wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
255,961 Commits 1 Branch 166 Tags 1.2 GiB
8e46480389
Commit Graph

3365 Commits

Author SHA1 Message Date
Masatoshi Kimura
6ca1dfe672 Bug 1165549 - Update fallback whitelist. r=keeler 2015-06-17 20:52:33 +09:00
David Keeler
8528e39216 bug 1173565 - convert test_pinning_dynamic.js to generate certificates at build time r=Cykesiopka 
Also fixes up references to test_pinning_dynamic certificates in test_pinning_header_parsing.js
 2015-06-09 10:35:47 -07:00
Cykesiopka
b81b757b1e Bug 1171820 - Convert test_bug483440.html mochitest to an xpcshell test. r=keeler 2015-06-13 00:51:00 +02:00
Birunthan Mohanathas
334f1e22e7 Bug 1164714 - Move netwerk/test/TestSTSParser.cpp into security/manager/ssl/tests/. r=keeler 2015-06-14 21:37:12 -07:00
David Keeler
2a50c02e15 bug 1172615 - check for and return early in the case of authentication bypass in AuthCertificateHook r=mcmanus 2015-06-08 13:18:23 -07:00
Jed Davis
98cf948a01 Bug 1168555 - Work around Nuwa not always being single-threaded when a normal content process is. r=kang 2015-06-10 13:38:00 -04:00
Kai Engert
6f9a988165 Bug 1174102 - Update to NSS 3.19.2, landing NSS_3_19_2_BETA1, r=nss-confcall 2015-06-12 11:10:17 +02:00
Cykesiopka
40dfab484a Bug 1171819 - Convert test_cert_eku-*.js to generate certificates at build time. r=keeler 2015-06-10 22:50:00 +02:00
Mike Perry
bc766df83c Bug 629558 - Pref to make Intermediate Cert Store memory-only. r=keeler 2015-06-10 14:14:00 +02:00
Atul Kumar
6e6d6a989d Bug 1136301 - Null check for mCert->slot added in destructorSafeDestroyNSSReference & MarkForPermDeletion. Formatting update in MarkForPermDeletion. r=keeler 2015-06-10 09:46:16 -07:00
David Keeler
a5ab4c5ab5 bug 1170303 - treat malformed name information in certificates as a domain name mismatch r=Cykesiopka 2015-06-01 13:55:23 -07:00
David Keeler
e41d9fdb07 bug 1171557 - make test_cert_trust.js certs a bit more realistic r=mgoodwin 
According to the Baseline Requirements, root certificates MUST NOT
have the extendedKeyUsage extension. The extension is optional for
intermediates and required for end-entity certificates. This change
modifies the test certificates so they're more in line with the BRs.
 2015-06-03 15:37:38 -07:00
David Keeler
848778789e bug 1171557 - convert test_cert_trust.js to generate certificates at build time r=mgoodwin 2015-06-03 15:12:00 -07:00
Eric Rahm
a30b6503c6 Bug 1145893 - Shutdown nsNSSComponent background threads during xpcom-shutdown. r=keeler, a=me 2015-03-23 10:58:25 -07:00
Richard Barnes
89e603eaa6 Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler 2015-05-28 13:29:13 -07:00
Ryan VanderMeulen
a79144fc40 Backed out changeset fda85020d842 (bug 1010068) for Android test_cert_overrides.js failures. 
CLOSED TREE
 2015-06-08 11:37:33 -04:00
Richard Barnes
6b65fec02a Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler 2015-05-28 13:29:13 -07:00
Carsten "Tomcat" Book
48583b4851 merge mozilla-inbound to mozilla-central a=merge 2015-06-08 11:55:30 +02:00
ffxbld
a8e18e32a0 No bug, Automated HPKP preload list update from host bld-linux64-spot-1061 - a=hpkp-update 2015-06-06 03:26:59 -07:00
ffxbld
e2ae16611e No bug, Automated HSTS preload list update from host bld-linux64-spot-1061 - a=hsts-update 2015-06-06 03:26:57 -07:00
Jed Davis
3bde26970c Bug 1055310 - Step 3: Move syscall interceptions into SandboxFilter.cpp. r=kang 
We can now keep the part of the policy implemented by upcalls to
userspace in the same place as the part of the policy that's handled
entirely in the kernel.  This will become more useful in the future
(e.g., bug 930258).
 2015-06-05 15:17:40 -07:00
Jed Davis
9baf0005f4 Bug 1055310 - Step 2: Move SIGSYS handling to Chromium TrapRegistry. r=kang 
This is more complicated than I'd like it to be, because we don't have
a good way to combine a specific trap function's knowledge that we want
to get a crash dump with the SIGSYS handler's copy of the unprocessed
signal info (which breakpad wants).  The bpf_dsl interface requires a
specific trap function type (via the TrapRegistry superclass), so even
if we implement our own registry we can't change what's passed to it.
Normally we could use thread-local storage to get around that, but it's
not async signal safe.

As a result there is an imperfect compromise: the trap function returns
a failure with ENOSYS, Chromium's SIGSYS handler writes it into the
context, our SIGSYS handler reads it back out and uses a copy of
the original signal context for the crash dump.  Other error codes
(and returning ENOSYS via the seccomp-bpf policy itself) are handled
normally.
 2015-06-05 15:17:35 -07:00
Jed Davis
06da80b656 Bug 1055310 - Step 1: Convert seccomp-bpf policies to Chromium PolicyCompiler. r=kang 
This completely rewrites SandboxFilter.cpp and removes SandboxAssembler.
System calls are now loosely grouped by what they do, now that order
doesn't matter, and most of the intersection the content and media
plugin whitelists is moved into a common superclass.  Hopefully this
improves the readability and comprehensibility of the syscall policies.

Also, the macros that take the syscall name are gone, because a plain
case label usually suffices now (the CASES_FOR_thing macros are a little
unsightly, but they're relatively simple), and at one point we saw
strange macro expansion issues with system header files that #define'd
some syscall names.

The signal handling is not migrated yet, so Trap() actions can't be used
yet; the next patch will take care of that, and to keep the intermediate
state working there's a minimal shim.

Bonus fix: non-const global variables use the "g" prefix; "s" is for
static class members and static variables in a function (where the
default is to allocate a separate copy per instance/activation).
 2015-06-05 15:17:32 -07:00
David Keeler
dc258334a5 bug 969985 - cleanup of test_certificate_usages.js - see the rest of this commit message r=mgoodwin 
Converts test_certificate_usages.js to generate certificates at build time.
Also does miscellaneous cleanup to use modern JS practices.
Since the test_cert_eku-* suite of tests covers the extended key usage extension,
removes superfluous testcases involving EKU.
Finally, renames test_certificate_usages.js to test_cert_keyUsage.js for a more
consistent naming scheme.
 2015-06-02 10:58:59 -07:00
Eric Rahm
29f00ac208 Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-03 15:25:57 -07:00
Eric Rahm
f2c51f1dd9 Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-03 15:22:35 -07:00
Eric Rahm
243447023a Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-03 15:22:30 -07:00
Eric Rahm
f3d0db1203 Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-03 15:22:28 -07:00
Cykesiopka
9979e1c6c3 Bug 1169195 - Convert test_bug644006.html mochitest to an xpcshell test. r=keeler 2015-06-02 22:49:00 -04:00
Bob Owen
e417ad7bcb Bug 1166669: Enable process-level mitigations for the Windows content process sandbox. r=tabraldes 2015-06-03 09:13:00 +01:00
Nicholas Nethercote
265569e6b8 Bug 1170416 (part 3) - Remove the PLDHashTable2 typedef. r=froydnj. 2015-05-19 16:46:17 -07:00
Mike Hommey
19e738456b Bug 1170431 - Pass buildid as input to pycert.py. r=gps 2015-06-03 07:10:25 +09:00
Mike Hommey
1d1000b55e Bug 1170431 part 0 - Use the *Path classes for GENERATED_FILES scripts and inputs. r=gps 2015-06-03 07:10:12 +09:00
Carsten "Tomcat" Book
e2f82674b8 Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures 
Backed out changeset d68dcf2ef372 (bug 1165515)
Backed out changeset 7c3b45a47811 (bug 1165515)
Backed out changeset b668b617bef2 (bug 1165515)
Backed out changeset d0916e1283a2 (bug 1165515)
Backed out changeset ac4dc7489942 (bug 1165515)
Backed out changeset e9632ce8bc65 (bug 1165515)
Backed out changeset c16d215cc7e4 (bug 1165515)
Backed out changeset e4d474f3c51a (bug 1165515)
Backed out changeset d87680bf9f7c (bug 1165515)
Backed out changeset b3c0a45ba99e (bug 1165515)
Backed out changeset 9370fa197674 (bug 1165515)
Backed out changeset 50970d668ca1 (bug 1165515)
Backed out changeset ffa4eb6d24b9 (bug 1165515)
Backed out changeset 5fcf1203cc1d (bug 1165515)
 2015-06-02 13:05:56 +02:00
Eric Rahm
18bd3de863 Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-01 22:17:33 -07:00
Eric Rahm
99ffec18c4 Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-01 22:17:26 -07:00
Eric Rahm
ef5ac6fa3d Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-01 22:17:21 -07:00
Eric Rahm
dca9287933 Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-01 22:17:19 -07:00
Wes Kocher
bd796581dc Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE 
Backed out changeset 9b97e2aa2ed9 (bug 1165515)
Backed out changeset 150606c022a2 (bug 1165515)
Backed out changeset 4e875a488349 (bug 1165515)
Backed out changeset 467e7feeb546 (bug 1165515)
Backed out changeset d6b6cc373197 (bug 1165515)
Backed out changeset 0615265b593c (bug 1165515)
Backed out changeset fafd1dce9f08 (bug 1165515)
Backed out changeset d1df869245f9 (bug 1165515)
Backed out changeset 6876a7c63611 (bug 1165515)
Backed out changeset b7841c94a9a3 (bug 1165515)
Backed out changeset e5e3617f7c73 (bug 1165515)
Backed out changeset 39be3db95978 (bug 1165515)
Backed out changeset 0ec74176f8de (bug 1165515)
Backed out changeset 5b928dd10d71 (bug 1165515)
 2015-06-01 17:57:58 -07:00
Eric Rahm
ae32743ed2 Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-01 14:31:01 -07:00
Eric Rahm
d27d4cb5f1 Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-01 14:31:00 -07:00
Eric Rahm
db180ff7c4 Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-01 14:31:00 -07:00
Eric Rahm
aa2c33e0cf Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-01 14:31:00 -07:00
Carsten "Tomcat" Book
df0827d499 Merge mozilla-central to mozilla-inbound 2015-06-01 15:19:42 +02:00
Carsten "Tomcat" Book
881576a1b1 merge mozilla-inbound to mozilla-central a=merge 2015-06-01 15:00:24 +02:00
ffxbld
08fe550e78 No bug, Automated HPKP preload list update from host bld-linux64-spot-534 - a=hpkp-update 2015-05-30 03:26:59 -07:00
ffxbld
e5e1a5ba65 No bug, Automated HSTS preload list update from host bld-linux64-spot-534 - a=hsts-update 2015-05-30 03:26:57 -07:00
Cykesiopka
9f547d3c89 Bug 1169530 - Add l10n string for SSL_ERROR_WEAK_SERVER_CERT_KEY. r=dkeeler 
Also removes the strings for the SSL_ERROR_UNUSED_5 and SSL_ERROR_UNUSED_10 errors.
 2015-05-28 22:50:00 +02:00
Bob Owen
4eddb939fd Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg 2015-05-22 17:05:45 +01:00
David Keeler
91a9bcaf77 bug 1166976 - generate some PSM xpcshell test certificates at build time r=Cykesiopka,mgoodwin,froydnj 2015-05-20 16:35:16 -07:00
Ryan VanderMeulen
c6c4e6486b Bug 1166031 - Update NSS to NSS_3_19_1_RTM. a=sledru 2015-05-28 14:14:52 -04:00
Nicholas Nethercote
0e7edc78fc Bug 1168007 (part 7) - Use PLDHashTable2 in nsCertTree. r=froydnj. 
It's possible that Clear() will be called on a table that hasn't had anything
inserted in it, but that's ok.
 2015-05-18 21:14:51 -07:00
Nicholas Nethercote
385887714d Bug 1168007 (part 6) - Use PLDHashTable2 in nsSecureBrowserUIImpl. r=froydnj. 2015-05-18 21:02:48 -07:00
Cykesiopka
5aa3c9df74 Bug 1168695 - Add result strings to PSM xpcshell HPKP tests. r=keeler 2015-05-28 02:26:00 +02:00
Cykesiopka
f21804994b Bug 1167254 - Convert test_bug234856.html mochitest to an xpcshell test. r=keeler 2015-05-28 02:22:00 +02:00
Makoto Kato
edc1420150 Bug 1166323 - Remove IME sequence number. r=masayuki,nchen 2015-05-28 13:51:40 +09:00
Birunthan Mohanathas
b71747de61 Bug 1164714 - Fix unified compilation bustage on Windows. r=me 
CLOSED TREE
 2015-05-27 19:37:09 -07:00
Birunthan Mohanathas
2e77719e3d Bug 1164714 - Move netwerk/base/nsISiteSecurityService.idl into security/manager/ssl. r=keeler,mcmanus 2015-05-26 10:31:30 -07:00
Birunthan Mohanathas
37d96edab0 Bug 1164714 - Move and flatten security/manager/boot/{public,src}/ into security/manager/ssl/. r=keeler 2015-05-26 10:31:25 -07:00
Birunthan Mohanathas
a7011ffde2 Bug 1164714 - Flatten security/manager/ssl/src/ directory. r=keeler 2015-05-26 10:31:23 -07:00
Birunthan Mohanathas
2befc8e59a Bug 1164714 - Flatten security/manager/ssl/public/ directory. r=keeler 2015-05-26 10:30:46 -07:00
Mike Hommey
2c863b9fe4 Bug 991983 - Define SOURCES as SourcePath. r=gps 2015-05-28 07:34:15 +09:00
Kaspar Brand
d8d1910516 Bug 1168048 - Avoid potential null-pointer dereferencing in nsNSSCertificateDB r=keeler 2015-05-27 14:12:26 -07:00
Cykesiopka
6cc0362091 Bug 1167866 - Add result strings to PSM test_cert* xpcshell tests. r=keeler 2015-05-23 19:57:32 -07:00
Phil Ringnalda
199f7ab4ef Merge m-i to m-c, a=merge 2015-05-23 13:31:21 -07:00
ffxbld
d0c500bd71 No bug, Automated HPKP preload list update from host bld-linux64-spot-023 - a=hpkp-update 2015-05-23 03:32:23 -07:00
ffxbld
4a12cdd4e2 No bug, Automated HSTS preload list update from host bld-linux64-spot-023 - a=hsts-update 2015-05-23 03:32:21 -07:00
Makoto Kato
d62075c412 Bug 958421 - XUL dialog for certificate is security/manager/pki/resouces is unnecessary on Firefox Android. r=snorp 2015-05-22 14:28:04 +09:00
Nathan Froyd
f61c010661 Bug 1160485 - remove implicit conversion from RefPtr<T> to TemporaryRef<T>; r=ehsan 
Having this implicit conversion means that we can silently do extra
refcounting when it's completely unnecessary.  It's also an obstacle to
making RefPtr more nsRefPtr-like, so let's get rid of it.
 2015-05-01 09:14:16 -04:00
Tim Taubert
66b896c92f Bug 1060112 - Don't treat OCSP responses omitting the requested certificate status as "unknown certificate" responses blocking the connection r=keeler 2015-05-21 13:39:34 -04:00
Eric Rahm
ccf1ec07c6 Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj 2015-05-21 13:22:04 -07:00
Nicholas Nethercote
5990994dda Bug 1166586 (part 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj. 
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
 2015-05-04 22:59:24 -07:00
Ryan VanderMeulen
995bebec24 Backed out changeset 38ff380719e4 (bug 1166031) for test_WebCrypto_DH.html failures. 2015-05-20 22:05:15 -04:00
Ryan VanderMeulen
224bdbec3e Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt 2015-05-20 21:06:06 -04:00
David Keeler
0f00f328f3 Bug 1166031 - Update PSM xpcshell small RSA key test to reflect new error. r=Cykesiopka 
Previously NSS would accept smaller RSA key sizes than PSM would in TLS handshakes. Now that the limit is the same, NSS handles the handshake termination with a different error code before PSM can make its own policy decision.
 2015-05-21 12:57:03 -07:00
Ryan VanderMeulen
b1647b5e41 Bug 1166031 - Update NSS to NSS_3_19_1_BETA1. r=mt 2015-05-20 21:06:06 -04:00
Cykesiopka
06e1f43ea2 Bug 1166078 - Clean up and add expected result strings to test_hmac.js. r=keeler 2015-05-18 15:22:54 -07:00
Birunthan Mohanathas
9f65019493 Bug 1164714 - Flatten security/manager/pki/src/ directory. r=keeler 2015-05-19 10:47:42 -07:00
Birunthan Mohanathas
e9750de36b Bug 1164714 - Flatten security/manager/pki/public/ directory. r=keeler 2015-05-19 10:47:38 -07:00
Eric Rahm
c5e63515bf Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj 2015-05-19 11:15:34 -07:00
David Keeler
af988c6fc0 bug 1165911 - do more safety checks when gathering successful TLS connection telemetry r=Cykesiopka 2015-05-18 10:37:38 -07:00
Nicholas Nethercote
35fffb1333 Back out a1f7ae44c7bb (bug 1164373) for causing intermittent test failures. 2015-05-18 19:00:54 -07:00
Carsten "Tomcat" Book
e5535efc49 merge mozilla-inbound to mozilla-central a=merge 2015-05-18 13:43:01 +02:00
cedric
b48a2260ab Bug 1152842 - Remove legacy Download Manager support from test_bug383369.html. r=paolo 2015-05-11 17:43:15 -07:00
Richard Barnes
84216a7c40 Backed out changeset fe10feec1ede because of OCSP test failures 2015-05-16 16:38:34 -04:00
Richard Barnes
6384ecbf90 Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler 2015-05-15 16:17:47 -04:00
Phil Ringnalda
01393a8965 Merge m-c to m-i 2015-05-16 09:49:14 -07:00
Phil Ringnalda
66b8e8f803 Merge m-i to m-c, a=merge 2015-05-16 08:50:37 -07:00
ffxbld
fb722a1b1e No bug, Automated HPKP preload list update from host bld-linux64-spot-152 - a=hpkp-update 2015-05-16 03:30:30 -07:00
ffxbld
4aece5ec95 No bug, Automated HSTS preload list update from host bld-linux64-spot-152 - a=hsts-update 2015-05-16 03:30:28 -07:00
Neil Rashbrook
441960eebc Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan 2015-05-16 09:07:10 +01:00
Nicholas Nethercote
0addd071a9 Back out all four patches from bug 1161377. r=me. 
Due to Android startup regressions (bug 1163066) and plugin crashes (bug
1165155).
 2015-05-14 21:48:43 -07:00
Wes Kocher
484229a7ff Backed out changeset 17cfad44e12b (bug 1155963) for breaking b2g builds 2015-05-14 16:35:18 -07:00
Jed Davis
22bcabd0af Bug 1162965 - Use /dev/shm instead of /tmp for sandbox chroot if possible. r=kang 2015-05-14 16:19:08 -07:00
Neil Rashbrook
5b5c002aaf Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan 2015-05-15 00:00:33 +01:00
Cykesiopka
d7bf2e4a0b Bug 1164409 - Reduce PSM xpcshell script code duplication. r=keeler 2015-05-15 02:28:00 -04:00
David Keeler
77060a5e28 bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes 2015-04-06 16:10:28 -07:00
Nicholas Nethercote
8d5e9cca79 Bug 1164373 - Remove two static constructors involving PR_NewLogModule(). r=froydnj. 2015-05-13 18:02:56 -07:00
Nicholas Nethercote
37a9035e51 Bug 1161377 (part 3, attempt 2) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj. 2015-05-12 17:33:26 -07:00
David Major
68b0dee7c5 Bug 1149718: Fix wow_helper lib path for VS2015. r=glandium 2015-05-12 18:20:28 -04:00
David Keeler
8924191348 bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka 2015-05-07 11:06:07 -07:00
Cykesiopka
8f0e75f3c3 Bug 1163358 - Add "psm" tag to PSM xpcshell and mochitest manifests. r=dkeeler 2015-05-09 18:21:00 +02:00
Mike Hommey
ec07b959e5 Bug 1043692 - Add a DIST_INSTALL variable to moz.build, and replace NO_DIST_INSTALL with it. r=gps 2015-05-12 07:55:21 +09:00
Bob Owen
6bab3a7af4 Bug 1146874 Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes 2015-05-11 08:24:39 +01:00
Nicholas Nethercote
bdb7128dd1 Backout c375efe78e07 (bug 1161377 part 3) for (probably) increasing the static constructor count and regressing Fennec start-up time. r=me. 2015-05-10 22:16:18 -07:00
Phil Ringnalda
cd38d9b5e8 Merge m-c to m-c, a=merge 2015-05-09 14:16:58 -07:00
ffxbld
ab2219f9d0 No bug, Automated HPKP preload list update from host bld-linux64-spot-270 - a=hpkp-update 2015-05-09 03:31:59 -07:00
ffxbld
b463f10047 No bug, Automated HSTS preload list update from host bld-linux64-spot-270 - a=hsts-update 2015-05-09 03:31:58 -07:00
Wes Kocher
fa0da51ac6 Merge fx-team to m-c a=merge 2015-05-08 10:29:41 -07:00
Eric Rahm
c0f39382bd Bug 1162691 - Part 2: Wrap expensive calls in PR_LOG_TEST. r=froydnj 
Check that logging is enabled before performing potentially expensive
operations.
 2015-05-08 14:36:34 -07:00
Eric Rahm
3c0f5bf63e Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj 
PR_LOGGING is now always defined, we can remove #ifdefs checking for it.
 2015-05-08 14:36:33 -07:00
Daniel Veditz
3bab854bdd Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler 2015-05-05 20:21:00 +02:00
Bob Owen
46c30cdbd5 Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes 2015-05-06 10:11:56 +01:00
L. David Baron
ffb6e08be2 Back out changeset a02ea85607a2 (bug 1038072) for widespread test failures (at least Linux, Android, and Mulet), on a CLOSED TREE. 2015-05-06 09:58:55 +02:00
Daniel Veditz
d2b1ef4d0e Bug 1038072 - signature verification for JAR files unpacked into a directory. r=keeler 2015-05-05 20:21:00 +02:00
Nicholas Nethercote
02e9b810da Bug 1161377 (part 3) - Convert some easy PL_DHashTable{Init,Finish} cases. r=froydnj. 
This patch converts easy cases, i.e. where the PL_DHashTableInit() call occurs
in a constructor and the PL_DHashTableFinish() call occurs in a destructor.
 2015-05-04 22:59:24 -07:00
Mark Goodwin
de6b7028f1 Bug 1128607 - Test the freshness check for OneCRL (r=keeler) 2015-05-07 18:54:07 +01:00
Mark Goodwin
9e5913dddb Bug 1128607 - Add freshness check for OneCRL (r=keeler) 2015-05-07 18:54:05 +01:00
Patrick McManus
726e9673d3 bug 1153212 - 2/2 Necko explicitly track origin vs routed host and give psm only origin r=dkeeler r=hurley IGNORE IDL 
Allow necko to simultaneously track the dual concept of routed host
and origin (authenticated host). The origin is given to the socket
provider and the routed host is inserted at DNS lookup time as if it
were a SRV or CNAME.
 2015-04-09 11:31:59 -04:00
Patrick McManus
a2982caa07 bug 1153212 - 1/2 revert 90d6a38931fa to make room for better fix r=backout 2015-05-07 13:16:26 -04:00
Kai Engert
8ea2fcf08e Bug 1144055, Upgrade Firefox to use NSS 3.19, landing NSS_3_19_RTM 2015-05-04 21:34:38 +02:00
Cykesiopka
fa466bc83d Bug 1153446 - Replace instances of double spacing with single spacing in nsserrors.properties. r=dkeeler 2015-05-01 02:40:00 +02:00
Phil Ringnalda
48398662cf Merge m-i to m-c, a=merge 2015-05-02 10:02:17 -07:00
ffxbld
904d847525 No bug, Automated HPKP preload list update from host bld-linux64-spot-137 - a=hpkp-update 2015-05-02 03:30:49 -07:00
ffxbld
9a9af4a556 No bug, Automated HSTS preload list update from host bld-linux64-spot-137 - a=hsts-update 2015-05-02 03:30:48 -07:00
Mike Hommey
b673a97a25 Bug 1134923 - Remove NS_Alloc/NS_Realloc/NS_Free. r=nfroyd 
They are kept around for the sake of the standalone glue, which is used
for e.g. webapprt, which doesn't have direct access to jemalloc, and thus
still needs a wrapper to go through the xpcom function list and get to
jemalloc from there.
 2015-05-01 09:40:30 +09:00
Nicholas Nethercote
29a54c9b3b Bug 1159972 - Remove the fallible version of PL_DHashTableInit(). r=froydnj. 
It's no longer needed now that entry storage isn't allocated there. (The other
possible causes of failures in that function are less interesting and simply
crashing is a reasonable thing to do for them.)

This also makes PL_DNewHashTable() infallible, so I removed some
now-unnecessary checks of its result.
 2015-04-29 16:38:29 -07:00
Bob Owen
0693a1dc83 Bug 1150515: Set the subsystem to WINDOWS,5.02 for wow_helper so that it runs on WinXP 64-bit. r=glandium 2015-04-30 09:48:03 +01:00
Masatoshi Kimura
931590121a Bug 1145844 - Update fallback whitelist. r=keeler 2015-04-29 13:48:53 +09:00
Andrew Bartlett
0b2e75f4be Bug 734229 - Partially address by refusing to re-negotiate on NTLM. r=mayhemer, r=keeler 
Now only one NTLM Negotiate packet will be sent per connection, rather
than again after a failed authentication.  The problem situation is
triggered due to failed Negotiate authentication, and is probably more
complex.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
 2014-11-28 11:34:06 +13:00
David Major
c92c020b89 Bug 1157835: Remove the MSVC_ENABLE_PGO flag from the build system. r=glandium 2015-04-27 19:59:27 -04:00
Carsten "Tomcat" Book
3923c05342 merge fx-team to mozilla-central a=merge 2015-04-27 12:34:03 +02:00
Carsten "Tomcat" Book
18a440fd0e merge mozilla-inbound to mozilla-central a=merge 2015-04-27 12:00:14 +02:00
ffxbld
bbd9aed0be No bug, Automated HPKP preload list update from host bld-linux64-spot-039 - a=hpkp-update 2015-04-25 03:32:33 -07:00
ffxbld
9fd30e6020 No bug, Automated HSTS preload list update from host bld-linux64-spot-039 - a=hsts-update 2015-04-25 03:32:31 -07:00
Jed Davis
8f10995d7b Bug 1154184 - Don't use Linux sandbox gtest dir if not building tests. r=gps 2015-04-24 17:36:08 -07:00
Dave Townsend
80ce794097 Bug 1038068: Check add-on signatures and refuse to install unsigned or broken add-ons (preffed off for now). r=dveditz 2015-03-31 11:32:40 -07:00
Carsten "Tomcat" Book
1a74144837 merge mozilla-inbound to mozilla-central a=merge 2015-04-24 14:37:13 +02:00
Richard Barnes
20b75325f3 Bug 1121982 - Update PSM to use NSS name constraints 2015-04-23 20:26:29 -04:00
Fabrice Desré
854266d52c Bug 1144600 - Don't crash when submitting <keygen> on b2g r=dkeeler 2015-04-23 13:35:49 -07:00
Blake Kaplan
1047b7458f Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler 2015-04-22 12:55:23 -07:00
Steven Michaud
2bb57bcd7a Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald 2015-04-22 14:56:09 -05:00
David Keeler
f9b93560f0 bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes 
Also remove certificates where notBefore is on or after 1 April 2015.
 2015-04-21 16:07:33 -07:00
Nathan Toone
1b81ed134e Bug 1124076 followup - fix the build when PR_LOGGING is not defined. r=mrbkap 2015-04-23 13:24:57 -07:00
David Keeler
7783f33c8b bug 1081128 - test_pinning.js takes ~300 seconds on b2g debug emulator - request a longer timeout for it r=Cykesiopka 2015-04-22 11:06:36 -07:00
Kai Engert
d7a44b34ec Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, r=nss-confcall 2015-04-23 21:16:20 +02:00
Francois Marier
29cbc60a12 Bug 1147212 - Add support for goog-unwanted-shavar. r=gcp,r=matej,r=smaug 2015-04-22 21:01:37 +12:00
Carsten "Tomcat" Book
407c282220 Backed out changeset 7f3cf84c11a9 (bug 1124076) for bustage on a CLOSED TREE 2015-04-22 13:44:23 +02:00
Blake Kaplan
87c47ee4e8 Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler 2015-04-21 14:56:00 +02:00
Ehsan Akhgari
d278570d19 Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel 
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
 2015-04-21 21:40:49 -04:00