wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
173,499 Commits 1 Branch 166 Tags 1.2 GiB
4c125b49c6
Commit Graph

1806 Commits

Author SHA1 Message Date
Daniel Holbert
98cc83dce4 Bug 968338 followup: Add missing #include for unused.h. (bustage fix on a CLOSED TREE) 2014-02-05 14:14:54 -08:00
Daniel Holbert
c090e300a5 Bug 968338: Pass unused-in-some-build-configurations variable 'mFdForLogging' to mozilla::unused, to suppress clang warning in SSLServerCertVerification.cpp. r=bsmith 2014-02-05 13:39:27 -08:00
Daniel Holbert
fc607da413 (no bug) Fix a few DOS newline characters in SSLServerCertVerification.cpp. (no review, whitespace-only) 2014-02-05 13:39:26 -08:00
David Keeler
a5d4a05b2c bug 860076 - remove SkipOcsp/SkipOcspOff r=briansmith 
--HG--
rename : security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js => security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
 2014-02-04 16:13:47 -08:00
David Keeler
7748def053 bug 967629 - don't release any nsNSSShutDownObject in any destructorSafeDestroyNSSReference r=cviecco 2014-02-04 16:14:51 -08:00
Brian Smith
1b1969c34c Bug 891066, Part 8: Add stapled OCSP response to CertVerifier, r=cviecco 
--HG--
extra : rebase_source : ffe0762228d1217cb51e2f8fad2e0605d7d61344
extra : source : f721d60b6bf74467381590457ce3542f83a2f43a
 2013-09-27 19:53:36 -07:00
Brian Smith
8d1ce51125 Bug 891066, Part 7: Give CertVerifier its own NSPR logging module, r=cviecco 
--HG--
extra : rebase_source : a6b38c4026fe70c9789cbe4830df57c943382f5b
extra : source : 591daff856840016c979ed9b4fdbed4ed68f22a6
 2013-07-10 23:47:09 -07:00
Brian Smith
7a10c3c09e Bug 891066, Part 6: Move SSL server cert verification logic to security/certverifier, r=cviecco 
--HG--
extra : rebase_source : e30b5b46e075c52651bb5320b17660f85a50abbb
extra : source : ef41444d0a7d1f6697c7a4d431fffe8db1724605
 2013-07-08 16:30:59 -07:00
Brian Smith
4ad841d213 Bug 891066, Part 5: Switch to security::pkix::ScopedCERTCertList, r=cviecco 
--HG--
extra : rebase_source : 59015f864e612f18a2f7bb62092b692ae8d47853
extra : source : 31f68b8a192b45720fe931176cdc0565e8c6fd80
 2014-01-22 17:13:19 -08:00
Brian Smith
08a97151f0 Bug 733454: Remove hard-coded blocklisting in PSM for Comodo and DigiNotar, r=cviecco 
--HG--
extra : rebase_source : 3a3ab5246bd6e2af4a0952c64181cad6feb5c424
extra : source : 2e540dd35edfa0ef3549ed4dd8f0b15b57cb2806
 2013-07-01 11:39:16 -07:00
Brian Smith
2ded1d0f58 Bug 891066, Part 4: Fix indention, r=me, a=whitespace-only 
--HG--
extra : rebase_source : 0b9dad2a331b729f614b9b3ee29793a3c89ae053
extra : source : 651a8ef41d0611f0dbc72cbd663071958fea649b
 2013-09-19 13:39:36 -07:00
Brian Smith
72d2c2836a Bug 891066, Part 3: Move more initialization of NSS to security/certverifier, r=keeler 
--HG--
extra : rebase_source : 33aad105028f849d0bbe1c37b60eab50f2f22c88
 2014-01-20 22:10:33 -08:00
Brian Smith
c82641564b Bug 891066, part 2: Move CertVerifier to security/certverifier, r=keeler 
--HG--
extra : rebase_source : dd59a391825b776b075e855660c2488105e2d741
 2014-01-26 19:36:28 -08:00
Brian Smith
5a83bd1831 Bug 891066, Part 1: Remove CertVerifier's dependency on nsNSSComponent, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 3242f78d6d4d68080997dd56dae1fd0675750d5e
extra : source : 965c9f30e9b87e418bbf6ab43657257e94992223
 2014-01-19 14:05:40 -08:00
Brian Smith
66b7c5ca69 Bug 961454: Clean up whitespace in key PSM files, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 53f14cc6f97814eb9913a1ddad1a19631e2af08a
 2014-01-21 17:30:44 -08:00
Camilo Viecco
4498164db8 Bug 916632 (insanity::pkix::ScopedPtr), Part 3: Work around old GCC's lack of nullptr, r=briansmith 
--HG--
extra : rebase_source : 4b212aad2968101717be1e2af9f17d54939bba46
extra : source : 39a083dfd00dd95fafd6444e9ea69ff1257e5eca
 2013-06-28 16:16:56 -07:00
Brian Smith
d13593cc3e Bug 916632 (insanity::pkix::ScopedPtr), Part 2: Add insanity::pkix's pkixtypes.h, r=cviecco 
--HG--
extra : rebase_source : a621a91751a57117a02696e9159e9cedc40883ff
extra : source : 04a20c24c869c848a191d0553f636fe27fe88ee8
 2013-07-08 12:30:32 -07:00
Brian Smith
c721012fa3 Bug 916632 (insanity::pkix::ScopedPtr), Part 1: Add insanity::pkix::ScopedPtr, r=cviecco 
--HG--
extra : rebase_source : 57180ed742a0ae16ea662ce2fdf1f79bad0f8dda
extra : source : e92633f954bcff92b47621337b3c8d8ad83ac543
 2013-09-05 02:01:58 -07:00
ffxbld
b5cf19e90e No bug, Automated HSTS preload list update from host bld-centos6-hp-006 - a=hsts-update 2014-01-25 03:14:57 -08:00
David Keeler
6596163a36 bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings 2014-01-21 16:47:47 -08:00
Jed Davis
7533caa9fa Bug 960365 - Whitelist uname for nsSystemInfo. r=kang 2014-01-21 15:48:00 -05:00
Ms2ger
64eb61d698 Merge latest PGO-green changeset from inbound to central. 2014-01-20 09:30:38 +01:00
Ms2ger
87874d98a0 Bug 956015 - Add an infallible nsIDocShellTreeItem::ItemType; r=bz 2014-01-20 08:58:26 +01:00
Brian Smith
ebb03d43dc Bug 952874: Fix telemetry for RSA/DHE key sizes of 1025-1280 bits and fix misspelling, r=keeler 2014-01-18 17:59:24 -08:00
Brian Smith
f4c7310a0a Bug 950858: Make cipher suite telemetry code less crash-prone, r=keeler 2014-01-18 16:52:16 -08:00
Phil Ringnalda
685a462788 Merge m-i to m-c 2014-01-18 15:17:10 -08:00
ffxbld
c465e6b79b No bug, Automated HSTS preload list update from host bld-linux64-ec2-438 - a=hsts-update 2014-01-18 03:20:19 -08:00
Brian Smith
6c098e07ae Bug 960714: Make NPN and ALPN prefs dynamic, r=keeler, r=mcmanus 
--HG--
extra : rebase_source : 42ff8c05b682e755d51ec79e2cb26db7cedd382f
 2014-01-16 21:38:59 -08:00
David Keeler
d104dacc3d bug 960723 - fix failingOCSPResponder in test_ev_certs.js r=briansmith 2014-01-16 13:18:38 -08:00
Patrick McManus
0022417aa6 Bug 890994: ALPN support for Gecko, r=briansmith 2014-01-14 15:34:23 -05:00
Brian Smith
c9817eea2c Bug 958916: Update NSS to NSS 3.15.5 beta 2 (NSS_3_15_5_BETA2) plus private patch for bug 950129, CLOBBER, r=me 
--HG--
extra : rebase_source : a0a28ba744ecf81510a4c5bec3a353e4fe275f5a
extra : amend_source : e8b89e0560fc75de5557b8e4543269363f417132
 2014-01-16 13:18:55 -08:00
Wes Kocher
910f68552b Backed out changeset 8526c7a38761 (bug 951354) for CPP unittest bustage 2014-01-17 17:50:17 -08:00
David Keeler
8b98fb7c40 bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings 2014-01-17 16:22:51 -08:00
Raymond Etornam Agbeame(:retornam)
ea4943cf98 Bug 950169 - remove unused arguments for LogInvalidCertError r=keeler 2014-01-17 11:57:57 -08:00
David Keeler
bc64055426 bug 950240 - don't do DV fallback for nsIIdentityInfo.isExtendedValidation r=briansmith 2014-01-17 11:04:09 -08:00
David Keeler
89f4802006 bug 947759 - unconditionally add Google sites to the HSTS preload list r=cviecco DONTBUILD NPOTB 2014-01-15 11:22:06 -08:00
David Keeler
33883e0b33 bug 959796 - refactor error reporting in getHSTSPreloadList.js r=cviecco DONTBUILD NPOTB 2014-01-15 11:20:55 -08:00
Brian Smith
2ff1459932 Bug 923304, Part 2: Adjust EV tests, r=keeler 
--HG--
extra : rebase_source : f0cfd0089a99dddd8852e0613bc2a31e5c12b1de
 2014-01-14 15:22:09 -08:00
Brian Smith
a7976fde43 Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith 
--HG--
extra : rebase_source : 7cafe0781563382c2221e865201beb023fea3628
 2014-01-13 02:33:08 -08:00
Brian Smith
1b3316007b Bug 950129: Make OCSP fetching policy for OCSP response signing certificates consistent, r=wtc, r=rrelyea 
--HG--
extra : rebase_source : 2369fcd80eb6ed5ec7e96657cdf8b43514c8357b
 2014-01-12 23:13:10 -08:00
David Keeler
e035c31de9 bug 957368 - standardize and simplify nsNSSShutDownObject implementations r=cviecco r=briansmith 2014-01-14 09:28:43 -08:00
Garrett Robinson
c3275ebb9b Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap 2014-01-02 11:14:06 -08:00
Brian Smith
ed544d4449 Bug 957667: Decouple OCSP stapling pref from the OCSP fetching pref, and couple the OCSP required pref to the OCSP fetching pref, r=keeler 
--HG--
extra : rebase_source : 86cb86f76f4def579fcf07e479025852849c34f8
extra : source : 08115711a4e6e77971c9e872fb6c68e88ac9693e
 2014-01-08 08:51:06 -08:00
Brian Smith
c2e23acd65 Bug 959026: Add telemetry about cases where we don't do OCSP fetching when we expect to, r=keeler 
--HG--
extra : rebase_source : f7e9826569325f497273a92eec5127c414baa8bc
extra : source : bb5bb5a1b571e54695a4c8d5be0cc447f29f0358
 2014-01-12 19:31:40 -08:00
Ryan VanderMeulen
e0cdbb419c Backed out changesets 1b892043a386 and 0e14b3468b94 (bug 923304) and changeset 2e2c276950b9 (bug 950129) for xpcshell failures. 2014-01-13 18:00:34 -05:00
Ryan VanderMeulen
5b8b6a8f8d Merge inbound to m-c. 2014-01-13 17:44:24 -05:00
Brian Smith
8887393fc8 Bug 923304, Part 2: Adjust EV tests, r=keeler 
--HG--
extra : source : 97bf218ac3bb44e81074ca95877ca8b6414265b3
 2013-12-28 11:28:49 -08:00
Brian Smith
be7e34fa15 Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith 
--HG--
extra : source : e7afcba6743e40755d28a296b00c395392864657
 2014-01-13 02:33:08 -08:00
Brian Smith
a8e7597704 Bug 950129: Make OCSP fetching policy for OCSP response signing certificates consistent, r=wtc, r=rrelyea 
--HG--
extra : source : 44afac41de6a81c1e4430afa10e6f2836599ecd8
 2014-01-12 23:13:10 -08:00
Brian Smith
3ea6c2482c Bug 958916: Update to NSS 3.15.5 beta 1 (NSS_3_15_5_BETA1), r=me 
--HG--
extra : rebase_source : 19606540e96bd00b737bc9c5782f8c445e006189
 2014-01-12 22:09:19 -08:00
Patrick McManus
0685b54dce bug 951199 - Interface for Socket Level Access to TLS Version Used r=dkeeler r=bsmith 2013-10-09 17:21:48 -07:00
Nemina Amarasinghe
9f41b1dc13 Bug 946075 - Remove extra space from ssl_error_bad_cert_domain error message contains in TransportSecurityInfo.cpp. r=dkeeler 2014-01-13 09:28:14 -05:00
Brian Smith
72db018702 Bug 957665: Add telemetry to measure how many people have OCSP enabled, r=keeler 
--HG--
extra : rebase_source : e6dd0d7d06ce0eb5b2f34a77a851dd7c0655ac3e
 2014-01-08 08:59:53 -08:00
Jed Davis
66de476356 Bug 945330 - Reword and slightly improve sandbox violation log message. r=kang 
The main goal is to have a message that unambiguously indicates a crash,
so mozharness can grep for it even if some of the details change later.

Also now includes the entire argument list; most syscalls don't use all
six, so the last few will be meaningless, but it can't hurt to log them.
 2014-01-10 08:22:58 -05:00
David Keeler
096e214cda bug 950268 - fix leak in nsCertTree::GetDispInfoAtIndex r=cviecco 2014-01-09 10:02:08 -08:00
Phil Ringnalda
2dc3add1e1 Back out 2e7e2de7b13e (bug 948574) for b2g mochitest crashes 
CLOSED TREE
 2014-01-07 21:10:23 -08:00
David Keeler
aac3b15929 bug 948574 - remote nsISiteSecurityService::IsSecureURI r=bz 2014-01-07 11:31:30 -08:00
Brian Smith
f0f24a2b99 Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 2014-01-06 14:45:35 -08:00
Brian Smith
43a255861c Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 2014-01-06 14:41:04 -08:00
Wes Kocher
20cc701976 Backed out changeset 75e5396d0847 (bug 933109) for xpcshell bustage 2014-01-06 17:50:53 -08:00
Wes Kocher
09a8dbc4f3 Backed out changeset b8f1b1cfc9e2 (bug 952876) 2014-01-06 17:50:23 -08:00
Brian Smith
99123214eb Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 
--HG--
extra : rebase_source : d83e4b3681b36616441e6fd412969998a19eae4c
extra : amend_source : 475bff5dd333fb54729fdace0f295c6e026c5a18
 2014-01-06 14:45:35 -08:00
Brian Smith
a25f2cd58a Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 
--HG--
extra : rebase_source : 4e73c5812e75adf053f2158a88a6a8e58307c9d7
 2014-01-06 14:41:04 -08:00
David Keeler
680bbd6bf9 bug 951354 - nsNSSCertificateDB: call shutdown(calledFromObject) in destructor r=cviecco a=abillings 2013-12-19 11:45:50 -08:00
Brian Smith
10dd7b3feb Bug 898431: Update NSS to NSS 3.15.4 RTM (NSS_3_15_4_RTM), r=me 2014-01-06 14:31:01 -08:00
Ehsan Akhgari
eaa7491d77 Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc 
This patch was automatically generated by the following script:

#!/bin/bash
# Command to convert PRUnichar to char16_t

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*modules/libmar*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name prtypes.h \
       ! -name Char16.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert PRUnichar char16_t
 2014-01-04 10:02:17 -05:00
ffxbld
22362e6e5e No bug, Automated HSTS preload list update from host bld-linux64-ec2-441 - a=hsts-update 2014-01-04 03:20:04 -08:00
ffxbld
b92f8f2b94 No bug, Automated HSTS preload list update from host bld-linux64-ec2-018 - a=hsts-update 2013-12-28 03:23:00 -08:00
Brian Smith
aaf3ce6a0c Bug 898431: Update NSS to NSS 3.15.4 beta 10 (NSS_3_15_4_BETA10), r=me 2013-12-21 23:15:41 -08:00
ffxbld
f89f747b7d No bug, Automated HSTS preload list update from host bld-centos6-hp-016 - a=hsts-update 2013-12-21 03:14:20 -08:00
Wan-Teh Chang
5e5f586850 Bug 898431: Update NSS to NSS_3_15_4_BETA9. Includes the fixes for 
bug 946147, bug 930874, bug 930857, bug 934545, bug 915408.
 2013-12-20 12:01:06 -08:00
Gregory Szorc
461b5aef7e Bug 774572 - Part 2: Define JAR_MANIFESTS in moz.build files; r=glandium 
Every directory with a jar.mn now has JAR_MANIFESTS defined in its
moz.build file.

We also removed the may_skip special consideration of jar.mn files
because this information is now available during tier traversal by the
reader courtesy of the variables being present in moz.build files.

--HG--
extra : rebase_source : 21049b15e6bd9cf65b0805ccaccc4ba5aae93c98
extra : amend_source : 0b1ea866d725beef92d37c6f6d475369ac002e19
 2013-12-10 16:18:11 +09:00
David Keeler
c5f0099402 bug 887321 - initial OCSP stapling telemetry r=briansmith 2013-12-16 09:32:16 -08:00
Trevor Saunders
c2b2fcd3d4 bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj 2013-12-12 20:50:01 -05:00
Raymond Etornam Agbeame
da8a721108 Bug 945857: Remove the security.fresh_revocation_info.require preference, r=briansmith 2013-12-16 00:09:21 -08:00
Phil Ringnalda
5ee23c4e72 Merge m-i to m-c 2013-12-14 18:20:38 -08:00
ffxbld
42f84b1ce9 No bug, Automated HSTS preload list update from host bld-linux64-ix-037 - a=hsts-update 2013-12-14 03:18:03 -08:00
David Keeler
d1f818ce71 bug 950253 - fix typo in getHSTSPreloadList.js r=briansmith DONTBUILD because NPOTB 2013-12-13 16:06:54 -08:00
Bobby Holley
c2e3e33a71 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-11 17:51:58 -08:00
Camilo Viecco
b0f3888e35 Bug 938046 - Part 4. Tests for consistency of getchain and getissuer. r=dkeeler 2013-11-21 13:50:51 -08:00
Camilo Viecco
a07ba7e581 Bug 938046 - Part 3. Iterate only through valid users on getchain r=dkeeler 2013-12-11 13:04:07 -08:00
Camilo Viecco
77096198a8 Bug 938046 - Part 2. Get issuer uses getchain to comput issuer. r=dkeeler 2013-11-21 13:50:49 -08:00
Camilo Viecco
51cef268f7 Bug 938046 - Part 1. Iterate through variable not over const. r=dkeeler 2013-11-21 13:45:20 -08:00
Cykesiopka
e99144de83 Bug 910986 - Fix cert trust editing in People tab of Cert Manager. r=dkeeler 2013-12-10 10:36:47 -05:00
Cykesiopka
ba5e405f42 Bug 539710 - Use char16_t ',' instead of NS_LITERAL_STRING in nsNSSCertificate.cpp. r=dkeeler 2013-12-10 10:36:31 -05:00
Ryan VanderMeulen
6428c27a28 Merge b2g-inbound to m-c. 2013-12-09 17:26:11 -05:00
Camilo Viecco
aa87748fe0 Bug 936808 - Serialize calls to PK11 routines in SSLServerCertVerification. r=briansmith 2013-12-09 09:12:47 -08:00
Birunthan Mohanathas
58325c73be Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo 
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
 2013-12-08 21:52:54 -05:00
Brian Smith
0e8edd9c27 Bug 942152, r=dkeeler, r=honzab 
--HG--
extra : rebase_source : 7f0bab4efa26e9c185b29fdb14d846035147fd2f
 2013-12-05 20:33:49 -08:00
Phil Ringnalda
d1ba8751f2 Back out 35371620801a:bf2019278b77 (bug 937317) for gaia-ui-test bustage and frequent timeouts in its own test 2013-12-07 11:08:56 -08:00
ffxbld
dd3d7e5194 No bug, Automated HSTS preload list update from host bld-linux64-ec2-351 - a=hsts-update 2013-12-07 03:22:31 -08:00
Camilo Viecco
b36ae4ace0 Bug 945349 - CertVerifier should check early for bad usages. r=briansmith 2013-12-06 13:42:44 -08:00
Vicamo Yang
e6144af740 Bug 944625 - B2G Emulator-x86: fix undeclared __NR_socketpair, __NR_sendmsg. r=kang,jld 2013-12-09 21:02:54 +08:00
Bobby Holley
9fc70d3f91 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-06 12:01:42 -08:00
Raymond Etornam Agbeame
8cc419fcda Bug 945855: Remove the security.first_network_revocation_method pref, r=briansmith 
--HG--
extra : rebase_source : e416ba1e78f95234d403c078ad81b5fddcce947a
extra : amend_source : 7adbe291df748b5a6d1f1122573e862bdc5f5f11
 2013-12-06 00:55:17 -08:00
Cykesiopka
9358ea030d Bug 945851: Remove pref for showing dialog box when NSS initialization fails, r=briansmith 
--HG--
extra : rebase_source : 1142d1775b8846e8bd46109affc62df262e598d4
 2013-12-06 00:12:08 -08:00
Carsten "Tomcat" Book
abe0ad0b33 Backed out changeset 374e44c835a8 (bug 937317) WinXP Build Bustage on a CLOSED TREE 2013-12-06 08:41:42 +01:00
Chris Peterson
f452a29d81 Bug 946116 - Remove unused isResumedSession variable from nsNSSCallbacks.cpp. r=bsmith 2013-12-03 21:07:29 -08:00
Bobby Holley
f6b033e681 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-05 21:34:17 -08:00
Camilo Viecco
34263e81e7 Bug 585122 - In PSM provide EV only with OCSP revocation (Part 2: tests). r=briansmith. 2013-12-02 11:12:21 -08:00
Camilo Viecco
c739891ca3 Bug 585122 - Part 1. EV do not request CRL. r=briansmith. 2013-12-02 11:08:06 -08:00
Brian Smith
5fa69b9909 Bug 898431: Update to NSS 3.15.4 beta 8 (NSS_3_15_4_BETA8), r=me 2013-12-05 07:27:11 -08:00
Brian Smith
b4cbaae1e8 Bug 898431: Update to NSS 3.15.4 beta 7 (NSS_3_15_4_BETA7), r=me 
--HG--
extra : rebase_source : 51f5e01db5d8dec46f341e217fa2ba97382c723c
extra : amend_source : 04d8a9e4a861228c217b9d766cd8781d49ed496f
 2013-12-04 20:51:58 -08:00
Brian Smith
171a474447 Bug 898431: Update NSS to NSS 3.15.4 beta 6 (NSS_3_15_4_BETA6), r=me 
--HG--
extra : rebase_source : 9f497ceb1c74fbf15938171229f5a7339e277333
 2013-12-03 20:04:07 -08:00
Steffen Wilberg
afa04fdd55 Bug 945871: Remove the security.ssl3.ecdh_* preferences, r=briansmith 
--HG--
extra : rebase_source : 39f680c48ae198263af61b8c2cc07bdb7dc829a7
 2013-12-03 18:56:33 -08:00
Jed Davis
20acfb65e6 Bug 943774 - Allow sigaction when sandboxed, for the crash reporter. r=kang 2013-12-03 18:45:17 -05:00
Ryan VanderMeulen
b4210fd49d Merge m-c to inbound. 2013-12-03 17:42:20 -05:00
Mike Hommey
698ec7f351 Bug 937005 - Make the original fix actually do something. r=ted 2013-12-04 07:15:40 +09:00
Cykesiopka
35f92f48db Bug 915937 - Cleanup #defines in nsNSSComponent.cpp and change them to static consts. r=bsmith 2013-12-03 15:23:27 -05:00
Nathan Froyd
c8cd69967e Bug 942109 - constify PLDHashTableOps in security/manager/; r=briansmith 2013-11-20 13:42:08 -05:00
Camilo Viecco
2137788b8d Bug 942918 - remove ev tests that use crl for revocation check. r=dkeeler 2013-12-02 15:20:24 -08:00
Mike Hommey
06d6d3c5cf Bug 943728 - Replace double quotes with single quotes in Makefiles (or remove them when it makes sense). r=mshal 2013-12-03 06:34:21 +09:00
Brian Smith
6b2b8a9641 Bug 945195: Do insecure fallback from TLS 1.0 to SSL 3.0 when we receive a FIN during the initial handshake, r=honzab 
--HG--
extra : rebase_source : d10091aea21f7d552f682d54383bf43ece7633ed
 2013-12-02 10:48:06 -08:00
Ajitesh Gupta
6f00ca55f4 Bug 917047: Remove the security.enable_md5_signatures pref, r=briansmith 
--HG--
extra : rebase_source : ae721bc7f91b399e61c2efb869e15ab902c810e0
 2013-11-19 16:05:26 -08:00
ffxbld
a4de354c45 No bug, Automated HSTS preload list update from host bld-linux64-ec2-170 - a=hsts-update 2013-11-30 03:19:19 -08:00
Ms2ger
554db665e5 Bug 937258 - Part a: Remove empty makefiles; r=gps 2013-11-28 15:25:40 +01:00
Mike Hommey
fdd3247a81 Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-27 22:55:07 +09:00
Mike Hommey
2f727b6d62 Backout changeset 3fd4b546eed4 (bug 874266) and changeset a35d2e3a872f (bug 942043) for ASAN build bustage and Windows test bustage 
--HG--
extra : amend_source : f20d09aeff1c8b5cbd0f1d24c7ce04e86f3aed1d
 2013-11-28 14:24:05 +09:00
Mike Hommey
b038245b8d Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-28 13:08:16 +09:00
Camilo Viecco
cc2c2b9dce Bug 917380 - part2 - test ensure disabled ev root certs remain untrusted. r=briansmith 2013-10-29 14:56:34 -07:00
Camilo Viecco
c4047ca4df Bug 917380 - Part 1 - Add filters for EV root list. r=briansmith 2013-10-21 14:27:46 -07:00
Camilo Viecco
fafb89e70a Bug 927016 - Create EV testsuite in xpcshell. r=keeler 2013-11-21 13:40:31 -08:00
Brian Smith
c55f12589a Bug 898431: Update NSS to NSS 3.15.4 beta 5 (NSS_3_15_4_BETA5), r=me 2013-11-26 20:21:14 -08:00
David Keeler
0e2eda840f bug 929617 - disregard expired stapled OCSP responses, acquire fresh ones r=briansmith 2013-11-25 15:40:11 -08:00
David Keeler
32fea093c6 bug 943115 - return early in CreateCertErrorRunnable for non-overridable errors r=briansmith 2013-11-26 13:49:47 -08:00
Patrick McManus
8703982b00 Bug 942729, Part 2: Remove unused expected symmetric cipher mechanism, r=briansmith 
--HG--
extra : rebase_source : 9630808b663d6a670c2e45d242177a640817f2ee
 2013-11-25 18:12:40 -05:00
Brian Smith
be4eff2cb2 Bug 942729, Part 1: Re-enable TLS False Start, r=mcmanus 
--HG--
extra : rebase_source : 9908b1cbc3a30e9868739a10a705de8dbf30c5e1
 2013-11-20 13:49:33 -08:00
Ehsan Akhgari
337645b04f Bug 942033 - Build security/manager in unified mode; r=bsmith 
--HG--
extra : rebase_source : d48b78001772e0421a6dfc2ecd204434c33cd2d4
 2013-11-26 13:18:21 -05:00
Mike Hommey
21281c6e45 Bug 940407 - Kill GTEST_SOURCES. r=gps 2013-11-26 11:48:58 +09:00
Brian Smith
9db88e9951 Bug 898431: Update NSS to NSS 3.15.4 beta 4 (NSS_3_15_4_BETA4), r=me 
--HG--
extra : rebase_source : 72f78bad585cdb1e09b5ebd1f7d0ba0e713de677
 2013-11-25 17:08:17 -08:00
Brian Smith
ee891102ba Bug 942728 - Fix telemetry for cipher suites and crypto algorithms andkey sizes, r=keeler, a=lsblakk 
--HG--
extra : rebase_source : bd0bc0d67fe811612df4210b2b5e19f1d5eca5a0
 2013-11-21 13:35:23 -08:00
Phil Ringnalda
97612f7853 Merge m-i to m-c 2013-11-23 08:18:35 -08:00
ffxbld
ca18e83f44 No bug, Automated HSTS preload list update from host bld-linux64-ix-034 - a=hsts-update 2013-11-23 03:17:46 -08:00
David Keeler
643c22e742 bug 909044 - make generate_certs.sh work on windows r=briansmith DONTBUILD NPOTB 2013-11-22 11:03:34 -08:00
Camilo Viecco
d1fb9a6dca Bug 938805 - Create standalone oscpResponseGenerator for testing. r=keeler 2013-10-29 14:02:35 -07:00
Richard Newman
265a98b711 Bug 935831 - Back out Bug 927230 for Android 2.3 startup crash, r=briansmith 
--HG--
extra : rebase_source : 5b8ff8da93a882d6c8303c26d234ad63b748389c
 2013-11-20 17:05:55 -08:00
Brian Smith
ee410db68b Bug 898431: Clean up security/patches to remove references to the private false start patch that is no longer applied, r=me, a=NPOTB 
--HG--
extra : rebase_source : 94ee34c96357666e6c6d266fe9029af1d977a940
 2013-11-20 17:05:24 -08:00
Christoph Kerschbaumer
2360074175 Bug 935111 - Enable seccomp-bpf for Linux. r=jld 2013-11-19 16:09:18 -08:00
Patrick McManus
75afee68ad bug 802649 network priority for ocsp r=bsmith r=honzab 
--HG--
extra : rebase_source : 17554ab7627e1d42a4736078254f94f36cf9c48b
 2013-11-20 09:57:56 -05:00
Camilo Viecco
9cb0490825 Bug 912155 - Adding new interface in nssCertifcateDB for testing. r=bsmith 2013-11-11 16:37:06 -08:00
Mike Hommey
931cb49886 Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps 
Landing on a CLOSED TREE.
 2013-11-19 11:50:54 +09:00
Mike Hommey
db9e5129bc Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps 2013-11-19 11:48:10 +09:00
Mike Hommey
636b672657 Bug 914245 - Move FORCE_SHARED_LIB to moz.build. r=mshal 2013-11-19 11:47:45 +09:00
Mike Hommey
b18be7aacd Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal 2013-11-19 11:47:43 +09:00
Mike Hommey
f0d1cd1e10 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Mike Hommey
f81885e53b Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps 2013-11-19 11:47:14 +09:00
Camilo Viecco
15af5c4f84 Bug 935769: Fix shutdown locks for nssCerList and nssCertListEnumerator. r=bsmith 2013-11-11 15:16:45 -08:00
Landry Breuil
df1158db14 Bug 939498 - Properly include <algorithm> for std::max. r=bsmith 2013-11-18 11:04:13 +01:00
Brian Smith
2356f6f87a Bug 901718, Part 2: fix comment, r=me 2013-11-17 14:00:00 -08:00
Brian Smith
4ef7fa66b2 Bug 934663 followup: fix unused variable warning, r=me 
--HG--
extra : rebase_source : e343b569df4d313f0f5f65fc82de99b9ea5b2ba9
 2013-11-17 13:53:18 -08:00
Brian Smith
f878be4b6e Bug 901718: Remove TLS intolerance fallback from TLS 1.0 to SSL 3.0 for connection resets, r=honzab 
--HG--
extra : rebase_source : 304e73126b66ae2e1a9fa6ae4c0cc3fa803aaac0
 2013-11-17 13:51:37 -08:00
Brian Smith
4cc114fd5f Bug 898431: Update to NSS 3.15.4 beta 3 (NSS_3_15_4_BETA3), r=me 
--HG--
extra : rebase_source : a6dd976f23ebdd33dcf6fd26e4752ddb2bbc5363
 2013-11-17 13:50:25 -08:00
Brian Smith
600d22739e Bug 707275, Part 2: Add telemetry for cipher suites and key sizes, r=keeler 
--HG--
extra : rebase_source : bd5f91877de357b415b6f143eccc87434d72db2b
 2013-11-17 13:47:30 -08:00
Brian Smith
65c5b66328 Bug 707275, Part 1: Add telemetry for TLS intolerance, r=keeler 
--HG--
extra : rebase_source : 8331f1486ad764838812ea500742a97fbc025858
 2013-11-17 13:47:23 -08:00
Tom Schuster
f052cdba92 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Ms2ger
29adada2a2 Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage. 2013-11-17 16:39:25 +01:00
Tom Schuster
a12aa024e6 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Mike Hommey
e834fb4bc2 Bug 937005 - Install folded import library in the SDK. r=bsmedberg 2013-11-16 13:39:01 +09:00
Chris Peterson
e85861c8cb Bug 937459 - Remove unused private fields from nsNSSSocketInfo class. r=briansmith 2013-11-11 14:06:29 -08:00
Garrett Robinson
f36f81f792 Bug 932116 - Allow copying certificate viewer text. r=dkeeler, r=bsmedberg 2013-11-13 17:39:48 -08:00
Brian Smith
60bd09c93f Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco 
--HG--
extra : rebase_source : 4452d8959f22152512ed428184726c9834f6e4c3
 2013-11-12 18:28:20 -08:00
Brian Smith
5cce2d3d3f Bug 898431: Update NSS to NSS 3.15.4 beta 2 (NSS_3_15_4_BETA2) again, r=me 
--HG--
extra : rebase_source : 52c384c2f55da38d9576414a3c6e07427abd7000
 2013-11-12 18:26:49 -08:00
Brian Smith
7007178a15 Bug 937721, Part 3: Back out cset 61fb80e560de (NSS_3_15_4_BETA1, bug 898431), r=kaie 2013-11-12 11:45:48 -08:00
Brian Smith
e529563450 Bug 937721, Part 2: Back out cset 61fb80e560de (NSS_3_15_4_BETA2, bug 898431), r=kaie 
--HG--
extra : rebase_source : 9b588bc5ba6e6a8ddd630e22ddf27667d6951edd
 2013-11-12 11:27:59 -08:00
Brian Smith
1e15b44fa5 Bug 937721, Part 1: Back out cset 8dbd3f432835 (bug 932176), r=kaie 
--HG--
extra : rebase_source : 80f4b7ee7e4f77ef92cb42e6163f95074d68d306
 2013-11-12 11:25:55 -08:00
David Keeler
979f562dfd bug 932519 - (3/3) add an optional additional cert name as a parameter to GetOCSPResponseForType r=cviecco r=briansmith 2013-11-11 13:36:29 -08:00
David Keeler
3189c3e838 bug 932519 - (2/3) rename OCSP response generation test code to remove "stapling" r=cviecco r=briansmith 2013-11-11 13:42:35 -08:00
David Keeler
373b5ea9bf bug 932519 - (1/3) move common OCSP response generation test code for refactoring r=cviecco r=briansmith 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.cpp
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h
 2013-11-11 13:43:04 -08:00
David Keeler
78a5e9e6f5 bug 935618 - (2/2) generateCRMFRequest: test using a bad popcert parameter r=cviecco 2013-11-07 13:33:58 -08:00
David Keeler
be9934f8aa bug 935618 - (1/2) check for an ec certificate in nsConvertToActualKeyGenParams r=cviecco 2013-11-07 13:34:59 -08:00
Jacob Acord
d01a66c71a Bug 934673 - Fix nsRandomGenerator::GenerateRandomBytes can leak r=keeler 2013-11-11 14:38:37 -08:00
Jed Davis
0575f79039 Bug 936163 - Fix profiling-specific sandbox whitelist for x86_64. r=kang 
There is no sigaction, only rt_sigaction.
 2013-11-08 13:30:05 -08:00
Jed Davis
bf53218b36 Bug 936252 - Augment seccomp whitelist for b2g mochitests. r=kang 
FormHistory invokes sqlite3, which calls fsync and geteuid.
A form test calls nsIFile's remove method, which uses lstat.
The crash reporter uses socketpair/sendmsg, to send a pipe back to the parent.
 2013-11-11 09:11:43 -05:00
Brian Smith
3156fc687b Bug 934378, Bug 898431: Update NSS to NSS 3.15.4 beta 2 (NSS_3_15_4_BETA2), r=me 
--HG--
extra : rebase_source : 079854e8533b46d24184547c1424078cfb68852f
 2013-11-09 11:02:17 -08:00
Brian Smith
5561c4b35b Bug 934663: Enable AES-GCM cipher suites; disable SEED, ECDH_*, and FIPS, and DSS+Camellia cipher suites, r=cviecco 
--HG--
extra : rebase_source : a1542ba09258448e571109bc4aa6423cd9ad616a
 2013-11-01 05:20:03 -07:00
Brian Smith
780de23203 Bug 934327: Give OCSP-related NSS errors symbolic names in xpcshell tests, r=keeler 
--HG--
extra : rebase_source : 10bd4842f16a6a4e1cbd8d50505a70a6502d9581
 2013-10-14 21:36:18 -07:00
Garrett Robinson
e97987f422 Bug 855326 - CSP 1.1 nonce-source for scripts and styles r=mrbkap r=dholbert r=geekboy 2013-11-08 15:44:39 -08:00
Carsten "Tomcat" Book
b65d0a157a Merge mozilla-central to mozilla-inbound 2013-11-09 12:25:41 +01:00
ffxbld
6795532ada No bug, Automated HSTS preload list update from host bld-linux64-ec2-173 - a=hsts-update 2013-11-09 03:19:13 -08:00
Jed Davis
8a6912c5a8 Bug 936145 - Clean up architecture-specific parts of seccomp whitelist. r=kang 2013-11-08 15:31:20 -05:00
Daniel Holbert
0d7ef379ad backout 57213b64023b (bug 855326) for build bustage in debug builds 
CLOSED TREE
 2013-11-08 11:22:36 -08:00
Garrett Robinson
7cbc01f239 Bug 855326 - CSP 1.1 nonce-source for scripts and styles. r=mrbkap r=dholbert r=geekboy 2013-11-08 09:20:43 -08:00
Mike Hommey
425071163a Bug 934864 - Add option to make INSTALL_TARGETS and PP_TARGETS keep the original path when copying/preprocessing. r=gps 
Also, refactored them for more debuggability and clarity.
 2013-11-09 10:32:53 +09:00
David Keeler
9a14744725 bug 934716 - generateCRMFRequest: accept only the first repeated keygen parameter r=cviecco 2013-11-07 10:42:59 -08:00
Kai Engert
8322c5cd60 Bug 898431, Bug 935959, pick up NSS 3.15.4 beta1 in order to test recent NSS fixes, rs=me 2013-11-07 15:31:39 +01:00
Michael Shuen
88afe268b2 Bug 933995 - Check return value of ImportCertsIntoPermanentStorage and CERT_ImportCerts. r=dkeeler 2013-11-06 12:30:45 -05:00
Brian R. Bondy
6ceb592a81 Bug 935042 - Allow more than one process to be sandboxed from a single sandboxbroker. r=aklotz 2013-11-05 13:07:40 -05:00
Ryan VanderMeulen
41e603833c Merge m-c to inbound. 2013-11-04 16:31:13 -05:00
Carsten "Tomcat" Book
dc3520d4b7 merge b2g-inbound to mozilla-central 2013-11-04 13:52:18 +01:00
Brian R. Bondy
7b8c0a47a1 Bug 934445 - Fix Windows linking error in Release mode only when MOZ_CONTENT_SANDBOX is defined. r=aklotz 2013-11-04 15:35:03 -05:00
Michael Shuen
4bbdb5bd61 Bug 933998 - Prevent leak in nsNSSCertificateDB::ConstructX509FromBase64. r=bsmith 2013-11-04 14:22:37 -05:00
Meadhbh Hamrick
d9c9da76b7 Bug 861266: Enable TLS 1.2 by default, r=briansmith 
--HG--
extra : rebase_source : 4f28724d58791e1ee0e281ff48232f5aaca2048f
 2013-11-01 04:48:57 -07:00
Brian Smith
8ba7715f0f Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco 
--HG--
extra : rebase_source : 7cbc273155d04bc64a110eda9216c6f727ce0c18
 2013-10-24 14:32:09 -07:00
Brian Smith
29ae1ad3b1 Bug 898431: Update NSS to NSS 3.15.3 Beta 2 (NSS_3_15_3_BETA2), r=me 
--HG--
extra : rebase_source : e0c24dc8228477fc0647a9e1f534dcf96a355095
 2013-11-01 04:08:28 -07:00
Brian Smith
1f07bf5b3c Bug 934171: Fix OCSP stapling test, r=mcmanus 
--HG--
extra : rebase_source : 4f77b595b2004dabf3444187424ac4426fb7a41a
 2013-11-02 19:57:26 -07:00
ffxbld
abf5d58b4c No bug, Automated HSTS preload list update from host bld-linux64-ec2-406 - a=hsts-update 2013-11-02 03:19:53 -07:00
Mike Hommey
0b53da458d Bug 933135 - Treat SIMPLE_PROGRAMS more like PROGRAM. r=mshal 2013-11-02 08:43:55 +09:00
Brian R. Bondy
423a5df4f3 Bug 925571 - Packaging for Sandboxing dll. r=bsmedberg 2013-10-30 16:58:56 -07:00
Brian R. Bondy
af6005bb38 Bug 925571 - Initial Windows content process sandbox broker code. r=aklotz 2013-10-30 16:58:52 -07:00
Brian R. Bondy
cc0884e81f Bug 925571 - Build config for plugin_container windows sandboxing. r=bsmedberg 2013-10-30 16:58:45 -07:00