Cykesiopka
ea035ab7a4
Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson
2014-05-30 00:01:00 -04:00
Nathan Froyd
c5a3c603c2
Bug 1017661
- remove MOZ_NSS_PATCH functionality; r=glandium
2014-05-29 12:16:58 -04:00
David Keeler
56379872a2
bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith
2014-05-28 15:28:03 -07:00
Camilo Viecco
b3316b8666
Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler
...
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
2014-05-23 09:47:41 -07:00
Camilo Viecco
44bf536cc4
Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler
...
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
2014-05-21 15:42:21 -07:00
David Keeler
4a93b644f6
bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer
2014-01-10 11:13:03 -08:00
Cykesiopka
40f95d5437
Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler
2014-05-27 20:58:00 +02:00
Camilo Viecco
2883e1d4ea
Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc
...
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
2014-05-27 10:53:40 -07:00
Ryan VanderMeulen
9460f40816
Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures.
...
CLOSED TREE
2014-05-27 14:27:40 -04:00
David Keeler
bacc5f19c7
bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer
2014-01-10 11:13:03 -08:00
Richard Barnes
cf739d773c
Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler
2014-05-23 15:29:00 +02:00
ffxbld
1b5b7ecfd1
No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update
2014-05-24 03:14:12 -07:00
Monica Chew
c21cc7a85f
Bug 1004351: Enable production mode for twitter pins (r=keeler)
2014-05-22 15:11:07 -07:00
Monica Chew
f87b89298d
Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler)
2014-05-22 15:09:45 -07:00
Wan-Teh Chang
c88fddaa3c
Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes
...
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
2014-05-22 12:31:09 -07:00
Cykesiopka
17e952b63e
Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler
2014-05-22 00:52:00 +02:00
Birunthan Mohanathas
76ca8ec617
Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
c4568a7085
Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
807e72372f
Bug 869836 - Part 4: Use EqualsLiteral instead of Equals(NS_LITERAL_STRING(...))
. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
411a8639b4
Bug 869836 - Part 3: Use Append('c')
instead of AppendLiteral("c")
. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
62570a8716
Bug 869836 - Part 2: Use AppendLiteral instead of Append(NS_LITERAL_STRING(...))
. r=ehsan
2014-05-22 06:48:50 +03:00
Camilo Viecco
a87a54bcc1
Bug 1010594 - Part 2/2 tests - r=keeler
...
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
2014-05-19 13:26:23 -07:00
Camilo Viecco
1eac4f4b6c
Bug 1010594 - Part 1/2 OCSP url check - r=briansmith
...
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
2014-05-16 13:53:14 -07:00
Camilo Viecco
4eff7cf088
Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler
...
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
2014-05-15 08:04:54 -07:00
Richard Barnes
7b6d82be69
Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler
2014-05-16 15:47:00 -04:00
Bob Owen
2c9a59f64a
Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz
2014-05-14 16:09:31 +01:00
Jed Davis
c7dae997a6
Bug 920372 - Fix socketcall whitelisting on i386. r=kang
2014-05-20 18:38:14 -07:00
Jed Davis
1523066770
Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang
2014-05-20 18:38:06 -07:00
Jed Davis
3a308504da
Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang
2014-05-20 18:37:53 -07:00
Jed Davis
3b103d307f
Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang
...
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h
Updated:
* base/basictypes.h
* base/macros.h
At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require. However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
2014-05-20 18:37:45 -07:00
Monica Chew
b35189dfe7
Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler)
2014-05-20 13:25:02 -07:00
Richard Barnes
ae11832c51
Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched
2014-05-03 08:50:00 +02:00
Chris Peterson
7429b133b7
Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith
2014-05-17 20:12:10 -07:00
Monica Chew
1d542c52b2
Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler)
2014-05-19 13:24:41 -07:00
Monica Chew
8bc2f051f9
Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler)
2014-05-19 13:04:40 -07:00
David Keeler
0c382cbab9
bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc
2014-05-19 12:14:51 -07:00
David Keeler
b0685b996f
bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc
2014-05-19 12:14:44 -07:00
David Keeler
7490c005ac
bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith
2014-05-14 10:05:32 -07:00
David Keeler
ca14d7c987
bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith
2014-05-19 11:13:04 -07:00
Marco Castelluccio
98f16ffbdc
Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith
2014-05-18 15:42:42 +02:00
ffxbld
7253546a17
No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update
2014-05-17 03:15:04 -07:00
Brian Smith
ed25ac818b
Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco
...
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
2014-05-14 17:46:32 -07:00
Brian Smith
b3711e99df
Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
...
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
2014-05-15 18:59:52 -07:00
Brian Smith
fcba6f8814
Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler
...
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
2014-05-14 19:30:09 -07:00
Brian Smith
e1de62ff87
Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
...
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
2014-05-14 01:02:34 -07:00
Brian Smith
dd25f656a6
Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler
...
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
2014-04-25 20:27:27 -07:00
Brian Smith
8a6f85b521
Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler
...
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
2014-05-05 09:55:57 -07:00
Monica Chew
a1ab4d859d
Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler)
2014-05-15 16:56:51 -07:00
Monica Chew
f023ce771c
Bug 1006594: Implement moz-specific telemetry (r=keeler)
2014-05-14 16:36:46 -07:00
David Keeler
34bae7a5a0
backout dfc04fd0a41f (bug 1002814) for gtest breakage
2014-05-14 11:08:20 -07:00