Monica Chew
c21cc7a85f
Bug 1004351: Enable production mode for twitter pins (r=keeler)
2014-05-22 15:11:07 -07:00
Monica Chew
f87b89298d
Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler)
2014-05-22 15:09:45 -07:00
Wan-Teh Chang
c88fddaa3c
Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes
...
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
2014-05-22 12:31:09 -07:00
Cykesiopka
17e952b63e
Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler
2014-05-22 00:52:00 +02:00
Birunthan Mohanathas
76ca8ec617
Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
c4568a7085
Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
807e72372f
Bug 869836 - Part 4: Use EqualsLiteral instead of Equals(NS_LITERAL_STRING(...))
. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
411a8639b4
Bug 869836 - Part 3: Use Append('c')
instead of AppendLiteral("c")
. r=ehsan
2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
62570a8716
Bug 869836 - Part 2: Use AppendLiteral instead of Append(NS_LITERAL_STRING(...))
. r=ehsan
2014-05-22 06:48:50 +03:00
Camilo Viecco
a87a54bcc1
Bug 1010594 - Part 2/2 tests - r=keeler
...
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
2014-05-19 13:26:23 -07:00
Camilo Viecco
1eac4f4b6c
Bug 1010594 - Part 1/2 OCSP url check - r=briansmith
...
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
2014-05-16 13:53:14 -07:00
Camilo Viecco
4eff7cf088
Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler
...
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
2014-05-15 08:04:54 -07:00
Richard Barnes
7b6d82be69
Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler
2014-05-16 15:47:00 -04:00
Bob Owen
2c9a59f64a
Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz
2014-05-14 16:09:31 +01:00
Jed Davis
c7dae997a6
Bug 920372 - Fix socketcall whitelisting on i386. r=kang
2014-05-20 18:38:14 -07:00
Jed Davis
1523066770
Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang
2014-05-20 18:38:06 -07:00
Jed Davis
3a308504da
Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang
2014-05-20 18:37:53 -07:00
Jed Davis
3b103d307f
Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang
...
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h
Updated:
* base/basictypes.h
* base/macros.h
At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require. However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
2014-05-20 18:37:45 -07:00
Monica Chew
b35189dfe7
Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler)
2014-05-20 13:25:02 -07:00
Richard Barnes
ae11832c51
Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched
2014-05-03 08:50:00 +02:00
Chris Peterson
7429b133b7
Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith
2014-05-17 20:12:10 -07:00
Monica Chew
1d542c52b2
Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler)
2014-05-19 13:24:41 -07:00
Monica Chew
8bc2f051f9
Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler)
2014-05-19 13:04:40 -07:00
David Keeler
0c382cbab9
bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc
2014-05-19 12:14:51 -07:00
David Keeler
b0685b996f
bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc
2014-05-19 12:14:44 -07:00
David Keeler
7490c005ac
bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith
2014-05-14 10:05:32 -07:00
David Keeler
ca14d7c987
bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith
2014-05-19 11:13:04 -07:00
Marco Castelluccio
98f16ffbdc
Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith
2014-05-18 15:42:42 +02:00
ffxbld
7253546a17
No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update
2014-05-17 03:15:04 -07:00
Brian Smith
ed25ac818b
Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco
...
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
2014-05-14 17:46:32 -07:00
Brian Smith
b3711e99df
Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
...
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
2014-05-15 18:59:52 -07:00
Brian Smith
fcba6f8814
Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler
...
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
2014-05-14 19:30:09 -07:00
Brian Smith
e1de62ff87
Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
...
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
2014-05-14 01:02:34 -07:00
Brian Smith
dd25f656a6
Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler
...
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
2014-04-25 20:27:27 -07:00
Brian Smith
8a6f85b521
Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler
...
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
2014-05-05 09:55:57 -07:00
Monica Chew
a1ab4d859d
Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler)
2014-05-15 16:56:51 -07:00
Monica Chew
f023ce771c
Bug 1006594: Implement moz-specific telemetry (r=keeler)
2014-05-14 16:36:46 -07:00
David Keeler
34bae7a5a0
backout dfc04fd0a41f (bug 1002814) for gtest breakage
2014-05-14 11:08:20 -07:00
David Keeler
099169f359
bug 1005266 - disable strict timeout checking in test_ocsp_timeout.js on WinXP because of frequent failures r=mmc
2014-05-14 09:57:10 -07:00
David Keeler
bfe37e0d32
bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith
2014-05-14 10:05:32 -07:00
Patrick McManus
033d5fc4e8
bug 1006804 - psm interface for kea size and make kea available in preliminary handshake r=keeler r=honzab
2014-05-06 17:22:25 -04:00
Gervase Markham
4ce70c195e
Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith.
2014-05-14 14:37:25 +01:00
Monica Chew
9eb1c9c9de
Bug 1009720: Telemetry for CERT_PINNING_TEST_RESULTS (r=keeler)
2014-05-13 13:50:13 -07:00
David Keeler
c441103da0
bug 1005355 - look for PSM test binaries in /data/local/xpcb/ on Android/B2G r=mmc
2014-05-12 14:38:00 -07:00
Monica Chew
d1eb9b420d
Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler)
2014-05-08 17:18:50 -07:00
Carsten "Tomcat" Book
ce3573f668
Merge mozilla-central to mozilla-inbound
2014-05-12 13:48:01 +02:00
Carsten "Tomcat" Book
97853c8221
merge mozilla-inbound to mozilla-central
2014-05-12 13:33:19 +02:00
ffxbld
59e3b8e3f4
No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update
2014-05-10 03:26:08 -07:00
Jacek Caban
37b0fcfa8d
Bug 1005309 - Fixed MSVC detection.
...
--HG--
extra : rebase_source : 0b61de1270eb861234539de675c2d381e217f55c
2014-05-12 11:01:22 +02:00
David Keeler
0d13727d61
bug 1005266 - specify a timeout for the socket in test_ocsp_timeout.js r=mmc
2014-05-09 15:17:43 -07:00