wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
224,547 Commits 1 Branch 166 Tags 1.2 GiB
ce067cb632
Commit Graph

2847 Commits

Author SHA1 Message Date
ffxbld
ff99b56ef4 No bug, Automated HSTS preload list update from host bld-linux64-spot-115 - a=hsts-update 2014-10-25 03:19:26 -07:00
Monica Chew
37fd9e59a1 Bug 1083539: Fix dropped return value check (r=keeler) 2014-10-23 17:07:45 -07:00
Tom Schuster
665681a71a Bug 886752 - Show TLS/SSL version in page info dialog. r=dao 2014-10-24 13:53:35 +02:00
Tom Schuster
90bca89032 Bug 886752 - Add TLS version to SSLStatus and additional cleanup. r=keeler 2014-10-24 13:53:34 +02:00
Kai Engert
97849dc7c0 Bug 1088969 - Upgrade Mozilla 36 to use NSS 3.18, landing beta 1, r=wtc 2014-10-25 00:34:34 +02:00
Jed Davis
e6256d996f Bug 1081242 - Make ASAN's error reporting work while sandboxed on Linux. r=kang 2014-10-21 11:18:00 +02:00
Brian Smith
778f2b169e Bug 1085497: Add Input::size_type, r=mmc 
--HG--
extra : rebase_source : 098eae9234be99e683c0d44b35e1ec7058a086dd
 2014-10-16 18:23:27 -07:00
Brian Smith
8b0a955b69 Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : 340eb682ba1f9dbd51652438433e7d0196494e1f
 2014-09-21 17:43:29 -07:00
Brian Smith
23aecc8693 Bug 1063281, Part 8: Rewrite PresentedDNSIDMatchesReferenceDNSID, r=keeler 
--HG--
extra : rebase_source : a74e8d89a3ddfe5f6af70f32d31f1dc06600d90a
 2014-10-15 19:21:35 -07:00
Brian Smith
86bc7c397a Bug 1063281, Part 7: Implement IsValidPresentedDNSID, r=keeler 
--HG--
extra : rebase_source : 32d85980d8d486bb806e169a8241256ad57fa9d1
 2014-10-16 15:59:34 -07:00
Brian Smith
1d3358e5bf Bug 1083539: Factor out common SEQUENCE unwrapping logic into reusable functions, r=mmc 
--HG--
extra : rebase_source : 93d669d3cbe178339fe59c1d9345c773b4e238d4
 2014-10-14 02:07:08 -07:00
Brian Smith
ae2d69c9b5 Bug 1063281, Part 6: Implement CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : c28fe67d319f64b2efa326fd8649ef529c487c05
 2014-10-15 16:10:32 -07:00
Brian Smith
d9be7c3bb6 Bug 1063281, Part 5: Implement DNS ID matching, r=keeler 
--HG--
extra : rebase_source : 5221245ce8da065d64a7ff17bdfde0e617562447
 2014-09-30 19:40:15 -07:00
Brian Smith
01eb47bf7f Bug 1063281, Part 4: Implement ParseIPv6Address, r=keeler 
--HG--
extra : rebase_source : 9a75a81a840591aaf73acd5be4d7ca504b6432e5
 2014-09-06 01:10:24 -07:00
Brian Smith
00bc1305f3 Bug 1063281, Part 3: Implement ParseIPv4Address, r=keeler 
--HG--
extra : rebase_source : fbafcb7573be8fa83036a8fadbfa74938ab7a4a6
 2014-09-05 23:20:18 -07:00
Brian Smith
6ee052c225 Bug 1063281, Part 2: Implement IsValidDNSName, r=keeler 
--HG--
extra : rebase_source : 202898df26c7321f543ab7aeb222cdc6db67fe0d
 2014-09-30 14:41:39 -07:00
Brian Smith
215865f531 Bug 1063281, Part 1: Expose moilla::pkix::BackCert::GetSubjectAltName, r=keeler 
--HG--
extra : rebase_source : c89ae439a21f11fce66a785e8732ca8793d51936
 2014-08-17 17:24:20 -07:00
David Keeler
316375ae78 backout f69fa3c13d1f (bug 1085509) for causing test_cert_overrides.js to fail 2014-10-23 11:50:17 -07:00
David Keeler
22cbd22ce6 bug 1085509 - add telemetry for how many permanent certificate overrides users have r=mmc r=jcj 2014-10-23 10:10:57 -07:00
ffxbld
91e5aad349 No bug, Automated HPKP preload list update from host bld-linux64-spot-1094 - a=hpkp-update 2014-10-22 14:02:48 -07:00
ffxbld
9c9a843e74 No bug, Automated HSTS preload list update from host bld-linux64-spot-1094 - a=hsts-update 2014-10-22 14:02:46 -07:00
David Keeler
b6b5289217 bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB 2014-10-21 15:20:02 -07:00
Martin Thomson
b3d201bbd0 Bug 1083058 - Adding pref to control TLS version fallback, r=keeler 
From af667978f8915e6ebfaf02f8967b3d320d409a24 Mon Sep 17 00:00:00 2001
---
 netwerk/base/public/security-prefs.js              |  1 +
 security/manager/ssl/src/nsNSSIOLayer.cpp          | 21 +++++-
 security/manager/ssl/src/nsNSSIOLayer.h            |  2 +
 .../manager/ssl/tests/gtest/TLSIntoleranceTest.cpp | 76 +++++++++++++++++++---
 4 files changed, 90 insertions(+), 10 deletions(-)
 2014-10-02 16:36:48 -07:00
Jed Davis
34c7984879 Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang 
--HG--
extra : amend_source : f80a3a672f5496f76d8649f0c8ab905044ea81ac
 2014-10-20 12:29:25 -07:00
Carsten "Tomcat" Book
47b4591b6a merge mozilla-inbound to mozilla-central a=merge 2014-10-20 14:34:56 +02:00
ffxbld
e51d20859f No bug, Automated HPKP preload list update from host bld-linux64-spot-069 - a=hpkp-update 2014-10-18 03:18:53 -07:00
ffxbld
e6c773f9a6 No bug, Automated HSTS preload list update from host bld-linux64-spot-069 - a=hsts-update 2014-10-18 03:18:51 -07:00
Jim Mathies
635b225bf9 Bug 1083325 - Gracefully deal with null ssl status when serializing/deserializing TransportSecurityInfo. r=dkeeler 2014-10-16 14:11:19 -05:00
Cykesiopka
55aef9cc65 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Cykesiopka
55c904e963 Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Tanvi Vyas
a5be881b1c Bug 418354 - update test for bug 455367. Insecure image loads should be considered mixed display content regardless of whether image data was actually returned. r=honzab 2014-10-18 13:21:23 -07:00
David Keeler
8507d8fde6 bug 1042889 - test certificate overrides for untrusted x509v1 certificates used as CAs r=mmc 2014-10-15 10:42:13 -07:00
David Keeler
b04293a184 bug 1042889 - allow overrides for untrusted x509v1 certificates used as CAs r=mmc 2014-10-15 10:39:57 -07:00
David Keeler
c9ae3b2932 bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith 2014-10-15 10:38:51 -07:00
Bob Owen
37221a3864 Bug 1080567: Don't report registry NAME_NOT_FOUND errors for the Windows warn only sandbox. r=tabraldes 2014-10-13 15:12:28 +01:00
Martin Thomson
4298271729 Bug 1076983 - Disabling SSL 3.0 with pref 2014-10-14 17:17:35 -07:00
Jon Morton
0f167a14a3 Bug 979835: Port BoxObject and its subclasses to WebIDL. r=khuey sr=bz 
--HG--
rename : layout/xul/nsIPopupBoxObject.idl => dom/webidl/PopupBoxObject.webidl
rename : layout/xul/tree/nsITreeBoxObject.idl => dom/webidl/TreeBoxObject.webidl
rename : layout/xul/nsBoxObject.cpp => layout/xul/BoxObject.cpp
rename : layout/xul/nsBoxObject.h => layout/xul/BoxObject.h
rename : layout/xul/nsListBoxObject.cpp => layout/xul/ListBoxObject.cpp
rename : layout/xul/nsMenuBoxObject.cpp => layout/xul/MenuBoxObject.cpp
rename : layout/xul/nsPopupBoxObject.cpp => layout/xul/PopupBoxObject.cpp
 2014-10-14 13:15:21 -07:00
Jed Davis
1f08c3f878 Bug 1080077 - For sandbox failures with no crash reporter, log the C stack. r=kang 
This is mostly for ASAN builds, which --disable-crash-reporter, but also
fixes a related papercut: debug builds don't use the crash reporter
unless overridden with an environment variable.

Note: this is Linux-only, so NS_StackWalk is always part of the build;
see also bug 1063455.
 2014-10-13 18:48:17 -07:00
Mike Hommey
bc934346c7 Bug 1080994 - Build libclearkey without a dependency on mozalloc or mozglue. r=dkeeler,r=cpearce 2014-10-14 07:13:25 +09:00
Sylvestre Ledru
ec92f8ed2c Bug 1081935 - Missing UUID bump. r=gavin a=me 2014-10-13 17:27:42 +02:00
Ryan VanderMeulen
012100ceed Merge inbound to m-c. a=merge 2014-10-11 16:16:00 -04:00
ffxbld
9b13bee499 No bug, Automated HPKP preload list update from host bld-linux64-spot-412 - a=hpkp-update 2014-10-11 03:18:06 -07:00
ffxbld
deea483db8 No bug, Automated HSTS preload list update from host bld-linux64-spot-412 - a=hsts-update 2014-10-11 03:18:03 -07:00
Stephen Pohl
6b7b767456 Bug 1077282: Cleanup uses of GreD vs GreBinD, introcuded by v2 signature changes on OSX. Based on initial patch by rstrong. r=bsmedberg 2014-10-10 15:06:57 -04:00
Kai Engert
486d122683 Bug 1075686, Update Mozilla 35 to use NSS 3.17.2, RTM 2014-10-10 19:16:08 +02:00
Patrick McManus
a798c39649 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Brian Smith
6749824172 Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler 2014-10-05 17:18:11 -07:00
Carsten "Tomcat" Book
17a5703e4c Backed out changeset b885a82dc02a (bug 1078108) for breaking B2g ICS Builds 2014-10-10 09:01:45 +02:00
Brian Smith
306c069e30 Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler 
--HG--
extra : rebase_source : 3115275b2b1c5337cbea0fd43a2221fcd54dadc1
extra : source : bb5694e268255b6549ccaaaddca74fbb83d4bda1
 2014-10-05 17:18:11 -07:00
Brian Smith
e140b5a93a Bug 1077926: Make test certificate generation faster by reusing key, r=keeler 
--HG--
extra : rebase_source : 8734920020e0889ea6cac1e878b182326bbf81d6
 2014-10-07 18:30:47 -07:00
Wan-Teh Chang
c8cbfbe327 Bug 1075686: Update Mozilla 35 to use NSS 3.17.2 Beta 2. 
This fixes bug 1049435.
 2014-10-09 10:58:30 -07:00
David Keeler
937b096a0e bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
c67c1933ed bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
9979fee183 bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Eric Rahm
96050f224f Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan 2014-10-08 13:19:14 -07:00
Eric Rahm
f6bb65afb3 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan 2014-10-08 13:17:32 -07:00
David Keeler
2365116a20 backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:46 -07:00
David Keeler
b0402cdef6 backout 9692998f547e (bug 1058812 2/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:10 -07:00
David Keeler
18c65fce36 backout 0097b4ffaf33 (bug 1058812 3/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:09:26 -07:00
David Keeler
07681b6723 bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
faa766739b bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
8f06bfc89b bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Brian Smith
e4133f2c4c Bug 1077887: Work around old GCC "enum class" bug, r=mmc 
--HG--
extra : rebase_source : 983e8d8bcfded10d1d1dca793d610996b40b444d
 2014-10-04 18:45:31 -07:00
Brian Smith
2730c76967 Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc 
--HG--
extra : rebase_source : f0483e775c6fefc256fc9527b1b1118086cc121f
 2014-10-03 15:52:38 -07:00
Andrew Halberstadt
2da4ee197d Bug 1066735 - Remove root b2g and android specific xpcshell manifests, r=chmanchester 2014-10-07 18:18:28 -04:00
David Keeler
68456b113e bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB 2014-10-06 11:28:15 -07:00
Ehsan Akhgari
e03d04d490 Fix one bad implicit constructor in pkix, no bug, blanket-rs=bsmith 2014-10-07 09:46:59 -04:00
Carsten "Tomcat" Book
4db01a78b9 Backed out changeset 76000f9f12da (bug 1077859) for causing frequent Mac OSX XPCshell test failures 2014-10-07 12:53:42 +02:00
Carsten "Tomcat" Book
8f7d4fa0be Backed out changeset 16fe1b9eb9e6 (bug 1077887) 2014-10-07 12:53:03 +02:00
Carsten "Tomcat" Book
6444abac58 Backed out changeset 124b04c01c71 (bug 1077926) 2014-10-07 12:52:49 +02:00
Brian Smith
fd8a9ac2f7 Bug 1077926: Make test certificate generation faster by reusing key, r=keeler 
--HG--
extra : rebase_source : 360fe925397688c1d0a2386c4974def6b571f0d4
 2014-10-05 00:29:43 -07:00
Brian Smith
2bfce39740 Bug 1077887: Work around old GCC "enum class" bug, r=mmc 
--HG--
extra : rebase_source : ce707672dfc0587760c09701fd6adbe26c874916
 2014-10-04 18:45:31 -07:00
Brian Smith
08d0bdccf5 Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc 
--HG--
extra : rebase_source : 78e1410ab6c94bd6b20a78208a2421db338aed94
 2014-10-03 15:52:38 -07:00
Wes Kocher
5d7f3c7007 Backed out 5 changesets (bug 806819) for WinXP test failures on a CLOSED TREE 
Backed out changeset 009ae35b0c67 (bug 806819)
Backed out changeset 5a57f87f5061 (bug 806819)
Backed out changeset f06cd735b5b3 (bug 806819)
Backed out changeset e25a2a8d4af4 (bug 806819)
Backed out changeset 70a167982c3f (bug 806819)
 2014-10-06 16:32:50 -07:00
Eric Rahm
e523216532 Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan 
--HG--
extra : rebase_source : 49a3f57d94fc94702f1604175c4e206091b67197
 2014-10-06 13:11:24 -07:00
Eric Rahm
baf96b6e07 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan 
--HG--
extra : rebase_source : c96eea1c12ea8c19314393f0e8b4b57a4316a61d
 2014-10-06 13:08:20 -07:00
Nicholas Nethercote
b21b892183 Bug 1062709 (part 2, attempt 2) - Clean up stack printing and fixing. r=dbaron. 
--HG--
extra : rebase_source : 626fd23a14ec90cfc9807c3d555169ec6463d19d
 2014-09-01 22:56:05 -07:00
Nicholas Nethercote
0249afcc66 Bug 1062709 (part 1, attempt 2) - Add a frame number argument to NS_WalkStackCallback. r=dbaron. 
--HG--
extra : rebase_source : 4f7060a9ae0bed180899651c50e8ea8857e72d63
 2014-09-10 21:47:01 -07:00
Neil Rashbrook
7c73c026c4 Bug 1075976 Clean up XPCOM string usage r=keeler 2014-10-05 22:09:39 +01:00
Phil Ringnalda
8c2c4a4fac Merge m-i to m-c, a=merge 2014-10-05 09:34:55 -07:00
Phil Ringnalda
c05e0f7e3f Backed out 2 changesets (bug 1003448) since their dependency was backed out 
CLOSED TREE

Backed out changeset 61f98b1d29f9 (bug 1003448)
Backed out changeset 8e947d1636f1 (bug 1003448)
 2014-10-04 20:10:19 -07:00
ffxbld
0b156609b3 No bug, Automated HPKP preload list update from host bld-linux64-spot-197 - a=hpkp-update 2014-10-04 03:19:30 -07:00
ffxbld
15b739a2e7 No bug, Automated HSTS preload list update from host bld-linux64-spot-197 - a=hsts-update 2014-10-04 03:19:28 -07:00
Ed Morley
e322389145 Backed out changeset a0b82c954206 (bug 1062709) for Windows mochitest 5 hangs 2014-10-03 15:06:16 +01:00
Ed Morley
ed062efcdf Backed out changeset 7a1b7d7eba12 (bug 1062709) 2014-10-03 15:05:26 +01:00
Ryan VanderMeulen
e5793f09bd Backed out 3 changesets (bug 1076129, bug 1003448) for frequent xpcshell crashes on a CLOSED TREE. 
Backed out changeset 3034162ee435 (bug 1003448)
Backed out changeset 086fe4b0ba14 (bug 1003448)
Backed out changeset 1babd65ebec7 (bug 1076129)
 2014-10-02 15:53:21 -04:00
Patrick McManus
1239a3e897 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Ryan VanderMeulen
990ae72de0 Merge m-c to inbound. a=merge 2014-10-02 13:14:06 -04:00
Martin Thomson
e675583d7e Bug 1072382 - Remove version intolerance marker on inappropriate_fallback alert, r=keeler 2014-10-02 10:03:30 -07:00
Nicholas Nethercote
5b9ce4cc06 Bug 1062709 (part 2) - Clean up stack printing and fixing. r=dbaron. 
--HG--
extra : rebase_source : 18158d4474cb8826813a3866eba57b710e14db99
 2014-09-01 22:56:05 -07:00
Nicholas Nethercote
270fd1eda7 Bug 1062709 (part 1) - Add a frame number argument to NS_WalkStackCallback. r=dbaron. 
--HG--
extra : rebase_source : 0f9b2d6310433ed56f5552706fcf2a96571aee25
 2014-09-10 21:47:01 -07:00
David Keeler
767a1d9034 bug 1045739 - (part 2/2) mozilla::pkix: test that revocation checking doesn't occur for expired certificates r=mmc 2014-10-01 10:20:31 -07:00
Brian Smith
d127e047f2 bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler 2014-08-14 12:02:55 -07:00
Kai Engert
844cc762a0 Bug 1075686, pick up NSS 3.17.2 beta 1 to fix bug 1057161 2014-10-01 19:30:41 +02:00
Carsten "Tomcat" Book
1f82b2fb58 merge fx-team to mozilla-central a=merge 2014-09-30 15:10:47 +02:00
Cykesiopka
1554cac9c3 Bug 1073865 - Add missing SSL_ERROR l10n strings v1. r=dkeeler 2014-09-27 14:02:00 +02:00
Camilo Viecco
836f2a96a1 Bug 787133 - (hpkp) Part 2/2. Tests r=keeler 2014-09-29 20:31:08 -07:00
Stephen Pohl
cf2ca1fd7c Mac v2 signing - Bug 1060562 - Update xpcshell-tests for the new v2 bundle structure on OSX. r=jmaher 2014-09-29 11:51:29 -07:00
ffxbld
82669e5c8b No bug, Automated HPKP preload list update from host bld-linux64-spot-046 - a=hpkp-update 2014-09-27 03:16:58 -07:00
ffxbld
7cfa347a42 No bug, Automated HSTS preload list update from host bld-linux64-spot-046 - a=hsts-update 2014-09-27 03:16:56 -07:00
David Keeler
28cf64b8af bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco 2014-09-25 11:18:56 -07:00
David Keeler
7aec2677f9 bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco 2014-09-25 11:08:36 -07:00
Camilo Viecco
1954b909cc Bug 787133 - (hpkp) Part 1/2. Header Parsing and interface within PSM. r=keeler, r=mcmanus 2014-09-03 10:24:12 -07:00
Bob Owen
ac3435226d Bug 1068000 - Add client side chrome.* pipe rule for Windows content sandbox. r=tabraldes 2014-09-16 15:44:25 +01:00
Wes Kocher
cdeb7299d2 Merge m-c to inbound a=merge 2014-09-23 16:48:23 -07:00
Wes Kocher
09b492edc1 Merge inbound to m-c a=merge 2014-09-23 15:30:38 -07:00
Kai Engert
70d359591e Bug 1064636, upgrade to NSS 3.17.1 release, r=rrelyea, a=lmandel 2014-09-23 21:28:23 +02:00
Ehsan Akhgari
237b8ba627 Fix more bad implicit constructors in security, blanket-rs=bsmith, no bug 2014-09-23 09:13:26 -04:00
Jed Davis
0dface3757 Bug 1069700 - Fix recursive crash when non-content children violate sandbox policy. r=kang 2014-09-18 18:17:00 -04:00
Richard Barnes
d481ce07cd Bug 1045973 - sec_error_extension_value_invalid: mozilla::pkix does not accept certificates with x509v3 extensions in x509v1 or x509v2 certificates r=keeler 2014-09-23 16:48:54 -04:00
David Keeler
15fae978fd bug 1060929 - mozilla::pkix: allow explicit encodings of default-valued BOOLEANs for compatibility r=briansmith 2014-09-22 09:26:10 -07:00
Vlatko Markovic
2e30280054 Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb 2014-09-22 07:58:59 -07:00
Robin Thunell
f6c0175afe Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler 2014-09-22 07:58:59 -07:00
Carsten "Tomcat" Book
aae9491196 merge b2g-inbound to mozilla-central a=merge 2014-09-22 13:06:09 +02:00
Carsten "Tomcat" Book
477171c3f3 merge mozilla-inbound to mozilla-central a=merge 2014-09-22 12:58:26 +02:00
ffxbld
65f74b9d61 No bug, Automated HPKP preload list update from host b-linux64-ix-0007 - a=hpkp-update 2014-09-20 03:17:29 -07:00
ffxbld
27e7202494 No bug, Automated HSTS preload list update from host b-linux64-ix-0007 - a=hsts-update 2014-09-20 03:17:26 -07:00
Vlatko Markovic
b248c07c78 Bug 1059204 - Prepare verification code for reuse. r=rlb 2014-09-19 20:13:47 -07:00
Arthur Edelstein
5e6e1905d3 Bug 967977 - Add pref to disable session identifiers (session tickets and session IDs). r=dkeeler 2014-09-08 15:32:00 -04:00
Brian Smith
5092b5604f Bug 1065264: Use MOZILLA_PKIX_MAP_LIST to define mozilla::pkix::Result, r=keeler 
--HG--
extra : rebase_source : a91f7ab118f802fed6441edf00a245fe90c8e506
 2014-09-10 00:17:24 -07:00
Brian Smith
6a20079f35 Bug 1065173: Move more NSS dependencies to pkixtestnss.cpp, r=keeler 
--HG--
extra : rebase_source : 205fa72506e175c0fe418c5428675e754a86c820
 2014-09-08 20:41:53 -07:00
Brian Smith
c66e0d494b Bug 1063031: Remove mozilla::pkix::test::NSSTest, r=keeler 
--HG--
rename : security/pkix/test/gtest/nssgtest.cpp => security/pkix/test/gtest/pkixgtest.cpp
extra : rebase_source : 205faf2054134b3a7aecd55d53f73d19f2f86103
 2014-08-31 20:42:28 -07:00
Jed Davis
d6940c7f12 Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted 2014-10-03 14:55:03 -07:00
Patrick McManus
149975f571 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Martin Thomson
653115fdf3 Bug 1075991 - Tracking cause of inappropriate TLS version fallback, r=keeler 2014-10-03 11:01:24 -07:00
Martin Thomson
dca765c16b Bug 1075991 - Remember version intolerance reason code, r=keeler 2014-10-03 11:01:24 -07:00
Monica Chew
a012c4b3eb Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler) 2014-10-02 16:45:13 -07:00
J.C. Jones
41b59a8438 Bug 1054498 - Report pinning violations by CA r=keeler 2014-10-17 10:33:50 -07:00
Carsten "Tomcat" Book
f656e98577 Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Carsten "Tomcat" Book
3f73a473e6 Backed out changeset f5fa8ea86d3b (bug 622859) 2014-10-17 13:13:01 +02:00
Jed Davis
80fd7676d7 Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang 2014-10-16 12:42:00 +02:00
Cykesiopka
79f3bfc50f Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Cykesiopka
02ea7fac18 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
Bob Owen
495f359e16 Bug 1083701: When pre-Vista, for testing purposes allow stdout/err to be inherited by sandboxed process when an env var is set. r=tabraldes 2014-10-17 09:42:09 +01:00
David Keeler
200811cabf bug 1055238 - add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process r=rbarnes 2014-09-16 15:49:37 -07:00
David Keeler
b7c13395cb bug 1055238 - clean up nsNSSCertificateFakeTransport.{cpp,h} for style nits r=rbarnes 2014-09-16 13:24:13 -07:00
Camilo Viecco
a42d82b612 Bug 787133 - (hpkp) testing of internal storage and idl r=keeler. 
--HG--
extra : rebase_source : c4f83f38a3b8f293a1ca61f2f0a6f90df6ff7840
 2014-09-12 14:59:37 -07:00
Camilo Viecco
e7d832ac0d Bug 787133 - (hpkp) Internal storage of hpkp data. r=keeler. 
--HG--
extra : rebase_source : 1ef88ab5ebcf9634bd1de76ec1c9543eb87d265b
 2014-09-12 14:59:37 -07:00
David Keeler
e3697d7869 bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc 2014-09-12 13:20:43 -07:00
Camilo Viecco
e96207dc16 Bug 1067565 - Built-in pins expires decades later. r=keeler 2014-09-15 17:17:12 -07:00
Trevor Saunders
9ec2828d9e bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj 2014-09-15 19:46:14 -04:00
Wes Kocher
332233753a Merge m-c to inbound a=merge 2014-09-15 16:41:45 -07:00
ffxbld
ed387d3aaf No bug, Automated HPKP preload list update from host bld-linux64-spot-318 - a=hpkp-update 2014-09-15 14:35:39 -07:00
ffxbld
d0d3ffd4a6 No bug, Automated HSTS preload list update from host bld-linux64-spot-318 - a=hsts-update 2014-09-15 14:35:37 -07:00
David Keeler
3600619aa2 bug 973048 - follow-up to add another missed #include r=bustage on a CLOSED TREE 2014-09-15 13:50:18 -07:00
David Keeler
e1dab529ef bug 973048 - follow-up to add #include for ScopedPtr r=bustage on a CLOSED TREE 2014-09-15 13:02:47 -07:00
David Keeler
0b8a3c3196 bug 973048 - replace nsNSSCleaner with Scoped types r=rbarnes 2014-09-15 12:31:43 -07:00
Carsten "Tomcat" Book
9005131aba merge m-i to m-c a=merge 2014-09-12 15:07:38 +02:00
ffxbld
c5f94c6c3b No bug, Automated HPKP preload list update from host bld-linux64-spot-021 - a=hpkp-update 2014-09-11 20:51:37 -07:00
ffxbld
ab00c06de0 No bug, Automated HSTS preload list update from host bld-linux64-spot-021 - a=hsts-update 2014-09-11 20:51:35 -07:00
Giovanni Sferro
0decd968e4 Bug 1050518 - Remove nsICertificatePrincipal. r=keeler 2014-09-10 20:31:00 -04:00
Bob Owen
3ca87b4d24 Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj 2014-09-10 12:36:17 +01:00
Bob Owen
061d00b434 Bug 1063455 - Define MOZ_STACKWALKING when NS_StackWalk is available and replace other instances of the same #if logic. r=mshal, r=froydnj 2014-09-08 18:25:20 +01:00
Brian Smith
fb2c2d3556 Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler 
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
 2014-08-31 19:42:36 -07:00
Brian Smith
5e4c6b3732 Bug 1063013, Part 3: Move dependencies on pkixnss to pkixtestnss, r=keeler 
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : b22bd341a5c72ba87efcf23a4e048bba8adf1544
 2014-08-31 19:16:26 -07:00
Brian Smith
fb65bc5f7b Bug 1063013, Part 2: Remove unnecessary pkixnss dependency from pkixocsp_CreateEncodedOCSPRequest, r=keeler 
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e91ec652edc54255cd29871c91550c3ee49438c5
 2014-08-31 19:04:15 -07:00
Brian Smith
9fb9cb52eb Bug 1063013, Part 1: Remove pkixnss dependency from pkixtestutil.cpp, r=keeler 
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e55c2e0c73a59b84629d071a64d8597ec5cc56ae
 2014-09-04 17:21:28 -07:00
Brian Smith
81bd783b90 Bug 1063006: Centralize direct use of NSS for crypto in the mozilla::pkix test suite, r=keeler 
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : 93515d39abf91168fa86268f9b26f8c62d0d411e
 2014-08-31 17:47:09 -07:00
Brian Smith
b7de7f0b92 Bug 1059924, Part 2: Test that the high tag number form is rejected, r=keeler 
--HG--
extra : rebase_source : 66793ce13ed8635cd47051fc2c93651d6936614e
 2014-08-21 15:48:40 -07:00
Jed Davis
1a73e0b7a9 Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo 
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
 2014-08-29 10:11:00 +02:00
Ehsan Akhgari
9729cd4ca9 Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith 2014-09-08 20:47:36 -04:00
David Keeler
e4c17d867b bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc 2014-09-08 09:33:03 -07:00
Carsten "Tomcat" Book
ce011224f3 merge mozilla-inbound to mozilla-central a=merge 2014-09-08 15:22:16 +02:00
ffxbld
ebb89deb38 No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update 2014-09-06 03:17:54 -07:00
ffxbld
be1464c767 No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update 2014-09-06 03:17:51 -07:00
Wes Kocher
1f78762ff5 Merge inbound to m-c a=merge 2014-09-05 19:04:52 -07:00
Monica Chew
5fa1eb4db5 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso) 2014-09-05 12:04:26 -07:00
Bob Owen
ac4c75d3b4 Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
David Keeler
62a2d0921e bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes 2014-09-05 11:04:22 -07:00
Monica Chew
6dc1c59d66 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler) 2014-09-05 12:04:26 -07:00
Bob Owen
3f62750874 Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg 
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
 2014-06-11 15:32:37 +01:00
Brian Smith
cedaab6b4a Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage 
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
 2014-09-04 15:53:07 -07:00
Brian Smith
71b7461e9d Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco 
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
 2014-08-31 22:03:22 -07:00
Brian Smith
96996291c9 Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler 
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
 2014-08-30 23:30:20 -07:00
Brian Smith
2fff8b11de Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler 
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
 2014-08-30 23:27:15 -07:00
Brian Smith
d85324d2af Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler 
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
 2014-09-01 19:23:01 -07:00
Brian Smith
a17d6f0c3a Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler 
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
 2014-08-30 23:09:18 -07:00
Brian Smith
e679e3f279 Bug 1061021, Part 13: Remove Output class, r=keeler 
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
 2014-08-30 20:47:58 -07:00
Brian Smith
c453628d0b Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler 
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
 2014-08-30 20:42:19 -07:00
Brian Smith
469d1044c6 Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler 
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
 2014-08-30 19:55:52 -07:00
Brian Smith
f7562c4e96 Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler 
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
 2014-08-30 19:16:24 -07:00
Brian Smith
978d42d843 Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler 
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
 2014-08-30 18:00:02 -07:00
Brian Smith
0f3a10b0f1 Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler 
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
 2014-08-30 17:47:22 -07:00
Brian Smith
ae486c8093 Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler 
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
 2014-08-30 17:40:41 -07:00
Brian Smith
11090ce5de Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler 
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
 2014-08-30 17:00:16 -07:00
Brian Smith
4373777e81 Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler 
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
 2014-08-30 16:49:49 -07:00
Brian Smith
39178dfe32 Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler 
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
 2014-08-30 16:33:47 -07:00
Brian Smith
bc28637bb6 Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler 
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
 2014-08-30 16:15:11 -07:00
Brian Smith
511159ba52 Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler 
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
 2014-08-30 16:07:16 -07:00
Brian Smith
2b6d930f00 Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler 
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
 2014-08-30 23:11:23 -07:00
Brian Smith
6eb4d5f63a Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler 
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
 2014-09-02 22:03:30 -07:00
Brian Smith
b7ff9ddb7f Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler 
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
 2014-08-29 16:06:38 -07:00
David Keeler
7083e45f19 bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith 2014-09-04 10:42:31 -07:00
David Keeler
0928e0b661 bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith 2014-09-03 10:12:55 -07:00
Carsten "Tomcat" Book
0b56bf9838 Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage 2014-09-04 15:14:41 +02:00
Carsten "Tomcat" Book
d50d535713 Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage 2014-09-04 15:13:14 +02:00
Bob Owen
65f144b3ff Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
Bob Owen
cf06b12d8d Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes 
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
 2014-06-11 15:32:37 +01:00
Mike Hommey
a653121671 Bug 1059113 - Use templates for shared libraries and frameworks. r=gps 
Also force to use the existing template for XPCOM components.
 2014-09-04 09:04:45 +09:00
Mike Hommey
6258dd8523 Bug 1059090 - Don't require SOURCES to be set for CPP_UNIT_TESTS and SIMPLE_PROGRAMS. r=mshal 2014-09-03 14:16:37 +09:00
Mike Hommey
fc99c53ae5 Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps 2014-09-03 14:10:54 +09:00
David Keeler
a549c1a3b3 bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-03 11:44:08 -07:00
Jed Davis
aaa558dd7c Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium 2014-08-31 23:23:00 +02:00
Ehsan Akhgari
6486a1bccd Bug 1061942 - Switch back security/certverifier and security/manager to use unified builds; r=bsmith 2014-09-02 18:28:11 -04:00
Wes Kocher
93b49c335e Backed out 1 changesets (bug 1050546) for build bustage 
Backed out changeset c7a9e8177202 (bug 1050546)
 2014-09-02 16:49:51 -07:00
David Keeler
5732aa5a2a bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-02 12:10:47 -07:00
Ehsan Akhgari
66d4d1b849 Bug 1061061 - Fix more bad implicit constructors in misc. code; r=bsmedberg 2014-09-02 18:24:24 -04:00
Trevor Saunders
f4fbfeeb43 bug 1059490 - mark more classes MOZ_FINAL r=froydnj 2014-08-27 14:26:48 -04:00
Martin Thomson
8e92503f67 Bug 1036737 - Adding fallback SCSV use. r=dkeeler 2014-08-29 14:59:00 +02:00
Ehsan Akhgari
7622e931a5 Bug 1060975 - Fix bad implicit constructors in security; r=bsmith 2014-08-31 19:26:27 -04:00
Camilo Viecco
1cc4a3a5de Bug 1039166 - Fix intermittent gtest ASAN errors. r=dkeeler 2014-08-28 15:33:10 -07:00
Ryan VanderMeulen
d5b4b20bae Merge inbound to m-c. a=merge 2014-08-30 12:25:27 -04:00
ffxbld
68daf7399f No bug, Automated HPKP preload list update from host bld-linux64-spot-456 - a=hpkp-update 2014-08-30 03:23:01 -07:00
ffxbld
5d64d9f108 No bug, Automated HSTS preload list update from host bld-linux64-spot-456 - a=hsts-update 2014-08-30 03:22:59 -07:00
Jed Davis
75747ff40f Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium 
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.

This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.

--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
 2014-08-28 23:23:13 -07:00
Camilo Viecco
cc13f29bb0 Bug 1052099 - August 2014 batch of EV root CA changes. r=keeler 
--HG--
extra : rebase_source : 4303f1fb6988ff462edd908295708788a24a64f1
 2014-08-27 11:31:20 -07:00
David Keeler
b4aba762b9 bug 1009161 - follow-up: add test_nsCertType.js to xpcshell.ini so it'll actually run r=mmc 2014-08-28 11:38:31 -07:00
David Major
492c4f4f7d Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes 
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
 2014-08-28 14:50:10 +12:00
Trevor Saunders
4c97f6dff8 bug 1058925 - don't convert nullptr to bool in ClientAuthServer.cpp r=keeler 2014-08-27 19:12:22 -04:00
Wan-Teh Chang
a2f4afbe0b Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes 
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
 2014-08-27 15:42:41 -07:00
Monica Chew
cbe70c240d Bug 1004781: Enable pinning in test mode for facebook (r=cviecco) 2014-08-27 14:18:25 -07:00
Tim Abraldes
6157602479 bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent. 2014-08-29 17:34:26 -07:00
Brian Smith
6cba437d16 Bug 1059926: Give DottedOIDToCode.py the ability to generate more encodings, r=keeler 
--HG--
extra : rebase_source : 8fabeb5802530789925ae47d1f1cc4b27e4bf899
extra : histedit_source : 1329e925ada56b29c9e05991b85b320d4ae0e3a3
 2014-08-28 09:58:13 -07:00
Brian Smith
4ce723ea57 Bug 1057793: Fix build warning on MSVC 2013, r=keeler 
--HG--
extra : rebase_source : eb908d0f3d313991cab78d707c7f666ab9d9eaf5
extra : histedit_source : 3d69a511f82895d8b741960205e96488b4f2ebbb
 2014-08-17 16:49:19 -07:00
Brian Smith
0a4c657f13 Bug 1057791: Switch PR_ASSERT to assert in pkixcheck.cpp, r=keeler 
--HG--
extra : rebase_source : a63e822eed9914046127c466f7e5c4f0e3e84361
extra : histedit_source : fc9d16f67cc349f5c7d3964c5dc58de1e5b9e986
 2014-08-17 16:50:45 -07:00
Brian Smith
ee405f2bac Bug 1057790: Limit scope of CERTCertificate-related stuff to the scope it is used, r=keeler 
--HG--
extra : rebase_source : 41b84cc08a928d0cdf57062d89f6d9495351437f
extra : histedit_source : bfbc35434d1318b6e6259bca72e6e1688842e5ad
 2014-08-04 15:32:15 -07:00
Brian Smith
c9c255671e Bug 1053924: Remove dependencies on PRTime in mozilla::pkix's test code, r=keeler 
--HG--
extra : rebase_source : deb2dcec5c56ef86d95df319b5a61165d9d761a7
 2014-08-08 10:33:18 -07:00
Jed Davis
6315518788 Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium 
See also bug 1059038.
 2014-08-26 19:23:44 -07:00
Jed Davis
6746bb3d35 Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang 2014-08-26 13:54:16 -07:00
Jed Davis
773d03d0d7 Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium 
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).

The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
 2014-08-26 13:54:09 -07:00
Jed Davis
dcfa9f6e79 Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang 2014-08-26 13:54:03 -07:00
Cykesiopka
730b1ae20e Bug 1052529 - Add missing l10n strings for mozilla::pkix errors. r=keeler 2014-08-26 00:03:00 +02:00
Steven Michaud
a17eb6d1fd Bug 1056936 - Specify full path to plugin-container in sandbox rules. r=rjesup 2014-08-25 15:01:04 -05:00
Birunthan Mohanathas
57751773f4 Bug 1045801 - Rename SafeCast to AssertedCast. r=Waldo 2014-08-25 12:17:32 -07:00
David Keeler
6bf06cece4 bug 1034124 - allow overrides when a CA cert is used as an end-entity cert r=briansmith 2014-08-22 12:07:08 -07:00
David Keeler
a9d997ad48 bug 1009161 - mozilla::pkix: allow the Netscape certificate type extension if more standardized information is present r=briansmith 2014-08-25 09:25:36 -07:00
Ryan VanderMeulen
f1e20fb689 Merge inbound to m-c. a=merge 
CLOSED TREE
 2014-08-25 11:49:37 -04:00
ffxbld
234fff2b04 No bug, Automated HPKP preload list update from host bld-linux64-spot-317 - a=hpkp-update 2014-08-23 03:29:03 -07:00
ffxbld
b0c0b3d30b No bug, Automated HSTS preload list update from host bld-linux64-spot-317 - a=hsts-update 2014-08-23 03:29:01 -07:00
Wes Kocher
02017e20ed Merge inbound to m-c a=merge 2014-08-22 16:47:32 -07:00
Marco Castelluccio
0dad3f2334 Bug 1042006 - Replace reviewers-dev certificate. r=fabrice 
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
 2014-08-21 00:12:00 -04:00
David Keeler
8be74b716b bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes 2014-08-21 10:37:23 -07:00
Trevor Saunders
86b7aff8fc bug 1047696 - mark a number of classes MOZ_FINAL to get compilers to devirtualize more r=froydnj 2014-08-05 13:33:55 -04:00
Camilo Viecco
bc4c9ba169 Bug 1047177 - Treat v4 certs as v3 certs. Tests (2/2). r=keeler. 
--HG--
extra : rebase_source : 58be8a1ac652636fea80e83fc8eae2b7092c6edd
 2014-08-21 14:49:00 -07:00
Camilo Viecco
ae0bde15f8 Bug 1047177 - Treat v4 certs as v3 certs (1/2). r=keeler. 
--HG--
extra : rebase_source : 4cfb69672aa54274bb4ee850f23f0bbbe8e9e49f
 2014-08-21 14:47:25 -07:00
Masatoshi Kimura
1ee4b71e83 Bug 1055541 - Fix build failure on VS2013 with --enable-warnings-as-errors due to Warning C4996. r=ehsan 2014-08-20 04:09:03 +09:00
Patrick McManus
68e306f335 bug 1050063 - consider tls client hello version in alpn/npn offer list r=hurley r=keeler 2014-08-15 09:39:53 -04:00
Wes Kocher
82c268ae0c Merge m-c to inbound a=merge 2014-08-22 17:05:17 -07:00
Olli Pettay
1f448a88c4 Bug 314095 - Eliminate nsIContent::GetDocument, r=jst 
--HG--
extra : rebase_source : dd8f690940825b298a478b65b68a57418a9962ff
 2014-08-22 23:11:27 +03:00
David Keeler
db3cc3cf7c bug 1057128 - add --clobber to generate_certs.sh, disabled by default (don't unnecessarily regenerate all certificates) r=rbarnes DONTBUILD because NPOTB 2014-08-22 10:25:46 -07:00
David Keeler
20f55eaa2e bug 775370 - (part 1/2) introduce DataStorage r=froydnj r=mmc 2013-09-09 13:37:21 -07:00
Wan-Teh Chang
6d019f1031 Bug 1063445: Update to NSS_3_17_1_BETA2. 
Includes the fixes for bug 1041326, bug 1058933, bug 1001332, bug 1057783.
 2014-09-05 08:18:18 -07:00
Chris Peterson
ed9323def1 Bug 1052033 - Fix warnings in security/sandbox and mark as FAIL_ON_WARNINGS. r=smichaud 2014-08-09 14:25:24 -07:00
Ryan VanderMeulen
e19d99af2b Merge inbound to m-c. a=merge 2014-08-16 17:42:29 -04:00
ffxbld
b8a6b94d74 No bug, Automated HPKP preload list update from host bld-linux64-spot-329 - a=hpkp-update 2014-08-16 03:15:25 -07:00
ffxbld
af81bc1b87 No bug, Automated HSTS preload list update from host bld-linux64-spot-329 - a=hsts-update 2014-08-16 03:15:23 -07:00
Garrett Robinson
97ee67c6a9 Bug 1029155 - Tests for storing failed certificate chains r=keeler 2014-08-15 11:27:31 -07:00
Garrett Robinson
9b2820621f Bug 1029155 - Store peer certificate chain from failed connections on TransportSecurityInfo r=keeler 2014-08-15 11:27:22 -07:00
Brian Smith
cddd69bfac Bug 1053627, Part 2: Use MOZILLA_PKIX_ARRAY_LENGTH instead of PR_ARRAY_SIZE, r=keeler 
--HG--
extra : rebase_source : b9ae99d93921cb2f3a8f4395e9240389752fd2de
 2014-08-13 21:01:35 -07:00
Brian Smith
8de872d8fb Bug 1053627, Part 1: use sizeof instead of PR_ARRAY_SIZE for byte arrays, r=keeler 
--HG--
extra : rebase_source : a01364ed6b64800142f18d3d350f50ca178ea4bb
 2014-08-04 19:21:52 -07:00
Brian Smith
06d48f587c Bug 1053621: Stop using PR_NOT_REACHED in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : b70a3ca2f3dade0439cf902bf4042716e7d1bbd3
 2014-08-04 19:19:29 -07:00
Brian Smith
3c6b23c907 Bug 1053620: Replaces uses of PR_Abort with std::abort in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 2e1f3eec5305e89bfa28fbda856b4e36515a2819
 2014-08-04 19:12:34 -07:00
Brian Smith
a88a48f1d9 Bug 1053617: Reduce scope of DER encoding debugging logic to the file it is used in, r=keeler 
--HG--
extra : rebase_source : c22f7e96dfdd1997626769ac03c6d189321eec1a
 2014-08-04 19:07:26 -07:00
Brian Smith
dff4bec65a Bug 1053616: Remove uses of PR_SetError from mozilla::pkix tests, r=keeler 
--HG--
extra : rebase_source : 1fc7ce9ab400c39e3c4afb68940be93cc2a0b848
 2014-08-13 17:50:42 -07:00
Cykesiopka
6a3e20c777 Bug 1052257 - Add and use error code specific to inadequate key sizes. r=keeler 2014-08-12 22:24:00 -04:00
Jed Davis
212cc5b860 No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang 
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
 2014-08-14 15:39:14 -07:00
David Keeler
843f8bbee8 bug 1030963 - remove non-standard window.crypto functions/properties r=jst r=briansmith r=glandium 2014-08-14 09:38:42 -07:00
Brian Smith
216d7d38fa Bug 1048642, Part 3: Remove SECStatus GTest utilities, r=cviecco 
--HG--
extra : rebase_source : f77202ad8d271604d7620cc5f704a51338c356ab
 2014-08-03 22:45:05 -07:00
Brian Smith
ea4ed53367 Bug 1048642, Part 2: Change GenerateKeyPair return type from SECStatus to Result, r=cviecco 
--HG--
extra : rebase_source : 652277e952d224175ea57d4509124ff8180440cb
 2014-08-04 10:59:21 -07:00
Brian Smith
d5d44c4e2a Bug 1048642, Part 1: Change TamperOnce return type from SECStatus to Result, r=cviecco 
--HG--
extra : rebase_source : 1d2e8014153d8bfc6f9008dd9b6b9e4d5ac5dcb7
 2014-08-03 22:49:10 -07:00
Kai Engert
c5e02a5354 Bug 1049006 - Update Mozilla 33 to use NSS 3.17 final and NSPR 4.10.7 final, r=wtc 2014-08-13 21:47:00 +02:00
Jed Davis
66d1734f54 Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang 
Also refactors how sandbox support and disabling are handled, and allows
simulating a lack of sandbox support with an env var (for testing
without rebuilding a kernel).
 2014-08-12 21:28:27 -07:00
David Keeler
2ee3959bc7 bug 1040446 - mozilla::pkix: add error code for CA cert used as end-entity cert r=briansmith 2014-08-11 12:35:45 -07:00
Brian Smith
8c9ce89101 Bug 1048070, Part 2: Remove uses of PR_NOT_REACHED and PR_ARRAY_SIZE in mozilla::pkix, r=keeeler 
--HG--
extra : rebase_source : d373a7526c1048770bed8bacb7e14c8f10e832cb
 2014-08-03 18:24:35 -07:00
Brian Smith
f5ad3ac382 Bug 1048070, Part 1: Replace uses of PR_ASSERT in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 3f1dbb4babb6d575bde3088c92aeb6f28d689210
 2014-08-02 09:17:59 -07:00
Brian Smith
b1f7e52f48 Bug 1042479: Accept the OIW sha1WithRSASignature OID, r=keeler 
--HG--
extra : rebase_source : 98dfbf1b5130898604e86c54ad4a8453aa87bde4
 2014-08-04 16:34:47 -07:00
Patrick McManus
49861055d6 bug 1040323 - SecureBrowserUI needs to consider scheme, not just security of connection r=dkeeler 2014-07-28 14:37:41 -04:00
Ryan VanderMeulen
db9cc2a062 Merge inbound to m-c. a=merge 2014-08-09 11:19:46 -04:00
ffxbld
c1e28f2f77 No bug, Automated HPKP preload list update from host bld-linux64-spot-011 - a=hpkp-update 2014-08-09 03:14:42 -07:00
ffxbld
458edb90f7 No bug, Automated HSTS preload list update from host bld-linux64-spot-011 - a=hsts-update 2014-08-09 03:14:40 -07:00
Wes Kocher
ea2ca055ae Merge m-c to inbound on a CLOSED TREE 2014-08-08 14:15:34 -07:00
Steven Michaud
d67d41563b Bug 1012949 - Sandbox the OpenH264 plugin for Mac r=rjesup,areinald,ted a=PatchNeedsToLandToday 2014-08-08 11:55:22 -05:00
J. Ryan Stinnett
1b2191be57 Bug 1040130 - Allow specifying a client cert for sockets. r=keeler, r=mcmanus 2014-08-07 16:32:00 -04:00
Nicholas Nethercote
8c60d14a1a Bug 1050009 - Initialize pldhash tables with a length, not a capacity. r=roc. 
* * *
imported patch rm-dummy-params

--HG--
extra : rebase_source : c25987eb11bae197218d5fc53b77def19afa36ac
 2014-08-06 06:31:21 -07:00
Georgios Kontaxis
94fb6d585f Bug 1048643: extended nsDocShell with flags to indicate tracking protection status (similar to mixed content blocked/loaded status) 2014-08-07 13:35:03 -07:00
David Keeler
5b64bd9042 Bug 1036546 - Soft-disable proprietary window.crypto functions via the pref dom.unsafe_legacy_crypto.enabled. r=smaug 2014-08-05 10:48:24 -07:00
Mike Hommey
0f4c5d9244 Bug 1047267 - Move remaining OS_LIBS and EXTRA_LIBS to moz.build. r=gps 
* * *
Bug 1047267 - To fold with "Move remaining OS_LIBS and EXTRA_LIBS to moz.build"
 2014-08-07 14:21:03 +09:00
Mike Hommey
790fddf2bc Bug 1049281 - Move third-party build system "drivers" to config/external, and stop using static dirs. r=gps 
--HG--
rename : intl/icu/Makefile.in => config/external/icu/Makefile.in
rename : config/nspr/Makefile.in => config/external/nspr/Makefile.in
rename : config/nspr/moz.build => config/external/nspr/moz.build
rename : security/build/Makefile.in => config/external/nss/Makefile.in
rename : security/build/moz.build => config/external/nss/moz.build
rename : security/build/nspr-dummy.def => config/external/nss/nspr-dummy.def
rename : security/build/nss.def => config/external/nss/nss.def
rename : security/build/nss.mk => config/external/nss/nss.mk
 2014-08-07 02:58:52 +09:00
Mike Hommey
855f2512fe Bug 1048993 - Use nsinstall from $(topobjdir)/config instead of $(DIST)/bin to avoid races when make wants to reinstall it for some reason. r=mshal 2014-08-07 02:58:50 +09:00
Nathan Froyd
7d196c1018 Bug 1042226 - move DEFINES += -DAB_CD=$(AB_CD) pattern into config.mk; r=mshal 2014-08-01 12:53:05 -04:00
Monica Chew
99125bd7ad Bug 1047560: Enable pinning on dropbox (r=keeler) 2014-08-01 13:12:38 -07:00
Mike Hommey
ec54bf6c1f Bug 1045783 - Move most OS_LIBS to moz.build and do some related cleanup. r=mshal 2014-08-06 07:25:33 +09:00
Kai Engert
0a20f9f9da Bug 1049006 - Update Mozilla to use NSS 3.17, r=wtc 2014-08-05 22:22:19 +02:00
Ehsan Akhgari
8d232f5b1b Bug 579517 follow-up: Remove NSPR types that crept in 2014-08-08 08:39:07 -04:00
Martin Thomson
b7cd6fe9d1 Bug 996237 - Fix nss.def for Android/B2G. r=wtc 2014-08-04 11:51:00 -04:00
Ehsan Akhgari
7207465c1b Bug 1047782 - Fix some bad impliciit constructors in netwerk/; r=mcmanus 2014-08-05 09:20:50 -04:00
Jed Davis
b55b89b5b5 Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang 
--HG--
extra : rebase_source : 1b2ec6491277a9dc451ab767d8563076cf522c27
 2014-08-04 15:11:33 -07:00
Jed Davis
7bab545482 Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted 
--HG--
extra : rebase_source : 1b890000d5b8d2a8954cdd1118a1023eba829c29
 2014-08-04 15:11:18 -07:00
Jed Davis
54f805e8b9 Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang 
--HG--
extra : rebase_source : e93a4a76f8188d715886e263a366d694c28b4525
 2014-08-04 15:11:04 -07:00
Eric Rahm
0e0bb45c16 Bug 1047176 - Part 1: Disable warning C4640 in certverifier. r=keeler 
--HG--
extra : rebase_source : a608f8704f57312902b05258ff53a4d1f2010cbc
 2014-08-04 11:29:25 -07:00