Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-07 04:05:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
366,688 Commits 615 Branches 98 Tags 5.9 GiB
502934023e
Commit Graph

8451 Commits

Author SHA1 Message Date
Camilo Viecco
5bce267045 Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler 
--HG--
extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8
 2014-05-30 16:12:36 -07:00
Nathan Froyd
7ac1ddf1f6 Bug 1017661 - remove MOZ_NSS_PATCH functionality; r=glandium 2014-05-29 12:16:58 -04:00
Brian Smith
3b00a198b6 Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler 
--HG--
extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f
 2014-05-29 23:37:40 -07:00
Brian Smith
30d9839f83 Bug 1018041: Fix linking error in pkix_ocsp_request_tests when GTest is enabled on Windows, r=keeler 
--HG--
extra : rebase_source : 36c5ee4f5cc40adb1079e34bd309147a662fc45f
 2014-05-29 23:06:10 -07:00
Brian Smith
71bc4ceab5 Bug 1018018: Remove support/mention of proprietary Netscape certificate extensions from PSM, r=cviecco 
--HG--
extra : rebase_source : 758ff9384c040084b1015f8025a4ff9f33590176
 2014-05-29 20:38:25 -07:00
Brian Smith
103251c410 Bug 1010634, Part 6: Enable -Wall with a few exceptions for certverifier, r=cviecco 
--HG--
extra : rebase_source : 611f0d65e7edb74345a4a599a6606de37e3da75e
 2014-05-15 21:56:23 -07:00
Brian Smith
ce6d7b1f43 Bug 1010634, Part 5: Add private destructor to NSSErrorService in line with the XPCOM recommendations, r=cviecco 
--HG--
extra : rebase_source : 1f8b4558114eef0e1a15f51f0c814f16e05f6f76
 2014-05-29 20:18:17 -07:00
Brian Smith
84170040f4 Bug 1010634, Part 3: Fix more warnings in CertVerifier, r=cviecco 
--HG--
extra : rebase_source : 21e79fbc472aeccec7df213e0cd8d99bebfbff75
 2014-05-29 20:17:53 -07:00
David Keeler
4434286b6b bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith 2014-05-28 15:28:03 -07:00
Camilo Viecco
b337f160ed Bug 1005142 - Part 2/2 - Basic OCSP fetch method tests. r=keeler 
--HG--
extra : rebase_source : 364a5d410eb3743ae0a03ebcf0a258e847d71743
 2014-05-23 09:47:41 -07:00
Camilo Viecco
f051695b8d Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler 
--HG--
extra : rebase_source : ee4a86bf02a466a31de8b0b6cd7ce375a7f28c6d
 2014-05-21 15:42:21 -07:00
David Keeler
6c3ad9ab91 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Cykesiopka
00f176ef95 Bug 972702 - Make Cert Viewer details tab content resizable. r=keeler 2014-05-27 20:58:00 +02:00
Camilo Viecco
b07e3b1b23 Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc 
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
 2014-05-27 10:53:40 -07:00
Ryan VanderMeulen
d142e79073 Backed out changeset d5da62e82faf (bug 995801) for test_browserElement_oop_SecurityChange.html failures. 
CLOSED TREE
 2014-05-27 14:27:40 -04:00
David Keeler
82eb078310 bug 995801 - cache nsNSSCertificate::mCachedEVStatus on disk r=mayhemer 2014-01-10 11:13:03 -08:00
Richard Barnes
8d8df0c940 Bug 998803 - Add support for RSA encryption and signing to WebCrypto API. r=bz,dkeeler 2014-05-23 15:29:00 +02:00
ffxbld
785d39a051 No bug, Automated HSTS preload list update from host bld-linux64-spot-1068 - a=hsts-update 2014-05-24 03:14:12 -07:00
Monica Chew
5d9a310465 Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
404c8597ce Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00
Wan-Teh Chang
4f4ef533f5 Bug 1009794: Update NSS to NSS_3_16_2_BETA2, which also includes fixes 
for bug 999893, bug 1011090, bug 1009785, bug 421391, and bug 1011229.
 2014-05-22 12:31:09 -07:00
Cykesiopka
d0a5ea9350 Bug 622332 - Show cert SHA-256 fingerprint and remove MD5 fingerprint. r=keeler 2014-05-22 00:52:00 +02:00
Birunthan Mohanathas
aea8617b92 Bug 869836 - Part 7: Use AppendLiteral instead of Append where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
58641805f1 Bug 869836 - Part 6: Use EqualsLiteral instead of Equals where possible. r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
189593520f Bug 869836 - Part 4: Use EqualsLiteral instead of Equals(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
0e6f3a6562 Bug 869836 - Part 3: Use Append('c') instead of AppendLiteral("c"). r=ehsan 2014-05-22 06:48:51 +03:00
Birunthan Mohanathas
19bebbc68d Bug 869836 - Part 2: Use AppendLiteral instead of Append(NS_LITERAL_STRING(...)). r=ehsan 2014-05-22 06:48:50 +03:00
Camilo Viecco
d16b3320e8 Bug 1010594 - Part 2/2 tests - r=keeler 
--HG--
extra : rebase_source : 4ca9623b815544edc58308544fa85b192c2f31f3
 2014-05-19 13:26:23 -07:00
Camilo Viecco
0c9b112b38 Bug 1010594 - Part 1/2 OCSP url check - r=briansmith 
--HG--
extra : rebase_source : 0b26339d33db90722401ae1d8ac255d0390aea30
 2014-05-16 13:53:14 -07:00
Camilo Viecco
e7518a4528 Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler 
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
 2014-05-15 08:04:54 -07:00
Richard Barnes
2b33a87b1f Bug 995385 - Ensure that NSS is initialzed for CryptoTasks. r=dkeeler 2014-05-16 15:47:00 -04:00
Bob Owen
a597c57860 Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz 2014-05-14 16:09:31 +01:00
Jed Davis
9f78dc2ea0 Bug 920372 - Fix socketcall whitelisting on i386. r=kang 2014-05-20 18:38:14 -07:00
Jed Davis
f6ffcab30d Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang 2014-05-20 18:38:06 -07:00
Jed Davis
ebb89f61f4 Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang 2014-05-20 18:37:53 -07:00
Jed Davis
9e94aea459 Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang 
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h

Updated:
* base/basictypes.h
* base/macros.h

At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require.  However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
 2014-05-20 18:37:45 -07:00
Monica Chew
e9868c3934 Bug 1013504: Introduce error file for genHPKPStaticPins.js (r=keeler) 2014-05-20 13:25:02 -07:00
Richard Barnes
5f5fc30c16 Bug 1005375 - Add an API that allows CryptoTasks to be created without being dispatched 2014-05-03 08:50:00 +02:00
Chris Peterson
84e89d2fa5 Bug 1007708 - Part 1: Fix warnings in security/pkix/test/ and mark as FAIL_ON_WARNINGS. r=briansmith 2014-05-17 20:12:10 -07:00
Monica Chew
88108c8e9f Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler) 2014-05-19 13:24:41 -07:00
Monica Chew
7683ced05a Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler) 2014-05-19 13:04:40 -07:00
David Keeler
cc40dbbc9d bug 986150 - fix some comments in mozilla::pkix DER tests r=mmc 2014-05-19 12:14:51 -07:00
David Keeler
3a148b5121 bug 986150 - test mozilla::pkix::der::OptionalBoolean r=mmc 2014-05-19 12:14:44 -07:00
David Keeler
c7191763ea bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
David Keeler
1793f7acdc bug 1002814 - retry PK11_GenerateKeyPair when it fails non-fatally r=briansmith 2014-05-19 11:13:04 -07:00
Marco Castelluccio
51f64d5cbb Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith 2014-05-18 15:42:42 +02:00
ffxbld
5b464da977 No bug, Automated HSTS preload list update from host bld-linux64-spot-358 - a=hsts-update 2014-05-17 03:15:04 -07:00
Brian Smith
fe9fcc5bec Bug 1010634, Part 1: Fix compiler warnings in certverifier, r=cviecco 
--HG--
extra : rebase_source : f8d925f042040368b038b62bc1d0c9d4d6d04618
 2014-05-14 17:46:32 -07:00
Brian Smith
2912321bc5 Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler 
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
 2014-05-15 18:59:52 -07:00
Brian Smith
f834909bb0 Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler 
--HG--
extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39
 2014-05-14 19:30:09 -07:00
Brian Smith
077fb4cfcf Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler 
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
 2014-05-14 01:02:34 -07:00
Brian Smith
921579aca0 Bug 989564, Part 2: Remove CERTCertificate dependency from CheckBasicConstraints, r=keeler 
--HG--
extra : rebase_source : c0ce62f44109cbcdf65da770a1154814733a6b49
 2014-04-25 20:27:27 -07:00
Brian Smith
33238b8f26 Bug 989564, Part 1: Decode basic constraints extension using mozilla::pkix::der, r=keeler 
--HG--
extra : rebase_source : 89560218a69596868cb8a93c69ee72656b0abf77
 2014-05-05 09:55:57 -07:00
Monica Chew
94e8967a9f Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler) 2014-05-15 16:56:51 -07:00
Monica Chew
010f4a4ced Bug 1006594: Implement moz-specific telemetry (r=keeler) 2014-05-14 16:36:46 -07:00
David Keeler
aa1dddedcd backout dfc04fd0a41f (bug 1002814) for gtest breakage 2014-05-14 11:08:20 -07:00
David Keeler
478d0a6460 bug 1005266 - disable strict timeout checking in test_ocsp_timeout.js on WinXP because of frequent failures r=mmc 2014-05-14 09:57:10 -07:00
David Keeler
cd165343b0 bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith 2014-05-14 10:05:32 -07:00
Patrick McManus
1e673cbacc bug 1006804 - psm interface for kea size and make kea available in preliminary handshake r=keeler r=honzab 2014-05-06 17:22:25 -04:00
Gervase Markham
a28ceb8833 Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith. 2014-05-14 14:37:25 +01:00
Monica Chew
730c8da49a Bug 1009720: Telemetry for CERT_PINNING_TEST_RESULTS (r=keeler) 2014-05-13 13:50:13 -07:00
David Keeler
2bf68f16b6 bug 1005355 - look for PSM test binaries in /data/local/xpcb/ on Android/B2G r=mmc 2014-05-12 14:38:00 -07:00
Monica Chew
9aae1d6105 Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler) 2014-05-08 17:18:50 -07:00
Carsten "Tomcat" Book
364ad99c8f Merge mozilla-central to mozilla-inbound 2014-05-12 13:48:01 +02:00
Carsten "Tomcat" Book
0eef94abf9 merge mozilla-inbound to mozilla-central 2014-05-12 13:33:19 +02:00
ffxbld
849b0f7cb9 No bug, Automated HSTS preload list update from host bld-linux64-spot-382 - a=hsts-update 2014-05-10 03:26:08 -07:00
Jacek Caban
729caf70d4 Bug 1005309 - Fixed MSVC detection. 
--HG--
extra : rebase_source : 0b61de1270eb861234539de675c2d381e217f55c
 2014-05-12 11:01:22 +02:00
David Keeler
e1c350091f bug 1005266 - specify a timeout for the socket in test_ocsp_timeout.js r=mmc 2014-05-09 15:17:43 -07:00
Camilo Viecco
4f866e23df Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc 2014-05-09 10:58:47 -07:00
David Keeler
675aff56b2 bug 1007962 - CreateEncodedCertificate should take a SECItem as its serialNumber argument r=mmc 2014-05-08 15:33:38 -07:00
David Keeler
ea0182ae63 bug 1007813 - match CreateEncodedCertificate declaration to its definition r=mmc 2014-05-08 11:51:50 -07:00
Wan-Teh Chang
fe569bf1f2 Bug 979703: Update NSS to NSS_3_16_2_BETA1. 
Fix bugs in intel-gcm-x86-masm.asm and re-enable the
Intel AES assembly code. (The fix is by Shay Gueron of Intel.)
Remove an unnecessary loop in intel-gcm-x64-masm.asm r=agl.
 2014-05-08 14:28:47 -07:00
Monica Chew
baff68ca81 Bug 1000354: Fix comment and make test clearer (r=keeler) 2014-05-07 15:48:23 -07:00
Bobby Holley
5a3bee8d99 Bug 997987 - Remove usage of nsIScriptSecurityManager::GetSubjectPrincipal. r=Ms2ger 2014-05-06 15:43:03 -07:00
Jed Davis
3ab8eb01df Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang 2014-05-02 16:57:00 +02:00
Camilo Viecco
b529036d7c Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler 
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
 2014-05-05 13:59:32 -07:00
Wan-Teh Chang
d4f27e6065 Bug 993569: Update to NSS 3.16.1 and NSPR 4.10.5. r=kaie. 2014-05-05 13:51:39 -07:00
Monica Chew
7b1596592f Bug 1005364: Disable pinning for all mozilla properties (r=keeler) 2014-05-04 15:36:38 -07:00
Brian Smith
c92ecd7e9b Bug 1005667: Fix build warning due to buggy test code in pkixtestutil.cpp, r=dholbert 2014-05-04 11:04:48 -07:00
Brian Smith
75f6d3a530 Bug 1005309, Part 2: Enable extended compiler warnings (-W4 -Wall) in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 033574a0b26582753baec003becfaf15bbd85003
extra : histedit_source : 2d52c47f92b8f694203c2eb580b37be78ccf2f9c
 2014-05-03 17:50:26 -07:00
Brian Smith
fc861849bc Bug 1005309, Part 1: Improve type conversion and error checking for hashing done in mozilla::pkix's pkixocsp.cpp. r=mmc 
--HG--
extra : rebase_source : 79c248ebc45d722249ae7adbbd2527dc9985f6f0
extra : histedit_source : 8ea66942cec4252d9d7e625da22b5ad9964485a1
 2014-05-02 11:53:06 -07:00
Brian Smith
f0a3398f72 Bug 1005256: Improve parameter validation in mozilla::pkix::der::Input::GetSECItem, r=mmc 
--HG--
extra : rebase_source : 93b65e103c86747ddaf463e639aacffdf7ccb08f
extra : histedit_source : 10ef0ab13fb9de710ea3c589600db4632f9cf4a0
 2014-05-02 11:52:10 -07:00
Brian Smith
a46aa03484 Bug 1005208: Rename issuerKeyHash to keyHash in mozilla::pkix's pkixocsp.cpp, r=mmc 
--HG--
extra : rebase_source : ede4ed17cb56e3e52325ecadc2c5ded33c4a6013
extra : histedit_source : b727000e81bbc8afa6b9f8188b97065f59da45ad
 2014-05-02 10:40:03 -07:00
Brian Smith
20a90d85b4 Bug 1005198: Make it easy to create test certificates in GTest tests, r=keeler 
--HG--
extra : rebase_source : 0b1ec263a5a1ce1856afb12f11ea4c35c2aa55d0
extra : histedit_source : 40a3a3fc1993de0fcdeb5593a1a1df4dc94832b8
 2014-04-25 19:57:40 -07:00
ffxbld
46be226687 No bug, Automated HSTS preload list update from host bld-linux64-spot-043 - a=hsts-update 2014-05-03 03:18:44 -07:00
David Keeler
4cbe45bef4 bug 1004270 - use SQL cert/key DBs in PSM tests so we can run them on Android r=briansmith 2014-05-02 15:06:29 -07:00
Camilo Viecco
1388a9d276 Bug 951315 - Add telemetry to PK pinning. r=dkeeler 2014-04-30 17:04:00 -07:00
Monica Chew
8d3acf320f Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler 
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
 2014-05-01 14:48:37 -07:00
David Keeler
9bf8c7f01d bug 982248 - NSSCertDBTrustDomain: specify timeout for OCSP requests r=briansmith 2014-05-01 15:07:55 -07:00
Brian Smith
6c43d7c225 Bug 1003290: Fix OID parser template type, r=keeler 
--HG--
extra : rebase_source : c33e450b84234ae7471118c2f8749593a59d9298
 2014-04-25 16:31:30 -07:00
Brian Smith
9ae1a34e11 Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc 
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
 2014-04-25 16:29:26 -07:00
Brian Smith
456d4f8a4d Bug 1002929: Avoid implicit conversion of Result to boolean in mozilla::der::GeneralizedTime, r=keeler 
--HG--
extra : rebase_source : 8966d41f1837611b83ac84b347aeddfade9bc949
 2014-04-24 16:08:30 -07:00
Monica Chew
7de05bc8ba Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 20:11:35 -07:00
Monica Chew
1d5150d986 Backed out changeset 9c8fbf297d51 
Camilo did not land his patch that this depends on, my bad.
 2014-04-30 20:01:34 -07:00
Monica Chew
68b3043845 Bug 998057: Add tests for certificate pinning (r=cviecco,dkeeler) 2014-04-30 19:56:03 -07:00
Monica Chew
18421a4364 Bug 998057: Add test pinset to the pin generator (r=cviecco) 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.der => security/manager/boot/src/default-ee.der
 2014-04-30 15:30:44 -07:00
Camilo Viecco
a54a4f05cf Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler 
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
 2014-02-05 14:49:10 -08:00
Richard Barnes
aaca84b128 Bug 1003604 - Make nsNSSShutDownObject::isAlreadyShutDown() const. r=dkeeler 2014-04-29 17:45:00 +02:00
Rodrigo Rodriguez Jr.
3a5329b969 Bug 952650 (part 11) - Remove JSVAL_TO_INT. r=njn. 
--HG--
extra : rebase_source : 41923458bbf8fd957c9a57685df4969f1190bd9f
 2014-04-27 19:55:08 -07:00
Rodrigo Rodriguez Jr.
9a92d22f5a Bug 952650 (part 9) - Remove JSVAL_IS_INT. r=njn. 
--HG--
extra : rebase_source : dc0c170914c2370c218cdbbe671d2a68628f5a87
 2014-04-27 19:47:02 -07:00