Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-24 02:35:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
460,557 Commits 615 Branches 98 Tags 5.9 GiB
641304978c
Commit Graph

10028 Commits

Author SHA1 Message Date
Panos Astithas
d9c75611cd Make 'Go Back' button work even when there is nothing to go back to (bug 1221084); r=paolo 2015-11-16 15:37:27 +02:00
Cykesiopka
c10edfff85 Bug 1224481 - Comment out CA certs removed in NSS 3.21 in PreloadedHPKPins.json to keep periodic Static HPKP updates working. r=dkeeler 
--HG--
extra : transplant_source : %EAM%5D1%93%28H%BA%82%C0%0F%BB%3D%9E%40%8B%BCx%EB%03
 2015-11-13 07:28:28 -08:00
Cykesiopka
fedad480ea Bug 1222903 - Reject EV status for EV EE certs that are valid for longer than 27 months as well. r=keeler 2015-11-13 07:42:00 +01:00
David Keeler
eae048cea6 bug 1222179 - remove unnecessary observation topics in nsNSSComponent r=Cykesiopka 
nsNSSComponent would (unnecessarily) observe "profile-change-net-teardown" and
"profile-change-net-restore". Now it no longer does.
 2015-11-12 16:21:33 -08:00
Mark Goodwin
9f468cf8f0 Bug 921907 - Enable OCSP must-staple. r=keeler 
--HG--
extra : commitid : LvP86DDj772
extra : rebase_source : e06438c614c00fd9d77ca88886368948f13d6454
extra : histedit_source : f72078bac3dd14d4166ddd3bf24b582b13de1519
 2015-11-20 11:44:25 +00:00
Kai Engert
826cd3d4e3 Bug 1211568, land NSS_3_21_RTM r=martin.thomson, and adjust Makefiles r=mh 2015-11-13 18:03:01 +01:00
Mark Goodwin
a954826958 Bug 901698 - Some tests for OCSP-must-staple; r=keeler 2015-11-13 16:49:09 +00:00
Mark Goodwin
31adb1a5c5 Bug 901698 - Implement OCSP-must-staple; r=keeler 2015-11-13 16:49:08 +00:00
David Keeler
a1cf24355b bug 1223466 - update extended validation information to deal with root removals in NSS 3.21 r=mgoodwin 
These entries were removed:

from bug 1204962:

CN=TC TrustCenter Universal CA III,OU=TC TrustCenter Universal CA,O=TC TrustCenter GmbH,C=DE
SHA-256: 309B4A87F6CA56C93169AAA99C6D988854D7892BD5437E2D07B29CBEDA55D35D
SHA-1: 9656CD7B57969895D0E141466806FBB8C6110687

from bug 1204997:

CN=A-Trust-nQual-03,OU=A-Trust-nQual-03,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT
SHA-256: 793CBF4559B9FDE38AB22DF16869F69881AE14C4B0139AC788A78A1AFCCA02FB
SHA-1: D3C063F219ED073E34AD5D750B327629FFD59AF2

from bug 1208461:

CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
SHA-256: 85FB2F91DD12275A0145B636534F84024AD68B69B8EE88684FF711375805B348
SHA-1: 58119F0E128287EA50FDD987456F4F78DCFAD6D4
 2015-11-10 10:13:18 -08:00
Wes Kocher
ea2623adb5 Merge m-c to inbound, a=merge 
--HG--
extra : commitid : 93SodIi80b2
 2015-11-11 17:12:26 -08:00
Masatoshi Kimura
fa64c65e7c Bug 1219088 - Clear the session cache when a weak crypto override is revoked. r=keeler 2015-11-11 23:13:34 +09:00
Masatoshi Kimura
4b8e5ced0f Bug 1223131 - Don't remove a host from the whitelist if the version fallback was needed. r=keeler 2015-11-12 07:18:37 +09:00
Ehsan Akhgari
eac2db7101 Bug 1215723 - Part 5: Add an automated test; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
eb4d13fb3b Bug 1215723 - Part 4: Make isSecureHost and isSecureURI usable from the content process; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
78ee50aca4 Bug 1215723 - Part 3: Propagate updates to DataStorage from the parent process to the content processes; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
9aa975d49d Bug 1215723 - Part 2: Initialize DataStorage items in the content process from the data in the parent; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
3810eb599b Bug 1215723 - Part 1: Make DataStorage a singleton for each file name; r=keeler 
This is needed so that we'd be able to identify a DataStorage instance
based on its file name.
 2015-11-02 12:33:00 -05:00
David Keeler
29b3d15dde bug 1220223 - don't load PKCS11 modules in safe mode r=mgoodwin r=bsmedberg 2015-10-30 10:37:22 -07:00
Wes Kocher
4c7afc9339 Backed out 5 changesets (bug 1215723) for android S4 bustage 
Backed out changeset 2a945ce1cd40 (bug 1215723)
Backed out changeset dd7f58b60ddc (bug 1215723)
Backed out changeset 62dbb95bd79a (bug 1215723)
Backed out changeset b31ac98bb3c8 (bug 1215723)
Backed out changeset 228cdfaa82c1 (bug 1215723)

--HG--
extra : commitid : 70ygtTBi2V5
 2015-11-06 15:19:35 -08:00
Ehsan Akhgari
334376c936 Bug 1215723 - Part 5: Add an automated test; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
498c385ee1 Bug 1215723 - Part 4: Make isSecureHost and isSecureURI usable from the content process; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
06479e6793 Bug 1215723 - Part 3: Propagate updates to DataStorage from the parent process to the content processes; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
999f1ba408 Bug 1215723 - Part 2: Initialize DataStorage items in the content process from the data in the parent; r=keeler 2015-10-30 15:30:00 -04:00
Ehsan Akhgari
6e561438d9 Bug 1215723 - Part 1: Make DataStorage a singleton for each file name; r=keeler 
This is needed so that we'd be able to identify a DataStorage instance
based on its file name.
 2015-11-02 12:33:00 -05:00
David Keeler
7380482a28 bug 1218596 - remove nsPSMInitPanic and other unnecessary things from nsNSSComponent r=Cykesiopka r=jcj 2015-10-26 16:02:19 -07:00
Wes Kocher
37b7f2920b Backed out changeset ae1885cf1fd6 (bug 1218596) for windows build bustage CLOSED TREE 
--HG--
extra : commitid : 6GZJDFkoL81
 2015-11-05 17:48:53 -08:00
Mike Hommey
762aba02cd Bug 1221453 - Use ObjDirPaths for GENERATED_INCLUDES and merge with LOCAL_INCLUDES. r=gps 2015-11-06 09:59:21 +09:00
David Keeler
9d11e85ed9 bug 1218596 - remove nsPSMInitPanic and other unnecessary things from nsNSSComponent r=Cykesiopka r=jcj 2015-10-26 16:02:19 -07:00
Chris Manchester
8ffd9ff2ed Bug 1218999 - Back out changeset 5f32b2bcfa43 (bug 1188468) in favor of a more efficient solution. r=glandium 
Bug 118468 landed an option for FileAvoidWrite to always write to an output
file, whether or not the contents would be changed. This was to address a
problem caused by not updating mtimes when building GENERATED_FILES, but
undoes the purpose of FileAvoidWrite and isn't really necessary.
This is addressed in a subsequent commit by unconditionally updating
mtimes when processing GENERATED_FILES.

--HG--
extra : commitid : AfOhgUstokq
 2015-11-03 10:23:04 -08:00
Cykesiopka
34ca9c027f Bug 1110935 - Part 3 - Remove now unnecessary temp variables. r=keeler 2015-11-02 22:11:00 +01:00
Cykesiopka
f625d9c9b9 Bug 1110935 - Part 2 - Remove ReentrantMonitor and ReentrantMonitorAutoEnter uses. r=keeler 2015-11-02 22:10:00 +01:00
Cykesiopka
9e34144349 Bug 1110935 - Part 1 - Assert we're on the main thread on public methods. r=keeler 2015-11-02 22:09:00 +01:00
Phil Ringnalda
7c5e9caf26 Back out changeset bda43f333e1a (bug 1211568) for "Could not find EV root in NSS storage" assertion failures 
CLOSED TREE
 2015-11-10 08:18:47 -08:00
Kai Engert
a24d95bb6d Bug 1211568, land NSS_3_21_RTM r=martin.thomson, and adjust Makefiles r=mh 2015-11-10 16:24:15 +01:00
Jed Davis
8be1ae39c7 Bug 1207790 - Fix sandbox build for older Linux distributions. r=gdestuynder 2015-10-30 15:13:00 +01:00
Birunthan Mohanathas
9985829ecc Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj 2015-11-02 07:53:26 +02:00
Cykesiopka
581125e850 Bug 1186817 - Replace nsBaseHashtable::EnumerateRead() calls in security/ with iterators. r=keeler 
--HG--
extra : histedit_source : ec44c79c05d3fb73cd720a9d5315ff781af812f1
 2015-10-30 07:50:09 -07:00
David Keeler
1443993537 bug 1218515 - flip pinning-test.badssl.com into production mode r=jcj DONTBUILD NPOTB 
pinning-test.badssl.com is a test domain for preloaded HPKP (HTTP Public Key
Pinning - see RFC 7469). By specifying a pinset corresponding to no known keys,
this domain should fail with a key pinning error by default. Also, the
includeSubdomains option is set, so any subdomains should fail as well.
Since Gecko incorporates preloaded pinsets from Chromium, this pinset is already
defined. This patch merely switches it from test mode to production mode (well,
to be more accurate, this patch sets up the input for the automated script that
will make the code change that will put the pinset into production mode).
 2015-10-26 14:39:25 -07:00
Birunthan Mohanathas
44936aabb2 Bug 1217320 - Remove more XPIDL signature comments in .cpp files. r=froydnj 
Comment-only, DONTBUILD.
 2015-10-27 06:54:25 +02:00
David Keeler
3b82e8f390 bug 1217602 - remove nsIPKIParamBlock r=Cykesiopka 
nsIPKIParamBlock was unnecessary.
 2015-10-22 13:11:40 -07:00
Ryan VanderMeulen
44509e6e7e Merge m-c to inbound. 
--HG--
extra : rebase_source : b7fe225cdd43cb770c7d7a1e8d2be6a52678aa7a
 2015-10-24 15:03:15 -04:00
ffxbld
53f7cca550 No bug, Automated HPKP preload list update from host bld-linux64-spot-508 - a=hpkp-update 2015-10-24 03:47:13 -07:00
ffxbld
dfb1f8693f No bug, Automated HSTS preload list update from host bld-linux64-spot-508 - a=hsts-update 2015-10-24 03:47:11 -07:00
Cykesiopka
4ec261d0e7 Bug 1194419 - Remove signature algorithm duplicate use in serial number determination in pycert. r=keeler 2015-10-23 05:13:00 -04:00
Jonathan Hao
3d02a2da65 Bug 1216469 - Bypass verification for signed packages from trust origins. r=valentin 2015-10-22 17:09:44 +08:00
David Keeler
23a0cee1a8 bug 1215690 - remove nsPSMUITracker r=Cykesiopka r=mgoodwin 
nsPSMUITracker was problematic. Apparently it was originally intended to prevent
NSS shutdown while NSS-related UI operations were going on (such as choosing a
client certificate). However, when nsNSSComponent would receive the event that
told it to shutdown NSS, it would attempt to call
mShutdownObjectList->evaporateAllNSSResources(), which would call
mActivityState.restrictActivityToCurrentThread(), which failed if such a UI
operation was in progress. This actually prevented the important part of
evaporateAllNSSResources, which is the releasing of all NSS objects in use by
PSM objects. Importantly, nsNSSComponent didn't check for or handle this failure
and proceeded to call NSS_Shutdown(), leaving PSM in an inconsistent state where
it thought it was okay to keep using the NSS objects it had when in fact it
wasn't.
In any case, nsPSMUITracker isn't really necessary as long as we have the
nsNSSShutDownPreventionLock mechanism, which mostly works and is what we should
use instead (or not at all, if no such lock is needed for the operation being
performed (for example, if no NSS functions are being called)).
 2015-10-16 14:31:57 -07:00
Jed Davis
e31f20875c Bug 1215734 - Expand GeckoMediaPlugin sandbox policy for Clang 3.7 ASan. r=kang 2015-10-22 11:19:37 -07:00
Andrew McCreight
0cb71c483c Bug 1157515 - CipherSuiteChangeObserver should clean itself up. r=keeler 2015-10-22 09:21:51 -07:00
Martin Thomson
9507291e59 Bug 1211568 - Update NSS to 3.21 Beta 3, r=kaie 
--HG--
extra : commitid : 2fCIZ27Gd2I
extra : rebase_source : 57ff0dcc9361618ea53aac7ebea83460cba1c390
 2015-10-23 11:39:23 -07:00
Masatoshi Kimura
6ad41c8aee Bug 1215796 - Remove the static fallback whitelist. r=keeler 2015-10-22 21:37:40 +09:00
Masatoshi Kimura
5feda64143 Bug 1214981 - Disable output stream buffering. r=keeler 2015-10-21 15:23:00 -04:00
Wes Kocher
ceefa2939a Merge b2ginbound to central, a=merge 2015-10-21 16:37:24 -07:00
Wes Kocher
b8596f28a2 Merge inbound to m-c a=merge 2015-10-21 16:28:43 -07:00
J. Ryan Stinnett
7eceb8f4c5 Bug 1203159 - Clean up various tests after DevTools resource move. r=me 2015-10-21 14:18:29 -05:00
Jonathan Hao
e4b1f62b85 Bug 1178448 - Use imported CA in developer mode. r=keeler,valentin 2015-10-08 17:08:45 +08:00
Masatoshi Kimura
886c72f81f Bug 1215795 - Fix documentation in nsIWeakCryptoOverride.idl. r=keeler IGNORE IDL 2015-10-20 20:29:56 +09:00
Carsten "Tomcat" Book
ea5d701c66 Backed out changeset 11e681d48acd (bug 1194419) for S4 Test failures 2015-10-20 12:40:18 +02:00
Kai Engert
a922dcab99 Bug 1215200, NSPR_4_10_10_RTM and NSS 3_20_1_RTM, bump version requirements, r=keeler 2015-10-20 12:34:15 +02:00
Cykesiopka
f21d36e95a Bug 1215779 - Remove broken (non-EC) DSA keygen code. r=keeler 2015-10-19 22:54:00 +02:00
Cykesiopka
fa99ba4063 Bug 1194419 - Remove signature algorithm duplicate use in serial number determination in pycert. r=dkeeler 
--HG--
extra : rebase_source : 14756428ea3f8bc41d746a2e71a5d4914e96f33c
 2015-10-17 09:04:43 -07:00
Bob Owen
2233e7518a Bug 1187031: Move back to using USER_LOCKDOWN for the GMP sandbox policy on Windows. r=aklotz 
This also removes turning off optimization for the Load function. That was an
attempt to fix the side-by-side loading. It may also have helped with ensuring
that the memsets were not optimized, but that has been fixed by Bug 1208892.
 2015-10-21 08:46:57 +01:00
Nathan Froyd
01583602a9 Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat 
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout.  The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.

CLOSED TREE makes big refactorings like this a piece of cake.

 # The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
    xargs perl -p -i -e '
 s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
 s/nsRefPtr ?</RefPtr</g;   # handle declarations and variables
'

 # Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h

 # Handle nsRefPtr.h itself, a couple places that define constructors
 # from nsRefPtr, and code generators specially.  We do this here, rather
 # than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
 # things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
     mfbt/nsRefPtr.h \
     xpcom/glue/nsCOMPtr.h \
     xpcom/base/OwningNonNull.h \
     ipc/ipdl/ipdl/lower.py \
     ipc/ipdl/ipdl/builtin.py \
     dom/bindings/Codegen.py \
     python/lldbutils/lldbutils/utils.py

 # In our indiscriminate substitution above, we renamed
 # nsRefPtrGetterAddRefs, the class behind getter_AddRefs.  Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
    xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'

if [ -d .git ]; then
    git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
    hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi

--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
 2015-10-18 01:24:48 -04:00
Nathan Froyd
583afa0965 Bug 1207245 - part 3 - switch all uses of mozilla::RefPtr<T> to nsRefPtr<T>; r=ehsan 
This commit was generated using the following script, executed at the
top level of a typical source code checkout.

 # Don't modify select files in mfbt/ because it's not worth trying to
 # tease out the dependencies currently.
 #
 # Don't modify anything in media/gmp-clearkey/0.1/ because those files
 # use their own RefPtr, defined in their own RefCounted.h.
find . -name '*.cpp' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
    grep -v 'mfbt/RefPtr.h' | \
    grep -v 'mfbt/nsRefPtr.h' | \
    grep -v 'mfbt/RefCounted.h' | \
    grep -v 'media/gmp-clearkey/0.1/' | \
    xargs perl -p -i -e '
 s/mozilla::RefPtr/nsRefPtr/g; # handle declarations in headers
 s/\bRefPtr</nsRefPtr</g; # handle local variables in functions
 s#mozilla/RefPtr.h#mozilla/nsRefPtr.h#; # handle #includes
 s#mfbt/RefPtr.h#mfbt/nsRefPtr.h#;       # handle strange #includes
'

 # |using mozilla::RefPtr;| is OK; |using nsRefPtr;| is invalid syntax.
find . -name '*.cpp' -o -name '*.mm' | xargs sed -i -e '/using nsRefPtr/d'

 # RefPtr.h used |byRef| for dealing with COM-style outparams.
 # nsRefPtr.h uses |getter_AddRefs|.
 # Fixup that mismatch.
find . -name '*.cpp' -o -name '*.h'| \
    xargs perl -p -i -e 's/byRef/getter_AddRefs/g'
 2015-10-18 00:40:10 -04:00
Phil Ringnalda
9ea53214d8 Merge f-t to m-c, a=merge 2015-10-17 11:19:46 -07:00
Phil Ringnalda
df1ce0b4c5 Merge m-i to m-c, a=merge 2015-10-17 10:16:55 -07:00
ffxbld
39d37ae7b8 No bug, Automated HPKP preload list update from host bld-linux64-spot-1092 - a=hpkp-update 2015-10-17 04:10:53 -07:00
ffxbld
7b8e76fcc8 No bug, Automated HSTS preload list update from host bld-linux64-spot-1092 - a=hsts-update 2015-10-17 04:10:51 -07:00
Masatoshi Kimura
82af783064 Bug 1207137 - Set a security state flag when weak crypto override is needed. r=keeler 2015-10-17 09:38:30 +09:00
Kai Engert
3556fa0bdc Bug 1215200, NSPR_4_10_10_RC1 and NSS_3_20_1_RC0, r=dkeeler 2015-10-16 15:29:23 +02:00
David Keeler
3c1a47a734 bug 1215270 - remove some unused functions from nsNSSShutDown.h r=Cykesiopka 
nsNSSShutDownList::isUIActive() and areSSLSocketsActive() should probably have
been removed as part of bug 807757.
 2015-10-15 13:22:13 -07:00
Nigel Babu
d45a6e832d Backed out changeset b46b688e6295 (bug 1215200) for build bustage ON A CLOSED TREE 2015-10-16 11:52:10 +05:30
Kai Engert
8826499e8a Bug 1215200, Upgrade to NSPR 4.10.10 and NSS 3.20.1, landing release candidate tags, r=dkeeler 2015-10-16 08:04:16 +02:00
Masatoshi Kimura
f4c563b057 Bug 1168635 - Add an XPCOM interface to allow RC4. r=keeler 
--HG--
rename : netwerk/test/unit/test_tls_server.js => security/manager/ssl/tests/unit/test_weak_crypto.js
 2015-10-15 05:48:27 +09:00
Carsten "Tomcat" Book
17a3104f22 Backed out changeset 66e3972e9150 (bug 1168635) 2015-10-14 16:28:41 +02:00
Masatoshi Kimura
00d864d313 Bug 1168635 - Add an XPCOM interface to allow RC4. r=keeler 
--HG--
rename : netwerk/test/unit/test_tls_server.js => security/manager/ssl/tests/unit/test_weak_crypto.js
 2015-10-14 21:12:35 +09:00
David Keeler
49f91fb31f bug 1209695 - fold mochitest test_bug413909.html into xpcshell test_cert_overrides.js r=mgoodwin 
test_bug413909.html doesn't need to be a mochitest. Furthermore,
test_cert_overrides.js tests a lot of the same functionality.
This just moves the unique parts from the old test to a new home
in the xpcshell test (to be specific, some IDN handling and that
"port" -1 is the same as port 443).
 2015-09-29 13:24:19 -07:00
Carsten "Tomcat" Book
a5c0ea6d4f Merge m-c to mozilla-inbound 2015-10-12 11:58:46 +02:00
Carsten "Tomcat" Book
2b1a321946 merge mozilla-inbound to mozilla-central a=merge 2015-10-12 11:57:06 +02:00
ffxbld
214a24da25 No bug, Automated HPKP preload list update from host bld-linux64-spot-138 - a=hpkp-update 2015-10-10 03:46:02 -07:00
ffxbld
8aa9ed515a No bug, Automated HSTS preload list update from host bld-linux64-spot-138 - a=hsts-update 2015-10-10 03:46:00 -07:00
Hiroyuki Ikezoe
3363f1775d Bug 1167627 - Part 6: Use mozinfo in security/. r=dkeeler 2015-10-11 21:49:00 +02:00
Ehsan Akhgari
e6a62c4d9d Bug 1213151 - Part 2: Use SpecialPowers.cleanUpSTSData() in a few tests; r=jdm 2015-10-09 10:56:19 -04:00
Jed Davis
faf361396a Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud 
--HG--
extra : rebase_source : 68565c447e3731e9c562514e8355044cfd8c28b9
 2015-10-07 13:41:00 +02:00
Cykesiopka
2be3b53afa Bug 1205962 - Address some pylint complaints about pycert.py and pykey.py, r=keeler 
Also adds more uses of enumerate() to simplify code.

--HG--
extra : amend_source : 758eee481fa2d93f984f090aaa443b3b5756fb1f
 2015-10-05 23:24:14 -07:00
Jed Davis
1ae9d0519b Bug 930258 - Part 3: a file broker policy for the B2G emulator. r=kang 2015-10-07 22:13:08 -07:00
Jed Davis
562c4e7b57 Bug 930258 - Part 2: seccomp-bpf integration. r=kang 2015-10-07 22:13:08 -07:00
Jed Davis
bd859174ac Bug 930258 - Part 1: The file broker, and unit tests for it. r=kang f=froydnj 2015-10-07 22:13:08 -07:00
David Keeler
9b75f2c0d5 bug 975763 - move test_certificate_overrides.html to test_cert_override_bits_mismatches.js r=mgoodwin 
test_certificate_overrides.html didn't need to be a mochitest.
 2015-09-29 12:39:54 -07:00
Carsten "Tomcat" Book
08997000eb Backed out 2 changesets (bug 1202902) to recking bug 1202902 to be able to reopen inbound on a CLOSED TREE 
Backed out changeset 647025383676 (bug 1202902)
Backed out changeset d70c7fe532c6 (bug 1202902)
 2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book
e7ef778c9d Backed out 1 changesets (bug 1202902) for causing merge conflicts to mozilla-central 
Backed out changeset cfc1820361f5 (bug 1202902)

--HG--
extra : rebase_source : 5d3db72337754bc7ab0ed0c30b2896100411ff92
 2015-10-07 12:13:45 +02:00
Shu-yu Guo
d06b6030f6 Bug 1202902 - Scripted fix the world. 2015-10-06 14:00:31 -07:00
Ben Kelly
65ad5a613b Bug 1210941 P10 Use LOAD_BYPASS_SERVICE_WORKER in nsNSSCallbacks. r=ehsan 2015-10-06 06:37:07 -07:00
Kate McKinley
5955ecaffd Bug 1191414 - gather telemetry on usage of <keygen>. r=keeler,r=vladan 
--HG--
extra : rebase_source : 69aed7cd26800c9a6c6975ab24bf3e5bb3c77730
 2015-09-22 09:52:58 -07:00
Wes Kocher
9bd6e9ee5a Backed out changeset c288fb0952fb (bug 1211568) for build bustage CLOSED TREE 2015-10-05 15:56:08 -07:00
Kai Engert
118b9ae5d0 Bug 1211568 - Upgrade Firefox 44 to NSS 3.21, landing NSS_3_21_Beta2, r=mt 
--HG--
extra : rebase_source : 498e86da715351a7d1712d07e790f8691fd8d213
 2015-10-05 22:42:28 +02:00
Jed Davis
0db519c66f Bug 1207401 - Send B2G sandbox logging to both stderr and logcat. r=kang 2015-10-05 09:21:39 -07:00
Bob Owen
96010550f8 Bug 1207972: Move to using USER_INTERACTIVE and JOB_INTERACTIVE by default for the Windows content sandbox. r=tabraldes 2015-10-05 11:10:46 +01:00
Nicholas Nethercote
7d1c7e0014 Bug 1209351 (part 5) - Optimize nsTHashTable::RemoveEntry() usage in security/. r=keeler. 
--HG--
extra : rebase_source : 74877baad7a7e019c7151efaad96d7b8ccc4b6f5
 2015-09-24 20:44:31 -07:00
Phil Ringnalda
1d51d1b32a Merge m-i to m-c, a=merge 2015-10-03 15:37:39 -07:00
ffxbld
30f46ea33e No bug, Automated HPKP preload list update from host bld-linux64-spot-410 - a=hpkp-update 2015-10-03 03:44:51 -07:00
ffxbld
bde4cad906 No bug, Automated HSTS preload list update from host bld-linux64-spot-410 - a=hsts-update 2015-10-03 03:44:49 -07:00
David Keeler
a81ffd22d7 bug 1205767 - prevent memory leak when generating an EC key with <keygen> r=ttaubert 2015-09-17 14:57:24 -07:00
Tooru Fujisawa
ab6dcb335c Bug 1207499 - Part 8: Remove use of expression closure from security/. r=keeler 
--HG--
extra : commitid : CRZpUoDhoRa
extra : rebase_source : b04cc9260a59cc53f406181c67e6db4560677022
 2015-09-23 18:42:19 +09:00
Kaspar Brand
f0941953dd Bug 278689 - Multiple Certificates with the same subject are not shown in the digital signature select cert combo (only one is shown) r=dkeeler 
--HG--
extra : rebase_source : 442661d99de1c5786c04d49cfcd96a672d3077be
 2015-09-05 07:52:00 +02:00
David Keeler
30706f9f69 bug 1187994 - remove unused file CryptoUtil.h r=jcj 
This probably should have been removed as part of bug 891066.
 2015-07-27 09:56:14 -07:00
David Keeler
ae6538ad30 bug 1203312 - split tlsserver certificates into ocsp_certs and bad_certs r=mgoodwin 
The B2G emulators apparently take ~5 minutes to read 50 certificates into
memory, which causes intermittent test timeouts. This is an attempt to
reduce the number of certificates needed to be read at any given time.

--HG--
rename : security/manager/ssl/tests/unit/tlsserver/badSubjectAltNames.pem.certspec => security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpoch.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpochINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/beforeEpochIssuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ca-used-as-end-entity.pem.certspec => security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.key.keyspec => security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/eeIssuedByNonCA.pem.certspec => security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/eeIssuedByV1Cert.pem.certspec => security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expired-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expired-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expiredINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expiredINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/expiredissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.key.keyspec => security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/inadequateKeySizeEE.pem.certspec => security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/inadequatekeyusage-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ipAddressAsDNSNameInSAN.pem.certspec => security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/md5signature-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/md5signature.pem.certspec => security/manager/ssl/tests/unit/bad_certs/md5signature.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-notYetValid.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-untrusted-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch-untrusted.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatch.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatch.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/mismatchCN.pem.certspec => security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/moz.build => security/manager/ssl/tests/unit/bad_certs/moz.build
rename : security/manager/ssl/tests/unit/tlsserver/noValidNames.pem.certspec => security/manager/ssl/tests/unit/bad_certs/noValidNames.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValid.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValid.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValidINT.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/notYetValidIssuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeCritical.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeCriticalWithExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/nsCertTypeNotCritical.pem.certspec => security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-issuer-ee.pem.certspec => security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.key.keyspec => security/manager/ssl/tests/unit/bad_certs/other-test-ca.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.pem.certspec => security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/self-signed-EE-with-cA-true.pem.certspec => security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/selfsigned-inadequateEKU.pem.certspec => security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/selfsigned.pem.certspec => security/manager/ssl/tests/unit/bad_certs/selfsigned.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-ca.pem.certspec => security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int.pem.certspec => security/manager/ssl/tests/unit/bad_certs/test-int.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/unknownissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/untrusted-expired.pem.certspec => security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/untrustedissuer.pem.certspec => security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/v1Cert.pem.certspec => security/manager/ssl/tests/unit/bad_certs/v1Cert.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ca-used-as-end-entity.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ca-used-as-end-entity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/default-ee.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/default-ee.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/default-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/delegatedSHA1Signer.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/delegatedSHA1Signer.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/delegatedSigner.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/delegatedSigner.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerFromIntermediate.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerFromIntermediate.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerKeyUsageCrlSigning.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerKeyUsageCrlSigning.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerNoExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerNoExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/invalidDelegatedSignerWrongExtKeyUsage.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/invalidDelegatedSignerWrongExtKeyUsage.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ocspEEWithIntermediate.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ocspEEWithIntermediate.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/ocspOtherEndEntity.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/ocspOtherEndEntity.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/other-test-ca.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/other-test-ca.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/other-test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.key.keyspec => security/manager/ssl/tests/unit/ocsp_certs/rsa-1016-keysizeDelegatedSigner.key.keyspec
rename : security/manager/ssl/tests/unit/tlsserver/rsa-1016-keysizeDelegatedSigner.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/rsa-1016-keysizeDelegatedSigner.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-ca.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/test-ca.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int.pem.certspec => security/manager/ssl/tests/unit/ocsp_certs/test-int.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/same-issuer-ee.pem.certspec => security/manager/ssl/tests/unit/test_onecrl/same-issuer-ee.pem.certspec
rename : security/manager/ssl/tests/unit/tlsserver/test-int-ee.pem.certspec => security/manager/ssl/tests/unit/test_onecrl/test-int-ee.pem.certspec
 2015-09-22 17:03:15 -07:00
David Keeler
74e470d1ac bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin 2015-08-24 15:53:07 -07:00
ffxbld
03aa14625c No bug, Automated HPKP preload list update from host bld-linux64-spot-363 - a=hpkp-update 2015-09-26 03:40:59 -07:00
ffxbld
1b40f22c12 No bug, Automated HSTS preload list update from host bld-linux64-spot-363 - a=hsts-update 2015-09-26 03:40:57 -07:00
Jonathan Hao
e2da61623b Bug 1178518 - Add an AppTrustedRoot for signed packaged app. r=keeler 2015-09-07 15:28:21 +08:00
ffxbld
51c75f9eac No bug, Automated HPKP preload list update from host bld-linux64-spot-560 - a=hpkp-update 2015-09-19 03:46:51 -07:00
ffxbld
c354c7fbb7 No bug, Automated HSTS preload list update from host bld-linux64-spot-560 - a=hsts-update 2015-09-19 03:46:49 -07:00
Wes Kocher
21a9e609d5 Backed out changeset a08287c70962 (bug 1203312) for b2g xpcshell failures 2015-09-18 12:53:24 -07:00
David Keeler
4cfc799e53 bug 1203312 - convert tlsserver to generate certificates at build time r=Cykesiopka,mgoodwin 2015-08-24 15:53:07 -07:00
Kate McKinley
163979ae9f Bug 1196039 - Telemetry for certificate lifetime. r=rbarnes,vladan 2015-09-17 10:04:52 -07:00
Nicholas Nethercote
647b520991 Bug 1201135 - Rename pldhash.{h,cpp} to PLDHashTable.{h,cpp}. r=mccr8. 
--HG--
rename : xpcom/glue/pldhash.cpp => xpcom/glue/PLDHashTable.cpp
rename : xpcom/glue/pldhash.h => xpcom/glue/PLDHashTable.h
extra : rebase_source : 06b9d30db96ed78500fd44d9c0b51609103508a3
 2015-09-15 20:49:53 -07:00
Ehsan Akhgari
e23a8d38a3 Bug 1205302 - Disallow intercepting OCSP requests; r=jdm 2015-09-16 19:15:32 -04:00
Nicholas Nethercote
2ee4fd783b Bug 1121760 (part 6) - Move all remaining PL_DHash*() functions into PLDHashTable. r=poiru. 
--HG--
extra : rebase_source : 3cdc975507170d783b02d70f7c7d95c6bf2e1bcd
 2015-09-14 14:23:47 -07:00
Nicholas Nethercote
59683492e5 Bug 1121760 (part 3) - Remove PL_DHashTableRemove(). r=poiru. 
--HG--
extra : rebase_source : c34d693de4aca45f2ea05c2767c8b1007c89df29
 2015-09-14 14:23:24 -07:00
Nicholas Nethercote
479244f7c9 Bug 1121760 (part 2) - Remove PL_DHashTableAdd(). r=poiru. 
--HG--
extra : rebase_source : 41eb939bfb5c925cba58b1af57abce9a4e5fdb30
 2015-09-14 14:23:12 -07:00
Nicholas Nethercote
fcfdd8f54b Bug 1121760 (part 1) - Remove PL_DHashTableSearch(). r=poiru. 
--HG--
extra : rebase_source : 770e1f49a451ecbadd778e071b204611e27cf701
 2015-05-21 00:34:25 -07:00
Shu-yu Guo
64db2267cf Bug 1202902 - Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff) 2015-09-15 11:19:45 -07:00
Cykesiopka
2cdc0c814f Bug 443811 - Use long date format for cert date output. r=keeler 
--HG--
extra : rebase_source : cdd9b41b40125489e55171c1ece54bbd2a0cf947
 2015-09-13 23:33:00 +02:00
Richard Barnes
990593f9cf Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler 2015-09-11 14:52:30 -04:00
ffxbld
c09a97364f No bug, Automated HPKP preload list update from host bld-linux64-spot-542 - a=hpkp-update 2015-09-12 03:39:46 -07:00
ffxbld
28a278226f No bug, Automated HSTS preload list update from host bld-linux64-spot-542 - a=hsts-update 2015-09-12 03:39:44 -07:00
Steven Michaud
218db8d580 Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald 2015-09-10 15:32:42 -05:00
Mark Goodwin
b212375b7e Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler 
1) Added some comments to firefox.js to explain the relationship between
extensions.blocklist.interval and security.onecrl.maximum_staleness_in_seconds
2) Modified default values in firefox.js and mobile.js to set maximum staleness
to 1.25x blocklist interval
3) modified the tests_ev_certs.js xpcshell test to cope with larger maximum
staleness values to address test failures
 2015-09-10 11:10:07 +01:00
Bob Owen
4b37ff400c Bug 1200336: Apply fix for Chromium issue 482784 for sandbox bug when built with VS2015. r=tabraldes 2015-09-10 08:25:20 +01:00
Jed Davis
52cee33b7e Bug 1199481 - Complain more when entering sandboxing code as root. r=kang 2015-08-28 13:37:00 +02:00
Jed Davis
7c8e037b3f Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang 
Bonus fix: don't start the chroot helper unless we're going to use
it.  For this to matter, you'd need a system with unprivileged user
namespaces but no seccomp-bpf (or fake it with env vars) *and* to set
media.gmp.insecure.allow, so this is more to set a good example for
future changes to this code than for functional reasons.
 2015-08-28 12:18:00 +02:00
Nicholas Nethercote
b1cf90c1e5 Bug 1202526 (part 5) - Use PLDHashTable::RemoveEntry() in nsSecureBrowserUIImpl. r=dkeeler. 
This avoids repeating the hash table search in order to remove the entry.
 2015-09-07 19:20:16 -07:00
Jacek Caban
b15946229a Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith 2015-09-09 14:16:59 +02:00
Bob Owen
866768c43e Bug 1197943: Turn off MITIGATION_STRICT_HANDLE_CHECKS for NPAPI process sandbox for causing hangs. r=aklotz 2015-09-09 08:45:25 +01:00
Bob Owen
cd5643f4d3 Bug 1201438: Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy 2015-09-08 11:18:12 +01:00
ffxbld
41bdcbc2ac No bug, Automated HPKP preload list update from host bld-linux64-spot-1098 - a=hpkp-update 2015-09-05 03:41:54 -07:00
ffxbld
3ee4abd6a6 No bug, Automated HSTS preload list update from host bld-linux64-spot-1098 - a=hsts-update 2015-09-05 03:41:52 -07:00
Steven Michaud
6dbfc47ad8 Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald 2015-09-03 19:28:30 -05:00
David Keeler
db0b8dcf48 bug 1196853 - convert test_cert_signatures.js to generate certificates at build time r=jcj 
Also add additional testcases that weren't in the original test (tampered
signatures had been tested, but tampered certificates hadn't been covered).
 2015-08-19 15:59:49 -07:00
ffxbld
d5250da6de No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update 2015-09-03 13:59:53 -07:00
ffxbld
1d00751ccd No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update 2015-09-03 13:59:50 -07:00
Masatoshi Kimura
dbfc3317da Bug 1201024 - Disable unrestricted RC4 fallback and add RC4-only servers to the fallback whitelist. r=cykesiopka 2015-09-03 21:50:52 +09:00
Nick Thomas
5744a154e2 Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka 2015-09-03 22:07:42 +12:00
Masatoshi Kimura
dbd45351dc Bug 1195789 - Update fallback whitelist. r=cykesiopka 2015-09-02 00:44:04 +09:00
Nicholas Nethercote
f44287005f Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium. 
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.

--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
 2015-08-27 20:44:53 -07:00
Ryan VanderMeulen
c7fdbe4d0f Backed out changeset 982be1bbebdf (bug 1199624) for Windows bustage. 2015-08-30 17:09:09 -04:00
Jacek Caban
c8309c6328 Bug 1199624 - Don't use memset and memcmp in files that don't include cstring explicitly. r=briansmith 2015-08-29 07:59:00 -04:00
Cykesiopka
0d6549c972 Bug 1197644 - Remove the security.ssl.warn_missing_rfc5746 pref. r=keeler 
--HG--
extra : transplant_source : %90%28%11%DB%E53%93%7C%F2%D6%5Ek%CC%DC%BE%FAe%F2%896
 2015-08-24 22:53:42 -07:00
Makoto Kato
7073895edf Bug 1196403 - Apply crbug/522201 to support Windows 10 build 10525. r=bobowen 2015-08-25 19:21:08 +09:00
Xidorn Quan
dbaa85ce62 Bug 1188468 - Allow script to force updating a generated file even if the file is actually not changed. r=gps 
--HG--
extra : source : 47b56f2495030d77c446215d8822c31fc32f23b7
 2015-08-25 10:07:43 +10:00