Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-15 14:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
348,046 Commits 615 Branches 98 Tags 5.8 GiB
8d181fc67b
Commit Graph

8133 Commits

Author SHA1 Message Date
Brian Smith
367c980791 Bug 957665: Add telemetry to measure how many people have OCSP enabled, r=keeler 
--HG--
extra : rebase_source : e6dd0d7d06ce0eb5b2f34a77a851dd7c0655ac3e
 2014-01-08 08:59:53 -08:00
Jed Davis
1acb8c0912 Bug 945330 - Reword and slightly improve sandbox violation log message. r=kang 
The main goal is to have a message that unambiguously indicates a crash,
so mozharness can grep for it even if some of the details change later.

Also now includes the entire argument list; most syscalls don't use all
six, so the last few will be meaningless, but it can't hurt to log them.
 2014-01-10 08:22:58 -05:00
David Keeler
02ba1423d9 bug 950268 - fix leak in nsCertTree::GetDispInfoAtIndex r=cviecco 2014-01-09 10:02:08 -08:00
Phil Ringnalda
1dddb1a066 Back out 2e7e2de7b13e (bug 948574) for b2g mochitest crashes 
CLOSED TREE
 2014-01-07 21:10:23 -08:00
David Keeler
12478c7858 bug 948574 - remote nsISiteSecurityService::IsSecureURI r=bz 2014-01-07 11:31:30 -08:00
Brian Smith
7a3a090854 Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 2014-01-06 14:45:35 -08:00
Brian Smith
e78c9d7289 Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 2014-01-06 14:41:04 -08:00
Wes Kocher
13a42d347d Backed out changeset 75e5396d0847 (bug 933109) for xpcshell bustage 2014-01-06 17:50:53 -08:00
Wes Kocher
20073cae22 Backed out changeset b8f1b1cfc9e2 (bug 952876) 2014-01-06 17:50:23 -08:00
Brian Smith
86906b978c Bug 952876: Add test for bug 952808 (OCSP stapling not honored when there is a error entry in the OCSP cache), r=keeler 
--HG--
extra : rebase_source : d83e4b3681b36616441e6fd412969998a19eae4c
extra : amend_source : 475bff5dd333fb54729fdace0f295c6e026c5a18
 2014-01-06 14:45:35 -08:00
Brian Smith
ded0276b7d Bug 933109: Add tests to verify that we retry OCSP when we have a cached Unknown response, r=keeler 
--HG--
extra : rebase_source : 4e73c5812e75adf053f2158a88a6a8e58307c9d7
 2014-01-06 14:41:04 -08:00
David Keeler
2082ba1a5d bug 951354 - nsNSSCertificateDB: call shutdown(calledFromObject) in destructor r=cviecco a=abillings 2013-12-19 11:45:50 -08:00
Brian Smith
b866cfd1ca Bug 898431: Update NSS to NSS 3.15.4 RTM (NSS_3_15_4_RTM), r=me 2014-01-06 14:31:01 -08:00
Ehsan Akhgari
1b83407ce9 Bug 927728 - Part 1: Replace PRUnichar with char16_t; r=roc 
This patch was automatically generated by the following script:

#!/bin/bash
# Command to convert PRUnichar to char16_t

function convert() {
echo "Converting $1 to $2..."
find . ! -wholename "*nsprpub*" \
       ! -wholename "*security/nss*" \
       ! -wholename "*modules/libmar*" \
       ! -wholename "*/.hg*" \
       ! -wholename "obj-ff-dbg*" \
       ! -name prtypes.h \
       ! -name Char16.h \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert PRUnichar char16_t
 2014-01-04 10:02:17 -05:00
ffxbld
a5f9e559f4 No bug, Automated HSTS preload list update from host bld-linux64-ec2-441 - a=hsts-update 2014-01-04 03:20:04 -08:00
ffxbld
f89538aa82 No bug, Automated HSTS preload list update from host bld-linux64-ec2-018 - a=hsts-update 2013-12-28 03:23:00 -08:00
Brian Smith
987c5c3e05 Bug 898431: Update NSS to NSS 3.15.4 beta 10 (NSS_3_15_4_BETA10), r=me 2013-12-21 23:15:41 -08:00
ffxbld
85d518fff6 No bug, Automated HSTS preload list update from host bld-centos6-hp-016 - a=hsts-update 2013-12-21 03:14:20 -08:00
Wan-Teh Chang
7cd5c434ed Bug 898431: Update NSS to NSS_3_15_4_BETA9. Includes the fixes for 
bug 946147, bug 930874, bug 930857, bug 934545, bug 915408.
 2013-12-20 12:01:06 -08:00
Gregory Szorc
e396fc159d Bug 774572 - Part 2: Define JAR_MANIFESTS in moz.build files; r=glandium 
Every directory with a jar.mn now has JAR_MANIFESTS defined in its
moz.build file.

We also removed the may_skip special consideration of jar.mn files
because this information is now available during tier traversal by the
reader courtesy of the variables being present in moz.build files.

--HG--
extra : rebase_source : 21049b15e6bd9cf65b0805ccaccc4ba5aae93c98
extra : amend_source : 0b1ea866d725beef92d37c6f6d475369ac002e19
 2013-12-10 16:18:11 +09:00
David Keeler
b4908bf345 bug 887321 - initial OCSP stapling telemetry r=briansmith 2013-12-16 09:32:16 -08:00
Trevor Saunders
d43c55ca0e bug 949821 - use MOZ_UTF16 more and NS_LITERAL_STRING less r=froydnj 2013-12-12 20:50:01 -05:00
Raymond Etornam Agbeame
263d3452ce Bug 945857: Remove the security.fresh_revocation_info.require preference, r=briansmith 2013-12-16 00:09:21 -08:00
Phil Ringnalda
fde33d1583 Merge m-i to m-c 2013-12-14 18:20:38 -08:00
ffxbld
b47490ccbf No bug, Automated HSTS preload list update from host bld-linux64-ix-037 - a=hsts-update 2013-12-14 03:18:03 -08:00
David Keeler
e7c01f9f5b bug 950253 - fix typo in getHSTSPreloadList.js r=briansmith DONTBUILD because NPOTB 2013-12-13 16:06:54 -08:00
Bobby Holley
07df154678 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-11 17:51:58 -08:00
Camilo Viecco
b76fac8502 Bug 938046 - Part 4. Tests for consistency of getchain and getissuer. r=dkeeler 2013-11-21 13:50:51 -08:00
Camilo Viecco
c653f8bfb9 Bug 938046 - Part 3. Iterate only through valid users on getchain r=dkeeler 2013-12-11 13:04:07 -08:00
Camilo Viecco
e37fbe8375 Bug 938046 - Part 2. Get issuer uses getchain to comput issuer. r=dkeeler 2013-11-21 13:50:49 -08:00
Camilo Viecco
d93962c4a5 Bug 938046 - Part 1. Iterate through variable not over const. r=dkeeler 2013-11-21 13:45:20 -08:00
Cykesiopka
bccb5eda75 Bug 910986 - Fix cert trust editing in People tab of Cert Manager. r=dkeeler 2013-12-10 10:36:47 -05:00
Cykesiopka
0d841afed1 Bug 539710 - Use char16_t ',' instead of NS_LITERAL_STRING in nsNSSCertificate.cpp. r=dkeeler 2013-12-10 10:36:31 -05:00
Ryan VanderMeulen
52ab5ad2dc Merge b2g-inbound to m-c. 2013-12-09 17:26:11 -05:00
Camilo Viecco
92f4ee9e45 Bug 936808 - Serialize calls to PK11 routines in SSLServerCertVerification. r=briansmith 2013-12-09 09:12:47 -08:00
Birunthan Mohanathas
3440613a39 Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo 
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
 2013-12-08 21:52:54 -05:00
Brian Smith
25cf163695 Bug 942152, r=dkeeler, r=honzab 
--HG--
extra : rebase_source : 7f0bab4efa26e9c185b29fdb14d846035147fd2f
 2013-12-05 20:33:49 -08:00
Phil Ringnalda
cacf62c269 Back out 35371620801a:bf2019278b77 (bug 937317) for gaia-ui-test bustage and frequent timeouts in its own test 2013-12-07 11:08:56 -08:00
ffxbld
b69187e615 No bug, Automated HSTS preload list update from host bld-linux64-ec2-351 - a=hsts-update 2013-12-07 03:22:31 -08:00
Camilo Viecco
e0f5696cba Bug 945349 - CertVerifier should check early for bad usages. r=briansmith 2013-12-06 13:42:44 -08:00
Vicamo Yang
00ea22f388 Bug 944625 - B2G Emulator-x86: fix undeclared __NR_socketpair, __NR_sendmsg. r=kang,jld 2013-12-09 21:02:54 +08:00
Bobby Holley
cdf05d42a4 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-06 12:01:42 -08:00
Raymond Etornam Agbeame
676b9a2b0e Bug 945855: Remove the security.first_network_revocation_method pref, r=briansmith 
--HG--
extra : rebase_source : e416ba1e78f95234d403c078ad81b5fddcce947a
extra : amend_source : 7adbe291df748b5a6d1f1122573e862bdc5f5f11
 2013-12-06 00:55:17 -08:00
Cykesiopka
229baa51e6 Bug 945851: Remove pref for showing dialog box when NSS initialization fails, r=briansmith 
--HG--
extra : rebase_source : 1142d1775b8846e8bd46109affc62df262e598d4
 2013-12-06 00:12:08 -08:00
Carsten "Tomcat" Book
076ec87e09 Backed out changeset 374e44c835a8 (bug 937317) WinXP Build Bustage on a CLOSED TREE 2013-12-06 08:41:42 +01:00
Chris Peterson
6f76ca5751 Bug 946116 - Remove unused isResumedSession variable from nsNSSCallbacks.cpp. r=bsmith 2013-12-03 21:07:29 -08:00
Bobby Holley
901b658c25 Bug 937317 - Replace all instance of null cx pushing with AutoSystemCaller. r=bz 
This is an easy bonus chunk of the work to phase out cx pushing in the browser.
 2013-12-05 21:34:17 -08:00
Camilo Viecco
7223d195ae Bug 585122 - In PSM provide EV only with OCSP revocation (Part 2: tests). r=briansmith. 2013-12-02 11:12:21 -08:00
Camilo Viecco
d5220b22a6 Bug 585122 - Part 1. EV do not request CRL. r=briansmith. 2013-12-02 11:08:06 -08:00
Brian Smith
c7f8cc63c2 Bug 898431: Update to NSS 3.15.4 beta 8 (NSS_3_15_4_BETA8), r=me 2013-12-05 07:27:11 -08:00
Brian Smith
1e0f7a1545 Bug 898431: Update to NSS 3.15.4 beta 7 (NSS_3_15_4_BETA7), r=me 
--HG--
extra : rebase_source : 51f5e01db5d8dec46f341e217fa2ba97382c723c
extra : amend_source : 04d8a9e4a861228c217b9d766cd8781d49ed496f
 2013-12-04 20:51:58 -08:00
Brian Smith
98daee98b9 Bug 898431: Update NSS to NSS 3.15.4 beta 6 (NSS_3_15_4_BETA6), r=me 
--HG--
extra : rebase_source : 9f497ceb1c74fbf15938171229f5a7339e277333
 2013-12-03 20:04:07 -08:00
Steffen Wilberg
f62f500883 Bug 945871: Remove the security.ssl3.ecdh_* preferences, r=briansmith 
--HG--
extra : rebase_source : 39f680c48ae198263af61b8c2cc07bdb7dc829a7
 2013-12-03 18:56:33 -08:00
Jed Davis
6b929fc140 Bug 943774 - Allow sigaction when sandboxed, for the crash reporter. r=kang 2013-12-03 18:45:17 -05:00
Ryan VanderMeulen
c7695765ee Merge m-c to inbound. 2013-12-03 17:42:20 -05:00
Mike Hommey
76e38fe13c Bug 937005 - Make the original fix actually do something. r=ted 2013-12-04 07:15:40 +09:00
Cykesiopka
4dbc25f974 Bug 915937 - Cleanup #defines in nsNSSComponent.cpp and change them to static consts. r=bsmith 2013-12-03 15:23:27 -05:00
Nathan Froyd
30fe6804b0 Bug 942109 - constify PLDHashTableOps in security/manager/; r=briansmith 2013-11-20 13:42:08 -05:00
Camilo Viecco
2897aff2ae Bug 942918 - remove ev tests that use crl for revocation check. r=dkeeler 2013-12-02 15:20:24 -08:00
Mike Hommey
881a7c1554 Bug 943728 - Replace double quotes with single quotes in Makefiles (or remove them when it makes sense). r=mshal 2013-12-03 06:34:21 +09:00
Brian Smith
ff37bcb472 Bug 945195: Do insecure fallback from TLS 1.0 to SSL 3.0 when we receive a FIN during the initial handshake, r=honzab 
--HG--
extra : rebase_source : d10091aea21f7d552f682d54383bf43ece7633ed
 2013-12-02 10:48:06 -08:00
Ajitesh Gupta
a3e2d917e1 Bug 917047: Remove the security.enable_md5_signatures pref, r=briansmith 
--HG--
extra : rebase_source : ae721bc7f91b399e61c2efb869e15ab902c810e0
 2013-11-19 16:05:26 -08:00
ffxbld
0e3362fb56 No bug, Automated HSTS preload list update from host bld-linux64-ec2-170 - a=hsts-update 2013-11-30 03:19:19 -08:00
Ms2ger
c51e826c53 Bug 937258 - Part a: Remove empty makefiles; r=gps 2013-11-28 15:25:40 +01:00
Mike Hommey
8fd06cf41b Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-27 22:55:07 +09:00
Mike Hommey
b32a4ed166 Backout changeset 3fd4b546eed4 (bug 874266) and changeset a35d2e3a872f (bug 942043) for ASAN build bustage and Windows test bustage 
--HG--
extra : amend_source : f20d09aeff1c8b5cbd0f1d24c7ce04e86f3aed1d
 2013-11-28 14:24:05 +09:00
Mike Hommey
682364d535 Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-28 13:08:16 +09:00
Camilo Viecco
e5fb192579 Bug 917380 - part2 - test ensure disabled ev root certs remain untrusted. r=briansmith 2013-10-29 14:56:34 -07:00
Camilo Viecco
d09f182703 Bug 917380 - Part 1 - Add filters for EV root list. r=briansmith 2013-10-21 14:27:46 -07:00
Camilo Viecco
c372fc1c9c Bug 927016 - Create EV testsuite in xpcshell. r=keeler 2013-11-21 13:40:31 -08:00
Brian Smith
a1ca3871ad Bug 898431: Update NSS to NSS 3.15.4 beta 5 (NSS_3_15_4_BETA5), r=me 2013-11-26 20:21:14 -08:00
David Keeler
e7311e3096 bug 929617 - disregard expired stapled OCSP responses, acquire fresh ones r=briansmith 2013-11-25 15:40:11 -08:00
David Keeler
1596dcc4b1 bug 943115 - return early in CreateCertErrorRunnable for non-overridable errors r=briansmith 2013-11-26 13:49:47 -08:00
Patrick McManus
a72d594dd7 Bug 942729, Part 2: Remove unused expected symmetric cipher mechanism, r=briansmith 
--HG--
extra : rebase_source : 9630808b663d6a670c2e45d242177a640817f2ee
 2013-11-25 18:12:40 -05:00
Brian Smith
da55c6102d Bug 942729, Part 1: Re-enable TLS False Start, r=mcmanus 
--HG--
extra : rebase_source : 9908b1cbc3a30e9868739a10a705de8dbf30c5e1
 2013-11-20 13:49:33 -08:00
Ehsan Akhgari
f25f1deaa3 Bug 942033 - Build security/manager in unified mode; r=bsmith 
--HG--
extra : rebase_source : d48b78001772e0421a6dfc2ecd204434c33cd2d4
 2013-11-26 13:18:21 -05:00
Mike Hommey
43d177307e Bug 940407 - Kill GTEST_SOURCES. r=gps 2013-11-26 11:48:58 +09:00
Brian Smith
2eb8cc1213 Bug 898431: Update NSS to NSS 3.15.4 beta 4 (NSS_3_15_4_BETA4), r=me 
--HG--
extra : rebase_source : 72f78bad585cdb1e09b5ebd1f7d0ba0e713de677
 2013-11-25 17:08:17 -08:00
Brian Smith
85be8f6d2a Bug 942728 - Fix telemetry for cipher suites and crypto algorithms andkey sizes, r=keeler, a=lsblakk 
--HG--
extra : rebase_source : bd0bc0d67fe811612df4210b2b5e19f1d5eca5a0
 2013-11-21 13:35:23 -08:00
Phil Ringnalda
187d0f2256 Merge m-i to m-c 2013-11-23 08:18:35 -08:00
ffxbld
ad31131cda No bug, Automated HSTS preload list update from host bld-linux64-ix-034 - a=hsts-update 2013-11-23 03:17:46 -08:00
David Keeler
2a3e74d865 bug 909044 - make generate_certs.sh work on windows r=briansmith DONTBUILD NPOTB 2013-11-22 11:03:34 -08:00
Camilo Viecco
77a6933e19 Bug 938805 - Create standalone oscpResponseGenerator for testing. r=keeler 2013-10-29 14:02:35 -07:00
Richard Newman
be54c22ba3 Bug 935831 - Back out Bug 927230 for Android 2.3 startup crash, r=briansmith 
--HG--
extra : rebase_source : 5b8ff8da93a882d6c8303c26d234ad63b748389c
 2013-11-20 17:05:55 -08:00
Brian Smith
f60cd5a14b Bug 898431: Clean up security/patches to remove references to the private false start patch that is no longer applied, r=me, a=NPOTB 
--HG--
extra : rebase_source : 94ee34c96357666e6c6d266fe9029af1d977a940
 2013-11-20 17:05:24 -08:00
Christoph Kerschbaumer
b8680805ea Bug 935111 - Enable seccomp-bpf for Linux. r=jld 2013-11-19 16:09:18 -08:00
Patrick McManus
aea36afc63 bug 802649 network priority for ocsp r=bsmith r=honzab 
--HG--
extra : rebase_source : 17554ab7627e1d42a4736078254f94f36cf9c48b
 2013-11-20 09:57:56 -05:00
Camilo Viecco
605e2aaf63 Bug 912155 - Adding new interface in nssCertifcateDB for testing. r=bsmith 2013-11-11 16:37:06 -08:00
Mike Hommey
2812d11fce Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps 
Landing on a CLOSED TREE.
 2013-11-19 11:50:54 +09:00
Mike Hommey
e06d795c71 Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps 2013-11-19 11:48:10 +09:00
Mike Hommey
b2e90f6233 Bug 914245 - Move FORCE_SHARED_LIB to moz.build. r=mshal 2013-11-19 11:47:45 +09:00
Mike Hommey
26bc04d200 Bug 939044 - Rename remaining MODULE definitions to XPIDL_MODULE. r=mshal 2013-11-19 11:47:43 +09:00
Mike Hommey
e80e877ab7 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Mike Hommey
ffe0380912 Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps 2013-11-19 11:47:14 +09:00
Camilo Viecco
1d9e3d14e6 Bug 935769: Fix shutdown locks for nssCerList and nssCertListEnumerator. r=bsmith 2013-11-11 15:16:45 -08:00
Landry Breuil
4922ba7e7a Bug 939498 - Properly include <algorithm> for std::max. r=bsmith 2013-11-18 11:04:13 +01:00
Brian Smith
bd4023d59f Bug 901718, Part 2: fix comment, r=me 2013-11-17 14:00:00 -08:00
Brian Smith
0f04dc22ad Bug 934663 followup: fix unused variable warning, r=me 
--HG--
extra : rebase_source : e343b569df4d313f0f5f65fc82de99b9ea5b2ba9
 2013-11-17 13:53:18 -08:00
Brian Smith
a30624a77d Bug 901718: Remove TLS intolerance fallback from TLS 1.0 to SSL 3.0 for connection resets, r=honzab 
--HG--
extra : rebase_source : 304e73126b66ae2e1a9fa6ae4c0cc3fa803aaac0
 2013-11-17 13:51:37 -08:00
Brian Smith
795b5221e6 Bug 898431: Update to NSS 3.15.4 beta 3 (NSS_3_15_4_BETA3), r=me 
--HG--
extra : rebase_source : a6dd976f23ebdd33dcf6fd26e4752ddb2bbc5363
 2013-11-17 13:50:25 -08:00
Brian Smith
f6aed24e05 Bug 707275, Part 2: Add telemetry for cipher suites and key sizes, r=keeler 
--HG--
extra : rebase_source : bd5f91877de357b415b6f143eccc87434d72db2b
 2013-11-17 13:47:30 -08:00
Brian Smith
7ee6fc2ae9 Bug 707275, Part 1: Add telemetry for TLS intolerance, r=keeler 
--HG--
extra : rebase_source : 8331f1486ad764838812ea500742a97fbc025858
 2013-11-17 13:47:23 -08:00
Tom Schuster
4478f5b384 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Ms2ger
cca4d45da6 Backout changesets ded0d64f6786:03f041d03f24 and 30cbd1abde1a (bug 935696, bug 933834 and bug 939194) for build bustage. 2013-11-17 16:39:25 +01:00
Tom Schuster
bc757ef965 Bug 933834 - Rename and handlify JS_ValueToString. r=terrence,bz 2013-11-16 13:31:36 +01:00
Mike Hommey
fb8b50d540 Bug 937005 - Install folded import library in the SDK. r=bsmedberg 2013-11-16 13:39:01 +09:00
Chris Peterson
1d6f9e7c88 Bug 937459 - Remove unused private fields from nsNSSSocketInfo class. r=briansmith 2013-11-11 14:06:29 -08:00
Garrett Robinson
1335cdf82a Bug 932116 - Allow copying certificate viewer text. r=dkeeler, r=bsmedberg 2013-11-13 17:39:48 -08:00
Brian Smith
a4eca92369 Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco 
--HG--
extra : rebase_source : 4452d8959f22152512ed428184726c9834f6e4c3
 2013-11-12 18:28:20 -08:00
Brian Smith
f8b15362cf Bug 898431: Update NSS to NSS 3.15.4 beta 2 (NSS_3_15_4_BETA2) again, r=me 
--HG--
extra : rebase_source : 52c384c2f55da38d9576414a3c6e07427abd7000
 2013-11-12 18:26:49 -08:00
Brian Smith
7a192b1854 Bug 937721, Part 3: Back out cset 61fb80e560de (NSS_3_15_4_BETA1, bug 898431), r=kaie 2013-11-12 11:45:48 -08:00
Brian Smith
49389a02a4 Bug 937721, Part 2: Back out cset 61fb80e560de (NSS_3_15_4_BETA2, bug 898431), r=kaie 
--HG--
extra : rebase_source : 9b588bc5ba6e6a8ddd630e22ddf27667d6951edd
 2013-11-12 11:27:59 -08:00
Brian Smith
4dc0340481 Bug 937721, Part 1: Back out cset 8dbd3f432835 (bug 932176), r=kaie 
--HG--
extra : rebase_source : 80f4b7ee7e4f77ef92cb42e6163f95074d68d306
 2013-11-12 11:25:55 -08:00
David Keeler
cf2c6961bf bug 932519 - (3/3) add an optional additional cert name as a parameter to GetOCSPResponseForType r=cviecco r=briansmith 2013-11-11 13:36:29 -08:00
David Keeler
ebbb41103e bug 932519 - (2/3) rename OCSP response generation test code to remove "stapling" r=cviecco r=briansmith 2013-11-11 13:42:35 -08:00
David Keeler
67c258e9bf bug 932519 - (1/3) move common OCSP response generation test code for refactoring r=cviecco r=briansmith 
--HG--
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.cpp
rename : security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp => security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h
 2013-11-11 13:43:04 -08:00
David Keeler
6e4af846e2 bug 935618 - (2/2) generateCRMFRequest: test using a bad popcert parameter r=cviecco 2013-11-07 13:33:58 -08:00
David Keeler
96c3be83e6 bug 935618 - (1/2) check for an ec certificate in nsConvertToActualKeyGenParams r=cviecco 2013-11-07 13:34:59 -08:00
Jacob Acord
102145c94d Bug 934673 - Fix nsRandomGenerator::GenerateRandomBytes can leak r=keeler 2013-11-11 14:38:37 -08:00
Jed Davis
c4794bebcf Bug 936163 - Fix profiling-specific sandbox whitelist for x86_64. r=kang 
There is no sigaction, only rt_sigaction.
 2013-11-08 13:30:05 -08:00
Jed Davis
d8cfcfe430 Bug 936252 - Augment seccomp whitelist for b2g mochitests. r=kang 
FormHistory invokes sqlite3, which calls fsync and geteuid.
A form test calls nsIFile's remove method, which uses lstat.
The crash reporter uses socketpair/sendmsg, to send a pipe back to the parent.
 2013-11-11 09:11:43 -05:00
Brian Smith
b169487530 Bug 934378, Bug 898431: Update NSS to NSS 3.15.4 beta 2 (NSS_3_15_4_BETA2), r=me 
--HG--
extra : rebase_source : 079854e8533b46d24184547c1424078cfb68852f
 2013-11-09 11:02:17 -08:00
Brian Smith
09f6dec4df Bug 934663: Enable AES-GCM cipher suites; disable SEED, ECDH_*, and FIPS, and DSS+Camellia cipher suites, r=cviecco 
--HG--
extra : rebase_source : a1542ba09258448e571109bc4aa6423cd9ad616a
 2013-11-01 05:20:03 -07:00
Brian Smith
b0f72ab20d Bug 934327: Give OCSP-related NSS errors symbolic names in xpcshell tests, r=keeler 
--HG--
extra : rebase_source : 10bd4842f16a6a4e1cbd8d50505a70a6502d9581
 2013-10-14 21:36:18 -07:00
Garrett Robinson
1da990368c Bug 855326 - CSP 1.1 nonce-source for scripts and styles r=mrbkap r=dholbert r=geekboy 2013-11-08 15:44:39 -08:00
Carsten "Tomcat" Book
ae6f76e443 Merge mozilla-central to mozilla-inbound 2013-11-09 12:25:41 +01:00
ffxbld
f8d51d3d31 No bug, Automated HSTS preload list update from host bld-linux64-ec2-173 - a=hsts-update 2013-11-09 03:19:13 -08:00
Jed Davis
47aea81a72 Bug 936145 - Clean up architecture-specific parts of seccomp whitelist. r=kang 2013-11-08 15:31:20 -05:00
Daniel Holbert
9a3437dd77 backout 57213b64023b (bug 855326) for build bustage in debug builds 
CLOSED TREE
 2013-11-08 11:22:36 -08:00
Garrett Robinson
5add685cdd Bug 855326 - CSP 1.1 nonce-source for scripts and styles. r=mrbkap r=dholbert r=geekboy 2013-11-08 09:20:43 -08:00
Mike Hommey
8dc0b551b3 Bug 934864 - Add option to make INSTALL_TARGETS and PP_TARGETS keep the original path when copying/preprocessing. r=gps 
Also, refactored them for more debuggability and clarity.
 2013-11-09 10:32:53 +09:00
David Keeler
b61c9756db bug 934716 - generateCRMFRequest: accept only the first repeated keygen parameter r=cviecco 2013-11-07 10:42:59 -08:00
Kai Engert
8fe3207dca Bug 898431, Bug 935959, pick up NSS 3.15.4 beta1 in order to test recent NSS fixes, rs=me 2013-11-07 15:31:39 +01:00
Michael Shuen
b39e616813 Bug 933995 - Check return value of ImportCertsIntoPermanentStorage and CERT_ImportCerts. r=dkeeler 2013-11-06 12:30:45 -05:00
Brian R. Bondy
84c90e539e Bug 935042 - Allow more than one process to be sandboxed from a single sandboxbroker. r=aklotz 2013-11-05 13:07:40 -05:00
Ryan VanderMeulen
d54baa4c91 Merge m-c to inbound. 2013-11-04 16:31:13 -05:00
Carsten "Tomcat" Book
651904135a merge b2g-inbound to mozilla-central 2013-11-04 13:52:18 +01:00
Brian R. Bondy
f20fd64d25 Bug 934445 - Fix Windows linking error in Release mode only when MOZ_CONTENT_SANDBOX is defined. r=aklotz 2013-11-04 15:35:03 -05:00
Michael Shuen
f08198c634 Bug 933998 - Prevent leak in nsNSSCertificateDB::ConstructX509FromBase64. r=bsmith 2013-11-04 14:22:37 -05:00
Meadhbh Hamrick
b2b4678420 Bug 861266: Enable TLS 1.2 by default, r=briansmith 
--HG--
extra : rebase_source : 4f28724d58791e1ee0e281ff48232f5aaca2048f
 2013-11-01 04:48:57 -07:00
Brian Smith
c4d5fa5097 Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco 
--HG--
extra : rebase_source : 7cbc273155d04bc64a110eda9216c6f727ce0c18
 2013-10-24 14:32:09 -07:00
Brian Smith
fcee792ee1 Bug 898431: Update NSS to NSS 3.15.3 Beta 2 (NSS_3_15_3_BETA2), r=me 
--HG--
extra : rebase_source : e0c24dc8228477fc0647a9e1f534dcf96a355095
 2013-11-01 04:08:28 -07:00
Brian Smith
7191d86258 Bug 934171: Fix OCSP stapling test, r=mcmanus 
--HG--
extra : rebase_source : 4f77b595b2004dabf3444187424ac4426fb7a41a
 2013-11-02 19:57:26 -07:00
ffxbld
5b40e294be No bug, Automated HSTS preload list update from host bld-linux64-ec2-406 - a=hsts-update 2013-11-02 03:19:53 -07:00
Mike Hommey
3da504d65e Bug 933135 - Treat SIMPLE_PROGRAMS more like PROGRAM. r=mshal 2013-11-02 08:43:55 +09:00
Brian R. Bondy
71d02b0488 Bug 925571 - Packaging for Sandboxing dll. r=bsmedberg 2013-10-30 16:58:56 -07:00
Brian R. Bondy
eba93af7a1 Bug 925571 - Initial Windows content process sandbox broker code. r=aklotz 2013-10-30 16:58:52 -07:00
Brian R. Bondy
4c0646b2d2 Bug 925571 - Build config for plugin_container windows sandboxing. r=bsmedberg 2013-10-30 16:58:45 -07:00
Brian Smith
d7c650a645 Bug 733647: Enable TLS 1.1 by default, r=wtc 
--HG--
extra : rebase_source : 539406fa06a715e60d84b207a6112257262817f6
 2013-10-26 01:01:37 -07:00
David Keeler
7af4d46f21 bug 930209 - differentiate empty OCSP response from no OCSP response in tests r=cviecco 2013-10-28 13:15:53 -07:00
Brian R. Bondy
e4698a14ab Bug 922756 - Changes to import of Chromium sandbox so that it's buildable. r=aklotz 2013-10-28 14:54:46 -07:00
Brian R. Bondy
52aea6cfef Bug 922756 - Initial import of subset of Chromium sandbox. r=aklotz 2013-10-28 14:54:42 -07:00
Brian R. Bondy
de45bd4422 Bug 922756 - Build config for Chromium sandbox. r=bsmedberg 
--HG--
rename : security/sandbox/LICENSE => security/sandbox/linux/LICENSE
rename : security/sandbox/Makefile.in => security/sandbox/linux/Makefile.in
rename : security/sandbox/Sandbox.cpp => security/sandbox/linux/Sandbox.cpp
rename : security/sandbox/Sandbox.h => security/sandbox/linux/Sandbox.h
rename : security/sandbox/android_arm_ucontext.h => security/sandbox/linux/android_arm_ucontext.h
rename : security/sandbox/android_i386_ucontext.h => security/sandbox/linux/android_i386_ucontext.h
rename : security/sandbox/android_ucontext.h => security/sandbox/linux/android_ucontext.h
rename : security/sandbox/arm_linux_syscalls.h => security/sandbox/linux/arm_linux_syscalls.h
rename : security/sandbox/linux_seccomp.h => security/sandbox/linux/linux_seccomp.h
rename : security/sandbox/linux_syscalls.h => security/sandbox/linux/linux_syscalls.h
rename : security/sandbox/moz.build => security/sandbox/linux/moz.build
rename : security/sandbox/seccomp_filter.h => security/sandbox/linux/seccomp_filter.h
rename : security/sandbox/x86_32_linux_syscalls.h => security/sandbox/linux/x86_32_linux_syscalls.h
rename : security/sandbox/x86_64_linux_syscalls.h => security/sandbox/linux/x86_64_linux_syscalls.h
 2013-10-28 14:54:36 -07:00
Brian R. Bondy
35c298f670 Bug 931429 - Fix PR_LOG compiling error for sandbox code on Linux. r=kang 2013-10-28 14:42:26 -07:00
Birunthan Mohanathas
145d3ff4f2 Bug 784739 - Switch from NULL to nullptr in security/; r=ehsan 2013-10-28 10:05:19 -04:00
Eddy Bruel
359289b5e5 Bug 880330 - Refactor crypto to use the new options API; r=bholley 2013-10-28 12:57:08 +01:00
Phil Ringnalda
951d073394 Merge m-c to m-i 2013-10-26 11:19:17 -07:00
ffxbld
a99bd4efd6 No bug, Automated HSTS preload list update from host bld-linux64-ec2-441 - a=hsts-update 2013-10-26 03:17:16 -07:00
Mike Hommey
b000a846c2 Bug 929905 - Consolidate sources in moz.build. r=gps 2013-10-25 08:23:05 +09:00
Brian Smith
3842b267a1 Bug 754356: Remove TLS intolerance timeout logic, r=honzab 
--HG--
extra : rebase_source : 49c4563800ce9727e11e08d857db44c1294a074b
 2013-10-15 01:14:50 -07:00
Brian Smith
50c4793f62 Backed out changeset 673ca84a9171 because of wrong bug number in commit message 
--HG--
extra : rebase_source : 32c92c4cb98097caf8805fdae98d9c435580c8c9
 2013-10-26 00:51:47 -07:00
Brian Smith
bdc5f15a1f Bug 450280: Remove timeout logic for TLS intolerance, r=honzab 2013-10-15 01:14:50 -07:00
Patrick Wang
5f3a169c05 Bug 881761 - Part 2: Exposing configureMD5 in nsNSSComponent. r=bsmith 2013-10-11 11:27:51 +08:00
Patrick Wang
5243e79ada Bug 881761 - Part 1: Move initializing cipher suite to public function. r=keeler,honzab 2013-09-17 15:29:15 +08:00
Brian O'Keefe
9c9d71fddb Bug 928709 - Convert chromium-config.mk to mozbuild, r=mshal 2013-10-02 13:17:55 -04:00
Michael Harrison
52fc47f2da Bug 917049 - Remove the security.enable_tls_session_tickets pref. r=keeler 2013-10-22 12:33:00 +01:00
Carsten "Tomcat" Book
0e4e01758c Merge mozilla-inbound to Mozilla-Central 2013-10-24 07:05:29 +02:00
Mike Hommey
59a17d0f20 Bug 921492 - Make StrictOrderingOnAppendList use actual alphabetical sorting. r=mshal,r=gps 2013-10-24 08:05:43 +09:00
Mike Hommey
3fa7456cd6 Bug 913268 - Make CPP_SOURCES a StrictOrderingOnAppendList. r=mshal 2013-10-24 08:00:23 +09:00
Paolo Amadini
cd2ba67f77 Bug 928349 - Add a build-time setting to use only the JavaScript API for downloads, and enable it in Firefox for Desktop. r=enn 2013-10-23 21:46:47 +02:00
Camilo Viecco
d331acd967 Bug 918120: reduce soft fail ocsp timeouts to 3 secs. r=bsmith. 2013-09-23 09:25:53 -07:00
Camilo Viecco
9cdbcf49ca Bug 911336: nsNSSCertificateDB does not lock nssShutdown correctly. r=keeler. 2013-08-29 16:15:35 -07:00
Ms2ger
788668d2c2 Bug 908142 - Part b: Move FAIL_ON_WARNINGS to moz.build in security/sandbox/; r=gps 2013-10-20 09:25:19 +02:00
ffxbld
b7bc539e69 No bug, Automated HSTS preload list update from host bld-linux64-ec2-326 - a=hsts-update 2013-10-19 03:22:40 -07:00
Camilo Viecco
9216b8ad8d Bug 895601: Add tests to cert verification in psm. r=keeler. 2013-07-30 11:18:40 -07:00
Chris Peterson
ab0945ca8d Bug 927209 - Fix -Wunused-function and -Wreorder warnings in nsNSSIOLayer.cpp. r=bsmith 2013-10-15 16:22:13 -07:00
Mike Hommey
ca1b5bf42a Bug 926906 - Kill core_abspath, core_realpath and core_winabspath. r=gps 2013-10-17 07:55:16 +09:00
Mike Hommey
0547bcf728 Bug 925605 - Allow to build with a special build of GNU make on windows. r=gps 2013-10-16 08:34:18 +09:00
Wes Kocher
1ec4cf1ebf Backed out changeset 5f0bfb16fa4a (bug 925605) 2013-10-15 16:57:00 -07:00
Mike Hommey
616f4b2735 Bug 925605 - Allow to build with a special build of GNU make on windows. r=gps 2013-10-16 08:34:18 +09:00
Brian Smith
71db6985d3 Bug 839310: Expand TLS intolerance logic to work for versions beyond TLS 1.0, r=keeler, r=wtc 
--HG--
extra : rebase_source : b83a610d08abb428f0f6894fa935712f820ddfe8
 2013-10-11 00:17:19 -07:00
ffxbld
90e84c8792 No bug, Automated HSTS preload list update from host bld-linux64-ec2-391 - a=hsts-update 2013-10-12 03:18:11 -07:00
Ed Morley
ad67fba436 Backed out changeset cff5a22acb7c (bug 924992) for breaking upload_symbolds on Nightlies 2013-10-11 17:49:25 +01:00
Honza Bambas
fda9e3c937 Bug 923248 - Fix typo in proxy/direct NTLM module telemetry accumulation, r=jduell 2013-10-10 19:10:45 +02:00
Mike Hommey
afd5566358 Bug 924992 - Use an absolute path for DIST; r=gps 2013-10-10 18:00:44 +09:00
Jed Davis
d613247079 Bug 912822 - Enable sandbox logging on Android without setting NSPR_LOG_MODULES. r=kang 2013-10-06 15:15:50 -04:00
Phil Ringnalda
fb530eed04 Merge m-i to m-c 2013-10-05 17:39:34 -07:00
ffxbld
10fcd4943f No bug, Automated HSTS preload list update from host bld-linux64-ec2-165 - a=hsts-update 2013-10-05 03:24:02 -07:00
Jed Davis
2282623604 Bug 919090 - Let content processes use sigaction and tgkill if profiling enabled. r=kang 2013-10-04 13:29:48 -04:00
Ms2ger
4c35b806f8 Merge m-c to inbound. 2013-10-03 11:09:17 +02:00
Ms2ger
f4153f40d4 Bug 900980 - Part a: Move unconditional assignments to EXPORT_LIBRARY to moz.build; rs=gps 2013-10-03 09:11:13 +02:00
Ms2ger
d1e1fda3b3 Bug 922288 - Remove some unnecessary boilerplate from Makefile.ins; r=mshal 2013-10-03 09:10:00 +02:00
Ms2ger
1ee1f27aa3 Bug 922268 - Remove empty makefiles; r=gps 2013-10-03 09:10:00 +02:00
Gregory Szorc
54c1de66d6 Bug 920223 - Part 3: Mass convert MOCHITEST_BROWSER_FILES to manifests; rs=Ms2ger 2013-09-30 09:52:06 +02:00
Gregory Szorc
e6acf6270f Bug 920223 - Part 2: Mass convert MOCHITEST_CHROME_FILES to manifests; rs=Ms2ger 2013-09-30 09:52:01 +02:00
Gregory Szorc
1cff342d15 Bug 920223 - Part 1: Mass convert MOCHITEST_FILES to manifests; rs=Ms2ger 2013-09-30 09:51:57 +02:00
Ed Morley
18a411a55c Backed out changeset 77bff106b704 (bug 920223) 2013-09-30 12:50:12 +01:00
Ed Morley
53a451894a Backed out changeset 68b6b152f51a (bug 920223) 2013-09-30 12:50:09 +01:00
Ed Morley
2c7dd24541 Backed out changeset 8b02873ee07e (bug 920223) 2013-09-30 12:50:05 +01:00
Gregory Szorc
8344d8a946 Bug 920223 - Part 3: Mass convert MOCHITEST_BROWSER_FILES to manifests; rs=Ms2ger 2013-09-30 09:52:06 +02:00