Eric Rahm
f2c51f1dd9
Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj
2015-06-03 15:22:35 -07:00
Eric Rahm
243447023a
Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj
...
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
2015-06-03 15:22:30 -07:00
Eric Rahm
f3d0db1203
Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
2015-06-03 15:22:28 -07:00
Cykesiopka
9979e1c6c3
Bug 1169195 - Convert test_bug644006.html mochitest to an xpcshell test. r=keeler
2015-06-02 22:49:00 -04:00
Bob Owen
e417ad7bcb
Bug 1166669: Enable process-level mitigations for the Windows content process sandbox. r=tabraldes
2015-06-03 09:13:00 +01:00
Nicholas Nethercote
265569e6b8
Bug 1170416 (part 3) - Remove the PLDHashTable2 typedef. r=froydnj.
2015-05-19 16:46:17 -07:00
Mike Hommey
19e738456b
Bug 1170431 - Pass buildid as input to pycert.py. r=gps
2015-06-03 07:10:25 +09:00
Mike Hommey
1d1000b55e
Bug 1170431 part 0 - Use the *Path classes for GENERATED_FILES scripts and inputs. r=gps
2015-06-03 07:10:12 +09:00
Carsten "Tomcat" Book
e2f82674b8
Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures
...
Backed out changeset d68dcf2ef372 (bug 1165515)
Backed out changeset 7c3b45a47811 (bug 1165515)
Backed out changeset b668b617bef2 (bug 1165515)
Backed out changeset d0916e1283a2 (bug 1165515)
Backed out changeset ac4dc7489942 (bug 1165515)
Backed out changeset e9632ce8bc65 (bug 1165515)
Backed out changeset c16d215cc7e4 (bug 1165515)
Backed out changeset e4d474f3c51a (bug 1165515)
Backed out changeset d87680bf9f7c (bug 1165515)
Backed out changeset b3c0a45ba99e (bug 1165515)
Backed out changeset 9370fa197674 (bug 1165515)
Backed out changeset 50970d668ca1 (bug 1165515)
Backed out changeset ffa4eb6d24b9 (bug 1165515)
Backed out changeset 5fcf1203cc1d (bug 1165515)
2015-06-02 13:05:56 +02:00
Eric Rahm
18bd3de863
Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
...
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
PR_LOG_ERROR -> LogLevel::Error
PR_LOG_WARNING -> LogLevel::Warning
PR_LOG_WARN -> LogLevel::Warning
PR_LOG_INFO -> LogLevel::Info
PR_LOG_DEBUG -> LogLevel::Debug
PR_LOG_NOTICE -> LogLevel::Debug
PR_LOG_VERBOSE -> LogLevel::Verbose
Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.
Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
2015-06-01 22:17:33 -07:00
Eric Rahm
99ffec18c4
Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj
2015-06-01 22:17:26 -07:00
Eric Rahm
ef5ac6fa3d
Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj
...
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
2015-06-01 22:17:21 -07:00
Eric Rahm
dca9287933
Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
2015-06-01 22:17:19 -07:00
Wes Kocher
bd796581dc
Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE
...
Backed out changeset 9b97e2aa2ed9 (bug 1165515)
Backed out changeset 150606c022a2 (bug 1165515)
Backed out changeset 4e875a488349 (bug 1165515)
Backed out changeset 467e7feeb546 (bug 1165515)
Backed out changeset d6b6cc373197 (bug 1165515)
Backed out changeset 0615265b593c (bug 1165515)
Backed out changeset fafd1dce9f08 (bug 1165515)
Backed out changeset d1df869245f9 (bug 1165515)
Backed out changeset 6876a7c63611 (bug 1165515)
Backed out changeset b7841c94a9a3 (bug 1165515)
Backed out changeset e5e3617f7c73 (bug 1165515)
Backed out changeset 39be3db95978 (bug 1165515)
Backed out changeset 0ec74176f8de (bug 1165515)
Backed out changeset 5b928dd10d71 (bug 1165515)
2015-06-01 17:57:58 -07:00
Eric Rahm
ae32743ed2
Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
...
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
PR_LOG_ERROR -> LogLevel::Error
PR_LOG_WARNING -> LogLevel::Warning
PR_LOG_WARN -> LogLevel::Warning
PR_LOG_INFO -> LogLevel::Info
PR_LOG_DEBUG -> LogLevel::Debug
PR_LOG_NOTICE -> LogLevel::Debug
PR_LOG_VERBOSE -> LogLevel::Verbose
Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.
Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
2015-06-01 14:31:01 -07:00
Eric Rahm
d27d4cb5f1
Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj
2015-06-01 14:31:00 -07:00
Eric Rahm
db180ff7c4
Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj
...
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
2015-06-01 14:31:00 -07:00
Eric Rahm
aa2c33e0cf
Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
2015-06-01 14:31:00 -07:00
Carsten "Tomcat" Book
df0827d499
Merge mozilla-central to mozilla-inbound
2015-06-01 15:19:42 +02:00
Carsten "Tomcat" Book
881576a1b1
merge mozilla-inbound to mozilla-central a=merge
2015-06-01 15:00:24 +02:00
ffxbld
08fe550e78
No bug, Automated HPKP preload list update from host bld-linux64-spot-534 - a=hpkp-update
2015-05-30 03:26:59 -07:00
ffxbld
e5e1a5ba65
No bug, Automated HSTS preload list update from host bld-linux64-spot-534 - a=hsts-update
2015-05-30 03:26:57 -07:00
Cykesiopka
9f547d3c89
Bug 1169530 - Add l10n string for SSL_ERROR_WEAK_SERVER_CERT_KEY. r=dkeeler
...
Also removes the strings for the SSL_ERROR_UNUSED_5 and SSL_ERROR_UNUSED_10 errors.
2015-05-28 22:50:00 +02:00
Bob Owen
4eddb939fd
Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg
2015-05-22 17:05:45 +01:00
David Keeler
91a9bcaf77
bug 1166976 - generate some PSM xpcshell test certificates at build time r=Cykesiopka,mgoodwin,froydnj
2015-05-20 16:35:16 -07:00
Ryan VanderMeulen
c6c4e6486b
Bug 1166031 - Update NSS to NSS_3_19_1_RTM. a=sledru
2015-05-28 14:14:52 -04:00
Nicholas Nethercote
0e7edc78fc
Bug 1168007 (part 7) - Use PLDHashTable2 in nsCertTree. r=froydnj.
...
It's possible that Clear() will be called on a table that hasn't had anything
inserted in it, but that's ok.
2015-05-18 21:14:51 -07:00
Nicholas Nethercote
385887714d
Bug 1168007 (part 6) - Use PLDHashTable2 in nsSecureBrowserUIImpl. r=froydnj.
2015-05-18 21:02:48 -07:00
Cykesiopka
5aa3c9df74
Bug 1168695 - Add result strings to PSM xpcshell HPKP tests. r=keeler
2015-05-28 02:26:00 +02:00
Cykesiopka
f21804994b
Bug 1167254 - Convert test_bug234856.html mochitest to an xpcshell test. r=keeler
2015-05-28 02:22:00 +02:00
Makoto Kato
edc1420150
Bug 1166323 - Remove IME sequence number. r=masayuki,nchen
2015-05-28 13:51:40 +09:00
Birunthan Mohanathas
b71747de61
Bug 1164714 - Fix unified compilation bustage on Windows. r=me
...
CLOSED TREE
2015-05-27 19:37:09 -07:00
Birunthan Mohanathas
2e77719e3d
Bug 1164714 - Move netwerk/base/nsISiteSecurityService.idl into security/manager/ssl. r=keeler,mcmanus
2015-05-26 10:31:30 -07:00
Birunthan Mohanathas
37d96edab0
Bug 1164714 - Move and flatten security/manager/boot/{public,src}/ into security/manager/ssl/. r=keeler
2015-05-26 10:31:25 -07:00
Birunthan Mohanathas
a7011ffde2
Bug 1164714 - Flatten security/manager/ssl/src/ directory. r=keeler
2015-05-26 10:31:23 -07:00
Birunthan Mohanathas
2befc8e59a
Bug 1164714 - Flatten security/manager/ssl/public/ directory. r=keeler
2015-05-26 10:30:46 -07:00
Mike Hommey
2c863b9fe4
Bug 991983 - Define SOURCES as SourcePath. r=gps
2015-05-28 07:34:15 +09:00
Kaspar Brand
d8d1910516
Bug 1168048 - Avoid potential null-pointer dereferencing in nsNSSCertificateDB r=keeler
2015-05-27 14:12:26 -07:00
Cykesiopka
6cc0362091
Bug 1167866 - Add result strings to PSM test_cert* xpcshell tests. r=keeler
2015-05-23 19:57:32 -07:00
Phil Ringnalda
199f7ab4ef
Merge m-i to m-c, a=merge
2015-05-23 13:31:21 -07:00
ffxbld
d0c500bd71
No bug, Automated HPKP preload list update from host bld-linux64-spot-023 - a=hpkp-update
2015-05-23 03:32:23 -07:00
ffxbld
4a12cdd4e2
No bug, Automated HSTS preload list update from host bld-linux64-spot-023 - a=hsts-update
2015-05-23 03:32:21 -07:00
Makoto Kato
d62075c412
Bug 958421 - XUL dialog for certificate is security/manager/pki/resouces is unnecessary on Firefox Android. r=snorp
2015-05-22 14:28:04 +09:00
Nathan Froyd
f61c010661
Bug 1160485 - remove implicit conversion from RefPtr<T> to TemporaryRef<T>; r=ehsan
...
Having this implicit conversion means that we can silently do extra
refcounting when it's completely unnecessary. It's also an obstacle to
making RefPtr more nsRefPtr-like, so let's get rid of it.
2015-05-01 09:14:16 -04:00
Tim Taubert
66b896c92f
Bug 1060112 - Don't treat OCSP responses omitting the requested certificate status as "unknown certificate" responses blocking the connection r=keeler
2015-05-21 13:39:34 -04:00
Eric Rahm
ccf1ec07c6
Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj
2015-05-21 13:22:04 -07:00
Nicholas Nethercote
5990994dda
Bug 1166586 (part 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
...
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
2015-05-04 22:59:24 -07:00
Ryan VanderMeulen
995bebec24
Backed out changeset 38ff380719e4 (bug 1166031) for test_WebCrypto_DH.html failures.
2015-05-20 22:05:15 -04:00
Ryan VanderMeulen
224bdbec3e
Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt
2015-05-20 21:06:06 -04:00
David Keeler
0f00f328f3
Bug 1166031 - Update PSM xpcshell small RSA key test to reflect new error. r=Cykesiopka
...
Previously NSS would accept smaller RSA key sizes than PSM would in TLS handshakes. Now that the limit is the same, NSS handles the handshake termination with a different error code before PSM can make its own policy decision.
2015-05-21 12:57:03 -07:00
Ryan VanderMeulen
b1647b5e41
Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt
2015-05-20 21:06:06 -04:00
Cykesiopka
06e1f43ea2
Bug 1166078 - Clean up and add expected result strings to test_hmac.js. r=keeler
2015-05-18 15:22:54 -07:00
Birunthan Mohanathas
9f65019493
Bug 1164714 - Flatten security/manager/pki/src/ directory. r=keeler
2015-05-19 10:47:42 -07:00
Birunthan Mohanathas
e9750de36b
Bug 1164714 - Flatten security/manager/pki/public/ directory. r=keeler
2015-05-19 10:47:38 -07:00
Eric Rahm
c5e63515bf
Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj
2015-05-19 11:15:34 -07:00
David Keeler
af988c6fc0
bug 1165911 - do more safety checks when gathering successful TLS connection telemetry r=Cykesiopka
2015-05-18 10:37:38 -07:00
Nicholas Nethercote
35fffb1333
Back out a1f7ae44c7bb (bug 1164373) for causing intermittent test failures.
2015-05-18 19:00:54 -07:00
Carsten "Tomcat" Book
e5535efc49
merge mozilla-inbound to mozilla-central a=merge
2015-05-18 13:43:01 +02:00
cedric
b48a2260ab
Bug 1152842 - Remove legacy Download Manager support from test_bug383369.html. r=paolo
2015-05-11 17:43:15 -07:00
Richard Barnes
84216a7c40
Backed out changeset fe10feec1ede because of OCSP test failures
2015-05-16 16:38:34 -04:00
Richard Barnes
6384ecbf90
Bug 1010068
- Disable OCSP for DV certificates in Firefox for Android r=keeler
2015-05-15 16:17:47 -04:00
Phil Ringnalda
01393a8965
Merge m-c to m-i
2015-05-16 09:49:14 -07:00
Phil Ringnalda
66b8e8f803
Merge m-i to m-c, a=merge
2015-05-16 08:50:37 -07:00
ffxbld
fb722a1b1e
No bug, Automated HPKP preload list update from host bld-linux64-spot-152 - a=hpkp-update
2015-05-16 03:30:30 -07:00
ffxbld
4aece5ec95
No bug, Automated HSTS preload list update from host bld-linux64-spot-152 - a=hsts-update
2015-05-16 03:30:28 -07:00
Neil Rashbrook
441960eebc
Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan
2015-05-16 09:07:10 +01:00
Nicholas Nethercote
0addd071a9
Back out all four patches from bug 1161377. r=me.
...
Due to Android startup regressions (bug 1163066) and plugin crashes (bug
1165155).
2015-05-14 21:48:43 -07:00
Wes Kocher
484229a7ff
Backed out changeset 17cfad44e12b (bug 1155963) for breaking b2g builds
2015-05-14 16:35:18 -07:00
Jed Davis
22bcabd0af
Bug 1162965 - Use /dev/shm instead of /tmp for sandbox chroot if possible. r=kang
2015-05-14 16:19:08 -07:00
Neil Rashbrook
5b5c002aaf
Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan
2015-05-15 00:00:33 +01:00
Cykesiopka
d7bf2e4a0b
Bug 1164409 - Reduce PSM xpcshell script code duplication. r=keeler
2015-05-15 02:28:00 -04:00
David Keeler
77060a5e28
bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
2015-04-06 16:10:28 -07:00
Nicholas Nethercote
8d5e9cca79
Bug 1164373 - Remove two static constructors involving PR_NewLogModule(). r=froydnj.
2015-05-13 18:02:56 -07:00
Nicholas Nethercote
37a9035e51
Bug 1161377 (part 3, attempt 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
2015-05-12 17:33:26 -07:00
David Major
68b0dee7c5
Bug 1149718: Fix wow_helper lib path for VS2015. r=glandium
2015-05-12 18:20:28 -04:00
David Keeler
8924191348
bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka
2015-05-07 11:06:07 -07:00
Cykesiopka
8f0e75f3c3
Bug 1163358 - Add "psm" tag to PSM xpcshell and mochitest manifests. r=dkeeler
2015-05-09 18:21:00 +02:00
Mike Hommey
ec07b959e5
Bug 1043692 - Add a DIST_INSTALL variable to moz.build, and replace NO_DIST_INSTALL with it. r=gps
2015-05-12 07:55:21 +09:00
Bob Owen
6bab3a7af4
Bug 1146874 Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes
2015-05-11 08:24:39 +01:00
Nicholas Nethercote
bdb7128dd1
Backout c375efe78e07 (bug 1161377 part 3) for (probably) increasing the static constructor count and regressing Fennec start-up time. r=me.
2015-05-10 22:16:18 -07:00
Phil Ringnalda
cd38d9b5e8
Merge m-c to m-c, a=merge
2015-05-09 14:16:58 -07:00
ffxbld
ab2219f9d0
No bug, Automated HPKP preload list update from host bld-linux64-spot-270 - a=hpkp-update
2015-05-09 03:31:59 -07:00
ffxbld
b463f10047
No bug, Automated HSTS preload list update from host bld-linux64-spot-270 - a=hsts-update
2015-05-09 03:31:58 -07:00
Wes Kocher
fa0da51ac6
Merge fx-team to m-c a=merge
2015-05-08 10:29:41 -07:00
Eric Rahm
c0f39382bd
Bug 1162691 - Part 2: Wrap expensive calls in PR_LOG_TEST. r=froydnj
...
Check that logging is enabled before performing potentially expensive
operations.
2015-05-08 14:36:34 -07:00
Eric Rahm
3c0f5bf63e
Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj
...
PR_LOGGING is now always defined, we can remove #ifdefs checking for it.
2015-05-08 14:36:33 -07:00
Daniel Veditz
3bab854bdd
Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler
2015-05-05 20:21:00 +02:00
Bob Owen
46c30cdbd5
Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes
2015-05-06 10:11:56 +01:00
L. David Baron
ffb6e08be2
Back out changeset a02ea85607a2 (bug 1038072) for widespread test failures (at least Linux, Android, and Mulet), on a CLOSED TREE.
2015-05-06 09:58:55 +02:00
Daniel Veditz
d2b1ef4d0e
Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler
2015-05-05 20:21:00 +02:00
Nicholas Nethercote
02e9b810da
Bug 1161377 (part 3) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj.
...
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
2015-05-04 22:59:24 -07:00
Mark Goodwin
de6b7028f1
Bug 1128607 - Test the freshness check for OneCRL (r=keeler)
2015-05-07 18:54:07 +01:00
Mark Goodwin
9e5913dddb
Bug 1128607 - Add freshness check for OneCRL (r=keeler)
2015-05-07 18:54:05 +01:00
Patrick McManus
726e9673d3
bug 1153212 - 2/2 Necko explicitly track origin vs routed host and give psm only origin r=dkeeler r=hurley IGNORE IDL
...
Allow necko to simultaneously track the dual concept of routed host
and origin (authenticated host). The origin is given to the socket
provider and the routed host is inserted at DNS lookup time as if it
were a SRV or CNAME.
2015-04-09 11:31:59 -04:00
Patrick McManus
a2982caa07
bug 1153212 - 1/2 revert 90d6a38931fa to make room for better fix r=backout
2015-05-07 13:16:26 -04:00
Kai Engert
8ea2fcf08e
Bug 1144055
, Upgrade Firefox to use NSS 3.19, landing NSS_3_19_RTM
2015-05-04 21:34:38 +02:00
Cykesiopka
fa466bc83d
Bug 1153446 - Replace instances of double spacing with single spacing in nsserrors.properties. r=dkeeler
2015-05-01 02:40:00 +02:00
Phil Ringnalda
48398662cf
Merge m-i to m-c, a=merge
2015-05-02 10:02:17 -07:00
ffxbld
904d847525
No bug, Automated HPKP preload list update from host bld-linux64-spot-137 - a=hpkp-update
2015-05-02 03:30:49 -07:00
ffxbld
9a9af4a556
No bug, Automated HSTS preload list update from host bld-linux64-spot-137 - a=hsts-update
2015-05-02 03:30:48 -07:00
Mike Hommey
b673a97a25
Bug 1134923 - Remove NS_Alloc/NS_Realloc/NS_Free. r=nfroyd
...
They are kept around for the sake of the standalone glue, which is used
for e.g. webapprt, which doesn't have direct access to jemalloc, and thus
still needs a wrapper to go through the xpcom function list and get to
jemalloc from there.
2015-05-01 09:40:30 +09:00
Nicholas Nethercote
29a54c9b3b
Bug 1159972 - Remove the fallible version of PL_DHashTableInit(). r=froydnj.
...
It's no longer needed now that entry storage isn't allocated there. (The other
possible causes of failures in that function are less interesting and simply
crashing is a reasonable thing to do for them.)
This also makes PL_DNewHashTable() infallible, so I removed some
now-unnecessary checks of its result.
2015-04-29 16:38:29 -07:00
Bob Owen
0693a1dc83
Bug 1150515: Set the subsystem to WINDOWS,5.02 for wow_helper so that it runs on WinXP 64-bit. r=glandium
2015-04-30 09:48:03 +01:00
Masatoshi Kimura
931590121a
Bug 1145844 - Update fallback whitelist. r=keeler
2015-04-29 13:48:53 +09:00
Andrew Bartlett
0b2e75f4be
Bug 734229 - Partially address by refusing to re-negotiate on NTLM. r=mayhemer, r=keeler
...
Now only one NTLM Negotiate packet will be sent per connection, rather
than again after a failed authentication. The problem situation is
triggered due to failed Negotiate authentication, and is probably more
complex.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
2014-11-28 11:34:06 +13:00
David Major
c92c020b89
Bug 1157835: Remove the MSVC_ENABLE_PGO flag from the build system. r=glandium
2015-04-27 19:59:27 -04:00
Carsten "Tomcat" Book
3923c05342
merge fx-team to mozilla-central a=merge
2015-04-27 12:34:03 +02:00
Carsten "Tomcat" Book
18a440fd0e
merge mozilla-inbound to mozilla-central a=merge
2015-04-27 12:00:14 +02:00
ffxbld
bbd9aed0be
No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update
2015-04-25 03:32:33 -07:00
ffxbld
9fd30e6020
No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update
2015-04-25 03:32:31 -07:00
Jed Davis
8f10995d7b
Bug 1154184 - Don't use Linux sandbox gtest dir if not building tests. r=gps
2015-04-24 17:36:08 -07:00
Dave Townsend
80ce794097
Bug 1038068: Check add-on signatures and refuse to install unsigned or broken add-ons (preffed off for now). r=dveditz
2015-03-31 11:32:40 -07:00
Carsten "Tomcat" Book
1a74144837
merge mozilla-inbound to mozilla-central a=merge
2015-04-24 14:37:13 +02:00
Richard Barnes
20b75325f3
Bug 1121982 - Update PSM to use NSS name constraints
2015-04-23 20:26:29 -04:00
Fabrice Desré
854266d52c
Bug 1144600 - Don't crash when submitting <keygen> on b2g r=dkeeler
2015-04-23 13:35:49 -07:00
Blake Kaplan
1047b7458f
Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
2015-04-22 12:55:23 -07:00
Steven Michaud
2bb57bcd7a
Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald
2015-04-22 14:56:09 -05:00
David Keeler
f9b93560f0
bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes
...
Also remove certificates where notBefore is on or after 1 April 2015.
2015-04-21 16:07:33 -07:00
Nathan Toone
1b81ed134e
Bug 1124076 followup - fix the build when PR_LOGGING is not defined. r=mrbkap
2015-04-23 13:24:57 -07:00
David Keeler
7783f33c8b
bug 1081128 - test_pinning.js takes ~300 seconds on b2g debug emulator - request a longer timeout for it r=Cykesiopka
2015-04-22 11:06:36 -07:00
Kai Engert
d7a44b34ec
Bug 1144055
- Upgrade Firefox 39 to use NSS 3.19, r=nss-confcall
2015-04-23 21:16:20 +02:00
Francois Marier
29cbc60a12
Bug 1147212 - Add support for goog-unwanted-shavar. r=gcp,r=matej,r=smaug
2015-04-22 21:01:37 +12:00
Carsten "Tomcat" Book
407c282220
Backed out changeset 7f3cf84c11a9 (bug 1124076) for bustage on a CLOSED TREE
2015-04-22 13:44:23 +02:00
Blake Kaplan
87c47ee4e8
Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler
2015-04-21 14:56:00 +02:00
Ehsan Akhgari
d278570d19
Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel
...
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
2015-04-21 21:40:49 -04:00
André Reinald
12017521df
Bug 1150765 - Add sandbox rules to allow hardware rendering of OpenGL on Mac. r=smichaud
2015-04-21 11:17:16 +02:00
Patrick McManus
d428323d51
bug 1153212 - Alt-Svc Fixes r=dkeeler r=hurley
2015-04-13 17:11:59 -04:00
Kai Engert
ce1263979f
Bug 1144055
, Upgrade Firefox 39 to use NSS 3.19, NSS_3_19_BETA4 to pick up bug 1155279
2015-04-20 21:46:19 +02:00
Phil Ringnalda
842c8df579
Merge m-i to m-c, a=merge
2015-04-18 16:36:32 -07:00
ffxbld
a3972bfdfc
No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update
2015-04-18 03:29:47 -07:00
ffxbld
09e813d086
No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update
2015-04-18 03:29:45 -07:00
David Keeler
3ba6c83d36
bug 1150114 - allow PrintableString to match UTF8String in name constraints checking r=briansmith
2015-04-08 16:17:39 -07:00
Kai Engert
85b84c3c46
Bug 1144055
- Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall
2015-04-17 13:49:43 +02:00
Neil Deakin
dd30a1f3eb
Bug 1153248, re-enable a bunch of tests that now work with e10s, r=billm
2015-04-16 15:38:12 -04:00
David Keeler
5f4152c364
bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes
2015-04-07 17:29:05 -07:00
Kai Engert
b5518439bf
Bug 1144055
- Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA3, r=nss-confcall
2015-04-17 18:43:30 +02:00
David Keeler
34e15cf320
bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past
2015-03-25 11:04:49 -07:00
Brian Smith
0d03a12ce8
Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler
2015-04-14 05:33:03 -10:00
Brian Smith
d853e2e6d1
Bug 1154399 - Part 3: Simplify OptionalExtensions. r=keeler
...
We used to avoid using Nested and NestedOf because they were based on
bind and it was difficult to maintain our std::bind polyfill. Now that
we use lambdas, it is easy to use Nested and NestedOf, so we should do
so wherever it makes the code clearer.
2015-04-14 05:32:46 -10:00
Brian Smith
a710d38eed
Bug 1154399 - Part 2: Simplify and un-inline OptionalVersion. r=keeler
...
Also fixes the wrong comment. The syntax for version in OCSP and X.509
certs is identical.
2015-04-14 05:32:29 -10:00
Brian Smith
debda06173
Bug 1154399 - Part 1: De-templatize and un-inline IntegralValue. r=keeler
2015-04-14 05:06:41 -10:00
Nathan Froyd
a9747433e3
Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler
...
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase. For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
2015-02-27 12:50:49 -05:00
Mike Hommey
bb5d54f699
Bug 1153114 - Remove anonymous namespace around pkix gtests. r=bsmith
...
This avoids -Wunused-variable fatal warnings with GCC 5.0
2015-04-15 09:21:23 +09:00
Landry Breuil
13c5620ed7
Bug 1153090 followup - consistently use sizeof(hash) r=dkeeler
2015-04-14 22:19:18 +02:00
Landry Breuil
3022662159
Bug 1153090 - Unaligned access in cert block list (r=keeler)
2015-04-14 21:19:52 +02:00
Jan Beich
15f244431a
Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith
2015-04-14 14:30:09 +02:00
Brian Smith
168218d0b3
Bug 1153738: Make ScopedPtr a minimal proper subset of std::unique_ptr, r=keeler
...
Remove all features of ScopedPtr that aren't in std::unique_ptr, and
remove all currently-unused features of ScopedPtr. In particular,
replace |operator=(T*)| with |reset(T* p = nullptr)| and make
|operator bool| explicit.
2015-04-13 00:28:11 -10:00
Brian Smith
27c206b435
Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
2015-04-12 19:57:48 -10:00
Carsten "Tomcat" Book
94670e1674
merge mozilla-inbound to mozilla-central a=merge
2015-04-13 12:00:00 +02:00
ffxbld
a5ae47a99d
No bug, Automated HPKP preload list update from host bld-linux64-spot-009 - a=hpkp-update
2015-04-11 03:29:55 -07:00
ffxbld
f89f580ff8
No bug, Automated HSTS preload list update from host bld-linux64-spot-009 - a=hsts-update
2015-04-11 03:29:53 -07:00
Jed Davis
bd4374a0cc
Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang
...
This needs more unit tests for the various pieces of what's going on
here (LinuxCapabilities, SandboxChroot, UnshareUserNamespace()) but
that's nontrivial due to needing a single-threaded process -- and
currently they can't be run on Mozilla's CI anyway due to needing user
namespaces, and local testing can just try using GMP and manually
inspecting the child process. So that will be a followup.
2015-04-10 18:05:19 -07:00
Jed Davis
a25b210578
Bug 1151607 - Step 1.5: Avoid unlikely false positives in Linux SandboxInfo feature detection. r=kang
...
Using the equivalent of release assertions in the patch after this one
is easier to justify if I can't come up with vaguely legitimate reasons
why they might fail; this detects the ones I thought of.
2015-04-10 18:05:19 -07:00
Jed Davis
4bcdc2879f
Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent
...
This means that B2G plugin-container must (dynamically) link against
libmozsandbox in order to call into it before initializing Binder.
(Desktop Linux plugin-container already contains the sandbox code.)
2015-04-10 18:05:19 -07:00
Jed Davis
08099f9875
Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang
2015-04-10 18:05:19 -07:00
Mark Goodwin
6fcd7d356b
Bug 1132689 - Feb 2015 batch of EV root CA Changes. r=keeler
2015-03-30 08:57:00 +02:00
David Keeler
b819bfd2cb
bug 1147085 - remove nsINSSCertCache (replace it with nsIX509CertDB.getCerts()) r=Cykesiopka
2015-04-03 14:01:05 -07:00
Patrick McManus
f1ecabdf6a
Bug 1152895 - remove dead code in nsSSLIOLayerSetOptions r=dkeeler
2015-04-09 13:40:04 -04:00
Cykesiopka
70bff0b01f
Bug 1147725 - Disable test_ocsp_fetch_method.js and test_ocsp_url.js on slow B2G Emulator debug builds. r=keeler
2015-04-06 14:05:00 +02:00
Bob Owen
72b3de6331
Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm
2015-04-05 14:01:38 +01:00
Phil Ringnalda
4c814af933
Merge m-i to m-c, a=merge
2015-04-04 09:59:17 -07:00
ffxbld
8c99f061fc
No bug, Automated HPKP preload list update from host bld-linux64-spot-220 - a=hpkp-update
2015-04-04 03:27:46 -07:00
ffxbld
f4241dc1de
No bug, Automated HSTS preload list update from host bld-linux64-spot-220 - a=hsts-update
2015-04-04 03:27:44 -07:00
Steven Michaud
aa2d63ddad
Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld
2015-04-03 11:51:41 -05:00
Cykesiopka
442b83c70d
Bug 1149805 - Switch head_psm.js to Assert.jsm methods and add expected result strings. r=keeler
2015-04-02 05:50:00 -04:00
Cykesiopka
c4456e9497
Bug 488480 - Correct documentation about the function hasMatchingOverride() in nsICertOverrideService.idl. Original patch by Johnathan Nightingale. r=keeler
...
IGNORE IDL
2015-04-02 05:45:00 -04:00
Nathan Froyd
65f6c06592
Bug 1143651 - don't use CallQueryInterface when the compiler can do the cast for us; r=ehsan
2015-03-12 13:20:29 -04:00
Cykesiopka
f3a36bd993
Bug 1147726: Disable test_keysize_ev.js on slow B2G Emulator debug builds. r=dkeeler
2015-03-31 11:53:00 +02:00
Brian Smith
922814a6c1
Bug 1146057: Remove support for GCC 4.6, r=keeler
...
Since Gecko now requires GCC 4.7 or later, we no longer need to
work around the lack of support for "override" and "final" in
earlier versions of GCC.
2015-03-30 20:18:46 -10:00
Bob Owen
666e96adb9
Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce
2015-04-01 09:40:35 +01:00
Bob Owen
8e1e75d04b
Bug 1119878 Part 1: Change SandboxTarget to hold sandbox target services to provide functions. r=aklotz, r=glandium, r=cpearce
2015-04-01 09:40:35 +01:00
Mike Hommey
ccd2a9b975
Bug 1134920 - Use moz_xmalloc/moz_xrealloc/free instead of nsMemory::Alloc/Realloc/Free. r=nfroyd
2015-04-01 13:51:45 +09:00
Mark Goodwin
bead98d47f
Bug 1138848 - Tests for modified OneCRL (r=keeler, unfocused)
...
* * *
* * *
give blocklist debug info to NSPR_LOG
2015-03-31 15:10:19 -07:00
Mark Goodwin
695994d59d
Bug 1138848 - Modify OneCRL blocklist for subject / public key blocking (r=keeler, unfocused)
2015-03-31 15:10:09 -07:00
David Keeler
a66b3817f5
bug 844351 - remove nsISSLErrorListener r=cykesiopka
2015-03-24 16:00:10 -07:00
Cykesiopka
192d5ad67e
Bug 1147247 - Use PRErrorCodeSuccess constant instead of literal 0 to represent success in PSM xpcshell tests. r=dkeeler
2015-03-27 23:16:00 +01:00
David Cooper
a267ad8c56
Bug 667471 - Pretty print names of ECDSA with SHA-2 algorithms in Certificate Viewer. r=dkeeler
2015-03-27 23:13:00 +01:00
Mike Hommey
4da5ed0b71
Bug 1138293 - Use malloc/free/realloc/calloc instead of moz_malloc/moz_free/moz_realloc/moz_calloc. r=njn
...
The distinction between moz_malloc/moz_free and malloc/free is not
interesting. We are inconsistent in our use of one or the other, and
I wouldn't be surprised if we are mixing them anyways.
2015-03-31 12:32:49 +09:00
Brian Smith
b43440444d
Bug 1136278, Part 2: Refactor test SubjectPublicKeyInfo generation, r=keeler
2015-02-26 13:10:13 -08:00
Brian Smith
e23ee1cce5
Bug 1136278, Part 1: Refactor algorithm identifiers in tests, r=keeler
...
This will make it easier to expand the tests to additional
signature algorithms and additional public key types.
2015-02-26 16:11:41 -08:00
Andrew McCreight
78ef3a55a4
Bug 1147572 - Remove implementation language field from DOM class info. r=jst
2015-03-30 10:45:39 -07:00
Jan-Ivar Bruaroey
ab8a60ff50
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, florian, billm, jesup
2015-03-03 09:51:05 -05:00
Andrew McCreight
4b767927e9
Bug 1148070 - Change nsIClassInfo::getHelperForLanguage() to getScriptableHelper(). r=bholley
2015-03-29 07:52:54 -07:00
Randell Jesup
19225aa9cf
Backed out 6 changesets (bug 1046245) on a CLOSED TREE
2015-03-29 01:42:32 -04:00
Jan-Ivar Bruaroey
eee0d4f6d2
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
Phil Ringnalda
f45c1bd02b
Back out 6 changesets (bug 1046245) for thinking that MSVC would have anything to do with a __PRETTY_FUNCTION__
...
CLOSED TREE
Backed out changeset 9e3ecca831d8 (bug 1046245)
Backed out changeset 87dc145f4da8 (bug 1046245)
Backed out changeset 01606cf19a77 (bug 1046245)
Backed out changeset 2ed2b15fe940 (bug 1046245)
Backed out changeset 2b99b193828a (bug 1046245)
Backed out changeset d1ac67faccbb (bug 1046245)
2015-03-28 19:57:17 -07:00
Jan-Ivar Bruaroey
6e995cbffd
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
Ryan VanderMeulen
4da777479a
Backed out 6 changesets (bug 1046245) for bustage on a CLOSED TREE.
...
Backed out changeset 222c2f9e3bc9 (bug 1046245)
Backed out changeset 4251eef464a2 (bug 1046245)
Backed out changeset 592f4cc23197 (bug 1046245)
Backed out changeset 5bfb9a1c0550 (bug 1046245)
Backed out changeset e966a5df87b6 (bug 1046245)
Backed out changeset 609f3ca64004 (bug 1046245)
2015-03-28 16:24:25 -04:00
Jan-Ivar Bruaroey
5f0e601fcd
Bug 1046245 - enumerateDevices w/non-blocking e10s, nsICryptoHMAC, clear cookies, lambdas. r=keeler, r=florian, r=billm, r=jesup
2015-03-03 09:51:05 -05:00
Phil Ringnalda
870ac05194
Merge m-i to m-c, a=merge
2015-03-28 11:44:16 -07:00
ffxbld
28fbf92074
No bug, Automated HPKP preload list update from host bld-linux64-spot-1005 - a=hpkp-update
2015-03-28 03:27:37 -07:00
ffxbld
be5331225c
No bug, Automated HSTS preload list update from host bld-linux64-spot-1005 - a=hsts-update
2015-03-28 03:27:36 -07:00
Andrea Marchesini
b212600c95
Bug 1148527 - Indentation fix after bug 1145631, r=ehsan
2015-03-27 18:52:19 +00:00
Kai Engert
045c1c7065
Bug 1144055
- Upgrade Firefox 39 to use NSS 3.18.1, land NSS_3_18_1_BETA1, r=nss-confcall
2015-03-26 20:39:25 +01:00
Tanvi Vyas
24698cb937
Bug 947079 - Hack to prevent getting a mixed content icon on a fully secure page. r=keeler
2015-03-26 11:54:53 -07:00
Bob Owen
1eda62eb8d
Bug 1147446: Chromium patch to fix memory leak in Windows sandbox sharedmem_ipc_server.cc. r=aklotz
2015-03-26 08:06:04 +00:00
Cykesiopka
3d56eac828
Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler relanding on a CLOSED TREE
2015-03-25 17:29:05 -07:00
Wes Kocher
7895e32a5e
Backed out changeset 3a38c3d97f44 (bug 996872) on the theory that it somehow broke lots of tests, forcing a prolonged CLOSED TREE
2015-03-25 14:40:44 -07:00
Cykesiopka
bd57240c9d
Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler
2015-03-25 11:40:46 -07:00
Wes Kocher
0d9c0798af
Merge m-c to inbound a=merge CLOSED TREE
2015-03-23 16:51:22 -07:00