David Keeler
|
a0bbe0c0fb
|
bug 982403 - separate the compilation of certverifier and insanity::pkix r=cviecco r=briansmith
--HG--
rename : security/certverifier/moz.build => security/insanity/moz.build
|
2014-03-12 13:08:18 -07:00 |
|
David Keeler
|
954d7d0bfb
|
Bug 974715 - Create more flexible OCSP response generation code. r=briansmith, r=cviecco
|
2014-03-10 14:04:31 -07:00 |
|
Brian Smith
|
5510ec64f8
|
Bug 947584: Use official IANA names for cipher suites in PSM, r=cviecco
--HG--
extra : rebase_source : fafec912dc96480cb4f00bddec00d40e5e9db088
|
2014-03-09 20:21:12 -07:00 |
|
Luke Wagner
|
9d3664fd61
|
Bug 980180 - remove principals as an argument to compilation, part 2 (r=terrence)
--HG--
extra : rebase_source : 86791b50b4293ba5506f1e0f5c64730338f552e6
|
2014-03-06 16:28:07 -06:00 |
|
Vaibhav Agarwal
|
bb9b55bec2
|
Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher
|
2014-03-06 13:42:47 -05:00 |
|
Ted Mielczarek
|
952bbfe243
|
Bug 977699 - Move the few remaining mochitests to manifests. r=jmaher
|
2014-03-04 15:54:31 -05:00 |
|
David Keeler
|
d451e5831e
|
bug 978797 - stop classifying SEC_ERROR_INADEQUATE_KEY_USAGE as a "bad cert" error r=briansmith
|
2014-03-03 15:39:07 -08:00 |
|
Brian Smith
|
ef27cecd0f
|
Bug 978117: Enable test_signed_apps.js and test_signed_apps-marketplace.js on Android and B2G, r=cviecco
--HG--
extra : rebase_source : acc33b667f19583d94d300d4e4a73cb3e225bbd6
|
2014-03-01 20:55:57 -08:00 |
|
Brian Smith
|
b289d5a44e
|
Bug 978120: Enable more PSM xpcshell tests on Android and B2G, r=keeler
--HG--
extra : rebase_source : 439914322f2b2f2ebd7bf529e3a4a59f36831a7e
|
2014-03-01 19:02:58 -08:00 |
|
Brian Smith
|
a274ebafe7
|
Bug 978120: Make nsIX509Cert.setCerttrust, and nsIX509CertDB.addCert, and nsIX509CertDB2.addCertFromBase64 work on Android and B2G, r=keeler
--HG--
extra : rebase_source : 5582716fe0c650366e3cf5e85a30748a7d22b156
|
2014-03-01 19:01:23 -08:00 |
|
Brian Smith
|
12efad30a2
|
Bug 978111, Bug 978426: Disable test_sts_preloadlist_perwindowpb.js on B2G/ARM, a=bustage
--HG--
extra : rebase_source : 434af7dc53cf57eca1335a6e0ad0a4785c547e72
|
2014-02-28 21:12:07 -08:00 |
|
Brian Smith
|
7f631f3c6e
|
Bug 978185: Improve error codes returned from nsIX509CertDB.addCert and nsIX50CertDB.setCertTrust, r=keeler
--HG--
extra : rebase_source : e32a913f085524d113b17d03917c10ad92c7f6e1
|
2014-02-28 11:19:38 -08:00 |
|
Brian Smith
|
bceb379d88
|
Bug 978111: Enable already-working PSM xpcshell tests on Android and B2G, r=cviecco
--HG--
extra : rebase_source : c14ef67870f2b40a3319e6bc8df0ddfe9dd222e3
|
2014-02-28 11:16:16 -08:00 |
|
Andrew McCreight
|
0353960345
|
Bug 962608 - Make PL_DHashTableInit infallible by default. r=briansmith,bsmedberg,ehsan,froydnj,jduell,jfkthame,roc,smaug
|
2014-02-27 10:04:09 -08:00 |
|
Brian Smith
|
485e9d1aab
|
Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler
--HG--
extra : rebase_source : b1fd1f8eace675484b3c2d568e5e74f767f1d2ad
|
2014-02-23 22:15:53 -08:00 |
|
Brian Smith
|
616dec9611
|
Bug 970810: Expand name constraint tests to test insanity::pkix, r=cviecco
--HG--
extra : rebase_source : b8190690743a12623c7524429215fc7d8a8dea49
extra : histedit_source : fd9877f98303dd237b302e6c606ca11f4c36fd7c
|
2014-02-25 01:15:52 -08:00 |
|
Camilo Viecco
|
35bf5876f6
|
Bug 900727: Add name constraints to psm in xpcshell. r=bsmith
|
2013-12-12 10:28:06 -08:00 |
|
Brian Smith
|
c3a50adf07
|
Bug 975122: Allow cert error overrides when insanity::pkix is used, r?cviecco, r?keeler
--HG--
extra : rebase_source : 47f5e779a16c462e40baa2d9cec2e83946c9076c
|
2014-02-22 19:08:06 -08:00 |
|
Raymond Etornam Agbeame(:retornam)
|
46c4d5f834
|
Bug 970614 - Remove code wrapped in #if 0 ... #endif blocks in PSM. r=keeler
|
2014-02-24 09:41:55 -05:00 |
|
Ehsan Akhgari
|
9a39fcfd00
|
Bug 935778 - Part 0.3: Spray some more MOZ_DECLARE_REFCOUNTED_TYPENAME across the tree
|
2014-02-20 23:07:24 -05:00 |
|
David Keeler
|
bf37f06673
|
bug 969479 - only prevent TLS fallback for STARTTLS r=briansmith
|
2014-02-20 15:14:32 -08:00 |
|
Brian Smith
|
e88542c25c
|
Bug 915931, Part 4: Expand OCSP xpcshell tests to test insanity::pkix, r=keeler
--HG--
extra : rebase_source : e645de251c459d6fa38996bb7bfd35e21eaf3b72
|
2014-02-17 13:19:54 -08:00 |
|
Ms2ger
|
33da18c67e
|
Bug 968856 - Move unconditional LOCAL_INCLUDES into moz.build; r=mshal
|
2014-02-15 21:24:59 +01:00 |
|
Phil Ringnalda
|
b463b1af44
|
Merge m-i to m-c
|
2014-02-15 09:54:57 -08:00 |
|
Vaibhav Agarwal
|
2ae37b022e
|
Bug 970925 - convert testing/mochitest/android.json into skip-if statements in mochitest.ini files; r=jmaher
|
2014-02-15 04:53:02 -05:00 |
|
Brian Smith
|
2f3036a251
|
Bug 896620: Make marketplace certs work on in all products, r=keeler
--HG--
extra : source : 86ec7137a8892f75918c77e605df970f5b96ef62
extra : histedit_source : 33326790804d49e6ec658626116ebf870d94d445
|
2014-02-14 14:37:07 -08:00 |
|
David Keeler
|
844f0490ec
|
bug 967975 - certificate error override telemetry r=briansmith
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/cmd/BadCertServer.cpp
|
2014-02-13 14:53:29 -08:00 |
|
Jeff Walden
|
4e3e68dab2
|
Bug 969165 - Convert Atomic<T> where T != bool but is used as a bool over to Atomic<bool>, now that it's supported, in security/manager/. r=bsmith
--HG--
extra : rebase_source : 3632af6471e41d099a0948542d26a7df527efaad
|
2014-02-06 22:17:07 -08:00 |
|
Brian Smith
|
a729acfc4a
|
Bug 971178, Part 4: Expand test_intermediates_basic_constraints.js test insanity::pkix, r=cviecco
--HG--
extra : rebase_source : b419a3087b3d327c9a48d984551abeac4943be7a
|
2014-02-11 16:24:45 -08:00 |
|
Brian Smith
|
c03179e90d
|
Bug 971178, Part 3: Expand test_certificate_usages.js test insanity::pkix, r=cviecco
--HG--
extra : rebase_source : 3810925d18767d1b04f8a47004a0ab7a631e5b4b
|
2014-02-11 01:42:41 -08:00 |
|
Brian Smith
|
6244fe0622
|
Bug 971178, Part 2: Make test_getchains.js test insanity::pkix, r=cviecco
--HG--
extra : rebase_source : ff9620bad6b20a84cf179af7ffa7a74f6ffd6640
|
2014-02-11 01:42:55 -08:00 |
|
Brian Smith
|
f889071ce9
|
Bug 971178, Part 1: Expand test_cert_signatures.js test insanity::pkix, r=cviecco
--HG--
extra : rebase_source : 90cf68bdb50b8499aeda3e14c476977db9e43c2a
|
2014-02-11 01:42:24 -08:00 |
|
Camilo Viecco
|
48c389203c
|
Bug 877376: Add tests for intermediate CA basic constraints and KU/EKU, r=briansmith
--HG--
extra : rebase_source : b831ab0e459af4ea0f43a1184e32b333f43b2f01
|
2013-05-23 10:15:19 -07:00 |
|
Brian Smith
|
c4a2fff324
|
Bug 878932, Part 2: Make certificate verification implementation prefs dynamic, r=cviecco
--HG--
extra : rebase_source : 4b413cfd8e122ee4e0fea64d624285856e2cb0cb
|
2014-01-20 15:55:12 -08:00 |
|
Brian Smith
|
6195eb652a
|
Bug 878932, Part 1: add insanity::pkix as an option for certificate verification, r=keeler, r=cviecco
--HG--
extra : rebase_source : c1f75dff6ac7f32e082517af701654abebaee250
|
2014-02-10 11:41:12 -08:00 |
|
Brian Smith
|
4da7c9f410
|
Bug 970512: Remove uninteresting cases for certificate usage verification, r=cviecco
--HG--
extra : rebase_source : 6df6dcfb39f8b4e2cd063115470af04675c0f768
extra : source : 56e0904260b417ce181e2a35978f6d77e78ef2c2
|
2013-10-13 23:34:28 -07:00 |
|
Brian Smith
|
4542eaa79b
|
Bug 969938: Stop adding id-KP-OCSPSigning EKU to CA certificates in tests, r=cviecco
--HG--
extra : rebase_source : 9f5e42ea788e63fb93e3a37632be12093096e63d
|
2014-02-08 21:01:39 -08:00 |
|
David Keeler
|
7c08b2051b
|
bug 961528 - holepunch chart.apis.google.com from the HSTS preload list r=briansmith
|
2014-02-11 10:21:57 -08:00 |
|
Jacek Caban
|
32ab578920
|
Bug 969330 - Fix -Werror=int-to-pointer-cast in windows-only code. r=ehsan
|
2014-02-10 12:05:22 +01:00 |
|
Daniel Holbert
|
4da47bf7ce
|
Bug 968363: Mark security/manager/ssl/src/ as FAIL_ON_WARNINGS. r=briansmith
|
2014-02-06 00:12:17 -08:00 |
|
Daniel Holbert
|
7ab0a38843
|
Bug 968348: Remove some set-but-never-read variables, an inline a PR_LOGGING-only variable, to fix build warnings in security/manager/ssl/src/. r=keeler
|
2014-02-06 00:12:16 -08:00 |
|
Daniel Holbert
|
6dabf48731
|
Bug 968323: Declare prlog variables inside #ifdef PR_LOGGING instead of MOZ_LOGGING, in /security, to fix build failures in --disable-logging builds. r=briansmith
|
2014-02-05 22:11:26 -08:00 |
|
Daniel Holbert
|
8d2659e82e
|
Bug 968338 followup: Add missing #include for unused.h. (bustage fix on a CLOSED TREE)
|
2014-02-05 14:14:54 -08:00 |
|
Daniel Holbert
|
fd59ff4d7c
|
Bug 968338: Pass unused-in-some-build-configurations variable 'mFdForLogging' to mozilla::unused, to suppress clang warning in SSLServerCertVerification.cpp. r=bsmith
|
2014-02-05 13:39:27 -08:00 |
|
Daniel Holbert
|
4a8e57ba29
|
(no bug) Fix a few DOS newline characters in SSLServerCertVerification.cpp. (no review, whitespace-only)
|
2014-02-05 13:39:26 -08:00 |
|
David Keeler
|
03aa5bc939
|
bug 860076 - remove SkipOcsp/SkipOcspOff r=briansmith
--HG--
rename : security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js => security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
|
2014-02-04 16:13:47 -08:00 |
|
David Keeler
|
350e6c202b
|
bug 967629 - don't release any nsNSSShutDownObject in any destructorSafeDestroyNSSReference r=cviecco
|
2014-02-04 16:14:51 -08:00 |
|
Monica Chew
|
556cda6200
|
Bug 967298: Make nsIX509CertList instantiable (r=briansmith)
|
2014-02-03 22:25:50 -08:00 |
|
Honza Bambas
|
7888ec7b2d
|
Bug 828183 - disable NTLM generic module, effectively disable arbitrary NTLMv1 in Firefox, r=bsmith
|
2014-02-04 01:52:55 +01:00 |
|
Brian Smith
|
e302a5b3ab
|
Bug 967299: Fix async/sync issue in test_ev_certs.js, r=keeler
--HG--
extra : rebase_source : bb7e0a593205ff95de35cf4eecb65ed9dc91a630
|
2014-02-03 16:05:33 -08:00 |
|
David Keeler
|
5d5e7deea3
|
Bug 964493, Part 2: Test, r=briansmith
--HG--
extra : rebase_source : 4bc219aaece6f16458ce7755acf552bf956e01a0
|
2014-01-31 11:32:48 -08:00 |
|
David Keeler
|
8ab7eb2ff0
|
bug 965379 - refactor getting the profile directory in nsNSSComponent::InitializeNSS r=briansmith
|
2014-02-02 13:00:45 -08:00 |
|
David Keeler
|
773412653b
|
bug 965379 - properly indent nsNSSComponent::InitializeNSS r=briansmith
|
2014-02-02 13:02:27 -08:00 |
|
David Keeler
|
f8ab06d3d2
|
bug 966670 - remove PSMContentDownloader.h r=briansmith
|
2014-02-01 13:42:59 -08:00 |
|
Monica Chew
|
22825ad2de
|
Bug 966557: Add nsIX509CertDB.ConstructX509FromRawDER (r=bsmith)
|
2014-01-31 17:33:28 -08:00 |
|
Wes Kocher
|
234ae028ab
|
Backed out changeset f693f6c91b23 (bug 860076) for browser_-certViewer.js failures on a CLOSED TREE
|
2014-01-30 18:33:31 -08:00 |
|
David Keeler
|
a5df241b98
|
bug 860076 - remove SkipOcsp for being totally bogus r=briansmith
--HG--
rename : security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js => security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
|
2014-01-30 14:55:51 -08:00 |
|
Camilo Viecco
|
7257212a64
|
Bug 962833: ensure-certverify-returns secfailure on MUST_BE_EV and no ev certificate. r=dkeeler
|
2014-01-24 13:57:35 -08:00 |
|
Ehsan Akhgari
|
c13db2bd52
|
Bug 964061 - Part 2: Remove nsIDOMCRMFObject; r=bzbarsky
--HG--
extra : rebase_source : 888e33d68bdcd6e03b56f75036ea00142831961d
|
2014-01-27 08:27:06 -08:00 |
|
Ehsan Akhgari
|
1b7fdc23c8
|
Bug 964061 - Part 1: Convert CRMFObject to WebIDL bindings; r=bzbarsky
--HG--
extra : rebase_source : 39a2b35df50cdd42624fb0e7a14383e8d40cea4b
|
2014-01-27 08:27:04 -08:00 |
|
Brian Smith
|
ccb3f48598
|
Bug 891066, Part 9: Move DisableMD5 to NSSCertDBTrustDomain, r=dkeeler
--HG--
extra : rebase_source : aaf658c12a74fc53f1591333f10d54e78fe1d992
|
2014-01-20 01:30:25 -08:00 |
|
Brian Smith
|
9d23ee7fc7
|
Bug 891066, Part 8: Add stapled OCSP response to CertVerifier, r=cviecco
--HG--
extra : rebase_source : ffe0762228d1217cb51e2f8fad2e0605d7d61344
extra : source : f721d60b6bf74467381590457ce3542f83a2f43a
|
2013-09-27 19:53:36 -07:00 |
|
Brian Smith
|
12a2ffda37
|
Bug 891066, Part 7: Give CertVerifier its own NSPR logging module, r=cviecco
--HG--
extra : rebase_source : a6b38c4026fe70c9789cbe4830df57c943382f5b
extra : source : 591daff856840016c979ed9b4fdbed4ed68f22a6
|
2013-07-10 23:47:09 -07:00 |
|
Brian Smith
|
213974a8d4
|
Bug 891066, Part 6: Move SSL server cert verification logic to security/certverifier, r=cviecco
--HG--
extra : rebase_source : e30b5b46e075c52651bb5320b17660f85a50abbb
extra : source : ef41444d0a7d1f6697c7a4d431fffe8db1724605
|
2013-07-08 16:30:59 -07:00 |
|
Brian Smith
|
4488103b73
|
Bug 891066, Part 5: Switch to security::pkix::ScopedCERTCertList, r=cviecco
--HG--
extra : rebase_source : 59015f864e612f18a2f7bb62092b692ae8d47853
extra : source : 31f68b8a192b45720fe931176cdc0565e8c6fd80
|
2014-01-22 17:13:19 -08:00 |
|
Brian Smith
|
b92b30b8cf
|
Bug 733454: Remove hard-coded blocklisting in PSM for Comodo and DigiNotar, r=cviecco
--HG--
extra : rebase_source : 3a3ab5246bd6e2af4a0952c64181cad6feb5c424
extra : source : 2e540dd35edfa0ef3549ed4dd8f0b15b57cb2806
|
2013-07-01 11:39:16 -07:00 |
|
Brian Smith
|
3091f37853
|
Bug 891066, Part 3: Move more initialization of NSS to security/certverifier, r=keeler
--HG--
extra : rebase_source : 33aad105028f849d0bbe1c37b60eab50f2f22c88
|
2014-01-20 22:10:33 -08:00 |
|
Brian Smith
|
c1583f22ce
|
Bug 891066, part 2: Move CertVerifier to security/certverifier, r=keeler
--HG--
extra : rebase_source : dd59a391825b776b075e855660c2488105e2d741
|
2014-01-26 19:36:28 -08:00 |
|
Brian Smith
|
efdf583668
|
Bug 891066, Part 1: Remove CertVerifier's dependency on nsNSSComponent, r=keeler, r=cviecco
--HG--
extra : rebase_source : 3242f78d6d4d68080997dd56dae1fd0675750d5e
extra : source : 965c9f30e9b87e418bbf6ab43657257e94992223
|
2014-01-19 14:05:40 -08:00 |
|
Brian Smith
|
188876d1dc
|
Bug 961454: Clean up whitespace in key PSM files, r=keeler, r=cviecco
--HG--
extra : rebase_source : 53f14cc6f97814eb9913a1ddad1a19631e2af08a
|
2014-01-21 17:30:44 -08:00 |
|
David Keeler
|
a3dd98815d
|
bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings
|
2014-01-21 16:47:47 -08:00 |
|
Brian Smith
|
18f9a21219
|
Bug 952874: Fix telemetry for RSA/DHE key sizes of 1025-1280 bits and fix misspelling, r=keeler
|
2014-01-18 17:59:24 -08:00 |
|
Brian Smith
|
d1287a15a2
|
Bug 950858: Make cipher suite telemetry code less crash-prone, r=keeler
|
2014-01-18 16:52:16 -08:00 |
|
Wes Kocher
|
44b44b413c
|
Backed out changeset 8526c7a38761 (bug 951354) for CPP unittest bustage
|
2014-01-17 17:50:17 -08:00 |
|
David Keeler
|
88d7f1342f
|
bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings
|
2014-01-17 16:22:51 -08:00 |
|
Raymond Etornam Agbeame(:retornam)
|
5aa30a620f
|
Bug 950169 - remove unused arguments for LogInvalidCertError r=keeler
|
2014-01-17 11:57:57 -08:00 |
|
David Keeler
|
a7bcf97cfc
|
bug 950240 - don't do DV fallback for nsIIdentityInfo.isExtendedValidation r=briansmith
|
2014-01-17 11:04:09 -08:00 |
|
Brian Smith
|
3824df981f
|
Bug 960714: Make NPN and ALPN prefs dynamic, r=keeler, r=mcmanus
--HG--
extra : rebase_source : 42ff8c05b682e755d51ec79e2cb26db7cedd382f
|
2014-01-16 21:38:59 -08:00 |
|
David Keeler
|
2ffb88c0b9
|
bug 960723 - fix failingOCSPResponder in test_ev_certs.js r=briansmith
|
2014-01-16 13:18:38 -08:00 |
|
Patrick McManus
|
ff9c9eca9f
|
Bug 890994: ALPN support for Gecko, r=briansmith
|
2014-01-14 15:34:23 -05:00 |
|
Brian Smith
|
2bf2f0ce5a
|
Bug 923304, Part 2: Adjust EV tests, r=keeler
--HG--
extra : rebase_source : f0cfd0089a99dddd8852e0613bc2a31e5c12b1de
|
2014-01-14 15:22:09 -08:00 |
|
Brian Smith
|
ae750cc925
|
Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith
--HG--
extra : rebase_source : 7cafe0781563382c2221e865201beb023fea3628
|
2014-01-13 02:33:08 -08:00 |
|
David Keeler
|
648d25a19a
|
bug 957368 - standardize and simplify nsNSSShutDownObject implementations r=cviecco r=briansmith
|
2014-01-14 09:28:43 -08:00 |
|
Garrett Robinson
|
eabe1d0a0f
|
Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap
|
2014-01-02 11:14:06 -08:00 |
|
Brian Smith
|
b6cabfc2be
|
Bug 957667: Decouple OCSP stapling pref from the OCSP fetching pref, and couple the OCSP required pref to the OCSP fetching pref, r=keeler
--HG--
extra : rebase_source : 86cb86f76f4def579fcf07e479025852849c34f8
extra : source : 08115711a4e6e77971c9e872fb6c68e88ac9693e
|
2014-01-08 08:51:06 -08:00 |
|
Brian Smith
|
4f7ae6c58b
|
Bug 959026: Add telemetry about cases where we don't do OCSP fetching when we expect to, r=keeler
--HG--
extra : rebase_source : f7e9826569325f497273a92eec5127c414baa8bc
extra : source : bb5bb5a1b571e54695a4c8d5be0cc447f29f0358
|
2014-01-12 19:31:40 -08:00 |
|
Ryan VanderMeulen
|
de8f18e28c
|
Backed out changesets 1b892043a386 and 0e14b3468b94 (bug 923304) and changeset 2e2c276950b9 (bug 950129) for xpcshell failures.
|
2014-01-13 18:00:34 -05:00 |
|
Ryan VanderMeulen
|
e7b8f32115
|
Merge inbound to m-c.
|
2014-01-13 17:44:24 -05:00 |
|
Brian Smith
|
3a3061758d
|
Bug 923304, Part 2: Adjust EV tests, r=keeler
--HG--
extra : source : 97bf218ac3bb44e81074ca95877ca8b6414265b3
|
2013-12-28 11:28:49 -08:00 |
|
Brian Smith
|
effee37c95
|
Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith
--HG--
extra : source : e7afcba6743e40755d28a296b00c395392864657
|
2014-01-13 02:33:08 -08:00 |
|
Patrick McManus
|
0ef97ed6fd
|
bug 951199 - Interface for Socket Level Access to TLS Version Used r=dkeeler r=bsmith
|
2013-10-09 17:21:48 -07:00 |
|
Nemina Amarasinghe
|
76f959e6f5
|
Bug 946075 - Remove extra space from ssl_error_bad_cert_domain error message contains in TransportSecurityInfo.cpp. r=dkeeler
|
2014-01-13 09:28:14 -05:00 |
|
Brian Smith
|
367c980791
|
Bug 957665: Add telemetry to measure how many people have OCSP enabled, r=keeler
--HG--
extra : rebase_source : e6dd0d7d06ce0eb5b2f34a77a851dd7c0655ac3e
|
2014-01-08 08:59:53 -08:00 |
|
David Keeler
|
02ba1423d9
|
bug 950268 - fix leak in nsCertTree::GetDispInfoAtIndex r=cviecco
|
2014-01-09 10:02:08 -08:00 |
|
Brian Smith
|
7a3a090854
|
Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler
|
2014-01-06 14:45:35 -08:00 |
|
Brian Smith
|
e78c9d7289
|
Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler
|
2014-01-06 14:41:04 -08:00 |
|
Wes Kocher
|
13a42d347d
|
Backed out changeset 75e5396d0847 (bug 933109) for xpcshell bustage
|
2014-01-06 17:50:53 -08:00 |
|
Wes Kocher
|
20073cae22
|
Backed out changeset b8f1b1cfc9e2 (bug 952876)
|
2014-01-06 17:50:23 -08:00 |
|
Brian Smith
|
86906b978c
|
Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler
--HG--
extra : rebase_source : d83e4b3681b36616441e6fd412969998a19eae4c
extra : amend_source : 475bff5dd333fb54729fdace0f295c6e026c5a18
|
2014-01-06 14:45:35 -08:00 |
|
Brian Smith
|
ded0276b7d
|
Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler
--HG--
extra : rebase_source : 4e73c5812e75adf053f2158a88a6a8e58307c9d7
|
2014-01-06 14:41:04 -08:00 |
|
David Keeler
|
2082ba1a5d
|
bug 951354 - nsNSSCertificateDB: call shutdown(calledFromObject) in destructor r=cviecco a=abillings
|
2013-12-19 11:45:50 -08:00 |
|
Ehsan Akhgari
|
1b83407ce9
|
Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc
This patch was automatically generated by the following script:
#!/bin/bash
# Command to convert PRUnichar to char16_t
function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
! -wholename "*security/nss*" \
! -wholename "*modules/libmar*" \
! -wholename "*/.hg*" \
! -wholename "obj-ff-dbg*" \
! -name prtypes.h \
! -name Char16.h \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.c" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert PRUnichar char16_t
|
2014-01-04 10:02:17 -05:00 |
|
David Keeler
|
b4908bf345
|
bug 887321 - initial OCSP stapling telemetry r=briansmith
|
2013-12-16 09:32:16 -08:00 |
|
Trevor Saunders
|
d43c55ca0e
|
bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj
|
2013-12-12 20:50:01 -05:00 |
|
Raymond Etornam Agbeame
|
263d3452ce
|
Bug 945857: Remove the security.fresh_revocation_info.require preference, r=briansmith
|
2013-12-16 00:09:21 -08:00 |
|
Camilo Viecco
|
b76fac8502
|
Bug 938046 - Part 4. Tests for consistency of getchain and getissuer. r=dkeeler
|
2013-11-21 13:50:51 -08:00 |
|
Camilo Viecco
|
c653f8bfb9
|
Bug 938046 - Part 3. Iterate only through valid users on getchain r=dkeeler
|
2013-12-11 13:04:07 -08:00 |
|
Camilo Viecco
|
e37fbe8375
|
Bug 938046 - Part 2. Get issuer uses getchain to comput issuer. r=dkeeler
|
2013-11-21 13:50:49 -08:00 |
|
Camilo Viecco
|
d93962c4a5
|
Bug 938046 - Part 1. Iterate through variable not over const. r=dkeeler
|
2013-11-21 13:45:20 -08:00 |
|
Cykesiopka
|
0d841afed1
|
Bug 539710 - Use char16_t ',' instead of NS_LITERAL_STRING in nsNSSCertificate.cpp. r=dkeeler
|
2013-12-10 10:36:31 -05:00 |
|
Camilo Viecco
|
92f4ee9e45
|
Bug 936808 - Serialize calls to PK11 routines in SSLServerCertVerification. r=briansmith
|
2013-12-09 09:12:47 -08:00 |
|
Birunthan Mohanathas
|
3440613a39
|
Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
|
2013-12-08 21:52:54 -05:00 |
|
Brian Smith
|
25cf163695
|
Bug 942152, r=dkeeler, r=honzab
--HG--
extra : rebase_source : 7f0bab4efa26e9c185b29fdb14d846035147fd2f
|
2013-12-05 20:33:49 -08:00 |
|
Camilo Viecco
|
e0f5696cba
|
Bug 945349 - CertVerifier should check early for bad usages. r=briansmith
|
2013-12-06 13:42:44 -08:00 |
|
Raymond Etornam Agbeame
|
676b9a2b0e
|
Bug 945855: Remove the security.first_network_revocation_method pref, r=briansmith
--HG--
extra : rebase_source : e416ba1e78f95234d403c078ad81b5fddcce947a
extra : amend_source : 7adbe291df748b5a6d1f1122573e862bdc5f5f11
|
2013-12-06 00:55:17 -08:00 |
|
Cykesiopka
|
229baa51e6
|
Bug 945851: Remove pref for showing dialog box when NSS initialization fails, r=briansmith
--HG--
extra : rebase_source : 1142d1775b8846e8bd46109affc62df262e598d4
|
2013-12-06 00:12:08 -08:00 |
|
Chris Peterson
|
6f76ca5751
|
Bug 946116 - Remove unused isResumedSession variable from nsNSSCallbacks.cpp. r=bsmith
|
2013-12-03 21:07:29 -08:00 |
|
Camilo Viecco
|
7223d195ae
|
Bug 585122 - In PSM provide EV only with OCSP revocation (Part 2: tests). r=briansmith.
|
2013-12-02 11:12:21 -08:00 |
|
Camilo Viecco
|
d5220b22a6
|
Bug 585122 - Part 1. EV do not request CRL. r=briansmith.
|
2013-12-02 11:08:06 -08:00 |
|
Steffen Wilberg
|
f62f500883
|
Bug 945871: Remove the security.ssl3.ecdh_* preferences, r=briansmith
--HG--
extra : rebase_source : 39f680c48ae198263af61b8c2cc07bdb7dc829a7
|
2013-12-03 18:56:33 -08:00 |
|
Cykesiopka
|
4dbc25f974
|
Bug 915937 - Cleanup #defines in nsNSSComponent.cpp and change them to static consts. r=bsmith
|
2013-12-03 15:23:27 -05:00 |
|
Nathan Froyd
|
30fe6804b0
|
Bug 942109 - constify PLDHashTableOps in security/manager/; r=briansmith
|
2013-11-20 13:42:08 -05:00 |
|
Camilo Viecco
|
2897aff2ae
|
Bug 942918 - remove ev tests that use crl for revocation check. r=dkeeler
|
2013-12-02 15:20:24 -08:00 |
|
Brian Smith
|
ff37bcb472
|
Bug 945195: Do insecure fallback from TLS 1.0 to SSL 3.0 when we receive a FIN during the initial handshake, r=honzab
--HG--
extra : rebase_source : d10091aea21f7d552f682d54383bf43ece7633ed
|
2013-12-02 10:48:06 -08:00 |
|
Ajitesh Gupta
|
a3e2d917e1
|
Bug 917047: Remove the security.enable_md5_signatures pref, r=briansmith
--HG--
extra : rebase_source : ae721bc7f91b399e61c2efb869e15ab902c810e0
|
2013-11-19 16:05:26 -08:00 |
|
Mike Hommey
|
8fd06cf41b
|
Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal
|
2013-11-27 22:55:07 +09:00 |
|
Mike Hommey
|
b32a4ed166
|
Backout changeset 3fd4b546eed4 (bug 874266) and changeset a35d2e3a872f (bug 942043) for ASAN build bustage and Windows test bustage
--HG--
extra : amend_source : f20d09aeff1c8b5cbd0f1d24c7ce04e86f3aed1d
|
2013-11-28 14:24:05 +09:00 |
|
Mike Hommey
|
682364d535
|
Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal
|
2013-11-28 13:08:16 +09:00 |
|
Camilo Viecco
|
e5fb192579
|
Bug 917380 - part2 - test ensure disabled ev root certs remain untrusted. r=briansmith
|
2013-10-29 14:56:34 -07:00 |
|
Camilo Viecco
|
d09f182703
|
Bug 917380 - Part 1 - Add filters for EV root list. r=briansmith
|
2013-10-21 14:27:46 -07:00 |
|
Camilo Viecco
|
c372fc1c9c
|
Bug 927016 - Create EV testsuite in xpcshell. r=keeler
|
2013-11-21 13:40:31 -08:00 |
|
David Keeler
|
e7311e3096
|
bug 929617 - disregard expired stapled OCSP responses, acquire fresh ones r=briansmith
|
2013-11-25 15:40:11 -08:00 |
|
David Keeler
|
1596dcc4b1
|
bug 943115 - return early in CreateCertErrorRunnable for non-overridable errors r=briansmith
|
2013-11-26 13:49:47 -08:00 |
|
Patrick McManus
|
a72d594dd7
|
Bug 942729, Part 2: Remove unused expected symmetric cipher mechanism, r=briansmith
--HG--
extra : rebase_source : 9630808b663d6a670c2e45d242177a640817f2ee
|
2013-11-25 18:12:40 -05:00 |
|
Brian Smith
|
da55c6102d
|
Bug 942729, Part 1: Re-enable TLS False Start, r=mcmanus
--HG--
extra : rebase_source : 9908b1cbc3a30e9868739a10a705de8dbf30c5e1
|
2013-11-20 13:49:33 -08:00 |
|
Ehsan Akhgari
|
f25f1deaa3
|
Bug 942033 - Build security/manager in unified mode; r=bsmith
--HG--
extra : rebase_source : d48b78001772e0421a6dfc2ecd204434c33cd2d4
|
2013-11-26 13:18:21 -05:00 |
|
Mike Hommey
|
43d177307e
|
Bug 940407 - Kill GTEST_SOURCES. r=gps
|
2013-11-26 11:48:58 +09:00 |
|
Brian Smith
|
85be8f6d2a
|
Bug 942728 - Fix telemetry for cipher suites and crypto algorithms andkey sizes, r=keeler, a=lsblakk
--HG--
extra : rebase_source : bd0bc0d67fe811612df4210b2b5e19f1d5eca5a0
|
2013-11-21 13:35:23 -08:00 |
|
David Keeler
|
2a3e74d865
|
bug 909044 - make generate_certs.sh work on windows r=briansmith DONTBUILD NPOTB
|
2013-11-22 11:03:34 -08:00 |
|
Camilo Viecco
|
77a6933e19
|
Bug 938805 - Create standalone oscpResponseGenerator for testing. r=keeler
|
2013-10-29 14:02:35 -07:00 |
|
Patrick McManus
|
aea36afc63
|
bug 802649 network priority for ocsp r=bsmith r=honzab
--HG--
extra : rebase_source : 17554ab7627e1d42a4736078254f94f36cf9c48b
|
2013-11-20 09:57:56 -05:00 |
|
Camilo Viecco
|
605e2aaf63
|
Bug 912155 - Adding new interface in nssCertifcateDB for testing. r=bsmith
|
2013-11-11 16:37:06 -08:00 |
|
Mike Hommey
|
2812d11fce
|
Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps
Landing on a CLOSED TREE.
|
2013-11-19 11:50:54 +09:00 |
|
Mike Hommey
|
e06d795c71
|
Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps
|
2013-11-19 11:48:10 +09:00 |
|
Mike Hommey
|
26bc04d200
|
Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal
|
2013-11-19 11:47:43 +09:00 |
|
Mike Hommey
|
e80e877ab7
|
Bug 939044 - Remove most definitions of MODULE. r=mshal
|
2013-11-19 11:47:39 +09:00 |
|
Mike Hommey
|
ffe0380912
|
Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps
|
2013-11-19 11:47:14 +09:00 |
|
Camilo Viecco
|
1d9e3d14e6
|
Bug 935769: Fix shutdown locks for nssCerList and nssCertListEnumerator. r=bsmith
|
2013-11-11 15:16:45 -08:00 |
|
Landry Breuil
|
4922ba7e7a
|
Bug 939498 - Properly include <algorithm> for std::max. r=bsmith
|
2013-11-18 11:04:13 +01:00 |
|
Brian Smith
|
bd4023d59f
|
Bug 901718, Part 2: fix comment, r=me
|
2013-11-17 14:00:00 -08:00 |
|