wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
192,227 Commits 1 Branch 166 Tags 1.2 GiB
809ef59398
Commit Graph

2165 Commits

Author SHA1 Message Date
Monica Chew
fe6ce09033 Bug 1004352: Enable pinning for Google in production mode (r=keeler) 2014-06-11 15:32:37 -07:00
Gijs Kruitbosch
07a4ac12e7 Bug 908534 - change of event sink should trigger OnSecurityChange notifications, r=dkeeler 2014-06-11 11:19:17 +01:00
David Keeler
65bc823886 bug 1017160 - remove nsINSSCertErrorDialog and implementation r=cviecco 2014-06-09 16:35:35 -07:00
David Keeler
f6a2f616b1 bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith 2014-06-09 13:57:44 -07:00
Harsh Pathak
4ba177382c Bug 997370 - Update comment in nsIX509Cert.idl to reflect certificate fingerprint instead of public key. r=cviecco 2014-06-09 10:58:00 -04:00
Ryan VanderMeulen
8ad58324ce Merge m-c to inbound on a CLOSED TREE. a=me 2014-06-07 13:36:44 -04:00
ffxbld
4fe9e3ab4b No bug, Automated HSTS preload list update from host bld-linux64-spot-051 - a=hsts-update 2014-06-07 03:18:25 -07:00
David Keeler
cb6b2b4ade bug 1019198 - fail handshake if given an expired OCSP response and fetching a new one fails r=briansmith 2014-06-06 09:20:50 -07:00
Camilo Viecco
d9e0b6f6ea Bug 1000548 - Leaking arenas allocated in mozilla::pkix r=keeler 
--HG--
extra : rebase_source : 6b0aaef098a4fa4d5749013a332b6b7602640b36
 2014-06-05 16:28:46 -07:00
Ed Morley
5747f4d5d4 Backed out changeset 189492a9a115 (bug 1020695) for mochitest-2 failures in test_WebCrypto.html; CLOSED TREE 2014-06-05 15:52:01 +01:00
Wan-Teh Chang
9510f3e6cc Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for 
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
 2014-06-05 07:06:32 -07:00
Wan-Teh Chang
ec2bea3335 Revert 8406a2b981c5 to fix build bustage. 
> Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
> bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
> bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
> bug 963150.
 2014-06-04 21:26:33 -07:00
Wan-Teh Chang
9939efaa7f Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for 
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
 2014-06-04 21:03:47 -07:00
David Keeler
502d720549 bug 1003566 - part 2/2: prevent OCSP requests from being upgraded to HTTPS by HSTS r=cviecco 2014-06-04 09:58:28 -07:00
Camilo Viecco
3e7d66d335 Bug 1021797 - Rename ArenaFalseCleaner to PORT_FreeArena_false. r=keeler 
--HG--
extra : rebase_source : e7316ee06f58f42afbaf68d7e5f7948277fd15fd
 2014-06-06 14:11:08 -07:00
Monica Chew
291d694626 Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Brian Smith
2e61c5fffb Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE 
--HG--
extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369
 2014-06-06 12:04:36 -07:00
Brian Smith
9cdf5d2de5 Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco 
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
 2014-06-04 01:28:44 -07:00
Brian Smith
fbc33e0c8d Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
 2014-06-04 00:03:28 -07:00
Brian Smith
f3ab0b43c6 Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler 
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
 2014-06-05 15:18:32 -07:00
Brian Smith
90ae4efb88 Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler 
--HG--
extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b
 2014-05-31 18:54:34 -07:00
Mike Hommey
b02a375963 Bug 1027890 - Remove all sorts of build system code dedicated to pymake. r=gps 2014-06-25 08:38:28 +09:00
Jed Davis
d1a5790ae4 Bug 1014299 - Add times() to seccomp whitelist. r=kang 
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
 2014-06-02 14:52:00 +02:00
Sébastien Blin
6aefbf6100 Bug 1019722 - Remove a double assignment to lastRdn to fix a minor warning found by scan-build, the LLVM/Clang static analyzer. r=keeler 2014-06-02 20:16:14 +02:00
David Keeler
5acb4cc504 Bug 1009988 - OCSP tests: Precompute responses to prevent timeouts. r=cviecco 2014-06-02 11:35:27 -07:00
Monica Chew
d5ba5c9bc8 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Brian Smith
c9249cca82 Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler 
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
 2014-06-03 10:47:25 -07:00
Brian Smith
7af638d360 Bug 1019109: Add DottedOIDToCode.py tool, r=keeler 
--HG--
extra : rebase_source : 44a92234f884af4500bc6eb5a1fc4dd4cfd38dc2
 2014-06-02 10:50:04 -07:00
Cykesiopka
4e78fd0ee5 Bug 235230 - Change IDL type of nsIX509Cert::windowTitle to AString; Original patch by Zack Weinberg. r=keeler 2014-06-01 13:59:00 +02:00
Brian Smith
bf7fe601ba Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco 
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
 2014-05-31 16:32:58 -07:00
Brian Smith
7457c20cbe Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco 
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
 2014-05-31 16:55:54 -07:00
Brian Smith
91e474eea0 Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco 
--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
 2014-05-30 16:46:49 -07:00
Brian Smith
06f430ee13 Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc 
--HG--
extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494
 2014-05-29 22:09:45 -07:00
Brian Smith
293e4188d5 Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc 
--HG--
extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56
 2014-05-29 23:36:30 -07:00
Phil Ringnalda
786e840e01 Merge m-i to m-c 2014-05-31 20:29:24 -07:00
ffxbld
bec4c38688 No bug, Automated HSTS preload list update from host bld-linux64-spot-176 - a=hsts-update 2014-05-31 03:14:44 -07:00
Cykesiopka
ea035ab7a4 Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson 2014-05-30 00:01:00 -04:00
Camilo Viecco
be441f03f1 Bug 991815 - Part 2/2 - Tests for OCSP responses up to 1 year old. r=keeler 
--HG--
extra : rebase_source : cc012870da3a165a0a3d0d5c6c9671eeeda37f3f
 2014-05-28 14:08:02 -07:00
Camilo Viecco
fc11f7c21d Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler 
--HG--
extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8
 2014-05-30 16:12:36 -07:00
Nathan Froyd
c5a3c603c2 Bug 1017661 - remove MOZ_NSS_PATCH functionality; r=glandium 2014-05-29 12:16:58 -04:00
Brian Smith
4c6adb7ede Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler 
--HG--
extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f
 2014-05-29 23:37:40 -07:00
Brian Smith
b3bb9ea641 Bug 1018041: Fix linking error in pkix_ocsp_request_tests when GTest is enabled on Windows, r=keeler 
--HG--
extra : rebase_source : 36c5ee4f5cc40adb1079e34bd309147a662fc45f
 2014-05-29 23:06:10 -07:00
Brian Smith
8dcde055ad Bug 1018018: Remove support/mention of proprietary Netscape certificate extensions from PSM, r=cviecco 
--HG--
extra : rebase_source : 758ff9384c040084b1015f8025a4ff9f33590176
 2014-05-29 20:38:25 -07:00
Brian Smith
833425eae1 Bug 1010634, Part 6: Enable -Wall with a few exceptions for certverifier, r=cviecco 
--HG--
extra : rebase_source : 611f0d65e7edb74345a4a599a6606de37e3da75e
 2014-05-15 21:56:23 -07:00
Brian Smith
9eeeb8204b Bug 1010634, Part 5: Add private destructor to NSSErrorService in line with the XPCOM recommendations, r=cviecco 
--HG--
extra : rebase_source : 1f8b4558114eef0e1a15f51f0c814f16e05f6f76
 2014-05-29 20:18:17 -07:00
Brian Smith
7a871c3cee Bug 1010634, Part 3: Fix more warnings in CertVerifier, r=cviecco 
--HG--
extra : rebase_source : 21e79fbc472aeccec7df213e0cd8d99bebfbff75
 2014-05-29 20:17:53 -07:00
David Keeler
56379872a2 bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith 2014-05-28 15:28:03 -07:00
Camilo Viecco
b3316b8666 Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler 
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
 2014-05-23 09:47:41 -07:00
Camilo Viecco
44bf536cc4 Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler 
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
 2014-05-21 15:42:21 -07:00
David Keeler
4a93b644f6 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Brian Smith
450a20ba54 Bug 1031542: Add test case for key usage without any value bits, r=keeler 
--HG--
extra : rebase_source : 25bdc0db6b042fe6fbba61b80cb8a4ac7cb588eb
 2014-06-27 15:21:48 -07:00
Brian Smith
2bd47f2cb9 Bug 975229: Remove NSS-based certificate verification, r=keeler 
--HG--
extra : rebase_source : 49cb20f1b51e2d9993a35decd820764e20ad9be9
 2014-06-16 23:13:29 -07:00
Brian Smith
c214d0f55e Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler 
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
 2014-06-20 10:10:51 -07:00
David Keeler
4e568fe551 bug 1028178 - re-add nsICertificateDialogs to nsNSSDialogs' NS_IMPL_ISUPPORTS declaration r=briansmith 2014-06-20 09:38:08 -07:00
David Keeler
6dc7ca62d1 bug 997509 - heed expired Revoked or Unknown OCSP responses r=briansmith 2014-06-20 09:01:57 -07:00
Cykesiopka
40f95d5437 Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler 2014-05-27 20:58:00 +02:00
Camilo Viecco
2883e1d4ea Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc 
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
 2014-05-27 10:53:40 -07:00
Ryan VanderMeulen
9460f40816 Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures. 
CLOSED TREE
 2014-05-27 14:27:40 -04:00
David Keeler
bacc5f19c7 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Richard Barnes
cf739d773c Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler 2014-05-23 15:29:00 +02:00
ffxbld
1b5b7ecfd1 No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update 2014-05-24 03:14:12 -07:00
Monica Chew
c21cc7a85f Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
f87b89298d Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00
Wan-Teh Chang
c88fddaa3c Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes 
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
 2014-05-22 12:31:09 -07:00
Cykesiopka
17e952b63e Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler 2014-05-22 00:52:00 +02:00
Birunthan Mohanathas
76ca8ec617 Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
c4568a7085 Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
807e72372f Bug 869836 - Part 4: Use EqualsLiteral instead of Equals(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
411a8639b4 Bug 869836 - Part 3: Use Append('c') instead of AppendLiteral("c"). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
62570a8716 Bug 869836 - Part 2: Use AppendLiteral instead of Append(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:50 +03:00
Camilo Viecco
a87a54bcc1 Bug 1010594 - Part 2/2 tests - r=keeler 
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
 2014-05-19 13:26:23 -07:00
Camilo Viecco
1eac4f4b6c Bug 1010594 - Part 1/2 OCSP url check - r=briansmith 
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
 2014-05-16 13:53:14 -07:00
Camilo Viecco
4eff7cf088 Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler 
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
 2014-05-15 08:04:54 -07:00
Richard Barnes
7b6d82be69 Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler 2014-05-16 15:47:00 -04:00
Bob Owen
2c9a59f64a Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz 2014-05-14 16:09:31 +01:00
Jed Davis
c7dae997a6 Bug 920372 - Fix socketcall whitelisting on i386. r=kang 2014-05-20 18:38:14 -07:00
Jed Davis
1523066770 Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang 2014-05-20 18:38:06 -07:00
Jed Davis
3a308504da Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang 2014-05-20 18:37:53 -07:00
Jed Davis
3b103d307f Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang 
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h

Updated:
* base/basictypes.h
* base/macros.h

At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require.  However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
 2014-05-20 18:37:45 -07:00
Monica Chew
b35189dfe7 Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler) 2014-05-20 13:25:02 -07:00
Richard Barnes
ae11832c51 Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched 2014-05-03 08:50:00 +02:00
Chris Peterson
7429b133b7 Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith 2014-05-17 20:12:10 -07:00
Monica Chew
1d542c52b2 Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler) 2014-05-19 13:24:41 -07:00
Monica Chew
8bc2f051f9 Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler) 2014-05-19 13:04:40 -07:00
David Keeler
0c382cbab9 bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc 2014-05-19 12:14:51 -07:00
David Keeler
b0685b996f bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc 2014-05-19 12:14:44 -07:00
David Keeler
7490c005ac bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
David Keeler
ca14d7c987 bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith 2014-05-19 11:13:04 -07:00
Marco Castelluccio
98f16ffbdc Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith 2014-05-18 15:42:42 +02:00
ffxbld
7253546a17 No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update 2014-05-17 03:15:04 -07:00
Brian Smith
ed25ac818b Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco 
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
 2014-05-14 17:46:32 -07:00
Brian Smith
b3711e99df Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler 
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
 2014-05-15 18:59:52 -07:00
Brian Smith
fcba6f8814 Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler 
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
 2014-05-14 19:30:09 -07:00
Brian Smith
e1de62ff87 Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler 
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
 2014-05-14 01:02:34 -07:00
Brian Smith
dd25f656a6 Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler 
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
 2014-04-25 20:27:27 -07:00
Brian Smith
8a6f85b521 Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler 
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
 2014-05-05 09:55:57 -07:00
Monica Chew
a1ab4d859d Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler) 2014-05-15 16:56:51 -07:00
Monica Chew
f023ce771c Bug 1006594: Implement moz-specific telemetry (r=keeler) 2014-05-14 16:36:46 -07:00
David Keeler
34bae7a5a0 backout dfc04fd0a41f (bug 1002814) for gtest breakage 2014-05-14 11:08:20 -07:00
David Keeler
099169f359 bug 1005266 - disable strict timeout checking in test_ocsp_timeout.js on WinXP because of frequent failures r=mmc 2014-05-14 09:57:10 -07:00
David Keeler
bfe37e0d32 bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
Patrick McManus
033d5fc4e8 bug 1006804 - psm interface for kea size and make kea available in preliminary handshake r=keeler r=honzab 2014-05-06 17:22:25 -04:00
Gervase Markham
4ce70c195e Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith. 2014-05-14 14:37:25 +01:00
Monica Chew
9eb1c9c9de Bug 1009720: Telemetry for CERT_PINNING_TEST_RESULTS (r=keeler) 2014-05-13 13:50:13 -07:00
David Keeler
c441103da0 bug 1005355 - look for PSM test binaries in /data/local/xpcb/ on Android/B2G r=mmc 2014-05-12 14:38:00 -07:00
Monica Chew
d1eb9b420d Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler) 2014-05-08 17:18:50 -07:00
Carsten "Tomcat" Book
ce3573f668 Merge mozilla-central to mozilla-inbound 2014-05-12 13:48:01 +02:00
Carsten "Tomcat" Book
97853c8221 merge mozilla-inbound to mozilla-central 2014-05-12 13:33:19 +02:00
ffxbld
59e3b8e3f4 No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update 2014-05-10 03:26:08 -07:00
Jacek Caban
37b0fcfa8d Bug 1005309 - Fixed MSVC detection. 
--HG--
extra : rebase_source : 0b61de1270eb861234539de675c2d381e217f55c
 2014-05-12 11:01:22 +02:00
David Keeler
0d13727d61 bug 1005266 - specify a timeout for the socket in test_ocsp_timeout.js r=mmc 2014-05-09 15:17:43 -07:00
Camilo Viecco
b1148150bc Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc 2014-05-09 10:58:47 -07:00
David Keeler
92b21afdff bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc 2014-05-08 15:33:38 -07:00
David Keeler
a4528a1530 bug 1007813 - match CreateEncodedCertificate declaration to its definition r=mmc 2014-05-08 11:51:50 -07:00
Wan-Teh Chang
6a62d32e50 Bug 979703: Update NSS to NSS_3_16_2_BETA1. 
Fix bugs in intel-gcm-x86-masm.asm and re-enable the
Intel AES assembly code. (The fix is by Shay Gueron of Intel.)
Remove an unnecessary loop in intel-gcm-x64-masm.asm r=agl.
 2014-05-08 14:28:47 -07:00
Monica Chew
a203d88ce4 Bug 1000354: Fix comment and make test clearer (r=keeler) 2014-05-07 15:48:23 -07:00
Bobby Holley
5c9d904093 Bug 997987 - Remove usage of nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger 2014-05-06 15:43:03 -07:00
Jed Davis
52cd05523d Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang 2014-05-02 16:57:00 +02:00
Camilo Viecco
ae2571aa01 Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler 
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
 2014-05-05 13:59:32 -07:00
Wan-Teh Chang
958625bc6e Bug 993569: Update to NSS 3.16.1 and NSPR 4.10.5. r=kaie. 2014-05-05 13:51:39 -07:00
Monica Chew
b049aa3cac Bug 1005364: Disable pinning for all mozilla properties (r=keeler) 2014-05-04 15:36:38 -07:00
Brian Smith
a97bc4147c Bug 1005667: Fix build warning due to buggy test code in pkixtestutil.cpp, r=dholbert 2014-05-04 11:04:48 -07:00
Brian Smith
163631e898 Bug 1005309, Part 2: Enable extended compiler warnings (-W4 -Wall) in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 033574a0b26582753baec003becfaf15bbd85003
extra : histedit_source : 2d52c47f92b8f694203c2eb580b37be78ccf2f9c
 2014-05-03 17:50:26 -07:00
Brian Smith
8da948d67f Bug 1005309, Part 1: Improve type conversion and error checking for hashing done in mozilla::pkix's pkixocsp.cpp. r=mmc 
--HG--
extra : rebase_source : 79c248ebc45d722249ae7adbbd2527dc9985f6f0
extra : histedit_source : 8ea66942cec4252d9d7e625da22b5ad9964485a1
 2014-05-02 11:53:06 -07:00
Brian Smith
2cad23bbfd Bug 1005256: Improve parameter validation in mozilla::pkix::der::Input::GetSECItem, r=mmc 
--HG--
extra : rebase_source : 93b65e103c86747ddaf463e639aacffdf7ccb08f
extra : histedit_source : 10ef0ab13fb9de710ea3c589600db4632f9cf4a0
 2014-05-02 11:52:10 -07:00
Brian Smith
b6d4008ea4 Bug 1005208: Rename issuerKeyHash to keyHash in mozilla::pkix's pkixocsp.cpp, r=mmc 
--HG--
extra : rebase_source : ede4ed17cb56e3e52325ecadc2c5ded33c4a6013
extra : histedit_source : b727000e81bbc8afa6b9f8188b97065f59da45ad
 2014-05-02 10:40:03 -07:00
Brian Smith
46d3a85aea Bug 1005198: Make it easy to create test certificates in GTest tests, r=keeler 
--HG--
extra : rebase_source : 0b1ec263a5a1ce1856afb12f11ea4c35c2aa55d0
extra : histedit_source : 40a3a3fc1993de0fcdeb5593a1a1df4dc94832b8
 2014-04-25 19:57:40 -07:00
ffxbld
b43b9dd445 No bug, Automated HSTS preload list update from host bld-linux64-spot-043 - a=hsts-update 2014-05-03 03:18:44 -07:00
David Keeler
e771a7d73d bug 1004270 - use SQL cert/key DBs in PSM tests so we can run them on Android r=briansmith 2014-05-02 15:06:29 -07:00
Camilo Viecco
3b227aa061 Bug 951315 - Add telemetry to PK pinning. r=dkeeler 2014-04-30 17:04:00 -07:00
Monica Chew
92fa29b307 Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler 
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
 2014-05-01 14:48:37 -07:00
David Keeler
6c916db011 bug 982248 - NSSCertDBTrustDomain: specify timeout for OCSP requests r=briansmith 2014-05-01 15:07:55 -07:00
Brian Smith
cb05abe1d6 Bug 1003290: Fix OID parser template type, r=keeler 
--HG--
extra : rebase_source : c33e450b84234ae7471118c2f8749593a59d9298
 2014-04-25 16:31:30 -07:00
Brian Smith
6b71be8400 Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
 2014-04-25 16:29:26 -07:00
Brian Smith
80e8f86c33 Bug 1002929: Avoid implicit conversion of Result to boolean in mozilla::der::GeneralizedTime, r=keeler 
--HG--
extra : rebase_source : 8966d41f1837611b83ac84b347aeddfade9bc949
 2014-04-24 16:08:30 -07:00
Monica Chew
b06faaca65 Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 20:11:35 -07:00
Monica Chew
a950040c90 Backed out changeset 9c8fbf297d51 
Camilo did not land his patch that this depends on, my bad.
 2014-04-30 20:01:34 -07:00
Monica Chew
628c03d585 Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 19:56:03 -07:00
Monica Chew
625b9449b2 Bug 998057: Add test pinset to the pin generator (r=cviecco) 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.der => security/manager/boot/src/default-ee.der
 2014-04-30 15:30:44 -07:00
Camilo Viecco
06f960a801 Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler 
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
 2014-02-05 14:49:10 -08:00
Richard Barnes
39fa6a3803 Bug 1003604 - Make nsNSSShutDownObject::isAlreadyShutDown() const. r=dkeeler 2014-04-29 17:45:00 +02:00
Rodrigo Rodriguez Jr.
bc17528767 Bug 952650 (part 11) - Remove JSVAL_TO_INT. r=njn. 
--HG--
extra : rebase_source : 41923458bbf8fd957c9a57685df4969f1190bd9f
 2014-04-27 19:55:08 -07:00
Rodrigo Rodriguez Jr.
1b9dfa0db1 Bug 952650 (part 9) - Remove JSVAL_IS_INT. r=njn. 
--HG--
extra : rebase_source : dc0c170914c2370c218cdbbe671d2a68628f5a87
 2014-04-27 19:47:02 -07:00
Rodrigo Rodriguez Jr.
5b7e66980d Bug 952650 (part 1) - Remove JSVAL_IS_NULL. r=terrence. 
--HG--
extra : rebase_source : 83d1cdaf71260fd99b688c23303ceb2de7b00031
 2014-04-27 19:30:51 -07:00
Wan-Teh Chang
e809100c4e Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 4. This disables 
the new Intel AES assembly code on Windows. r=kaie.
 2014-04-29 16:13:03 -07:00
Camilo Viecco
08d3905de0 Bug 744204 - Allow Key pining part 1 - Built-in Pinning Service. r=keeler 2013-06-20 10:35:43 -07:00
David Keeler
2a77846f27 bug 977865 - mozilla::pkix: add backoff for ocsp fetching when a responder fails r=cviecco 2014-04-28 16:38:15 -07:00
Brian Smith
c587f858f4 Bug 998067: Add utility code for making it easier to create GTests based on NSS, r=keeler 
--HG--
extra : rebase_source : 8ae08d1ccc9329aa567cfc7ac590ddb026155bae
 2014-04-16 21:38:01 -07:00
Brian Smith
2c23644423 Bug 1000544: Use "Fail(x, y)" instead of "PR_SetError(y, 0); return x;" more consistently, r=mmc 
--HG--
extra : rebase_source : 96addac738b8ffe39c7a92d546388d5f13fc2340
 2014-04-23 14:13:32 -07:00
Brian Smith
8d2dfeb6e2 Bug 1000482: Remove unused stapledOCSPResponse parmaeter from BuildForwardInner, r=mmc, r=keeler 
--HG--
extra : rebase_source : b5d67d3488aa3df5690a7dd2b76495ac4986a723
 2014-04-23 13:42:38 -07:00