ffxbld
c3b97302ae
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2016-01-23 04:36:34 -08:00
ffxbld
e7d6f52a2d
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2016-01-23 04:36:32 -08:00
Cykesiopka
729a19b09f
Bug 1233328 - Part 2: Use SHA-256 StaticFingerprints directly instead of StaticPinset since the SHA-1 StaticFingerprints entry will always be null. r=keeler
2016-01-20 20:45:29 -08:00
Cykesiopka
a0d6c41c67
Bug 1233328 - Part 1: Ignore SHA-1 pins in PublicKeyPinningService.cpp. r=keeler
2016-01-20 20:40:01 -08:00
David Keeler
c5ff61c527
bug 1240173 - improve nsIX509Cert.dbKey r=Cykesiopka
2016-01-15 14:33:56 -08:00
David Keeler
a42dd94965
bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=Cykesiopka,mgoodwin,rbarnes
...
Before this patch, we were measuring where SHA-1 was being used in TLS
certificates: nowhere, in end-entities, in intermediates, or in both. However,
the possible SHA-1 policies don't differentiate between end-entities and
intermediates and instead depended on whether or not each certificate has a
notBefore value after 2015 (i.e. >= 0:00:00 1 January 2016 UTC). We need to
gather telemetry on the possible policy configurations.
2016-01-13 12:50:42 -08:00
Ryan VanderMeulen
8889b813f2
Merge inbound to m-c. a=merge
2016-01-17 14:37:29 -05:00
ffxbld
4500a72245
No bug, Automated HPKP preload list update from host bld-linux64-spot-439 - a=hpkp-update
2016-01-16 04:03:46 -08:00
ffxbld
959bb0c42f
No bug, Automated HSTS preload list update from host bld-linux64-spot-439 - a=hsts-update
2016-01-16 04:03:44 -08:00
Jan de Mooij
5e9e90363d
Bug 1237232 - Properly check the result of Vector append() calls in security/. r=keeler
2016-01-13 22:05:08 +01:00
David Keeler
0be8f7e183
bug 1232766 - update the preloaded pinset for Google domains r=rbarnes
...
Also includes a script for making this process faster in the future.
2015-12-28 12:30:14 -08:00
Chris Peterson
a0e0b5b0b5
Bug 1235188 - Fix -Wformat warnings in security/certverifier/. r=keeler
...
security/certverifier/NSSCertDBTrustDomain.cpp:433:26 [-Wformat] format specifies type 'long' but the argument has underlying type 'int'
security/certverifier/NSSCertDBTrustDomain.cpp:433:48 [-Wformat] format specifies type 'long long' but the argument has type 'mozilla::pkix::Time'
2015-12-28 18:41:54 -07:00
ffxbld
cb35c6947e
No bug, Automated HPKP preload list update from host bld-linux64-spot-506 - a=hpkp-update
2016-01-09 04:38:50 -08:00
ffxbld
dcd8de7375
No bug, Automated HSTS preload list update from host bld-linux64-spot-506 - a=hsts-update
2016-01-09 04:38:48 -08:00
Shu-yu Guo
cfb7759eb5
Bug 1220564 - Update chrome code uses of genexprs and legacy comprehensions. (r=billm)
2016-01-06 16:02:16 -08:00
David Keeler
78506d6708
bug 1230377 - part 2/2: simplify nsIKeyObject and nsIKeyObjectFactory r=jcj
...
nsIKeyObject and nsIKeyObjectFactory defined an interface that was largely
unimplemented. This cuts the interface back to what actually exists in code.
2015-12-04 10:36:51 -08:00
David Keeler
7c2718160a
bug 1230377 - part 1/2: ensure nsKeyObject releases NSS resources on shutdown r=jcj
2015-12-03 16:22:34 -08:00
Ehsan Akhgari
8b4fc19903
Bug 1214305 - Part 10: Clean up global DataStorage references in the child process; r=keeler
2016-01-04 16:30:02 -05:00
ffxbld
45b71a81b0
No bug, Automated HPKP preload list update from host bld-linux64-spot-389 - a=hpkp-update
2016-01-02 04:05:33 -08:00
ffxbld
fff9fa968b
No bug, Automated HSTS preload list update from host bld-linux64-spot-389 - a=hsts-update
2016-01-02 04:05:31 -08:00
Chris Peterson
d660932182
Bug 1235308 - Fix -Wimplicit-fallthrough warnings in security/. r=keeler
...
security/certverifier/NSSCertDBTrustDomain.cpp:282:5 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
security/manager/ssl/nsNSSComponent.cpp:149:3 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
security/manager/ssl/nsSecureBrowserUIImpl.cpp:1406:5 [-Wimplicit-fallthrough] unannotated fall-through between switch labels
2015-12-25 00:03:35 -07:00
ffxbld
34dc952962
No bug, Automated HPKP preload list update from host bld-linux64-spot-593 - a=hpkp-update
2015-12-26 04:05:29 -08:00
ffxbld
212771f45b
No bug, Automated HSTS preload list update from host bld-linux64-spot-593 - a=hsts-update
2015-12-26 04:05:27 -08:00
Mike Hommey
f75ab3e6fc
Bug 1234955 - Make TEST_DIRS a SPECIAL_VARIABLE. r=gps
...
Using TEST_DIRS is nothing more than a shortcut for
if CONFIG['ENABLE_TESTS']:
DIRS += [...]
As such, we might as well remove it being a separate variable, and use some
Context magic to just fill DIRS when ENABLE_TESTS is set.
The security/manager/ssl/tests/unit/moz.build change ensures that the order
of DIRS before the change is kept, not because it matters, but because it
allows to confirm that nothing else is modified by this change.
2015-12-24 13:12:49 +09:00
Nathan Froyd
8eca786dc9
Bug 1232454 - use UniquePtr<T[]> instead of nsAutoArrayPtr<T> in security/apps/; r=keeler
...
As a nice side effect, we also fix a (rare) memory leak in
AppTrustDomain::SetTrustedRoot.
2015-12-06 08:06:03 -05:00
Wes Kocher
efcef698d8
Backed out changeset f103fd636405 (bug 1232582) for b2g debug xpcshell failures in test_name_constraints.js
2015-12-21 11:01:22 -08:00
Carsten "Tomcat" Book
91de422bad
Merge mozilla-central to mozilla-inbound
2015-12-21 11:54:26 +01:00
ffxbld
96486df1d8
No bug, Automated HPKP preload list update from host bld-linux64-spot-573 - a=hpkp-update
2015-12-19 04:09:26 -08:00
ffxbld
ec83673162
No bug, Automated HSTS preload list update from host bld-linux64-spot-573 - a=hsts-update
2015-12-19 04:09:24 -08:00
Cykesiopka
a3bb7569bc
Bug 1232582 - Sort PSM xpcshell.ini and fix --tag psm to actually run all tests. r=dkeeler
2015-12-17 07:55:54 -08:00
Cykesiopka
be7753b0ec
Bug 1229284 - Remove support for SHA-1 hashes in genHPKPStaticPins.js. r=keeler
2015-12-17 07:52:00 +01:00
David Keeler
cbd4d790ee
bug 1230994 - December 2015 batch of EV root CA changes r=mgoodwin
...
Adds:
bug 1193480:
CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
bug 1147675:
CN=TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6,O=TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A...,L=Ankara,C=TR
bug 1230985:
OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
bug 1213044:
CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
2015-12-14 14:44:44 -08:00
Carsten "Tomcat" Book
5480d55ead
Merge mozilla-central to mozilla-inbound
2015-12-16 12:03:47 +01:00
Nick Alexander
69fd5a564e
Bug 1227248 - Part 2: Add GeneratedTest{Certificate,Key} mozbuild templates. r=gps
2015-12-14 11:50:56 -08:00
Jed Davis
aed79e20b0
Bug 1222500 - Handle unexpected thread creation better on desktop Linux. r=gdestuynder
2015-11-30 18:21:00 +01:00
Masatoshi Kimura
d3527e598c
Bug 1224875 - Enable TLS extended master secret. r=keeler
2015-12-13 12:09:18 +09:00
ffxbld
366f067c57
No bug, Automated HPKP preload list update from host bld-linux64-spot-1077 - a=hpkp-update
2015-12-12 04:08:02 -08:00
ffxbld
daf106e588
No bug, Automated HSTS preload list update from host bld-linux64-spot-1077 - a=hsts-update
2015-12-12 04:08:00 -08:00
Magnus Melin
f7471d0bb1
Bug 1200567 - ensure shipped blocklist.xml doesn't affect the test_cert_blocklist.js. r=dkeeler
...
Caused comm-central TEST-UNEXPECTED-FAIL | security/manager/ssl/tests/unit/test_cert_blocklist.js | - revocations.txt should be as expected
2015-12-10 19:08:09 +02:00
Ryan VanderMeulen
62fbdedafe
Merge m-c to inbound. a=merge
2015-12-05 15:27:33 -05:00
Ryan VanderMeulen
63e1acf84e
Merge fx-team to m-c. a=merge
2015-12-05 15:09:41 -05:00
ffxbld
13ffbb6fae
No bug, Automated HPKP preload list update from host bld-linux64-spot-049 - a=hpkp-update
2015-12-05 04:05:19 -08:00
ffxbld
84f7ea7dba
No bug, Automated HSTS preload list update from host bld-linux64-spot-049 - a=hsts-update
2015-12-05 04:05:17 -08:00
Panos Astithas
039b1a70f1
Bug 1207146 - Add a link to expert technical information in the cert error page. r=Gijs,keeler
2015-12-04 19:46:13 +02:00
Bob Owen
a225070f96
Bug 1229804: Use the correct string length in Windows sandbox logging. r=tabraldes
2015-12-03 11:19:14 +00:00
Carsten "Tomcat" Book
b0525f779e
merge mozilla-inbound to mozilla-central a=merge
2015-12-03 12:00:42 +01:00
ffxbld
94445b2f14
No bug, Automated HPKP preload list update from host bld-linux64-spot-369 - a=hpkp-update
2015-12-02 14:59:16 -08:00
ffxbld
995f8130a6
No bug, Automated HSTS preload list update from host bld-linux64-spot-369 - a=hsts-update
2015-12-02 14:59:14 -08:00
Mike Hommey
57f05db8a5
Bug 1225682 - Don't use nsAuto{,C}String as class member variables in security/manager/. r=keeler
2015-12-02 11:04:37 +09:00
Xidorn Quan
8864e8fa81
Bug 1229587 part 2 - Use verbose format to disable C4061 to workaround bug of VS2015u1. r=keeler
2015-12-03 09:29:42 +11:00