Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-19 08:15:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
451,356 Commits 615 Branches 98 Tags 5.9 GiB
0d7845c409
Commit Graph

9938 Commits

Author SHA1 Message Date
ffxbld
1d00751ccd No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update 2015-09-03 13:59:50 -07:00
Masatoshi Kimura
dbfc3317da Bug 1201024 - Disable unrestricted RC4 fallback and add RC4-only servers to the fallback whitelist. r=cykesiopka 2015-09-03 21:50:52 +09:00
Nick Thomas
5744a154e2 Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka 2015-09-03 22:07:42 +12:00
Masatoshi Kimura
dbd45351dc Bug 1195789 - Update fallback whitelist. r=cykesiopka 2015-09-02 00:44:04 +09:00
Nicholas Nethercote
f44287005f Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium. 
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.

--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
 2015-08-27 20:44:53 -07:00
Ryan VanderMeulen
c7fdbe4d0f Backed out changeset 982be1bbebdf (bug 1199624) for Windows bustage. 2015-08-30 17:09:09 -04:00
Jacek Caban
c8309c6328 Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith 2015-08-29 07:59:00 -04:00
Cykesiopka
0d6549c972 Bug 1197644 - Remove the security.ssl.warn_missing_rfc5746 pref. r=keeler 
--HG--
extra : transplant_source : %90%28%11%DB%E53%93%7C%F2%D6%5Ek%CC%DC%BE%FAe%F2%896
 2015-08-24 22:53:42 -07:00
Makoto Kato
7073895edf Bug 1196403 - Apply crbug/522201 to support Windows 10 build 10525. r=bobowen 2015-08-25 19:21:08 +09:00
Xidorn Quan
dbaa85ce62 Bug 1188468 - Allow script to force updating a generated file even if the file is actually not changed. r=gps 
--HG--
extra : source : 47b56f2495030d77c446215d8822c31fc32f23b7
 2015-08-25 10:07:43 +10:00
David Keeler
2ee5d006b7 bug 1194013 - convert test_name_constraints.js to generate certificates at build time r=Cykesiopka,mgoodwin 2015-08-11 16:40:38 -07:00
Ryan VanderMeulen
5b75ad5195 Merge inbound to m-c. a=merge 2015-08-23 17:18:36 -04:00
Fabrice Desré
3a47f061c9 Bug 1196988 - Remove THA support. r=gwagner 2015-08-21 10:00:54 -07:00
Jonathan Griffin
369ec3ac0f Bug 1136892 - Create an xpcshell-addons tag for running addon-specific xpcshell tests, r=chmanchester 
--HG--
extra : commitid : 6kGKslC9h14
 2015-08-18 11:26:14 -07:00
Kai Engert
641cf3a3ad Bug 1194135, set NSS version to final 3.20 tag, no code change, DONTBUILD 2015-08-19 18:41:53 +02:00
Wes Kocher
fe6faf7d6b Backed out changeset 688775a8227f (bug 1136892) for mass bustage prompting a CLOSED TREE 2015-08-18 11:58:05 -07:00
Christoph Kerschbaumer
10a7d6a5b9 Bug 1195606 - Use channel->ascynOpen2 in security/manager/ssl/nsNSSCallbacks.cpp (r=sicking) 2015-08-18 09:54:09 -07:00
Mark Goodwin
f2b116c0d6 Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler) 2015-08-21 15:14:08 +01:00
Mike Hommey
7da4ee35ba Bug 1189891 - Avoid including <cstring> from pkix/Input.h. r=bsmith 2015-08-21 15:27:22 +09:00
Mike Hommey
b85471d7e8 Backout changesets af1b36497559 and 1d52ab626597 (bug 1189891) for pkix bustage 2015-08-21 15:05:38 +09:00
Mike Hommey
067b45951a Bug 1189891 - Avoid including <cstring> from pkix/Input.h. r=bsmith 2015-08-21 14:29:19 +09:00
Ben Hearsum
c51baf3ae9 bug 1116409: switch update server to sha2 cert; update in-tree pinning. r=rstrong,snorp,mfinkle,dkeeler 2015-08-20 17:50:51 -04:00
Cykesiopka
b4174da7d8 Bug 1195615 - Log a web console warning when a HPKP header is ignored due to a non-built in root cert. r=keeler 2015-08-20 14:33:29 -07:00
Jonathan Griffin
dde975f7a0 Bug 1136892 - Create an xpcshell-addons tag for running addon-specific xpcshell tests, r=chmanchester 
--HG--
extra : commitid : FN6nc0Yis2o
 2015-08-18 11:26:14 -07:00
Arnaud Bienner
2755fa9a57 Bug 1190086 - Use new String::Contains(char) method more widely r=froydnj 
--HG--
extra : rebase_source : 81df1495200d3734ea1c4c13818ae764a445f4b3
 2015-08-14 00:49:15 +02:00
David Keeler
23a9820f27 bug 1190603 - rename prime256v1 to secp256r1 in test_keysize.js to reduce confusion r=Cykesiopka 
OpenSSL refers to the curve in question as 'prime256v1', but rfc 5480,
mozilla::pkix, and the test framework refer to it as secp256r1, so we
should be consistent.

--HG--
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp224r1_224-int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp256k1_256-int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256k1_256-int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_rsa_1016-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_rsa_1016-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_secp224r1_224-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp224r1_224-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_prime256v1_256-root_secp224r1_224.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp256r1_256-root_secp224r1_224.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_prime256v1_256-int_prime256v1_256-root_secp256k1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp256r1_256-int_secp256r1_256-root_secp256k1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp384r1_384-int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp384r1_384-int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/ee_secp521r1_521-int_secp384r1_384-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/ee_secp521r1_521-int_secp384r1_384-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_rsa_1016-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_rsa_1016-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_secp224r1_224-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp224r1_224-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_rsa_2048.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_rsa_2048.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_secp224r1_224.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp224r1_224.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_secp256k1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp256k1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_prime256v1_256-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp256r1_256-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/int_secp384r1_384-root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/int_secp384r1_384-root_secp256r1_256.pem.certspec
rename : security/manager/ssl/tests/unit/test_keysize/root_prime256v1_256.pem.certspec => security/manager/ssl/tests/unit/test_keysize/root_secp256r1_256.pem.certspec
 2015-08-05 13:39:11 -07:00
David Keeler
70897766ec bug 1190603 - convert test_keysize.js to generate certificates at build time r=Cykesiopka 2015-08-03 17:02:58 -07:00
Aryeh Gregor
ff2ceb15ed Bug 1193298 - Part 2: Use .get() to convert from RefPtr to raw pointer. r=froydnj 2015-08-11 06:45:00 -04:00
Jed Davis
b7a032eb04 Bug 1004011 - Support SECCOMP_FILTER_FLAG_TSYNC if available. r=kang 
--HG--
extra : rebase_source : 32be610d889fedb518e062a4a416331be21378d3
 2015-08-11 16:30:00 -04:00
Tanvi Vyas
7b0ea8ee04 Bug 1182551 - Updating nsSecureBrowserUIImpl so that insecure pages with mixed content iframes don't get marked as broken. r=keeler 2015-08-13 17:13:48 -07:00
Kai Engert
531a2c1719 Bug 1194135, Update Mozilla to NSS 3.20, r=mt 2015-08-13 11:31:23 +02:00
Nathan Froyd
8f318ea950 Bug 1193021 - clean up reference-counting in security/; r=keeler 2015-07-01 13:10:53 -04:00
David Keeler
7ce068b7e9 bug 1190532 - change default key specification from implicit to explicit in pycert.py r=Cykesiopka 
Previously using an empty string would result in pycert.py returning the
default shared RSA key. This resulted in empty keyspec files being added
to the tree, which was confusing. This should end the confusion by making
the key specification process explicit rather than implicit.
 2015-08-06 11:35:40 -07:00
David Keeler
948094db6e bug 1189427 - convert test_ocsp_fetch_method.js to generate certificates at build time r=mgoodwin 2015-07-30 10:20:52 -07:00
Kai Engert
8238eb63a4 Bug 1190794, land final NSS_3_19_3_RTM tag, no code change, DONTBUILD 2015-08-07 20:19:06 +02:00
Makoto Kato
c3c571a9ee Bug 1166323 - Fix unexpcetd changed on previous landed. r=dkeeler 2015-08-07 13:41:49 +09:00
Cykesiopka
d9d018971e Bug 1164609 - Remove EV treatment for expired Buypass Class 3 CA 1 root certificate. r=keeler 
--HG--
extra : rebase_source : 65e2c8746098d8fb2cd5347b557c23a3832d435a
 2015-08-07 00:21:00 +02:00
Carsten "Tomcat" Book
fca5cdc8bc Backed out changeset 9618f92995ab (bug 1166323) for linux x64 test bustage on a CLOSED TREE 2015-08-07 07:24:40 +02:00
Makoto Kato
6fb6d7a35c Bug 1166323 - Fix unexpcetd changed on previous landed. r=dkeeler 2015-08-07 13:41:49 +09:00
Carsten "Tomcat" Book
ba03e3c181 Backed out 2 changesets (bug 1016555, bug 1189427) for making Android 4.3 API11+ debug X3 perma fail in test_ev_certs.js 
Backed out changeset ebd4e3880403 (bug 1189427)
Backed out changeset 331e489c7534 (bug 1016555)
 2015-08-06 11:51:27 +02:00
Cykesiopka
d93ee984a0 Bug 1124649 - Part 1 - Add specific error messages for various types of STS and PKP header failures. r=keeler,hurley 
--HG--
extra : rebase_source : 8210ed5f89cec8c42d5a78b9101f1c54d91e04c6
 2015-08-05 07:51:00 +02:00
David Keeler
ae2c1351bc bug 1189427 - convert test_ocsp_fetch_method.js to generate certificates at build time r=mgoodwin 2015-07-30 10:20:52 -07:00
Birunthan Mohanathas
7315345693 Bug 1191100 - Remove XPIDL signature comments in .cpp files. r=ehsan 
Comment-only so DONTBUILD.
 2015-08-04 16:17:36 -07:00
Kai Engert
80c4460491 Bug 1190794, Update to NSS 3.19.3 to pick up ca-certificates v 2.5, landing NSS_3_19_3_RC0, r=kwilson 2015-08-04 22:37:05 +02:00
David Keeler
59ef11f506 bug 1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js r=mcmanus 
--HG--
rename : security/manager/ssl/tests/unit/test_client_cert/cert_dialog.js => netwerk/test/unit/client_cert_chooser.js
rename : security/manager/ssl/tests/unit/test_client_cert/cert_dialog.manifest => netwerk/test/unit/client_cert_chooser.manifest
extra : amend_source : 249efd8e1bc537cf14b3199865df18b8aba62d10
 2015-07-29 14:27:54 -07:00
Carsten "Tomcat" Book
49d83b3b7d Merge mozilla-central to mozilla-inbound 2015-08-03 15:45:57 +02:00
Carsten "Tomcat" Book
6b441cd90a merge mozilla-inbound to mozilla-central a=merge 2015-08-03 13:56:39 +02:00
Makoto Kato
50e851b877 Bug 830801 - Part 2. Remove NOMINMAX define from moz.build. r=mshal 2015-08-03 10:07:09 +09:00
ffxbld
abb4d538ee No bug, Automated HPKP preload list update from host bld-linux64-spot-317 - a=hpkp-update 2015-08-01 03:34:19 -07:00
ffxbld
ae7af3ea3c No bug, Automated HSTS preload list update from host bld-linux64-spot-317 - a=hsts-update 2015-08-01 03:34:17 -07:00
ffxbld
b44231402a No bug, Automated HPKP preload list update from host bld-linux64-spot-010 - a=hpkp-update 2015-07-30 13:51:28 -07:00
ffxbld
eb03434709 No bug, Automated HSTS preload list update from host bld-linux64-spot-010 - a=hsts-update 2015-07-30 13:51:26 -07:00
Cykesiopka
8a9392bf5e Bug 1189166 - Cleanup some PSM test generation files post Bug 1181823. r=dkeeler 
--HG--
extra : rebase_source : 4f0310323c3e7ac7e9e8c453d41aa0ef9cbd910a
 2015-07-29 23:56:33 -07:00
Bob Owen
77826e3c4a Bug 1171796: Add sandbox rule for child process NSPR log file on Windows. r=bbondy 
This also moves the initialization of the sandbox TargetServices to earlier in
plugin-container.cpp content_process_main, because it needs to happen before
xul.dll loads.
 2015-07-30 10:04:42 +01:00
David Keeler
b49becac5d bug 1181823 - convert test_ev_certs.js, test_keysize_ev.js, and test_validity.js to generate certificates at build time r=Cykesiopka r=mgoodwin 2015-06-17 16:02:08 -07:00
Bobby Holley
97b9240b34 Bug 1188696 - Hoist nsRefPtr.h into MFBT. r=froydnj 2015-07-29 10:44:59 -07:00
Douglas Bagnall
5cea0a9df6 Bug 1046421 - Do not disclose the system hostname via NTLM handler. r=honzab 
The hostname here is matched on the AD DC to the userWorkstations
attribute, however this is on a total trust basis in terms of what the
client specifies here.

The impact of this patch is that a user who is restricted by this
attribute to log on to only certain (Windows, in reality)
workstations, may not be able to perform a manual NTLM logon to an
intranet site, unless they set network.generic-ntlm-auth.workstation
to the name of their workstation (actually, any host in that list).

The default value is set to WORKSTATION.

This patch was originally written by Andrew Bartlett, and modified by
Douglas Bagnall following review feedback from Honza Bambas and Tim
Brown.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2015-07-24 13:36:11 +12:00
David Keeler
1b1d908d0f bug 1187029 - convert test_bug480509.html to an xpcshell test r=jcj 2015-07-23 13:31:45 -07:00
Steven Michaud
265ad075b1 Bug 1175881 - about:sync-log can't read files on OS X with e10s on and content process sandbox enabled. r=areinald 2015-07-28 12:09:34 -05:00
David Keeler
3a4c2d822a bug 1179660 - define 'now' as the first second of the current year for pycert r=Cykesiopka 
This is to avoid a dependency on the buildid so we don't have to
regenerate all of the test certificate with every ./mach build.
This can cause problems very near midnight on New Year's Eve.
If this happens, kick off a new build and get back to the party.
 2015-07-15 16:20:54 -07:00
Xidorn Quan
cec576a922 Bug 1187173 - Disable warning C4623 on security/certverifier. r=briansmith 
--HG--
extra : source : 9f3acfedff8cf4a26266bb578dc69727e799c0cf
extra : amend_source : cb1d0a6e8c6d9199429159cb9a20484f5aa95b8d
 2015-07-24 13:38:12 +10:00
Jed Davis
315c4ad9c2 Bug 1186709 - Remove MOZ_IMPLICIT from security/sandbox/chromium. r=bobowen 2015-07-23 08:28:00 -04:00
Jed Davis
39f6ab2a28 Bug 1157864 - Record chromium patch applied in previous commit. r=me 2015-07-22 15:48:49 -07:00
Felix Janda
acfe5cf4cf Bug 1157864 - chromium sandbox: Fix compilation for systems without <sys/cdefs.h>. r=jld 2015-02-05 22:41:38 +01:00
Masatoshi Kimura
0e28f550d3 Bug 1181562 - Update fallback whitelist. r=keeler 2015-07-22 20:35:26 +09:00
Nicholas Nethercote
1ac7d5d5b1 Bug 1182959 (part 5) - Use nsTHashtable::Iterator in nsCertOverrideService. r=honzab. 
--HG--
extra : rebase_source : c36d0f9e4a2242a934e2848b6f977f33d6ac76cc
 2015-07-20 17:12:03 -07:00
Nicholas Nethercote
746d9d6e0a Bug 1182959 (part 4) - Remove BlocklistSaveInfo. r=honzab. 
--HG--
extra : rebase_source : c46e23885d97ef05504db32e0fd8cae05b55232a
 2015-07-20 17:12:03 -07:00
Nicholas Nethercote
6ceff73a0f Bug 1182959 (part 3) - Use nsTHashtable::Iterator in CertBlockList. r=honzab. 
--HG--
extra : rebase_source : 4df2d9845e7a04c11bc6076ea7844fba7b5ca3a9
 2015-07-20 17:12:03 -07:00
Nicholas Nethercote
e0bd2455c1 Bug 1182959 (part 2) - Use nsTHashtable::Iterator in CertBlockList. r=honzab. 
--HG--
extra : rebase_source : f2b69832a8f789919db84706591e96bcf4bd0a1d
 2015-07-20 17:12:03 -07:00
Nicholas Nethercote
489123be0f Bug 1182959 (part 1) - Use nsTHashtable::Iterator in CertBlockList. r=honzab. 
--HG--
extra : rebase_source : cdef0d25cd3dcc63313ab391c0c7fe37d048eb1a
 2015-07-20 17:12:03 -07:00
Jed Davis
fc9b22c883 Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium 
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).

This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
 2015-07-09 12:09:00 +02:00
Jed Davis
06bdcaaa33 Bug 1181704 - Import chromium SafeSPrintf. r=bobowen 
This also imports the unit tests but doesn't arrange to run them.
Including the tests in our xul-gtest is possible but not trivial: there
are logging dependencies, and they use a different #include path for
gtest.h (which we'd need to patch).

Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
 2015-07-09 12:04:00 +02:00
David Keeler
b0d4abd2b1 bug 1178988 - GenerateOCSPResponse: load certs/keys in two phases r=Cykesiopka 
This was initially done to work around a readdir-related bug in the B2G ICS
emulator, but then it turned out that test_ocsp_url.js still fails in ways that
are unreproducible outside of mozilla-inbound on that platform, so it was
disabled (r=sworkman). It's still a good idea, though, to avoid any potential
future issues with readdir not being reentrant.
 2015-07-15 14:12:02 -07:00
David Keeler
fd5e8893a4 bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka 
Also enable loading of certificates and private keys into GenerateOCSPResponse
 2015-06-04 17:03:48 -07:00
David Keeler
3999edd791 bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Ryan VanderMeulen
1c6931cc67 Merge m-c to inbound. a=merge 2015-07-19 22:38:28 -04:00
Benjamin Peterson
2751f97bb3 no bug - fix typo and grammar in comment r=me DONTBUILD 2015-07-19 18:07:43 -07:00
ffxbld
3267aeb6a8 No bug, Automated HPKP preload list update from host bld-linux64-spot-135 - a=hpkp-update 2015-07-18 03:35:51 -07:00
ffxbld
f12b366895 No bug, Automated HSTS preload list update from host bld-linux64-spot-135 - a=hsts-update 2015-07-18 03:35:49 -07:00
Mark Goodwin
4ba2d72200 Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler) 2015-07-17 17:07:50 +01:00
Mark Goodwin
fce204e0e0 Bug 1183822 - fix OCSP verification failures (r=keeler) 
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
 2015-07-17 17:07:48 +01:00
Mark Goodwin
30d8779d49 Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka) 2015-07-17 17:07:47 +01:00
Wes Kocher
b9baa34b08 Backed out 3 changesets (bug 1178988) for ocsp orange CLOSED TREE 
Backed out changeset 7fb6a9114916 (bug 1178988)
Backed out changeset 2700ec4adc3e (bug 1178988)
Backed out changeset 07b9c2331ac1 (bug 1178988)
 2015-07-17 17:49:46 -07:00
Mark Goodwin
806731fbb7 Backed out changeset ec1b5a7d05e9 (bug 1183065) 2015-07-17 10:37:00 +01:00
Mark Goodwin
c7285efe5a Backed out changeset fb6cbb4ada54 (bug 1183822) 2015-07-17 10:36:58 +01:00
Mark Goodwin
e2ee16093c Backed out changeset f324dcfaab40 (bug 1183822) 2015-07-17 10:36:56 +01:00
Mark Goodwin
e57ac71ec4 Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler) 2015-07-17 10:04:17 +01:00
Mark Goodwin
0bfd3046ed Bug 1183822 - fix OCSP verification failures (r=keeler) 
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
 2015-07-17 10:03:56 +01:00
Mark Goodwin
810c972b95 Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka) 2015-07-17 10:03:21 +01:00
David Keeler
da7508611c bug 1178988 - work around PR_ReadDir bug on B2G ICS emulator by loading certs/keys in two phases r=Cykesiopka 2015-07-15 14:12:02 -07:00
David Keeler
9e28b0964f bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka 
Also enable loading of certificates and private keys into GenerateOCSPResponse
 2015-06-04 17:03:48 -07:00
David Keeler
9b96df5045 bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Cykesiopka
7bb4919849 Bug 1179678 - Add result strings to misc PSM xpcshell tests. r=keeler 2015-07-14 23:19:00 +02:00
Wes Kocher
c00da5ced5 Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE 
Backed out changeset fbf7aca43c3a (bug 1181704)
Backed out changeset 8864c0587ced (bug 1181704)
 2015-07-13 16:51:17 -07:00
Jed Davis
60984b0ab1 Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium 
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).

This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
 2015-07-13 16:17:58 -07:00
Jed Davis
c5ffe92d42 Bug 1181704 - Import chromium SafeSPrintf. r=bobowen 
This does not include the upstream unit tests.  Including the tests
in our xul-gtest is possible but not trivial: there are logging
dependencies, and they use a different #include path for gtest.h (which
we'd need to patch).

Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
 2015-07-13 16:17:58 -07:00
Birunthan Mohanathas
a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan 
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
 2015-07-13 08:25:42 -07:00
Carsten "Tomcat" Book
4a67c881e4 merge mozilla-inbound to mozilla-central a=merge 2015-07-13 11:51:14 +02:00
ffxbld
e2ec40e62a No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update 2015-07-11 03:33:38 -07:00
ffxbld
f596fa8330 No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update 2015-07-11 03:33:36 -07:00
David Keeler
72c6934fcc bug 1181376 - convert test_bug480619.html to an xpcshell test r=mgoodwin 
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug480619.html => security/manager/ssl/tests/unit/test_logoutAndTeardown.js
 2015-07-07 16:09:56 -07:00
Geoff Brown
52d4e225a0 Bug 1026290 - Update mochitest-chrome manifests for android; r=jgriffin 2015-07-10 14:41:59 -06:00
Mark Goodwin
98a776cea1 Bug 1159155 - Add telemetry probe for SHA-1 usage - some tests (r=keeler) 2015-07-09 07:22:32 +01:00
Mark Goodwin
91782dab68 Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler) 2015-07-09 07:22:29 +01:00
Phil Ringnalda
6565c918a7 Back out 2 changesets (bug 1178988) for b2g emulator opt xpcshell failure in test_ocsp_url.js 
CLOSED TREE

Backed out changeset 2c5d5eb434b9 (bug 1178988)
Backed out changeset 936d991c4cbc (bug 1178988)
 2015-07-08 22:49:12 -07:00
David Keeler
0d33e93440 bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka 
Also enable loading of certificates and private keys into GenerateOCSPResponse
 2015-06-04 17:03:48 -07:00
David Keeler
c4edcb819d bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Carsten "Tomcat" Book
da83a15284 Merge mozilla-central to fx-team 2015-07-08 12:04:53 +02:00
Steven Englehardt
73079800c9 Bug 1153010 - Disambiguate error messages for mixed content and weak/broken cipher. r=keeler,tanvi,dolske 2015-07-08 09:04:11 +02:00
Nicholas Nethercote
f976bf5495 Bug 1179071 - Merge RemovingIterator into Iterator. r=froydnj. 
The original motivation for the Iterator/RemovingIterator split was that
PLDHashTable Checker class would treat them differently. But that didn't end up
happening (see bug 1131308). So this patch merges them. This is a small code
size win now but it will become bigger when I add iterators to nsTHashTable and
nsBaseHashtable.

The only complication is that PLDHashTable::Iter() is now non-const, which is
a problem if you use it in a const method. So I added PLDHashTable::ConstIter()
which is used in just two places. It's a bit of a hack -- effectively a
const_cast -- but I don't think it's too bad.
 2015-07-06 22:02:26 -07:00
Dragana Damjanovic
7987d2203e Bug 905127 - Part 2 - remove unnecessary nsNetUtil.h includes r=jduell 2015-07-06 07:55:00 +02:00
Emanuel Hoogeveen
7d1e52f2ff Bug 905127 - Part 1 - Make some functions from nsNetUtil not inline. r=jduell 2015-07-07 04:17:00 +02:00
David Keeler
1743e82980 Backed out changeset 0e38e844e0af (bug 1178988) for breaking windows builds on a CLOSED TREE 
--HG--
extra : amend_source : 0caf2e6472fbc72af4af4c1f7f20ffc83cef3c94
 2015-07-06 16:24:25 -07:00
David Keeler
a6254fbeef Backed out changeset aeae195846c8 (bug 1178988) for breaking windows builds 2015-07-06 16:22:48 -07:00
David Keeler
30d8da9d4d bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka 
Also enable loading of certificates and private keys into GenerateOCSPResponse
 2015-06-04 17:03:48 -07:00
David Keeler
9c80304730 bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin 2015-06-30 14:35:42 -07:00
Phil Ringnalda
2af297c249 Merge m-i to m-c, a=merge 2015-07-04 11:07:23 -07:00
ffxbld
0c3c374174 No bug, Automated HPKP preload list update from host bld-linux64-spot-384 - a=hpkp-update 2015-07-04 03:30:40 -07:00
ffxbld
857d30b804 No bug, Automated HSTS preload list update from host bld-linux64-spot-384 - a=hsts-update 2015-07-04 03:30:37 -07:00
Juan Gomez
258ad59e3f Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj 2015-07-03 18:29:00 -07:00
Cykesiopka
c61aa1392c Bug 1174389 - Add result strings to PSM OCSP xpcshell tests. r=keeler 2015-07-02 00:45:00 +02:00
Andrew Bartlett
8cdf1bf8c6 bug 496234 - add test vectors from RFC 1320 for md4 implementation r=mayhemer 2015-06-25 12:10:40 -07:00
David Keeler
8f50e96227 bug 496234 - fix md4 implementation by appending the input length as a 64-bit number r=mayhemer 2015-06-25 12:32:44 -07:00
David Keeler
ef236972ed bug 496234 - use stdint types in md4 implementation r=mayhemer 
Also removes some trailing whitespace.
 2015-06-25 12:00:49 -07:00
Nicholas Nethercote
22291d109e Bug 1175807 - Remove PL_DHashTableEnumerate() uses from nsNSSShutdown. r=honzab. 
The doPK11Logout() change is straightforward.

In contrast, the loop in evaporateAllNSSResources() is *weird*. Nevertheless,
this change preserves its behaviour.

--HG--
extra : rebase_source : 702fdd9fcc03b888eed7eebdd78f4184b28a2886
 2015-06-17 21:09:27 -07:00
Nathan Froyd
974d8120f2 Bug 1161627 - part 2 - machine-convert TemporaryRef<T> to already_AddRefed<T>; r=ehsan 
This conversion was done with the script:

  find . -name '*.cpp' -o -name '*.h' -o -name '*.mm' -o -name '*.idl' | \
    egrep -v 'cairo-win32-refptr.h|RefPtr.h|TestRefPtr.cpp' | \
    xargs sed -i -e 's/mozilla::TemporaryRef</already_AddRefed</g' \
                 -e 's/TemporaryRef</already_AddRefed</g'

Manual fixups were performed in the following instances:

- We handled mfbt/RefPtr.h manually so as to not convert TemporaryRef itself
  into already_AddRefed.

- The following files had explicit Move() calls added to make up for the lack
  of a copy constructor on already_AddRefed:

  dom/base/ImageEncoder.cpp
  dom/media/MediaTaskQueue.{h,cpp}
  dom/media/webaudio/PannerNode.cpp

- A redundant overload for MediaTaskQueue::Dispatch was deleted.

- A few manual fixups were required in mfbt/tests/TestRefPtr.cpp.

- Comments, using declarations, and forward declarations relating to
  TemporaryRef in dom/canvas/ and gfx/layers/ were changed to refer to
  already_AddRefed.
 2015-06-17 10:00:52 -04:00
Cykesiopka
777fd8a866 Bug 1145679 - Part 2 - Tests. r=keeler 
--HG--
extra : rebase_source : ffbe58b27f8f7890b9d398127ab80f562d2dc8b0
 2015-06-29 22:19:00 +02:00
Cykesiopka
0a9aea4ab2 Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. r=keeler 
--HG--
extra : rebase_source : ec44bb566cce8ab14f740457d6ba1d863b39c256
 2015-06-29 22:19:00 +02:00
David Keeler
e09f6209c4 bug 1174292 - convert test_cert_version.js to generate certificates at build time r=Cykesiopka 
Also remove redundant test-cases.
 2015-06-12 14:56:07 -07:00
Carsten "Tomcat" Book
90ccc67e4e merge mozilla-inbound to mozilla-central a=merge 2015-06-29 14:17:02 +02:00
ffxbld
117313c482 No bug, Automated HPKP preload list update from host bld-linux64-spot-098 - a=hpkp-update 2015-06-27 03:33:49 -07:00
ffxbld
7ee431527f No bug, Automated HSTS preload list update from host bld-linux64-spot-098 - a=hsts-update 2015-06-27 03:33:47 -07:00
Carsten "Tomcat" Book
87e3154dff merge mozilla-inbound to mozilla-central a=merge 2015-06-22 14:03:17 +02:00
Ryan VanderMeulen
2ff7670bf1 Bug 1029775 - Skip test_ocsp_stapling_expired.js on B2G debug for frequent intermittent failures. 
--HG--
extra : rebase_source : 3eb53f648d6663ca0f3f1380eb8a81b66a491d1a
 2015-06-21 21:22:08 -04:00
ffxbld
94d833221d No bug, Automated HPKP preload list update from host bld-linux64-spot-224 - a=hpkp-update 2015-06-20 03:33:00 -07:00
ffxbld
1a89ffacb7 No bug, Automated HSTS preload list update from host bld-linux64-spot-224 - a=hsts-update 2015-06-20 03:32:58 -07:00
Ryan VanderMeulen
42deb0e71d Bug 1176097 - Update NSS to NSS_3_19_2_RTM. 
--HG--
extra : rebase_source : c668a4f77efd06e5914b69d06f5a2eab4233f9f3
 2015-06-19 14:01:18 -04:00
Bob Owen
2e341f2ff1 Bug 1177594: Use a USER_RESTRICTED token level on GMP process when integrity levels are available. r=cpearce 2015-06-26 14:19:12 +01:00
Ryan VanderMeulen
5f5c327690 Backed out changeset 8b4e4083639e (bug 1171931) for B2G debug emulator bustage. 2015-06-25 19:48:42 -04:00
Bob Owen
cc27f74877 Bug 1172388: Use a USER_RESTRICTED access level token on Windows 10. r=cpearce 2015-06-19 23:35:43 +01:00
Jed Davis
1fb9a20a64 Bug 1176085 - Fix second/nanosecond confusion in Linux sandbox start error case. r=kang 
--HG--
extra : amend_source : e546416d9c058305f4cb00d1c015daaec8ab1362
 2015-06-19 14:26:44 -07:00
Juan Gomez
702a59d135 Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj 
--HG--
extra : rebase_source : 2ecbe6c1dd8a7ad8dc529b53349ad431cf1116c9
 2015-06-24 14:11:00 -04:00
Benoit Girard
8d6a67f6d3 Bug 1172216 - Move nsStackwalk to mozglue. r=glandium 
--HG--
rename : xpcom/base/nsStackWalk.cpp => mozglue/misc/StackWalk.cpp
rename : xpcom/base/nsStackWalk.h => mozglue/misc/StackWalk.h
extra : commitid : EMbWGfjKvdq
extra : rebase_source : b7308eb569cc1a019d3b7a92aaff0de7a49b5682
 2015-06-10 16:32:45 -04:00
Bob Owen
bef4807107 Bug 1165895: Add NPAPI sandbox rule for the crash server pipe and x64 Temp dir write access. r=bbondy 2015-06-18 12:01:38 +01:00
Masatoshi Kimura
e287cf641e Bug 1165549 - Update fallback whitelist. r=keeler 2015-06-17 20:52:33 +09:00
David Keeler
fdaeee62c1 bug 1173565 - convert test_pinning_dynamic.js to generate certificates at build time r=Cykesiopka 
Also fixes up references to test_pinning_dynamic certificates in test_pinning_header_parsing.js
 2015-06-09 10:35:47 -07:00
Cykesiopka
cfd306a839 Bug 1171820 - Convert test_bug483440.html mochitest to an xpcshell test. r=keeler 
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug483440.html => security/manager/ssl/tests/unit/test_certviewer_invalid_oids.js
rename : build/pgo/certs/bug483440-attack2b.ca => security/manager/ssl/tests/unit/test_certviewer_invalid_oids/bug483440-attack2b.pem
rename : build/pgo/certs/bug483440-attack7.ca => security/manager/ssl/tests/unit/test_certviewer_invalid_oids/bug483440-attack7.pem
rename : build/pgo/certs/bug483440-pk10oflo.ca => security/manager/ssl/tests/unit/test_certviewer_invalid_oids/bug483440-pk10oflo.pem
 2015-06-13 00:51:00 +02:00
Birunthan Mohanathas
0544e6bf2c Bug 1164714 - Move netwerk/test/TestSTSParser.cpp into security/manager/ssl/tests/. r=keeler 
--HG--
rename : netwerk/test/TestSTSParser.cpp => security/manager/ssl/tests/compiled/TestSTSParser.cpp
 2015-06-14 21:37:12 -07:00
David Keeler
fe26522550 bug 1172615 - check for and return early in the case of authentication bypass in AuthCertificateHook r=mcmanus 
--HG--
extra : amend_source : 305df6e1ea028333d3077653f3e3fc098f40dd3f
 2015-06-08 13:18:23 -07:00
Jed Davis
8ac1db457e Bug 1168555 - Work around Nuwa not always being single-threaded when a normal content process is. r=kang 2015-06-10 13:38:00 -04:00
Kai Engert
4de03b092c Bug 1174102 - Update to NSS 3.19.2, landing NSS_3_19_2_BETA1, r=nss-confcall 2015-06-12 11:10:17 +02:00
Cykesiopka
c7d8bf951d Bug 1171819 - Convert test_cert_eku-*.js to generate certificates at build time. r=keeler 
--HG--
extra : rebase_source : a683669da992833336c6aa03961b143d428ee0b7
 2015-06-10 22:50:00 +02:00
Mike Perry
1c707fb2d0 Bug 629558 - Pref to make Intermediate Cert Store memory-only. r=keeler 
--HG--
extra : rebase_source : 2678d1f74624fe1aa7db44053647a39fb8c8f8dc
 2015-06-10 14:14:00 +02:00
Atul Kumar
246d750391 Bug 1136301 - Null check for mCert->slot added in destructorSafeDestroyNSSReference & MarkForPermDeletion. Formatting update in MarkForPermDeletion. r=keeler 2015-06-10 09:46:16 -07:00
David Keeler
d67edd7f93 bug 1170303 - treat malformed name information in certificates as a domain name mismatch r=Cykesiopka 2015-06-01 13:55:23 -07:00
David Keeler
9091a35bfb bug 1171557 - make test_cert_trust.js certs a bit more realistic r=mgoodwin 
According to the Baseline Requirements, root certificates MUST NOT
have the extendedKeyUsage extension. The extension is optional for
intermediates and required for end-entity certificates. This change
modifies the test certificates so they're more in line with the BRs.
 2015-06-03 15:37:38 -07:00
David Keeler
c3704cadb3 bug 1171557 - convert test_cert_trust.js to generate certificates at build time r=mgoodwin 2015-06-03 15:12:00 -07:00
Eric Rahm
6ac04795af Bug 1145893 - Shutdown nsNSSComponent background threads during xpcom-shutdown. r=keeler, a=me 2015-03-23 10:58:25 -07:00
Richard Barnes
8a4bc22436 Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler 2015-05-28 13:29:13 -07:00
Ryan VanderMeulen
56574135d1 Backed out changeset fda85020d842 (bug 1010068) for Android test_cert_overrides.js failures. 
CLOSED TREE
 2015-06-08 11:37:33 -04:00
Richard Barnes
3824033dee Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler 2015-05-28 13:29:13 -07:00
Carsten "Tomcat" Book
ac2974150a merge mozilla-inbound to mozilla-central a=merge 2015-06-08 11:55:30 +02:00
ffxbld
9df7fce9a4 No bug, Automated HPKP preload list update from host bld-linux64-spot-1061 - a=hpkp-update 2015-06-06 03:26:59 -07:00
ffxbld
671e873521 No bug, Automated HSTS preload list update from host bld-linux64-spot-1061 - a=hsts-update 2015-06-06 03:26:57 -07:00
Jed Davis
9db695d73b Bug 1055310 - Step 3: Move syscall interceptions into SandboxFilter.cpp. r=kang 
We can now keep the part of the policy implemented by upcalls to
userspace in the same place as the part of the policy that's handled
entirely in the kernel.  This will become more useful in the future
(e.g., bug 930258).
 2015-06-05 15:17:40 -07:00
Jed Davis
5e4e0f9184 Bug 1055310 - Step 2: Move SIGSYS handling to Chromium TrapRegistry. r=kang 
This is more complicated than I'd like it to be, because we don't have
a good way to combine a specific trap function's knowledge that we want
to get a crash dump with the SIGSYS handler's copy of the unprocessed
signal info (which breakpad wants).  The bpf_dsl interface requires a
specific trap function type (via the TrapRegistry superclass), so even
if we implement our own registry we can't change what's passed to it.
Normally we could use thread-local storage to get around that, but it's
not async signal safe.

As a result there is an imperfect compromise: the trap function returns
a failure with ENOSYS, Chromium's SIGSYS handler writes it into the
context, our SIGSYS handler reads it back out and uses a copy of
the original signal context for the crash dump.  Other error codes
(and returning ENOSYS via the seccomp-bpf policy itself) are handled
normally.
 2015-06-05 15:17:35 -07:00
Jed Davis
3bd337c32c Bug 1055310 - Step 1: Convert seccomp-bpf policies to Chromium PolicyCompiler. r=kang 
This completely rewrites SandboxFilter.cpp and removes SandboxAssembler.
System calls are now loosely grouped by what they do, now that order
doesn't matter, and most of the intersection the content and media
plugin whitelists is moved into a common superclass.  Hopefully this
improves the readability and comprehensibility of the syscall policies.

Also, the macros that take the syscall name are gone, because a plain
case label usually suffices now (the CASES_FOR_thing macros are a little
unsightly, but they're relatively simple), and at one point we saw
strange macro expansion issues with system header files that #define'd
some syscall names.

The signal handling is not migrated yet, so Trap() actions can't be used
yet; the next patch will take care of that, and to keep the intermediate
state working there's a minimal shim.

Bonus fix: non-const global variables use the "g" prefix; "s" is for
static class members and static variables in a function (where the
default is to allocate a separate copy per instance/activation).
 2015-06-05 15:17:32 -07:00
David Keeler
1658fa2a61 bug 969985 - cleanup of test_certificate_usages.js - see the rest of this commit message r=mgoodwin 
Converts test_certificate_usages.js to generate certificates at build time.
Also does miscellaneous cleanup to use modern JS practices.
Since the test_cert_eku-* suite of tests covers the extended key usage extension,
removes superfluous testcases involving EKU.
Finally, renames test_certificate_usages.js to test_cert_keyUsage.js for a more
consistent naming scheme.

--HG--
rename : security/manager/ssl/tests/unit/test_certificate_usages.js => security/manager/ssl/tests/unit/test_cert_keyUsage.js
 2015-06-02 10:58:59 -07:00
Eric Rahm
75c4bebb79 Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-03 15:25:57 -07:00
Eric Rahm
67f6de2a30 Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-03 15:22:35 -07:00
Eric Rahm
cc58068318 Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-03 15:22:30 -07:00
Eric Rahm
f50b813989 Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-03 15:22:28 -07:00
Cykesiopka
0d334e23eb Bug 1169195 - Convert test_bug644006.html mochitest to an xpcshell test. r=keeler 
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug644006.html => security/manager/ssl/tests/unit/test_constructX509FromBase64.js
 2015-06-02 22:49:00 -04:00
Bob Owen
07490a1951 Bug 1166669: Enable process-level mitigations for the Windows content process sandbox. r=tabraldes 2015-06-03 09:13:00 +01:00
Nicholas Nethercote
e849e6588b Bug 1170416 (part 3) - Remove the PLDHashTable2 typedef. r=froydnj. 
--HG--
extra : rebase_source : 9510ea47204fffa163cac43aeaaac6ae1ad80419
 2015-05-19 16:46:17 -07:00
Mike Hommey
d060bd3d86 Bug 1170431 - Pass buildid as input to pycert.py. r=gps 2015-06-03 07:10:25 +09:00
Mike Hommey
79ea9f2368 Bug 1170431 part 0 - Use the *Path classes for GENERATED_FILES scripts and inputs. r=gps 2015-06-03 07:10:12 +09:00
Carsten "Tomcat" Book
5471309381 Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures 
Backed out changeset d68dcf2ef372 (bug 1165515)
Backed out changeset 7c3b45a47811 (bug 1165515)
Backed out changeset b668b617bef2 (bug 1165515)
Backed out changeset d0916e1283a2 (bug 1165515)
Backed out changeset ac4dc7489942 (bug 1165515)
Backed out changeset e9632ce8bc65 (bug 1165515)
Backed out changeset c16d215cc7e4 (bug 1165515)
Backed out changeset e4d474f3c51a (bug 1165515)
Backed out changeset d87680bf9f7c (bug 1165515)
Backed out changeset b3c0a45ba99e (bug 1165515)
Backed out changeset 9370fa197674 (bug 1165515)
Backed out changeset 50970d668ca1 (bug 1165515)
Backed out changeset ffa4eb6d24b9 (bug 1165515)
Backed out changeset 5fcf1203cc1d (bug 1165515)

--HG--
extra : rebase_source : 6fb850d063cbabe738f97f0380302153e3eae97a
 2015-06-02 13:05:56 +02:00
Eric Rahm
a9afd68cef Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-01 22:17:33 -07:00
Eric Rahm
fb40eb5516 Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-01 22:17:26 -07:00
Eric Rahm
28978ade8c Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-01 22:17:21 -07:00
Eric Rahm
141e0ff4a2 Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-01 22:17:19 -07:00
Wes Kocher
4e9f80ed2e Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE 
Backed out changeset 9b97e2aa2ed9 (bug 1165515)
Backed out changeset 150606c022a2 (bug 1165515)
Backed out changeset 4e875a488349 (bug 1165515)
Backed out changeset 467e7feeb546 (bug 1165515)
Backed out changeset d6b6cc373197 (bug 1165515)
Backed out changeset 0615265b593c (bug 1165515)
Backed out changeset fafd1dce9f08 (bug 1165515)
Backed out changeset d1df869245f9 (bug 1165515)
Backed out changeset 6876a7c63611 (bug 1165515)
Backed out changeset b7841c94a9a3 (bug 1165515)
Backed out changeset e5e3617f7c73 (bug 1165515)
Backed out changeset 39be3db95978 (bug 1165515)
Backed out changeset 0ec74176f8de (bug 1165515)
Backed out changeset 5b928dd10d71 (bug 1165515)
 2015-06-01 17:57:58 -07:00
Eric Rahm
f82c0e7caf Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj 
This is straightforward mapping of PR_LOG levels to their LogLevel
counterparts:
  PR_LOG_ERROR   -> LogLevel::Error
  PR_LOG_WARNING -> LogLevel::Warning
  PR_LOG_WARN    -> LogLevel::Warning
  PR_LOG_INFO    -> LogLevel::Info
  PR_LOG_DEBUG   -> LogLevel::Debug
  PR_LOG_NOTICE  -> LogLevel::Debug
  PR_LOG_VERBOSE -> LogLevel::Verbose

Instances of PRLogModuleLevel were mapped to a fully qualified
mozilla::LogLevel, instances of PR_LOG levels in #defines were mapped to a
fully qualified mozilla::LogLevel::* level, and all other instances were
mapped to us a shorter format of LogLevel::*.

Bustage for usage of the non-fully qualified LogLevel were fixed by adding
|using mozilla::LogLevel;| where appropriate.
 2015-06-01 14:31:01 -07:00
Eric Rahm
4095cdb19f Bug 1165515 - Part 9: Remove instances of using numeric log levels 1-5. rs=froydnj 2015-06-01 14:31:00 -07:00
Eric Rahm
0a502beb23 Bug 1165515 - Part 5: Convert instances of PR_LOG_ALWAYS. r=froydnj 
Most instances were converted to PR_LOG_INFO, some to PR_LOG_DEBUG, and some
to PR_LOG_ERROR.
 2015-06-01 14:31:00 -07:00
Eric Rahm
dc090e3fe5 Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj 2015-06-01 14:31:00 -07:00
Carsten "Tomcat" Book
7531d9be17 Merge mozilla-central to mozilla-inbound 2015-06-01 15:19:42 +02:00
Carsten "Tomcat" Book
cfa2965ba6 merge mozilla-inbound to mozilla-central a=merge 2015-06-01 15:00:24 +02:00
ffxbld
b6ea902b96 No bug, Automated HPKP preload list update from host bld-linux64-spot-534 - a=hpkp-update 2015-05-30 03:26:59 -07:00
ffxbld
e6879816ca No bug, Automated HSTS preload list update from host bld-linux64-spot-534 - a=hsts-update 2015-05-30 03:26:57 -07:00
Cykesiopka
71fd1e3612 Bug 1169530 - Add l10n string for SSL_ERROR_WEAK_SERVER_CERT_KEY. r=dkeeler 
Also removes the strings for the SSL_ERROR_UNUSED_5 and SSL_ERROR_UNUSED_10 errors.

--HG--
extra : rebase_source : 252d8f50085ccc57294a71c31f3b8b37c9cf2a90
 2015-05-28 22:50:00 +02:00
Bob Owen
51a5fe52f3 Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg 2015-05-22 17:05:45 +01:00
David Keeler
a83c753047 bug 1166976 - generate some PSM xpcshell test certificates at build time r=Cykesiopka,mgoodwin,froydnj 2015-05-20 16:35:16 -07:00
Ryan VanderMeulen
5eae5c2c7b Bug 1166031 - Update NSS to NSS_3_19_1_RTM. a=sledru 
--HG--
extra : transplant_source : %A7%DD%B5%C6%8C%1C%C1%C1%8C%CBY%E4%AD%87%0Bt%02%A9%B0%13
 2015-05-28 14:14:52 -04:00
Nicholas Nethercote
df91e412ac Bug 1168007 (part 7) - Use PLDHashTable2 in nsCertTree. r=froydnj. 
It's possible that Clear() will be called on a table that hasn't had anything
inserted in it, but that's ok.

--HG--
extra : rebase_source : 454a79d9ec0fbf8d82706c12535c5862fe687cba
 2015-05-18 21:14:51 -07:00
Nicholas Nethercote
58ee0c69e5 Bug 1168007 (part 6) - Use PLDHashTable2 in nsSecureBrowserUIImpl. r=froydnj. 
--HG--
extra : rebase_source : fe8f14d5caf24931bace563518b7541beb838074
 2015-05-18 21:02:48 -07:00
Cykesiopka
563c609fd0 Bug 1168695 - Add result strings to PSM xpcshell HPKP tests. r=keeler 
--HG--
extra : rebase_source : 75fd17476020a68c60fd5e733c4d7a30fd05b8da
 2015-05-28 02:26:00 +02:00
Cykesiopka
c2bc81fbea Bug 1167254 - Convert test_bug234856.html mochitest to an xpcshell test. r=keeler 
--HG--
extra : rebase_source : c8bad9f0d55aa2a037ae508da988a137c5239006
 2015-05-28 02:22:00 +02:00
Makoto Kato
6ddb65f184 Bug 1166323 - Remove IME sequence number. r=masayuki,nchen 2015-05-28 13:51:40 +09:00