Commit Graph

7801 Commits

Author SHA1 Message Date
ffxbld
61d2aa431c No bug, Automated HSTS preload list update from host bld-linux64-ec2-142 - a=hsts-update 2013-09-07 03:36:29 -07:00
Jed Davis
bc85533cf4 Bug 908907 - Fill in gaps in seccomp-bpf whitelist for b2g. r=kang, r=bsmith
Relatively harmless syscalls:
* dup, used by mozilla::ipc::Shmem
* getuid, for android::IPCThreadState, used in audio decode
* nanosleep, used by android::AudioTrack

Of potential concern:
* sched_setscheduler, used by audio threads in e.g. CubeVid
  This might be restrictable somewhat by inspecting its arguments.

Of serious concern:
* unlink, as a workaround for bug 906996 (q.v.).

Note that we already allow open(), including for writing (temporary
files, /dev/genlock on qcom devices, probably more), so allowing unlink
won't make the situation much worse.
2013-09-06 09:13:59 -04:00
Robert O'Callahan
03e7828db2 Bug 910989. Remove nsTHashtable::Init, fallible allocation, and MT hashtables. r=ehsan,bsmedberg
--HG--
extra : rebase_source : 0787130b1814c74bfb38dc178de94022f0b2e64e
2013-09-02 20:41:57 +12:00
Mike Hommey
f8bc7fa754 Bug 912293 - Remove now redundant boilerplate from Makefile.in. r=gps 2013-09-05 09:01:46 +09:00
David Keeler
dad3672925 bug 912204 - properly clear HSTS state in browser_bug627234_perwindowpb.js r=cviecco 2013-09-03 13:43:07 -07:00
Masatoshi Kimura
e06d8f88fa Bug 911573 - Mochitest fixup to prepare removing Components-in-content with UniversalXPConnect. r=bholley 2013-09-05 01:02:34 +09:00
Po-Chun Chang
752524a532 Bug 908527 - Avoid wasted work in PSM_SSL_BlacklistDigiNotar(). r=cviecoo 2013-09-03 08:55:52 -04:00
Jeff Walden
de9ce95170 Bug 730805 - Provide mozilla/IntegerPrintfMacros.h to implement the PRI* macros portion of the <inttypes.h> interface. r=espindola
--HG--
extra : rebase_source : be80333003c6fec659e736a77463568c836d8348
2011-12-15 00:27:42 -05:00
ffxbld
af01d6d046 No bug, Automated HSTS preload list update from host bld-linux64-ec2-356 - a=hsts-update 2013-08-31 03:17:30 -07:00
Brian O'Keefe
261614859f Bug 875934 - Move LIBRARY_NAME to moz.build, batch 4; r=mshal 2013-08-15 09:12:40 -04:00
Brian O'Keefe
d118b95a0d Bug 875934 - Move LIBRARY_NAME to moz.build, batch 3; r=mshal 2013-08-15 09:02:09 -04:00
Nicholas Nethercote
3c5b0c6b29 Bug 909597 (part 2) - Rename jsdbgapi.{h,cpp} as {js,vm}OldDebugAPI.{h,cpp}. r=luke.
--HG--
rename : js/src/jsdbgapi.h => js/public/OldDebugAPI.h
rename : js/src/jsdbgapi.cpp => js/src/vm/OldDebugAPI.cpp
extra : rebase_source : 9cd65a698e726c43d88d650f40823367bf98feae
2013-08-26 19:05:20 -07:00
David Keeler
0d58b48b10 bug 849553 - crypto.generateCRMFRequest should throw for bad key sizes r=bsmith
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug882865.html => security/manager/ssl/tests/mochitest/bugs/test_generateCRMFRequest.html
2013-08-27 16:48:52 -07:00
Kai Engert
e7a6934079 bug 887052 - follow-up: fix typo in browser_bug627234_perwindowpb.js r=keeler 2013-08-27 16:12:48 -07:00
Kai Engert
be6fca9992 Bug 633001, SSL cannot set exceptions on IPv6 addresses, also fixes bug 828873. Based on work by Erik Lax, r=dkeeler 2013-08-27 23:54:34 +02:00
Jed Davis
b772ac570e Bug 907002 - Add restart_syscall to seccomp whitelist. r=kang 2013-08-26 11:27:49 -04:00
Geoff Brown
fd9a8160b1 Bug 865006 - (4) Add more xpcshell tests for android; r=jmaher 2013-08-25 10:58:31 -06:00
Phil Ringnalda
9bedd948d3 Merge m-i to m-c 2013-08-25 08:20:24 -07:00
ffxbld
6c2f52a1ef No bug, Automated HSTS preload list update from host bld-linux64-ec2-018 - a=hsts-update 2013-08-24 03:20:13 -07:00
Nicholas Nethercote
789875a768 Bug 905017 (part 3, attempt 2) - Move profiling stack stuff from jsapi.h to js/ProfilingStack.h. r=billm.
--HG--
extra : rebase_source : 8226a31c4f2a286ba843da616b1061ca034a5d41
2013-08-19 23:45:26 -07:00
Bobby Holley
ae571db69f Bug 903891 - Push a null principal before opening XUL dialogs in ye olde crytoe APIe. r=jst
This fixes the generateCRMFRequest failures. The callsites here are easily
greppable (grep for nsNSSDialogHelper::openDialog), and they're all chrome://
XUL documents.
2013-08-22 15:51:34 -07:00
Wan-Teh Chang
8c902d34d0 Bug 880543: Update NSS to NSS_3_15_2_BETA1, mainly to pick up AES-GCM
TLS cipher suites.
2013-08-23 16:19:36 -07:00
Makoto Kato
033e608a90 Bug 901820 - Part 1. replace nsCRT::strdup with strdup. r=bsmedberg 2013-08-22 19:31:48 +09:00
Ms2ger
f805d8d6eb Merge m-c to inbound 2013-08-22 10:38:48 +02:00
Ms2ger
8040c0cadd Backout changesets 7e6fb33fdf22:c85332df4320 (bug 905017) for windows bustage. 2013-08-22 10:16:30 +02:00
Ms2ger
04a948975a Bug 906619 - Part a: Move unconditional CSRCS to moz.build; r=mshal 2013-08-22 08:56:02 +02:00
Ms2ger
bdfaa84f5b Bug 904831 - Part b: Move unconditional MSVC_ENABLE_PGO definitions into moz.build; r=gps 2013-08-22 08:56:01 +02:00
Ms2ger
3a103a7e9f Bug 883284 - Part f: Move LIBXUL_LIBRARY into moz.build (p-z); r=glandium 2013-08-22 08:56:01 +02:00
Ms2ger
4807f1c86c Bug 882859 - Part b: Move FAIL_ON_WARNINGS into moz.build; r=joey+gps 2013-08-22 08:55:59 +02:00
Nicholas Nethercote
5c94c32440 Bug 905017 (part 3) - Move profiling stack stuff from jsapi.h to js/ProfilingStack.h. r=billm.
--HG--
extra : rebase_source : 8322f1c96b95685912375484172d47f53107947f
2013-08-19 23:45:26 -07:00
Neil Rashbrook
5d37448b15 Bug 907904 Fix string correctness issues r=bsmith 2013-08-22 08:38:57 +01:00
Nicholas Nethercote
2585de9a07 Bug 905017 (part 1) - Minimize inclusions of JS engine headers in .h and .idl files. r=billm.
--HG--
extra : rebase_source : 984c61ab12f46be0509b1ce0d458d9a6e5841c64
2013-08-17 15:50:18 -07:00
Cykesiopka
3aa61b4737 Bug 906971 - Cleanup editcerts.js. r=keeler 2013-08-20 16:43:39 -04:00
Cykesiopka
55eaa8fe41 Bug 861763 - Remove text-decoration: blink in security/manager/pki/resources/content/createCertInfo.xul. r=keeler 2013-08-20 08:30:25 -04:00
Ryan VanderMeulen
bb87caf4be Merge m-c to inbound on a CLOSED TREE. 2013-08-19 17:05:12 -04:00
Paolo Amadini
b11a74bd59 Bug 847863 - Part 5 of 8 - Selectively convert mixed content blocker tests. r=enn 2013-08-19 17:23:59 +02:00
Cykesiopka
066db840e7 Bug 825583 - Remove server tab cert trust editing. r=keeler 2013-08-19 08:48:08 -04:00
ffxbld
fa1587cbb6 No bug, Automated HSTS preload list update from host bld-centos6-hp-008 - a=hsts-update 2013-08-17 03:12:53 -07:00
David Keeler
726000e491 bug 903762 - be more strict about removing HSTS preload list entries r=cviecco 2013-08-15 15:48:39 -07:00
Guillaume Destuynder
ced6ec4f73 Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
Trevor Saunders
acfc9e9cd6 bug 905410 - remove most remaining usage of nspr atomics outside of xpcom/ r=ehsan 2013-08-12 05:51:49 -04:00
Brian O'Keefe
263f163332 Bug 896177 - Remove more config.mk includes; r=gps 2013-07-17 16:07:14 -04:00
Ms2ger
30f4e6e119 Merge latest PGO-green inbounc changeset to m-c. 2013-08-14 14:45:47 +02:00
Ms2ger
e9ac4435fb Bug 897909 - Cleanup some SIMPLE_PROGRAMS; r=gps
* * *
FOLD
2013-08-14 09:00:13 +02:00
Camilo Viecco
dbacfa865e Bug 902511 - Batch of EV certs for August (augments struct in nsIdentityInfo). r=honzab 2013-08-13 22:21:20 -07:00
Ms2ger
c85f768b0d Backout changeset 9a57f0f347e3 for insufficient review. 2013-08-13 13:30:00 +02:00
Guillaume Destuynder
b7704a2398 Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=agal, r=dhylands, r=dkeeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
Boris Zbarsky
af4624bf9a Back out revision ea0f2d537a40 (bug 903283) because Windows was bootlegging nsRegion.h via EventTarget.h in widget code and so we ended up with a CLOSED TREE. 2013-08-09 22:31:05 -04:00
David Zbarsky
0849600afa Bug 903283: Don't include EventTarget.h in headers r=Ms2ger 2013-08-09 21:17:52 -04:00
David Zbarsky
9ce94de31b Bug 903283: Don't include EventTarget.h in headers r=Ms2ger 2013-08-19 06:15:55 -04:00
Trevor Saunders
e62a12b52f bug 886526 - remove IS_COMPONENT and MODULE_NAME makefile vars for things in libxul r=bsmedberg r=glandium 2013-08-08 20:12:37 -04:00
Nicholas Nethercote
d8f824e34e Bug 898914 (part 1) - Remove JSBool.
--HG--
extra : rebase_source : 2d202e0e5005a7f54724b1540481c15cde3ad52e
2013-08-08 15:53:04 -07:00
David Dahl
2d55ce87ec Bug 824652 - crypto.generateCRMFRequest bypasses CSP (allows script execution from a string, without unsafe-eval) r=bsmith r=khuey r=keeler 2013-08-06 21:46:05 -05:00
Ryan VanderMeulen
3eb19df999 Backed out changeset a4dd0dc4e354 (bug 824652) for Android M1 orange. 2013-08-05 19:21:17 -04:00
David Keeler
698f43041b bug 887052 - refactor nsISiteSecurityService for multiple headers r=cviecco r=mcmanus r=jst sr=jst 2013-08-02 16:23:18 -07:00
David Keeler
6be2e1d4e0 bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
2013-08-02 15:48:37 -07:00
David Dahl
6b4fc6a059 Bug 824652 - crypto.generateCRMFRequest bypasses CSP (allows script execution from a string, without unsafe-eval) r=bsmith r=khuey r=keeler 2013-08-05 16:15:22 -05:00
Ryan VanderMeulen
9973ce0c8b Backed out changesets 5f8a88c6d0c8 and 97fcb5a154d8 (bug 887052) for OSX mochitest-other orange.
--HG--
rename : netwerk/base/public/nsISiteSecurityService.idl => netwerk/base/public/nsIStrictTransportSecurityService.idl
rename : security/manager/boot/src/nsSiteSecurityService.cpp => security/manager/boot/src/nsStrictTransportSecurityService.cpp
rename : security/manager/boot/src/nsSiteSecurityService.h => security/manager/boot/src/nsStrictTransportSecurityService.h
2013-08-05 16:18:06 -04:00
David Keeler
dfff78a666 bug 887052 - refactor nsISiteSecurityService for multiple headers r=cviecco r=mcmanus r=jst sr=jst 2013-07-01 10:49:40 -07:00
David Keeler
fd28a3ce4c bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
2013-07-01 09:30:11 -07:00
Carsten "Tomcat" Book
5c34d25a48 Merge b2g-inbound to m-c 2013-08-05 11:22:48 +02:00
ffxbld
471aca0e21 No bug, Automated HSTS preload list update from host bld-linux64-ec2-042 - a=hsts-update 2013-08-03 03:26:02 -07:00
Yoshi Huang
2e2cee1761 Bug 883741 - Part 1: WebCrypto: Move Crypto to WebIDL. r=bz 2013-08-01 14:57:25 +08:00
Ehsan Akhgari
b9980dbc97 Bug 579517 follow-up: Remove NSPR types that crept in 2013-08-02 12:09:54 -04:00
Wan-Teh Chang
7a2a3b36a8 Bug 881841: Update Mozilla to use NSS 3.15.1. 2013-08-01 15:59:00 -07:00
Wan-Teh Chang
975bc25be6 Bug 713933: Add the NSS patch for this bug (rather than the PSM patch
for bug 658222) to security/patches.
2013-08-01 15:49:16 -07:00
Yoshi Huang
73263e6ce6 Bug 899946 - strange call to crypto.generateCRMFRequest from test_bug882865.html. r=Ms2ger 2013-07-31 18:34:14 +08:00
Ehsan Akhgari
2824b29025 Bug 895322 - Part 1: Replace the usages of MOZ_STATIC_ASSERT with C++11 static_assert; r=Waldo
This patch was mostly generated by running the following scripts on the codebase, with some
manual changes made afterwards:

# static_assert.sh
#!/bin/bash
# Command to convert an NSPR integer type to the equivalent standard integer type

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name nsXPCOMCID.h \
       ! -name prtypes.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.cc" \
         -o -iname "*.mm" \) | \
    xargs -n 1 `dirname $0`/assert_replacer.py #sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_STATIC_ASSERT static_assert
hg rev --no-backup mfbt/Assertions.h \
                   media/webrtc/signaling/src/sipcc/core/includes/ccapi.h \
                   modules/libmar/src/mar_private.h \
                   modules/libmar/src/mar.h


# assert_replacer.py
#!/usr/bin/python

import sys
import re

pattern = re.compile(r"\bMOZ_STATIC_ASSERT\b")

def replaceInPlace(fname):
  print fname
  f = open(fname, "rw+")
  lines = f.readlines()
  for i in range(0, len(lines)):
    while True:
      index = re.search(pattern, lines[i])
      if index != None:
        index = index.start()
        lines[i] = lines[i][0:index] + "static_assert" + lines[i][index+len("MOZ_STATIC_ASSERT"):]
        for j in range(i + 1, len(lines)):
          if lines[j].find("                 ", index) == index:
            lines[j] = lines[j][0:index] + lines[j][index+4:]
          else:
            break
      else:
        break
  f.seek(0, 0)
  f.truncate()
  f.write("".join(lines))
  f.close()

argc = len(sys.argv)
for i in range(1, argc):
  replaceInPlace(sys.argv[i])

--HG--
extra : rebase_source : 4b4a4047d82f2c205b9fad8d56dfc3f1afc0b045
2013-07-18 13:59:53 -04:00
Ehsan Akhgari
ef4b479714 Bug 872127 - Part 2: Replace mozilla/StandardInteger.h with stdint.h; r=Waldo,ted 2013-07-30 10:25:31 -04:00
Bobby Holley
98a0425f0f Bug 899245 - Rename JS_GetGlobalForScopeChain to JS::CurrentGlobalOrNull. r=luke
This was done with perl/grep.
2013-07-29 16:45:27 -07:00
Adrian Lungu
8bac10e69e Bug 887984 - Send telemetry data from NTLM Init() methods. r=honzab 2013-07-25 09:54:11 -07:00
Trevor Saunders
108b7dd046 backout bug 886526 because it probably made us use a lot more memory to link on windows 2013-07-29 11:03:21 -04:00
Olli Pettay
070b42da93 Bug 892588 - crash in nsNSSASN1Sequence::~nsNSSASN1Sequence, r=bsmith
--HG--
extra : rebase_source : a3d1a29f0ebcfb05462be3a46b38b7be08163379
2013-07-29 19:46:52 +03:00
ffxbld
a19823c25d No bug, Automated HSTS preload list update from host bld-linux64-ec2-489 - a=hsts-update 2013-07-27 03:17:36 -07:00
David Keeler
e76bfadffd bug 846825 - refactor, make HSTS header parser more spec-conformant r=cviecco r=grobinson 2013-07-25 16:13:50 -07:00
Joshua Cranmer
d9601afd10 Bug 884061 - Part 3s: Use NS_DECL_THREADSAFE_ISUPPORTS in security/, r=bsmith
--HG--
extra : rebase_source : 2b3329c361a71c49ef7c0793006c7dbb6f855e28
2013-07-18 21:24:14 -05:00
Cameron McCormack
cd4006ab60 Backout bdceed703766 (bug 887984) for Windows build failures. 2013-07-23 13:43:45 +10:00
Adrian Lungu
1b8eddbd1f Bug 887984 - Send telemetry data from NTLM Init() methods. r=mayhemer 2013-07-18 12:00:04 -07:00
Ed Morley
7be3034ecd Merge latest green inbound changeset and mozilla-central 2013-07-22 14:45:43 +01:00
ffxbld
d406588482 No bug, Automated HSTS preload list update from host bld-linux64-ec2-397 - a=hsts-update 2013-07-20 03:37:24 -07:00
David Keeler
e8b27b70d3 bug 882865 - cryptojs key gen cleanup: use EqualsLiteral() r=bsmith r=Ms2ger r=khuey 2013-07-12 10:00:22 -07:00
David Keeler
bfc4a56912 bug 892017 - fix incorrect usage of PLArenaPool in OCSPStaplingServer r=bsmith 2013-07-19 11:54:10 -07:00
David Keeler
929d9e7dd2 Back out a5a5d2c176f7 (bug 882865) because of Android test failures on a CLOSED TREE 2013-07-18 15:55:10 -07:00
David Keeler
bb76747efb bug 882865 - cryptojs key gen cleanup: use EqualsLiteral() r=bsmith r=Ms2ger 2013-07-12 10:00:22 -07:00
Camilo Viecco
34712933a6 Bug 883682: Enable EV test cert only in debug builds. r=bsmith
--HG--
extra : rebase_source : 0f14273c6f6d4da4164d7beeb3fd21bd6def1fd0
2013-07-03 08:24:09 -07:00
Ed Morley
a5daa8f4fd Merge latest green inbound changeset and mozilla-central 2013-07-15 10:48:54 +01:00
ffxbld
e1159218c3 No bug, Automated HSTS preload list update from host bld-centos6-hp-017 - a=hsts-update 2013-07-13 03:11:47 -07:00
Johnny Stenback
1ee1915096 Bug 893290 - Fix busted error reporting in ssl code. r=dougt 2013-07-13 07:35:30 -07:00
Kai Engert
2cc3aac4b8 Bug 531067: Remove hard-coded default OCSP responders on trunk, r=briansmith
--HG--
extra : rebase_source : 23bc45569bba9f417a51c13530f0319144f07b03
2013-07-11 23:33:55 -07:00
David Keeler
9609fc132a bug 889831 - always call SSL_PeerStapledOCSPResponses r=bsmith 2013-07-08 14:56:08 -07:00
Brian Smith
92ac44f63e Bug 820887: Fix early return in HandshakeCallback, r=keeler
--HG--
extra : rebase_source : e60d86d2b796bda0d44fe640663261cbebede495
2013-05-15 14:32:03 -07:00
Emanuel Hoogeveen
e32590ca0d Bug 890714 - Fix mixed line endings. r=joe, r=jesup 2013-07-08 16:33:15 -04:00
Josh Matthews
b278293ded Bug 889885 - Avoid releasing scripted observers from PSM off the main thread. r=bsmith 2013-07-08 13:43:31 -04:00
Trevor Saunders
4fda35a773 bug 886526 - disallow MODULE_NAME and IS_COMPONENT for makefiles in libxul r=bsmedberg 2013-06-25 11:15:21 -04:00
Ehsan Akhgari
de78bff8d5 Bug 886183 - Remove three unused functions from nsIdentityChecking.cpp; r=bsmith 2013-07-08 07:11:08 -04:00
ffxbld
25943dad1e No bug, Automated HSTS preload list update from host bld-linux64-ix-019 - a=hsts-update 2013-07-06 03:26:18 -07:00
Ryan VanderMeulen
c38d464f0b Merge m-c and inbound. 2013-07-03 16:39:33 -04:00
ffxbld
ed24ba9117 No bug, Automated HSTS preload list update from host bld-linux64-ec2-324 - a=hsts-update 2013-07-03 12:25:37 -07:00
Masatoshi Kimura
1a9e38cc24 Bug 888323 - Stop including prtime.h in nsrootidl.idl. r=ehsan 2013-07-04 00:56:26 +09:00
Patrick McManus
1fdcea773a bug 658222 - Enable TLS False Start (PSM) r=bsmith
--HG--
extra : rebase_source : ac9f77ba73a0a902f4b6aa8d52add7d52efb1b53
2013-06-28 16:58:28 -04:00