David Keeler
eb164c5104
bug 1205767 - prevent memory leak when generating an EC key with <keygen> r=ttaubert
2015-09-17 14:57:24 -07:00
Tooru Fujisawa
daf2796b2c
Bug 1207499 - Part 8: Remove use of expression closure from security/. r=keeler
2015-09-23 18:42:19 +09:00
David Keeler
976462db72
bug 1203312 - split tlsserver certificates into ocsp_certs and bad_certs r=mgoodwin
...
The B2G emulators apparently take ~5 minutes to read 50 certificates into
memory, which causes intermittent test timeouts. This is an attempt to
reduce the number of certificates needed to be read at any given time.
2015-09-22 17:03:15 -07:00
David Keeler
50b152df26
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
ffxbld
2d9e157f43
No bug, Automated HPKP preload list update from host bld-linux64-spot-363 - a=hpkp-update
2015-09-26 03:40:59 -07:00
ffxbld
cea20a8620
No bug, Automated HSTS preload list update from host bld-linux64-spot-363 - a=hsts-update
2015-09-26 03:40:57 -07:00
Jonathan Hao
93ab59d33b
Bug 1178518 - Add an AppTrustedRoot for signed packaged app. r=keeler
2015-09-07 15:28:21 +08:00
ffxbld
22ee258c38
No bug, Automated HPKP preload list update from host bld-linux64-spot-560 - a=hpkp-update
2015-09-19 03:46:51 -07:00
ffxbld
a0b0095eca
No bug, Automated HSTS preload list update from host bld-linux64-spot-560 - a=hsts-update
2015-09-19 03:46:49 -07:00
Wes Kocher
167c4373ef
Backed out changeset a08287c70962 (bug 1203312) for b2g xpcshell failures
2015-09-18 12:53:24 -07:00
David Keeler
c849a56985
bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-24 15:53:07 -07:00
Kate McKinley
81dc3ad952
Bug 1196039 - Telemetry for certificate lifetime. r=rbarnes,vladan
2015-09-17 10:04:52 -07:00
Nicholas Nethercote
6855b78fbf
Bug 1201135 - Rename pldhash.{h,cpp} to PLDHashTable.{h,cpp}. r=mccr8.
2015-09-15 20:49:53 -07:00
Ehsan Akhgari
fb321df132
Bug 1205302 - Disallow intercepting OCSP requests; r=jdm
2015-09-16 19:15:32 -04:00
Nicholas Nethercote
ac3ae5e6c1
Bug 1121760 (part 6) - Move all remaining PL_DHash*() functions into PLDHashTable. r=poiru.
2015-09-14 14:23:47 -07:00
Nicholas Nethercote
5c91fcd1e6
Bug 1121760 (part 3) - Remove PL_DHashTableRemove(). r=poiru.
2015-09-14 14:23:24 -07:00
Nicholas Nethercote
538c6626e9
Bug 1121760 (part 2) - Remove PL_DHashTableAdd(). r=poiru.
2015-09-14 14:23:12 -07:00
Nicholas Nethercote
ba83ffc5ec
Bug 1121760 (part 1) - Remove PL_DHashTableSearch(). r=poiru.
2015-05-21 00:34:25 -07:00
Shu-yu Guo
45211869c8
Bug 1202902 - Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff)
2015-09-15 11:19:45 -07:00
Cykesiopka
8eefbf1b80
Bug 443811 - Use long date format for cert date output. r=keeler
2015-09-13 23:33:00 +02:00
Richard Barnes
ef0d9ed24f
Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
2015-09-11 14:52:30 -04:00
ffxbld
4bc06df906
No bug, Automated HPKP preload list update from host bld-linux64-spot-542 - a=hpkp-update
2015-09-12 03:39:46 -07:00
ffxbld
34db847572
No bug, Automated HSTS preload list update from host bld-linux64-spot-542 - a=hsts-update
2015-09-12 03:39:44 -07:00
Steven Michaud
65c33408b6
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald
2015-09-10 15:32:42 -05:00
Mark Goodwin
25d06c35c0
Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler
...
1) Added some comments to firefox.js to explain the relationship between
extensions.blocklist.interval and security.onecrl.maximum_staleness_in_seconds
2) Modified default values in firefox.js and mobile.js to set maximum staleness
to 1.25x blocklist interval
3) modified the tests_ev_certs.js xpcshell test to cope with larger maximum
staleness values to address test failures
2015-09-10 11:10:07 +01:00
Bob Owen
89cecb0a22
Bug 1200336: Apply fix for Chromium issue 482784 for sandbox bug when built with VS2015. r=tabraldes
2015-09-10 08:25:20 +01:00
Jed Davis
2b175a829d
Bug 1199481 - Complain more when entering sandboxing code as root. r=kang
2015-08-28 13:37:00 +02:00
Jed Davis
4e4ab4e9b2
Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang
...
Bonus fix: don't start the chroot helper unless we're going to use
it. For this to matter, you'd need a system with unprivileged user
namespaces but no seccomp-bpf (or fake it with env vars) *and* to set
media.gmp.insecure.allow, so this is more to set a good example for
future changes to this code than for functional reasons.
2015-08-28 12:18:00 +02:00
Nicholas Nethercote
0c46c656b9
Bug 1202526 (part 5) - Use PLDHashTable::RemoveEntry() in nsSecureBrowserUIImpl. r=dkeeler.
...
This avoids repeating the hash table search in order to remove the entry.
2015-09-07 19:20:16 -07:00
Jacek Caban
a1d8a2b9b2
Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith
2015-09-09 14:16:59 +02:00
Bob Owen
e2abf5a65b
Bug 1197943: Turn off MITIGATION_STRICT_HANDLE_CHECKS for NPAPI process sandbox for causing hangs. r=aklotz
2015-09-09 08:45:25 +01:00
Bob Owen
6649fdb686
Bug 1201438: Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy
2015-09-08 11:18:12 +01:00
ffxbld
dc1dd8c399
No bug, Automated HPKP preload list update from host bld-linux64-spot-1098 - a=hpkp-update
2015-09-05 03:41:54 -07:00
ffxbld
3b3a1dd6a4
No bug, Automated HSTS preload list update from host bld-linux64-spot-1098 - a=hsts-update
2015-09-05 03:41:52 -07:00
Steven Michaud
821cabecb6
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald
2015-09-03 19:28:30 -05:00
David Keeler
b41a1cba8f
bug 1196853
- convert test_cert_signatures.js to generate certificates at build time r=jcj
...
Also add additional testcases that weren't in the original test (tampered
signatures had been tested, but tampered certificates hadn't been covered).
2015-08-19 15:59:49 -07:00
ffxbld
3d8ce77307
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2015-09-03 13:59:53 -07:00
ffxbld
25c72e5172
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2015-09-03 13:59:50 -07:00
Masatoshi Kimura
90ba467266
Bug 1201024 - Disable unrestricted RC4 fallback and add RC4-only servers to the fallback whitelist. r=cykesiopka
2015-09-03 21:50:52 +09:00
Nick Thomas
2b6fac45c5
Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka
2015-09-03 22:07:42 +12:00
Masatoshi Kimura
b62a73df84
Bug 1195789 - Update fallback whitelist. r=cykesiopka
2015-09-02 00:44:04 +09:00
Nicholas Nethercote
69d088e45f
Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium.
...
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.
2015-08-27 20:44:53 -07:00
Ryan VanderMeulen
3325ea8059
Backed out changeset 982be1bbebdf (bug 1199624) for Windows bustage.
2015-08-30 17:09:09 -04:00
Jacek Caban
5a61810c25
Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith
2015-08-29 07:59:00 -04:00
Cykesiopka
8cd8b4d197
Bug 1197644 - Remove the security.ssl.warn_missing_rfc5746 pref. r=keeler
2015-08-24 22:53:42 -07:00
Makoto Kato
4f11626a2a
Bug 1196403 - Apply crbug/522201 to support Windows 10 build 10525. r=bobowen
2015-08-25 19:21:08 +09:00
Xidorn Quan
da613e7a51
Bug 1188468 - Allow script to force updating a generated file even if the file is actually not changed. r=gps
2015-08-25 10:07:43 +10:00
David Keeler
f941583fc0
bug 1194013 - convert test_name_constraints.js to generate certificates at build time r=Cykesiopka,mgoodwin
2015-08-11 16:40:38 -07:00
Ryan VanderMeulen
92b3e3e9e6
Merge inbound to m-c. a=merge
2015-08-23 17:18:36 -04:00
Fabrice Desré
3b797ad0ab
Bug 1196988 - Remove THA support. r=gwagner
2015-08-21 10:00:54 -07:00