wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
187,899 Commits 1 Branch 166 Tags 1.2 GiB
3436d9c264
Commit Graph

2058 Commits

Author SHA1 Message Date
Camilo Viecco
71d731b4d8 Bug 915930 - Make mozilla::pkix the default certificate verifier for all (not just desktop) r=briansmith 
--HG--
extra : rebase_source : 56402e60078298dc64cf5476afda7c95671a7092
 2014-04-25 13:22:30 -07:00
Wan-Teh Chang
e6781c8c31 Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 2. 2014-04-25 06:06:01 -07:00
Honza Bambas
605c3001ad Bug 999306 - Add 'allow-insecure-ntlm-v1' preference for the generic NTLM v1 authentication module, r=jduell 2014-04-24 18:50:46 +02:00
Stefan Arentz
54d22813e9 Bug 968490: Add mozilla::pkix::der unit tests (r=cviecco) 2014-03-26 16:00:03 -07:00
Randell Jesup
1f9314c7a8 Bug 996487: don't null out mThread while committing thread suicide r=bsmedberg 2014-04-22 15:32:13 -04:00
YFdyh000
686ab7c5e8 Bug 995528 - Certificate viewer describes not-valid-before date as issue date. r=honzab, ui-r=philipp 2014-04-21 10:58:04 -04:00
ffxbld
1ff1ed65cc No bug, Automated HSTS preload list update from host bld-linux64-spot-454 - a=hsts-update 2014-04-19 03:14:16 -07:00
Randell Jesup
45132d9932 Bug 988881: clean up CryptoTask (SignedJar) tasks instead of leaking them r=bsmedberg,mayhemer 2014-04-17 02:18:04 -04:00
Anuj Agarwal
b57b4cf0d1 Bug 897359 - Remove unimplemented popChallengeResponse, random, and disableRightClick methods. r=bz 2014-04-18 09:32:52 -04:00
David Keeler
2e3bd0056f bug 991898 - mozilla::pkix: temporarily allow empty Extensions in OCSP responses r=briansmith 2014-04-17 16:01:18 -07:00
Camilo Viecco
2a380c2fee Bug 997795 - Cleanup decodings. r=dkeeler 2014-04-17 14:42:05 -07:00
Jed Davis
a52d5f0783 Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang 2014-04-17 16:23:23 -04:00
Camilo Viecco
e70e998770 Bug 992972 - Add sha256SubjectPublicKeyInfoDigest attribute to nsIX509Cert. sr=bsmith 2014-04-07 10:35:57 -07:00
David Keeler
267f36c29e bug 997843 - mozilla::pkix::der::Input::Expect should take a uint16_t as its length argument r=briansmith 2014-04-17 09:50:06 -07:00
Patrick McManus
edc73bcc7b bug 993591 - PSM HTTP Fetch should own streamloader data r=dkeller r=mayhemmer 2014-04-09 17:48:17 -04:00
David Keeler
7ce7130265 bug 982774 - der::ExpectTagAndGetLength: check that input has enough capacity for the length described r=briansmith 2014-04-16 13:30:09 -07:00
David Keeler
47abc69838 bug 972753 - OCSP testing: delegated responses and including multiple certificates r=cviecco 2014-04-16 09:31:27 -07:00
Raymond Etornam Agbeame(:retornam)
7f95bd8328 Bug 934676 - Remove unused variable 'extracted' in ClientAuthDataRunnable::RunOnTargetThread. r=keeler 2014-04-15 15:46:00 +02:00
Monica Chew
d98ff86e6e Bug 991177: Disallow overrides for SEC_ERROR_CA_CERT_INVALID (r=keeler) 2014-04-15 15:35:41 -07:00
Kyle Huey
b6957123df Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan 
--HG--
extra : rebase_source : 0d14e02c64d548fd3177681248d722683aaa87c3
 2014-04-14 12:04:25 -07:00
David Keeler
c0e2e8d723 bug 994932 - fix error checking in GetOCSPResponseForType r=retornam 2014-04-15 14:21:08 -07:00
Jed Davis
738f39b679 Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang 2014-04-11 13:09:00 +02:00
Bobby Holley
f223b1107f Bug 989528 - Rename AutoSystemCaller to AutoNoJSAPI, and assert against pre-existing exceptions. r=bz 2014-04-14 20:27:00 -07:00
Ryan VanderMeulen
601b02224e Backed out changesets ddbac34527fe and fa82f32d0c39 (bug 991812) for B2G bustage. 
CLOSED TREE
 2014-04-14 16:16:18 -04:00
Kyle Huey
acd8c16b76 Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan 2014-04-14 12:04:25 -07:00
Ryan VanderMeulen
be657e134d Merge m-c to inbound on a CLOSED TREE. 2014-04-13 22:52:50 -04:00
ffxbld
783ee9d2ef No bug, Automated HSTS preload list update from host bld-linux64-spot-327 - a=hsts-update 2014-04-12 03:21:26 -07:00
Mike Kaply
535e1a8665 Bug #993846 - Add missing stringbundle, r=kaie 2014-04-11 10:07:02 -05:00
David Keeler
f0c23bbc7e bug 993186 - improve test_cert_eku generator r=cviecco 2014-04-09 11:04:00 -07:00
Jed Davis
f8ce2f4279 Bug 993145 - Skip attempting seccomp sandboxing if seccomp unavailable. r=kang 2014-04-09 15:23:00 +02:00
Bob Owen
f5a4bd97f2 Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz 2014-04-08 16:25:18 +01:00
Boris Zbarsky
46967823f5 Bug 995047 followup. Fix a caller that I missed because it's only compiled on some platforms, so we can reopen the CLOSED TREE 2014-04-12 00:38:06 -04:00
David Keeler
ae21952cdd bug 991209 - mozilla::pkix: allow non-end-entity certs to have OCSP signing EKU r=briansmith 2014-04-10 10:15:02 -07:00
Boris Zbarsky
35fca5eeeb Bug 991742 part 8. Remove the "aScope" argument of WebIDL/nsWrapperCache WrapObject() methods. r=bholley 
This patch was mostly generated with the following command:

find . -name "*.h" -o -name "*.cpp" | xargs sed -e '/WrapObject(JSContext/ {; N; s/\(WrapObject(JSContext *\* *a\{0,1\}[Cc]x\),\n\{0,1\} *JS::Handle<JSObject\*> a\{0,1\}[sS]cope/\1/ ; }' -i ""

and then reverting the changes that made to
dom/bindings/BindingUtils.h, since those WrapObject methods are not
the ones we're trying to change here, plus a bunch of manual fixups
for cases that this command did not catch (including all the callsites
of WrapObject()).
 2014-04-08 18:27:18 -04:00
Boris Zbarsky
56f44fdf10 Bug 991742 part 6. Remove the "aScope" argument of binding Wrap() methods. r=bholley 
This patch was mostly generated with this command:

find . -name "*.h" -o -name "*.cpp" | xargs sed -e 's/Binding::Wrap(aCx, aScope, this/Binding::Wrap(aCx, this/' -e 's/Binding_workers::Wrap(aCx, aScope, this/Binding_workers::Wrap(aCx, this/' -e 's/Binding::Wrap(cx, scope, this/Binding::Wrap(cx, this/' -i ""

plus a few manual fixes to dom/bindings/Codegen.py, js/xpconnect/src/event_impl_gen.py, and a few C++ files that were not caught in the search-and-replace above.
 2014-04-08 18:27:17 -04:00
Camilo Viecco
2f343b217f Bug 993569 - Update Mozilla 31 to use NSS 3.16.1. (beta1) r=kaie 2014-04-08 11:38:37 -07:00
Michael Shuen
85908d62ba Bug 984608 - SECKEY_EncodeDERSubjectPublicKeyInfo and PK11_DEREncodePublicKey take non-const SECKEYPublicKey*. r=briansmith 2014-04-08 11:27:31 -07:00
David Keeler
2f779bc64a bug 990603 - test override for server certificate with basic constraints: CA=true r=briansmith 2014-04-08 09:51:45 -07:00
David Keeler
179fc74542 bug 990603 - mozilla::pkix: defer reporting end-entity cert errors until after path building r=briansmith 2014-04-08 09:49:36 -07:00
Peter Van der Beken
a12d286723 Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz. 
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 687daf9d78e69fe6ae21f7c1a26503cf88a18b97
 2014-02-15 22:12:34 +01:00
Peter Van der Beken
7741df1efa Back out 75c95dac7fe0 (bug 984497) and f1b0d3d13755 (bug 990475) to fix bustage on a CLOSED TREE. 
--HG--
extra : rebase_source : a63315cd428faeb95464f6ad76946d1c0c6d36c3
 2014-04-07 22:18:53 +02:00
Peter Van der Beken
8cf720bdb0 Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz. 
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 3662ae8b0f35fefb250c9cd048e848d662863855
 2014-02-15 22:12:34 +01:00
Shu-yu Guo
f236a45566 Bug 989509 - Part 3: security/ (r=cviecco,dkeeler) 2014-04-03 19:29:40 -07:00
Camilo Viecco
02c29dd580 Bug 987816 - Part 2/3. Update tests to match un-regressed behaviour. r=dkeeler 
--HG--
extra : rebase_source : 7bccc66831f56cede353ec33275449b7bf2560b1
 2014-03-31 09:10:13 -07:00
Camilo Viecco
2011f0e31a Bug 987816 - Part 2/3. Test verifying certificateUsageVerifyCA can return OK. r= dkeeler 
--HG--
extra : rebase_source : 8e3f50d58c3c61e0fc843a053370f74d9adac8c0
 2014-03-31 09:10:11 -07:00
Camilo Viecco
0905fe7590 Bug 987816 - Part 1/3. Allow verifying with certificateUsageVerifyCA. r=dkeeler 
--HG--
extra : rebase_source : 7530839c9c02d56936e322f897de96d80a60a18f
 2014-03-28 10:21:30 -07:00
Jon Coppeard
bb2e7cbea1 Bug 959787 - Handlify JS_ExecuteScript and JS::Evaluate APIs r=terrence r=bz 2014-04-01 11:34:39 +01:00
Mike Hommey
edf4794405 Bug 988168 - Better integrate gtest libxul in the build system. r=mshal. DONTBUILD 
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
 2014-03-31 13:21:38 +02:00
Mike Hommey
3dbd6f1f57 Backed out changeset 561b9329d832 (bug 988168) for wrong attribution. 2014-04-01 13:17:50 +09:00
Jacek Caban
258449c186 Bug 988168 - Better integrate gtest libxul in the build system. r=mshal 
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
 2014-03-31 13:21:38 +02:00
Geoff Brown
4ba9807bcb Bug 967704 - Skip a few more tests on Android 2.3 2014-03-31 21:30:07 -06:00
David Keeler
bda5e2835b bug 989516 - mozilla::pkix: temporarily allow improper basicConstraint:cA encodings r=cviecco 2014-03-31 11:06:43 -07:00
David Keeler
1af2e5556c bug 987295 - mozilla::pkix: test ocsp extension decoding r=cviecco 2014-03-31 10:54:53 -07:00
David Keeler
f73aa391b1 bug 987295 - mozilla::pkix: fix decoding OCSP response extensions r=cviecco 2014-03-31 13:24:16 -07:00
Camilo Viecco
02ccbcd3d6 Bug 986156 - Test anypolicyoid (no inhibit policy) for EV . r=dkeeler 
--HG--
extra : rebase_source : 004dbe5fc1b168c43f62c5bed8e71d4d67b04754
 2014-03-28 10:00:45 -07:00
Camilo Viecco
402a7a9293 Bug 986156 - Allow anypolicyoid and reject on inhibitAnypolicy (mozilla::pkix). r=bsmith 
--HG--
extra : rebase_source : dd61d4bfa64ed65582f3a1b4662f16740983a3ce
 2014-03-28 10:00:29 -07:00
Phil Ringnalda
aa7ac0fff7 Merge m-i to m-c 2014-03-29 09:00:18 -07:00
ffxbld
c0d0a0bd94 No bug, Automated HSTS preload list update from host bld-linux64-spot-403 - a=hsts-update 2014-03-29 03:14:50 -07:00
Mike Hommey
b4ed5e9a80 Backout changesets ca413634eba3 and a92851ff7444 (bug 988168) for likely windows PGO perf regression 2014-03-29 16:49:19 +09:00
Jed Davis
ddc591c878 Bug 989172 - Re-add sigaltstack to seccomp whitelist. r=kang 
This reinstates the patch from bug 983518, which was unintentionally
dropped while merging with the reorganization in bug 985227.
 2014-03-28 17:58:26 -07:00
Wes Kocher
51005ce03d Backed out 2 changesets (bug 987816) for xpcshell orange 
Backed out changeset 245d0cb5a7b3 (bug 987816)
Backed out changeset b714220dd39d (bug 987816)
 2014-03-28 16:57:12 -07:00
Camilo Viecco
96a8f62c2d Bug 987816 - certificateUsageVerifyCA is OK verifcation option. r=dkeeler 
--HG--
extra : rebase_source : 0e000dc85705e1c61773e8fc73425fe80e0b9134
 2014-03-28 10:21:30 -07:00
Camilo Viecco
557392561a Bug 987816 - test certificateUsageVerifyCA can return success. r=dkeeler 
--HG--
rename : toolkit/library/libxul.mk => toolkit/library/Makefile.in
rename : toolkit/library/libxul.mozbuild => toolkit/library/moz.build
extra : rebase_source : 145fd4fce17325ca9e34681f3451c66c33bfd1a1
 2014-03-28 15:53:08 -07:00
Mike Hommey
d55f8470ad Bug 988168 - Better integrate gtest libxul in the build system. r=mshal 
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
 2014-03-29 07:50:08 +09:00
Camilo Viecco
4ebeba8a03 Bug 982292 - Enhance EKU testing. r=dkeeler 2014-03-18 08:59:37 -07:00
Camilo Viecco
b8e464e37e Bug 982292 - Allow nsSGC to 'nest' TLS Web Server Authentication EKU in moz::pkix. r=bsmith 2014-03-13 11:06:44 -07:00
Makoto Kato
c0da567b5b Bug 987888 - --enable-content-sandbox breaks 64-bit builds. r=dkeeler,r=mshal 2014-03-28 13:59:16 +09:00
Brian Smith
28363a7d66 Bug 982778: Initialize parameters of output value of der::AlgorithmIdentifier, r=keeler 2014-03-13 21:26:03 -07:00
Benjamin Peterson
1b0c0d2f10 Bug 988718 - Mark nsSecurityHeaderParser explicit. r=dkeeler 2014-03-27 12:51:25 -04:00
Antonio M. Amaya
572fc8db93 Bug 880043 - Signed packaged installation test certificate generation. r=cviecco 
--HG--
rename : security/manager/ssl/tests/unit/test_signed_apps/nss_ctypes.py => security/manager/ssl/tests/unit/test_signed_apps/gentestfiles/nss_ctypes.py
rename : security/manager/ssl/tests/unit/test_signed_apps/sign_b2g_app.py => security/manager/ssl/tests/unit/test_signed_apps/gentestfiles/sign_b2g_app.py
 2014-03-27 11:02:27 -04:00
David Keeler
00785d6113 bug 986171 - mozilla::pkix: telemetry for what cert validation library is in use r=cviecco 2014-03-26 09:41:08 -07:00
David Keeler
1ea866dced Backed out changeset d9e136a02980 (bug 986171) for build bustage r=backout 2014-03-25 14:02:42 -07:00
David Keeler
d56c7b6534 bug 986171 - mozilla::pkix: telemetry for what cert validation library is in use r=cviecco 2014-03-25 13:43:01 -07:00
David Keeler
1898826bf2 bug 987217 - free leaking encodedRequest in GenerateCRMFRequest r=cviecco 2014-03-25 10:38:03 -07:00
Camilo Viecco
da379b1daf Bug 969188 - Part 3/3 - Test handling of v1/v2/v3 certificates from PSM. r=keeler 
--HG--
extra : rebase_source : 321d603913f07a0afe64400e300146873e8a81af
 2014-02-25 15:37:22 -08:00
Camilo Viecco
4fc6d46e33 Bug 969188 - Part 2/3 - mozilla::pkix only decode v3 extensions in v3 certificates. r=briansmith 
--HG--
extra : rebase_source : 86e58ccf8538d0f40d3b24b89a92dceac095cb21
 2014-03-06 10:04:04 -08:00
Camilo Viecco
fcc7445865 Bug 969188 - Part 1/3 - Fix mozilla::pkix handling of trusted v1 certificates. r=briansmith 
--HG--
extra : rebase_source : 242b4849a7820d23518936a8c86ddcb7d9684394
 2014-03-06 10:04:04 -08:00
Wan-Teh Chang
79601daa95 Bug 986875: Don't set the obsolete NSS makefile variable STANDARDS_CFLAGS. 
r=glandium.
 2014-03-24 16:53:33 -07:00
David Keeler
c492def197 bug 987262 - mozilla::pkix: refactor Nested AtEnd() checks in pkixder.h r=briansmith 2014-03-24 13:12:56 -07:00
Phil Ringnalda
39747a1529 Merge m-c to m-i 2014-03-22 08:09:46 -07:00
ffxbld
2306430b7a No bug, Automated HSTS preload list update from host bld-linux64-spot-008 - a=hsts-update 2014-03-22 03:20:45 -07:00
David Keeler
c696487874 backout bug 985021 (8d622f4ec6e9) for another build breakage on a CLOSED TREE r=backout 2014-03-21 11:47:06 -07:00
David Keeler
d33e060a52 bug 969758 - ignore "snionly" property in Google's HSTS preload list r=cviecco DONTBUILD because NPOTB 2014-03-21 14:09:04 -07:00
David Keeler
f740f3e913 bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith 2014-03-21 10:38:36 -07:00
David Keeler
185d667850 bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith 2014-03-21 11:52:01 -07:00
David Keeler
214c7f5d0c backout bug 985021 (de535cd27ee7) for build breakage r=backout 2014-03-20 16:06:15 -07:00
David Keeler
e12675d08a bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith 2014-03-20 15:50:12 -07:00
David Keeler
2fb9ff870f bug 985201 - follow-up: fix comment mentioning "Insanity" (it should be "mozilla::pkix") r=me DONTBUILD 2014-03-20 15:36:23 -07:00
David Keeler
676eaf13b4 bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith 
--HG--
rename : security/insanity/include/insanity/ScopedPtr.h => security/pkix/include/pkix/ScopedPtr.h
rename : security/insanity/include/insanity/bind.h => security/pkix/include/pkix/bind.h
rename : security/insanity/include/insanity/nullptr.h => security/pkix/include/pkix/nullptr.h
rename : security/insanity/include/insanity/pkix.h => security/pkix/include/pkix/pkix.h
rename : security/insanity/include/insanity/pkixtypes.h => security/pkix/include/pkix/pkixtypes.h
rename : security/insanity/lib/pkixbind.cpp => security/pkix/lib/pkixbind.cpp
rename : security/insanity/lib/pkixbuild.cpp => security/pkix/lib/pkixbuild.cpp
rename : security/insanity/lib/pkixcheck.cpp => security/pkix/lib/pkixcheck.cpp
rename : security/insanity/lib/pkixcheck.h => security/pkix/lib/pkixcheck.h
rename : security/insanity/lib/pkixder.cpp => security/pkix/lib/pkixder.cpp
rename : security/insanity/lib/pkixder.h => security/pkix/lib/pkixder.h
rename : security/insanity/lib/pkixkey.cpp => security/pkix/lib/pkixkey.cpp
rename : security/insanity/lib/pkixocsp.cpp => security/pkix/lib/pkixocsp.cpp
rename : security/insanity/lib/pkixutil.h => security/pkix/lib/pkixutil.h
rename : security/insanity/moz.build => security/pkix/moz.build
rename : security/insanity/test/lib/moz.build => security/pkix/test/lib/moz.build
rename : security/insanity/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestutil.cpp
rename : security/insanity/test/lib/pkixtestutil.h => security/pkix/test/lib/pkixtestutil.h
 2014-03-20 14:29:21 -07:00
Jed Davis
b939b580cf Bug 985227 - Part 3: Replace the seccomp filter arch ifdefs with syscall existence tests. r=kang 2014-03-20 10:19:42 -04:00
Jed Davis
d06bc434b1 Bug 985227 - Part 2: Flatten out the #define maze in the seccomp filter. r=kang 2014-03-20 10:19:42 -04:00
Jed Davis
893f056ba5 Bug 985227 - Part 1: Move the seccomp filter into its own translation unit. r=kang 
--HG--
rename : security/sandbox/linux/seccomp_filter.h => security/sandbox/linux/SandboxFilter.cpp
 2014-03-20 10:19:42 -04:00
Jed Davis
a8a37995ce Bug 975273 - Add missing include to unbreak desktop seccomp build. r=kang 2014-03-20 09:27:28 -04:00
David Keeler
43eeb69107 bug 984567 - insanity::pkix: handle/test malformed OCSP responses r=briansmith r=cviecco 2014-03-19 09:36:10 -07:00
Camilo Viecco
424c0bfa64 Bug 966820 - Add test for trustbits for Certverifier. r=dkeeler 
--HG--
rename : layout/reftests/abs-pos/table-internal-5-ref.html => layout/reftests/abs-pos/table-internal-1-ref.html
rename : layout/reftests/abs-pos/table-internal-6-ref.html => layout/reftests/abs-pos/table-internal-3-ref.html
rename : layout/reftests/abs-pos/table-internal-7-ref.html => layout/reftests/abs-pos/table-internal-4-ref.html
extra : rebase_source : d854bd51bd84e9f7e21980a31c822726e4401dd9
 2014-03-06 14:17:50 -08:00
Paolo Amadini
8dd6c66f29 Bug 984788 - Convert legacy uses of promise.js to Promise.jsm. rs=Yoric 2014-03-18 15:16:02 +01:00
Neil Rashbrook
c3b2f90f39 Bug 514280 Stop using nsCOMPtr for concrete types r=bsmedberg 
--HG--
extra : rebase_source : f8fb50de9292320eb7589dd28dc566d0f5044da6
 2014-03-18 00:23:03 +00:00
Wes Kocher
c0dba87922 Backed out 2 changesets (bug 514280) for OSX build bustage on a CLOSED TREE 
Backed out changeset 2a015b45d808 (bug 514280)
Backed out changeset a01f97c1ed02 (bug 514280)
 2014-03-17 15:19:53 -07:00
David Keeler
472a6edd05 bug 977870 - insanity::pkix: consume the rest of input when a CertID doesn't match in an OCSP response r=briansmith 2014-03-17 14:34:34 -07:00
David Keeler
ed25ed39d5 bug 982754 - allow some inadequate key usage overrides r=cviecco 2014-03-13 16:49:12 -07:00
Neil Rashbrook
b07eaa1644 Bug 514280 Stop using nsCOMPtr for concrete types r=bsmedberg 
--HG--
extra : rebase_source : eaca8b2925eaffb49e29a617cd72c0d6686e6d9e
 2014-03-17 19:07:09 +00:00
Jon Coppeard
6ca748883c Bug 959787 - Handlify JS_ExecuteScript, JS_EvaluateScript and other JS APIs r=sfink r=bz 2014-03-17 16:17:58 +00:00
Phil Ringnalda
8c19bde08b Merge m-c to m-i 2014-03-15 12:32:04 -07:00
Phil Ringnalda
391b0a9c9b Merge b-i to m-c 2014-03-15 12:24:12 -07:00
Phil Ringnalda
445bf73f09 Merge m-i to m-c 2014-03-15 12:15:37 -07:00
Kyle Huey
510a49016d Bug 967364: Rename already_AddRefed::get to take. r=bsmedberg 2014-03-15 12:00:15 -07:00
Wan-Teh Chang
46a3824cb6 Bug 967153: Update to NSS 3.16 (NSS_3_16_RTM) and NSPR 4.10.4 
(NSPR_4_10_4_RTM).
 2014-03-15 06:30:30 -07:00
ffxbld
ba946c8294 No bug, Automated HSTS preload list update from host bld-linux64-spot-485 - a=hsts-update 2014-03-15 03:17:07 -07:00
Wes Kocher
763daa65ec Merge m-c to b2g-inbound 2014-03-14 23:18:26 -07:00
Guillaume Destuynder
fc8cf73ff1 Bug 983518: Fix running B2G-1.4 on KitKat by whitelisting sigalstack in the sandbox. r=kang r=jld 2014-03-14 18:54:20 -07:00
Bill McCloskey
aa5f40a77e Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted) 2014-03-13 21:38:19 -07:00
Wes Kocher
a3277d291d Backed out changeset 88425ad0f06a (bug 982828) for introducing various mochitest-5 failures on a CLOSED TREE 
* * *
Backed out changeset 94f9ebdc6662 (bug 982828)
 2014-03-13 19:41:21 -07:00
Bill McCloskey
f4f6bf8e4d Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted) 2014-03-13 15:41:41 -07:00
Bill McCloskey
7193069fa0 Backed out changeset d6261f65070a 2014-03-13 15:52:27 -07:00
Bill McCloskey
69a746922b Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted) 2014-03-13 15:41:41 -07:00
David Keeler
609e9a9f16 bug 969048 - adjust OCSP stapling telemetry for insanity::pkix r=briansmith r=cviecco 2014-03-13 09:41:03 -07:00
Vaibhav Agarwal
74d0d984a3 Bug 971132 - B2G mochitests should use the new manifest format for runtests; r=jmaher 2014-03-13 10:40:10 -04:00
Vicamo Yang
3bcd1c9eb8 Bug 944625 - B2G Emulator-x86: fix undeclared __NR_sendto, __NR_recvfrom. r=jld,kang 2014-03-13 13:44:43 +09:00
Wes Kocher
7a3239038d Merge m-c to b-i 2014-03-12 21:22:36 -07:00
Jed Davis
f8d175ce14 Bug 977859 - Drop uid 0 in all content processes immediately after fork. r=bent r=kang 
Now all regular child processes, including preallocated, are deprivileged.
Only Nuwa needs uid 0, because each of its children has a different uid/gid.
 2014-03-12 15:48:15 -07:00
David Keeler
8fc5d6daee bug 915932 - cache OCSP responses when using insanity::pkix r=cviecco r=briansmith 2014-03-12 13:08:48 -07:00
David Keeler
341b865887 bug 982403 - separate the compilation of certverifier and insanity::pkix r=cviecco r=briansmith 
--HG--
rename : security/certverifier/moz.build => security/insanity/moz.build
 2014-03-12 13:08:18 -07:00
Camilo Viecco
dcc3cb858e Bug 962740 - Batch of 3 CA Certs to be granted EV capabilites. r=keeler 2014-02-26 14:41:02 -08:00
Brian Smith
8cb80d15db Bug 982761 - Fix linkage of _1 placeholder in std::bind polyfill. r=briansmith 2014-03-13 16:55:28 -07:00
David Keeler
6d6c54d69b Bug 974715 - Create more flexible OCSP response generation code. r=briansmith, r=cviecco 2014-03-10 14:04:31 -07:00
Brian Smith
ec6bc705e3 Bug 947584: Use official IANA names for cipher suites in PSM, r=cviecco 
--HG--
extra : rebase_source : fafec912dc96480cb4f00bddec00d40e5e9db088
 2014-03-09 20:21:12 -07:00
Brian Smith
f0cdb24e70 Bug 967153: Update to NSS 3.16 beta 5 (NSS_3_16_BETA5), r=me 
--HG--
extra : rebase_source : 8dfdcd121214b084acc01025a2cd989ccf6a603c
 2014-03-09 19:40:25 -07:00
ffxbld
0992075bf2 No bug, Automated HSTS preload list update from host bld-linux64-spot-041 - a=hsts-update 2014-03-08 04:29:12 -08:00
Landry Breuil
86a2cb9b9c Bug 980848: use c-style comments in c files r=cviecco DONTBUILD 2014-03-07 18:32:11 +01:00
Jed Davis
685530a9a5 Bug 979686 - Fix the non-(ARM|x86|x86_64) desktop build. r=kang 2014-03-06 12:23:06 -08:00
Luke Wagner
b2189937c6 Bug 980180 - remove principals as an argument to compilation, part 2 (r=terrence) 
--HG--
extra : rebase_source : 86791b50b4293ba5506f1e0f5c64730338f552e6
 2014-03-06 16:28:07 -06:00
Vaibhav Agarwal
417b7f2e77 Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher 2014-03-06 13:42:47 -05:00
Brian R. Bondy
6be742312e Bug 941110 - Make the Windows sandbox code compile without the Win8 SDK. r=jimm 2014-03-06 12:53:24 -05:00
Ted Mielczarek
5db86de6a8 Bug 977699 - Move the few remaining mochitests to manifests. r=jmaher 2014-03-04 15:54:31 -05:00
Jed Davis
cfaafc654d Bug 946407 - Disable sandbox when DMDing. r=njn r=kang 
See also bug 956961.
 2014-03-04 18:27:14 -08:00
Ehsan Akhgari
bf09c6f469 Bug 976896 - Port STL_FLAGS to moz.build; r=mshal 2014-03-04 19:39:06 -05:00
David Keeler
06559f1667 bug 978797 - stop classifying SEC_ERROR_INADEQUATE_KEY_USAGE as a "bad cert" error r=briansmith 2014-03-03 15:39:07 -08:00
Brian Smith
a55d0cfe09 Bug 967153: Update to NSS 3.16 beta 4 (NSS 3_16_BETA4), r=me 
--HG--
extra : rebase_source : 192fdf657daa1aae51d9f163b074b8eb6a7aac13
 2014-03-02 17:30:39 -08:00
Brian Smith
4b8d4318a5 Bug 978117: Enable test_signed_apps.js and test_signed_apps-marketplace.js on Android and B2G, r=cviecco 
--HG--
extra : rebase_source : acc33b667f19583d94d300d4e4a73cb3e225bbd6
 2014-03-01 20:55:57 -08:00
Brian Smith
2f3b70ffb5 Bug 978528: Return the correct error message when no potential issuers are found during path bulding in insanitY::pkix, r=cviecco 
--HG--
extra : rebase_source : 71f806312ad322bc2971e7efaea2da217b07efad
 2014-03-01 20:55:51 -08:00
Brian Smith
185ce0c8d9 Bug 978120: Enable more PSM xpcshell tests on Android and B2G, r=keeler 
--HG--
extra : rebase_source : 439914322f2b2f2ebd7bf529e3a4a59f36831a7e
 2014-03-01 19:02:58 -08:00
Brian Smith
f91269e634 Bug 978120: Make nsIX509Cert.setCerttrust, and nsIX509CertDB.addCert, and nsIX509CertDB2.addCertFromBase64 work on Android and B2G, r=keeler 
--HG--
extra : rebase_source : 5582716fe0c650366e3cf5e85a30748a7d22b156
 2014-03-01 19:01:23 -08:00
Ed Morley
1169e3e5fb Merge latest green inbound changeset and mozilla-central 2014-03-03 14:44:44 +00:00
ffxbld
204086414a No bug, Automated HSTS preload list update from host bld-linux64-spot-483 - a=hsts-update 2014-03-01 03:17:30 -08:00
Ryan VanderMeulen
b00f0ba8d9 Merge m-c to inbound. 2014-02-28 10:15:57 -05:00
Carsten "Tomcat" Book
a927d781fe merge b2g-inbound to mozilla-central 2014-02-28 14:42:11 +01:00
Wes Kocher
e4299dd8a6 Merge m-c to b2g-inbound 2014-02-27 17:47:32 -08:00
Jed Davis
b8c81fc6e2 Bug 970676 - Turn on sandboxing on all relevant threads. r=dhylands r=bent f=kang 2014-02-27 13:18:01 -08:00
Brian Smith
ca2ea62abf Bug 978111, Bug 978426: Disable test_sts_preloadlist_perwindowpb.js on B2G/ARM, a=bustage 
--HG--
extra : rebase_source : 434af7dc53cf57eca1335a6e0ad0a4785c547e72
 2014-02-28 21:12:07 -08:00
Brian Smith
4637429114 Bug 978185: Improve error codes returned from nsIX509CertDB.addCert and nsIX50CertDB.setCertTrust, r=keeler 
--HG--
extra : rebase_source : e32a913f085524d113b17d03917c10ad92c7f6e1
 2014-02-28 11:19:38 -08:00
Brian Smith
a5d253392f Bug 978111: Enable already-working PSM xpcshell tests on Android and B2G, r=cviecco 
--HG--
extra : rebase_source : c14ef67870f2b40a3319e6bc8df0ddfe9dd222e3
 2014-02-28 11:16:16 -08:00
Ehsan Akhgari
87db9c0f0f Bug 976898 - Move the sdkdecls.h force-include out of the build system; r=bbondy,glandium 2014-02-28 08:17:22 -05:00
Brian Smith
38efbc9d37 Bug 967153: Update to NSS 3.16 beta 3 (NSS_3_16_BETA3), r=me 
--HG--
extra : rebase_source : 75c78b361f887c2cb820bc41913bcf68de15f83f
extra : histedit_source : 7c8e8a79c9dde7c702ceb5ce1e4a73f2a77fbea5
 2014-02-27 16:06:22 -08:00
Andrew McCreight
537eb6fa81 Bug 962608 - Make PL_DHashTableInit infallible by default. r=briansmith,bsmedberg,ehsan,froydnj,jduell,jfkthame,roc,smaug 2014-02-27 10:04:09 -08:00
Brian Smith
c13108b590 Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler 
--HG--
extra : rebase_source : b1fd1f8eace675484b3c2d568e5e74f767f1d2ad
 2014-02-23 22:15:53 -08:00
Brian Smith
64ea6aa0a3 Bug 921886: Add certificate policiy support to insanity::pkix, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 6522e2c2f57f59fe23c0ed0c838f1f54236bdafc
 2014-02-24 12:37:45 -08:00
Brian Smith
29c8950e17 Bug 970810: Expand name constraint tests to test insanity::pkix, r=cviecco 
--HG--
extra : rebase_source : b8190690743a12623c7524429215fc7d8a8dea49
extra : histedit_source : fd9877f98303dd237b302e6c606ca11f4c36fd7c
 2014-02-25 01:15:52 -08:00
Camilo Viecco
2e520f51df Bug 900727: Add name constraints to psm in xpcshell. r=bsmith 2013-12-12 10:28:06 -08:00
Brian Smith
db4827dbd4 Bug 975122: Allow cert error overrides when insanity::pkix is used, r?cviecco, r?keeler 
--HG--
extra : rebase_source : 47f5e779a16c462e40baa2d9cec2e83946c9076c
 2014-02-22 19:08:06 -08:00
Raymond Etornam Agbeame(:retornam)
6d832f03cf Bug 970614 - Remove code wrapped in #if 0 ... #endif blocks in PSM. r=keeler 2014-02-24 09:41:55 -05:00
Jed Davis
1467d9b632 Bug 971128 - Add sched_yield to seccomp whitelist. r=kang 2014-02-22 18:58:59 -08:00
Jed Davis
3027739852 Bug 970562 - Add sched_getscheduler to seccomp whitelist. r=kang 2014-02-22 18:58:59 -08:00
Ehsan Akhgari
0f5851acbd Bug 935778 - Part 0.3: Spray some more MOZ_DECLARE_REFCOUNTED_TYPENAME across the tree 2014-02-20 23:07:24 -05:00
David Keeler
27afebfba2 bug 969479 - only prevent TLS fallback for STARTTLS r=briansmith 2014-02-20 15:14:32 -08:00
Brian R. Bondy
7563d524e8 Bug 974979 - Browser crashes after trying to restart a crashed e10s process. r=aklotz 2014-02-20 12:58:04 -05:00
Brian R. Bondy
842125950f Bug 928061 - Enable separate Desktop in Windows sandbox policy. r=aklotz 2014-02-20 12:37:22 -05:00
Jed Davis
6549f56f18 Bug 974230 - Adjust sandbox so that socket() simply fails. r=kang 
This is a workaround for issues with the SCTP code (bug 969715) and
NSPR's IPv6 support (bug 936320).
 2014-02-20 09:35:44 -05:00
Jed Davis
bd5a8731fc Bug 966547 - Switch sipcc from named to anonymous sockets on Unix. r=jesup, r=kang 2014-02-20 09:35:26 -05:00
Jed Davis
cbefd9bed0 Bug 974227 - Allow readlink while sandboxed to work around bug 964455. r=kang 2014-02-19 15:55:42 -05:00
Brian Smith
2e66c4833d Bug 915931, Part 4: Expand OCSP xpcshell tests to test insanity::pkix, r=keeler 
--HG--
extra : rebase_source : e645de251c459d6fa38996bb7bfd35e21eaf3b72
 2014-02-17 13:19:54 -08:00
Brian Smith
141e0cb2aa Bug 973268: Return better error codes and make simple cert error override processing work for insanity::pkix, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 596e7a67b8631bb6a52c20d569fe433aa5e86cec
 2014-02-11 00:46:05 -08:00
Brian Smith
144b29ee4c Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 4b54682ca6d97e2ec7709b9a5c93ddea71126f8b
 2014-02-16 17:35:40 -08:00
Brian Smith
dde13ca547 Bug 915931, Part 2: Add OCSP request encoding to insanity::pkix, r=keeler 
--HG--
extra : rebase_source : c07713a417c2bc03d4c18f0c7dbddd19b4532390
 2014-02-06 16:57:49 -08:00
Brian Smith
8180cbf4d1 Bug 878932, Part 1: Add OCSP response parsing & validation to insanity::pkix, r=keeler 
--HG--
extra : rebase_source : 23771eaf97f67e5feb69d50a0c96dd4da31ae964
extra : source : b0511882e4c94c0960ef8533b381e8d72706172e
 2014-02-16 18:09:06 -08:00
Ehsan Akhgari
c79e8f4c6e Bug 973405 - Move some misc LOCAL_INCLUDES to moz.build; r=glandium 2014-02-18 08:49:12 -05:00
Ms2ger
6e066deaea Bug 968856 - Move unconditional LOCAL_INCLUDES into moz.build; r=mshal 2014-02-15 21:24:59 +01:00
Phil Ringnalda
045a2cbe55 Merge m-i to m-c 2014-02-15 09:54:57 -08:00
ffxbld
b9dfc6f557 No bug, Automated HSTS preload list update from host bld-linux64-spot-071 - a=hsts-update 2014-02-15 03:20:10 -08:00
Vaibhav Agarwal
d109cb3fc7 Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher 2014-02-15 04:53:02 -05:00
Brian Smith
47db3c7a3c Bug 896620: Revert deletion of security/build/b2g-app-root-cert.der, which was intended for bug 972201, r=me (thanks Ehsan) 2014-02-14 19:45:58 -08:00
Brian Smith
83e4eaa908 Bug 896620: Make marketplace certs work on in all products, r=keeler 
--HG--
extra : source : 86ec7137a8892f75918c77e605df970f5b96ef62
extra : histedit_source : 33326790804d49e6ec658626116ebf870d94d445
 2014-02-14 14:37:07 -08:00
Brian Smith
6f0d9dfd0a Bug 967153: Update to NSS 3.16 beta 2 (NSS_3_16_BETA2), r=me 
--HG--
extra : source : e7b156a508d35034735e0cb44e5f73d6e8b76cc7
 2014-02-13 16:43:27 -08:00
Brian R. Bondy
c4e16b9b50 Bug 969559 - Set delayed restricted integrity in child process to block off pipe and file access after LowerToken call. r=aklotz 2014-02-14 11:07:16 -05:00
Wes Kocher
ee5da0ab00 Merge m-c to inbound on a CLOSED TREE 2014-02-13 18:50:08 -08:00
David Keeler
30ccf7829f bug 967975 - certificate error override telemetry r=briansmith 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/cmd/BadCertServer.cpp
 2014-02-13 14:53:29 -08:00
Ryan VanderMeulen
41ac0e7e12 Merge m-c to b2g-inbound. 2014-02-13 10:32:21 -05:00
Jed Davis
5ea5299c58 Bug 971370 - Fix seccomp whitelist errors caused by strace bug. r=kang 2014-02-13 09:47:16 -05:00
Guillaume Destuynder
cb244dcc84 bug 948620 - Add env variable MOZ_DISABLE_CONTENT_SANDBOX to disable sandbox at runtime. r=jld 2014-02-13 16:26:28 -08:00
Brian Smith
91ddc1d104 Bug 971178, Part 4: Expand test_intermediates_basic_constraints.js test insanity::pkix, r=cviecco 
--HG--
extra : rebase_source : b419a3087b3d327c9a48d984551abeac4943be7a
 2014-02-11 16:24:45 -08:00
Brian Smith
f1350c0f8f Bug 971178, Part 3: Expand test_certificate_usages.js test insanity::pkix, r=cviecco 
--HG--
extra : rebase_source : 3810925d18767d1b04f8a47004a0ab7a631e5b4b
 2014-02-11 01:42:41 -08:00
Brian Smith
6581563f7a Bug 971178, Part 2: Make test_getchains.js test insanity::pkix, r=cviecco 
--HG--
extra : rebase_source : ff9620bad6b20a84cf179af7ffa7a74f6ffd6640
 2014-02-11 01:42:55 -08:00
Brian Smith
b8f2b8be6a Bug 971178, Part 1: Expand test_cert_signatures.js test insanity::pkix, r=cviecco 
--HG--
extra : rebase_source : 90cf68bdb50b8499aeda3e14c476977db9e43c2a
 2014-02-11 01:42:24 -08:00
Jeff Walden
2619346f9f Bug 969165 - Convert Atomic<T> where T != bool but is used as a bool over to Atomic<bool>, now that it's supported, in security/manager/. r=bsmith 
--HG--
extra : rebase_source : 3632af6471e41d099a0948542d26a7df527efaad
 2014-02-06 22:17:07 -08:00
Camilo Viecco
0bca16e9bd Bug 877376: Add tests for intermediate CA basic constraints and KU/EKU, r=briansmith 
--HG--
extra : rebase_source : b831ab0e459af4ea0f43a1184e32b333f43b2f01
 2013-05-23 10:15:19 -07:00
Brian Smith
84299706e6 Bug 878932, Part 2: Make certificate verification implementation prefs dynamic, r=cviecco 
--HG--
extra : rebase_source : 4b413cfd8e122ee4e0fea64d624285856e2cb0cb
 2014-01-20 15:55:12 -08:00
Brian Smith
bbf60e0ee9 Bug 878932, Part 1: add insanity::pkix as an option for certificate verification, r=keeler, r=cviecco 
--HG--
extra : rebase_source : c1f75dff6ac7f32e082517af701654abebaee250
 2014-02-10 11:41:12 -08:00
Brian Smith
0dd915920a Bug 970512: Remove uninteresting cases for certificate usage verification, r=cviecco 
--HG--
extra : rebase_source : 6df6dcfb39f8b4e2cd063115470af04675c0f768
extra : source : 56e0904260b417ce181e2a35978f6d77e78ef2c2
 2013-10-13 23:34:28 -07:00
Brian Smith
a543241ac1 Bug 969938: Stop adding id-KP-OCSPSigning EKU to CA certificates in tests, r=cviecco 
--HG--
extra : rebase_source : 9f5e42ea788e63fb93e3a37632be12093096e63d
 2014-02-08 21:01:39 -08:00
Brian Smith
5e604d6a4e Bug 921896: Check name constraints in insanity::pkix, r=cviecco, r=keeler 
--HG--
extra : rebase_source : 6d3e77670a5553b477a881609cc30f5f4140294c
extra : source : 2545cd47894a95323b718eb4f82be6d744019c7a
 2014-02-10 15:25:23 -08:00
Brian Smith
0770722ba2 Bug 968359: Allow the direct validation of CA certificates in insanity::pkix, r=keeler, r=cviecco 
--HG--
extra : rebase_source : f27870f2a648ad012d24b99d9e4f85daf17e9397
extra : source : 002e9043461b40a911903258d723c37133dbc79c
 2013-09-13 00:09:08 -07:00