Commit Graph

2052 Commits

Author SHA1 Message Date
Camilo Viecco
f8058010ea Bug 1021797 - Rename ArenaFalseCleaner to PORT_FreeArena_false. r=keeler
--HG--
extra : rebase_source : e7316ee06f58f42afbaf68d7e5f7948277fd15fd
2014-06-06 14:11:08 -07:00
Monica Chew
2a8bdf8ac7 Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Brian Smith
d069eee1bd Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE
--HG--
extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369
2014-06-06 12:04:36 -07:00
Brian Smith
842a9f0d8f Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
2014-06-04 01:28:44 -07:00
Brian Smith
94b0c6c505 Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
2014-06-04 00:03:28 -07:00
Brian Smith
56c22cc57c Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
2014-06-05 15:18:32 -07:00
Brian Smith
0988b16d24 Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler
--HG--
extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b
2014-05-31 18:54:34 -07:00
David Keeler
d98be01fdd bug 1019198 - fail handshake if given an expired OCSP response and fetching a new one fails r=briansmith 2014-06-06 09:20:50 -07:00
Camilo Viecco
2754803080 Bug 1000548 - Leaking arenas allocated in mozilla::pkix r=keeler
--HG--
extra : rebase_source : 6b0aaef098a4fa4d5749013a332b6b7602640b36
2014-06-05 16:28:46 -07:00
Ed Morley
dd53384926 Backed out changeset 189492a9a115 (bug 1020695) for mochitest-2 failures in test_WebCrypto.html; CLOSED TREE 2014-06-05 15:52:01 +01:00
Wan-Teh Chang
1c2b9ab842 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-05 07:06:32 -07:00
Wan-Teh Chang
27b5fea348 Revert 8406a2b981c5 to fix build bustage.
> Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
> bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
> bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
> bug 963150.
2014-06-04 21:26:33 -07:00
Wan-Teh Chang
19a284c6e7 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-04 21:03:47 -07:00
David Keeler
afd6b3a4c0 bug 1003566 - part 2/2: prevent OCSP requests from being upgraded to HTTPS by HSTS r=cviecco 2014-06-04 09:58:28 -07:00
Jed Davis
1cac9a15d9 Bug 1014299 - Add times() to seccomp whitelist. r=kang
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
2014-06-02 14:52:00 +02:00
Sébastien Blin
6b33204ed4 Bug 1019722 - Remove a double assignment to lastRdn to fix a minor warning found by scan-build, the LLVM/Clang static analyzer. r=keeler 2014-06-02 20:16:14 +02:00
David Keeler
ca02748bb8 Bug 1009988 - OCSP tests: Precompute responses to prevent timeouts. r=cviecco 2014-06-02 11:35:27 -07:00
Monica Chew
2c499987c0 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Brian Smith
a33f724e49 Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
2014-06-03 10:47:25 -07:00
Brian Smith
8b52746412 Bug 1019109: Add DottedOIDToCode.py tool, r=keeler
--HG--
extra : rebase_source : 44a92234f884af4500bc6eb5a1fc4dd4cfd38dc2
2014-06-02 10:50:04 -07:00
Cykesiopka
fbf7f5908c Bug 235230 - Change IDL type of nsIX509Cert::windowTitle to AString; Original patch by Zack Weinberg. r=keeler 2014-06-01 13:59:00 +02:00
Brian Smith
d2755d917c Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
2014-05-31 16:32:58 -07:00
Brian Smith
92e40f8a7d Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
2014-05-31 16:55:54 -07:00
Brian Smith
1e3170430a Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco
--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
2014-05-30 16:46:49 -07:00
Brian Smith
d0f950f5b2 Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc
--HG--
extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494
2014-05-29 22:09:45 -07:00
Brian Smith
058c81082c Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc
--HG--
extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56
2014-05-29 23:36:30 -07:00
Phil Ringnalda
7eb87d1b98 Merge m-i to m-c 2014-05-31 20:29:24 -07:00
ffxbld
3a8e6bfc3c No bug, Automated HSTS preload list update from host bld-linux64-spot-176 - a=hsts-update 2014-05-31 03:14:44 -07:00
Cykesiopka
39960f90db Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson 2014-05-30 00:01:00 -04:00
Camilo Viecco
5f542bdf1c Bug 991815 - Part 2/2 - Tests for OCSP responses up to 1 year old. r=keeler
--HG--
extra : rebase_source : cc012870da3a165a0a3d0d5c6c9671eeeda37f3f
2014-05-28 14:08:02 -07:00
Camilo Viecco
553254501f Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler
--HG--
extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8
2014-05-30 16:12:36 -07:00
Nathan Froyd
2beaf5dea4 Bug 1017661 - remove MOZ_NSS_PATCH functionality; r=glandium 2014-05-29 12:16:58 -04:00
Brian Smith
03ace1f91a Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler
--HG--
extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f
2014-05-29 23:37:40 -07:00
Brian Smith
7d0c4cf7ba Bug 1018041: Fix linking error in pkix_ocsp_request_tests when GTest is enabled on Windows, r=keeler
--HG--
extra : rebase_source : 36c5ee4f5cc40adb1079e34bd309147a662fc45f
2014-05-29 23:06:10 -07:00
Brian Smith
d099e18d30 Bug 1018018: Remove support/mention of proprietary Netscape certificate extensions from PSM, r=cviecco
--HG--
extra : rebase_source : 758ff9384c040084b1015f8025a4ff9f33590176
2014-05-29 20:38:25 -07:00
Brian Smith
f61831a128 Bug 1010634, Part 6: Enable -Wall with a few exceptions for certverifier, r=cviecco
--HG--
extra : rebase_source : 611f0d65e7edb74345a4a599a6606de37e3da75e
2014-05-15 21:56:23 -07:00
Brian Smith
1a0e4070a0 Bug 1010634, Part 5: Add private destructor to NSSErrorService in line with the XPCOM recommendations, r=cviecco
--HG--
extra : rebase_source : 1f8b4558114eef0e1a15f51f0c814f16e05f6f76
2014-05-29 20:18:17 -07:00
Brian Smith
78cf7bf1aa Bug 1010634, Part 3: Fix more warnings in CertVerifier, r=cviecco
--HG--
extra : rebase_source : 21e79fbc472aeccec7df213e0cd8d99bebfbff75
2014-05-29 20:17:53 -07:00
David Keeler
165f7dcea8 bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith 2014-05-28 15:28:03 -07:00
Camilo Viecco
4c8d269435 Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
2014-05-23 09:47:41 -07:00
Camilo Viecco
d20bcaf3c2 Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
2014-05-21 15:42:21 -07:00
David Keeler
bb25d1dd44 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Cykesiopka
f81c301340 Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler 2014-05-27 20:58:00 +02:00
Camilo Viecco
ebf37d16e3 Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
2014-05-27 10:53:40 -07:00
Ryan VanderMeulen
dfef259674 Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures.
CLOSED TREE
2014-05-27 14:27:40 -04:00
David Keeler
2c33f22ba9 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Richard Barnes
2b34ee7aa4 Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler 2014-05-23 15:29:00 +02:00
ffxbld
b1e2aacef4 No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update 2014-05-24 03:14:12 -07:00
Monica Chew
b7b4c09739 Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
b3defc8b63 Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00