Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-15 14:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
375,818 Commits 615 Branches 98 Tags 5.8 GiB
1a82bb5835
Commit Graph

8688 Commits

Author SHA1 Message Date
Kai Engert
8dc0d88271 Bug 1020695, Update Mozilla to use NSS 3.16.2, r=wtc 2014-06-25 11:25:59 +02:00
Carsten "Tomcat" Book
ec63c69c72 Backed out changeset 4f21e9bc729a (bug 1029364) for B2G Device and Emulator Bustage on a CLOSED TREE 2014-06-25 10:01:17 +02:00
Carsten "Tomcat" Book
a198d5204e Backed out changeset a10da316a35f (bug 1029341) 2014-06-25 10:00:42 +02:00
Brian Smith
abcf9d2012 Bug 1029341: Factor out decoding of certificate/OCSP extensions, r=keeler 
--HG--
extra : rebase_source : e307bea95d29cf78c9eaa7ddb1f2b2c195a59dc9
 2014-06-24 21:52:50 -07:00
Brian Smith
f9aac2f45e Bug 1029364: Centralize version parsing in BackCert::Init, r=cviecco 
--HG--
extra : rebase_source : 79d5f29c2af1ec77d6bb8a7936bb0a17f28e8d52
 2014-06-19 16:17:28 -07:00
Jim Blandy
7e20285e70 Bug 914753: Make Emacs file variable header lines correct, or at least consistent. DONTBUILD r=ehsan 
The -*- file variable lines -*- establish per-file settings that Emacs will
pick up. This patch makes the following changes to those lines (and touches
nothing else):

 - Never set the buffer's mode.

   Years ago, Emacs did not have a good JavaScript mode, so it made sense
   to use Java or C++ mode in .js files. However, Emacs has had js-mode for
   years now; it's perfectly serviceable, and is available and enabled by
   default in all major Emacs packagings.

   Selecting a mode in the -*- file variable line -*- is almost always the
   wrong thing to do anyway. It overrides Emacs's default choice, which is
   (now) reasonable; and even worse, it overrides settings the user might
   have made in their '.emacs' file for that file extension. It's only
   useful when there's something specific about that particular file that
   makes a particular mode appropriate.

 - Correctly propagate settings that establish the correct indentation
   level for this file: c-basic-offset and js2-basic-offset should be
   js-indent-level. Whatever value they're given should be preserved;
   different parts of our tree use different indentation styles.

 - We don't use tabs in Mozilla JS code. Always set indent-tabs-mode: nil.
   Remove tab-width: settings, at least in files that don't contain tab
   characters.

 - Remove js2-mode settings that belong in the user's .emacs file, like
   js2-skip-preprocessor-directives.
 2014-06-24 22:12:07 -07:00
Brian R. Bondy
cacb9c55fc Bug 598615 - Rename HAVE_64BIT_OS to HAVE_64BIT_BUILD. r=ted 2014-06-24 22:16:25 -04:00
Wes Kocher
b683b68251 Backed out 2 changesets (bug 1027890) for B2G Windows Build bustage on a CLOSED TREE 
Backed out changeset bcd694f0e95d (bug 1027890)
Backed out changeset 49cadfcde709 (bug 1027890)
 2014-06-24 18:33:46 -07:00
Mike Hommey
195a1f903a Bug 1027890 - Remove all sorts of build system code dedicated to pymake. r=gps 2014-06-25 08:38:28 +09:00
Cykesiopka
3cec6ba9b8 Bug 270016 - Make the list of certs shown in the Delete/Distrust cert dialog scrollable. r=keeler 2014-06-23 23:51:00 +02:00
Brian Smith
bd8f23ccd6 Bug 1028643: Convert nsISignatureVerifier to use CertVerifier (mozilla::pkix) and move nsISignatureVerifier functionality to nsIDataSignatureVerifier, r=keeler 
--HG--
extra : rebase_source : 14f6f5dedd7145d574ac5b4c86b6ad42b6716ae8
extra : histedit_source : f891fbe80c4ca9fc62849bc2d6d8ffad372a6bf0
 2014-06-22 18:50:22 -07:00
Brian Smith
109e54dee4 Bug 1028493: Remove unused stapledOCSPResponse parameter from CreateCetErrorRunnable, r=mmc 
--HG--
extra : rebase_source : 6ceddadff81fd607b53de317dc841e334bc76621
extra : histedit_source : d05fe4430c880da25c4d361977218ceb416d8f0d
 2014-06-20 19:43:09 -07:00
Benoit Jacob
e3e3df494f Bug 1028588 - Fix dangerous public destructors in security/ - r=bsmith 2014-06-23 18:40:03 -04:00
Honza Bambas
d8b9a11e34 Bug 1023748 - Allow NTLMv1 over SSL/TLS by default, r=jduell 2014-06-23 19:43:40 +02:00
Ryan VanderMeulen
adb70139cc Merge inbound to m-c. a=merge 2014-06-23 10:42:32 -04:00
ffxbld
2d11183756 No bug, Automated HSTS preload list update from host bld-linux64-spot-1030 - a=hsts-update 2014-06-21 03:14:13 -07:00
Harsh Pathak
6aac04a8b6 bug 956147 - Use Scoped PLArenaPool in GetSubjectAltNames to avoid memory leaks. r=keeler. 2014-06-19 14:36:31 -07:00
Brian Smith
b76e937c55 Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler 
--HG--
extra : rebase_source : e445c913994dc027e1179543d7b6cab2505e734d
 2014-06-19 00:13:20 -07:00
Camilo Viecco
92ab75df00 Bug 1015973 - Improve cert error decoding. r=keeler 
--HG--
extra : rebase_source : e812bc94b7c30727ef3a17fab0dac03633254083
 2014-06-02 09:04:39 -07:00
David Keeler
c267ae06c1 bug 1027711 - remove some unused const variables in PSM r=cviecco 2014-06-19 10:31:06 -07:00
Brian Smith
d3ed70b23e Bug 1027311, Part 3: Remove irrelevant & problematic extensions from test_cert_signatures test certificates, r=cviecco 
--HG--
extra : rebase_source : 574e46ea5664b1985ac19dab395e75f75f0bdccb
 2014-06-18 13:40:18 -07:00
Brian Smith
6f3a6fe677 Bug 1027311, Part 2: Remove irrelevant & problematic extensions from test_ev_certs test certificates, r=cviecco 
--HG--
extra : rebase_source : 413b57030d95d8e0293933e01c5877909ceb27ff
 2014-06-18 15:05:45 -07:00
Brian Smith
5ab3abc32d Bug 1027311, Part 1: Remove irrelevant & problematic extensions from test_certificate_usages test certificates, r=cviecco 
--HG--
extra : rebase_source : e9a4072de3d24797929fc37c85ba99517bb6bad1
 2014-06-18 13:56:36 -07:00
Brian Smith
2858e7b2a9 Bug 1027255: Add ASSERT_/EXPECT_ GTest helpers for mozilla::pkix::Result, r=mmc 
--HG--
extra : rebase_source : 2fb8807724ba59028ec32e8d287296a905bd3615
 2014-06-18 23:40:34 -07:00
Brian Smith
d8d1c2c63a Bug 611752: Remove XPCOM CMS interfaces (nsICMS* and nsISMimeCert), r=keeler 
--HG--
extra : rebase_source : d5f70ff8b084fa9d53309d28d2ad478a478f4ff6
 2014-06-15 20:51:51 -07:00
Brian Smith
d779fddb49 Bug 1022970: Switch from UNIFIED_SOURCES back to SOURCES in security/pkix, security/certverifier, and security/manager/ssl/src, r=keeler 
--HG--
extra : rebase_source : 7d45d018be6b23af199c1e9c858fb5bb3bb5a01b
 2014-06-16 22:57:55 -07:00
Brian Smith
30fd4b4013 Bug 1026371: Remove useless comments in CertVerifier.cpp, r=cviecco 
--HG--
extra : rebase_source : 58444ab17c68bcde6938540b3b074af55e417687
 2014-06-16 23:37:53 -07:00
Birunthan Mohanathas
51ba75d135 Bug 1016240 - Exterminate CR+LF line endings. r=briansmith,cpearce,ehsan,gavin 2014-06-18 17:56:02 -07:00
Benoit Jacob
e480eacf01 Bug 1027251 - Fix or whitelist dangerous public destructors in security/ - r=bsmith 2014-06-18 22:29:00 -04:00
Monica Chew
633c337197 Bug 1027133: Enable test mode for *.twitter.com (r=keeler) 2014-06-18 16:23:13 -04:00
David Keeler
29ec0cc30a bug 1017826 - follow-up to fix indentation r=me a=whitespace-only DONTBUILD 2014-06-17 09:14:00 -07:00
Harsh Pathak
6c21b7c10e Bug 1017826 - prevent a potential memory leak in OCSPCache::Put. r=keeler 2014-06-16 20:27:00 +02:00
Nathan Froyd
6020c3fe5e Bug 1018375 - part 4 - use a linker script for libnss3 on Linux-like OSes; r=glandium 2014-05-30 14:34:54 -04:00
Nathan Froyd
f2878a277f Bug 1018375 - part 3 - use a static list of NSS def files for MOZ_FOLD_LIBS groveling; r=glandium 2014-06-03 14:23:06 -04:00
Harsh Pathak
b22dcd058f bug 550052 - add length check when decoding key usage bit strings. r=dkeeler 2014-06-10 16:56:00 +02:00
Harsh Pathak
06164477b9 Bug 1017348 - DumpASN1Object/ifdef-ed out code removed. r=dkeeler 2014-06-10 16:58:00 +02:00
Phil Ringnalda
449d05b144 Merge m-i to m-c, a=merge 2014-06-15 09:28:20 -07:00
ffxbld
3f294eaae3 No bug, Automated HSTS preload list update from host bld-linux64-spot-006 - a=hsts-update 2014-06-14 03:14:44 -07:00
Wan-Teh Chang
d0d221e8d4 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 4. Includes fixes for 
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150, bug 1007126, bug 1021102.
 2014-06-13 14:17:18 -07:00
Camilo Viecco
a8ba8291e3 Bug 998513 - Test GeneralizedTime encodings in mozilla::pkix. r=keeler. 2014-06-13 12:50:11 -07:00
Wes Kocher
e8bddeb342 Merge m-c to fx-team 2014-06-11 18:52:12 -07:00
Monica Chew
e49e9fc82b Bug 1004352: Enable pinning for Google in production mode (r=keeler) 2014-06-11 15:32:37 -07:00
Gijs Kruitbosch
3d4de50d8e Bug 908534 - change of event sink should trigger OnSecurityChange notifications, r=dkeeler 2014-06-11 11:19:17 +01:00
David Keeler
636e3ceae7 bug 1017160 - remove nsINSSCertErrorDialog and implementation r=cviecco 2014-06-09 16:35:35 -07:00
David Keeler
8bf1ded425 bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith 2014-06-09 13:57:44 -07:00
Harsh Pathak
572c9b9d33 Bug 997370 - Update comment in nsIX509Cert.idl to reflect certificate fingerprint instead of public key. r=cviecco 2014-06-09 10:58:00 -04:00
Ryan VanderMeulen
56e2c15baf Merge m-c to inbound on a CLOSED TREE. a=me 2014-06-07 13:36:44 -04:00
ffxbld
d1e9c22279 No bug, Automated HSTS preload list update from host bld-linux64-spot-051 - a=hsts-update 2014-06-07 03:18:25 -07:00
David Keeler
5f24a86888 bug 1019198 - fail handshake if given an expired OCSP response and fetching a new one fails r=briansmith 2014-06-06 09:20:50 -07:00
Camilo Viecco
de303fb49e Bug 1000548 - Leaking arenas allocated in mozilla::pkix r=keeler 
--HG--
extra : rebase_source : 6b0aaef098a4fa4d5749013a332b6b7602640b36
 2014-06-05 16:28:46 -07:00
Ed Morley
50fc55199f Backed out changeset 189492a9a115 (bug 1020695) for mochitest-2 failures in test_WebCrypto.html; CLOSED TREE 2014-06-05 15:52:01 +01:00
Wan-Teh Chang
890d6ae640 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for 
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
 2014-06-05 07:06:32 -07:00
Wan-Teh Chang
f64f892d7c Revert 8406a2b981c5 to fix build bustage. 
> Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
> bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
> bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
> bug 963150.
 2014-06-04 21:26:33 -07:00
Wan-Teh Chang
a1f15c3eeb Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for 
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
 2014-06-04 21:03:47 -07:00
David Keeler
8292161969 bug 1003566 - part 2/2: prevent OCSP requests from being upgraded to HTTPS by HSTS r=cviecco 2014-06-04 09:58:28 -07:00
Camilo Viecco
ec7f60ff2a Bug 1021797 - Rename ArenaFalseCleaner to PORT_FreeArena_false. r=keeler 
--HG--
extra : rebase_source : e7316ee06f58f42afbaf68d7e5f7948277fd15fd
 2014-06-06 14:11:08 -07:00
Monica Chew
916aa7eb2c Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Brian Smith
8b0f8d773d Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE 
--HG--
extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369
 2014-06-06 12:04:36 -07:00
Brian Smith
e0cd7eb210 Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco 
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
 2014-06-04 01:28:44 -07:00
Brian Smith
f9aa591c9a Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
 2014-06-04 00:03:28 -07:00
Brian Smith
67bd0799fb Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler 
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
 2014-06-05 15:18:32 -07:00
Brian Smith
86f062c18f Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler 
--HG--
extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b
 2014-05-31 18:54:34 -07:00
Mike Hommey
b161fa67a5 Bug 1027890 - Remove all sorts of build system code dedicated to pymake. r=gps 2014-06-25 08:38:28 +09:00
Jed Davis
0fb3cb7f61 Bug 1014299 - Add times() to seccomp whitelist. r=kang 
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
 2014-06-02 14:52:00 +02:00
Sébastien Blin
5f0477861d Bug 1019722 - Remove a double assignment to lastRdn to fix a minor warning found by scan-build, the LLVM/Clang static analyzer. r=keeler 2014-06-02 20:16:14 +02:00
David Keeler
bd925d243d Bug 1009988 - OCSP tests: Precompute responses to prevent timeouts. r=cviecco 2014-06-02 11:35:27 -07:00
Monica Chew
d31edbefe1 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Brian Smith
279c66a9b8 Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler 
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
 2014-06-03 10:47:25 -07:00
Brian Smith
ecfed7ae84 Bug 1019109: Add DottedOIDToCode.py tool, r=keeler 
--HG--
extra : rebase_source : 44a92234f884af4500bc6eb5a1fc4dd4cfd38dc2
 2014-06-02 10:50:04 -07:00
Cykesiopka
8ab2f2c793 Bug 235230 - Change IDL type of nsIX509Cert::windowTitle to AString; Original patch by Zack Weinberg. r=keeler 2014-06-01 13:59:00 +02:00
Brian Smith
d7a28e81d0 Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco 
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
 2014-05-31 16:32:58 -07:00
Brian Smith
151ad4b5a6 Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco 
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
 2014-05-31 16:55:54 -07:00
Brian Smith
e508e0ac8a Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco 
--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
 2014-05-30 16:46:49 -07:00
Brian Smith
efadae2e83 Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc 
--HG--
extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494
 2014-05-29 22:09:45 -07:00
Brian Smith
4c65ffea41 Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc 
--HG--
extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56
 2014-05-29 23:36:30 -07:00
Phil Ringnalda
00ff571d69 Merge m-i to m-c 2014-05-31 20:29:24 -07:00
ffxbld
e85dc8f55e No bug, Automated HSTS preload list update from host bld-linux64-spot-176 - a=hsts-update 2014-05-31 03:14:44 -07:00
Cykesiopka
fe5e0f327b Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson 2014-05-30 00:01:00 -04:00
Camilo Viecco
d4c50fa1b7 Bug 991815 - Part 2/2 - Tests for OCSP responses up to 1 year old. r=keeler 
--HG--
extra : rebase_source : cc012870da3a165a0a3d0d5c6c9671eeeda37f3f
 2014-05-28 14:08:02 -07:00
Camilo Viecco
5bce267045 Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler 
--HG--
extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8
 2014-05-30 16:12:36 -07:00
Nathan Froyd
7ac1ddf1f6 Bug 1017661 - remove MOZ_NSS_PATCH functionality; r=glandium 2014-05-29 12:16:58 -04:00
Brian Smith
3b00a198b6 Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler 
--HG--
extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f
 2014-05-29 23:37:40 -07:00
Brian Smith
30d9839f83 Bug 1018041: Fix linking error in pkix_ocsp_request_tests when GTest is enabled on Windows, r=keeler 
--HG--
extra : rebase_source : 36c5ee4f5cc40adb1079e34bd309147a662fc45f
 2014-05-29 23:06:10 -07:00
Brian Smith
71bc4ceab5 Bug 1018018: Remove support/mention of proprietary Netscape certificate extensions from PSM, r=cviecco 
--HG--
extra : rebase_source : 758ff9384c040084b1015f8025a4ff9f33590176
 2014-05-29 20:38:25 -07:00
Brian Smith
103251c410 Bug 1010634, Part 6: Enable -Wall with a few exceptions for certverifier, r=cviecco 
--HG--
extra : rebase_source : 611f0d65e7edb74345a4a599a6606de37e3da75e
 2014-05-15 21:56:23 -07:00
Brian Smith
ce6d7b1f43 Bug 1010634, Part 5: Add private destructor to NSSErrorService in line with the XPCOM recommendations, r=cviecco 
--HG--
extra : rebase_source : 1f8b4558114eef0e1a15f51f0c814f16e05f6f76
 2014-05-29 20:18:17 -07:00
Brian Smith
84170040f4 Bug 1010634, Part 3: Fix more warnings in CertVerifier, r=cviecco 
--HG--
extra : rebase_source : 21e79fbc472aeccec7df213e0cd8d99bebfbff75
 2014-05-29 20:17:53 -07:00
David Keeler
4434286b6b bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith 2014-05-28 15:28:03 -07:00
Camilo Viecco
b337f160ed Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler 
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
 2014-05-23 09:47:41 -07:00
Camilo Viecco
f051695b8d Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler 
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
 2014-05-21 15:42:21 -07:00
David Keeler
6c3ad9ab91 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Brian Smith
b14f27897b Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco 
--HG--
extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc
 2014-07-10 22:38:59 -07:00
Ryan VanderMeulen
a7e335a16d Merge m-c to inbound. a=merge 2014-07-11 16:38:04 -04:00
David Keeler
3fc891026c bug 1031543 - allow importing user certificates via certificate manager r=honzab 2014-07-11 11:19:24 -07:00
Brian Smith
af3daeff63 Bug 1031542: Add test case for key usage without any value bits, r=keeler 
--HG--
extra : rebase_source : 25bdc0db6b042fe6fbba61b80cb8a4ac7cb588eb
 2014-06-27 15:21:48 -07:00
Brian Smith
2d9e74e8ee Bug 975229: Remove NSS-based certificate verification, r=keeler 
--HG--
extra : rebase_source : 49cb20f1b51e2d9993a35decd820764e20ad9be9
 2014-06-16 23:13:29 -07:00
Brian Smith
ca4f473450 Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler 
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
 2014-06-20 10:10:51 -07:00
David Keeler
14a4d7a9df bug 1028178 - re-add nsICertificateDialogs to nsNSSDialogs' NS_IMPL_ISUPPORTS declaration r=briansmith 2014-06-20 09:38:08 -07:00
David Keeler
c13f6d39c7 bug 997509 - heed expired Revoked or Unknown OCSP responses r=briansmith 2014-06-20 09:01:57 -07:00
Cykesiopka
00f176ef95 Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler 2014-05-27 20:58:00 +02:00
Camilo Viecco
b07e3b1b23 Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc 
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
 2014-05-27 10:53:40 -07:00
Ryan VanderMeulen
d142e79073 Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures. 
CLOSED TREE
 2014-05-27 14:27:40 -04:00
David Keeler
82eb078310 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Richard Barnes
8d8df0c940 Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler 2014-05-23 15:29:00 +02:00
ffxbld
785d39a051 No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update 2014-05-24 03:14:12 -07:00
Monica Chew
5d9a310465 Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
404c8597ce Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00
Wan-Teh Chang
4f4ef533f5 Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes 
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
 2014-05-22 12:31:09 -07:00
Cykesiopka
d0a5ea9350 Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler 2014-05-22 00:52:00 +02:00
Birunthan Mohanathas
aea8617b92 Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
58641805f1 Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
189593520f Bug 869836 - Part 4: Use EqualsLiteral instead of Equals(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
0e6f3a6562 Bug 869836 - Part 3: Use Append('c') instead of AppendLiteral("c"). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
19bebbc68d Bug 869836 - Part 2: Use AppendLiteral instead of Append(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:50 +03:00
Camilo Viecco
d16b3320e8 Bug 1010594 - Part 2/2 tests - r=keeler 
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
 2014-05-19 13:26:23 -07:00
Camilo Viecco
0c9b112b38 Bug 1010594 - Part 1/2 OCSP url check - r=briansmith 
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
 2014-05-16 13:53:14 -07:00
Camilo Viecco
e7518a4528 Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler 
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
 2014-05-15 08:04:54 -07:00
Richard Barnes
2b33a87b1f Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler 2014-05-16 15:47:00 -04:00
Bob Owen
a597c57860 Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz 2014-05-14 16:09:31 +01:00
Jed Davis
9f78dc2ea0 Bug 920372 - Fix socketcall whitelisting on i386. r=kang 2014-05-20 18:38:14 -07:00
Jed Davis
f6ffcab30d Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang 2014-05-20 18:38:06 -07:00
Jed Davis
ebb89f61f4 Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang 2014-05-20 18:37:53 -07:00
Jed Davis
9e94aea459 Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang 
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h

Updated:
* base/basictypes.h
* base/macros.h

At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require.  However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
 2014-05-20 18:37:45 -07:00
Monica Chew
e9868c3934 Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler) 2014-05-20 13:25:02 -07:00
Richard Barnes
5f5fc30c16 Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched 2014-05-03 08:50:00 +02:00
Chris Peterson
84e89d2fa5 Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith 2014-05-17 20:12:10 -07:00
Monica Chew
88108c8e9f Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler) 2014-05-19 13:24:41 -07:00
Monica Chew
7683ced05a Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler) 2014-05-19 13:04:40 -07:00
David Keeler
cc40dbbc9d bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc 2014-05-19 12:14:51 -07:00
David Keeler
3a148b5121 bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc 2014-05-19 12:14:44 -07:00
David Keeler
c7191763ea bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
David Keeler
1793f7acdc bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith 2014-05-19 11:13:04 -07:00
Marco Castelluccio
51f64d5cbb Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith 2014-05-18 15:42:42 +02:00
ffxbld
5b464da977 No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update 2014-05-17 03:15:04 -07:00
Brian Smith
fe9fcc5bec Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco 
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
 2014-05-14 17:46:32 -07:00
Brian Smith
2912321bc5 Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler 
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
 2014-05-15 18:59:52 -07:00
Brian Smith
f834909bb0 Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler 
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
 2014-05-14 19:30:09 -07:00
Brian Smith
077fb4cfcf Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler 
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
 2014-05-14 01:02:34 -07:00
Brian Smith
921579aca0 Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler 
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
 2014-04-25 20:27:27 -07:00
Brian Smith
33238b8f26 Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler 
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
 2014-05-05 09:55:57 -07:00
Monica Chew
94e8967a9f Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler) 2014-05-15 16:56:51 -07:00
Monica Chew
010f4a4ced Bug 1006594: Implement moz-specific telemetry (r=keeler) 2014-05-14 16:36:46 -07:00
David Keeler
aa1dddedcd backout dfc04fd0a41f (bug 1002814) for gtest breakage 2014-05-14 11:08:20 -07:00
David Keeler
478d0a6460 bug 1005266 - disable strict timeout checking in test_ocsp_timeout.js on WinXP because of frequent failures r=mmc 2014-05-14 09:57:10 -07:00
David Keeler
cd165343b0 bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
Patrick McManus
1e673cbacc bug 1006804 - psm interface for kea size and make kea available in preliminary handshake r=keeler r=honzab 2014-05-06 17:22:25 -04:00
Gervase Markham
a28ceb8833 Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith. 2014-05-14 14:37:25 +01:00
Monica Chew
730c8da49a Bug 1009720: Telemetry for CERT_PINNING_TEST_RESULTS (r=keeler) 2014-05-13 13:50:13 -07:00
David Keeler
2bf68f16b6 bug 1005355 - look for PSM test binaries in /data/local/xpcb/ on Android/B2G r=mmc 2014-05-12 14:38:00 -07:00
Monica Chew
9aae1d6105 Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler) 2014-05-08 17:18:50 -07:00
Carsten "Tomcat" Book
364ad99c8f Merge mozilla-central to mozilla-inbound 2014-05-12 13:48:01 +02:00
Carsten "Tomcat" Book
0eef94abf9 merge mozilla-inbound to mozilla-central 2014-05-12 13:33:19 +02:00
ffxbld
849b0f7cb9 No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update 2014-05-10 03:26:08 -07:00
Jacek Caban
729caf70d4 Bug 1005309 - Fixed MSVC detection. 
--HG--
extra : rebase_source : 0b61de1270eb861234539de675c2d381e217f55c
 2014-05-12 11:01:22 +02:00
David Keeler
e1c350091f bug 1005266 - specify a timeout for the socket in test_ocsp_timeout.js r=mmc 2014-05-09 15:17:43 -07:00
Camilo Viecco
4f866e23df Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc 2014-05-09 10:58:47 -07:00
David Keeler
675aff56b2 bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc 2014-05-08 15:33:38 -07:00
David Keeler
ea0182ae63 bug 1007813 - match CreateEncodedCertificate declaration to its definition r=mmc 2014-05-08 11:51:50 -07:00
Wan-Teh Chang
fe569bf1f2 Bug 979703: Update NSS to NSS_3_16_2_BETA1. 
Fix bugs in intel-gcm-x86-masm.asm and re-enable the
Intel AES assembly code. (The fix is by Shay Gueron of Intel.)
Remove an unnecessary loop in intel-gcm-x64-masm.asm r=agl.
 2014-05-08 14:28:47 -07:00
Monica Chew
baff68ca81 Bug 1000354: Fix comment and make test clearer (r=keeler) 2014-05-07 15:48:23 -07:00
Bobby Holley
5a3bee8d99 Bug 997987 - Remove usage of nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger 2014-05-06 15:43:03 -07:00
Jed Davis
3ab8eb01df Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang 2014-05-02 16:57:00 +02:00
Camilo Viecco
b529036d7c Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler 
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
 2014-05-05 13:59:32 -07:00
Wan-Teh Chang
d4f27e6065 Bug 993569: Update to NSS 3.16.1 and NSPR 4.10.5. r=kaie. 2014-05-05 13:51:39 -07:00
Monica Chew
7b1596592f Bug 1005364: Disable pinning for all mozilla properties (r=keeler) 2014-05-04 15:36:38 -07:00
Brian Smith
c92ecd7e9b Bug 1005667: Fix build warning due to buggy test code in pkixtestutil.cpp, r=dholbert 2014-05-04 11:04:48 -07:00
Brian Smith
75f6d3a530 Bug 1005309, Part 2: Enable extended compiler warnings (-W4 -Wall) in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 033574a0b26582753baec003becfaf15bbd85003
extra : histedit_source : 2d52c47f92b8f694203c2eb580b37be78ccf2f9c
 2014-05-03 17:50:26 -07:00
Brian Smith
fc861849bc Bug 1005309, Part 1: Improve type conversion and error checking for hashing done in mozilla::pkix's pkixocsp.cpp. r=mmc 
--HG--
extra : rebase_source : 79c248ebc45d722249ae7adbbd2527dc9985f6f0
extra : histedit_source : 8ea66942cec4252d9d7e625da22b5ad9964485a1
 2014-05-02 11:53:06 -07:00
Brian Smith
f0a3398f72 Bug 1005256: Improve parameter validation in mozilla::pkix::der::Input::GetSECItem, r=mmc 
--HG--
extra : rebase_source : 93b65e103c86747ddaf463e639aacffdf7ccb08f
extra : histedit_source : 10ef0ab13fb9de710ea3c589600db4632f9cf4a0
 2014-05-02 11:52:10 -07:00
Brian Smith
a46aa03484 Bug 1005208: Rename issuerKeyHash to keyHash in mozilla::pkix's pkixocsp.cpp, r=mmc 
--HG--
extra : rebase_source : ede4ed17cb56e3e52325ecadc2c5ded33c4a6013
extra : histedit_source : b727000e81bbc8afa6b9f8188b97065f59da45ad
 2014-05-02 10:40:03 -07:00
Brian Smith
20a90d85b4 Bug 1005198: Make it easy to create test certificates in GTest tests, r=keeler 
--HG--
extra : rebase_source : 0b1ec263a5a1ce1856afb12f11ea4c35c2aa55d0
extra : histedit_source : 40a3a3fc1993de0fcdeb5593a1a1df4dc94832b8
 2014-04-25 19:57:40 -07:00
ffxbld
46be226687 No bug, Automated HSTS preload list update from host bld-linux64-spot-043 - a=hsts-update 2014-05-03 03:18:44 -07:00
David Keeler
4cbe45bef4 bug 1004270 - use SQL cert/key DBs in PSM tests so we can run them on Android r=briansmith 2014-05-02 15:06:29 -07:00
Camilo Viecco
1388a9d276 Bug 951315 - Add telemetry to PK pinning. r=dkeeler 2014-04-30 17:04:00 -07:00
Monica Chew
8d3acf320f Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler 
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
 2014-05-01 14:48:37 -07:00
David Keeler
9bf8c7f01d bug 982248 - NSSCertDBTrustDomain: specify timeout for OCSP requests r=briansmith 2014-05-01 15:07:55 -07:00
Brian Smith
6c43d7c225 Bug 1003290: Fix OID parser template type, r=keeler 
--HG--
extra : rebase_source : c33e450b84234ae7471118c2f8749593a59d9298
 2014-04-25 16:31:30 -07:00
Brian Smith
9ae1a34e11 Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
 2014-04-25 16:29:26 -07:00
Brian Smith
456d4f8a4d Bug 1002929: Avoid implicit conversion of Result to boolean in mozilla::der::GeneralizedTime, r=keeler 
--HG--
extra : rebase_source : 8966d41f1837611b83ac84b347aeddfade9bc949
 2014-04-24 16:08:30 -07:00
Monica Chew
7de05bc8ba Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 20:11:35 -07:00
Monica Chew
1d5150d986 Backed out changeset 9c8fbf297d51 
Camilo did not land his patch that this depends on, my bad.
 2014-04-30 20:01:34 -07:00
Monica Chew
68b3043845 Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 19:56:03 -07:00
Monica Chew
18421a4364 Bug 998057: Add test pinset to the pin generator (r=cviecco) 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.der => security/manager/boot/src/default-ee.der
 2014-04-30 15:30:44 -07:00
Camilo Viecco
a54a4f05cf Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler 
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
 2014-02-05 14:49:10 -08:00
Richard Barnes
aaca84b128 Bug 1003604 - Make nsNSSShutDownObject::isAlreadyShutDown() const. r=dkeeler 2014-04-29 17:45:00 +02:00
Rodrigo Rodriguez Jr.
3a5329b969 Bug 952650 (part 11) - Remove JSVAL_TO_INT. r=njn. 
--HG--
extra : rebase_source : 41923458bbf8fd957c9a57685df4969f1190bd9f
 2014-04-27 19:55:08 -07:00
Rodrigo Rodriguez Jr.
9a92d22f5a Bug 952650 (part 9) - Remove JSVAL_IS_INT. r=njn. 
--HG--
extra : rebase_source : dc0c170914c2370c218cdbbe671d2a68628f5a87
 2014-04-27 19:47:02 -07:00
Rodrigo Rodriguez Jr.
d3fe3aaf5d Bug 952650 (part 1) - Remove JSVAL_IS_NULL. r=terrence. 
--HG--
extra : rebase_source : 83d1cdaf71260fd99b688c23303ceb2de7b00031
 2014-04-27 19:30:51 -07:00
Wan-Teh Chang
5cf2107a2e Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 4. This disables 
the new Intel AES assembly code on Windows. r=kaie.
 2014-04-29 16:13:03 -07:00
Camilo Viecco
9d294dbe70 Bug 744204 - Allow Key pining part 1 - Built-in Pinning Service. r=keeler 2013-06-20 10:35:43 -07:00
David Keeler
388e440bec bug 977865 - mozilla::pkix: add backoff for ocsp fetching when a responder fails r=cviecco 2014-04-28 16:38:15 -07:00
Brian Smith
4cbf0ef630 Bug 998067: Add utility code for making it easier to create GTests based on NSS, r=keeler 
--HG--
extra : rebase_source : 8ae08d1ccc9329aa567cfc7ac590ddb026155bae
 2014-04-16 21:38:01 -07:00
Brian Smith
8c0e54d6a8 Bug 1000544: Use "Fail(x, y)" instead of "PR_SetError(y, 0); return x;" more consistently, r=mmc 
--HG--
extra : rebase_source : 96addac738b8ffe39c7a92d546388d5f13fc2340
 2014-04-23 14:13:32 -07:00
Brian Smith
bd4b0a0668 Bug 1000482: Remove unused stapledOCSPResponse parmaeter from BuildForwardInner, r=mmc, r=keeler 
--HG--
extra : rebase_source : b5d67d3488aa3df5690a7dd2b76495ac4986a723
 2014-04-23 13:42:38 -07:00
Brian Smith
d6bedee1bf Bug 1000483: Remove unused isTrustAnchor parameter from CheckKeyUsage, r=cviecco 
--HG--
extra : rebase_source : 96e7b76362d6219193c814d35c332aae2ed5b48f
 2014-04-23 13:38:19 -07:00
Wan-Teh Chang
8063163ac9 Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 3. The main change 
is https://hg.mozilla.org/projects/nss/rev/7e8485a5ed49.
 2014-04-27 20:39:24 -07:00
Birunthan Mohanathas
5f1fde8824 Bug 900908 - Part 3: Change uses of numbered macros in nsIClassInfoImpl.h/nsISupportsImpl.h to the variadic variants. r=froydnj 2014-04-27 03:06:00 -04:00
Ryan VanderMeulen
345123d0ec Merge m-c to inbound. 2014-04-26 21:41:26 -04:00
ffxbld
01fcf1ea9e No bug, Automated HSTS preload list update from host bld-linux64-spot-425 - a=hsts-update 2014-04-26 03:23:23 -07:00
Nathan Toone
f64a832fc8 Bug 1001585 - Don't build tests directory if --disable-tests is specified. r=briansmith 2014-04-26 11:29:00 -04:00
Arpad Borsos
4136c664aa Bug 474369 - remove nsVoidArray includes; r=ehsan 
--HG--
extra : rebase_source : dd3abeb623fd8b784fd6ba639c88def84a4daf58
 2014-04-26 16:12:45 +02:00
Camilo Viecco
80ec7bb1fa Bug 915930 - Make mozilla::pkix the default certificate verifier for all (not just desktop) r=briansmith 
--HG--
extra : rebase_source : 56402e60078298dc64cf5476afda7c95671a7092
 2014-04-25 13:22:30 -07:00
Wan-Teh Chang
f8b638754f Bug 993569 - Update Mozilla 31 to use NSS 3.16.1 Beta 2. 2014-04-25 06:06:01 -07:00
Honza Bambas
caddd65460 Bug 999306 - Add 'allow-insecure-ntlm-v1' preference for the generic NTLM v1 authentication module, r=jduell 2014-04-24 18:50:46 +02:00
Stefan Arentz
4c3ba2b965 Bug 968490: Add mozilla::pkix::der unit tests (r=cviecco) 2014-03-26 16:00:03 -07:00
Randell Jesup
a39021aa83 Bug 996487: don't null out mThread while committing thread suicide r=bsmedberg 2014-04-22 15:32:13 -04:00
YFdyh000
a57f7dc2fb Bug 995528 - Certificate viewer describes not-valid-before date as issue date. r=honzab, ui-r=philipp 2014-04-21 10:58:04 -04:00
ffxbld
792720cccb No bug, Automated HSTS preload list update from host bld-linux64-spot-454 - a=hsts-update 2014-04-19 03:14:16 -07:00
Randell Jesup
302ba02d64 Bug 988881: clean up CryptoTask (SignedJar) tasks instead of leaking them r=bsmedberg,mayhemer 2014-04-17 02:18:04 -04:00
Anuj Agarwal
8360610c1d Bug 897359 - Remove unimplemented popChallengeResponse, random, and disableRightClick methods. r=bz 2014-04-18 09:32:52 -04:00
David Keeler
ca673b66f0 bug 991898 - mozilla::pkix: temporarily allow empty Extensions in OCSP responses r=briansmith 2014-04-17 16:01:18 -07:00
Camilo Viecco
86f7e1e45e Bug 997795 - Cleanup decodings. r=dkeeler 2014-04-17 14:42:05 -07:00
Jed Davis
3fd7deadb7 Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang 2014-04-17 16:23:23 -04:00
Camilo Viecco
c75a74a16f Bug 992972 - Add sha256SubjectPublicKeyInfoDigest attribute to nsIX509Cert. sr=bsmith 2014-04-07 10:35:57 -07:00
David Keeler
0860109f89 bug 997843 - mozilla::pkix::der::Input::Expect should take a uint16_t as its length argument r=briansmith 2014-04-17 09:50:06 -07:00
Patrick McManus
b720c442dc bug 993591 - PSM HTTP Fetch should own streamloader data r=dkeller r=mayhemmer 2014-04-09 17:48:17 -04:00
David Keeler
5490002e36 bug 982774 - der::ExpectTagAndGetLength: check that input has enough capacity for the length described r=briansmith 2014-04-16 13:30:09 -07:00
David Keeler
b3c8e42deb bug 972753 - OCSP testing: delegated responses and including multiple certificates r=cviecco 2014-04-16 09:31:27 -07:00
Raymond Etornam Agbeame(:retornam)
a5d3b3eea3 Bug 934676 - Remove unused variable 'extracted' in ClientAuthDataRunnable::RunOnTargetThread. r=keeler 2014-04-15 15:46:00 +02:00
Monica Chew
5bda1ea0d1 Bug 991177: Disallow overrides for SEC_ERROR_CA_CERT_INVALID (r=keeler) 2014-04-15 15:35:41 -07:00
Kyle Huey
2c8f15bb95 Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan 
--HG--
extra : rebase_source : 0d14e02c64d548fd3177681248d722683aaa87c3
 2014-04-14 12:04:25 -07:00
David Keeler
d14751b88b bug 994932 - fix error checking in GetOCSPResponseForType r=retornam 2014-04-15 14:21:08 -07:00
Jed Davis
59ee14f2ce Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang 2014-04-11 13:09:00 +02:00
Bobby Holley
3de1018bbe Bug 989528 - Rename AutoSystemCaller to AutoNoJSAPI, and assert against pre-existing exceptions. r=bz 2014-04-14 20:27:00 -07:00
Ryan VanderMeulen
d3859c597c Backed out changesets ddbac34527fe and fa82f32d0c39 (bug 991812) for B2G bustage. 
CLOSED TREE
 2014-04-14 16:16:18 -04:00
Kyle Huey
74215b6cbb Bug 991812: Remove uses of AtomicRefCounted<T> that live in Gecko. r=ehsan 2014-04-14 12:04:25 -07:00
Ryan VanderMeulen
cbdabd4cd4 Merge m-c to inbound on a CLOSED TREE. 2014-04-13 22:52:50 -04:00
ffxbld
e6e67e15d9 No bug, Automated HSTS preload list update from host bld-linux64-spot-327 - a=hsts-update 2014-04-12 03:21:26 -07:00
Mike Kaply
3f38fa6efe Bug #993846 - Add missing stringbundle, r=kaie 2014-04-11 10:07:02 -05:00
David Keeler
13f4429374 bug 993186 - improve test_cert_eku generator r=cviecco 2014-04-09 11:04:00 -07:00
Jed Davis
7f0d9d7eb4 Bug 993145 - Skip attempting seccomp sandboxing if seccomp unavailable. r=kang 2014-04-09 15:23:00 +02:00
Bob Owen
e5a5d4a701 Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz 2014-04-08 16:25:18 +01:00
Boris Zbarsky
e3cb82bf06 Bug 995047 followup. Fix a caller that I missed because it's only compiled on some platforms, so we can reopen the CLOSED TREE 2014-04-12 00:38:06 -04:00
David Keeler
e23cf356dc bug 991209 - mozilla::pkix: allow non-end-entity certs to have OCSP signing EKU r=briansmith 2014-04-10 10:15:02 -07:00
Boris Zbarsky
79dab91ff6 Bug 991742 part 8. Remove the "aScope" argument of WebIDL/nsWrapperCache WrapObject() methods. r=bholley 
This patch was mostly generated with the following command:

find . -name "*.h" -o -name "*.cpp" | xargs sed -e '/WrapObject(JSContext/ {; N; s/\(WrapObject(JSContext *\* *a\{0,1\}[Cc]x\),\n\{0,1\} *JS::Handle<JSObject\*> a\{0,1\}[sS]cope/\1/ ; }' -i ""

and then reverting the changes that made to
dom/bindings/BindingUtils.h, since those WrapObject methods are not
the ones we're trying to change here, plus a bunch of manual fixups
for cases that this command did not catch (including all the callsites
of WrapObject()).
 2014-04-08 18:27:18 -04:00
Boris Zbarsky
d4bd64ee2c Bug 991742 part 6. Remove the "aScope" argument of binding Wrap() methods. r=bholley 
This patch was mostly generated with this command:

find . -name "*.h" -o -name "*.cpp" | xargs sed -e 's/Binding::Wrap(aCx, aScope, this/Binding::Wrap(aCx, this/' -e 's/Binding_workers::Wrap(aCx, aScope, this/Binding_workers::Wrap(aCx, this/' -e 's/Binding::Wrap(cx, scope, this/Binding::Wrap(cx, this/' -i ""

plus a few manual fixes to dom/bindings/Codegen.py, js/xpconnect/src/event_impl_gen.py, and a few C++ files that were not caught in the search-and-replace above.
 2014-04-08 18:27:17 -04:00
Camilo Viecco
816a5b2291 Bug 993569 - Update Mozilla 31 to use NSS 3.16.1. (beta1) r=kaie 2014-04-08 11:38:37 -07:00
Michael Shuen
6d40cad913 Bug 984608 - SECKEY_EncodeDERSubjectPublicKeyInfo and PK11_DEREncodePublicKey take non-const SECKEYPublicKey*. r=briansmith 2014-04-08 11:27:31 -07:00
David Keeler
7271837f38 bug 990603 - test override for server certificate with basic constraints: CA=true r=briansmith 2014-04-08 09:51:45 -07:00
David Keeler
281f1bd79b bug 990603 - mozilla::pkix: defer reporting end-entity cert errors until after path building r=briansmith 2014-04-08 09:49:36 -07:00
Peter Van der Beken
c89c077c14 Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz. 
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 687daf9d78e69fe6ae21f7c1a26503cf88a18b97
 2014-02-15 22:12:34 +01:00
Peter Van der Beken
a5967a49cb Back out 75c95dac7fe0 (bug 984497) and f1b0d3d13755 (bug 990475) to fix bustage on a CLOSED TREE. 
--HG--
extra : rebase_source : a63315cd428faeb95464f6ad76946d1c0c6d36c3
 2014-04-07 22:18:53 +02:00
Peter Van der Beken
12b990ebb7 Bug 984497 - Use SpecialPowers more and change SpecialPower usage to deal with Window on WebIDL bindings. r=bz. 
--HG--
rename : content/media/webspeech/synth/test/test_setup.html => content/media/webspeech/synth/test/file_setup.html
rename : content/media/webspeech/synth/test/test_speech_queue.html => content/media/webspeech/synth/test/file_speech_queue.html
rename : content/media/webspeech/synth/test/test_speech_simple.html => content/media/webspeech/synth/test/file_speech_simple.html
extra : rebase_source : 3662ae8b0f35fefb250c9cd048e848d662863855
 2014-02-15 22:12:34 +01:00
Shu-yu Guo
58623399e3 Bug 989509 - Part 3: security/ (r=cviecco,dkeeler) 2014-04-03 19:29:40 -07:00
Camilo Viecco
f59fb034f2 Bug 987816 - Part 2/3. Update tests to match un-regressed behaviour. r=dkeeler 
--HG--
extra : rebase_source : 7bccc66831f56cede353ec33275449b7bf2560b1
 2014-03-31 09:10:13 -07:00
Camilo Viecco
a4f1be8b68 Bug 987816 - Part 2/3. Test verifying certificateUsageVerifyCA can return OK. r= dkeeler 
--HG--
extra : rebase_source : 8e3f50d58c3c61e0fc843a053370f74d9adac8c0
 2014-03-31 09:10:11 -07:00
Camilo Viecco
930ccc7d4e Bug 987816 - Part 1/3. Allow verifying with certificateUsageVerifyCA. r=dkeeler 
--HG--
extra : rebase_source : 7530839c9c02d56936e322f897de96d80a60a18f
 2014-03-28 10:21:30 -07:00
Jon Coppeard
fb6ccb11db Bug 959787 - Handlify JS_ExecuteScript and JS::Evaluate APIs r=terrence r=bz 2014-04-01 11:34:39 +01:00
Mike Hommey
490ed7cdd4 Bug 988168 - Better integrate gtest libxul in the build system. r=mshal. DONTBUILD 
--HG--
rename : toolkit/library/Makefile.in => toolkit/library/libxul.mk
rename : toolkit/library/moz.build => toolkit/library/libxul.mozbuild
 2014-03-31 13:21:38 +02:00
Mike Hommey
421099347a Backed out changeset 561b9329d832 (bug 988168) for wrong attribution. 2014-04-01 13:17:50 +09:00