Cykesiopka
7dea3f8ad2
Bug 1109252 - Make remaining PSM test cert generation scripts print out cert information as necessary. r=keeler
2014-12-10 21:32:00 +01:00
Jed Davis
11b93c27db
Bug 1093334 - Delete unnecessary copies of Chromium headers in security/sandbox/linux. r=kang
2014-12-10 17:26:12 -08:00
Jed Davis
95e992685b
Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang
...
Also re-sorts some of the includes into something closer to the style guide.
2014-12-10 17:26:12 -08:00
Jed Davis
4424491b98
Bug 1093334 - Import more headers from Chromium rev 9522fad406dd161400daa518075828e47bd47f60. r=kang
2014-12-10 17:26:12 -08:00
Jed Davis
5748fc5814
Bug 1102209 - Remove use of CodeGen::JoinInstructions in the Linux sandboxing code. r=kang
...
This reorganizes SandboxAssembler to stack up the policy rules and
traverse them in reverse order to build the filter DAG from tail to head
(i.e., starting with "deny all" and prepending allow and return-errno
rules). Thus, this code will continue to work (perhaps with minor
changes, such as to the NodePtr typedef) with future versions of the
Chromium sandbox code that don't allow mutating the filter program with
the JoinInstructions method.
2014-12-10 17:26:12 -08:00
Jed Davis
fa76014b99
Bug 1108759 - Fix B2G no-optimization builds. r=glandium
2014-12-10 16:17:47 -08:00
Cykesiopka
e5ba430e1c
Bug 1109245 - Modify test_keysize_ev.js to run on B2G. r=dkeeler
2014-12-09 12:07:00 -05:00
Cykesiopka
e0e9311fed
Bug 978426 - Re-enable test_sts_preloadlist_perwindowpb.js on B2G. r=dkeeler
2014-12-09 11:37:00 +01:00
Brian Smith
5c002c8cf0
Bug 1107791 Remove support for unusual wildcard names in certificates, r=keeler
...
--HG--
extra : rebase_source : bd142d2e85059a0d0fd36325242553e94a7d4377
2014-12-04 17:12:09 -08:00
Brian Smith
1f021d1dc2
Bug 1107790: Remove support for absolute hostnames in presented DNS IDs and name constraints, r=keeler
...
--HG--
extra : rebase_source : cf402f902196e729026d713cd6d62f5c3b889a12
2014-12-08 16:42:54 -08:00
Brian Smith
182ca6d6e1
Bug 1107787: Disable TLS_DHE_DSS_WITH_AES_128_CBC_SHA, r=keeler
...
--HG--
extra : rebase_source : 063d859c69adc8deba9d1842f4bd42a9b862bbe5
2014-12-04 19:50:58 -08:00
Brian Smith
df0494a7e3
Bug 1037098: Remove preferences for cipher suites disabled in bug 1036765, r=keeler
...
--HG--
extra : rebase_source : b033bea062c8cafecd93830fa54f4cf184fa28df
2014-12-04 19:47:17 -08:00
Brian Smith
2493786334
Bug 1107946: Fixed unused variable warnings in pkixnames_tests.cpp, r=keeler
...
--HG--
extra : rebase_source : 23d20e91c8b408363acab7c6d4d67a86d2293dff
2014-12-05 12:14:49 -08:00
Ryan VanderMeulen
dc8568d63a
Backed out changesets fb903f13f215, 9c5c712698e4, and 36d257ead3da (bug 1092835) for causing test_csp_allow_https_schemes.html permafail on Android 2.3.
...
CLOSED TREE
2014-12-09 14:00:47 -05:00
Masatoshi Kimura
605569f981
Bug 1092835 - Log usage of weak ciphers in the console. r=keeler,mcmanus
2014-12-10 00:54:06 +09:00
Masatoshi Kimura
152424e082
Bug 1093724 - Add a range check to the TLS version prefs loading code. r=keeler
2014-12-09 21:48:29 +09:00
Masatoshi Kimura
587906641b
Bug 1084025 - Add telemetry to measure failures due to not falling back. r=keeler
2014-12-09 07:19:05 +09:00
Ryan VanderMeulen
be6607416e
Merge inbound to m-c. a=merge
2014-12-08 15:46:14 -05:00
Jay Wang
32debb7f9a
Bug 1105452 - Need to use new Audio system APIs for audio offload playback. r=roc, r=jld, r=ggrisco
...
Resolve the build failure caused by API changes
There are some changes in Audio APIs in Android version
21. Modifying the code to use the new APIs.
Change-Id: I24fdeb20f8f957d05fb6c0c317de0a6f0769c347
Resolve seccomp violation caused by syscall 256
Modify the filter to allow syscall 256 (set_tid_address).
Change-Id: I49461770c4c5e70bf68462d34321381b0b7ead0a
2014-12-02 17:10:00 -05:00
Carsten "Tomcat" Book
0813821e4d
merge mozilla-inbound to mozilla-central a=merge
2014-12-08 12:48:58 +01:00
ffxbld
c15c36922a
No bug, Automated HPKP preload list update from host bld-linux64-spot-132 - a=hpkp-update
2014-12-06 03:20:43 -08:00
ffxbld
3651d911d5
No bug, Automated HSTS preload list update from host bld-linux64-spot-132 - a=hsts-update
2014-12-06 03:20:41 -08:00
Cykesiopka
138fceadf6
Bug 1085074 - Part 3 - Update inadequately sized Delegated Signer cert. r=briansmith
2014-12-07 20:42:00 +01:00
Cykesiopka
28d4d715c5
Bug 1085074 - Part 2 - Use explicit bit sizes for key size cert file names. r=briansmith
2014-12-07 20:41:00 +01:00
Cykesiopka
92c07ad107
Bug 1085074 - Part 1 - Use adequate/OK and inadequate/notOK to refer to sizes for key size tests. r=briansmith
2014-12-07 20:23:00 +01:00
David Keeler
88be9791ce
bug 1020237 - follow-up to fix build bustage r=bustage on a CLOSED TREE
2014-12-05 10:12:58 -08:00
David Keeler
d9e1912427
bug 1020237 - prefer root certificates to non-root certificates in NSSCertDBTrustDomain::FindIssuer r=briansmith
2014-12-04 13:37:01 -08:00
Brian Smith
3a97f29d06
Bug 970542, Part 9: Better document name constraints as reference IDs, r=keeler
...
--HG--
extra : rebase_source : 60413188771454081226d58d03156c15ce795ca7
2014-10-26 11:26:26 -07:00
Brian Smith
adaf412263
Bug 970542, Part 8: IPAddress name constraint tests, r=keeler
...
--HG--
extra : rebase_source : e8cc0158248d4621da19dfef56089957af417f73
2014-10-26 16:57:00 -07:00
Brian Smith
f9a98ddf90
Bug 970542, Part 7: More CN-ID name constraint tests, r=keeler
...
--HG--
extra : rebase_source : 7a3d1d31cdc08ea1b989428cfc85f60a00528c72
2014-12-03 21:35:29 -08:00
Brian Smith
54e073fbcf
Bug 970542, Part 6: DNSName name constraint tests, r=keeler
...
--HG--
extra : rebase_source : ec31862fc25cfcba1454ae862a26e7a27513e9b6
2014-10-19 23:53:45 -07:00
Brian Smith
02208f546b
Bug 970542, Part 5: New name constraint implementation, r=keeler, r=mmc
...
--HG--
extra : rebase_source : 849161ac892b05e5ff2d5552c632fc647d309085
2014-10-18 15:38:42 -07:00
Brian Smith
9b37d008b6
Bug 970542, Part 4: DirectoryName name constraint matching, r=keeler
...
--HG--
extra : rebase_source : 01770088851823ae1005227dcd43d82d015f4b0e
2014-10-18 14:51:37 -07:00
Brian Smith
c21142ee14
Bug 970542, Part 3: IPAddress name constraint matching, r=keeler
...
--HG--
extra : rebase_source : f47ef9ead3323704595b91873811d1ead2403839
2014-10-17 13:02:26 -07:00
Brian Smith
f8c7ead55e
Bug 970542, Part 2: DNSName name constraint matching, r=keeler
...
--HG--
extra : rebase_source : 50b1a7d5d9da97cc64e09d5e6cdc41b8200c3551
2014-10-20 22:20:58 -07:00
Brian Smith
539fa2a14d
Bug 970542, Part 1: Refactor name matching within CN AVAs to reduce duplicate logic, r=keeler
...
--HG--
extra : rebase_source : f129b24c58377f34ac7d80ee7d5e8775635843ff
2014-10-16 16:44:27 -07:00
Steven Michaud
4933c1b33d
Bug 1083284 - New sandbox rules for Adobe's code fragment. r=areinald
2014-12-08 12:10:14 -06:00
Bob Owen
2824b2a003
Bug 1105729: Pre VS2010 SP1 define our own verion of _xgetbv. r=tabraldes
2014-11-28 18:58:33 +00:00
Cykesiopka
012a5db140
Bug 1009158 - Fix and re-enable PSM xpcshell tests that would previously time out on Android due to LD_LIBRARY_PATH issues. r=keeler
2014-12-03 09:15:00 +01:00
Masatoshi Kimura
6d98b6a986
Bug 1102632 - Stop triggering non-secure fallback for SSL_ERROR_UNSUPPORTED_VERSION. r=keeler
2014-12-02 20:33:24 +09:00
Kai Engert
3665e05348
Bug 1088969
- Upgrade Mozilla 36 to use NSS 3.17.3, changing version numbers, only.
2014-12-01 14:34:08 +01:00
Jan Beich
d76f92bf8d
Bug 1105851 - Unbreak non-unified non-SPS build after 1054498. r=jcj
2014-11-30 21:27:45 +01:00
Bob Owen
513e26d6ce
Bug 1094667: Use the USER_NON_ADMIN access token by default for the Windows content sandbox. r=tabraldes
2014-11-29 17:12:18 +00:00
Bob Owen
976a5c00ec
Bug 928044 Part 3: Add logging changes back into the Chromium interception code. r=tabraldes
2014-11-29 17:12:18 +00:00
Bob Owen
9a0a395aed
Bug 928044 Part 2: Enable the content sandbox by default on Windows with an open policy. r=tabraldes,glandium,jimm
...
--HG--
rename : security/sandbox/win/src/warnonlysandbox/wosCallbacks.h => security/sandbox/win/src/logging/loggingCallbacks.h
rename : security/sandbox/win/src/warnonlysandbox/wosTypes.h => security/sandbox/win/src/logging/loggingTypes.h
rename : security/sandbox/win/src/warnonlysandbox/warnOnlySandbox.cpp => security/sandbox/win/src/logging/sandboxLogging.cpp
rename : security/sandbox/win/src/warnonlysandbox/warnOnlySandbox.h => security/sandbox/win/src/logging/sandboxLogging.h
2014-11-29 17:12:18 +00:00
Bob Owen
f1c46b88fc
Bug 928044 Part 1: Remove Chromium interception logging changes. r=tabraldes
2014-11-29 17:12:17 +00:00
ffxbld
9c4b8697e8
No bug, Automated HPKP preload list update from host b-linux64-ix-0005 - a=hpkp-update
2014-11-29 03:19:59 -08:00
ffxbld
fc4c314b24
No bug, Automated HSTS preload list update from host b-linux64-ix-0005 - a=hsts-update
2014-11-29 03:19:56 -08:00
Kai Engert
5120a5ba80
Bug 1088969
- Upgrade Mozilla 36 to use NSS 3.18, land beta 4 which backs out bug 1073330
2014-11-28 07:56:26 +01:00
Carsten "Tomcat" Book
004f2edc52
Backed out changeset 761071f57ab6 (bug 1024809) for emulator ics bustage
2014-11-27 16:30:41 +01:00