David Keeler
98d942eac1
bug 1366100 - disable OCSP fetching for DV certificates in nightly r=jaws,jcj
...
After this change, the platform will only fetch OCSP responses for EV
certificates (in nightly).
MozReview-Commit-ID: 3d9kzCYmnsa
--HG--
extra : rebase_source : e0cbbf6615e1ba813461dd13350f40ae7e0fbc07
2017-05-23 17:07:51 -07:00
tiago
95d9608ba4
Bug 1367198 - Remove duplicate ESLint rule definitions from various .eslintrc.js files. r=standard8
...
MozReview-Commit-ID: AUz5l7XPfwY
--HG--
extra : rebase_source : 2cb4758cdf51765fc61fbc6795fcd7bc85ef67bf
2017-05-24 13:55:24 -03:00
Jed Davis
f6b03fa260
Bug 1355274 - Polyfill SOCK_DGRAM socketpairs with SOCK_SEQPACKET, for libasyncns. r=gcp
...
MozReview-Commit-ID: 2DeklSGsjUV
--HG--
extra : rebase_source : 8a202c23dc9a3ddede49b08ce1e0792dfb40bdbf
2017-04-11 20:55:34 -06:00
Jed Davis
675bae8c8d
Bug 1364533 - Allow madvise huge page hints. r=gcp
...
MozReview-Commit-ID: 7sNWS2sFJCx
--HG--
extra : rebase_source : c1730d2ac5d352dcaec1889d4f20dd9bc0a838a8
2017-05-12 20:04:07 -06:00
ffxbld
af8ecb9a1e
No bug, Automated HPKP preload list update from host bld-linux64-spot-376 - a=hpkp-update
2017-05-24 08:09:01 -07:00
ffxbld
08e4cade1c
No bug, Automated HSTS preload list update from host bld-linux64-spot-376 - a=hsts-update
2017-05-24 08:08:58 -07:00
Ryan VanderMeulen
e096678430
Merge m-c to autoland. a=merge UPGRADE_NSS_RELEASE
...
--HG--
rename : dom/security/test/sri/iframe_style_crossdomain.html => dom/security/test/sri/iframe_style_crossdomain_legacy.html
rename : mobile/android/themes/core/content.css => mobile/android/themes/geckoview/content.css
rename : mobile/android/themes/core/images/accessiblecaret-normal-hdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-normal-hdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-normal-xhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-normal-xhdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-normal-xxhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-normal-xxhdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-left-hdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-left-hdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-left-xhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-left-xhdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-left-xxhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-left-xxhdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-right-hdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-right-hdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-right-xhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-right-xhdpi.png
rename : mobile/android/themes/core/images/accessiblecaret-tilt-right-xxhdpi.png => mobile/android/themes/geckoview/images/accessiblecaret-tilt-right-xxhdpi.png
rename : mobile/android/themes/core/images/dropmarker-right.svg => mobile/android/themes/geckoview/images/dropmarker-right.svg
rename : mobile/android/themes/core/images/dropmarker.svg => mobile/android/themes/geckoview/images/dropmarker.svg
rename : mobile/android/themes/core/images/cast-active.svg => mobile/android/themes/geckoview/images/videocontrols-cast-active.svg
rename : mobile/android/themes/core/images/cast-ready.svg => mobile/android/themes/geckoview/images/videocontrols-cast-ready.svg
rename : mobile/android/themes/core/images/exitfullscreen.svg => mobile/android/themes/geckoview/images/videocontrols-exitfullscreen.svg
rename : mobile/android/themes/core/images/fullscreen.svg => mobile/android/themes/geckoview/images/videocontrols-fullscreen.svg
rename : mobile/android/themes/core/images/mute.svg => mobile/android/themes/geckoview/images/videocontrols-mute.svg
rename : mobile/android/themes/core/images/pause.svg => mobile/android/themes/geckoview/images/videocontrols-pause.svg
rename : mobile/android/themes/core/images/play.svg => mobile/android/themes/geckoview/images/videocontrols-play.svg
rename : mobile/android/themes/core/images/scrubber.svg => mobile/android/themes/geckoview/images/videocontrols-scrubber.svg
rename : mobile/android/themes/core/images/unmute.svg => mobile/android/themes/geckoview/images/videocontrols-unmute.svg
rename : mobile/android/themes/core/scrollbar-apz.css => mobile/android/themes/geckoview/scrollbar-apz.css
rename : mobile/android/themes/core/touchcontrols.css => mobile/android/themes/geckoview/videocontrols.css
extra : rebase_source : a5b4c2c75991990af25c4686ff96c199834ff317
2017-05-23 13:41:47 -04:00
ffxbld
0fea6cd28c
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-05-23 08:08:00 -07:00
ffxbld
0704600a36
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-05-23 08:07:57 -07:00
Franziskus Kiefer
073576f302
Backed out changeset bf6ee973f04e because of Android bustage UPGRADE_NSS_RELEASE
...
--HG--
extra : amend_source : 6502b79382c14536c060c03b428172cb6edc9d3f
2017-05-23 13:22:21 +02:00
Franziskus Kiefer
66f094103a
Bug 1345368 - land NSS 0c3800b6eaba UPGRADE_NSS_RELEASE, r=me
2017-05-23 12:36:33 +02:00
David Keeler
3ddfb3c1ce
bug 1364159 - potentially avoid calling CERT_CreateSubjectCertList in NSSCertDBTrustDomain::FindIssuer r=Cykesiopka,jcj
...
CERT_CreateSubjectCertList is not an inexpensive function call, since it
enumerates the certificate database (i.e. reads from disk a lot). If we're
verifying for a TLS handshake, however, we should already have in memory a
certificate chain sent by the peer (there are some cases where we won't, such as
session resumption (see bug 731478)). If we can, we should use those
certificates before falling back to calling CERT_CreateSubjectCertList.
MozReview-Commit-ID: ASjVGsELb1O
--HG--
extra : rebase_source : 1efc635d4a98079c87f77ef3794e4b2f20eec59f
2017-05-11 16:41:12 -07:00
Cykesiopka
73288e2bbf
Bug 1174555 - Improve state string parsing test coverage. r=keeler
...
MozReview-Commit-ID: Fv66f1gu4kT
--HG--
extra : rebase_source : f02a317fd958909d42bad9cd206f5a74f36d8689
2017-05-21 10:43:44 +08:00
Cykesiopka
114202795c
Bug 1174555 - Clean up some SiteSecurityService state file related tests. r=keeler
...
MozReview-Commit-ID: 6qXV04CUElu
--HG--
extra : rebase_source : ba47e0cfe9317703895df02277568e59cc56591c
2017-05-21 10:43:32 +08:00
Cykesiopka
c1efdc2244
Bug 1174555 - Stop using PR_sscanf() in nsSiteSecurityService.cpp. r=keeler
...
While the uses of PR_sscanf() in PSM are safe, the function in general is
vulnerable to format string attacks, and so should be avoided.
This change removes the only uses of the function in PSM and moves to the more
obviously safe mozilla::Tokenizer.
MozReview-Commit-ID: J4BP6JTE1zI
--HG--
extra : rebase_source : e77e8b1ba70bef6f0ff794b7d066bbbdebe8f58e
2017-05-21 10:43:18 +08:00
Bob Owen
e6bdfd5594
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
MozReview-Commit-ID: Jn6pCkLoGNM
--HG--
extra : source : 431267ab28deabef6ed7c791d8dff79e3fe590c1
2017-05-22 20:41:28 +01:00
Bob Owen
035cf9bdc2
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
--HG--
extra : source : c3fb60fbc32660719c1b8b06dc785abd4559d6c0
2017-05-22 20:41:27 +01:00
Wes Kocher
848c9aa744
Backed out 3 changesets (bug 1339105) for plugin process leaks a=backout
...
Backed out changeset 431267ab28de (bug 1339105)
Backed out changeset 445875fbf13b (bug 1339105)
Backed out changeset c3fb60fbc326 (bug 1339105)
MozReview-Commit-ID: 4HYUQbHHnox
2017-05-22 15:14:23 -07:00
Bob Owen
16a4871cdf
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 20:41:28 +01:00
Bob Owen
edf3a239b1
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 20:41:27 +01:00
Sebastian Hengst
89e33081c6
Backed out changeset 50bf4c923818 (bug 1339105) for Windows bustage: calling protected constructor of class 'nsAString' at sandboxBroker.cpp(208,11). r=backout on a CLOSED TREE
2017-05-22 16:16:16 +02:00
Sebastian Hengst
2a69fd246c
Backed out changeset 367734cc9370 (bug 1339105)
2017-05-22 16:14:27 +02:00
Bob Owen
62c455086d
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 14:29:06 +01:00
Bob Owen
f24abd4ac3
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 14:29:06 +01:00
Mark Banner
0ce286101c
Bug 1359011 - Make the mozilla/recommended eslint configuration the default for the whole tree. r=mossop
...
MozReview-Commit-ID: HtUW43tCli1
--HG--
extra : rebase_source : 6496bc47860d9c1ab522a78e73b41550700021cb
2017-04-25 20:12:21 +01:00
Ryan VanderMeulen
c1ebf1a679
Merge autoland to m-c. a=merge
2017-05-19 11:37:57 -04:00
ffxbld
d8e6abb218
No bug, Automated HPKP preload list update from host bld-linux64-spot-309 - a=hpkp-update
2017-05-19 08:36:17 -07:00
ffxbld
446dd7af72
No bug, Automated HSTS preload list update from host bld-linux64-spot-309 - a=hsts-update
2017-05-19 08:36:14 -07:00
Wes Kocher
90573b0612
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: FYdNNRDmEla
2017-05-18 17:21:30 -07:00
Cykesiopka
73916bae28
Bug 1362735 - Clean up nsIPKCS11 implementation. r=keeler
...
The changes here:
1. Make it easier to discover where nsIPKCS11 is implemented / make it easier to
discover what the file implements.
2. Reduce global scope pollution.
3. Make nsCrypto.h no longer unnecessarily exported.
4. Remove NS_CRYPTO_CONTRACTID from nsDOMCID.h, since the define isn't used
anywhere.
5. Move the definition of NS_PKCS11_CONTRACTID from nsDOMCID.h into PSM code,
since this contract ID is firmly in PSM territory now.
MozReview-Commit-ID: 2PdFM0mlL4R
--HG--
rename : security/manager/ssl/nsCrypto.cpp => security/manager/ssl/PKCS11.cpp
rename : security/manager/ssl/nsCrypto.h => security/manager/ssl/PKCS11.h
extra : rebase_source : 46667edef5a1d8c910d96dec1125c05bc3477bee
2017-05-19 00:57:46 +08:00
ffxbld
f2272dd703
No bug, Automated HPKP preload list update from host bld-linux64-spot-361 - a=hpkp-update
2017-05-18 08:02:44 -07:00
ffxbld
6a62795f0e
No bug, Automated HSTS preload list update from host bld-linux64-spot-361 - a=hsts-update
2017-05-18 08:02:41 -07:00
Wes Kocher
0a5ec26ac6
Merge inbound to central, a=merge
...
UPGRADE_NSS_RELEASE
MozReview-Commit-ID: 9BuuGYyJ3RJ
--HG--
extra : amend_source : 57de84460e0ace13892ff1623451b9b9be8eaeeb
2017-05-17 14:48:30 -07:00
ffxbld
399a95bd59
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-05-17 08:11:58 -07:00
ffxbld
4d10d237bc
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-05-17 08:11:55 -07:00
Franziskus Kiefer
3d4912c914
Bug 1345368 - land NSS 57e38a8407b3, r=me
...
UPGRADE_NSS_RELEASE
--HG--
extra : rebase_source : 64f2e33d0ca49b6870882d204e899442af785ba4
extra : amend_source : 7277b5d0c15a2d51726d216f57bfed7958b45c8a
2017-05-16 17:12:24 +02:00
ffxbld
b2cb7e672d
No bug, Automated HPKP preload list update from host bld-linux64-spot-380 - a=hpkp-update
2017-05-16 08:13:54 -07:00
ffxbld
19e0f277b1
No bug, Automated HSTS preload list update from host bld-linux64-spot-380 - a=hsts-update
2017-05-16 08:13:51 -07:00
Wes Kocher
476feed09f
Merge m-c to inbound, a=merge
...
MozReview-Commit-ID: 6IorAN8i9Ot
2017-05-15 16:34:36 -07:00
Christoph Kerschbaumer
e4f38c8d7c
Bug 1362993 - Rewrite gBrowser.addTab() to use BrowserTestUtils.addTab(). r=florian
2017-05-15 21:49:50 +02:00
ffxbld
ae24a3c83d
No bug, Automated HPKP preload list update from host bld-linux64-spot-388 - a=hpkp-update
2017-05-15 08:12:24 -07:00
ffxbld
72bbccaa89
No bug, Automated HSTS preload list update from host bld-linux64-spot-388 - a=hsts-update
2017-05-15 08:12:21 -07:00
Sebastian Hengst
54ede0dc6f
merge autoland to mozilla-central. r=merge a=merge
...
MozReview-Commit-ID: 8kOFbYIPLER
2017-05-14 18:00:48 +02:00
ffxbld
e565da0035
No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
2017-05-14 08:03:09 -07:00
ffxbld
f899cc0d30
No bug, Automated HSTS preload list update from host bld-linux64-spot-302 - a=hsts-update
2017-05-14 08:03:06 -07:00
ffxbld
06b337ab22
No bug, Automated HPKP preload list update from host bld-linux64-spot-305 - a=hpkp-update
2017-05-13 08:04:42 -07:00
ffxbld
418e3e6f07
No bug, Automated HSTS preload list update from host bld-linux64-spot-305 - a=hsts-update
2017-05-13 08:04:39 -07:00
Sebastian Hengst
97a63d02ee
merge mozilla-central to autoland. r=merge a=infra-fix on a CLOSED TREE
...
--HG--
extra : amend_source : df33eddb7158f7ecf8d1677755d46f948c7bfa04
2017-05-14 00:39:30 +02:00
Alex Gaynor
33b7e1fa87
Bug 1363179 - do not allow content processes to read from /Volumes on macOS r=haik
...
MozReview-Commit-ID: 8osJVQD3myh
--HG--
extra : rebase_source : 8cda32ca1bca80b796458d36099244a45af2f185
2017-05-12 16:18:57 -04:00
ffxbld
278ecdca02
No bug, Automated HPKP preload list update from host bld-linux64-spot-035 - a=hpkp-update
2017-05-12 08:14:12 -07:00