David Keeler
3a4c2d822a
bug 1179660 - define 'now' as the first second of the current year for pycert r=Cykesiopka
...
This is to avoid a dependency on the buildid so we don't have to
regenerate all of the test certificate with every ./mach build.
This can cause problems very near midnight on New Year's Eve.
If this happens, kick off a new build and get back to the party.
2015-07-15 16:20:54 -07:00
Xidorn Quan
cec576a922
Bug 1187173 - Disable warning C4623 on security/certverifier. r=briansmith
...
--HG--
extra : source : 9f3acfedff8cf4a26266bb578dc69727e799c0cf
extra : amend_source : cb1d0a6e8c6d9199429159cb9a20484f5aa95b8d
2015-07-24 13:38:12 +10:00
Jed Davis
315c4ad9c2
Bug 1186709 - Remove MOZ_IMPLICIT from security/sandbox/chromium. r=bobowen
2015-07-23 08:28:00 -04:00
Jed Davis
39f6ab2a28
Bug 1157864 - Record chromium patch applied in previous commit. r=me
2015-07-22 15:48:49 -07:00
Felix Janda
acfe5cf4cf
Bug 1157864 - chromium sandbox: Fix compilation for systems without <sys/cdefs.h>. r=jld
2015-02-05 22:41:38 +01:00
Masatoshi Kimura
0e28f550d3
Bug 1181562 - Update fallback whitelist. r=keeler
2015-07-22 20:35:26 +09:00
Nicholas Nethercote
1ac7d5d5b1
Bug 1182959 (part 5) - Use nsTHashtable::Iterator in nsCertOverrideService. r=honzab.
...
--HG--
extra : rebase_source : c36d0f9e4a2242a934e2848b6f977f33d6ac76cc
2015-07-20 17:12:03 -07:00
Nicholas Nethercote
746d9d6e0a
Bug 1182959 (part 4) - Remove BlocklistSaveInfo. r=honzab.
...
--HG--
extra : rebase_source : c46e23885d97ef05504db32e0fd8cae05b55232a
2015-07-20 17:12:03 -07:00
Nicholas Nethercote
6ceff73a0f
Bug 1182959 (part 3) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
...
--HG--
extra : rebase_source : 4df2d9845e7a04c11bc6076ea7844fba7b5ca3a9
2015-07-20 17:12:03 -07:00
Nicholas Nethercote
e0bd2455c1
Bug 1182959 (part 2) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
...
--HG--
extra : rebase_source : f2b69832a8f789919db84706591e96bcf4bd0a1d
2015-07-20 17:12:03 -07:00
Nicholas Nethercote
489123be0f
Bug 1182959 (part 1) - Use nsTHashtable::Iterator in CertBlockList. r=honzab.
...
--HG--
extra : rebase_source : cdef0d25cd3dcc63313ab391c0c7fe37d048eb1a
2015-07-20 17:12:03 -07:00
Jed Davis
fc9b22c883
Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium
...
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).
This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-09 12:09:00 +02:00
Jed Davis
06bdcaaa33
Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
...
This also imports the unit tests but doesn't arrange to run them.
Including the tests in our xul-gtest is possible but not trivial: there
are logging dependencies, and they use a different #include path for
gtest.h (which we'd need to patch).
Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-09 12:04:00 +02:00
David Keeler
b0d4abd2b1
bug 1178988 - GenerateOCSPResponse: load certs/keys in two phases r=Cykesiopka
...
This was initially done to work around a readdir-related bug in the B2G ICS
emulator, but then it turned out that test_ocsp_url.js still fails in ways that
are unreproducible outside of mozilla-inbound on that platform, so it was
disabled (r=sworkman). It's still a good idea, though, to avoid any potential
future issues with readdir not being reentrant.
2015-07-15 14:12:02 -07:00
David Keeler
fd5e8893a4
bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
...
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler
3999edd791
bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin
2015-06-30 14:35:42 -07:00
Ryan VanderMeulen
1c6931cc67
Merge m-c to inbound. a=merge
2015-07-19 22:38:28 -04:00
Benjamin Peterson
2751f97bb3
no bug - fix typo and grammar in comment r=me DONTBUILD
2015-07-19 18:07:43 -07:00
ffxbld
3267aeb6a8
No bug, Automated HPKP preload list update from host bld-linux64-spot-135 - a=hpkp-update
2015-07-18 03:35:51 -07:00
ffxbld
f12b366895
No bug, Automated HSTS preload list update from host bld-linux64-spot-135 - a=hsts-update
2015-07-18 03:35:49 -07:00
Mark Goodwin
4ba2d72200
Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler)
2015-07-17 17:07:50 +01:00
Mark Goodwin
fce204e0e0
Bug 1183822 - fix OCSP verification failures (r=keeler)
...
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
2015-07-17 17:07:48 +01:00
Mark Goodwin
30d8779d49
Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka)
2015-07-17 17:07:47 +01:00
Wes Kocher
b9baa34b08
Backed out 3 changesets (bug 1178988) for ocsp orange CLOSED TREE
...
Backed out changeset 7fb6a9114916 (bug 1178988)
Backed out changeset 2700ec4adc3e (bug 1178988)
Backed out changeset 07b9c2331ac1 (bug 1178988)
2015-07-17 17:49:46 -07:00
Mark Goodwin
806731fbb7
Backed out changeset ec1b5a7d05e9 (bug 1183065)
2015-07-17 10:37:00 +01:00
Mark Goodwin
c7285efe5a
Backed out changeset fb6cbb4ada54 (bug 1183822)
2015-07-17 10:36:58 +01:00
Mark Goodwin
e2ee16093c
Backed out changeset f324dcfaab40 (bug 1183822)
2015-07-17 10:36:56 +01:00
Mark Goodwin
e57ac71ec4
Bug 1183822 - Add an OCSP test for signers with SHA-1 certificates (r=keeler)
2015-07-17 10:04:17 +01:00
Mark Goodwin
0bfd3046ed
Bug 1183822 - fix OCSP verification failures (r=keeler)
...
Adds a new TrustDomain for OCSP Signers which will always allow all acceptible
signature digest algorithms. Calls to most other TrustDomain methods are passed
through to the owning NSSCertDBTrustDomain.
2015-07-17 10:03:56 +01:00
Mark Goodwin
810c972b95
Bug 1183065 - Add logging on OneCRL revocation checks (r=Cykesiopka)
2015-07-17 10:03:21 +01:00
David Keeler
da7508611c
bug 1178988 - work around PR_ReadDir bug on B2G ICS emulator by loading certs/keys in two phases r=Cykesiopka
2015-07-15 14:12:02 -07:00
David Keeler
9e28b0964f
bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
...
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler
9b96df5045
bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin
2015-06-30 14:35:42 -07:00
Cykesiopka
7bb4919849
Bug 1179678 - Add result strings to misc PSM xpcshell tests. r=keeler
2015-07-14 23:19:00 +02:00
Wes Kocher
c00da5ced5
Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE
...
Backed out changeset fbf7aca43c3a (bug 1181704)
Backed out changeset 8864c0587ced (bug 1181704)
2015-07-13 16:51:17 -07:00
Jed Davis
60984b0ab1
Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium
...
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).
This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-13 16:17:58 -07:00
Jed Davis
c5ffe92d42
Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
...
This does not include the upstream unit tests. Including the tests
in our xul-gtest is possible but not trivial: there are logging
dependencies, and they use a different #include path for gtest.h (which
we'd need to patch).
Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-13 16:17:58 -07:00
Birunthan Mohanathas
a8939590de
Bug 1182996 - Fix and add missing namespace comments. rs=ehsan
...
The bulk of this commit was generated by running:
run-clang-tidy.py \
-checks='-*,llvm-namespace-comment' \
-header-filter=^/.../mozilla-central/.* \
-fix
2015-07-13 08:25:42 -07:00
Carsten "Tomcat" Book
4a67c881e4
merge mozilla-inbound to mozilla-central a=merge
2015-07-13 11:51:14 +02:00
ffxbld
e2ec40e62a
No bug, Automated HPKP preload list update from host bld-linux64-spot-222 - a=hpkp-update
2015-07-11 03:33:38 -07:00
ffxbld
f596fa8330
No bug, Automated HSTS preload list update from host bld-linux64-spot-222 - a=hsts-update
2015-07-11 03:33:36 -07:00
David Keeler
72c6934fcc
bug 1181376 - convert test_bug480619.html to an xpcshell test r=mgoodwin
...
--HG--
rename : security/manager/ssl/tests/mochitest/bugs/test_bug480619.html => security/manager/ssl/tests/unit/test_logoutAndTeardown.js
2015-07-07 16:09:56 -07:00
Geoff Brown
52d4e225a0
Bug 1026290 - Update mochitest-chrome manifests for android; r=jgriffin
2015-07-10 14:41:59 -06:00
Mark Goodwin
98a776cea1
Bug 1159155 - Add telemetry probe for SHA-1 usage - some tests (r=keeler)
2015-07-09 07:22:32 +01:00
Mark Goodwin
91782dab68
Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler)
2015-07-09 07:22:29 +01:00
Phil Ringnalda
6565c918a7
Back out 2 changesets (bug 1178988) for b2g emulator opt xpcshell failure in test_ocsp_url.js
...
CLOSED TREE
Backed out changeset 2c5d5eb434b9 (bug 1178988)
Backed out changeset 936d991c4cbc (bug 1178988)
2015-07-08 22:49:12 -07:00
David Keeler
0d33e93440
bug 1178988 - convert test_ocsp_url to generate certificates at build time r=Cykesiopka
...
Also enable loading of certificates and private keys into GenerateOCSPResponse
2015-06-04 17:03:48 -07:00
David Keeler
c4edcb819d
bug 1178988 - refactor key-specific parts of pycert.py into pykey.py r=Cykesiopka,mgoodwin
2015-06-30 14:35:42 -07:00
Carsten "Tomcat" Book
da83a15284
Merge mozilla-central to fx-team
2015-07-08 12:04:53 +02:00
Steven Englehardt
73079800c9
Bug 1153010 - Disambiguate error messages for mixed content and weak/broken cipher. r=keeler,tanvi,dolske
2015-07-08 09:04:11 +02:00