Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-27 04:05:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
413,857 Commits 615 Branches 98 Tags 5.9 GiB
81d48654d0
Commit Graph

9430 Commits

Author SHA1 Message Date
Phil Ringnalda
e44926f4c1 Merge m-i to m-c, a=merge 2015-03-28 11:44:16 -07:00
ffxbld
ad47b2b11c No bug, Automated HPKP preload list update from host bld-linux64-spot-1005 - a=hpkp-update 2015-03-28 03:27:37 -07:00
ffxbld
7ffd3e55ce No bug, Automated HSTS preload list update from host bld-linux64-spot-1005 - a=hsts-update 2015-03-28 03:27:36 -07:00
Andrea Marchesini
e6f385fb3d Bug 1148527 - Indentation fix after bug 1145631, r=ehsan 2015-03-27 18:52:19 +00:00
Kai Engert
e2f12bfec6 Bug 1144055 - Upgrade Firefox 39 to use NSS 3.18.1, land NSS_3_18_1_BETA1, r=nss-confcall 2015-03-26 20:39:25 +01:00
Tanvi Vyas
0ca524deb8 Bug 947079 - Hack to prevent getting a mixed content icon on a fully secure page. r=keeler 2015-03-26 11:54:53 -07:00
Bob Owen
e7768682a2 Bug 1147446: Chromium patch to fix memory leak in Windows sandbox sharedmem_ipc_server.cc. r=aklotz 2015-03-26 08:06:04 +00:00
Cykesiopka
b44239d022 Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler relanding on a CLOSED TREE 2015-03-25 17:29:05 -07:00
Wes Kocher
9b0a211a65 Backed out changeset 3a38c3d97f44 (bug 996872) on the theory that it somehow broke lots of tests, forcing a prolonged CLOSED TREE 2015-03-25 14:40:44 -07:00
Cykesiopka
958425a841 Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler 2015-03-25 11:40:46 -07:00
Wes Kocher
8794504c9f Merge m-c to inbound a=merge CLOSED TREE 2015-03-23 16:51:22 -07:00
Edwin Flores
fb38caf19c Bug 1146192 - Whitelist sched_yield syscall in GMP sandbox on Linux DONTBUILD CLOSED TREE - r=jld 2015-03-24 10:56:49 +13:00
Edwin Flores
75fa281404 Bug 1146192 - Backed out changeset d2918bcf0d90 for missing bug number - r=me 2015-03-24 10:53:10 +13:00
Jed Davis
1d7005b2a5 Bug 1144514 - Whitelist pread64 in content seccomp-bpf policy. r=kang 
--HG--
extra : histedit_source : b16050ba3308df92df608cc6fc09069d21df6deb
 2015-03-19 11:57:00 -04:00
Phil Ringnalda
fc8b8ab2ac Merge m-c to m-i 2015-03-21 12:50:09 -07:00
Phil Ringnalda
09f1e96e74 Merge m-i to m-c, a=merge 2015-03-21 12:31:07 -07:00
ffxbld
21922001d8 No bug, Automated HPKP preload list update from host bld-linux64-spot-1002 - a=hpkp-update 2015-03-21 03:30:42 -07:00
ffxbld
9d9da119ca No bug, Automated HSTS preload list update from host bld-linux64-spot-1002 - a=hsts-update 2015-03-21 03:30:40 -07:00
Ehsan Akhgari
883849ee32 Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj 
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
 2015-03-21 12:28:04 -04:00
Edwin Flores
3b412c43dd Bug 1XXXXXX - Whitelist sched_yield syscall in GMP sandbox on Linux - r=jld 2015-03-24 09:55:36 +13:00
David Keeler
2cf7194567 bug 1143085 - allow subject alternative name extensions to be empty for compatibility r=briansmith a=kwierso 
--HG--
extra : amend_source : 89b8233b57049a3d2886aa08cd85c57e6faa693e
 2015-03-16 14:00:33 -07:00
Jed Davis
09d9f7bb4a Bug 1144580 - Whitelist pselect6 in content seccomp-bpf policy. r=kang 2015-03-18 15:30:00 +01:00
Masatoshi Kimura
3a321cb760 Bug 1133187 - Update fallback whitelist. r=keeler 2015-03-18 15:36:00 +01:00
Jed Davis
f6d18ff6da Bug 1141906 - Adjust some assertions in Linux sandbox feature detection. r=kang 
See bug, and comment at top of SandboxInfo.cpp, for rationale.

Bonus fix: reword comment about nested namespace limit; the exact limit
is 33 (not counting the root) but doesn't particularly matter.
 2015-03-17 22:50:00 +01:00
Cykesiopka
ae28024d8c Bug 1131227 - Make the about:certerror Unknown Issuer string mention missing intermediates and unimported roots. r=keeler 2015-03-17 14:33:00 +01:00
Masatoshi Kimura
35c856f796 Bug 1143082 - Fix a message in the mixed content UI. r=dolske 2015-03-17 20:34:58 +09:00
Jed Davis
d56d610ecf Bug 1141885 - Make readlink() fail instead of allowing it, for B2G content processes. r=kang 
--HG--
extra : rebase_source : c9ceababcd741979058361e96161d575a70bd39f
 2015-03-13 13:47:56 -07:00
André Reinald
66ca086aa3 Bug 1083344 - Tighten rules for Mac OS content process sandbox on 10.9 and 10.10. r=smichaud 
Allow read to whole filesystem until chrome:// and file:// URLs are brokered through another process.
Except $HOME/Library in which we allow only access to profile add-ons subdir.
Add level 2, which allows read only from $HOME and /tmp (while still restricting $HOME/Library.
Change default back to 1.
 2015-03-12 17:42:50 +01:00
ffxbld
d9bfa275b9 No bug, Automated HPKP preload list update from host bld-linux64-spot-532 - a=hpkp-update 2015-03-14 03:26:00 -07:00
ffxbld
3d091a2a8c No bug, Automated HSTS preload list update from host bld-linux64-spot-532 - a=hsts-update 2015-03-14 03:25:58 -07:00
Nathan Froyd
b252a27930 Bug 1142503 - don't use QueryInterface when the compiler can do the cast for us; r=ehsan 
Calling QueryInterface with a statically known IID should typically not
be necessary.  In those cases where it's not, the compiler can do the
cast for us, though we have to supply the reference-counting that
QueryInterface would do.

In passing, several redundant null-checks for the result of |new T| have
been deleted.
 2015-03-12 09:43:50 -04:00
Jed Davis
99b4a73239 Bug 1142263 - Specify all syscall parameters when doing CLONE_NEWUSER detection; f=bwc r=kang 2015-03-13 13:01:28 +01:00
Jed Davis
2d14f8d244 Bug 906996 - Remove unlink from B2G content process syscall whitelist. r=kang 2015-03-11 12:39:00 +01:00
David Keeler
12b79456cc bug 1102443 - fix leak in key pinning logging by removing an unnecessary function call r=cykesiopka 
Also took the opportunity to fix the logging message, since it didn't accurately
describe the information that was being printed.

--HG--
extra : amend_source : 40a0c2ba9c07757e5895a822ce3bb8b197674554
 2015-03-12 14:31:26 -07:00
Jonathan Griffin
d1c61bc9b6 Bug 1116187 - Disable failing mochitest-chrome tests for B2G, r=gbrown 2015-02-06 16:30:37 -08:00
David Keeler
6978e35bf5 bug 1138332 - re-allow overrides for certificates signed by non-CA certificates r=mmc 
--HG--
extra : amend_source : 92a2dcf71daa6b31be0dcae628a13b13b0fc443a
 2015-03-11 11:11:22 -07:00
Cykesiopka
5814296e8c Bug 1141815 - Remove nsIDOMCryptoDialogs interface and associated implementation; r=keeler 2015-03-12 10:24:05 +01:00
David Keeler
0bf38c806e bug 1138716 - update PSM data structures that depend on root CA changes r=mmc 2015-03-23 10:36:55 -07:00
Kai Engert
f7aa208f07 Bug 1137470, remove the documentation patch file, because it's no longer reverted locally, DONTBUILD 2015-03-20 13:38:13 +01:00
Kai Engert
b58c1a369b Bug 1137470, Upgrade Firefox 38 to use NSS 3.18, land NSS_3_18_RTM, r=nss-confcall 2015-03-20 13:32:58 +01:00
Cykesiopka
2aa9e4036e Bug 1121117 - Add fuzz time to workaround non-monotonicity of Date(). r=keeler 
--HG--
extra : rebase_source : 464d1e1bf8cb4624f4fda39d3ea6a55430073c6f
 2015-03-19 19:57:00 +01:00
Bob Owen
f2a63bbdff Bug 1145432: Add the policy for the client side of the crash server pipe to the GMP Windows sandbox. r=aklotz 2015-03-20 07:53:37 +00:00
Ehsan Akhgari
0e3211475f Bug 1140767 - Build more files in security/manager in unified mode; r=dkeeler 2015-03-10 22:52:22 -04:00
Bob Owen
4fecdb4ceb Bug 1141169: Add moz.build BUG_COMPONENT metadata for security/sandbox/ r=jld 2015-03-10 08:03:12 +00:00
Bob Owen
b08af57c17 Bug 1137166: Change the Content moreStrict sandbox pref to an integer to indicate the level of sandboxing. r=tabraldes 2015-03-10 08:03:12 +00:00
Mike Hommey
364038011c Bug 868814 - Fold mozalloc library into mozglue. r=njn 
--HG--
rename : memory/mozalloc/moz.build => memory/mozalloc/staticruntime/moz.build
 2015-03-10 10:01:52 +09:00
Masatoshi Kimura
83b1b594b5 Bug 1106470 - Drop SSLv3 support entirely from PSM. r=keeler 2015-03-10 01:22:59 +09:00
Jed Davis
19355a43d5 Bug 1137007 - Detect namespace and SECCOMP_FILTER_FLAG_TSYNC support in SandboxInfo. r=kang, r=Unfocused 
Currently, only user namespace support is detected.  This is targeted at
desktop, where (1) user namespace creation is effectively a prerequisite
for unsharing any other namespace, and (2) any kernel with user
namespace support almost certainly has all the others.

Bonus fix: remove extra copy of sandbox flag key names in about:support;
if JS property iteration order ever ceases to follow creation order, the
table rows could be permuted, but this doesn't really matter.
 2015-03-06 13:59:00 -05:00
David Keeler
cc58dd5d1a Bug 1136616 - Allow underscores in reference DNS-IDs in mozilla::pkix name matching. r=briansmith 2015-03-03 13:34:45 -08:00
Phil Ringnalda
8f5c1764fb Merge m-c to m-i 2015-03-07 19:39:49 -08:00