wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
220,728 Commits 1 Branch 166 Tags 1.2 GiB
2436fddb29
Commit Graph

2768 Commits

Author SHA1 Message Date
Daniel Holbert
33c7419e62 Bug 1114671: Use function pointer (instead of reference) in pkix/bind.h, for consistency & to fix -Wignored-qualifiers build warning for 'const'. r=briansmith 2014-12-22 13:04:36 -08:00
Brian Smith
e7cd1a4936 Bug 1107666, Part 2: Further fix for SSL_OCSP_STAPLING telemetry, r=keeler 
--HG--
extra : rebase_source : b2dbbd4eaa8aea019b40eddfc19fb8af20ef3a4c
 2014-12-20 07:03:57 -08:00
Carsten "Tomcat" Book
0b4b40c804 Backed out changeset 8fd0df8e208c (bug 423758) for bustage 2014-12-22 09:05:34 +01:00
J.C. Jones
2a55f8138d Bug 968451 - Document the exported functions exposed from mozilla::pkix (pkix/pkix.h). r=keeler 2014-12-19 12:25:00 +01:00
Andrew Bartlett
1b11a5e146 Bug 423758 - Add NTLMv2 to internal NTLM handler. r=keeler 
NTLMv2 is the default.

This adds a new preference:
network.ntlm.force-generic-ntlm-v1

This is to allow use of NTLMv1 in case issues are found in the NTLMv2
handler, or when contacting a server or backing DC that does not
support NTLMv2 for any reason.

To support this, we also:
 - Revert "Bug 1030426 - network.negotiate-auth.allow-insecure-ntlm-v1-https allows sending NTLMv1 credentials in plain to HTTP proxies, r=mcmanus"

 - Revert "Bug 1023748 - Allow NTLMv1 over SSL/TLS by default, r=jduell"

 - Remove LM code from internal NTLM handler

   The LM response should essentially never be sent, the last practical
   use case was CIFS connections to Windows 9X, I have never seen a web
   server that could only do LM

   It is removed before the NTLMv2 work is done so as to avoid having 3
   possible states here (LM, NTLM, NTLMv2) to control via preferences.

Developed with Garming Sam <garming@catalyst.net.nz>
 2014-12-18 17:25:00 +01:00
Phil Ringnalda
5015a7c40e Merge m-c to m-i 
--HG--
extra : rebase_source : 55a788f13c946c7110ca313969051c34f731637e
 2014-12-20 12:19:27 -08:00
ffxbld
2e74909c2f No bug, Automated HPKP preload list update from host bld-linux64-spot-115 - a=hpkp-update 2014-12-20 03:20:57 -08:00
ffxbld
bf0ab57a50 No bug, Automated HSTS preload list update from host bld-linux64-spot-115 - a=hsts-update 2014-12-20 03:20:56 -08:00
Michael Wu
14f46b1099 Bug 1103816 - Add support for gonk-L to android_stub.h, r=glandium 2014-12-16 21:35:09 -05:00
Blake Kaplan
0a4a7c82ef Bug 1113313 - Rename these functions to better reflect what they do. r=billm 
--HG--
extra : rebase_source : ae61b3dd6dd5ce50a131a640060d7be57e562e4d
 2014-12-19 12:07:04 -05:00
Brian Smith
aac41f8e45 Bug 1073867, Part 2: Remove now-unused DSA test certificates, r=keeler 
--HG--
extra : rebase_source : 150c65abc66a48f70bca6e2dca8727fa402505ea
 2014-12-15 20:49:42 -08:00
Brian Smith
1d6f6a61f9 Bug 1073867, Part 1: Remove DSS certificate support from mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 3bef46a794e53584fd35b7640a6f4c9aaea4acab
 2014-12-04 20:55:15 -08:00
Brian Smith
ee192894d6 Bug 1111399, Part 2: Implement RFC822 (email) name constraints, r=keeler 
--HG--
extra : rebase_source : 5905e247eee4d3562d741e6e9656dc4c40d821e4
 2014-12-20 08:15:35 -08:00
Brian Smith
0c55f197b8 Bug 1111399, Part 1: Preconditions for RFC822 name constraints, r=keeler 
--HG--
extra : rebase_source : cd20b448a6c77ba27c86cb3d8e6c121f92a2ba93
 2014-12-20 07:35:44 -08:00
Brian Smith
49557a456e Bug 1111398: Rename ValidDNSIDMatchType to IDRole, r=keeler 
--HG--
extra : rebase_source : a07e58b82a61db595711c0ab887bec70d4145888
 2014-12-13 22:29:58 -08:00
Brian Smith
202319530d Bug 1111397, Part 2: Remove test_bug484111.html, r=keeler 
--HG--
extra : rebase_source : 56617ea82e9028295203173d1ea5e6ccfdbf9722
 2014-12-14 21:51:26 -08:00
Brian Smith
5fdc768a51 Bug 1111397: Refactor error handling for name matching, r=keeler 
--HG--
extra : rebase_source : 7b1061874d7b6e02a158085c3a6580a7fc718bbe
 2014-12-13 17:05:46 -08:00
Ryan VanderMeulen
d2ebc2ac1b Merge inbound to m-c. a=merge 
CLOSED TREE
 2014-12-17 20:53:20 -05:00
Brian Smith
ab604352ec Bug 952863, Part 2: Remove dead code for non-ECDHE TLS False Start, r=keeler 
--HG--
extra : rebase_source : 47ee95682f769b8e10aaf55b0f4fccfef1fcdea0
 2014-12-10 10:13:18 -08:00
Nathan Froyd
a25f7bb7ef Bug 1112608 - use GENERATED_INCLUDES in security/manager/{boot,pki}/src/; r=mshal 
The sole use of Makefile.in in the security/manager/{boot,pki}/src/
directories is so we can add $(DIST)/public/nss to INCLUDES.
GENERATED_INCLUDES can be used to handle this case instead, at the cost
of hardcoding the path to $(DIST).  This seems reasonable enough, since
a number of moz.build files already know about dist/ and its location
within the objdir.
 2014-12-17 11:02:19 -05:00
Kai-Zhen Li
5e505281df bug 1102277 - Update seccomp filter for newer bionic. r=jld 2014-11-21 01:07:15 +08:00
Brian Smith
c2c84b2d85 Bug 1111392: Add tests for malformed name constraints where there are no names of the constrained type, r=keeler 
--HG--
extra : rebase_source : 048619553c7725eee1cb73df64faae8c8890c995
 2014-10-30 16:48:31 -07:00
Brian Smith
711e0958fb Bug 952863, Part 1: Require ECDHE for TLS False Start, r=keeler 
--HG--
extra : rebase_source : d983e440de5be7c097a3e0f4afe0de805c540919
 2014-12-12 11:39:01 -08:00
Masatoshi Kimura
7e7387fa88 Bug 1092835 - Log usage of weak ciphers in the console. r=keeler,mcmanus 2014-12-13 20:09:01 +09:00
Brian Smith
16e97557a6 Bug 1084025, Part 3: Clean up some bits, r=keeler, r=emk 
--HG--
extra : rebase_source : 7aa1de4e9c391bf3e3cd5df79c62fff4546a8c67
 2014-12-12 16:42:41 -08:00
Brian Smith
746ee1cc1d Bug 1107666: Fix OCSP stapling telemetry (SSL_OCSP_STAPLING), r=keeler 
--HG--
extra : rebase_source : 926f091b2a361d7dce30bee918d6659259f1b3e4
 2014-12-11 23:22:35 -08:00
David Keeler
f43341290a bug 1108408 - GeneralName types such as otherName where the value is a SEQUENCE should have the CONSTRUCTED bit set r=briansmith 2014-12-08 13:39:19 -08:00
Monica Chew
43d32595f5 Bug 1101969: Disable pinning on media.mozilla.com (r=keeler) 2014-12-12 09:10:57 -08:00
Monica Chew
28d916edec Bug 1004781: Enable pinning for facebook in production mode (r=keeler) 2014-12-12 09:10:53 -08:00
Brian Smith
5fc13799a4 Bug 940787: Stop requiring ALPN/NPN for False Start, r=keeler 
--HG--
extra : rebase_source : f8946e1fc631f2458807a559104a1dca01f444ac
 2014-12-10 10:50:48 -08:00
Brian Smith
a0b84fea0a Bug 1109766: Require AES-GCM for TLS False Start, r=keeler 
--HG--
extra : rebase_source : 8370c628863e644131ed1fbe6b8e49b5dc1215dc
 2014-12-10 10:19:00 -08:00
Brian Smith
5c47242dce Bug 861310: Require TLS 1.2 for TLS False Start, r=keeler 
--HG--
extra : rebase_source : d4bb253a84270c84acdf7ed4f84bc0186231e521
 2014-12-10 10:04:45 -08:00
Cykesiopka
7dea3f8ad2 Bug 1109252 - Make remaining PSM test cert generation scripts print out cert information as necessary. r=keeler 2014-12-10 21:32:00 +01:00
Jed Davis
11b93c27db Bug 1093334 - Delete unnecessary copies of Chromium headers in security/sandbox/linux. r=kang 2014-12-10 17:26:12 -08:00
Jed Davis
95e992685b Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang 
Also re-sorts some of the includes into something closer to the style guide.
 2014-12-10 17:26:12 -08:00
Jed Davis
4424491b98 Bug 1093334 - Import more headers from Chromium rev 9522fad406dd161400daa518075828e47bd47f60. r=kang 2014-12-10 17:26:12 -08:00
Jed Davis
5748fc5814 Bug 1102209 - Remove use of CodeGen::JoinInstructions in the Linux sandboxing code. r=kang 
This reorganizes SandboxAssembler to stack up the policy rules and
traverse them in reverse order to build the filter DAG from tail to head
(i.e., starting with "deny all" and prepending allow and return-errno
rules).  Thus, this code will continue to work (perhaps with minor
changes, such as to the NodePtr typedef) with future versions of the
Chromium sandbox code that don't allow mutating the filter program with
the JoinInstructions method.
 2014-12-10 17:26:12 -08:00
Jed Davis
fa76014b99 Bug 1108759 - Fix B2G no-optimization builds. r=glandium 2014-12-10 16:17:47 -08:00
Cykesiopka
e5ba430e1c Bug 1109245 - Modify test_keysize_ev.js to run on B2G. r=dkeeler 2014-12-09 12:07:00 -05:00
Cykesiopka
e0e9311fed Bug 978426 - Re-enable test_sts_preloadlist_perwindowpb.js on B2G. r=dkeeler 2014-12-09 11:37:00 +01:00
Brian Smith
5c002c8cf0 Bug 1107791 Remove support for unusual wildcard names in certificates, r=keeler 
--HG--
extra : rebase_source : bd142d2e85059a0d0fd36325242553e94a7d4377
 2014-12-04 17:12:09 -08:00
Brian Smith
1f021d1dc2 Bug 1107790: Remove support for absolute hostnames in presented DNS IDs and name constraints, r=keeler 
--HG--
extra : rebase_source : cf402f902196e729026d713cd6d62f5c3b889a12
 2014-12-08 16:42:54 -08:00
Brian Smith
182ca6d6e1 Bug 1107787: Disable TLS_DHE_DSS_WITH_AES_128_CBC_SHA, r=keeler 
--HG--
extra : rebase_source : 063d859c69adc8deba9d1842f4bd42a9b862bbe5
 2014-12-04 19:50:58 -08:00
Brian Smith
df0494a7e3 Bug 1037098: Remove preferences for cipher suites disabled in bug 1036765, r=keeler 
--HG--
extra : rebase_source : b033bea062c8cafecd93830fa54f4cf184fa28df
 2014-12-04 19:47:17 -08:00
Brian Smith
2493786334 Bug 1107946: Fixed unused variable warnings in pkixnames_tests.cpp, r=keeler 
--HG--
extra : rebase_source : 23d20e91c8b408363acab7c6d4d67a86d2293dff
 2014-12-05 12:14:49 -08:00
Ryan VanderMeulen
dc8568d63a Backed out changesets fb903f13f215, 9c5c712698e4, and 36d257ead3da (bug 1092835) for causing test_csp_allow_https_schemes.html permafail on Android 2.3. 
CLOSED TREE
 2014-12-09 14:00:47 -05:00
Masatoshi Kimura
605569f981 Bug 1092835 - Log usage of weak ciphers in the console. r=keeler,mcmanus 2014-12-10 00:54:06 +09:00
Masatoshi Kimura
152424e082 Bug 1093724 - Add a range check to the TLS version prefs loading code. r=keeler 2014-12-09 21:48:29 +09:00
Masatoshi Kimura
587906641b Bug 1084025 - Add telemetry to measure failures due to not falling back. r=keeler 2014-12-09 07:19:05 +09:00
Ryan VanderMeulen
be6607416e Merge inbound to m-c. a=merge 2014-12-08 15:46:14 -05:00