Commit Graph

8451 Commits

Author SHA1 Message Date
Benoit Jacob
e480eacf01 Bug 1027251 - Fix or whitelist dangerous public destructors in security/ - r=bsmith 2014-06-18 22:29:00 -04:00
Monica Chew
633c337197 Bug 1027133: Enable test mode for *.twitter.com (r=keeler) 2014-06-18 16:23:13 -04:00
David Keeler
29ec0cc30a bug 1017826 - follow-up to fix indentation r=me a=whitespace-only DONTBUILD 2014-06-17 09:14:00 -07:00
Harsh Pathak
6c21b7c10e Bug 1017826 - prevent a potential memory leak in OCSPCache::Put. r=keeler 2014-06-16 20:27:00 +02:00
Nathan Froyd
6020c3fe5e Bug 1018375 - part 4 - use a linker script for libnss3 on Linux-like OSes; r=glandium 2014-05-30 14:34:54 -04:00
Nathan Froyd
f2878a277f Bug 1018375 - part 3 - use a static list of NSS def files for MOZ_FOLD_LIBS groveling; r=glandium 2014-06-03 14:23:06 -04:00
Harsh Pathak
b22dcd058f bug 550052 - add length check when decoding key usage bit strings. r=dkeeler 2014-06-10 16:56:00 +02:00
Harsh Pathak
06164477b9 Bug 1017348 - DumpASN1Object/ifdef-ed out code removed. r=dkeeler 2014-06-10 16:58:00 +02:00
Phil Ringnalda
449d05b144 Merge m-i to m-c, a=merge 2014-06-15 09:28:20 -07:00
ffxbld
3f294eaae3 No bug, Automated HSTS preload list update from host bld-linux64-spot-006 - a=hsts-update 2014-06-14 03:14:44 -07:00
Wan-Teh Chang
d0d221e8d4 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 4. Includes fixes for
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150, bug 1007126, bug 1021102.
2014-06-13 14:17:18 -07:00
Camilo Viecco
a8ba8291e3 Bug 998513 - Test GeneralizedTime encodings in mozilla::pkix. r=keeler. 2014-06-13 12:50:11 -07:00
Wes Kocher
e8bddeb342 Merge m-c to fx-team 2014-06-11 18:52:12 -07:00
Monica Chew
e49e9fc82b Bug 1004352: Enable pinning for Google in production mode (r=keeler) 2014-06-11 15:32:37 -07:00
Gijs Kruitbosch
3d4de50d8e Bug 908534 - change of event sink should trigger OnSecurityChange notifications, r=dkeeler 2014-06-11 11:19:17 +01:00
David Keeler
636e3ceae7 bug 1017160 - remove nsINSSCertErrorDialog and implementation r=cviecco 2014-06-09 16:35:35 -07:00
David Keeler
8bf1ded425 bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith 2014-06-09 13:57:44 -07:00
Harsh Pathak
572c9b9d33 Bug 997370 - Update comment in nsIX509Cert.idl to reflect certificate fingerprint instead of public key. r=cviecco 2014-06-09 10:58:00 -04:00
Ryan VanderMeulen
56e2c15baf Merge m-c to inbound on a CLOSED TREE. a=me 2014-06-07 13:36:44 -04:00
ffxbld
d1e9c22279 No bug, Automated HSTS preload list update from host bld-linux64-spot-051 - a=hsts-update 2014-06-07 03:18:25 -07:00
David Keeler
5f24a86888 bug 1019198 - fail handshake if given an expired OCSP response and fetching a new one fails r=briansmith 2014-06-06 09:20:50 -07:00
Camilo Viecco
de303fb49e Bug 1000548 - Leaking arenas allocated in mozilla::pkix r=keeler
--HG--
extra : rebase_source : 6b0aaef098a4fa4d5749013a332b6b7602640b36
2014-06-05 16:28:46 -07:00
Ed Morley
50fc55199f Backed out changeset 189492a9a115 (bug 1020695) for mochitest-2 failures in test_WebCrypto.html; CLOSED TREE 2014-06-05 15:52:01 +01:00
Wan-Teh Chang
890d6ae640 Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-05 07:06:32 -07:00
Wan-Teh Chang
f64f892d7c Revert 8406a2b981c5 to fix build bustage.
> Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
> bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
> bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
> bug 963150.
2014-06-04 21:26:33 -07:00
Wan-Teh Chang
a1f15c3eeb Bug 1020695: Update Mozilla to use NSS 3.16.2 Beta 3. Includes fixes for
bug 1013088, bug 996237, bug 970539, bug 1016567, bug 485732, bug 334013,
bug 959864, bug 1016836, bug 1016811, bug 1018536, bug 996250, bug 1009227,
bug 963150.
2014-06-04 21:03:47 -07:00
David Keeler
8292161969 bug 1003566 - part 2/2: prevent OCSP requests from being upgraded to HTTPS by HSTS r=cviecco 2014-06-04 09:58:28 -07:00
Camilo Viecco
ec7f60ff2a Bug 1021797 - Rename ArenaFalseCleaner to PORT_FreeArena_false. r=keeler
--HG--
extra : rebase_source : e7316ee06f58f42afbaf68d7e5f7948277fd15fd
2014-06-06 14:11:08 -07:00
Monica Chew
916aa7eb2c Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Brian Smith
8b0f8d773d Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE
--HG--
extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369
2014-06-06 12:04:36 -07:00
Brian Smith
e0cd7eb210 Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
2014-06-04 01:28:44 -07:00
Brian Smith
f9aa591c9a Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
2014-06-04 00:03:28 -07:00
Brian Smith
67bd0799fb Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
2014-06-05 15:18:32 -07:00
Brian Smith
86f062c18f Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler
--HG--
extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b
2014-05-31 18:54:34 -07:00
Jed Davis
0fb3cb7f61 Bug 1014299 - Add times() to seccomp whitelist. r=kang
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
2014-06-02 14:52:00 +02:00
Sébastien Blin
5f0477861d Bug 1019722 - Remove a double assignment to lastRdn to fix a minor warning found by scan-build, the LLVM/Clang static analyzer. r=keeler 2014-06-02 20:16:14 +02:00
David Keeler
bd925d243d Bug 1009988 - OCSP tests: Precompute responses to prevent timeouts. r=cviecco 2014-06-02 11:35:27 -07:00
Monica Chew
d31edbefe1 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Brian Smith
279c66a9b8 Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
2014-06-03 10:47:25 -07:00
Brian Smith
ecfed7ae84 Bug 1019109: Add DottedOIDToCode.py tool, r=keeler
--HG--
extra : rebase_source : 44a92234f884af4500bc6eb5a1fc4dd4cfd38dc2
2014-06-02 10:50:04 -07:00
Cykesiopka
8ab2f2c793 Bug 235230 - Change IDL type of nsIX509Cert::windowTitle to AString; Original patch by Zack Weinberg. r=keeler 2014-06-01 13:59:00 +02:00
Brian Smith
d7a28e81d0 Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
2014-05-31 16:32:58 -07:00
Brian Smith
151ad4b5a6 Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
2014-05-31 16:55:54 -07:00
Brian Smith
e508e0ac8a Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco
--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
2014-05-30 16:46:49 -07:00
Brian Smith
efadae2e83 Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc
--HG--
extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494
2014-05-29 22:09:45 -07:00
Brian Smith
4c65ffea41 Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc
--HG--
extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56
2014-05-29 23:36:30 -07:00
Phil Ringnalda
00ff571d69 Merge m-i to m-c 2014-05-31 20:29:24 -07:00
ffxbld
e85dc8f55e No bug, Automated HSTS preload list update from host bld-linux64-spot-176 - a=hsts-update 2014-05-31 03:14:44 -07:00
Cykesiopka
fe5e0f327b Bug 917510 - Replace SHA-1 fingerprints of EV certs in ExtendedValidation.cpp with SHA-2 fingerprints. r=briansmith, r=kwilson 2014-05-30 00:01:00 -04:00
Camilo Viecco
d4c50fa1b7 Bug 991815 - Part 2/2 - Tests for OCSP responses up to 1 year old. r=keeler
--HG--
extra : rebase_source : cc012870da3a165a0a3d0d5c6c9671eeeda37f3f
2014-05-28 14:08:02 -07:00