Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-15 06:15:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
417,506 Commits 615 Branches 98 Tags 5.8 GiB
803079473a
Commit Graph

9492 Commits

Author SHA1 Message Date
Kai Engert
803079473a Bug 1144055, Upgrade Firefox 39 to use NSS 3.19, NSS_3_19_BETA4 to pick up bug 1155279 2015-04-20 21:46:19 +02:00
Phil Ringnalda
7d4e804ec6 Merge m-i to m-c, a=merge 2015-04-18 16:36:32 -07:00
ffxbld
a178fd47b7 No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update 2015-04-18 03:29:47 -07:00
ffxbld
aa4085d52f No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update 2015-04-18 03:29:45 -07:00
David Keeler
e69f0f4b4b bug 1150114 - allow PrintableString to match UTF8String in name constraints checking r=briansmith 2015-04-08 16:17:39 -07:00
Kai Engert
c2568b80a0 Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall 2015-04-17 13:49:43 +02:00
Neil Deakin
af1ece91c4 Bug 1153248, re-enable a bunch of tests that now work with e10s, r=billm 2015-04-16 15:38:12 -04:00
David Keeler
5ff51a7744 bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes 2015-04-07 17:29:05 -07:00
Kai Engert
d15620fcea Bug 1144055 - Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA3, r=nss-confcall 2015-04-17 18:43:30 +02:00
David Keeler
81764496cd bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past 2015-03-25 11:04:49 -07:00
Brian Smith
95bd8011e6 Bug 1154399 - Part 4: Simplify certificate parsing in OCSP responses. r=keeler 
--HG--
extra : rebase_source : caf903d29b0adc22fcc7e87e4fa0019cfa48007e
 2015-04-14 05:33:03 -10:00
Brian Smith
f124561818 Bug 1154399 - Part 3: Simplify OptionalExtensions. r=keeler 
We used to avoid using Nested and NestedOf because they were based on
bind and it was difficult to maintain our std::bind polyfill. Now that
we use lambdas, it is easy to use Nested and NestedOf, so we should do
so wherever it makes the code clearer.

--HG--
extra : rebase_source : 1157d16320b3b211e3ce612b75782e8bd9c55f30
 2015-04-14 05:32:46 -10:00
Brian Smith
d09798e9f5 Bug 1154399 - Part 2: Simplify and un-inline OptionalVersion. r=keeler 
Also fixes the wrong comment. The syntax for version in OCSP and X.509
certs is identical.

--HG--
extra : rebase_source : 744a2998ce8c55a61fbbc1966bc22e4903fa2484
 2015-04-14 05:32:29 -10:00
Brian Smith
0cac719ba9 Bug 1154399 - Part 1: De-templatize and un-inline IntegralValue. r=keeler 
--HG--
extra : rebase_source : 899eaed19b13edc9c257f0ab212d447bb54e607d
 2015-04-14 05:06:41 -10:00
Nathan Froyd
5389bbbf54 Bug 1137437 - move security/apps/ cert header generation to moz.build; r=mshal,keeler 
Moving the cert header generation to GENERATED_FILES means that we can
delete all the manually-written out rules; we can also delete the
export:: rule because the build system automatically builds
GENERATED_FILES during the export phase.  For ease of converion, we opt
to create an empty trusted-app-public.der cert for manifest-signing-root.inc;
partners are free to overwrite that cert with their own.
 2015-02-27 12:50:49 -05:00
Mike Hommey
67e9dfaaf8 Bug 1153114 - Remove anonymous namespace around pkix gtests. r=bsmith 
This avoids -Wunused-variable fatal warnings with GCC 5.0
 2015-04-15 09:21:23 +09:00
Landry Breuil
c755113bc5 Bug 1153090 followup - consistently use sizeof(hash) r=dkeeler 2015-04-14 22:19:18 +02:00
Landry Breuil
88aa8d67cc Bug 1153090 - Unaligned access in cert block list (r=keeler) 2015-04-14 21:19:52 +02:00
Jan Beich
5ab8ccdeac Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith 2015-04-14 14:30:09 +02:00
Brian Smith
566d65be48 Bug 1153738: Make ScopedPtr a minimal proper subset of std::unique_ptr, r=keeler 
Remove all features of ScopedPtr that aren't in std::unique_ptr, and
remove all currently-unused features of ScopedPtr. In particular,
replace |operator=(T*)| with |reset(T* p = nullptr)| and make
|operator bool| explicit.

--HG--
rename : security/pkix/include/pkix/ScopedPtr.h => security/pkix/lib/ScopedPtr.h
extra : rebase_source : 206bfb32aa5a04a4719f28b4aca59fe2f0abbec3
 2015-04-13 00:28:11 -10:00
Brian Smith
b1035c0992 Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler 
--HG--
extra : rebase_source : ea7083439f22cb40d6c97f872ef9866144516745
 2015-04-12 19:57:48 -10:00
Carsten "Tomcat" Book
ede9c4f220 merge mozilla-inbound to mozilla-central a=merge 2015-04-13 12:00:00 +02:00
ffxbld
bd0890186b No bug, Automated HPKP preload list update from host bld-linux64-spot-009 - a=hpkp-update 2015-04-11 03:29:55 -07:00
ffxbld
83c81d6e76 No bug, Automated HSTS preload list update from host bld-linux64-spot-009 - a=hsts-update 2015-04-11 03:29:53 -07:00
Jed Davis
ba1cc023b7 Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang 
This needs more unit tests for the various pieces of what's going on
here (LinuxCapabilities, SandboxChroot, UnshareUserNamespace()) but
that's nontrivial due to needing a single-threaded process -- and
currently they can't be run on Mozilla's CI anyway due to needing user
namespaces, and local testing can just try using GMP and manually
inspecting the child process.  So that will be a followup.
 2015-04-10 18:05:19 -07:00
Jed Davis
6bf3d102d8 Bug 1151607 - Step 1.5: Avoid unlikely false positives in Linux SandboxInfo feature detection. r=kang 
Using the equivalent of release assertions in the patch after this one
is easier to justify if I can't come up with vaguely legitimate reasons
why they might fail; this detects the ones I thought of.
 2015-04-10 18:05:19 -07:00
Jed Davis
32cb9ee32d Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent 
This means that B2G plugin-container must (dynamically) link against
libmozsandbox in order to call into it before initializing Binder.
(Desktop Linux plugin-container already contains the sandbox code.)
 2015-04-10 18:05:19 -07:00
Jed Davis
cf24e12150 Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang 2015-04-10 18:05:19 -07:00
Mark Goodwin
2c5369d16e Bug 1132689 - Feb 2015 batch of EV root CA Changes. r=keeler 
--HG--
extra : rebase_source : 43a28d1b97c569280979c8a2d95494e4d2f9a67c
extra : amend_source : 056721a65cc7d0738d9ab2a92071f8f7eaf48262
 2015-03-30 08:57:00 +02:00
David Keeler
01409dbd35 bug 1147085 - remove nsINSSCertCache (replace it with nsIX509CertDB.getCerts()) r=Cykesiopka 2015-04-03 14:01:05 -07:00
Patrick McManus
bdc70031c6 Bug 1152895 - remove dead code in nsSSLIOLayerSetOptions r=dkeeler 2015-04-09 13:40:04 -04:00
Cykesiopka
3487ae0262 Bug 1147725 - Disable test_ocsp_fetch_method.js and test_ocsp_url.js on slow B2G Emulator debug builds. r=keeler 
--HG--
extra : rebase_source : 87d4b8284b33498a50542d49b956db84cdae1b62
 2015-04-06 14:05:00 +02:00
Bob Owen
077c2e64f4 Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm 2015-04-05 14:01:38 +01:00
Phil Ringnalda
fa3a91e936 Merge m-i to m-c, a=merge 2015-04-04 09:59:17 -07:00
ffxbld
3a6df834e2 No bug, Automated HPKP preload list update from host bld-linux64-spot-220 - a=hpkp-update 2015-04-04 03:27:46 -07:00
ffxbld
81b8c93237 No bug, Automated HSTS preload list update from host bld-linux64-spot-220 - a=hsts-update 2015-04-04 03:27:44 -07:00
Steven Michaud
33228918ed Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld 2015-04-03 11:51:41 -05:00
Cykesiopka
c2f2ce39ec Bug 1149805 - Switch head_psm.js to Assert.jsm methods and add expected result strings. r=keeler 2015-04-02 05:50:00 -04:00
Cykesiopka
6680672cfb Bug 488480 - Correct documentation about the function hasMatchingOverride() in nsICertOverrideService.idl. Original patch by Johnathan Nightingale. r=keeler 
IGNORE IDL

--HG--
extra : rebase_source : 3e2f7be6a165caf413726d13c9ccee26abbd2925
 2015-04-02 05:45:00 -04:00
Nathan Froyd
4c7234747e Bug 1143651 - don't use CallQueryInterface when the compiler can do the cast for us; r=ehsan 2015-03-12 13:20:29 -04:00
Cykesiopka
7eb3221db7 Bug 1147726: Disable test_keysize_ev.js on slow B2G Emulator debug builds. r=dkeeler 2015-03-31 11:53:00 +02:00
Brian Smith
a0437d5b8f Bug 1146057: Remove support for GCC 4.6, r=keeler 
Since Gecko now requires GCC 4.7 or later, we no longer need to
work around the lack of support for "override" and "final" in
earlier versions of GCC.

--HG--
extra : rebase_source : 0f104f16be9e7c1ff87bbdd0d4ba6700b1081fb8
 2015-03-30 20:18:46 -10:00
Bob Owen
e4f543bb58 Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce 2015-04-01 09:40:35 +01:00
Bob Owen
eef3ca5f6e Bug 1119878 Part 1: Change SandboxTarget to hold sandbox target services to provide functions. r=aklotz, r=glandium, r=cpearce 2015-04-01 09:40:35 +01:00
Mike Hommey
b077d9624d Bug 1134920 - Use moz_xmalloc/moz_xrealloc/free instead of nsMemory::Alloc/Realloc/Free. r=nfroyd 2015-04-01 13:51:45 +09:00
Mark Goodwin
d7b3e00bed Bug 1138848 - Tests for modified OneCRL (r=keeler, unfocused) 
* * *
* * *
give blocklist debug info to NSPR_LOG
 2015-03-31 15:10:19 -07:00
Mark Goodwin
1b0d6fb879 Bug 1138848 - Modify OneCRL blocklist for subject / public key blocking (r=keeler, unfocused) 2015-03-31 15:10:09 -07:00
David Keeler
5a690c59fa bug 844351 - remove nsISSLErrorListener r=cykesiopka 
--HG--
extra : amend_source : e2adec756356509f0a4601bbeabf7ba7c8d15a8e
 2015-03-24 16:00:10 -07:00
Cykesiopka
ee04a8b86a Bug 1147247 - Use PRErrorCodeSuccess constant instead of literal 0 to represent success in PSM xpcshell tests. r=dkeeler 
--HG--
extra : rebase_source : 75a144cbf0e166f92884275fb6c511c98d7e61bd
 2015-03-27 23:16:00 +01:00
David Cooper
bb6cbdf02b Bug 667471 - Pretty print names of ECDSA with SHA-2 algorithms in Certificate Viewer. r=dkeeler 
--HG--
extra : rebase_source : eb961cbdf8fe1ccf74642d86c03ee6c41c30f2d4
 2015-03-27 23:13:00 +01:00