Brian Smith
745bea4592
Bug 1077864, Part 3: update nsserrors.properties so error message gets localized.
2015-02-23 16:04:23 -08:00
Brian Smith
e4dfaf9d35
Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler
2015-02-14 16:59:02 -08:00
Brian Smith
a44a7d430b
Bug 1077864, Part 2: Override the trust level for OCSP response signer certs so that they are never considered trust anchors, r=keeler
2015-02-14 15:59:38 -08:00
Brian Smith
8aa85cf009
Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler
2015-02-22 16:59:03 -08:00
Brian Smith
3365c67a40
Bug 1135407: Factor out duplicate logic in tests, r=keeler
2015-02-21 14:12:38 -08:00
Ehsan Akhgari
7270bff2c4
Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith
2015-02-23 13:40:09 -05:00
Ryan VanderMeulen
f1dae981be
Merge inbound to m-c. a=merge
2015-02-21 16:40:27 -05:00
ffxbld
eef00bd3dc
No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update
2015-02-21 03:32:26 -08:00
ffxbld
a0e4678d63
No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update
2015-02-21 03:32:24 -08:00
André Reinald
7f6c61c6b3
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
...
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
André Reinald
0f64952695
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud
...
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
2015-02-18 14:10:27 +01:00
Brian Smith
bfd52ee2fd
Bug 1133618 - Move test SHA1 function to pkixtestutil.cpp. r=mmc
...
--HG--
extra : histedit_source : ef579a4958356a12974b1f0f69ab2d6070ff8e65
2015-02-16 16:37:03 -08:00
Brian Smith
56eb4fcacf
Bug 1130754 - Make PublicKeyAlgorithm an enum class. r=keeler
...
--HG--
extra : histedit_source : 14d321bc2cbdf749fd05994571ca439ee62ab973
2015-02-14 13:25:09 -08:00
Masatoshi Kimura
50d0e8393e
Bug 1127339 - Detect SSLv3-only server in PSM. r=keeler
2015-02-21 17:20:22 +09:00
Cykesiopka
9d854c725f
Bug 1097622 - Add test cases for certs that have notBefore times earlier than the UNIX epoch. r=dkeeler
2015-02-17 06:15:00 -05:00
Cykesiopka
46f192d5a1
Bug 1097622 - Return ERROR_INVALID_TIME when decoding invalid time values. r=dkeeler
2015-02-18 15:56:00 -05:00
Cykesiopka
e2b4441c11
Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler
2015-02-17 06:12:00 -05:00
Masatoshi Kimura
d2252a6393
Bug 1133187 - Update fallback whitelist. r=keeler
2015-02-19 04:12:59 +09:00
Masatoshi Kimura
e322360a68
Bug 1124039 - Allow RC4 only for whitelisted hosts. r=keeler
2015-02-19 04:12:58 +09:00
Chris Peterson
949860b4a1
Bug 1133283 - Remove nonstandard expression closures from security/manager/ssl/tests. r=keeler
2015-01-24 23:48:22 -08:00
David Keeler
ea529f0499
bug 1123671 - if a non-overridable error is encountered when processing an overridable certificate error, report the non-overridable error r=mmc r=jcj
...
Also, SEC_ERROR_UNTRUSTED_ISSUER and SEC_ERROR_UNTRUSTED_CERT are not actually overridable, so don't pretend they are.
2015-01-23 14:04:44 -08:00
Christoph Kerschbaumer
aa5bc08574
Bug 1099296 - Attach LoadInfo to remaining callers of ioService and ProtocolHandlers - in security/ (r=keeler)
2015-02-17 10:09:40 -08:00
Carsten "Tomcat" Book
635a599417
Merge mozilla-central to mozilla-inbound
2015-02-16 16:14:51 +01:00
Carsten "Tomcat" Book
92151b28e6
merge mozilla-inbound to mozilla-central a=merge
2015-02-16 15:59:56 +01:00
ffxbld
bb7473b29b
No bug, Automated HPKP preload list update from host bld-linux64-spot-1093 - a=hpkp-update
2015-02-14 03:21:57 -08:00
ffxbld
b949878087
No bug, Automated HSTS preload list update from host bld-linux64-spot-1093 - a=hsts-update
2015-02-14 03:21:55 -08:00
Masatoshi Kimura
c8e087c026
Bug 1131880 - Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback. r=keeler
2015-02-16 20:03:06 +09:00
Masatoshi Kimura
150d422525
Backout 9507662057de (bug 1130670) and c731517a47e8 (bug 1124039) due to compatibility issues
2015-02-16 19:55:15 +09:00
Mike Hommey
5d1757358f
Bug 1120937 - Properly initialize string fields from the PKCS#11 test module. r=keeler
...
The string fields need to be padded with spaces, according to what
PK11_MakeString does to find the end of the string.
While here, factor all the string manipulations in the test module and
use some C++ template magic to do the right thing.
This changes the static asserts from (with clang):
pkcs11testmodule.cpp:45:3: error: static_assert failed
"TestManufacturerID too long - make it shorter"
static_assert(sizeof(TestManufacturerID) <= sizeof(pInfo->manufacturerID),
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
to:
pkcs11testmodule.cpp:46:3: error: static_assert failed
"DestSize >= SrcSize - 1"
static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1");
^ ~~~~~~~~~~~~~~~~~~~~~~~
pkcs11testmodule.cpp:58:3: note: in instantiation of function
template specialization 'CopyString<32, 63>' requested here
CopyString(pInfo->manufacturerID, TestManufacturerID);
^
which actually gives more information than before: it gives the length of
both buffers.
2015-02-13 10:29:18 +09:00
Masatoshi Kimura
e34dc73e15
Bug 1130670 - Remove dead code that tracks strongCipherStatus. r=keeler
2015-02-14 15:16:04 +09:00
Nicholas Nethercote
74cc61fdfd
Bug 1131901 (part 1) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj.
...
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.
--HG--
extra : rebase_source : 526d96ab65e4d7d71197b90d086d19fbdd79b7b5
2015-02-02 14:48:58 -08:00
Cykesiopka
44ea4c71c9
Bug 1130405 - Remove unused pippki strings. r=jcj
2015-02-11 05:08:00 -05:00
Cykesiopka
f22ff654d2
Bug 1130402 - Make use of currently unused certManager.dtd access key strings. r=jcj
2015-02-07 01:16:00 -05:00
Bob Owen
b56ef398b7
Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy
2015-02-11 16:25:43 +00:00
Cykesiopka
9669a7f43d
Bug 1131475 - Make sure reference to "unable_to_toggle_fips" bundle key is in the correct case. r=jcj
2015-02-11 05:05:00 -05:00
Andrew McCreight
2b516fc573
Bug 1131199, part 2 - Make PLDHashtInitEntry infallible. r=froydnj
...
Also, drop the unused table argument.
2015-02-11 09:46:40 -08:00
Andrew McCreight
9c53e99744
Bug 1131199, part 1 - Allocation of CompareCacheHashEntryPtr::entry is infallible. r=froydnj
2015-02-11 09:46:40 -08:00
Brian Smith
6361bff3d7
Bug 1102195 Part 4: Re-apply - Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowen
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/c827c112df81
2015-01-07 23:28:51 -08:00
Bob Owen
608de41dda
Bug 1102195 Part 3: Re-apply logging changes to the Chromium interception code. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/0f763c186855
2014-11-29 17:12:18 +00:00
Bob Owen
0603798733
Bug 1102195 Part 2: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
Bob Owen
cb041d2191
Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld
2015-02-11 08:22:02 +00:00
Brian Smith
242431f427
Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
...
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
2015-02-07 12:14:31 -08:00
Nicholas Nethercote
44179aabe3
Back out changesets 2fcef6b54be7, 2be07829fefc, 66dfe37b8532, df3fcd2be8fd, 0a436bce77a6 (bug 1050035) for causing intermittent crashes and assertion failures.
...
--HG--
extra : rebase_source : eb30be83c3143c6c203585a80a18f180025efaba
2015-02-10 14:39:49 -08:00
Brian Smith
6ce1520e1a
Bug 1122841, Part 2: Centralize checking of public key, r=keeler
...
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
2015-02-02 16:17:08 -08:00
Brian Smith
0f061e9d78
Bug 1122841, Part 1: Add PositiveInteger parser, r=keeler
...
--HG--
extra : rebase_source : 50d79951398e44bf2718c0f071962aa00660fec2
2015-02-06 18:21:20 -08:00
Brian Smith
88cb1c2a98
Bug 1128413, Part 4: Fix warnings in mozilla-config.h and gcc-stl-wrapper.template.h, r=glandium
...
--HG--
extra : rebase_source : 7ba4fb8a0bd11648908e2790e86ce3bb4517aeb7
2015-02-02 17:35:19 -08:00
Brian Smith
fd89168781
Bug 1128413, Part 3: Enable more compiler warnings, r=mmc
...
--HG--
extra : rebase_source : 2d17605e6b9296b74493526e052b771be18d4260
2015-02-07 14:38:40 -08:00
Brian Smith
ca674d4269
Bug 1128413, Part 2: Don't use double underscores any more
...
--HG--
extra : rebase_source : 5f550089aea320231ca2398126fc7f03e5dffc37
2015-01-31 19:51:46 -08:00
Brian Smith
07c45b6ca9
Bug 1128413, Part 1: Fix switch-related warnings, r=mmc
...
--HG--
extra : rebase_source : 3d70c2a4ae8f9705a8a2c56c2f49e50fe4711ea9
2015-02-02 14:21:27 -08:00
Masatoshi Kimura
39e52e9b0b
Bug 1124039 - Enable RC4 only if ClientHelloVersion <= TLS 1.0. r=keeler
2015-02-10 22:29:51 +09:00