David Keeler 65635d2855 bug 1427248 - avoid changing certificate trust in nsNSSComponent initialization r=fkiefer,jcj ... If a user has set a master password on their NSS DB(s), when we try to change the trust of a certificate, we may have to authenticate to the DB. This involves bringing up a dialog box, executing javascript, spinning the event loop, etc. In some cases (particularly when antivirus software has injected code into Firefox), this can cause the nsNSSComponent to be initialized if it hasn't already been. So, it's a really, really bad idea to attempt to change the trust of a certificate while we're initializing nsNSSComponent, because this results in a recursive component dependency and everything breaks. To get around this, if we need to load 3rd party roots (e.g. enterprise roots or the family safety root), we defer any trust changes to a later event loop tick. In theory this could cause verification failures early in startup. We'll have to see if this is an issue in practice. MozReview-Commit-ID: FvjHP5dTmpP --HG-- extra : rebase_source : ad0fb83a0de3632e3a967e91aec3d8070b22dedc		2018-05-07 17:05:30 -07:00
..
locales	Bug 1448934 - Fix some spelling mistakes in locales/en-US r=flod	2018-04-24 10:26:35 +02:00
pki	bug 686149 - improve PKCS7 certificate export to not use legacy path building r=fkiefer	2018-05-02 10:22:58 -07:00
ssl	bug 1427248 - avoid changing certificate trust in nsNSSComponent initialization r=fkiefer,jcj	2018-05-07 17:05:30 -07:00
tools	Bug 1456035: Part 4 - Convert callers of XPCOMUtils.generateQI to ChromeUtils.generateQI. r=mccr8	2018-04-22 20:55:06 -07:00
.flake8	Bug 1322914 - Enable flake8 linting for security/manager. r=mgoodwin	2016-12-13 00:25:45 +08:00
android_stub.h	Bug 1372781 - Remove getdtablesize stub from android_stub.h. r=jchen	2017-07-07 16:18:08 +09:00
moz.build	Backed out changeset 121e4d470c11 (bug 1391703) for breaking periodic HSTS/HPKP updates.	2017-08-25 10:16:27 -04:00