wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
234,628 Commits 1 Branch 166 Tags 1.2 GiB
ca4ddb1457
Commit Graph

3026 Commits

Author SHA1 Message Date
Brian Smith
e4dfaf9d35 Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler 2015-02-14 16:59:02 -08:00
Brian Smith
a44a7d430b Bug 1077864, Part 2: Override the trust level for OCSP response signer certs so that they are never considered trust anchors, r=keeler 2015-02-14 15:59:38 -08:00
Brian Smith
8aa85cf009 Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler 2015-02-22 16:59:03 -08:00
Brian Smith
3365c67a40 Bug 1135407: Factor out duplicate logic in tests, r=keeler 2015-02-21 14:12:38 -08:00
Ehsan Akhgari
7270bff2c4 Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith 2015-02-23 13:40:09 -05:00
Ryan VanderMeulen
f1dae981be Merge inbound to m-c. a=merge 2015-02-21 16:40:27 -05:00
ffxbld
eef00bd3dc No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update 2015-02-21 03:32:26 -08:00
ffxbld
a0e4678d63 No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update 2015-02-21 03:32:24 -08:00
André Reinald
7f6c61c6b3 Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud 
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
 2015-02-21 13:06:34 +01:00
André Reinald
0f64952695 Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud 
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
 2015-02-18 14:10:27 +01:00
Brian Smith
bfd52ee2fd Bug 1133618 - Move test SHA1 function to pkixtestutil.cpp. r=mmc 
--HG--
extra : histedit_source : ef579a4958356a12974b1f0f69ab2d6070ff8e65
 2015-02-16 16:37:03 -08:00
Brian Smith
56eb4fcacf Bug 1130754 - Make PublicKeyAlgorithm an enum class. r=keeler 
--HG--
extra : histedit_source : 14d321bc2cbdf749fd05994571ca439ee62ab973
 2015-02-14 13:25:09 -08:00
Masatoshi Kimura
50d0e8393e Bug 1127339 - Detect SSLv3-only server in PSM. r=keeler 2015-02-21 17:20:22 +09:00
Cykesiopka
9d854c725f Bug 1097622 - Add test cases for certs that have notBefore times earlier than the UNIX epoch. r=dkeeler 2015-02-17 06:15:00 -05:00
Cykesiopka
46f192d5a1 Bug 1097622 - Return ERROR_INVALID_TIME when decoding invalid time values. r=dkeeler 2015-02-18 15:56:00 -05:00
Cykesiopka
e2b4441c11 Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler 2015-02-17 06:12:00 -05:00
Masatoshi Kimura
d2252a6393 Bug 1133187 - Update fallback whitelist. r=keeler 2015-02-19 04:12:59 +09:00
Masatoshi Kimura
e322360a68 Bug 1124039 - Allow RC4 only for whitelisted hosts. r=keeler 2015-02-19 04:12:58 +09:00
Masatoshi Kimura
4dcc62555f Bug 1137179 - Add wildcard support to the static fallback list. r=keeler 2015-02-28 08:53:44 +09:00
Cykesiopka
43d63e50dc Bug 1136471 - Remove unused nsIIdentityInfo.getValidEVPolicyOid(). r=dkeeler 2015-02-26 13:05:00 -05:00
André Reinald
29bb5c62b7 Bug 1083344 - Add "allow" sandbox rules to fix mochitests on OSX 10.9 and 10.10. r=smichaud 2015-02-27 16:55:35 +01:00
Chris Peterson
949860b4a1 Bug 1133283 - Remove nonstandard expression closures from security/manager/ssl/tests. r=keeler 2015-01-24 23:48:22 -08:00
David Keeler
ea529f0499 bug 1123671 - if a non-overridable error is encountered when processing an overridable certificate error, report the non-overridable error r=mmc r=jcj 
Also, SEC_ERROR_UNTRUSTED_ISSUER and SEC_ERROR_UNTRUSTED_CERT are not actually overridable, so don't pretend they are.
 2015-01-23 14:04:44 -08:00
Chuck Lee
ac8c6a4cd0 Bug 1012549 - 0001. Support import PKCS12 certificate. r=dkeeler r=vchang 2015-02-28 21:54:16 +08:00
Christoph Kerschbaumer
aa5bc08574 Bug 1099296 - Attach LoadInfo to remaining callers of ioService and ProtocolHandlers - in security/ (r=keeler) 2015-02-17 10:09:40 -08:00
Carsten "Tomcat" Book
635a599417 Merge mozilla-central to mozilla-inbound 2015-02-16 16:14:51 +01:00
Carsten "Tomcat" Book
92151b28e6 merge mozilla-inbound to mozilla-central a=merge 2015-02-16 15:59:56 +01:00
ffxbld
bb7473b29b No bug, Automated HPKP preload list update from host bld-linux64-spot-1093 - a=hpkp-update 2015-02-14 03:21:57 -08:00
ffxbld
b949878087 No bug, Automated HSTS preload list update from host bld-linux64-spot-1093 - a=hsts-update 2015-02-14 03:21:55 -08:00
Masatoshi Kimura
c8e087c026 Bug 1131880 - Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback. r=keeler 2015-02-16 20:03:06 +09:00
Masatoshi Kimura
150d422525 Backout 9507662057de (bug 1130670) and c731517a47e8 (bug 1124039) due to compatibility issues 2015-02-16 19:55:15 +09:00
Mike Hommey
5d1757358f Bug 1120937 - Properly initialize string fields from the PKCS#11 test module. r=keeler 
The string fields need to be padded with spaces, according to what
PK11_MakeString does to find the end of the string.

While here, factor all the string manipulations in the test module and
use some C++ template magic to do the right thing.

This changes the static asserts from (with clang):

pkcs11testmodule.cpp:45:3: error: static_assert failed
      "TestManufacturerID too long - make it shorter"
  static_assert(sizeof(TestManufacturerID) <= sizeof(pInfo->manufacturerID),
  ^             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

to:

pkcs11testmodule.cpp:46:3: error: static_assert failed
      "DestSize >= SrcSize - 1"
  static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1");
  ^             ~~~~~~~~~~~~~~~~~~~~~~~
pkcs11testmodule.cpp:58:3: note: in instantiation of function
      template specialization 'CopyString<32, 63>' requested here
  CopyString(pInfo->manufacturerID, TestManufacturerID);
  ^

which actually gives more information than before: it gives the length of
both buffers.
 2015-02-13 10:29:18 +09:00
Masatoshi Kimura
e34dc73e15 Bug 1130670 - Remove dead code that tracks strongCipherStatus. r=keeler 2015-02-14 15:16:04 +09:00
Nicholas Nethercote
74cc61fdfd Bug 1131901 (part 1) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj. 
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.

--HG--
extra : rebase_source : 526d96ab65e4d7d71197b90d086d19fbdd79b7b5
 2015-02-02 14:48:58 -08:00
Cykesiopka
44ea4c71c9 Bug 1130405 - Remove unused pippki strings. r=jcj 2015-02-11 05:08:00 -05:00
Cykesiopka
f22ff654d2 Bug 1130402 - Make use of currently unused certManager.dtd access key strings. r=jcj 2015-02-07 01:16:00 -05:00
Bob Owen
b56ef398b7 Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy 2015-02-11 16:25:43 +00:00
Cykesiopka
9669a7f43d Bug 1131475 - Make sure reference to "unable_to_toggle_fips" bundle key is in the correct case. r=jcj 2015-02-11 05:05:00 -05:00
Andrew McCreight
2b516fc573 Bug 1131199, part 2 - Make PLDHashtInitEntry infallible. r=froydnj 
Also, drop the unused table argument.
 2015-02-11 09:46:40 -08:00
Andrew McCreight
9c53e99744 Bug 1131199, part 1 - Allocation of CompareCacheHashEntryPtr::entry is infallible. r=froydnj 2015-02-11 09:46:40 -08:00
Brian Smith
6361bff3d7 Bug 1102195 Part 4: Re-apply - Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowen 
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/c827c112df81
 2015-01-07 23:28:51 -08:00
Bob Owen
608de41dda Bug 1102195 Part 3: Re-apply logging changes to the Chromium interception code. r=tabraldes 
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/0f763c186855
 2014-11-29 17:12:18 +00:00
Bob Owen
0603798733 Bug 1102195 Part 2: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes 
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
 2014-11-18 15:11:47 +00:00
Bob Owen
cb041d2191 Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld 2015-02-11 08:22:02 +00:00
Brian Smith
242431f427 Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler 
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
 2015-02-07 12:14:31 -08:00
Nicholas Nethercote
44179aabe3 Back out changesets 2fcef6b54be7, 2be07829fefc, 66dfe37b8532, df3fcd2be8fd, 0a436bce77a6 (bug 1050035) for causing intermittent crashes and assertion failures. 
--HG--
extra : rebase_source : eb30be83c3143c6c203585a80a18f180025efaba
 2015-02-10 14:39:49 -08:00
Brian Smith
6ce1520e1a Bug 1122841, Part 2: Centralize checking of public key, r=keeler 
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
 2015-02-02 16:17:08 -08:00
Brian Smith
0f061e9d78 Bug 1122841, Part 1: Add PositiveInteger parser, r=keeler 
--HG--
extra : rebase_source : 50d79951398e44bf2718c0f071962aa00660fec2
 2015-02-06 18:21:20 -08:00
Brian Smith
88cb1c2a98 Bug 1128413, Part 4: Fix warnings in mozilla-config.h and gcc-stl-wrapper.template.h, r=glandium 
--HG--
extra : rebase_source : 7ba4fb8a0bd11648908e2790e86ce3bb4517aeb7
 2015-02-02 17:35:19 -08:00
Brian Smith
fd89168781 Bug 1128413, Part 3: Enable more compiler warnings, r=mmc 
--HG--
extra : rebase_source : 2d17605e6b9296b74493526e052b771be18d4260
 2015-02-07 14:38:40 -08:00
Brian Smith
ca674d4269 Bug 1128413, Part 2: Don't use double underscores any more 
--HG--
extra : rebase_source : 5f550089aea320231ca2398126fc7f03e5dffc37
 2015-01-31 19:51:46 -08:00
Brian Smith
07c45b6ca9 Bug 1128413, Part 1: Fix switch-related warnings, r=mmc 
--HG--
extra : rebase_source : 3d70c2a4ae8f9705a8a2c56c2f49e50fe4711ea9
 2015-02-02 14:21:27 -08:00
Masatoshi Kimura
39e52e9b0b Bug 1124039 - Enable RC4 only if ClientHelloVersion <= TLS 1.0. r=keeler 2015-02-10 22:29:51 +09:00
Cykesiopka
b7d85418bd Bug 897690 - Remove misleading error message from AppendErrorTextUntrusted. r=dkeeler 
--HG--
extra : rebase_source : b232fa770189e40916ca60a18c6b12c24d2a77dd
 2015-02-09 03:50:00 +01:00
Bob Owen
ad26d9d0cc Bug 1129369 Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes 2015-02-10 09:06:59 +00:00
Bob Owen
bb4e5fbdaa Bug 1129369 Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes 2015-02-10 09:06:59 +00:00
Bob Owen
ee5f7177c6 Bug 1129369 Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes 2015-02-10 09:06:59 +00:00
Nicholas Nethercote
6ee3666899 Bug 1127201 (attempt 2, part 1) - Replace most NS_ABORT_IF_FALSE calls with MOZ_ASSERT. r=Waldo. 
--HG--
extra : rebase_source : 488e401ff87e31a2074c4108c4df0572d9536667
 2015-02-09 14:34:50 -08:00
Masatoshi Kimura
29bed6b6b1 Bug 1126413 - Part 2: UI changes to display security info on broken secure pages. r=dolske 2015-02-10 04:16:23 +09:00
Masatoshi Kimura
912dfe0d60 Bug 1126413 - Part 1: Expose nsISSLStatus for broken secure pages. r=keeler 2015-02-10 04:16:22 +09:00
Phil Ringnalda
72015999d3 Merge m-i to m-c, a=merge 2015-02-07 08:45:54 -08:00
ffxbld
2dac036c7c No bug, Automated HPKP preload list update from host bld-linux64-spot-075 - a=hpkp-update 2015-02-07 03:24:40 -08:00
ffxbld
d97ae7d855 No bug, Automated HSTS preload list update from host bld-linux64-spot-075 - a=hsts-update 2015-02-07 03:24:38 -08:00
Bob Owen
721c4e20e1 Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg 2015-01-30 17:48:15 +00:00
Masatoshi Kimura
48405f52be Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler 2015-02-07 13:03:23 +09:00
Nicholas Nethercote
3629781b69 Bug 1127201 (part 2) - Convert all NS_ABORT_IF_FALSE calls to MOZ_ASSERT. r=Waldo. 
--HG--
extra : rebase_source : 99182e70335d2b5ff95f8c528ae992d37294be3a
 2015-02-04 20:05:36 -08:00
Masatoshi Kimura
6a5f23366b Bug 1128763 - Do insecure fallback after PR_CONNECT_RESET_ERROR for whitelisted sites only. r=keeler 2015-02-05 22:02:32 +09:00
Masatoshi Kimura
7c82554de9 Bug 1116891 - Do fallback with RC4 cipher suites after PR_CONNECT_RESET_ERROR. r=bsmith 2015-02-05 22:02:31 +09:00
Masatoshi Kimura
3a9c8cbbd6 Bug 1127285 - Remove unused fallback reasons. r=keeler 2015-02-05 22:02:31 +09:00
Cykesiopka
1367af5926 Bug 1128917 - Replace getp12password.xul with a call to nsIPromptService::PromptPassword(). r=keeler 
--HG--
extra : rebase_source : a92f80292395cbc9105cf9564f6f5005da2ff582
 2015-02-05 03:28:00 +01:00
TheKK
3faad27174 Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz 2015-01-23 06:17:00 +01:00
Nicholas Nethercote
c326200932 Bug 1050035 (part 4) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj. 
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.

--HG--
extra : rebase_source : eeba14d732077ef2e412f4caca852de6b6b85f55
 2015-02-02 14:48:58 -08:00
Nicholas Nethercote
9735520732 Bug 1050035 (part 2) - Remove the fallible version of PL_DHashTableInit(). r=froydnj,mrbkap. 
Because it's no longer needed now that entry storage isn't allocated there.
(The other possible causes of failures are much less interesting and simply
crashing is a reasonable thing to do for them.)

This also makes PL_DNewHashTable() infallible.

--HG--
extra : rebase_source : 848cc9bbdfe434525857183b8370d309f3acbf49
 2015-02-01 20:19:08 -08:00
David Keeler
6773a47845 bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa 
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
 2015-01-15 11:01:10 -08:00
Cykesiopka
c4d1cce40d Bug 78808 - Enable Cert Manager buttons only when they would have an effect. Original patch by Scott Johnson. r=keeler 2015-01-31 14:20:00 +01:00
Mike Hommey
824818ee98 Bug 1126593 - Add a global fallible instance, so that using fallible works directly, everywhere. r=njn 
--HG--
rename : memory/mozalloc/fallible.h => memory/fallible/fallible.h
 2015-02-02 09:56:13 +09:00
Andrew McCreight
8413cc973c Back out Bug 1127201 (part 2) for various problems. 2015-02-06 15:04:32 -08:00
Cykesiopka
14567eadd3 Bug 968560 - Return distinct error codes for certificates that are not valid yet, in mozilla::pkix. r=keeler 
--HG--
extra : rebase_source : de63f37cdef477d96c1aef8253feca7013ba3bfd
 2015-02-06 11:18:20 -08:00
Cykesiopka
76f4649c83 Bug 968560 - Add missing Not-Yet-Valid cert override tests. r=dkeeler 
--HG--
extra : rebase_source : 15d2774ad604561639306bb91134f6f63967e105
 2015-02-06 11:18:04 -08:00
Phil Ringnalda
22c09069b1 Merge m-c to m-i 2015-01-31 09:13:30 -08:00
Masatoshi Kimura
5fa6d3490d backout 3d4d4a91f29a (bug 1102632) as some web pages can no longer connect without enabling SSLv3 2015-01-31 22:16:48 +09:00
ffxbld
f5ab9f04bb No bug, Automated HPKP preload list update from host bld-linux64-spot-015 - a=hpkp-update 2015-01-31 03:38:09 -08:00
ffxbld
1b5381e822 No bug, Automated HSTS preload list update from host bld-linux64-spot-015 - a=hsts-update 2015-01-31 03:38:07 -08:00
Wes Kocher
875c6041f4 Merge fx-team to m-c a=merge CLOSED TREE 2015-01-29 15:27:17 -08:00
Carsten "Tomcat" Book
7b2e8efcc4 Merge mozilla-central to fx-team 2015-01-29 16:20:17 +01:00
Masatoshi Kimura
c402b79cec Bug 1123020 - Remove options to allow unrestricted renegotiation. r=keeler 2015-01-29 21:04:26 +09:00
Gijs Kruitbosch
4e0023628b Bug 1126675 - indicate missing issuerName or subjectName as empty string, r=keeler 2015-01-28 15:42:41 +00:00
Bob Owen
8299a8da28 Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy 2015-01-29 08:13:07 +00:00
David Keeler
ba4ba32e0f backout cd0ec3afca5a (bug 832837) for mochitest bustage 2015-01-30 11:25:24 -08:00
David Keeler
6fa08c1aef bug 832837 - move insecure form submission warning from nsSecureBrowserUIImpl to the HTML form implementation r=mrbkap r=phlsa 
As a result, we can remove nsSecurityWarningDialogs completely, which this patch also does.
 2015-01-15 11:01:10 -08:00
Kai Engert
c0c45b1f03 Bug 1107731 - Upgrade Mozilla 36 and 37 to use NSS 3.17.4, mark release candidate as RTM, DONTBUILD 2015-01-28 20:49:21 +01:00
Masatoshi Kimura
62c0790149 Bug 1114816 - Implement TLS intolerance fallback whitelist. r=keeler 2015-01-29 03:52:42 +09:00
Bob Owen
41778cfef0 Bug 1125865: Only log Windows sandbox violations to console when nsContentUtils is initialized. r=bbondy 2015-01-28 11:21:24 +00:00
Cykesiopka
9405e17171 Bug 1125478 - Refactor and clean up key size test files. r=keeler 2015-01-27 22:11:00 +01:00
Nicholas Nethercote
70b1eacc9e Bug 1124973 (part 2) - Introduce PL_DHashTableSearch(), and replace most PL_DHashTableLookup() calls with it. r=froydnj. 
It feels safer to use a function with a new name, rather than just changing the
behaviour of the existing function.

For most of these cases the PL_DHashTableLookup() result was checked with
PL_DHASH_ENTRY_IS_{FREE,BUSY} so the conversion was easy. A few of them
preceded that check with a useless null check, but the intent of these was
still easy to determine.

I'll do the trickier ones in subsequent patches.

--HG--
extra : rebase_source : ab37a7a30be563861ded8631771181aacf054fd4
 2015-01-22 21:06:55 -08:00
David Keeler
559c481cf5 bug 1125503 - when canonicalizing hostnames, check string length before calling Last() r=mmc 
--HG--
extra : amend_source : 9d07347f76b4d6b2fd1ab77f7025043575c3b4f9
 2015-01-26 12:47:50 -08:00
Ehsan Akhgari
89cd84f65f Bug 1126128 - Mark TestTrustDomain::VerifySignedData as override; r=bsmith 2015-01-27 08:33:24 -05:00
Cykesiopka
a5fed2fc11 Bug 691148 - Remove unused strings from pipnss.properties. r=keeler 2015-01-26 21:30:00 +01:00
Chris Peterson
7881373ab6 Bug 1125592 - Fix -Wmaybe-uninitialized warning in security/manager/ssl/src/nsNSSASN1Object.cpp. r=dkeeler 2015-01-23 22:58:43 -08:00
Ehsan Akhgari
b0ff6c50c9 Backed out changeset 45921e3d9773 (bug 1117034) because of build bustage on a CLOSED TREE 2015-01-26 21:52:40 -05:00