Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-15 06:15:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
471,325 Commits 615 Branches 98 Tags 5.8 GiB
ccf25559ce
Commit Graph

10202 Commits

Author SHA1 Message Date
Carsten "Tomcat" Book
fbeb4ca1bd Merge mozilla-central to mozilla-inbound 2016-04-18 08:51:38 +02:00
ffxbld
9fa9277647 No bug, Automated HPKP preload list update from host bld-linux64-spot-312 - a=hpkp-update 2016-04-16 04:49:09 -07:00
ffxbld
1d4acf2cee No bug, Automated HSTS preload list update from host bld-linux64-spot-312 - a=hsts-update 2016-04-16 04:49:07 -07:00
Cykesiopka
59774a5b4e Bug 1262645 - Address misc issues with nsGetUserCertChoice(). r=keeler 
The follow issues are fixed:
  - Returning a failure result when failing to get a pref value instead of more
    gracefully falling back to a default.
  - Using an enum instead of a more strongly typed enum class.
  - Using a pref branch instead of the preferred Preferences.h API.
  - Manual memory management.
  - Unnecessary use of pointers.

MozReview-Commit-ID: FKw5kBhnwxL

--HG--
extra : transplant_source : %21K%E2%83/%A5%AB%DB3%F4%FB%2CUD%9E%B6l%1C%3A%22
 2016-04-15 16:51:41 -07:00
Carsten "Tomcat" Book
eae4a312af Bug 1261751 - Problems with OS X Sandboxed TempDir and Rules. r=bobowen r=gcp 
--HG--
extra : amend_source : 2011128c7e5406d7865da2b24f81facf7889cb0e
 2016-04-16 09:00:29 +02:00
Jonas Sicking
d310d4dcee Fix unified-build bustage from bug 1264706. r=bustage 2016-04-15 15:21:38 -07:00
Jonas Sicking
32e5673b7a Fix linting bustage for bug 1264706. r=bustage 2016-04-15 15:12:39 -07:00
Jonas Sicking
9c521f30da Bug 1264706: Move nsILocalCertService, and implementation, to security/manager/ssl in order to alloow use w use elsewhere in gecko. r=dkeeler 
--HG--
rename : devtools/shared/security/LocalCertService.cpp => security/manager/ssl/LocalCertService.cpp
rename : devtools/shared/security/LocalCertService.h => security/manager/ssl/LocalCertService.h
rename : devtools/shared/security/nsILocalCertService.idl => security/manager/ssl/nsILocalCertService.idl
rename : devtools/shared/security/tests/unit/test_cert.js => security/manager/ssl/tests/unit/test_local_cert.js
 2016-04-15 14:52:13 -07:00
Julian Hector
d9a01beca2 Bug 1259283 - Add sys_fchown to seccomp whitelist. r=jld 2016-04-13 12:41:19 +00:00
J.C. Jones
63f7ce5155 Bug 1244960 - Complete FIDO u2f NSSToken (Part 1). r=keeler, r=baku 
- Merge in test changes from Bug 1255784.
- Remove the unnecessary mutex
- Stop doing direct memory work in NSS Token
- Clean up direct memory work in ContentParent
- In order to store persistent crypto parameters, the NSSToken had to move
  onto the main thread and be interfaced with via IDL/IPDL.
- Support Register/Sign via NSS using a long-lived secret key
- Rename the softtoken/usbtoken "enable" prefs, because of hierarchy issues
  with the WebIDL Pref shadowing.
- Also orders the includes on nsNSSModule.cpp
- Attestation Certificates are in Part 2.

Updates per keeler review comments:

- Use //-style comments everywhere
- Refactor the PrivateKeyFromKeyHandle method
- Rename the logging and fix extraneous NS_WARN_IF/logging combinations
- Other updates from review

April 11-12:

- Correct usage of the "usageCount" flag for PK11_UnwrapPrivKey
- Rebase up to latest

April 15:
- Rebase to latest

MozReview-Commit-ID: 6T8jNmwFvHJ

--HG--
extra : transplant_source : w%26%CES%2Cu%04%3EAl%04%2Cb%E2v%C9%08%3A%CC%F4
 2016-04-15 09:29:12 -07:00
Tim Taubert
501a3b98fe Bug 1235634 - Construct nsNSSShutdownList::singleton lazily on first use r=keeler 2016-04-13 11:06:44 +02:00
Mark Goodwin
23e56a0fd2 Bug 1252882 - Add a Content Signature Service r=keeler,r=franziskus,r=Cykesiopka 
MozReview-Commit-ID: 2nS6vN3iDKe
 2016-04-13 13:26:01 +01:00
Mark Goodwin
bc46a6a645 Bug 1252882 - Content-Signature Service - some tests r=keeler,r=fkiefer 
MozReview-Commit-ID: AQGAABvRbNZ
 2016-04-08 14:27:52 +01:00
Thomas Zimmermann
e1b5ef463a Bug 1264226: Don't use '_COARSE' Posix clocks if not defined, r=jld 
Not all systems (i.e., Gonk) support CLOCK_MONOTONIC_COARSE and
CLOCK_REALTIME_COARSE. With this patch, we don't refer to them if
they are not supported.
 2016-04-14 10:12:39 +02:00
Cykesiopka
c510e4037b Bug 1029173 - Clean up nsDataSignatureVerifier. r=keeler 
This patch does the following:
 - Implements nsNSSShutDownObject.
 - Replaces more raw pointers with smart pointers.
 - Fixes other misc issues.

MozReview-Commit-ID: HulWdonEbP8

--HG--
extra : transplant_source : %DC%27%14%AE%28%A2F%80%1F%2C%83L%D3h%A2%C7k%F0%1C%2B
 2016-04-12 18:09:06 -07:00
Kai Engert
70551ded71 Bug 1258375, NSS_3_24_BETA6 and required adjustments to PSM and packaging, r=martin.thomson, r=glandium 2016-04-12 14:40:44 +02:00
Chris Pearce
cb3b390405 Bug 1245789 - Whitelist functions needed by Widevine CDM in GMP child processes. r=jed 
MozReview-Commit-ID: C6bpItv1qpi
 2016-04-12 16:12:21 +12:00
Chris Pearce
114ad957d2 Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen 
Otherwise Widevine CDM won't load on Windows. Other GMPs are still loaded at USER_LOCKDOWN.

MozReview-Commit-ID: aCTG1tQuwt
 2016-04-12 16:12:20 +12:00
David Keeler
b2887661d5 bug 1263221 - improve how PSM handles the visibility of __CERT_AddTempCertToPerm r=chmanchester,mgoodwin 
MozReview-Commit-ID: GXiXANNa6Op

--HG--
extra : rebase_source : ffb96a89aabd933f200e39d528d6f5f41e035d7e
 2016-04-08 10:30:32 -07:00
Kai Engert
f8da0365fd Backout revision 36f75c2863a1, bug 1258375 2016-04-11 17:00:39 +02:00
Kai Engert
b471460db8 Bug 1258375, NSS_3_24_BETA5 and required adjustments to PSM and packaging, r=martin.thomson, r=glandium 2016-04-11 16:40:36 +02:00
Cykesiopka
b883b2533f Bug 1259909 - Obviate char PORT_Free() calls in PSM. r=keeler 
Also converts the longer |UniquePtr<char, void(&)(void*)> foo(..., PORT_Free)|
to the shorter and equivalent |UniquePORTString foo(...)|.

MozReview-Commit-ID: LlrTNUYBP4V

--HG--
extra : transplant_source : afU%FB%0EC%3E%E0pm%A3-%0E%C8%83%CF%0A%B1%9E%ED
 2016-04-09 01:03:59 -07:00
Ryan VanderMeulen
bb5308d31a Merge m-c to inbound. a=merge 2016-04-09 10:08:57 -04:00
ffxbld
e7db699836 No bug, Automated HPKP preload list update from host bld-linux64-spot-428 - a=hpkp-update 2016-04-09 04:47:02 -07:00
ffxbld
eae40b0bb0 No bug, Automated HSTS preload list update from host bld-linux64-spot-428 - a=hsts-update 2016-04-09 04:47:00 -07:00
Wes Kocher
dfc7e5253f Merge m-c to inbound, a=merge 
MozReview-Commit-ID: 9YZdlIARozU
 2016-04-08 16:47:03 -07:00
Wes Kocher
b6d0503738 Merge fx-team to central, a=merge 
MozReview-Commit-ID: yuSA0kqs0F
 2016-04-08 15:26:49 -07:00
Dave Townsend
bf59524a62 Bug 1257246: Update security/manager for eslint 2. r=cykesiopka 
MozReview-Commit-ID: C04uJOhTbjw

--HG--
extra : rebase_source : 39fb9a3ce183b05e0b924563e055431828bab50d
extra : histedit_source : aacec3a02d251d0ec8e13e78900a6f53bc205ec3
 2016-04-05 11:32:28 -07:00
David Keeler
7dd242bb39 bug 1261936 - stop using the subject common name in certificate verification error messages r=Cykesiopka 
MozReview-Commit-ID: G08cV5GmNDh

--HG--
extra : rebase_source : c79b34d893e7acddc8ee02a6c354dcaa1de07d61
 2016-04-04 16:25:24 -07:00
Julian Hector
2d64db058c Bug 1259273 - Add sys_unlink to seccomp-bpf whitelist. r=jld 2016-04-06 19:48:23 +00:00
Tim Taubert
63c7f51d31 Bug 842818 - Make Crypto::GetRandomValues() work off the main thread r=baku,keeler,mt 2015-09-22 10:50:36 +02:00
Cykesiopka
54da7e65e7 Bug 1252384 - Remove nsICertTree.isHostPortOverride(). r=dkeeler 
It is unused since the changes in Bug 825583 landed.

MozReview-Commit-ID: 2u2eu0aDqeH

--HG--
extra : transplant_source : f%5Ev%00%B6%8B%3E%5E%26%C3%10%25%D9%16%C1%98yhf%D2
 2016-04-06 07:02:17 -07:00
Bob Owen
907939a278 Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz 
MozReview-Commit-ID: Fu05wLn27UG
 2016-04-07 08:28:14 +01:00
Wes Kocher
06944947a0 Backed out changeset 069c82269f81 (bug 1258375) for Windows xperf failures 
MozReview-Commit-ID: DwhDorbB2PO
 2016-04-06 16:51:48 -07:00
Kai Engert
02dd23b86a Bug 1258375, NSS_3_24_BETA4 and required adjustments to PSM and packaging, r=martin.thomson, r=glandium 2016-04-06 21:43:36 +02:00
Cykesiopka
efe5b47ede Bug 1260644 - Use UniquePLArenaPool to manage PLArenaPools in PSM. r=keeler 
MozReview-Commit-ID: HyLXbWoHMGz

--HG--
extra : rebase_source : 6164b7df51e11c4d3814a06bd41765d40be85a9d
 2016-04-04 17:35:24 -07:00
Tim Taubert
313721942c Bug 1261213 - Follow-up to make eslint happy r=bustage 2016-04-06 10:32:16 +02:00
Tim Taubert
96b0d713ad Bug 1261213 - make test_sts_privatebrowsing_perwindowpb.html work under e10s r=keeler,mrbkap,felipe 2016-04-05 12:52:19 +02:00
Cykesiopka
1f493434a0 Bug 1127158 - Remove brittle debug only flag math in nsSecureBrowserUIImpl.cpp. r=dkeeler 
MozReview-Commit-ID: 3d5mYDjzJwf

--HG--
extra : rebase_source : ce0b714b92d9deed79a8a9e24e0d8db4b9eef8c7
 2016-04-01 06:16:58 -07:00
timeless@mozdev.org
cbc8dc0b64 Bug 550185 - Ensure nsCertTree::GetCellText returns an initialized value. r=kaie 
--HG--
extra : rebase_source : 4c4529a62c5acb7bba52e8cb94e69e795a85b7e1
 2016-04-04 21:18:00 +02:00
David Keeler
9825c57bc3 bug 1239166 - platform work to support Microsoft Family Safety functionality r=froydnj,mgoodwin,mhowell,rbarnes,vladan 
MozReview-Commit-ID: GhpJqJB97r9

--HG--
extra : rebase_source : e943c1e4d0f008ffd6b6bb4bb63e1daf27ae2c96
 2016-01-12 15:39:43 -08:00
David Keeler
6e4140d766 bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin 
MozReview-Commit-ID: 7xT6JGpOH1g

--HG--
extra : rebase_source : 0def29e8be898a2d975ee4390b3bc6a193766b1b
 2016-02-09 10:14:27 -08:00
Cykesiopka
ed5502e22f Bug 1252722 - Add additional tests. r=keeler 
MozReview-Commit-ID: Ds5t8RSd1Mk

--HG--
extra : transplant_source : %92Nx%E8%7E%3A%E6%97w%8A%D0%102%7D%8D%93%A2%9D%A4%25
 2016-03-31 17:33:06 -07:00
Cykesiopka
bc9cb4c633 Bug 1252722 - Improve handling of PK11_* function error codes. r=keeler 
MozReview-Commit-ID: DWNNXq8ZJ47

--HG--
extra : transplant_source : N%10%80%B2%9C%DEwu%0B%BF%FB%3B%D4%06%D8W%2AyBh
 2016-03-31 17:33:00 -07:00
Cykesiopka
531fe59f42 Bug 1252722 - Ensure arguments of all public methods are checked. r=keeler 
MozReview-Commit-ID: 5UJup8k8iGe

--HG--
extra : transplant_source : %D0v%7B%F2%60%04%E3%11%15_%AC%A0%D0%CE%0D%3A0q%96%24
 2016-03-31 17:32:53 -07:00
Cykesiopka
0ebbbafe4b Bug 1252722 - Use smart pointers for NSS resources. r=keeler 
MozReview-Commit-ID: Gg3DNjGiNIQ

--HG--
extra : transplant_source : _%AC%97%FA%DA%FF%FE%95%E5%D4%3C%BE%82%E4%24%D9F%ADB%89
 2016-03-31 17:31:55 -07:00
Cykesiopka
db361c5c2d Bug 1252722 - Fully implement nsNSSShutDownObject everywhere. r=keeler 
MozReview-Commit-ID: 4OZ6tCdCGEP

--HG--
extra : transplant_source : U%27%E3%E2A%85%03%AC%FA%C9%9A%9Et%87%E9%F6s%FFy%AC
 2016-03-31 17:31:50 -07:00
David Keeler
581a304acb bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r=jcj 
Before this patch, the default policy for the use of SHA1 in certificate
signatures was "allow all" due to compatibility concerns.
After gathering telemetry, we are confident that we can enforce the policy of
"allow for locally-installed roots" (or certificates valid before 2016) without
too much breakage.

MozReview-Commit-ID: 8GxtgdbaS3P

--HG--
extra : rebase_source : d1bed911f2d5d40229ea06556fee0848668e98b6
 2016-03-28 12:52:40 -07:00
Cykesiopka
7167af4f5a Bug 1251801 - Ensure arguments of all public methods are checked. r=keeler 
MozReview-Commit-ID: 1UQ4thOmUGb

--HG--
extra : transplant_source : V%24o%40%403%BF%B4o%5E%F5%28%91%B8%8A%E2%E3%E9%8B%BF
 2016-03-29 18:14:29 -07:00
Cykesiopka
703b7ef6b1 Bug 1251801 - Improve handling of PK11_* function error codes. r=keeler 
MozReview-Commit-ID: 18acVVAuapm

--HG--
extra : transplant_source : %C3%FD%1D%BF/%E4%A5%BBl%DE%03%BC%0E%CA%04%D8%C6%0Fze
 2016-03-29 18:14:29 -07:00