Commit Graph

2977 Commits

Author SHA1 Message Date
Kai Engert
43f744a2b0 Bug 1137470 - Upgrade Firefox to NSS 3.18, landing NSS_3_18_BETA7, r=nss-confcall 2015-02-26 23:29:08 +01:00
David Keeler
04a248a258 bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith 2015-02-24 15:48:05 -08:00
Boris Zbarsky
8d06e45b3d Bug 1136388. Change nsIDocumentLoaderFactory and nsIURIContentListener to take MIME types as an XPCOM string, not a char*. r=smaug 2015-02-25 10:26:51 -05:00
Jed Davis
232064fbf4 Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes. r=gdestuynder 2015-02-20 12:16:00 +01:00
Brian Smith
745bea4592 Bug 1077864, Part 3: update nsserrors.properties so error message gets localized. 2015-02-23 16:04:23 -08:00
Brian Smith
e4dfaf9d35 Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler 2015-02-14 16:59:02 -08:00
Brian Smith
a44a7d430b Bug 1077864, Part 2: Override the trust level for OCSP response signer certs so that they are never considered trust anchors, r=keeler 2015-02-14 15:59:38 -08:00
Brian Smith
8aa85cf009 Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler 2015-02-22 16:59:03 -08:00
Brian Smith
3365c67a40 Bug 1135407: Factor out duplicate logic in tests, r=keeler 2015-02-21 14:12:38 -08:00
Ehsan Akhgari
7270bff2c4 Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith 2015-02-23 13:40:09 -05:00
Ryan VanderMeulen
f1dae981be Merge inbound to m-c. a=merge 2015-02-21 16:40:27 -05:00
ffxbld
eef00bd3dc No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update 2015-02-21 03:32:26 -08:00
ffxbld
a0e4678d63 No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update 2015-02-21 03:32:24 -08:00
André Reinald
7f6c61c6b3 Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
André Reinald
0f64952695 Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
2015-02-18 14:10:27 +01:00
Brian Smith
bfd52ee2fd Bug 1133618 - Move test SHA1 function to pkixtestutil.cpp. r=mmc
--HG--
extra : histedit_source : ef579a4958356a12974b1f0f69ab2d6070ff8e65
2015-02-16 16:37:03 -08:00
Brian Smith
56eb4fcacf Bug 1130754 - Make PublicKeyAlgorithm an enum class. r=keeler
--HG--
extra : histedit_source : 14d321bc2cbdf749fd05994571ca439ee62ab973
2015-02-14 13:25:09 -08:00
Masatoshi Kimura
50d0e8393e Bug 1127339 - Detect SSLv3-only server in PSM. r=keeler 2015-02-21 17:20:22 +09:00
Cykesiopka
9d854c725f Bug 1097622 - Add test cases for certs that have notBefore times earlier than the UNIX epoch. r=dkeeler 2015-02-17 06:15:00 -05:00
Cykesiopka
46f192d5a1 Bug 1097622 - Return ERROR_INVALID_TIME when decoding invalid time values. r=dkeeler 2015-02-18 15:56:00 -05:00
Cykesiopka
e2b4441c11 Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler 2015-02-17 06:12:00 -05:00
Masatoshi Kimura
d2252a6393 Bug 1133187 - Update fallback whitelist. r=keeler 2015-02-19 04:12:59 +09:00
Masatoshi Kimura
e322360a68 Bug 1124039 - Allow RC4 only for whitelisted hosts. r=keeler 2015-02-19 04:12:58 +09:00
Chris Peterson
949860b4a1 Bug 1133283 - Remove nonstandard expression closures from security/manager/ssl/tests. r=keeler 2015-01-24 23:48:22 -08:00
David Keeler
ea529f0499 bug 1123671 - if a non-overridable error is encountered when processing an overridable certificate error, report the non-overridable error r=mmc r=jcj
Also, SEC_ERROR_UNTRUSTED_ISSUER and SEC_ERROR_UNTRUSTED_CERT are not actually overridable, so don't pretend they are.
2015-01-23 14:04:44 -08:00
Christoph Kerschbaumer
aa5bc08574 Bug 1099296 - Attach LoadInfo to remaining callers of ioService and ProtocolHandlers - in security/ (r=keeler) 2015-02-17 10:09:40 -08:00
Carsten "Tomcat" Book
635a599417 Merge mozilla-central to mozilla-inbound 2015-02-16 16:14:51 +01:00
Carsten "Tomcat" Book
92151b28e6 merge mozilla-inbound to mozilla-central a=merge 2015-02-16 15:59:56 +01:00
ffxbld
bb7473b29b No bug, Automated HPKP preload list update from host bld-linux64-spot-1093 - a=hpkp-update 2015-02-14 03:21:57 -08:00
ffxbld
b949878087 No bug, Automated HSTS preload list update from host bld-linux64-spot-1093 - a=hsts-update 2015-02-14 03:21:55 -08:00
Masatoshi Kimura
c8e087c026 Bug 1131880 - Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback. r=keeler 2015-02-16 20:03:06 +09:00
Masatoshi Kimura
150d422525 Backout 9507662057de (bug 1130670) and c731517a47e8 (bug 1124039) due to compatibility issues 2015-02-16 19:55:15 +09:00
Mike Hommey
5d1757358f Bug 1120937 - Properly initialize string fields from the PKCS#11 test module. r=keeler
The string fields need to be padded with spaces, according to what
PK11_MakeString does to find the end of the string.

While here, factor all the string manipulations in the test module and
use some C++ template magic to do the right thing.

This changes the static asserts from (with clang):

pkcs11testmodule.cpp:45:3: error: static_assert failed
      "TestManufacturerID too long - make it shorter"
  static_assert(sizeof(TestManufacturerID) <= sizeof(pInfo->manufacturerID),
  ^             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

to:

pkcs11testmodule.cpp:46:3: error: static_assert failed
      "DestSize >= SrcSize - 1"
  static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1");
  ^             ~~~~~~~~~~~~~~~~~~~~~~~
pkcs11testmodule.cpp:58:3: note: in instantiation of function
      template specialization 'CopyString<32, 63>' requested here
  CopyString(pInfo->manufacturerID, TestManufacturerID);
  ^

which actually gives more information than before: it gives the length of
both buffers.
2015-02-13 10:29:18 +09:00
Masatoshi Kimura
e34dc73e15 Bug 1130670 - Remove dead code that tracks strongCipherStatus. r=keeler 2015-02-14 15:16:04 +09:00
Nicholas Nethercote
74cc61fdfd Bug 1131901 (part 1) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj.
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.

--HG--
extra : rebase_source : 526d96ab65e4d7d71197b90d086d19fbdd79b7b5
2015-02-02 14:48:58 -08:00
Cykesiopka
44ea4c71c9 Bug 1130405 - Remove unused pippki strings. r=jcj 2015-02-11 05:08:00 -05:00
Cykesiopka
f22ff654d2 Bug 1130402 - Make use of currently unused certManager.dtd access key strings. r=jcj 2015-02-07 01:16:00 -05:00
Bob Owen
b56ef398b7 Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy 2015-02-11 16:25:43 +00:00
Cykesiopka
9669a7f43d Bug 1131475 - Make sure reference to "unable_to_toggle_fips" bundle key is in the correct case. r=jcj 2015-02-11 05:05:00 -05:00
Andrew McCreight
2b516fc573 Bug 1131199, part 2 - Make PLDHashtInitEntry infallible. r=froydnj
Also, drop the unused table argument.
2015-02-11 09:46:40 -08:00
Andrew McCreight
9c53e99744 Bug 1131199, part 1 - Allocation of CompareCacheHashEntryPtr::entry is infallible. r=froydnj 2015-02-11 09:46:40 -08:00
Brian Smith
6361bff3d7 Bug 1102195 Part 4: Re-apply - Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowen
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/c827c112df81
2015-01-07 23:28:51 -08:00
Bob Owen
608de41dda Bug 1102195 Part 3: Re-apply logging changes to the Chromium interception code. r=tabraldes
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/0f763c186855
2014-11-29 17:12:18 +00:00
Bob Owen
0603798733 Bug 1102195 Part 2: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
Bob Owen
cb041d2191 Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld 2015-02-11 08:22:02 +00:00
Brian Smith
242431f427 Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
2015-02-07 12:14:31 -08:00
Nicholas Nethercote
44179aabe3 Back out changesets 2fcef6b54be7, 2be07829fefc, 66dfe37b8532, df3fcd2be8fd, 0a436bce77a6 (bug 1050035) for causing intermittent crashes and assertion failures.
--HG--
extra : rebase_source : eb30be83c3143c6c203585a80a18f180025efaba
2015-02-10 14:39:49 -08:00
Brian Smith
6ce1520e1a Bug 1122841, Part 2: Centralize checking of public key, r=keeler
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
2015-02-02 16:17:08 -08:00
Brian Smith
0f061e9d78 Bug 1122841, Part 1: Add PositiveInteger parser, r=keeler
--HG--
extra : rebase_source : 50d79951398e44bf2718c0f071962aa00660fec2
2015-02-06 18:21:20 -08:00
Brian Smith
88cb1c2a98 Bug 1128413, Part 4: Fix warnings in mozilla-config.h and gcc-stl-wrapper.template.h, r=glandium
--HG--
extra : rebase_source : 7ba4fb8a0bd11648908e2790e86ce3bb4517aeb7
2015-02-02 17:35:19 -08:00