wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
270,590 Commits 1 Branch 166 Tags 1.2 GiB
3fd50aae12
Commit Graph

73 Commits

Author SHA1 Message Date
David Keeler
2d03d7ff21 bug 1218515 - flip pinning-test.badssl.com into production mode r=jcj DONTBUILD NPOTB 
pinning-test.badssl.com is a test domain for preloaded HPKP (HTTP Public Key
Pinning - see RFC 7469). By specifying a pinset corresponding to no known keys,
this domain should fail with a key pinning error by default. Also, the
includeSubdomains option is set, so any subdomains should fail as well.
Since Gecko incorporates preloaded pinsets from Chromium, this pinset is already
defined. This patch merely switches it from test mode to production mode (well,
to be more accurate, this patch sets up the input for the automated script that
will make the code change that will put the pinset into production mode).
 2015-10-26 14:39:25 -07:00
Masatoshi Kimura
7417a3ba42 Bug 1215796 - Remove the static fallback whitelist. r=keeler 2015-10-22 21:37:40 +09:00
Carsten "Tomcat" Book
9f1c0bf17d Backed out 2 changesets (bug 1202902) to recking bug 1202902 to be able to reopen inbound on a CLOSED TREE 
Backed out changeset 647025383676 (bug 1202902)
Backed out changeset d70c7fe532c6 (bug 1202902)
 2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book
9eaa0d1abc Backed out 1 changesets (bug 1202902) for causing merge conflicts to mozilla-central 
Backed out changeset cfc1820361f5 (bug 1202902)
 2015-10-07 12:13:45 +02:00
Shu-yu Guo
53a85861c1 Bug 1202902 - Scripted fix the world. 2015-10-06 14:00:31 -07:00
David Keeler
9ef70f3b6f bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin 2015-08-24 15:53:07 -07:00
Wes Kocher
0d0a8a55a8 Backed out changeset a08287c70962 (bug 1203312) for b2g xpcshell failures 2015-09-18 12:53:24 -07:00
David Keeler
e2328c01f5 bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin 2015-08-24 15:53:07 -07:00
Shu-yu Guo
d8faa01cea Bug 1202902 - Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff) 2015-09-15 11:19:45 -07:00
Nick Thomas
92f8a729b5 Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka 2015-09-03 22:07:42 +12:00
Ben Hearsum
18aa36116c bug 1116409: switch update server to sha2 cert; update in-tree pinning. r=rstrong,snorp,mfinkle,dkeeler 2015-08-20 17:50:51 -04:00
David Keeler
8924191348 bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka 2015-05-07 11:06:07 -07:00
David Keeler
f9b93560f0 bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes 
Also remove certificates where notBefore is on or after 1 April 2015.
 2015-04-21 16:07:33 -07:00
David Keeler
5f4152c364 bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes 2015-04-07 17:29:05 -07:00
David Keeler
9019ce9211 bug 1138716 - update PSM data structures that depend on root CA changes r=mmc 2015-03-23 10:36:55 -07:00
Masatoshi Kimura
48405f52be Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler 2015-02-07 13:03:23 +09:00
Monica Chew
43d32595f5 Bug 1101969: Disable pinning on media.mozilla.com (r=keeler) 2014-12-12 09:10:57 -08:00
Monica Chew
28d916edec Bug 1004781: Enable pinning for facebook in production mode (r=keeler) 2014-12-12 09:10:53 -08:00
David Keeler
975927dcc7 bug 1091232 - update PSM data structures that are affected by root CA changes r=mmc 2014-11-18 16:41:18 -08:00
Monica Chew
2d3f38456b Bug 1092606: Filter out duplicate pinsets as well as domains (r=keeler) 2014-11-17 12:54:42 -08:00
Monica Chew
24a5ab6b1d Bug 1098288: Enable pinning on spideroak (r=keeler) 2014-11-14 11:17:40 -08:00
Monica Chew
ccfc8984aa Bug 1030135: Promote pin for services.mozilla.com to production mode (r=keeler) 2014-11-07 12:00:50 -08:00
Monica Chew
ab81f38ecb Bug 1004781: Remove unnecessary cert for facebook (r=keeler) 2014-11-04 10:54:26 -08:00
Monica Chew
d16e874df2 Bug 1092606: Don't import Chromium pinsets for domains that are already in our list (r=keeler,jcj) 2014-11-04 10:53:52 -08:00
Monica Chew
8f6b43d8ca Bug 1004781: Actually remove the pinset (r=keeler) 2014-10-30 16:21:09 -07:00
Monica Chew
a91d0dffdd Bug 1004781: Remove our pinset for facebook since it's in chromium now (r=keeler) 2014-10-30 16:14:19 -07:00
David Keeler
b6b5289217 bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB 2014-10-21 15:20:02 -07:00
J.C. Jones
41b59a8438 Bug 1054498 - Report pinning violations by CA r=keeler 2014-10-17 10:33:50 -07:00
David Keeler
68456b113e bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB 2014-10-06 11:28:15 -07:00
Monica Chew
a012c4b3eb Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler) 2014-10-02 16:45:13 -07:00
David Keeler
e4c17d867b bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc 2014-09-08 09:33:03 -07:00
Monica Chew
6dc1c59d66 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler) 2014-09-05 12:04:26 -07:00
Monica Chew
cbe70c240d Bug 1004781: Enable pinning in test mode for facebook (r=cviecco) 2014-08-27 14:18:25 -07:00
Monica Chew
99125bd7ad Bug 1047560: Enable pinning on dropbox (r=keeler) 2014-08-01 13:12:38 -07:00
Camilo Viecco
1cf5856cb9 Bug 1004353 - Enable pinning for TOR websites. r=mmc 
--HG--
extra : rebase_source : d880368dd9eaaafcde353ce187438ae074994bfa
 2014-07-22 14:28:52 -07:00
Monica Chew
c611beb0e3 Bug 1020485: Enable production mode for fxa (r=keeler) 2014-07-14 13:06:25 -07:00
Monica Chew
7e4c6f1d21 Bug 1036142: Don't use kPublicKeyPinningPreloadListLength (r=keeler) 2014-07-09 12:58:40 -07:00
Monica Chew
085607a75a Bug 1035923: Remove deprecated certs from google_root_pems (r=keeler) 2014-07-08 16:01:29 -07:00
Monica Chew
9e4228ecad Bug 1027133: Set test_mode=false for *.twitter.com (r=keeler) 2014-07-07 08:58:13 -07:00
Harsh Pathak
fffec87019 Bug 643041 - Merge nsIX509Cert2 and nsIX509Cert3 into nsIX509Cert, and merge nsIX509CertDB2 into nsIX509CertDB. r=keeler 
--HG--
extra : rebase_source : 5283c637e45dbee9f741d56cda54fdef1afce16e
 2014-07-03 22:09:24 -07:00
Monica Chew
92f36e6b6f Bug 1033872: Split off api.accounts.firefox.com into a separate pinset (r=keeler) 2014-07-03 16:41:57 -07:00
Monica Chew
9afcf9b174 Bug 1012875: Expire pins in 8 weeks once they reach stable (r=keeler) 2014-07-02 11:34:04 -07:00
Monica Chew
2c60d2032e Bug 1027133: Enable test mode for *.twitter.com (r=keeler) 2014-06-18 16:23:13 -04:00
Monica Chew
fe6ce09033 Bug 1004352: Enable pinning for Google in production mode (r=keeler) 2014-06-11 15:32:37 -07:00
Monica Chew
291d694626 Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Monica Chew
d5ba5c9bc8 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Camilo Viecco
2883e1d4ea Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc 
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
 2014-05-27 10:53:40 -07:00
Monica Chew
c21cc7a85f Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
f87b89298d Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00
Camilo Viecco
4eff7cf088 Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler 
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
 2014-05-15 08:04:54 -07:00