Masatoshi Kimura
40351c3a65
Bug 1094495 - Disable C4480 in security/pkix. r=keeler
2014-11-12 07:41:42 +09:00
Cykesiopka
d10e8aef8f
Bug 1057035 - Fix terminology used in the certificate exception dialog. r=keeler
2014-10-27 21:06:00 -04:00
Masatoshi Kimura
55d966ec5f
Bug 1093595 - Change strings to add a description about weak encryption. r=dolske
2014-11-11 07:29:44 +09:00
Masatoshi Kimura
f4f4964baf
Bug 1093595 - Treat SSL3 and RC4 as broken. r=keeler
2014-11-11 07:29:44 +09:00
Carsten "Tomcat" Book
925df8e984
merge mozilla-inbound to mozilla-central a=merge
2014-11-10 14:24:51 +01:00
ffxbld
818d809dde
No bug, Automated HPKP preload list update from host bld-linux64-spot-144 - a=hpkp-update
2014-11-08 03:20:20 -08:00
ffxbld
a9a58b836b
No bug, Automated HSTS preload list update from host bld-linux64-spot-144 - a=hsts-update
2014-11-08 03:20:17 -08:00
Monica Chew
ccfc8984aa
Bug 1030135: Promote pin for services.mozilla.com to production mode (r=keeler)
2014-11-07 12:00:50 -08:00
Shashank Sabniveesu
c51de0f3e3
Bug 940994 - Adding '.p7b' to 'known file types' list of 'Certificate Manager'. r=keeler
2014-10-07 14:30:00 +02:00
Chris Peterson
23bc91c094
Bug 1095926 - Fix -Wcomment warning in OCSP test and mark some OCSP tests as FAIL_ON_WARNINGS. r=briansmith
2014-10-11 20:13:45 -07:00
Michael Ratcliffe
e2616dda10
Bug 1090913 - Make mochitests fail when it has 0 passes and 0 fails r=jmaher
2014-11-05 16:00:52 +00:00
Jed Davis
c0003b43bf
Bug 1077057 - Expose Linux sandboxing information to JS via nsSystemInfo. r=kang r=froydnj
...
This adds "hasSeccompBPF" for seccomp-bpf support; other "has" keys
will be added in the future (e.g., user namespaces).
This also adds "canSandboxContent" and "canSandboxMedia", which are
absent if the corresponding type of sandboxing isn't enabled at build
type (or is disabled with environment variables), and otherwise present
as a boolean indicating whether that type of sandboxing is supported.
Currently this is always the same as hasSeccompBPF, but that could change
in the future.
Some changes have been made to the "mozilla/Sandbox.h" interface to
support this; the idea is that the MOZ_DISABLE_*_SANDBOX environment
variables should be equivalent to disabling MOZ_*_SANDBOX at build time.
2014-11-06 13:11:00 +01:00
David Keeler
28de902146
bug 1039642 - follow-up to fix non-unified build bustage (missing include and namespace) r=bustage a=metered
2014-11-06 14:23:21 -08:00
David Keeler
a8eff24a19
bug 1039642 - clean up the implementation of nsPkcs11 for style and safety r=jcj r=mmc a=metered
2014-11-05 14:05:46 -08:00
David Keeler
12b9e52c8f
bug 1039642 - test that smart card events are no longer emitted after removing a PKCS#11 module r=jcj r=mmc a=metered
...
--HG--
rename : security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js => security/manager/ssl/tests/unit/test_pkcs11_no_events_after_removal.js
2014-11-05 13:54:21 -08:00
David Keeler
533af6553c
bug 1039642 - stop PKCS#11 module threads before deleting them r=jcj r=mmc a=metered
2014-11-05 13:53:28 -08:00
Jed Davis
eb420073d5
Bug 1093893 - Fix B2G sandbox for ICS Bionic pthread_kill(). r=kang
2014-11-06 11:04:14 -08:00
Chris Peterson
9fa6824ffd
Bug 1092710 - Fix -Wunused-const-variable warning-as-error in non-unified security/certverifier. r=keeler
...
--HG--
extra : rebase_source : c13f7e565c8459263191f9bb16d4221b6f163443
2014-11-01 12:14:41 -07:00
Dragana Damjanovic
2e68ce12bc
Bug 1087213 - Implenent bind function in nsNSSIOLayer. r=honza
2014-10-22 02:06:00 +02:00
Monica Chew
ab81f38ecb
Bug 1004781: Remove unnecessary cert for facebook (r=keeler)
2014-11-04 10:54:26 -08:00
Monica Chew
d16e874df2
Bug 1092606: Don't import Chromium pinsets for domains that are already in our list (r=keeler,jcj)
2014-11-04 10:53:52 -08:00
David Keeler
469763fa53
bug 1079658 - follow-up bustage fix (unnecessary multi-line C++-style comment) r=bustage on a CLOSED TREE
2014-11-03 13:48:48 -08:00
David Keeler
85ea7a8d6f
bug 1079658 - check for the id-pkix-ocsp-nocheck extension when decoding certificates r=briansmith
2014-11-03 11:35:15 -08:00
Bob Owen
6a0cc31276
Bug 1076903: Add a Chromium LICENSE file to security/sandbox/win/src. r=gerv
2014-11-03 15:34:26 +00:00
Chris Peterson
47a64631af
Bug 1092028 - Fix -Wunused-const-variable warning-as-error in security/pkix/test/gtest. r=bsmith
2014-10-30 23:17:27 -07:00
ffxbld
658df753a4
No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update
2014-11-01 03:19:47 -07:00
ffxbld
a9b178b97e
No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update
2014-11-01 03:19:44 -07:00
Garrett Robinson
dae84ffbe6
Bug 846489 - Part 1 - Expose error code on TransportSecurityInfo. r=keeler
2014-10-30 12:50:00 +01:00
Carsten "Tomcat" Book
573a77d7d3
Backed out changeset 5fb2f4662098 (bug 846498) for wrong bug number in commit message
2014-10-31 10:03:53 +01:00
Masatoshi Kimura
72b1c83560
Bug 1088915 - Stop offering RC4 in the first handshakes. r=keeler
2014-10-22 01:11:29 +09:00
Masatoshi Kimura
f4a512a9de
Bug 947149 - Remove useless and even misleading word and dead code. r=keeler, dolske
2014-10-30 15:22:00 +01:00
Garrett Robinson
a0f34fc2ad
Bug 846498 - Expose error code on TransportSecurityInfo. r=keeler
2014-10-30 12:50:00 +01:00
Brian Smith
4d3694c0d4
Reland Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : 3a5e3bc2e113035e9c88b571bac68f3dbe2c8f04
2014-10-28 15:28:38 -07:00
Brian Smith
8839c2c859
Bug 1089104: Add support for TeletexString-encoded CN-IDs to CheckCertHostname, r=keeler
...
--HG--
extra : rebase_source : 320794deae857a574f509b7277ea64576abd37b3
2014-10-29 17:19:45 -07:00
Brian Smith
28b4618c5b
Bug 1089393: Fix hex excape sequences ('\0x' -> '\x') in pkixnames_tests.cpp, r=mmc
...
--HG--
extra : rebase_source : a0136045ce9b957976f8eb2ef8ad6c9eae0a8ad7
2014-10-26 11:29:42 -07:00
Monica Chew
8f6b43d8ca
Bug 1004781: Actually remove the pinset (r=keeler)
2014-10-30 16:21:09 -07:00
Monica Chew
a91d0dffdd
Bug 1004781: Remove our pinset for facebook since it's in chromium now (r=keeler)
2014-10-30 16:14:19 -07:00
David Keeler
6fef1144d0
bug 1085509 - follow-up to include forgotten Telemetry.h header (non-unified build bustage) r=bustage
2014-10-30 13:12:01 -07:00
David Keeler
0b77e828f8
bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj
2014-10-29 16:25:16 -07:00
David Keeler
d44f95a768
bug 1085509 - fix nsCertOverrideService so its initialization doesn't depend on NSS r=mmc
2014-10-24 10:46:30 -07:00
André Reinald
65c17572f5
Bug 1076385 - Sandbox the content process on Mac. r=smichaud
2014-10-30 13:33:17 -05:00
Carsten "Tomcat" Book
591e2dcdee
Backed out changeset b4665be856d7 (bug 1089305) for frequent b2g/android xpcshell test failures
2014-10-30 15:26:02 +01:00
Cykesiopka
c5973cf81a
Bug 1089305 - Switch EV tests to SQL DB and partially clean up scripts. r=keeler
2014-10-29 11:09:00 +01:00
Martin Thomson
c201e39152
Bug 1088950 - Adding some testing. r=dkeeler
2014-10-27 17:48:00 +01:00
Martin Thomson
6c04870460
Bug 1088950 - Fix handling of inappropriate_fallback alert. r=keeler
2014-10-27 17:47:00 +01:00
Mike Hommey
d667f4bb59
Bug 1077148 part 4 - Add and use new moz.build templates for Gecko programs and libraries. r=gps
...
There are, sadly, many combinations of linkage in use throughout the tree.
The main differentiator, though, is between program/libraries related to
Gecko or not. Kind of. Some need mozglue, some don't. Some need dependent
linkage, some standalone.
Anyways, these new templates remove the need to manually define the
right dependencies against xpcomglue, nspr, mozalloc and mozglue
in most cases.
Places that build programs and were resetting MOZ_GLUE_PROGRAM_LDFLAGS
or that build libraries and were resetting MOZ_GLUE_LDFLAGS can now
just not use those Gecko-specific templates.
2014-10-30 13:06:12 +09:00
Brian Smith
5b092d4b63
Back out cset 9b72d139e817 (Bug 1063281, Part 9) due to compatibility regressions on a CLOSED TREE, a=ryanvm
...
--HG--
extra : rebase_source : cd9b43c3f66df3c5de337f2013fe61fae798b3ba
2014-10-28 12:30:53 -07:00
Carsten "Tomcat" Book
ea6d1713dc
Backed out changeset 50650e0f0edf (bug 1085509) for causing perma failure in win7 xperf
2014-10-28 14:10:38 +01:00
Carsten "Tomcat" Book
23247ac4fc
Backed out changeset b591ad43d53e (bug 1085509)
2014-10-28 14:09:44 +01:00
David Keeler
1da7cf8cfd
bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj
2014-10-27 09:32:33 -07:00