Commit Graph

9156 Commits

Author SHA1 Message Date
ffxbld
7c18fd1d5d No bug, Automated HSTS preload list update from host bld-linux64-spot-1094 - a=hsts-update 2014-10-22 14:02:46 -07:00
David Keeler
46c48f2321 bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB 2014-10-21 15:20:02 -07:00
Martin Thomson
e4182ac689 Bug 1083058 - Adding pref to control TLS version fallback, r=keeler
From af667978f8915e6ebfaf02f8967b3d320d409a24 Mon Sep 17 00:00:00 2001
---
 netwerk/base/public/security-prefs.js              |  1 +
 security/manager/ssl/src/nsNSSIOLayer.cpp          | 21 +++++-
 security/manager/ssl/src/nsNSSIOLayer.h            |  2 +
 .../manager/ssl/tests/gtest/TLSIntoleranceTest.cpp | 76 +++++++++++++++++++---
 4 files changed, 90 insertions(+), 10 deletions(-)
2014-10-02 16:36:48 -07:00
Jed Davis
82a97e04c9 Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang
--HG--
extra : amend_source : f80a3a672f5496f76d8649f0c8ab905044ea81ac
2014-10-20 12:29:25 -07:00
Carsten "Tomcat" Book
db53227352 merge mozilla-inbound to mozilla-central a=merge 2014-10-20 14:34:56 +02:00
ffxbld
0c786b120d No bug, Automated HPKP preload list update from host bld-linux64-spot-069 - a=hpkp-update 2014-10-18 03:18:53 -07:00
ffxbld
a20f696cba No bug, Automated HSTS preload list update from host bld-linux64-spot-069 - a=hsts-update 2014-10-18 03:18:51 -07:00
Jim Mathies
5dcb538c28 Bug 1083325 - Gracefully deal with null ssl status when serializing/deserializing TransportSecurityInfo. r=dkeeler 2014-10-16 14:11:19 -05:00
Cykesiopka
1c4af4e6a1 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Cykesiopka
c30bd575d3 Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Tanvi Vyas
12cc245a41 Bug 418354 - update test for bug 455367. Insecure image loads should be considered mixed display content regardless of whether image data was actually returned. r=honzab 2014-10-18 13:21:23 -07:00
David Keeler
8c488b9625 bug 1042889 - test certificate overrides for untrusted x509v1 certificates used as CAs r=mmc 2014-10-15 10:42:13 -07:00
David Keeler
36e798be2b bug 1042889 - allow overrides for untrusted x509v1 certificates used as CAs r=mmc 2014-10-15 10:39:57 -07:00
David Keeler
0a4f56b330 bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith 2014-10-15 10:38:51 -07:00
Bob Owen
64a69cb8af Bug 1080567: Don't report registry NAME_NOT_FOUND errors for the Windows warn only sandbox. r=tabraldes 2014-10-13 15:12:28 +01:00
Martin Thomson
e10ee742fd Bug 1076983 - Disabling SSL 3.0 with pref 2014-10-14 17:17:35 -07:00
Jon Morton
1700296f02 Bug 979835: Port BoxObject and its subclasses to WebIDL. r=khuey sr=bz
--HG--
rename : layout/xul/nsIPopupBoxObject.idl => dom/webidl/PopupBoxObject.webidl
rename : layout/xul/tree/nsITreeBoxObject.idl => dom/webidl/TreeBoxObject.webidl
rename : layout/xul/nsBoxObject.cpp => layout/xul/BoxObject.cpp
rename : layout/xul/nsBoxObject.h => layout/xul/BoxObject.h
rename : layout/xul/nsListBoxObject.cpp => layout/xul/ListBoxObject.cpp
rename : layout/xul/nsMenuBoxObject.cpp => layout/xul/MenuBoxObject.cpp
rename : layout/xul/nsPopupBoxObject.cpp => layout/xul/PopupBoxObject.cpp
2014-10-14 13:15:21 -07:00
Jed Davis
56cddbd763 Bug 1080077 - For sandbox failures with no crash reporter, log the C stack. r=kang
This is mostly for ASAN builds, which --disable-crash-reporter, but also
fixes a related papercut: debug builds don't use the crash reporter
unless overridden with an environment variable.

Note: this is Linux-only, so NS_StackWalk is always part of the build;
see also bug 1063455.
2014-10-13 18:48:17 -07:00
Mike Hommey
951b27b2b0 Bug 1080994 - Build libclearkey without a dependency on mozalloc or mozglue. r=dkeeler,r=cpearce 2014-10-14 07:13:25 +09:00
Sylvestre Ledru
20095be902 Bug 1081935 - Missing UUID bump. r=gavin a=me 2014-10-13 17:27:42 +02:00
Ryan VanderMeulen
ad3210dd8e Merge inbound to m-c. a=merge 2014-10-11 16:16:00 -04:00
ffxbld
aa2c9e3dc4 No bug, Automated HPKP preload list update from host bld-linux64-spot-412 - a=hpkp-update 2014-10-11 03:18:06 -07:00
ffxbld
662e6c9a21 No bug, Automated HSTS preload list update from host bld-linux64-spot-412 - a=hsts-update 2014-10-11 03:18:03 -07:00
Stephen Pohl
0b58cd9573 Bug 1077282: Cleanup uses of GreD vs GreBinD, introcuded by v2 signature changes on OSX. Based on initial patch by rstrong. r=bsmedberg 2014-10-10 15:06:57 -04:00
Kai Engert
2251b66f13 Bug 1075686, Update Mozilla 35 to use NSS 3.17.2, RTM 2014-10-10 19:16:08 +02:00
Patrick McManus
9c3bce6805 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Brian Smith
0cacd2ed70 Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler 2014-10-05 17:18:11 -07:00
Carsten "Tomcat" Book
da90427b6c Backed out changeset b885a82dc02a (bug 1078108) for breaking B2g ICS Builds 2014-10-10 09:01:45 +02:00
Brian Smith
2565f9b33d Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler
--HG--
extra : rebase_source : 3115275b2b1c5337cbea0fd43a2221fcd54dadc1
extra : source : bb5694e268255b6549ccaaaddca74fbb83d4bda1
2014-10-05 17:18:11 -07:00
Brian Smith
201e27f5f3 Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
--HG--
extra : rebase_source : 8734920020e0889ea6cac1e878b182326bbf81d6
2014-10-07 18:30:47 -07:00
Wan-Teh Chang
de5513f839 Bug 1075686: Update Mozilla 35 to use NSS 3.17.2 Beta 2.
This fixes bug 1049435.
2014-10-09 10:58:30 -07:00
David Keeler
a052b67f71 bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
af214d36f8 bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
42cd9ec5ca bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Eric Rahm
7fffd05532 Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan 2014-10-08 13:19:14 -07:00
Eric Rahm
8d715a7fe4 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan 2014-10-08 13:17:32 -07:00
David Keeler
71bd008415 backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:46 -07:00
David Keeler
6e65e0bca0 backout 9692998f547e (bug 1058812 2/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:10 -07:00
David Keeler
4279bb931d backout 0097b4ffaf33 (bug 1058812 3/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:09:26 -07:00
David Keeler
3718659874 bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
7ad555939c bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
5606be5b15 bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Brian Smith
7c87c719cd Bug 1077887: Work around old GCC "enum class" bug, r=mmc
--HG--
extra : rebase_source : 983e8d8bcfded10d1d1dca793d610996b40b444d
2014-10-04 18:45:31 -07:00
Brian Smith
121791c43f Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc
--HG--
extra : rebase_source : f0483e775c6fefc256fc9527b1b1118086cc121f
2014-10-03 15:52:38 -07:00
Andrew Halberstadt
d292ee73f1 Bug 1066735 - Remove root b2g and android specific xpcshell manifests, r=chmanchester 2014-10-07 18:18:28 -04:00
David Keeler
4ae95106e2 bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB 2014-10-06 11:28:15 -07:00
Ehsan Akhgari
15ca5186a6 Fix one bad implicit constructor in pkix, no bug, blanket-rs=bsmith 2014-10-07 09:46:59 -04:00
Carsten "Tomcat" Book
811400331c Backed out changeset 76000f9f12da (bug 1077859) for causing frequent Mac OSX XPCshell test failures 2014-10-07 12:53:42 +02:00
Carsten "Tomcat" Book
f3c6c6a49b Backed out changeset 16fe1b9eb9e6 (bug 1077887) 2014-10-07 12:53:03 +02:00
Carsten "Tomcat" Book
2dbcab7289 Backed out changeset 124b04c01c71 (bug 1077926) 2014-10-07 12:52:49 +02:00
Brian Smith
655ade7a8b Bug 1077926: Make test certificate generation faster by reusing key, r=keeler
--HG--
extra : rebase_source : 360fe925397688c1d0a2386c4974def6b571f0d4
2014-10-05 00:29:43 -07:00
Brian Smith
1fc729071e Bug 1077887: Work around old GCC "enum class" bug, r=mmc
--HG--
extra : rebase_source : ce707672dfc0587760c09701fd6adbe26c874916
2014-10-04 18:45:31 -07:00
Brian Smith
9e344e0256 Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc
--HG--
extra : rebase_source : 78e1410ab6c94bd6b20a78208a2421db338aed94
2014-10-03 15:52:38 -07:00
Wes Kocher
445e1466e9 Backed out 5 changesets (bug 806819) for WinXP test failures on a CLOSED TREE
Backed out changeset 009ae35b0c67 (bug 806819)
Backed out changeset 5a57f87f5061 (bug 806819)
Backed out changeset f06cd735b5b3 (bug 806819)
Backed out changeset e25a2a8d4af4 (bug 806819)
Backed out changeset 70a167982c3f (bug 806819)
2014-10-06 16:32:50 -07:00
Eric Rahm
53a247fb00 Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
--HG--
extra : rebase_source : 49a3f57d94fc94702f1604175c4e206091b67197
2014-10-06 13:11:24 -07:00
Eric Rahm
80d2b8bba6 Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
--HG--
extra : rebase_source : c96eea1c12ea8c19314393f0e8b4b57a4316a61d
2014-10-06 13:08:20 -07:00
Nicholas Nethercote
94adb30f77 Bug 1062709 (part 2, attempt 2) - Clean up stack printing and fixing. r=dbaron.
--HG--
extra : rebase_source : 626fd23a14ec90cfc9807c3d555169ec6463d19d
2014-09-01 22:56:05 -07:00
Nicholas Nethercote
2eb56008e2 Bug 1062709 (part 1, attempt 2) - Add a frame number argument to NS_WalkStackCallback. r=dbaron.
--HG--
extra : rebase_source : 4f7060a9ae0bed180899651c50e8ea8857e72d63
2014-09-10 21:47:01 -07:00
Neil Rashbrook
4ee6d12382 Bug 1075976 Clean up XPCOM string usage r=keeler 2014-10-05 22:09:39 +01:00
Phil Ringnalda
9764e19e06 Merge m-i to m-c, a=merge 2014-10-05 09:34:55 -07:00
Phil Ringnalda
145d867409 Backed out 2 changesets (bug 1003448) since their dependency was backed out
CLOSED TREE

Backed out changeset 61f98b1d29f9 (bug 1003448)
Backed out changeset 8e947d1636f1 (bug 1003448)
2014-10-04 20:10:19 -07:00
ffxbld
58b5016fa7 No bug, Automated HPKP preload list update from host bld-linux64-spot-197 - a=hpkp-update 2014-10-04 03:19:30 -07:00
ffxbld
9583d80353 No bug, Automated HSTS preload list update from host bld-linux64-spot-197 - a=hsts-update 2014-10-04 03:19:28 -07:00
Ed Morley
2d0f9579b5 Backed out changeset a0b82c954206 (bug 1062709) for Windows mochitest 5 hangs 2014-10-03 15:06:16 +01:00
Ed Morley
9e223d8a19 Backed out changeset 7a1b7d7eba12 (bug 1062709) 2014-10-03 15:05:26 +01:00
Ryan VanderMeulen
4e2581f465 Backed out 3 changesets (bug 1076129, bug 1003448) for frequent xpcshell crashes on a CLOSED TREE.
Backed out changeset 3034162ee435 (bug 1003448)
Backed out changeset 086fe4b0ba14 (bug 1003448)
Backed out changeset 1babd65ebec7 (bug 1076129)
2014-10-02 15:53:21 -04:00
Patrick McManus
39d073c8d5 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Ryan VanderMeulen
b20021a33c Merge m-c to inbound. a=merge 2014-10-02 13:14:06 -04:00
Martin Thomson
1e1716e492 Bug 1072382 - Remove version intolerance marker on inappropriate_fallback alert, r=keeler 2014-10-02 10:03:30 -07:00
Nicholas Nethercote
5a257b83f9 Bug 1062709 (part 2) - Clean up stack printing and fixing. r=dbaron.
--HG--
extra : rebase_source : 18158d4474cb8826813a3866eba57b710e14db99
2014-09-01 22:56:05 -07:00
Nicholas Nethercote
c9c64de53c Bug 1062709 (part 1) - Add a frame number argument to NS_WalkStackCallback. r=dbaron.
--HG--
extra : rebase_source : 0f9b2d6310433ed56f5552706fcf2a96571aee25
2014-09-10 21:47:01 -07:00
David Keeler
2f89ed3295 bug 1045739 - (part 2/2) mozilla::pkix: test that revocation checking doesn't occur for expired certificates r=mmc 2014-10-01 10:20:31 -07:00
Brian Smith
864c184e30 bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler 2014-08-14 12:02:55 -07:00
Kai Engert
5fe316221d Bug 1075686, pick up NSS 3.17.2 beta 1 to fix bug 1057161 2014-10-01 19:30:41 +02:00
Carsten "Tomcat" Book
b37ac43e39 merge fx-team to mozilla-central a=merge 2014-09-30 15:10:47 +02:00
Cykesiopka
3ac8cb4ccb Bug 1073865 - Add missing SSL_ERROR l10n strings v1. r=dkeeler 2014-09-27 14:02:00 +02:00
Camilo Viecco
886005b84a Bug 787133 - (hpkp) Part 2/2. Tests r=keeler 2014-09-29 20:31:08 -07:00
Stephen Pohl
579061de7c Mac v2 signing - Bug 1060562 - Update xpcshell-tests for the new v2 bundle structure on OSX. r=jmaher 2014-09-29 11:51:29 -07:00
ffxbld
a310d15a38 No bug, Automated HPKP preload list update from host bld-linux64-spot-046 - a=hpkp-update 2014-09-27 03:16:58 -07:00
ffxbld
bca9d93656 No bug, Automated HSTS preload list update from host bld-linux64-spot-046 - a=hsts-update 2014-09-27 03:16:56 -07:00
David Keeler
fd860abf57 bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco 2014-09-25 11:18:56 -07:00
David Keeler
863d5f9477 bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco 2014-09-25 11:08:36 -07:00
Camilo Viecco
c2c7007b5f Bug 787133 - (hpkp) Part 1/2. Header Parsing and interface within PSM. r=keeler, r=mcmanus 2014-09-03 10:24:12 -07:00
Bob Owen
27ae4de9b6 Bug 1068000 - Add client side chrome.* pipe rule for Windows content sandbox. r=tabraldes 2014-09-16 15:44:25 +01:00
Wes Kocher
bc0c8885af Merge m-c to inbound a=merge 2014-09-23 16:48:23 -07:00
Wes Kocher
47e158094b Merge inbound to m-c a=merge 2014-09-23 15:30:38 -07:00
Kai Engert
761fee2128 Bug 1064636, upgrade to NSS 3.17.1 release, r=rrelyea, a=lmandel 2014-09-23 21:28:23 +02:00
Ehsan Akhgari
6b1b9962f5 Fix more bad implicit constructors in security, blanket-rs=bsmith, no bug 2014-09-23 09:13:26 -04:00
Jed Davis
9fd62691c6 Bug 1069700 - Fix recursive crash when non-content children violate sandbox policy. r=kang 2014-09-18 18:17:00 -04:00
Richard Barnes
f07a938b7c Bug 1045973 - sec_error_extension_value_invalid: mozilla::pkix does not accept certificates with x509v3 extensions in x509v1 or x509v2 certificates r=keeler 2014-09-23 16:48:54 -04:00
David Keeler
06b4f5bba9 bug 1060929 - mozilla::pkix: allow explicit encodings of default-valued BOOLEANs for compatibility r=briansmith 2014-09-22 09:26:10 -07:00
Vlatko Markovic
8818f4947f Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb 2014-09-22 07:58:59 -07:00
Robin Thunell
2915e7de92 Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler 2014-09-22 07:58:59 -07:00
Carsten "Tomcat" Book
79a0a7362d merge b2g-inbound to mozilla-central a=merge 2014-09-22 13:06:09 +02:00
Carsten "Tomcat" Book
2ae977b21b merge mozilla-inbound to mozilla-central a=merge 2014-09-22 12:58:26 +02:00
ffxbld
976d004bf3 No bug, Automated HPKP preload list update from host b-linux64-ix-0007 - a=hpkp-update 2014-09-20 03:17:29 -07:00
ffxbld
c78690b02d No bug, Automated HSTS preload list update from host b-linux64-ix-0007 - a=hsts-update 2014-09-20 03:17:26 -07:00
Vlatko Markovic
e160a6a6da Bug 1059204 - Prepare verification code for reuse. r=rlb 2014-09-19 20:13:47 -07:00
Arthur Edelstein
cb0c9e468d Bug 967977 - Add pref to disable session identifiers (session tickets and session IDs). r=dkeeler 2014-09-08 15:32:00 -04:00
Brian Smith
c5500b85df Bug 1065264: Use MOZILLA_PKIX_MAP_LIST to define mozilla::pkix::Result, r=keeler
--HG--
extra : rebase_source : a91f7ab118f802fed6441edf00a245fe90c8e506
2014-09-10 00:17:24 -07:00
Brian Smith
ddb8aedc17 Bug 1065173: Move more NSS dependencies to pkixtestnss.cpp, r=keeler
--HG--
extra : rebase_source : 205fa72506e175c0fe418c5428675e754a86c820
2014-09-08 20:41:53 -07:00
Brian Smith
d4a0b9e59c Bug 1063031: Remove mozilla::pkix::test::NSSTest, r=keeler
--HG--
rename : security/pkix/test/gtest/nssgtest.cpp => security/pkix/test/gtest/pkixgtest.cpp
extra : rebase_source : 205faf2054134b3a7aecd55d53f73d19f2f86103
2014-08-31 20:42:28 -07:00
Jed Davis
5043e01249 Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted 2014-10-03 14:55:03 -07:00
Patrick McManus
235b069e72 bug 1003448 - HTTP/2 Alternate Service and Opportunistic Security [1/2 PSM] r=keeler 2014-08-20 16:30:16 -04:00
Martin Thomson
36ef87e623 Bug 1075991 - Tracking cause of inappropriate TLS version fallback, r=keeler 2014-10-03 11:01:24 -07:00
Martin Thomson
e3fc75fe11 Bug 1075991 - Remember version intolerance reason code, r=keeler 2014-10-03 11:01:24 -07:00
Monica Chew
af2478ad59 Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler) 2014-10-02 16:45:13 -07:00
J.C. Jones
e75e48ed45 Bug 1054498 - Report pinning violations by CA r=keeler 2014-10-17 10:33:50 -07:00
Carsten "Tomcat" Book
e5ad1e7db2 Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Carsten "Tomcat" Book
d893b9cc90 Backed out changeset f5fa8ea86d3b (bug 622859) 2014-10-17 13:13:01 +02:00
Jed Davis
67e50f1aa1 Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang 2014-10-16 12:42:00 +02:00
Cykesiopka
ef48a9fa7c Bug 622859 - Tests for bug 622859. r=briansmith,keeler 2014-10-16 05:22:00 +02:00
Cykesiopka
01941f880c Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
Bob Owen
b9708b293b Bug 1083701: When pre-Vista, for testing purposes allow stdout/err to be inherited by sandboxed process when an env var is set. r=tabraldes 2014-10-17 09:42:09 +01:00
David Keeler
d44051d068 bug 1055238 - add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process r=rbarnes 2014-09-16 15:49:37 -07:00
David Keeler
76d5bfab7d bug 1055238 - clean up nsNSSCertificateFakeTransport.{cpp,h} for style nits r=rbarnes 2014-09-16 13:24:13 -07:00
Camilo Viecco
4782afddb6 Bug 787133 - (hpkp) testing of internal storage and idl r=keeler.
--HG--
extra : rebase_source : c4f83f38a3b8f293a1ca61f2f0a6f90df6ff7840
2014-09-12 14:59:37 -07:00
Camilo Viecco
d790eb8f88 Bug 787133 - (hpkp) Internal storage of hpkp data. r=keeler.
--HG--
extra : rebase_source : 1ef88ab5ebcf9634bd1de76ec1c9543eb87d265b
2014-09-12 14:59:37 -07:00
David Keeler
db0e8cfdbd bug 1066190 - ensure that pinning checks are done for otherwise overridable errors r=mmc 2014-09-12 13:20:43 -07:00
Camilo Viecco
9a1ec24aef Bug 1067565 - Built-in pins expires decades later. r=keeler 2014-09-15 17:17:12 -07:00
Trevor Saunders
4728b78382 bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj 2014-09-15 19:46:14 -04:00
Wes Kocher
6e187f49f8 Merge m-c to inbound a=merge 2014-09-15 16:41:45 -07:00
ffxbld
bed71c1658 No bug, Automated HPKP preload list update from host bld-linux64-spot-318 - a=hpkp-update 2014-09-15 14:35:39 -07:00
ffxbld
cc3388a150 No bug, Automated HSTS preload list update from host bld-linux64-spot-318 - a=hsts-update 2014-09-15 14:35:37 -07:00
David Keeler
dce41c469b bug 973048 - follow-up to add another missed #include r=bustage on a CLOSED TREE 2014-09-15 13:50:18 -07:00
David Keeler
c6dc096f07 bug 973048 - follow-up to add #include for ScopedPtr r=bustage on a CLOSED TREE 2014-09-15 13:02:47 -07:00
David Keeler
4113b4b466 bug 973048 - replace nsNSSCleaner with Scoped types r=rbarnes 2014-09-15 12:31:43 -07:00
Carsten "Tomcat" Book
d557d05d44 merge m-i to m-c a=merge 2014-09-12 15:07:38 +02:00
ffxbld
7d604b16de No bug, Automated HPKP preload list update from host bld-linux64-spot-021 - a=hpkp-update 2014-09-11 20:51:37 -07:00
ffxbld
44fa5fca8f No bug, Automated HSTS preload list update from host bld-linux64-spot-021 - a=hsts-update 2014-09-11 20:51:35 -07:00
Giovanni Sferro
ccbb9be8bc Bug 1050518 - Remove nsICertificatePrincipal. r=keeler 2014-09-10 20:31:00 -04:00
Bob Owen
61056aa4db Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj 2014-09-10 12:36:17 +01:00
Bob Owen
33eaabbf1f Bug 1063455 - Define MOZ_STACKWALKING when NS_StackWalk is available and replace other instances of the same #if logic. r=mshal, r=froydnj 2014-09-08 18:25:20 +01:00
Brian Smith
c857f8e0f4 Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
2014-08-31 19:42:36 -07:00
Brian Smith
030872a85c Bug 1063013, Part 3: Move dependencies on pkixnss to pkixtestnss, r=keeler
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : b22bd341a5c72ba87efcf23a4e048bba8adf1544
2014-08-31 19:16:26 -07:00
Brian Smith
18c10a4998 Bug 1063013, Part 2: Remove unnecessary pkixnss dependency from pkixocsp_CreateEncodedOCSPRequest, r=keeler
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e91ec652edc54255cd29871c91550c3ee49438c5
2014-08-31 19:04:15 -07:00
Brian Smith
06a6c4e0be Bug 1063013, Part 1: Remove pkixnss dependency from pkixtestutil.cpp, r=keeler
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : e55c2e0c73a59b84629d071a64d8597ec5cc56ae
2014-09-04 17:21:28 -07:00
Brian Smith
8dbcf66d66 Bug 1063006: Centralize direct use of NSS for crypto in the mozilla::pkix test suite, r=keeler
--HG--
rename : security/pkix/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestnss.cpp
extra : rebase_source : 93515d39abf91168fa86268f9b26f8c62d0d411e
2014-08-31 17:47:09 -07:00
Brian Smith
ba3ad3aa0e Bug 1059924, Part 2: Test that the high tag number form is rejected, r=keeler
--HG--
extra : rebase_source : 66793ce13ed8635cd47051fc2c93651d6936614e
2014-08-21 15:48:40 -07:00
Jed Davis
af04cea2d8 Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
2014-08-29 10:11:00 +02:00
Ehsan Akhgari
bd73520e3c Bug 1064356 - Fix more bad implicit constructors in security; r=bsmith 2014-09-08 20:47:36 -04:00
David Keeler
d577ecb4c1 bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc 2014-09-08 09:33:03 -07:00
Carsten "Tomcat" Book
75dcdffdac merge mozilla-inbound to mozilla-central a=merge 2014-09-08 15:22:16 +02:00
ffxbld
fb37ddfbb4 No bug, Automated HPKP preload list update from host b-linux64-ix-0009 - a=hpkp-update 2014-09-06 03:17:54 -07:00
ffxbld
335a88aab5 No bug, Automated HSTS preload list update from host b-linux64-ix-0009 - a=hsts-update 2014-09-06 03:17:51 -07:00
Wes Kocher
ca62a34614 Merge inbound to m-c a=merge 2014-09-05 19:04:52 -07:00
Monica Chew
573218568c Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler,a=kwierso) 2014-09-05 12:04:26 -07:00
Bob Owen
a9431992d5 Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
David Keeler
702384684c bug 1046221 - make nsCryptoHMAC and nsCryptoHash actually check for NSS shutdown r=rbarnes 2014-09-05 11:04:22 -07:00
Monica Chew
2c36fac925 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler) 2014-09-05 12:04:26 -07:00
Bob Owen
f19448274c Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Brian Smith
a37dba0312 Bug 1061483 follow-up: remove now-unused deleteCharArray function, r=me, a=bustage
--HG--
extra : rebase_source : 63d509bd7b95681227d27a733260bc33b1a22338
2014-09-04 15:53:07 -07:00
Brian Smith
418571330e Bug 1061483: Remove dependency on NSPR's PR_smprintf, r=cviecco
--HG--
extra : rebase_source : 64e2f862456e8e1434814631b0a7b461d83de37a
2014-08-31 22:03:22 -07:00
Brian Smith
4170cfe622 Bug 1061021, Part 17: Use now-unused PLArenaPool infrastructure, r=keeler
--HG--
extra : rebase_source : b6f241d33cefd3b14c585e806e9c920ec6844fce
2014-08-30 23:30:20 -07:00
Brian Smith
6e2797899e Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
--HG--
extra : rebase_source : 551d0c0e45d770c2218fb77874737fe23909d6c9
2014-08-30 23:27:15 -07:00
Brian Smith
26f076840d Bug 1061021, Part 15: Stop using PLArenaPool in CreateEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 00c3f77cd1e7e0d81b0acac84631b81e4cac59bd
2014-09-01 19:23:01 -07:00
Brian Smith
1966d956d1 Bug 1061021, Part 14: Stop using PLArenaPool in CreateEncodedCertificate, r=keeler
--HG--
extra : rebase_source : 46c292a31fbc4bb7242c93d0d47479600f379323
2014-08-30 23:09:18 -07:00
Brian Smith
c7a8deb8a0 Bug 1061021, Part 13: Remove Output class, r=keeler
--HG--
extra : rebase_source : 9d768451f2f1d6ad0db3cb75401494d6409fd818
2014-08-30 20:47:58 -07:00
Brian Smith
5419f381e4 Bug 1061021, Part 12: Stop using PLArenaPool for ResponseData encoding, r=keeler
--HG--
extra : rebase_source : 745ae45d9dd0509973d8e5c50a8cc2dfae82295f
2014-08-30 20:42:19 -07:00
Brian Smith
c697d86d9d Bug 1061021, Part 11: Stop using PLArenaPool for TBSCertificate and SignedData encoding, r=keeler
--HG--
extra : rebase_source : 09b06f79b57247dd89919ede12baabcb09dbeb19
2014-08-30 19:55:52 -07:00
Brian Smith
dedfff0a81 Bug 1061021, Part 10: Stop using PLArenaPool for extension encoding, r=keeler
--HG--
extra : rebase_source : 02b6dcc97204c04ec35b214ea2ce4b9297c78612
2014-08-30 19:16:24 -07:00
Brian Smith
d1e3997695 Bug 1061021, Part 9: Stop using PLArenaPool for SingleResponse encoding, r=keeler
--HG--
extra : rebase_source : a39a5dfec9b7aaa43ee2cffc15021bb404ada1ca
2014-08-30 18:00:02 -07:00
Brian Smith
a67503eadb Bug 1061021, Part 8: Stop using PLArenaPool for CertID encoding, r=keeler
--HG--
extra : rebase_source : 236902fb9eb330444e4cfc4ad380646bc992e8a8
2014-08-30 17:47:22 -07:00
Brian Smith
24aa747308 Bug 1061021, Part 7: Stop using PLArenaPool for SignedData encoding, r=keeler
--HG--
extra : rebase_source : de654a47d7421d2c14bba9db1686bc01a2f1edf8
2014-08-30 17:40:41 -07:00
Brian Smith
653ade1f65 Bug 1061021, Part 6: Stop using PLArenaPool for boolean encoding, r=keeler
--HG--
extra : rebase_source : 557eef72848af7dd70eddb4983de25e2e50da5f3
2014-08-30 17:00:16 -07:00
Brian Smith
3c92292236 Bug 1061021, Part 5: Remove InitInputFromSECItem, r=keeler
--HG--
extra : rebase_source : 353ad008af15700266226b6f3f535385cb182d09
2014-08-30 16:49:49 -07:00
Brian Smith
61df71edb6 Bug 1061021, Part 4: Stop using PLArenaPool for time encoding, r=keeler
--HG--
extra : rebase_source : ed41c22713cc75ce238923c00a5abda48f142e57
2014-08-30 16:33:47 -07:00
Brian Smith
314958b44f Bug 1061021, Part 3: Stop using PLArenaPool for BitString encoding, r=keeler
--HG--
extra : rebase_source : 79c9c2dd4844e67f0922c32e47bcc3e360fb32d5
2014-08-30 16:15:11 -07:00
Brian Smith
f854a1e2f2 Bug 1061021, Part 2: Stop using NSS to encode integers and serial number, r=keeler
--HG--
extra : rebase_source : cebea2b16ac81278a1453a5fb58fe75e90e22742
2014-08-30 16:07:16 -07:00
Brian Smith
8b26ecac0b Bug 1061021, Part 1: Stop using NSS to encode names in tests, r=keeler
--HG--
extra : rebase_source : 1fa1826fe356314e80784915e08d5a787bf2259f
2014-08-30 23:11:23 -07:00
Brian Smith
a6be0bc849 Bug 1059924, Part 1: Centralize tag and length decoding in mozilla::pkix's DER decoder, r=keeler
--HG--
extra : rebase_source : 6702a599f07cf83deac832eab0712dc716ea2561
2014-09-02 22:03:30 -07:00
Brian Smith
a891fc79d8 Bug 1059928: Remove SECOidTag from mozilla::pkix testsuite interface, r=keeler
--HG--
extra : rebase_source : 79d0d3031a9176d492730f374cea3b5f035086e1
2014-08-29 16:06:38 -07:00
David Keeler
d219ed0d80 bug 775370 - (part 2/2) use DataStorage as back-end to nsSiteSecurityService r=briansmith 2014-09-04 10:42:31 -07:00
David Keeler
a250e4de47 bug 1057123 - mozilla::pkix: allow end-entity certificates to assert keyCertSign in some cases r=briansmith 2014-09-03 10:12:55 -07:00
Carsten "Tomcat" Book
d578571a85 Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage 2014-09-04 15:14:41 +02:00
Carsten "Tomcat" Book
39fa254326 Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage 2014-09-04 15:13:14 +02:00
Bob Owen
ad41895771 Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
Bob Owen
0fdb849687 Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Mike Hommey
4b99580194 Bug 1059113 - Use templates for shared libraries and frameworks. r=gps
Also force to use the existing template for XPCOM components.
2014-09-04 09:04:45 +09:00
Mike Hommey
0060683747 Bug 1059090 - Don't require SOURCES to be set for CPP_UNIT_TESTS and SIMPLE_PROGRAMS. r=mshal 2014-09-03 14:16:37 +09:00
Mike Hommey
ed70c5f377 Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps 2014-09-03 14:10:54 +09:00
David Keeler
c1853c5db4 bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-03 11:44:08 -07:00
Jed Davis
1dfa299843 Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium 2014-08-31 23:23:00 +02:00
Ehsan Akhgari
6deacdf4e9 Bug 1061942 - Switch back security/certverifier and security/manager to use unified builds; r=bsmith 2014-09-02 18:28:11 -04:00
Wes Kocher
c0770e9a92 Backed out 1 changesets (bug 1050546) for build bustage
Backed out changeset c7a9e8177202 (bug 1050546)
2014-09-02 16:49:51 -07:00
David Keeler
18cd42500e bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes 2014-09-02 12:10:47 -07:00
Ehsan Akhgari
5bffafdd26 Bug 1061061 - Fix more bad implicit constructors in misc. code; r=bsmedberg 2014-09-02 18:24:24 -04:00
Trevor Saunders
d75ed5bf7f bug 1059490 - mark more classes MOZ_FINAL r=froydnj 2014-08-27 14:26:48 -04:00
Martin Thomson
7e9f88e039 Bug 1036737 - Adding fallback SCSV use. r=dkeeler 2014-08-29 14:59:00 +02:00
Ehsan Akhgari
aafc47e9e9 Bug 1060975 - Fix bad implicit constructors in security; r=bsmith 2014-08-31 19:26:27 -04:00
Camilo Viecco
7b968ad142 Bug 1039166 - Fix intermittent gtest ASAN errors. r=dkeeler 2014-08-28 15:33:10 -07:00
Ryan VanderMeulen
c30a1809d2 Merge inbound to m-c. a=merge 2014-08-30 12:25:27 -04:00
ffxbld
61a875d894 No bug, Automated HPKP preload list update from host bld-linux64-spot-456 - a=hpkp-update 2014-08-30 03:23:01 -07:00
ffxbld
ea9d818f0d No bug, Automated HSTS preload list update from host bld-linux64-spot-456 - a=hsts-update 2014-08-30 03:22:59 -07:00
Jed Davis
1ea7e357ca Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.

This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.

--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
2014-08-28 23:23:13 -07:00
Camilo Viecco
a47a7b45b5 Bug 1052099 - August 2014 batch of EV root CA changes. r=keeler
--HG--
extra : rebase_source : 4303f1fb6988ff462edd908295708788a24a64f1
2014-08-27 11:31:20 -07:00
David Keeler
4b04dd58f3 bug 1009161 - follow-up: add test_nsCertType.js to xpcshell.ini so it'll actually run r=mmc 2014-08-28 11:38:31 -07:00
David Major
db45c0b01a Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
2014-08-28 14:50:10 +12:00
Trevor Saunders
fd5e2abf5a bug 1058925 - don't convert nullptr to bool in ClientAuthServer.cpp r=keeler 2014-08-27 19:12:22 -04:00
Wan-Teh Chang
e7899e86a5 Bug 1036735: Update NSS to NSS 3.17.1 Beta 1. Also includes the fixes
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
2014-08-27 15:42:41 -07:00
Monica Chew
5c4a88776f Bug 1004781: Enable pinning in test mode for facebook (r=cviecco) 2014-08-27 14:18:25 -07:00
Tim Abraldes
ba6539ecd7 bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent. 2014-08-29 17:34:26 -07:00
Brian Smith
127e03fe0a Bug 1059926: Give DottedOIDToCode.py the ability to generate more encodings, r=keeler
--HG--
extra : rebase_source : 8fabeb5802530789925ae47d1f1cc4b27e4bf899
extra : histedit_source : 1329e925ada56b29c9e05991b85b320d4ae0e3a3
2014-08-28 09:58:13 -07:00
Brian Smith
6452321116 Bug 1057793: Fix build warning on MSVC 2013, r=keeler
--HG--
extra : rebase_source : eb908d0f3d313991cab78d707c7f666ab9d9eaf5
extra : histedit_source : 3d69a511f82895d8b741960205e96488b4f2ebbb
2014-08-17 16:49:19 -07:00
Brian Smith
ede2da1dd5 Bug 1057791: Switch PR_ASSERT to assert in pkixcheck.cpp, r=keeler
--HG--
extra : rebase_source : a63e822eed9914046127c466f7e5c4f0e3e84361
extra : histedit_source : fc9d16f67cc349f5c7d3964c5dc58de1e5b9e986
2014-08-17 16:50:45 -07:00
Brian Smith
5846749954 Bug 1057790: Limit scope of CERTCertificate-related stuff to the scope it is used, r=keeler
--HG--
extra : rebase_source : 41b84cc08a928d0cdf57062d89f6d9495351437f
extra : histedit_source : bfbc35434d1318b6e6259bca72e6e1688842e5ad
2014-08-04 15:32:15 -07:00
Brian Smith
01f0b82f34 Bug 1053924: Remove dependencies on PRTime in mozilla::pkix's test code, r=keeler
--HG--
extra : rebase_source : deb2dcec5c56ef86d95df319b5a61165d9d761a7
2014-08-08 10:33:18 -07:00
Jed Davis
3f1e2a85b6 Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium
See also bug 1059038.
2014-08-26 19:23:44 -07:00
Jed Davis
3ae6c90876 Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang 2014-08-26 13:54:16 -07:00
Jed Davis
23c21aa709 Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).

The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
2014-08-26 13:54:09 -07:00
Jed Davis
e020caf2de Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang 2014-08-26 13:54:03 -07:00
Cykesiopka
bfd5ec525f Bug 1052529 - Add missing l10n strings for mozilla::pkix errors. r=keeler 2014-08-26 00:03:00 +02:00
Steven Michaud
dfc4c053b1 Bug 1056936 - Specify full path to plugin-container in sandbox rules. r=rjesup 2014-08-25 15:01:04 -05:00
Birunthan Mohanathas
77bfad00a6 Bug 1045801 - Rename SafeCast to AssertedCast. r=Waldo 2014-08-25 12:17:32 -07:00
David Keeler
d026d78753 bug 1034124 - allow overrides when a CA cert is used as an end-entity cert r=briansmith 2014-08-22 12:07:08 -07:00
David Keeler
800c5b4b9f bug 1009161 - mozilla::pkix: allow the Netscape certificate type extension if more standardized information is present r=briansmith 2014-08-25 09:25:36 -07:00
Ryan VanderMeulen
81342753e0 Merge inbound to m-c. a=merge
CLOSED TREE
2014-08-25 11:49:37 -04:00
ffxbld
07de5c29aa No bug, Automated HPKP preload list update from host bld-linux64-spot-317 - a=hpkp-update 2014-08-23 03:29:03 -07:00
ffxbld
8f1e08d168 No bug, Automated HSTS preload list update from host bld-linux64-spot-317 - a=hsts-update 2014-08-23 03:29:01 -07:00
Wes Kocher
c725a726be Merge inbound to m-c a=merge 2014-08-22 16:47:32 -07:00
Marco Castelluccio
b562d97c7e Bug 1042006 - Replace reviewers-dev certificate. r=fabrice
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
2014-08-21 00:12:00 -04:00
David Keeler
1f84bc411b bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes 2014-08-21 10:37:23 -07:00
Trevor Saunders
fd5e9d1fcc bug 1047696 - mark a number of classes MOZ_FINAL to get compilers to devirtualize more r=froydnj 2014-08-05 13:33:55 -04:00
Camilo Viecco
4c5f0ef40a Bug 1047177 - Treat v4 certs as v3 certs. Tests (2/2). r=keeler.
--HG--
extra : rebase_source : 58be8a1ac652636fea80e83fc8eae2b7092c6edd
2014-08-21 14:49:00 -07:00
Camilo Viecco
a7b51fb02b Bug 1047177 - Treat v4 certs as v3 certs (1/2). r=keeler.
--HG--
extra : rebase_source : 4cfb69672aa54274bb4ee850f23f0bbbe8e9e49f
2014-08-21 14:47:25 -07:00
Masatoshi Kimura
f2fb78225b Bug 1055541 - Fix build failure on VS2013 with --enable-warnings-as-errors due to Warning C4996. r=ehsan 2014-08-20 04:09:03 +09:00
Patrick McManus
300766f367 bug 1050063 - consider tls client hello version in alpn/npn offer list r=hurley r=keeler 2014-08-15 09:39:53 -04:00
Wes Kocher
a8d80abaf6 Merge m-c to inbound a=merge 2014-08-22 17:05:17 -07:00
Olli Pettay
d72906c30d Bug 314095 - Eliminate nsIContent::GetDocument, r=jst
--HG--
extra : rebase_source : dd8f690940825b298a478b65b68a57418a9962ff
2014-08-22 23:11:27 +03:00
David Keeler
4ee21d300f bug 1057128 - add --clobber to generate_certs.sh, disabled by default (don't unnecessarily regenerate all certificates) r=rbarnes DONTBUILD because NPOTB 2014-08-22 10:25:46 -07:00
David Keeler
3e8057dc3d bug 775370 - (part 1/2) introduce DataStorage r=froydnj r=mmc 2013-09-09 13:37:21 -07:00
Wan-Teh Chang
cdfed1ffd4 Bug 1063445: Update to NSS_3_17_1_BETA2.
Includes the fixes for bug 1041326, bug 1058933, bug 1001332, bug 1057783.
2014-09-05 08:18:18 -07:00
Chris Peterson
64bed2314d Bug 1052033 - Fix warnings in security/sandbox and mark as FAIL_ON_WARNINGS. r=smichaud 2014-08-09 14:25:24 -07:00
Ryan VanderMeulen
5fe0932115 Merge inbound to m-c. a=merge 2014-08-16 17:42:29 -04:00
ffxbld
e3b3b65eb1 No bug, Automated HPKP preload list update from host bld-linux64-spot-329 - a=hpkp-update 2014-08-16 03:15:25 -07:00
ffxbld
93cb810873 No bug, Automated HSTS preload list update from host bld-linux64-spot-329 - a=hsts-update 2014-08-16 03:15:23 -07:00
Garrett Robinson
90fa6beb03 Bug 1029155 - Tests for storing failed certificate chains r=keeler 2014-08-15 11:27:31 -07:00
Garrett Robinson
691dcd68c1 Bug 1029155 - Store peer certificate chain from failed connections on TransportSecurityInfo r=keeler 2014-08-15 11:27:22 -07:00
Brian Smith
026854c3f0 Bug 1053627, Part 2: Use MOZILLA_PKIX_ARRAY_LENGTH instead of PR_ARRAY_SIZE, r=keeler
--HG--
extra : rebase_source : b9ae99d93921cb2f3a8f4395e9240389752fd2de
2014-08-13 21:01:35 -07:00
Brian Smith
edb0ac64e0 Bug 1053627, Part 1: use sizeof instead of PR_ARRAY_SIZE for byte arrays, r=keeler
--HG--
extra : rebase_source : a01364ed6b64800142f18d3d350f50ca178ea4bb
2014-08-04 19:21:52 -07:00
Brian Smith
5a78d0179b Bug 1053621: Stop using PR_NOT_REACHED in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : b70a3ca2f3dade0439cf902bf4042716e7d1bbd3
2014-08-04 19:19:29 -07:00
Brian Smith
1709415e43 Bug 1053620: Replaces uses of PR_Abort with std::abort in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 2e1f3eec5305e89bfa28fbda856b4e36515a2819
2014-08-04 19:12:34 -07:00
Brian Smith
d08286d3d3 Bug 1053617: Reduce scope of DER encoding debugging logic to the file it is used in, r=keeler
--HG--
extra : rebase_source : c22f7e96dfdd1997626769ac03c6d189321eec1a
2014-08-04 19:07:26 -07:00
Brian Smith
9a2a60943d Bug 1053616: Remove uses of PR_SetError from mozilla::pkix tests, r=keeler
--HG--
extra : rebase_source : 1fc7ce9ab400c39e3c4afb68940be93cc2a0b848
2014-08-13 17:50:42 -07:00
Cykesiopka
f4a67332e8 Bug 1052257 - Add and use error code specific to inadequate key sizes. r=keeler 2014-08-12 22:24:00 -04:00
Jed Davis
1c8a8d2d9b No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
2014-08-14 15:39:14 -07:00
David Keeler
c3d3df58ac bug 1030963 - remove non-standard window.crypto functions/properties r=jst r=briansmith r=glandium 2014-08-14 09:38:42 -07:00
Brian Smith
3e57ff4e5a Bug 1048642, Part 3: Remove SECStatus GTest utilities, r=cviecco
--HG--
extra : rebase_source : f77202ad8d271604d7620cc5f704a51338c356ab
2014-08-03 22:45:05 -07:00
Brian Smith
065cf239b1 Bug 1048642, Part 2: Change GenerateKeyPair return type from SECStatus to Result, r=cviecco
--HG--
extra : rebase_source : 652277e952d224175ea57d4509124ff8180440cb
2014-08-04 10:59:21 -07:00
Brian Smith
4a58c8b13e Bug 1048642, Part 1: Change TamperOnce return type from SECStatus to Result, r=cviecco
--HG--
extra : rebase_source : 1d2e8014153d8bfc6f9008dd9b6b9e4d5ac5dcb7
2014-08-03 22:49:10 -07:00