wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
240,885 Commits 1 Branch 166 Tags 1.2 GiB
bd4c8d9040
Commit Graph

3126 Commits

Author SHA1 Message Date
Richard Barnes
20b75325f3 Bug 1121982 - Update PSM to use NSS name constraints 2015-04-23 20:26:29 -04:00
David Keeler
f9b93560f0 bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes 
Also remove certificates where notBefore is on or after 1 April 2015.
 2015-04-21 16:07:33 -07:00
Nathan Toone
1b81ed134e Bug 1124076 followup - fix the build when PR_LOGGING is not defined. r=mrbkap 2015-04-23 13:24:57 -07:00
David Keeler
7783f33c8b bug 1081128 - test_pinning.js takes ~300 seconds on b2g debug emulator - request a longer timeout for it r=Cykesiopka 2015-04-22 11:06:36 -07:00
Kai Engert
d7a44b34ec Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, r=nss-confcall 2015-04-23 21:16:20 +02:00
Blake Kaplan
1047b7458f Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler 2015-04-22 12:55:23 -07:00
Steven Michaud
2bb57bcd7a Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald 2015-04-22 14:56:09 -05:00
Francois Marier
29cbc60a12 Bug 1147212 - Add support for goog-unwanted-shavar. r=gcp,r=matej,r=smaug 2015-04-22 21:01:37 +12:00
Carsten "Tomcat" Book
407c282220 Backed out changeset 7f3cf84c11a9 (bug 1124076) for bustage on a CLOSED TREE 2015-04-22 13:44:23 +02:00
Blake Kaplan
87c47ee4e8 Bug 1124076 - Properly detect certs when loaded and prompt to import them. r=sworkman/dkeeler 2015-04-21 14:56:00 +02:00
Ehsan Akhgari
d278570d19 Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel 
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
 2015-04-21 21:40:49 -04:00
André Reinald
12017521df Bug 1150765 - Add sandbox rules to allow hardware rendering of OpenGL on Mac. r=smichaud 2015-04-21 11:17:16 +02:00
Patrick McManus
d428323d51 bug 1153212 - Alt-Svc Fixes r=dkeeler r=hurley 2015-04-13 17:11:59 -04:00
Kai Engert
ce1263979f Bug 1144055, Upgrade Firefox 39 to use NSS 3.19, NSS_3_19_BETA4 to pick up bug 1155279 2015-04-20 21:46:19 +02:00
Phil Ringnalda
842c8df579 Merge m-i to m-c, a=merge 2015-04-18 16:36:32 -07:00
ffxbld
a3972bfdfc No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update 2015-04-18 03:29:47 -07:00
ffxbld
09e813d086 No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update 2015-04-18 03:29:45 -07:00
David Keeler
3ba6c83d36 bug 1150114 - allow PrintableString to match UTF8String in name constraints checking r=briansmith 2015-04-08 16:17:39 -07:00
Kai Engert
85b84c3c46 Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall 2015-04-17 13:49:43 +02:00
Neil Deakin
dd30a1f3eb Bug 1153248, re-enable a bunch of tests that now work with e10s, r=billm 2015-04-16 15:38:12 -04:00
David Keeler
5f4152c364 bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes 2015-04-07 17:29:05 -07:00
Kai Engert
b5518439bf Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA3, r=nss-confcall 2015-04-17 18:43:30 +02:00
David Keeler
34e15cf320 bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past 2015-03-25 11:04:49 -07:00
Brian Smith
0d03a12ce8 Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler 2015-04-14 05:33:03 -10:00
Brian Smith
d853e2e6d1 Bug 1154399 - Part 3: Simplify OptionalExtensions. r=keeler 
We used to avoid using Nested and NestedOf because they were based on
bind and it was difficult to maintain our std::bind polyfill. Now that
we use lambdas, it is easy to use Nested and NestedOf, so we should do
so wherever it makes the code clearer.
 2015-04-14 05:32:46 -10:00
Brian Smith
a710d38eed Bug 1154399 - Part 2: Simplify and un-inline OptionalVersion. r=keeler 
Also fixes the wrong comment. The syntax for version in OCSP and X.509
certs is identical.
 2015-04-14 05:32:29 -10:00
Brian Smith
debda06173 Bug 1154399 - Part 1: De-templatize and un-inline IntegralValue. r=keeler 2015-04-14 05:06:41 -10:00
Nathan Froyd
a9747433e3 Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler 
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase.  For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
 2015-02-27 12:50:49 -05:00
Mike Hommey
bb5d54f699 Bug 1153114 - Remove anonymous namespace around pkix gtests. r=bsmith 
This avoids -Wunused-variable fatal warnings with GCC 5.0
 2015-04-15 09:21:23 +09:00
Landry Breuil
13c5620ed7 Bug 1153090 followup - consistently use sizeof(hash) r=dkeeler 2015-04-14 22:19:18 +02:00
Landry Breuil
3022662159 Bug 1153090 - Unaligned access in cert block list (r=keeler) 2015-04-14 21:19:52 +02:00
Jan Beich
15f244431a Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith 2015-04-14 14:30:09 +02:00
Brian Smith
168218d0b3 Bug 1153738: Make ScopedPtr a minimal proper subset of std::unique_ptr, r=keeler 
Remove all features of ScopedPtr that aren't in std::unique_ptr, and
remove all currently-unused features of ScopedPtr. In particular,
replace |operator=(T*)| with |reset(T* p = nullptr)| and make
|operator bool| explicit.
 2015-04-13 00:28:11 -10:00
Brian Smith
27c206b435 Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler 2015-04-12 19:57:48 -10:00
Carsten "Tomcat" Book
94670e1674 merge mozilla-inbound to mozilla-central a=merge 2015-04-13 12:00:00 +02:00
ffxbld
a5ae47a99d No bug, Automated HPKP preload list update from host bld-linux64-spot-009 - a=hpkp-update 2015-04-11 03:29:55 -07:00
ffxbld
f89f580ff8 No bug, Automated HSTS preload list update from host bld-linux64-spot-009 - a=hsts-update 2015-04-11 03:29:53 -07:00
Jed Davis
bd4374a0cc Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang 
This needs more unit tests for the various pieces of what's going on
here (LinuxCapabilities, SandboxChroot, UnshareUserNamespace()) but
that's nontrivial due to needing a single-threaded process -- and
currently they can't be run on Mozilla's CI anyway due to needing user
namespaces, and local testing can just try using GMP and manually
inspecting the child process.  So that will be a followup.
 2015-04-10 18:05:19 -07:00
Jed Davis
a25b210578 Bug 1151607 - Step 1.5: Avoid unlikely false positives in Linux SandboxInfo feature detection. r=kang 
Using the equivalent of release assertions in the patch after this one
is easier to justify if I can't come up with vaguely legitimate reasons
why they might fail; this detects the ones I thought of.
 2015-04-10 18:05:19 -07:00
Jed Davis
4bcdc2879f Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent 
This means that B2G plugin-container must (dynamically) link against
libmozsandbox in order to call into it before initializing Binder.
(Desktop Linux plugin-container already contains the sandbox code.)
 2015-04-10 18:05:19 -07:00
Jed Davis
08099f9875 Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang 2015-04-10 18:05:19 -07:00
Mark Goodwin
6fcd7d356b Bug 1132689 - Feb 2015 batch of EV root CA Changes. r=keeler 2015-03-30 08:57:00 +02:00
David Keeler
b819bfd2cb bug 1147085 - remove nsINSSCertCache (replace it with nsIX509CertDB.getCerts()) r=Cykesiopka 2015-04-03 14:01:05 -07:00
Patrick McManus
f1ecabdf6a Bug 1152895 - remove dead code in nsSSLIOLayerSetOptions r=dkeeler 2015-04-09 13:40:04 -04:00
Cykesiopka
70bff0b01f Bug 1147725 - Disable test_ocsp_fetch_method.js and test_ocsp_url.js on slow B2G Emulator debug builds. r=keeler 2015-04-06 14:05:00 +02:00
Bob Owen
72b3de6331 Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm 2015-04-05 14:01:38 +01:00
Phil Ringnalda
4c814af933 Merge m-i to m-c, a=merge 2015-04-04 09:59:17 -07:00
ffxbld
8c99f061fc No bug, Automated HPKP preload list update from host bld-linux64-spot-220 - a=hpkp-update 2015-04-04 03:27:46 -07:00
ffxbld
f4241dc1de No bug, Automated HSTS preload list update from host bld-linux64-spot-220 - a=hsts-update 2015-04-04 03:27:44 -07:00
Steven Michaud
aa2d63ddad Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld 2015-04-03 11:51:41 -05:00