Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-07 12:15:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
355,227 Commits 615 Branches 98 Tags 5.9 GiB
13f4429374
Commit Graph

1923 Commits

Author SHA1 Message Date
David Keeler
8ab7eb2ff0 bug 965379 - refactor getting the profile directory in nsNSSComponent::InitializeNSS r=briansmith 2014-02-02 13:00:45 -08:00
David Keeler
773412653b bug 965379 - properly indent nsNSSComponent::InitializeNSS r=briansmith 2014-02-02 13:02:27 -08:00
David Keeler
f8ab06d3d2 bug 966670 - remove PSMContentDownloader.h r=briansmith 2014-02-01 13:42:59 -08:00
Monica Chew
22825ad2de Bug 966557: Add nsIX509CertDB.ConstructX509FromRawDER (r=bsmith) 2014-01-31 17:33:28 -08:00
Wes Kocher
234ae028ab Backed out changeset f693f6c91b23 (bug 860076) for browser_-certViewer.js failures on a CLOSED TREE 2014-01-30 18:33:31 -08:00
David Keeler
a5df241b98 bug 860076 - remove SkipOcsp for being totally bogus r=briansmith 
--HG--
rename : security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js => security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
 2014-01-30 14:55:51 -08:00
Camilo Viecco
7257212a64 Bug 962833: ensure-certverify-returns secfailure on MUST_BE_EV and no ev certificate. r=dkeeler 2014-01-24 13:57:35 -08:00
Ehsan Akhgari
c13db2bd52 Bug 964061 - Part 2: Remove nsIDOMCRMFObject; r=bzbarsky 
--HG--
extra : rebase_source : 888e33d68bdcd6e03b56f75036ea00142831961d
 2014-01-27 08:27:06 -08:00
Ehsan Akhgari
1b7fdc23c8 Bug 964061 - Part 1: Convert CRMFObject to WebIDL bindings; r=bzbarsky 
--HG--
extra : rebase_source : 39a2b35df50cdd42624fb0e7a14383e8d40cea4b
 2014-01-27 08:27:04 -08:00
Brian Smith
ccb3f48598 Bug 891066, Part 9: Move DisableMD5 to NSSCertDBTrustDomain, r=dkeeler 
--HG--
extra : rebase_source : aaf658c12a74fc53f1591333f10d54e78fe1d992
 2014-01-20 01:30:25 -08:00
Brian Smith
9d23ee7fc7 Bug 891066, Part 8: Add stapled OCSP response to CertVerifier, r=cviecco 
--HG--
extra : rebase_source : ffe0762228d1217cb51e2f8fad2e0605d7d61344
extra : source : f721d60b6bf74467381590457ce3542f83a2f43a
 2013-09-27 19:53:36 -07:00
Brian Smith
12a2ffda37 Bug 891066, Part 7: Give CertVerifier its own NSPR logging module, r=cviecco 
--HG--
extra : rebase_source : a6b38c4026fe70c9789cbe4830df57c943382f5b
extra : source : 591daff856840016c979ed9b4fdbed4ed68f22a6
 2013-07-10 23:47:09 -07:00
Brian Smith
213974a8d4 Bug 891066, Part 6: Move SSL server cert verification logic to security/certverifier, r=cviecco 
--HG--
extra : rebase_source : e30b5b46e075c52651bb5320b17660f85a50abbb
extra : source : ef41444d0a7d1f6697c7a4d431fffe8db1724605
 2013-07-08 16:30:59 -07:00
Brian Smith
4488103b73 Bug 891066, Part 5: Switch to security::pkix::ScopedCERTCertList, r=cviecco 
--HG--
extra : rebase_source : 59015f864e612f18a2f7bb62092b692ae8d47853
extra : source : 31f68b8a192b45720fe931176cdc0565e8c6fd80
 2014-01-22 17:13:19 -08:00
Brian Smith
b92b30b8cf Bug 733454: Remove hard-coded blocklisting in PSM for Comodo and DigiNotar, r=cviecco 
--HG--
extra : rebase_source : 3a3ab5246bd6e2af4a0952c64181cad6feb5c424
extra : source : 2e540dd35edfa0ef3549ed4dd8f0b15b57cb2806
 2013-07-01 11:39:16 -07:00
Brian Smith
3091f37853 Bug 891066, Part 3: Move more initialization of NSS to security/certverifier, r=keeler 
--HG--
extra : rebase_source : 33aad105028f849d0bbe1c37b60eab50f2f22c88
 2014-01-20 22:10:33 -08:00
Brian Smith
c1583f22ce Bug 891066, part 2: Move CertVerifier to security/certverifier, r=keeler 
--HG--
extra : rebase_source : dd59a391825b776b075e855660c2488105e2d741
 2014-01-26 19:36:28 -08:00
Brian Smith
efdf583668 Bug 891066, Part 1: Remove CertVerifier's dependency on nsNSSComponent, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 3242f78d6d4d68080997dd56dae1fd0675750d5e
extra : source : 965c9f30e9b87e418bbf6ab43657257e94992223
 2014-01-19 14:05:40 -08:00
Brian Smith
188876d1dc Bug 961454: Clean up whitespace in key PSM files, r=keeler, r=cviecco 
--HG--
extra : rebase_source : 53f14cc6f97814eb9913a1ddad1a19631e2af08a
 2014-01-21 17:30:44 -08:00
David Keeler
a3dd98815d bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings 2014-01-21 16:47:47 -08:00
Brian Smith
18f9a21219 Bug 952874: Fix telemetry for RSA/DHE key sizes of 1025-1280 bits and fix misspelling, r=keeler 2014-01-18 17:59:24 -08:00
Brian Smith
d1287a15a2 Bug 950858: Make cipher suite telemetry code less crash-prone, r=keeler 2014-01-18 16:52:16 -08:00
Wes Kocher
44b44b413c Backed out changeset 8526c7a38761 (bug 951354) for CPP unittest bustage 2014-01-17 17:50:17 -08:00
David Keeler
88d7f1342f bug 951354 - test nsNSSCertificateDB for proper shutdown r=cviecco a=abillings 2014-01-17 16:22:51 -08:00
Raymond Etornam Agbeame(:retornam)
5aa30a620f Bug 950169 - remove unused arguments for LogInvalidCertError r=keeler 2014-01-17 11:57:57 -08:00
David Keeler
a7bcf97cfc bug 950240 - don't do DV fallback for nsIIdentityInfo.isExtendedValidation r=briansmith 2014-01-17 11:04:09 -08:00
Brian Smith
3824df981f Bug 960714: Make NPN and ALPN prefs dynamic, r=keeler, r=mcmanus 
--HG--
extra : rebase_source : 42ff8c05b682e755d51ec79e2cb26db7cedd382f
 2014-01-16 21:38:59 -08:00
David Keeler
2ffb88c0b9 bug 960723 - fix failingOCSPResponder in test_ev_certs.js r=briansmith 2014-01-16 13:18:38 -08:00
Patrick McManus
ff9c9eca9f Bug 890994: ALPN support for Gecko, r=briansmith 2014-01-14 15:34:23 -05:00
Brian Smith
2bf2f0ce5a Bug 923304, Part 2: Adjust EV tests, r=keeler 
--HG--
extra : rebase_source : f0cfd0089a99dddd8852e0613bc2a31e5c12b1de
 2014-01-14 15:22:09 -08:00
Brian Smith
ae750cc925 Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith 
--HG--
extra : rebase_source : 7cafe0781563382c2221e865201beb023fea3628
 2014-01-13 02:33:08 -08:00
David Keeler
648d25a19a bug 957368 - standardize and simplify nsNSSShutDownObject implementations r=cviecco r=briansmith 2014-01-14 09:28:43 -08:00
Garrett Robinson
eabe1d0a0f Bug 883975 - CSP 1.1 hash-source. r=sstamm, r=dholbert, r=mrbkap 2014-01-02 11:14:06 -08:00
Brian Smith
b6cabfc2be Bug 957667: Decouple OCSP stapling pref from the OCSP fetching pref, and couple the OCSP required pref to the OCSP fetching pref, r=keeler 
--HG--
extra : rebase_source : 86cb86f76f4def579fcf07e479025852849c34f8
extra : source : 08115711a4e6e77971c9e872fb6c68e88ac9693e
 2014-01-08 08:51:06 -08:00
Brian Smith
4f7ae6c58b Bug 959026: Add telemetry about cases where we don't do OCSP fetching when we expect to, r=keeler 
--HG--
extra : rebase_source : f7e9826569325f497273a92eec5127c414baa8bc
extra : source : bb5bb5a1b571e54695a4c8d5be0cc447f29f0358
 2014-01-12 19:31:40 -08:00
Ryan VanderMeulen
de8f18e28c Backed out changesets 1b892043a386 and 0e14b3468b94 (bug 923304) and changeset 2e2c276950b9 (bug 950129) for xpcshell failures. 2014-01-13 18:00:34 -05:00
Ryan VanderMeulen
e7b8f32115 Merge inbound to m-c. 2014-01-13 17:44:24 -05:00
Brian Smith
3a3061758d Bug 923304, Part 2: Adjust EV tests, r=keeler 
--HG--
extra : source : 97bf218ac3bb44e81074ca95877ca8b6414265b3
 2013-12-28 11:28:49 -08:00
Brian Smith
effee37c95 Bug 923304, Part 1: Add test for OCSP response signed by CA that has an OCSP URI, r=keeler, r=briansmith 
--HG--
extra : source : e7afcba6743e40755d28a296b00c395392864657
 2014-01-13 02:33:08 -08:00
Patrick McManus
0ef97ed6fd bug 951199 - Interface for Socket Level Access to TLS Version Used r=dkeeler r=bsmith 2013-10-09 17:21:48 -07:00
Nemina Amarasinghe
76f959e6f5 Bug 946075 - Remove extra space from ssl_error_bad_cert_domain error message contains in TransportSecurityInfo.cpp. r=dkeeler 2014-01-13 09:28:14 -05:00
Brian Smith
367c980791 Bug 957665: Add telemetry to measure how many people have OCSP enabled, r=keeler 
--HG--
extra : rebase_source : e6dd0d7d06ce0eb5b2f34a77a851dd7c0655ac3e
 2014-01-08 08:59:53 -08:00
David Keeler
02ba1423d9 bug 950268 - fix leak in nsCertTree::GetDispInfoAtIndex r=cviecco 2014-01-09 10:02:08 -08:00
Brian Smith
7a3a090854 Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 2014-01-06 14:45:35 -08:00
Brian Smith
e78c9d7289 Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 2014-01-06 14:41:04 -08:00
Wes Kocher
13a42d347d Backed out changeset 75e5396d0847 (bug 933109) for xpcshell bustage 2014-01-06 17:50:53 -08:00
Wes Kocher
20073cae22 Backed out changeset b8f1b1cfc9e2 (bug 952876) 2014-01-06 17:50:23 -08:00
Brian Smith
86906b978c Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 
--HG--
extra : rebase_source : d83e4b3681b36616441e6fd412969998a19eae4c
extra : amend_source : 475bff5dd333fb54729fdace0f295c6e026c5a18
 2014-01-06 14:45:35 -08:00
Brian Smith
ded0276b7d Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 
--HG--
extra : rebase_source : 4e73c5812e75adf053f2158a88a6a8e58307c9d7
 2014-01-06 14:41:04 -08:00
David Keeler
2082ba1a5d bug 951354 - nsNSSCertificateDB: call shutdown(calledFromObject) in destructor r=cviecco a=abillings 2013-12-19 11:45:50 -08:00
Ehsan Akhgari
1b83407ce9 Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc 
This patch was automatically generated by the following script:

#!/bin/bash
# Command to convert PRUnichar to char16_t

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*modules/libmar*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name prtypes.h \
       ! -name Char16.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert PRUnichar char16_t
 2014-01-04 10:02:17 -05:00
David Keeler
b4908bf345 bug 887321 - initial OCSP stapling telemetry r=briansmith 2013-12-16 09:32:16 -08:00
Trevor Saunders
d43c55ca0e bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj 2013-12-12 20:50:01 -05:00
Raymond Etornam Agbeame
263d3452ce Bug 945857: Remove the security.fresh_revocation_info.require preference, r=briansmith 2013-12-16 00:09:21 -08:00
Camilo Viecco
b76fac8502 Bug 938046 - Part 4. Tests for consistency of getchain and getissuer. r=dkeeler 2013-11-21 13:50:51 -08:00
Camilo Viecco
c653f8bfb9 Bug 938046 - Part 3. Iterate only through valid users on getchain r=dkeeler 2013-12-11 13:04:07 -08:00
Camilo Viecco
e37fbe8375 Bug 938046 - Part 2. Get issuer uses getchain to comput issuer. r=dkeeler 2013-11-21 13:50:49 -08:00
Camilo Viecco
d93962c4a5 Bug 938046 - Part 1. Iterate through variable not over const. r=dkeeler 2013-11-21 13:45:20 -08:00
Cykesiopka
0d841afed1 Bug 539710 - Use char16_t ',' instead of NS_LITERAL_STRING in nsNSSCertificate.cpp. r=dkeeler 2013-12-10 10:36:31 -05:00
Camilo Viecco
92f4ee9e45 Bug 936808 - Serialize calls to PK11 routines in SSLServerCertVerification. r=briansmith 2013-12-09 09:12:47 -08:00
Birunthan Mohanathas
3440613a39 Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo 
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
 2013-12-08 21:52:54 -05:00
Brian Smith
25cf163695 Bug 942152, r=dkeeler, r=honzab 
--HG--
extra : rebase_source : 7f0bab4efa26e9c185b29fdb14d846035147fd2f
 2013-12-05 20:33:49 -08:00
Camilo Viecco
e0f5696cba Bug 945349 - CertVerifier should check early for bad usages. r=briansmith 2013-12-06 13:42:44 -08:00
Raymond Etornam Agbeame
676b9a2b0e Bug 945855: Remove the security.first_network_revocation_method pref, r=briansmith 
--HG--
extra : rebase_source : e416ba1e78f95234d403c078ad81b5fddcce947a
extra : amend_source : 7adbe291df748b5a6d1f1122573e862bdc5f5f11
 2013-12-06 00:55:17 -08:00
Cykesiopka
229baa51e6 Bug 945851: Remove pref for showing dialog box when NSS initialization fails, r=briansmith 
--HG--
extra : rebase_source : 1142d1775b8846e8bd46109affc62df262e598d4
 2013-12-06 00:12:08 -08:00
Chris Peterson
6f76ca5751 Bug 946116 - Remove unused isResumedSession variable from nsNSSCallbacks.cpp. r=bsmith 2013-12-03 21:07:29 -08:00
Camilo Viecco
7223d195ae Bug 585122 - In PSM provide EV only with OCSP revocation (Part 2: tests). r=briansmith. 2013-12-02 11:12:21 -08:00
Camilo Viecco
d5220b22a6 Bug 585122 - Part 1. EV do not request CRL. r=briansmith. 2013-12-02 11:08:06 -08:00
Steffen Wilberg
f62f500883 Bug 945871: Remove the security.ssl3.ecdh_* preferences, r=briansmith 
--HG--
extra : rebase_source : 39f680c48ae198263af61b8c2cc07bdb7dc829a7
 2013-12-03 18:56:33 -08:00
Cykesiopka
4dbc25f974 Bug 915937 - Cleanup #defines in nsNSSComponent.cpp and change them to static consts. r=bsmith 2013-12-03 15:23:27 -05:00
Nathan Froyd
30fe6804b0 Bug 942109 - constify PLDHashTableOps in security/manager/; r=briansmith 2013-11-20 13:42:08 -05:00
Camilo Viecco
2897aff2ae Bug 942918 - remove ev tests that use crl for revocation check. r=dkeeler 2013-12-02 15:20:24 -08:00
Brian Smith
ff37bcb472 Bug 945195: Do insecure fallback from TLS 1.0 to SSL 3.0 when we receive a FIN during the initial handshake, r=honzab 
--HG--
extra : rebase_source : d10091aea21f7d552f682d54383bf43ece7633ed
 2013-12-02 10:48:06 -08:00
Ajitesh Gupta
a3e2d917e1 Bug 917047: Remove the security.enable_md5_signatures pref, r=briansmith 
--HG--
extra : rebase_source : ae721bc7f91b399e61c2efb869e15ab902c810e0
 2013-11-19 16:05:26 -08:00
Mike Hommey
8fd06cf41b Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-27 22:55:07 +09:00
Mike Hommey
b32a4ed166 Backout changeset 3fd4b546eed4 (bug 874266) and changeset a35d2e3a872f (bug 942043) for ASAN build bustage and Windows test bustage 
--HG--
extra : amend_source : f20d09aeff1c8b5cbd0f1d24c7ce04e86f3aed1d
 2013-11-28 14:24:05 +09:00
Mike Hommey
682364d535 Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-28 13:08:16 +09:00
Camilo Viecco
e5fb192579 Bug 917380 - part2 - test ensure disabled ev root certs remain untrusted. r=briansmith 2013-10-29 14:56:34 -07:00
Camilo Viecco
d09f182703 Bug 917380 - Part 1 - Add filters for EV root list. r=briansmith 2013-10-21 14:27:46 -07:00
Camilo Viecco
c372fc1c9c Bug 927016 - Create EV testsuite in xpcshell. r=keeler 2013-11-21 13:40:31 -08:00
David Keeler
e7311e3096 bug 929617 - disregard expired stapled OCSP responses, acquire fresh ones r=briansmith 2013-11-25 15:40:11 -08:00
David Keeler
1596dcc4b1 bug 943115 - return early in CreateCertErrorRunnable for non-overridable errors r=briansmith 2013-11-26 13:49:47 -08:00
Patrick McManus
a72d594dd7 Bug 942729, Part 2: Remove unused expected symmetric cipher mechanism, r=briansmith 
--HG--
extra : rebase_source : 9630808b663d6a670c2e45d242177a640817f2ee
 2013-11-25 18:12:40 -05:00
Brian Smith
da55c6102d Bug 942729, Part 1: Re-enable TLS False Start, r=mcmanus 
--HG--
extra : rebase_source : 9908b1cbc3a30e9868739a10a705de8dbf30c5e1
 2013-11-20 13:49:33 -08:00
Ehsan Akhgari
f25f1deaa3 Bug 942033 - Build security/manager in unified mode; r=bsmith 
--HG--
extra : rebase_source : d48b78001772e0421a6dfc2ecd204434c33cd2d4
 2013-11-26 13:18:21 -05:00
Mike Hommey
43d177307e Bug 940407 - Kill GTEST_SOURCES. r=gps 2013-11-26 11:48:58 +09:00
Brian Smith
85be8f6d2a Bug 942728 - Fix telemetry for cipher suites and crypto algorithms andkey sizes, r=keeler, a=lsblakk 
--HG--
extra : rebase_source : bd0bc0d67fe811612df4210b2b5e19f1d5eca5a0
 2013-11-21 13:35:23 -08:00
David Keeler
2a3e74d865 bug 909044 - make generate_certs.sh work on windows r=briansmith DONTBUILD NPOTB 2013-11-22 11:03:34 -08:00
Camilo Viecco
77a6933e19 Bug 938805 - Create standalone oscpResponseGenerator for testing. r=keeler 2013-10-29 14:02:35 -07:00
Patrick McManus
aea36afc63 bug 802649 network priority for ocsp r=bsmith r=honzab 
--HG--
extra : rebase_source : 17554ab7627e1d42a4736078254f94f36cf9c48b
 2013-11-20 09:57:56 -05:00
Camilo Viecco
605e2aaf63 Bug 912155 - Adding new interface in nssCertifcateDB for testing. r=bsmith 2013-11-11 16:37:06 -08:00
Mike Hommey
2812d11fce Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps 
Landing on a CLOSED TREE.
 2013-11-19 11:50:54 +09:00
Mike Hommey
e06d795c71 Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps 2013-11-19 11:48:10 +09:00
Mike Hommey
26bc04d200 Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal 2013-11-19 11:47:43 +09:00
Mike Hommey
e80e877ab7 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Mike Hommey
ffe0380912 Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps 2013-11-19 11:47:14 +09:00
Camilo Viecco
1d9e3d14e6 Bug 935769: Fix shutdown locks for nssCerList and nssCertListEnumerator. r=bsmith 2013-11-11 15:16:45 -08:00
Landry Breuil
4922ba7e7a Bug 939498 - Properly include <algorithm> for std::max. r=bsmith 2013-11-18 11:04:13 +01:00
Brian Smith
bd4023d59f Bug 901718, Part 2: fix comment, r=me 2013-11-17 14:00:00 -08:00
Brian Smith
0f04dc22ad Bug 934663 followup: fix unused variable warning, r=me 
--HG--
extra : rebase_source : e343b569df4d313f0f5f65fc82de99b9ea5b2ba9
 2013-11-17 13:53:18 -08:00
Brian Smith
a30624a77d Bug 901718: Remove TLS intolerance fallback from TLS 1.0 to SSL 3.0 for connection resets, r=honzab 
--HG--
extra : rebase_source : 304e73126b66ae2e1a9fa6ae4c0cc3fa803aaac0
 2013-11-17 13:51:37 -08:00
Brian Smith
f6aed24e05 Bug 707275, Part 2: Add telemetry for cipher suites and key sizes, r=keeler 
--HG--
extra : rebase_source : bd5f91877de357b415b6f143eccc87434d72db2b
 2013-11-17 13:47:30 -08:00
Brian Smith
7ee6fc2ae9 Bug 707275, Part 1: Add telemetry for TLS intolerance, r=keeler 
--HG--
extra : rebase_source : 8331f1486ad764838812ea500742a97fbc025858
 2013-11-17 13:47:23 -08:00
Tom Schuster
4478f5b384 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Ms2ger
cca4d45da6 Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage. 2013-11-17 16:39:25 +01:00
Tom Schuster
bc757ef965 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Chris Peterson
1d6f9e7c88 Bug 937459 - Remove unused private fields from nsNSSSocketInfo class. r=briansmith 2013-11-11 14:06:29 -08:00
David Keeler
cf2c6961bf bug 932519 - (3/3) add an optional additional cert name as a parameter to GetOCSPResponseForType r=cviecco r=briansmith 2013-11-11 13:36:29 -08:00
David Keeler
ebbb41103e bug 932519 - (2/3) rename OCSP response generation test code to remove "stapling" r=cviecco r=briansmith 2013-11-11 13:42:35 -08:00
David Keeler
67c258e9bf bug 932519 - (1/3) move common OCSP response generation test code for refactoring r=cviecco r=briansmith 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.cpp
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h
 2013-11-11 13:43:04 -08:00
David Keeler
6e4af846e2 bug 935618 - (2/2) generateCRMFRequest: test using a bad popcert parameter r=cviecco 2013-11-07 13:33:58 -08:00
David Keeler
96c3be83e6 bug 935618 - (1/2) check for an ec certificate in nsConvertToActualKeyGenParams r=cviecco 2013-11-07 13:34:59 -08:00
Jacob Acord
102145c94d Bug 934673 - Fix nsRandomGenerator::GenerateRandomBytes can leak r=keeler 2013-11-11 14:38:37 -08:00
Brian Smith
09f6dec4df Bug 934663: Enable AES-GCM cipher suites; disable SEED, ECDH_*, and FIPS, and DSS+Camellia cipher suites, r=cviecco 
--HG--
extra : rebase_source : a1542ba09258448e571109bc4aa6423cd9ad616a
 2013-11-01 05:20:03 -07:00
Brian Smith
b0f72ab20d Bug 934327: Give OCSP-related NSS errors symbolic names in xpcshell tests, r=keeler 
--HG--
extra : rebase_source : 10bd4842f16a6a4e1cbd8d50505a70a6502d9581
 2013-10-14 21:36:18 -07:00
Garrett Robinson
1da990368c Bug 855326 - CSP 1.1 nonce-source for scripts and styles r=mrbkap r=dholbert r=geekboy 2013-11-08 15:44:39 -08:00
Daniel Holbert
9a3437dd77 backout 57213b64023b (bug 855326) for build bustage in debug builds 
CLOSED TREE
 2013-11-08 11:22:36 -08:00
Garrett Robinson
5add685cdd Bug 855326 - CSP 1.1 nonce-source for scripts and styles. r=mrbkap r=dholbert r=geekboy 2013-11-08 09:20:43 -08:00
David Keeler
b61c9756db bug 934716 - generateCRMFRequest: accept only the first repeated keygen parameter r=cviecco 2013-11-07 10:42:59 -08:00
Michael Shuen
b39e616813 Bug 933995 - Check return value of ImportCertsIntoPermanentStorage and CERT_ImportCerts. r=dkeeler 2013-11-06 12:30:45 -05:00
Ryan VanderMeulen
d54baa4c91 Merge m-c to inbound. 2013-11-04 16:31:13 -05:00
Carsten "Tomcat" Book
651904135a merge b2g-inbound to mozilla-central 2013-11-04 13:52:18 +01:00
Michael Shuen
f08198c634 Bug 933998 - Prevent leak in nsNSSCertificateDB::ConstructX509FromBase64. r=bsmith 2013-11-04 14:22:37 -05:00
Meadhbh Hamrick
b2b4678420 Bug 861266: Enable TLS 1.2 by default, r=briansmith 
--HG--
extra : rebase_source : 4f28724d58791e1ee0e281ff48232f5aaca2048f
 2013-11-01 04:48:57 -07:00
Brian Smith
c4d5fa5097 Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco 
--HG--
extra : rebase_source : 7cbc273155d04bc64a110eda9216c6f727ce0c18
 2013-10-24 14:32:09 -07:00
Brian Smith
7191d86258 Bug 934171: Fix OCSP stapling test, r=mcmanus 
--HG--
extra : rebase_source : 4f77b595b2004dabf3444187424ac4426fb7a41a
 2013-11-02 19:57:26 -07:00
Mike Hommey
3da504d65e Bug 933135 - Treat SIMPLE_PROGRAMS more like PROGRAM. r=mshal 2013-11-02 08:43:55 +09:00
Brian Smith
d7c650a645 Bug 733647: Enable TLS 1.1 by default, r=wtc 
--HG--
extra : rebase_source : 539406fa06a715e60d84b207a6112257262817f6
 2013-10-26 01:01:37 -07:00
David Keeler
7af4d46f21 bug 930209 - differentiate empty OCSP response from no OCSP response in tests r=cviecco 2013-10-28 13:15:53 -07:00
Birunthan Mohanathas
145d3ff4f2 Bug 784739 - Switch from NULL to nullptr in security/; r=ehsan 2013-10-28 10:05:19 -04:00
Eddy Bruel
359289b5e5 Bug 880330 - Refactor crypto to use the new options API; r=bholley 2013-10-28 12:57:08 +01:00
Brian Smith
3842b267a1 Bug 754356: Remove TLS intolerance timeout logic, r=honzab 
--HG--
extra : rebase_source : 49c4563800ce9727e11e08d857db44c1294a074b
 2013-10-15 01:14:50 -07:00
Brian Smith
50c4793f62 Backed out changeset 673ca84a9171 because of wrong bug number in commit message 
--HG--
extra : rebase_source : 32c92c4cb98097caf8805fdae98d9c435580c8c9
 2013-10-26 00:51:47 -07:00
Brian Smith
bdc5f15a1f Bug 450280: Remove timeout logic for TLS intolerance, r=honzab 2013-10-15 01:14:50 -07:00
Mike Hommey
b000a846c2 Bug 929905 - Consolidate sources in moz.build. r=gps 2013-10-25 08:23:05 +09:00
Patrick Wang
5f3a169c05 Bug 881761 - Part 2: Exposing configureMD5 in nsNSSComponent. r=bsmith 2013-10-11 11:27:51 +08:00
Patrick Wang
5243e79ada Bug 881761 - Part 1: Move initializing cipher suite to public function. r=keeler,honzab 2013-09-17 15:29:15 +08:00
Brian O'Keefe
9c9d71fddb Bug 928709 - Convert chromium-config.mk to mozbuild, r=mshal 2013-10-02 13:17:55 -04:00
Michael Harrison
52fc47f2da Bug 917049 - Remove the security.enable_tls_session_tickets pref. r=keeler 2013-10-22 12:33:00 +01:00
Carsten "Tomcat" Book
0e4e01758c Merge mozilla-inbound to Mozilla-Central 2013-10-24 07:05:29 +02:00
Mike Hommey
59a17d0f20 Bug 921492 - Make StrictOrderingOnAppendList use actual alphabetical sorting. r=mshal,r=gps 2013-10-24 08:05:43 +09:00
Mike Hommey
3fa7456cd6 Bug 913268 - Make CPP_SOURCES a StrictOrderingOnAppendList. r=mshal 2013-10-24 08:00:23 +09:00
Paolo Amadini
cd2ba67f77 Bug 928349 - Add a build-time setting to use only the JavaScript API for downloads, and enable it in Firefox for Desktop. r=enn 2013-10-23 21:46:47 +02:00
Camilo Viecco
d331acd967 Bug 918120: reduce soft fail ocsp timeouts to 3 secs. r=bsmith. 2013-09-23 09:25:53 -07:00
Camilo Viecco
9cdbcf49ca Bug 911336: nsNSSCertificateDB does not lock nssShutdown correctly. r=keeler. 2013-08-29 16:15:35 -07:00
Camilo Viecco
9216b8ad8d Bug 895601: Add tests to cert verification in psm. r=keeler. 2013-07-30 11:18:40 -07:00
Chris Peterson
ab0945ca8d Bug 927209 - Fix -Wunused-function and -Wreorder warnings in nsNSSIOLayer.cpp. r=bsmith 2013-10-15 16:22:13 -07:00
Brian Smith
71db6985d3 Bug 839310: Expand TLS intolerance logic to work for versions beyond TLS 1.0, r=keeler, r=wtc 
--HG--
extra : rebase_source : b83a610d08abb428f0f6894fa935712f820ddfe8
 2013-10-11 00:17:19 -07:00
Honza Bambas
fda9e3c937 Bug 923248 - Fix typo in proxy/direct NTLM module telemetry accumulation, r=jduell 2013-10-10 19:10:45 +02:00
Ms2ger
4c35b806f8 Merge m-c to inbound. 2013-10-03 11:09:17 +02:00