ffxbld
76021ccc8d
No bug, Automated HSTS preload list update from host bld-linux64-spot-008 - a=hsts-update
2014-03-22 03:20:45 -07:00
David Keeler
94f596638c
backout bug 985021 (8d622f4ec6e9) for another build breakage on a CLOSED TREE r=backout
2014-03-21 11:47:06 -07:00
David Keeler
950e25173a
bug 969758 - ignore "snionly" property in Google's HSTS preload list r=cviecco DONTBUILD because NPOTB
2014-03-21 14:09:04 -07:00
David Keeler
81f6c14f73
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
2014-03-21 10:38:36 -07:00
David Keeler
84882df999
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
2014-03-21 11:52:01 -07:00
David Keeler
c08f958136
backout bug 985021 (de535cd27ee7) for build breakage r=backout
2014-03-20 16:06:15 -07:00
David Keeler
d03bb6501c
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
2014-03-20 15:50:12 -07:00
David Keeler
41de3e33c3
bug 985201 - follow-up: fix comment mentioning "Insanity" (it should be "mozilla::pkix") r=me DONTBUILD
2014-03-20 15:36:23 -07:00
David Keeler
f8e657144b
bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
...
--HG--
rename : security/insanity/include/insanity/ScopedPtr.h => security/pkix/include/pkix/ScopedPtr.h
rename : security/insanity/include/insanity/bind.h => security/pkix/include/pkix/bind.h
rename : security/insanity/include/insanity/nullptr.h => security/pkix/include/pkix/nullptr.h
rename : security/insanity/include/insanity/pkix.h => security/pkix/include/pkix/pkix.h
rename : security/insanity/include/insanity/pkixtypes.h => security/pkix/include/pkix/pkixtypes.h
rename : security/insanity/lib/pkixbind.cpp => security/pkix/lib/pkixbind.cpp
rename : security/insanity/lib/pkixbuild.cpp => security/pkix/lib/pkixbuild.cpp
rename : security/insanity/lib/pkixcheck.cpp => security/pkix/lib/pkixcheck.cpp
rename : security/insanity/lib/pkixcheck.h => security/pkix/lib/pkixcheck.h
rename : security/insanity/lib/pkixder.cpp => security/pkix/lib/pkixder.cpp
rename : security/insanity/lib/pkixder.h => security/pkix/lib/pkixder.h
rename : security/insanity/lib/pkixkey.cpp => security/pkix/lib/pkixkey.cpp
rename : security/insanity/lib/pkixocsp.cpp => security/pkix/lib/pkixocsp.cpp
rename : security/insanity/lib/pkixutil.h => security/pkix/lib/pkixutil.h
rename : security/insanity/moz.build => security/pkix/moz.build
rename : security/insanity/test/lib/moz.build => security/pkix/test/lib/moz.build
rename : security/insanity/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestutil.cpp
rename : security/insanity/test/lib/pkixtestutil.h => security/pkix/test/lib/pkixtestutil.h
2014-03-20 14:29:21 -07:00
Jed Davis
a0cc886e03
Bug 985227 - Part 3: Replace the seccomp filter arch ifdefs with syscall existence tests. r=kang
2014-03-20 10:19:42 -04:00
Jed Davis
d43d0dfdd4
Bug 985227 - Part 2: Flatten out the #define maze in the seccomp filter. r=kang
2014-03-20 10:19:42 -04:00
Jed Davis
a66e7db1f0
Bug 985227 - Part 1: Move the seccomp filter into its own translation unit. r=kang
...
--HG--
rename : security/sandbox/linux/seccomp_filter.h => security/sandbox/linux/SandboxFilter.cpp
2014-03-20 10:19:42 -04:00
Jed Davis
5252d839d5
Bug 975273 - Add missing include to unbreak desktop seccomp build. r=kang
2014-03-20 09:27:28 -04:00
David Keeler
2ccf86f421
bug 984567 - insanity::pkix: handle/test malformed OCSP responses r=briansmith r=cviecco
2014-03-19 09:36:10 -07:00
Camilo Viecco
0f2a3b9cca
Bug 966820 - Add test for trustbits for Certverifier. r=dkeeler
...
--HG--
rename : layout/reftests/abs-pos/table-internal-5-ref.html => layout/reftests/abs-pos/table-internal-1-ref.html
rename : layout/reftests/abs-pos/table-internal-6-ref.html => layout/reftests/abs-pos/table-internal-3-ref.html
rename : layout/reftests/abs-pos/table-internal-7-ref.html => layout/reftests/abs-pos/table-internal-4-ref.html
extra : rebase_source : d854bd51bd84e9f7e21980a31c822726e4401dd9
2014-03-06 14:17:50 -08:00
Paolo Amadini
e7ed1c1bf4
Bug 984788 - Convert legacy uses of promise.js to Promise.jsm. rs=Yoric
2014-03-18 15:16:02 +01:00
Neil Rashbrook
921625ab05
Bug 514280 Stop using nsCOMPtr for concrete types r=bsmedberg
...
--HG--
extra : rebase_source : f8fb50de9292320eb7589dd28dc566d0f5044da6
2014-03-18 00:23:03 +00:00
Wes Kocher
2939a367ba
Backed out 2 changesets (bug 514280) for OSX build bustage on a CLOSED TREE
...
Backed out changeset 2a015b45d808 (bug 514280)
Backed out changeset a01f97c1ed02 (bug 514280)
2014-03-17 15:19:53 -07:00
David Keeler
913a82c461
bug 977870 - insanity::pkix: consume the rest of input when a CertID doesn't match in an OCSP response r=briansmith
2014-03-17 14:34:34 -07:00
David Keeler
b308e2004c
bug 982754 - allow some inadequate key usage overrides r=cviecco
2014-03-13 16:49:12 -07:00
Neil Rashbrook
f83724018d
Bug 514280 Stop using nsCOMPtr for concrete types r=bsmedberg
...
--HG--
extra : rebase_source : eaca8b2925eaffb49e29a617cd72c0d6686e6d9e
2014-03-17 19:07:09 +00:00
Jon Coppeard
524071f389
Bug 959787 - Handlify JS_ExecuteScript, JS_EvaluateScript and other JS APIs r=sfink r=bz
2014-03-17 16:17:58 +00:00
Phil Ringnalda
15b355411f
Merge m-c to m-i
2014-03-15 12:32:04 -07:00
Phil Ringnalda
e9f2509f86
Merge b-i to m-c
2014-03-15 12:24:12 -07:00
Phil Ringnalda
145c12aecb
Merge m-i to m-c
2014-03-15 12:15:37 -07:00
Kyle Huey
f7eafc09a9
Bug 967364: Rename already_AddRefed::get to take. r=bsmedberg
2014-03-15 12:00:15 -07:00
Wan-Teh Chang
f1ef86fcfb
Bug 967153: Update to NSS 3.16 (NSS_3_16_RTM) and NSPR 4.10.4
...
(NSPR_4_10_4_RTM).
2014-03-15 06:30:30 -07:00
ffxbld
8fa4032f02
No bug, Automated HSTS preload list update from host bld-linux64-spot-485 - a=hsts-update
2014-03-15 03:17:07 -07:00
Wes Kocher
9d924d11be
Merge m-c to b2g-inbound
2014-03-14 23:18:26 -07:00
Guillaume Destuynder
172cae7cca
Bug 983518: Fix running B2G-1.4 on KitKat by whitelisting sigalstack in the sandbox. r=kang r=jld
2014-03-14 18:54:20 -07:00
Bill McCloskey
d960718b48
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 21:38:19 -07:00
Wes Kocher
62d61f05a8
Backed out changeset 88425ad0f06a (bug 982828) for introducing various mochitest-5 failures on a CLOSED TREE
...
* * *
Backed out changeset 94f9ebdc6662 (bug 982828)
2014-03-13 19:41:21 -07:00
Bill McCloskey
cff466f79f
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 15:41:41 -07:00
Bill McCloskey
624ffda758
Backed out changeset d6261f65070a
2014-03-13 15:52:27 -07:00
Bill McCloskey
a23e0f8633
Bug 982828 - [e10s] Disable mochitest-plain tests that don't pass in e10s (r=ted)
2014-03-13 15:41:41 -07:00
David Keeler
a761489cd5
bug 969048 - adjust OCSP stapling telemetry for insanity::pkix r=briansmith r=cviecco
2014-03-13 09:41:03 -07:00
Vaibhav Agarwal
292a923c8e
Bug 971132 - B2G mochitests should use the new manifest format for runtests; r=jmaher
2014-03-13 10:40:10 -04:00
Vicamo Yang
459e5b28cf
Bug 944625 - B2G Emulator-x86: fix undeclared __NR_sendto, __NR_recvfrom. r=jld,kang
2014-03-13 13:44:43 +09:00
Wes Kocher
a07bbe4b3e
Merge m-c to b-i
2014-03-12 21:22:36 -07:00
Jed Davis
8518d7e52b
Bug 977859 - Drop uid 0 in all content processes immediately after fork. r=bent r=kang
...
Now all regular child processes, including preallocated, are deprivileged.
Only Nuwa needs uid 0, because each of its children has a different uid/gid.
2014-03-12 15:48:15 -07:00
David Keeler
10839e2fec
bug 915932 - cache OCSP responses when using insanity::pkix r=cviecco r=briansmith
2014-03-12 13:08:48 -07:00
David Keeler
d11318bf9c
bug 982403 - separate the compilation of certverifier and insanity::pkix r=cviecco r=briansmith
...
--HG--
rename : security/certverifier/moz.build => security/insanity/moz.build
2014-03-12 13:08:18 -07:00
Camilo Viecco
5d919b2c6e
Bug 962740 - Batch of 3 CA Certs to be granted EV capabilites. r=keeler
2014-02-26 14:41:02 -08:00
Brian Smith
b7633c8def
Bug 982761 - Fix linkage of _1 placeholder in std::bind polyfill. r=briansmith
2014-03-13 16:55:28 -07:00
David Keeler
593fdbe455
Bug 974715 - Create more flexible OCSP response generation code. r=briansmith, r=cviecco
2014-03-10 14:04:31 -07:00
Brian Smith
d0a2191cd6
Bug 947584: Use official IANA names for cipher suites in PSM, r=cviecco
...
--HG--
extra : rebase_source : fafec912dc96480cb4f00bddec00d40e5e9db088
2014-03-09 20:21:12 -07:00
Brian Smith
82177fc272
Bug 967153: Update to NSS 3.16 beta 5 (NSS_3_16_BETA5), r=me
...
--HG--
extra : rebase_source : 8dfdcd121214b084acc01025a2cd989ccf6a603c
2014-03-09 19:40:25 -07:00
ffxbld
e00ef3a7af
No bug, Automated HSTS preload list update from host bld-linux64-spot-041 - a=hsts-update
2014-03-08 04:29:12 -08:00
Landry Breuil
576df297f4
Bug 980848: use c-style comments in c files r=cviecco DONTBUILD
2014-03-07 18:32:11 +01:00
Jed Davis
bd32e9135c
Bug 979686 - Fix the non-(ARM|x86|x86_64) desktop build. r=kang
2014-03-06 12:23:06 -08:00
Luke Wagner
af4251da97
Bug 980180 - remove principals as an argument to compilation, part 2 (r=terrence)
...
--HG--
extra : rebase_source : 86791b50b4293ba5506f1e0f5c64730338f552e6
2014-03-06 16:28:07 -06:00
Vaibhav Agarwal
f0bd81877d
Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher
2014-03-06 13:42:47 -05:00
Brian R. Bondy
ff0c2873b4
Bug 941110 - Make the Windows sandbox code compile without the Win8 SDK. r=jimm
2014-03-06 12:53:24 -05:00
Ted Mielczarek
f65444d5b1
Bug 977699 - Move the few remaining mochitests to manifests. r=jmaher
2014-03-04 15:54:31 -05:00
Jed Davis
f6ffcce7a8
Bug 946407 - Disable sandbox when DMDing. r=njn r=kang
...
See also bug 956961.
2014-03-04 18:27:14 -08:00
Ehsan Akhgari
444a26ed8e
Bug 976896 - Port STL_FLAGS to moz.build; r=mshal
2014-03-04 19:39:06 -05:00
David Keeler
e8ea24a4a6
bug 978797 - stop classifying SEC_ERROR_INADEQUATE_KEY_USAGE as a "bad cert" error r=briansmith
2014-03-03 15:39:07 -08:00
Brian Smith
15433c7191
Bug 967153: Update to NSS 3.16 beta 4 (NSS 3_16_BETA4), r=me
...
--HG--
extra : rebase_source : 192fdf657daa1aae51d9f163b074b8eb6a7aac13
2014-03-02 17:30:39 -08:00
Brian Smith
06c3b6575e
Bug 978117: Enable test_signed_apps.js and test_signed_apps-marketplace.js on Android and B2G, r=cviecco
...
--HG--
extra : rebase_source : acc33b667f19583d94d300d4e4a73cb3e225bbd6
2014-03-01 20:55:57 -08:00
Brian Smith
7b3fbf17ce
Bug 978528: Return the correct error message when no potential issuers are found during path bulding in insanitY::pkix, r=cviecco
...
--HG--
extra : rebase_source : 71f806312ad322bc2971e7efaea2da217b07efad
2014-03-01 20:55:51 -08:00
Brian Smith
9774eaf9ce
Bug 978120: Enable more PSM xpcshell tests on Android and B2G, r=keeler
...
--HG--
extra : rebase_source : 439914322f2b2f2ebd7bf529e3a4a59f36831a7e
2014-03-01 19:02:58 -08:00
Brian Smith
ae6b048991
Bug 978120: Make nsIX509Cert.setCerttrust, and nsIX509CertDB.addCert, and nsIX509CertDB2.addCertFromBase64 work on Android and B2G, r=keeler
...
--HG--
extra : rebase_source : 5582716fe0c650366e3cf5e85a30748a7d22b156
2014-03-01 19:01:23 -08:00
Ed Morley
8362582b2a
Merge latest green inbound changeset and mozilla-central
2014-03-03 14:44:44 +00:00
ffxbld
242b919b95
No bug, Automated HSTS preload list update from host bld-linux64-spot-483 - a=hsts-update
2014-03-01 03:17:30 -08:00
Ryan VanderMeulen
433c5de893
Merge m-c to inbound.
2014-02-28 10:15:57 -05:00
Carsten "Tomcat" Book
67109b9a5c
merge b2g-inbound to mozilla-central
2014-02-28 14:42:11 +01:00
Wes Kocher
45d489c9d5
Merge m-c to b2g-inbound
2014-02-27 17:47:32 -08:00
Jed Davis
cffac485ff
Bug 970676 - Turn on sandboxing on all relevant threads. r=dhylands r=bent f=kang
2014-02-27 13:18:01 -08:00
Brian Smith
57f5275a64
Bug 978111, Bug 978426: Disable test_sts_preloadlist_perwindowpb.js on B2G/ARM, a=bustage
...
--HG--
extra : rebase_source : 434af7dc53cf57eca1335a6e0ad0a4785c547e72
2014-02-28 21:12:07 -08:00
Brian Smith
632820cb94
Bug 978185: Improve error codes returned from nsIX509CertDB.addCert and nsIX50CertDB.setCertTrust, r=keeler
...
--HG--
extra : rebase_source : e32a913f085524d113b17d03917c10ad92c7f6e1
2014-02-28 11:19:38 -08:00
Brian Smith
d13619f4f5
Bug 978111: Enable already-working PSM xpcshell tests on Android and B2G, r=cviecco
...
--HG--
extra : rebase_source : c14ef67870f2b40a3319e6bc8df0ddfe9dd222e3
2014-02-28 11:16:16 -08:00
Ehsan Akhgari
5df2a9cacc
Bug 976898 - Move the sdkdecls.h force-include out of the build system; r=bbondy,glandium
2014-02-28 08:17:22 -05:00
Brian Smith
41a03326ab
Bug 967153: Update to NSS 3.16 beta 3 (NSS_3_16_BETA3), r=me
...
--HG--
extra : rebase_source : 75c78b361f887c2cb820bc41913bcf68de15f83f
extra : histedit_source : 7c8e8a79c9dde7c702ceb5ce1e4a73f2a77fbea5
2014-02-27 16:06:22 -08:00
Andrew McCreight
c479f2a541
Bug 962608 - Make PL_DHashTableInit infallible by default. r=briansmith,bsmedberg,ehsan,froydnj,jduell,jfkthame,roc,smaug
2014-02-27 10:04:09 -08:00
Brian Smith
6dedccaf4a
Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler
...
--HG--
extra : rebase_source : b1fd1f8eace675484b3c2d568e5e74f767f1d2ad
2014-02-23 22:15:53 -08:00
Brian Smith
8f77f9a85d
Bug 921886: Add certificate policiy support to insanity::pkix, r=keeler, r=cviecco
...
--HG--
extra : rebase_source : 6522e2c2f57f59fe23c0ed0c838f1f54236bdafc
2014-02-24 12:37:45 -08:00
Brian Smith
95531c3f3b
Bug 970810: Expand name constraint tests to test insanity::pkix, r=cviecco
...
--HG--
extra : rebase_source : b8190690743a12623c7524429215fc7d8a8dea49
extra : histedit_source : fd9877f98303dd237b302e6c606ca11f4c36fd7c
2014-02-25 01:15:52 -08:00
Camilo Viecco
28701723f5
Bug 900727: Add name constraints to psm in xpcshell. r=bsmith
2013-12-12 10:28:06 -08:00
Brian Smith
26540bda32
Bug 975122: Allow cert error overrides when insanity::pkix is used, r?cviecco, r?keeler
...
--HG--
extra : rebase_source : 47f5e779a16c462e40baa2d9cec2e83946c9076c
2014-02-22 19:08:06 -08:00
Raymond Etornam Agbeame(:retornam)
9e9e8b80a4
Bug 970614 - Remove code wrapped in #if 0 ... #endif blocks in PSM. r=keeler
2014-02-24 09:41:55 -05:00
Jed Davis
971a5e4c91
Bug 971128 - Add sched_yield to seccomp whitelist. r=kang
2014-02-22 18:58:59 -08:00
Jed Davis
5fbea02293
Bug 970562 - Add sched_getscheduler to seccomp whitelist. r=kang
2014-02-22 18:58:59 -08:00
Ehsan Akhgari
790a3e8ead
Bug 935778 - Part 0.3: Spray some more MOZ_DECLARE_REFCOUNTED_TYPENAME across the tree
2014-02-20 23:07:24 -05:00
David Keeler
a3a30a42d7
bug 969479 - only prevent TLS fallback for STARTTLS r=briansmith
2014-02-20 15:14:32 -08:00
Brian R. Bondy
281d63981a
Bug 974979 - Browser crashes after trying to restart a crashed e10s process. r=aklotz
2014-02-20 12:58:04 -05:00
Brian R. Bondy
c4729b25c5
Bug 928061 - Enable separate Desktop in Windows sandbox policy. r=aklotz
2014-02-20 12:37:22 -05:00
Jed Davis
b66661141a
Bug 974230 - Adjust sandbox so that socket() simply fails. r=kang
...
This is a workaround for issues with the SCTP code (bug 969715) and
NSPR's IPv6 support (bug 936320).
2014-02-20 09:35:44 -05:00
Jed Davis
bebcd8c470
Bug 966547 - Switch sipcc from named to anonymous sockets on Unix. r=jesup, r=kang
2014-02-20 09:35:26 -05:00
Jed Davis
3c6de73e43
Bug 974227 - Allow readlink while sandboxed to work around bug 964455. r=kang
2014-02-19 15:55:42 -05:00
Brian Smith
8870f2d542
Bug 915931, Part 4: Expand OCSP xpcshell tests to test insanity::pkix, r=keeler
...
--HG--
extra : rebase_source : e645de251c459d6fa38996bb7bfd35e21eaf3b72
2014-02-17 13:19:54 -08:00
Brian Smith
7865b702d2
Bug 973268: Return better error codes and make simple cert error override processing work for insanity::pkix, r=keeler, r=cviecco
...
--HG--
extra : rebase_source : 596e7a67b8631bb6a52c20d569fe433aa5e86cec
2014-02-11 00:46:05 -08:00
Brian Smith
5fce01773e
Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco
...
--HG--
extra : rebase_source : 4b54682ca6d97e2ec7709b9a5c93ddea71126f8b
2014-02-16 17:35:40 -08:00
Brian Smith
5c056032ea
Bug 915931, Part 2: Add OCSP request encoding to insanity::pkix, r=keeler
...
--HG--
extra : rebase_source : c07713a417c2bc03d4c18f0c7dbddd19b4532390
2014-02-06 16:57:49 -08:00
Brian Smith
c1391a29b0
Bug 878932, Part 1: Add OCSP response parsing & validation to insanity::pkix, r=keeler
...
--HG--
extra : rebase_source : 23771eaf97f67e5feb69d50a0c96dd4da31ae964
extra : source : b0511882e4c94c0960ef8533b381e8d72706172e
2014-02-16 18:09:06 -08:00
Ehsan Akhgari
0ec6497e74
Bug 973405 - Move some misc LOCAL_INCLUDES to moz.build; r=glandium
2014-02-18 08:49:12 -05:00
Ms2ger
aa9d7b52b4
Bug 968856 - Move unconditional LOCAL_INCLUDES into moz.build; r=mshal
2014-02-15 21:24:59 +01:00
Phil Ringnalda
fb92f57395
Merge m-i to m-c
2014-02-15 09:54:57 -08:00
ffxbld
79edf741a1
No bug, Automated HSTS preload list update from host bld-linux64-spot-071 - a=hsts-update
2014-02-15 03:20:10 -08:00
Vaibhav Agarwal
81f1ea0a18
Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher
2014-02-15 04:53:02 -05:00
Brian Smith
26f58a2368
Bug 896620: Revert deletion of security/build/b2g-app-root-cert.der, which was intended for bug 972201, r=me (thanks Ehsan)
2014-02-14 19:45:58 -08:00