 12:01:06 -08:00
Gregory Szorc
158ed8b3ec Bug 774572 - Part 2: Define JAR_MANIFESTS in moz.build files; r=glandium
Every directory with a jar.mn now has JAR_MANIFESTS defined in its
moz.build file.

We also removed the may_skip special consideration of jar.mn files
because this information is now available during tier traversal by the
reader courtesy of the variables being present in moz.build files.

--HG--
extra : rebase_source : 21049b15e6bd9cf65b0805ccaccc4ba5aae93c98
extra : amend_source : 0b1ea866d725beef92d37c6f6d475369ac002e19
2013-12-10 16:18:11 +09:00
David Keeler
018e03fe74 bug 887321 - initial OCSP stapling telemetry r=briansmith 2013-12-16 09:32:16 -08:00