Cykesiopka
c5c4162b83
Bug 1205962 - Address some pylint complaints about pycert.py and pykey.py, r=keeler
...
Also adds more uses of enumerate() to simplify code.
2015-10-05 23:24:14 -07:00
Jed Davis
14f7b5c225
Bug 930258 - Part 3: a file broker policy for the B2G emulator. r=kang
2015-10-07 22:13:08 -07:00
Jed Davis
5fa4dce03c
Bug 930258 - Part 2: seccomp-bpf integration. r=kang
2015-10-07 22:13:08 -07:00
Jed Davis
db019f1bf5
Bug 930258 - Part 1: The file broker, and unit tests for it. r=kang f=froydnj
2015-10-07 22:13:08 -07:00
David Keeler
d77b7d5ba3
bug 975763 - move test_certificate_overrides.html to test_cert_override_bits_mismatches.js r=mgoodwin
...
test_certificate_overrides.html didn't need to be a mochitest.
2015-09-29 12:39:54 -07:00
Carsten "Tomcat" Book
9f1c0bf17d
Backed out 2 changesets (bug 1202902) to recking bug 1202902 to be able to reopen inbound on a CLOSED TREE
...
Backed out changeset 647025383676 (bug 1202902)
Backed out changeset d70c7fe532c6 (bug 1202902)
2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book
9eaa0d1abc
Backed out 1 changesets (bug 1202902) for causing merge conflicts to mozilla-central
...
Backed out changeset cfc1820361f5 (bug 1202902)
2015-10-07 12:13:45 +02:00
Shu-yu Guo
53a85861c1
Bug 1202902 - Scripted fix the world.
2015-10-06 14:00:31 -07:00
Ben Kelly
39ac893e51
Bug 1210941 P10 Use LOAD_BYPASS_SERVICE_WORKER in nsNSSCallbacks. r=ehsan
2015-10-06 06:37:07 -07:00
Kate McKinley
7014f86655
Bug 1191414 - gather telemetry on usage of <keygen>. r=keeler,r=vladan
2015-09-22 09:52:58 -07:00
Wes Kocher
fa4394c0b9
Backed out changeset c288fb0952fb (bug 1211568) for build bustage CLOSED TREE
2015-10-05 15:56:08 -07:00
Kai Engert
36d5d94c83
Bug 1211568 - Upgrade Firefox 44 to NSS 3.21, landing NSS_3_21_Beta2, r=mt
2015-10-05 22:42:28 +02:00
Jed Davis
fb0049dedc
Bug 1207401 - Send B2G sandbox logging to both stderr and logcat. r=kang
2015-10-05 09:21:39 -07:00
Bob Owen
149742a926
Bug 1207972: Move to using USER_INTERACTIVE and JOB_INTERACTIVE by default for the Windows content sandbox. r=tabraldes
2015-10-05 11:10:46 +01:00
Nicholas Nethercote
434138fa6d
Bug 1209351 (part 5) - Optimize nsTHashTable::RemoveEntry() usage in security/. r=keeler.
2015-09-24 20:44:31 -07:00
Phil Ringnalda
da0936bb5f
Merge m-i to m-c, a=merge
2015-10-03 15:37:39 -07:00
ffxbld
dc83241385
No bug, Automated HPKP preload list update from host bld-linux64-spot-410 - a=hpkp-update
2015-10-03 03:44:51 -07:00
ffxbld
d939f15e9a
No bug, Automated HSTS preload list update from host bld-linux64-spot-410 - a=hsts-update
2015-10-03 03:44:49 -07:00
David Keeler
c7fac22d4c
bug 1205767 - prevent memory leak when generating an EC key with <keygen> r=ttaubert
2015-09-17 14:57:24 -07:00
Tooru Fujisawa
6ed8e81abc
Bug 1207499 - Part 8: Remove use of expression closure from security/. r=keeler
2015-09-23 18:42:19 +09:00
Kaspar Brand
84007f05ef
Bug 278689 - Multiple Certificates with the same subject are not shown in the digital signature select cert combo (only one is shown) r=dkeeler
2015-09-05 07:52:00 +02:00
David Keeler
6b687ec14b
bug 1187994 - remove unused file CryptoUtil.h r=jcj
...
This probably should have been removed as part of bug 891066.
2015-07-27 09:56:14 -07:00
David Keeler
9b8ef98274
bug 1203312 - split tlsserver certificates into ocsp_certs and bad_certs r=mgoodwin
...
The B2G emulators apparently take ~5 minutes to read 50 certificates into
memory, which causes intermittent test timeouts. This is an attempt to
reduce the number of certificates needed to be read at any given time.
2015-09-22 17:03:15 -07:00
David Keeler
9ef70f3b6f
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
ffxbld
31dcb7460f
No bug, Automated HPKP preload list update from host bld-linux64-spot-363 - a=hpkp-update
2015-09-26 03:40:59 -07:00
ffxbld
d0d75fd31d
No bug, Automated HSTS preload list update from host bld-linux64-spot-363 - a=hsts-update
2015-09-26 03:40:57 -07:00
Jonathan Hao
2f6735a7c4
Bug 1178518 - Add an AppTrustedRoot for signed packaged app. r=keeler
2015-09-07 15:28:21 +08:00
ffxbld
eb2bb96364
No bug, Automated HPKP preload list update from host bld-linux64-spot-560 - a=hpkp-update
2015-09-19 03:46:51 -07:00
ffxbld
14311b7985
No bug, Automated HSTS preload list update from host bld-linux64-spot-560 - a=hsts-update
2015-09-19 03:46:49 -07:00
Wes Kocher
0d0a8a55a8
Backed out changeset a08287c70962 (bug 1203312) for b2g xpcshell failures
2015-09-18 12:53:24 -07:00
David Keeler
e2328c01f5
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
Kate McKinley
b1eba1c35b
Bug 1196039 - Telemetry for certificate lifetime. r=rbarnes,vladan
2015-09-17 10:04:52 -07:00
Nicholas Nethercote
248f611da3
Bug 1201135 - Rename pldhash.{h,cpp} to PLDHashTable.{h,cpp}. r=mccr8.
2015-09-15 20:49:53 -07:00
Ehsan Akhgari
63b25b683a
Bug 1205302 - Disallow intercepting OCSP requests; r=jdm
2015-09-16 19:15:32 -04:00
Nicholas Nethercote
f71059bd78
Bug 1121760 (part 6) - Move all remaining PL_DHash*() functions into PLDHashTable. r=poiru.
2015-09-14 14:23:47 -07:00
Nicholas Nethercote
4dafae0e81
Bug 1121760 (part 3) - Remove PL_DHashTableRemove(). r=poiru.
2015-09-14 14:23:24 -07:00
Nicholas Nethercote
6f753fbb80
Bug 1121760 (part 2) - Remove PL_DHashTableAdd(). r=poiru.
2015-09-14 14:23:12 -07:00
Nicholas Nethercote
e600d6de49
Bug 1121760 (part 1) - Remove PL_DHashTableSearch(). r=poiru.
2015-05-21 00:34:25 -07:00
Shu-yu Guo
d8faa01cea
Bug 1202902 - Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff)
2015-09-15 11:19:45 -07:00
Cykesiopka
819da2f9d0
Bug 443811 - Use long date format for cert date output. r=keeler
2015-09-13 23:33:00 +02:00
Richard Barnes
8824811399
Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
2015-09-11 14:52:30 -04:00
ffxbld
9a77a9ac48
No bug, Automated HPKP preload list update from host bld-linux64-spot-542 - a=hpkp-update
2015-09-12 03:39:46 -07:00
ffxbld
c1f042338f
No bug, Automated HSTS preload list update from host bld-linux64-spot-542 - a=hsts-update
2015-09-12 03:39:44 -07:00
Steven Michaud
30cedd6943
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald
2015-09-10 15:32:42 -05:00
Mark Goodwin
73033140cf
Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler
...
1) Added some comments to firefox.js to explain the relationship between
extensions.blocklist.interval and security.onecrl.maximum_staleness_in_seconds
2) Modified default values in firefox.js and mobile.js to set maximum staleness
to 1.25x blocklist interval
3) modified the tests_ev_certs.js xpcshell test to cope with larger maximum
staleness values to address test failures
2015-09-10 11:10:07 +01:00
Bob Owen
968f7dcb98
Bug 1200336: Apply fix for Chromium issue 482784 for sandbox bug when built with VS2015. r=tabraldes
2015-09-10 08:25:20 +01:00
Jed Davis
73e5925f9f
Bug 1199481 - Complain more when entering sandboxing code as root. r=kang
2015-08-28 13:37:00 +02:00
Jed Davis
f1c44b5199
Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang
...
Bonus fix: don't start the chroot helper unless we're going to use
it. For this to matter, you'd need a system with unprivileged user
namespaces but no seccomp-bpf (or fake it with env vars) *and* to set
media.gmp.insecure.allow, so this is more to set a good example for
future changes to this code than for functional reasons.
2015-08-28 12:18:00 +02:00
Nicholas Nethercote
58f8fe3be0
Bug 1202526 (part 5) - Use PLDHashTable::RemoveEntry() in nsSecureBrowserUIImpl. r=dkeeler.
...
This avoids repeating the hash table search in order to remove the entry.
2015-09-07 19:20:16 -07:00
Jacek Caban
64c1d0fa2c
Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith
2015-09-09 14:16:59 +02:00
