Commit Graph

2228 Commits

Author SHA1 Message Date
Makoto Kato
bab6f180c8 Bug 984033 - Large OOM in nsStreamLoader::WriteSegmentFun. r=honza 2014-07-17 17:37:33 +09:00
Jed Davis
5b5b8d18d1 Bug 1038900 - Dynamically allocate signal number for sandbox startup. r=kang 2014-07-16 13:37:00 +02:00
Tim Abraldes
b34732fc82 bug 985252. Build sandbox code regardless of whether --enable-content-sandbox/MOZ_CONTENT_SANDBOX is provided. Enable sandboxing of GMP plugins. Enable SandboxBroker to set different security policies for different process types. r=bbondy, r=cpearce, r=bent 2014-07-16 16:01:34 -07:00
Wan-Teh Chang
15e84f45cd Bug 1025729: Update NSS to NSS_3_17_BETA1.
Also includes fixes for bug 836658, bug 1026148, bug 1028582, bug 920719.
2014-07-16 14:26:11 -07:00
Cykesiopka
a7937edc42 Bug 360126 - OCSP Delegated Responder Test. r=briansmith 2014-07-15 19:51:00 -04:00
Cykesiopka
db8da4bd6b Bug 360126 - Main tests. r=cviecco 2014-07-15 19:50:00 -04:00
Cykesiopka
4bb5afb41b Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith 2014-07-15 19:49:00 -04:00
Bob Owen
7219695112 Bug 1035275 - Remove unused base Chromium code. r=bbondy 2014-07-07 13:59:11 +01:00
Brian Smith
6e057c7b0f Bug 1038837: Factor out mozilla::pkix::Input into a separate header, r=mmc
--HG--
rename : security/pkix/lib/pkixder.h => security/pkix/include/pkix/Input.h
rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h
extra : rebase_source : 09bac0a183932f721cdfd32936595867e4dc26ce
2014-07-13 13:17:36 -07:00
Brian Smith
4ea48ee470 Bug 1038828: Replace mozilla::pkix::der::Result with uses of mozilla::pkix::Result, r=mmc
--HG--
rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h
extra : rebase_source : e385af4bab665627aa5d434db04830065cbc641f
2014-07-15 10:33:49 -07:00
Jed Davis
26c23fd575 Bug 1038490 - Fix misuse of MOZ_WIDGET_GONK in Linux content process sandbox policy. r=kang
--HG--
extra : amend_source : 0a7fe8ca751b59102cbc23316b18982268306423
2014-07-14 18:35:56 -07:00
Jed Davis
2a93c829f2 Bug 1038486 - Fix Linux desktop seccomp sandbox build on 32-bit x86. r=kang
--HG--
extra : amend_source : 130d2cbd485734997739ea96ac5d83c01899d8b0
2014-07-09 16:52:56 -07:00
Brian Smith
0a1a1febb8 Bug 916629, Part 4: Unit tests for trust of delegated OCSP responder certificates for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : c473285add9faee9a876677404935bdc253832cb
2014-07-10 21:20:17 -07:00
Brian Smith
3accf9c988 Bug 916629, Part 3: Unit tests for OCSP responses signed by a delegated OCSP responder for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : c2c78458aa674dcc1e1426a0efc81df19b73ac4f
2014-07-10 22:14:57 -07:00
Brian Smith
ae75a4833e Bug 916629, Part 2: Unit tests for "successful" OCSP responses for mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 14633119755cbfd55fc3bfef9cf482de3d638b53
2014-07-15 10:09:26 -07:00
Brian Smith
ce5ab9a0f5 Bug 916629, Part 1: Unit tests for OCSP responses without responseBytes, r=keeler
--HG--
extra : rebase_source : 62ef4209745ff8f2c5a852beb1a9823cbe7c7ff4
2014-07-14 23:09:36 -07:00
jvoisin
41c95a343c Bug 1035786 - Fix namespace bug in Linux sandbox LOG_ERROR macro. r=jld 2014-07-08 05:53:00 +01:00
Jed Davis
1107be75f1 Bug 1035786 - Avoid warning-as-error sandbox build failure with an explicit cast. r=gdestuynder
getpid() is never negative, so this is safe.
2014-07-10 17:37:45 -07:00
Bob Owen
b9815be53d Bug 1035786 - Fix member variable initialisation order in LogMessage stub in Linux Sandbox.cpp. r=jld 2014-07-09 12:32:49 +01:00
Tim Taubert
04422d6b32 Bug 1026398 - Add support for RSA-OAEP to WebCrypto API r=rbarnes,bz,dkeeler
* * *
Bug 1026398 - Add RSA-OAEP tests r=rbarnes
2014-07-14 18:33:12 -07:00
Brian Smith
c15523f3cf Bug 1038098: Save intermediate certificates during TLS handshake, r=keeler
--HG--
extra : rebase_source : 99e2551e78bc8eac91174e5320c15623ede26642
extra : histedit_source : c4af1c24b95b1b3c8a86d06575645b6ffc5308a6
2014-07-14 16:43:33 -07:00
Brian Smith
5ab2ed420f Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : dd8dc1243ea2e37955a15f2481e1c452311e90d8
extra : histedit_source : adc1a2035d41c608d3f0ebe14bba159b2857502d
2014-07-06 19:36:05 -07:00
Brian Smith
016d6265e3 Bug 1036107, Part 2: Test algorithm identifier parsing, r=keeler
--HG--
extra : rebase_source : c800d42856d81ba8cceaadde0caa98477b3008f4
extra : histedit_source : 71305fa34b435450525ae3a3e603aef065eaec14
2014-07-10 18:30:58 -07:00
Brian Smith
2c198df0ef Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 94c49062ae3ddf755651f151e2d648543b10e1ad
extra : histedit_source : a7377bf1d9adb62e1c584e2adeb793aa074245fb
2014-07-10 19:00:32 -07:00
Birunthan Mohanathas
9a86a1e6df Bug 1038417 - Convert tabs to spaces in moz.build files. r=gps 2014-07-14 15:58:10 -07:00
Monica Chew
7f1b76324a Bug 1020485: Enable production mode for fxa (r=keeler) 2014-07-14 13:06:25 -07:00
Carsten "Tomcat" Book
e8b6fc4e72 merge mozilla-inbound to mozilla-central a=merge 2014-07-14 14:34:36 +02:00
ffxbld
88b8ee420e No bug, Automated HPKP preload list update from host bld-linux64-spot-135 - a=hpkp-update 2014-07-12 03:13:54 -07:00
ffxbld
35d047d623 No bug, Automated HSTS preload list update from host bld-linux64-spot-135 - a=hsts-update 2014-07-12 03:13:52 -07:00
Ryan VanderMeulen
0aebdb29a0 Merge inbound to m-c. a=merge 2014-07-11 16:34:56 -04:00
ffxbld
e8cf34a2aa No bug, Automated HPKP preload list update from host bld-linux64-spot-1092 - a=hpkp-update 2014-07-11 06:19:00 -07:00
ffxbld
85d5bc24cb No bug, Automated HSTS preload list update from host bld-linux64-spot-1092 - a=hsts-update 2014-07-11 06:18:58 -07:00
Ed Morley
9358d5e60d Backed out changeset 5460c4558253 (bug 1026398) for test_WebCrypto.html timeouts on B2G; CLOSED TREE 2014-07-11 17:01:44 +01:00
Mike Hommey
34799e0459 Bug 1036864 - Remove EXPORT_LIBRARY. r=mshal 2014-07-11 19:06:55 +09:00
Brian Smith
099078bdd4 Bug 1036765: Disable cipher suites that are not in the "Browser Cipher Suite" proposal that are still enabled, r=keeler
--HG--
extra : rebase_source : af06ac8fe6c2132b942ca4a1a50a12505b3ca508
extra : histedit_source : 2127635c80fbff235136980990993e753509e802
2014-07-09 18:33:38 -07:00
Harsh Pathak
5702dd0994 Bug 1036080 - Fix addCertFromBase64() to update trust bits of existing permanent certificates. r=keeler 2014-07-10 11:38:00 +02:00
Richard Barnes
a4246ff00b Bug 1021607 - Add support for PBKDF2 to WebCrypto API. r=bz
0001 - Introduce BasicSymmetricKeyAlgorithm r=rbarnes
0002 - Implement import key operation for PBKDF2 r=bz,rbarnes
0003 - Introduce MapAlgorithmNameToMechanism() r=rbarnes
0004 - Implement derive bits operation for PBKDF2 r=rbarnes,keeler,bz
0005 - Introduce GetKeySizeForAlgorithm() r=rbarnes
0006 - Implement derive keys operation for PBKDF2 r=rbarnes,bz
2014-07-12 20:06:00 +02:00
Richard Barnes
66dd601f2e Bug 1026398 - Add support for RSA-OAEP to WebCrypto API. r=bz,dkeeler 2014-07-10 13:44:00 +02:00
Nathan Yee
c1af2b1f8c Bug 1006671 - Remove unnecessary JSContext argument to nsContentUtils::GetContentSecurityPolicy. r=bholley 2014-07-10 19:25:00 +02:00
Monica Chew
19c176c253 Bug 1036142: Don't use kPublicKeyPinningPreloadListLength (r=keeler) 2014-07-09 12:58:40 -07:00
Brian Smith
2acb003cf7 Bug 1035942: Decide whether to consider end-entity CN as a dnsName in CheckNameConstraints instead of in BuildCertChain, r=cviecco
--HG--
extra : rebase_source : 19c5949253e4e631b0bd841f17f000885001b327
extra : histedit_source : dce57eb862a2a13d07d11fdf6917afcf6cb4136c
2014-07-08 13:04:17 -07:00
Brian Smith
933349c458 Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
2014-07-06 15:55:38 -07:00
Mike Shal
53bb55f870 Bug 1036569 - Fix NSS_STATIC_LIBS with carriage return on Windows; r=glandium 2014-07-09 14:38:29 -04:00
Camilo Viecco
fb2c781450 Bug 1030204 - 2/2 Tests for Name constraints for ANSSI(DCISS) Root cert in psm. r=keeler
--HG--
extra : rebase_source : 0b64f7206446a8c414df5b0f4a9653f0180b8b44
2014-07-08 16:16:22 -07:00
Camilo Viecco
aa93d0ab47 Bug 1030204 - 1/2 Name constraint ANSSI(DCISS) Root cert in mozilla::pkix. r=keeler
--HG--
extra : rebase_source : 221ca75af601649731bf83cace2e6b0edcd4b2ab
2014-07-08 16:16:26 -07:00
Monica Chew
cc5aa7e8c9 Bug 1035923: Remove deprecated certs from google_root_pems (r=keeler) 2014-07-08 16:01:29 -07:00
Benoit Jacob
9f994d73ff Bug 1035394 - Fix dangerous public destructors in security/ - r=bsmith 2014-07-08 17:23:18 -04:00
Camilo Viecco
8283ff18cf Bug 827264 - Add some temporary android logging to nss. r=blassey
--HG--
extra : rebase_source : 8f16d6b6cbaed2ef51fb5d1ecf7edbb0b8568ffe
2014-06-27 13:55:11 -07:00
Chris Peterson
9a5e2a9b04 Bug 1035607 - Remove unused empty_null to fix -Wunused warning-as-error in security/pkix. r=briansmith 2014-07-07 20:37:21 -07:00
Brian Smith
5eb8373fd1 Bug 1035470: Use signature algorithm OID instead of digest algorithm OID in the signature field of certificates in mozilla::pkix tests, r=cviecco
--HG--
extra : rebase_source : 99b1d5c0739221e90d4b04738f9362135f42a23c
2014-07-07 00:46:10 -07:00