Master merge

This merges master into release to replace Redwood.

# Conflicts:
#	CLOBBER
#	build/moz.configure/old.configure
#	config/milestone.txt
#	config/moz.build
#	config/system-headers
#	dom/abort/AbortController.cpp
#	dom/abort/AbortController.h
#	dom/abort/AbortSignal.cpp
#	dom/abort/AbortSignal.h
#	dom/abort/moz.build
#	dom/abort/tests/moz.build
#	dom/animation/KeyframeEffect.cpp
#	dom/base/CustomElementRegistry.cpp
#	dom/base/DocGroup.cpp
#	dom/base/ResizeObserverController.cpp
#	dom/base/ResizeObserverController.h
#	dom/base/nsContentUtils.cpp
#	dom/base/nsContentUtils.h
#	dom/base/nsDocument.cpp
#	dom/base/nsIDocument.h
#	dom/fetch/FetchObserver.cpp
#	dom/fetch/FetchObserver.h
#	dom/heapsnapshot/AutoMemMap.cpp
#	dom/heapsnapshot/AutoMemMap.h
#	dom/heapsnapshot/CoreDump.proto
#	dom/heapsnapshot/HeapSnapshot.cpp
#	dom/heapsnapshot/HeapSnapshotTempFileHelperChild.h
#	dom/heapsnapshot/HeapSnapshotTempFileHelperParent.cpp
#	dom/heapsnapshot/HeapSnapshotTempFileHelperParent.h
#	dom/heapsnapshot/PHeapSnapshotTempFileHelper.ipdl
#	dom/heapsnapshot/moz.build
#	dom/heapsnapshot/tests/gtest/moz.build
#	dom/html/nsGenericHTMLElement.h
#	dom/media/platforms/PlatformDecoderModule.h
#	dom/media/platforms/moz.build
#	dom/script/ModuleLoadRequest.cpp
#	dom/script/ModuleLoadRequest.h
#	dom/script/ModuleScript.cpp
#	dom/script/ModuleScript.h
#	dom/script/ScriptElement.cpp
#	dom/script/ScriptElement.h
#	dom/script/ScriptLoadHandler.cpp
#	dom/script/ScriptLoadHandler.h
#	dom/script/ScriptLoader.cpp
#	dom/script/ScriptLoader.h
#	dom/script/ScriptSettings.cpp
#	dom/script/ScriptSettings.h
#	dom/script/nsIScriptElement.h
#	dom/script/nsIScriptLoaderObserver.idl
#	dom/webidl/HTMLLinkElement.webidl
#	gfx/gl/moz.build
#	gfx/graphite2/src/moz.build
#	gfx/layers/moz.build
#	js/ductwork/inspector/moz.build
#	js/ductwork/moz.build
#	js/src/gc/Heap.h
#	js/src/moz.build
#	js/src/vm/UnboxedObject-inl.h
#	js/src/vm/UnboxedObject.cpp
#	js/src/vm/UnboxedObject.h
#	layout/base/crashtests/crashtests.list
#	layout/build/moz.build
#	layout/generic/AspectRatio.h
#	layout/generic/crashtests/crashtests.list
#	layout/reftests/bidi/reftest-stylo.list
#	layout/reftests/reftest-stylo.list
#	layout/reftests/table-bordercollapse/reftest.list
#	layout/reftests/writing-mode/reftest-stylo.list
#	layout/style/StyleSheet.cpp
#	layout/style/nsRuleNode.cpp
#	layout/style/nsStyleStruct.cpp
#	layout/style/nsStyleStruct.h
#	modules/libpref/init/all.js
#	nsprpub/pr/src/linking/prlink.c
#	parser/html/java/htmlparser/src/nu/validator/htmlparser/impl/AttributeName.java
#	parser/html/java/htmlparser/src/nu/validator/htmlparser/impl/ElementName.java
#	parser/html/nsHtml5AtomList.h
#	parser/html/nsHtml5AttributeName.cpp
#	parser/html/nsHtml5AttributeName.h
#	parser/html/nsHtml5ElementName.cpp
#	parser/html/nsHtml5ElementName.h
#	parser/html/nsHtml5TreeBuilderCppSupplement.h
#	parser/htmlparser/nsElementTable.cpp
#	parser/htmlparser/nsHTMLTagList.h
#	security/nss/lib/nss/nss.h
#	security/nss/lib/softoken/pkcs11.c
#	security/nss/lib/softoken/softkver.h
#	security/nss/lib/util/nssutil.h
#	testing/web-platform/tests/tools/html5lib/html5lib/html5parser.py
#	testing/web-platform/tests/tools/html5lib/html5lib/treebuilders/_base.py
#	toolkit/modules/AppConstants.jsm

4 files changed, 86 insertions, 29 deletions

diff --git a/security/nss/cmd/lib/basicutil.c b/security/nss/cmd/lib/basicutil.c
index de56fbdd9..476475d90 100644
--- a/security/nss/cmd/lib/basicutil.c
+++ b/security/nss/cmd/lib/basicutil.c
@@ -17,6 +17,7 @@
 
 #include "basicutil.h"
 #include <stdarg.h>
+#include <stddef.h>
 #include <sys/stat.h>
 #include <errno.h>
 
@@ -632,7 +633,8 @@ void
 SECU_PrintPRandOSError(const char *progName)
 {
     char buffer[513];
-    PRInt32 errLen = PR_GetErrorTextLength();
+    PRInt32 errLenInt = PR_GetErrorTextLength();
+    size_t errLen = errLenInt < 0 ? 0 : (size_t)errLenInt;
     if (errLen > 0 && errLen < sizeof buffer) {
         PR_GetErrorText(buffer);
     }
@@ -739,7 +741,6 @@ SECU_HexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str)
     int byteval = 0;
     int tmp = PORT_Strlen(str);
 
-    PORT_Assert(arena);
     PORT_Assert(item);
 
     if ((tmp % 2) != 0) {
@@ -760,7 +761,9 @@ SECU_HexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str)
         } else if ((str[i] >= 'A') && (str[i] <= 'F')) {
             tmp = str[i] - 'A' + 10;
         } else {
-            /* item is in arena and gets freed by the caller */
+            if (!arena) {
+                SECITEM_FreeItem(item, PR_FALSE);
+            }
             return NULL;
         }
 
diff --git a/security/nss/cmd/lib/pk11table.c b/security/nss/cmd/lib/pk11table.c
index ec5d88926..f7a45fa84 100644
--- a/security/nss/cmd/lib/pk11table.c
+++ b/security/nss/cmd/lib/pk11table.c
@@ -102,7 +102,7 @@ const Constant _consts[] = {
     mkEntry(CKF_WRAP, MechanismFlags),
     mkEntry(CKF_UNWRAP, MechanismFlags),
     mkEntry(CKF_DERIVE, MechanismFlags),
-    mkEntry(CKF_EC_FP, MechanismFlags),
+    mkEntry(CKF_EC_F_P, MechanismFlags),
     mkEntry(CKF_EC_F_2M, MechanismFlags),
     mkEntry(CKF_EC_ECPARAMETERS, MechanismFlags),
     mkEntry(CKF_EC_NAMEDCURVE, MechanismFlags),
@@ -128,7 +128,6 @@ const Constant _consts[] = {
     mkEntry(CKO_SECRET_KEY, Object),
     mkEntry(CKO_HW_FEATURE, Object),
     mkEntry(CKO_DOMAIN_PARAMETERS, Object),
-    mkEntry(CKO_KG_PARAMETERS, Object),
     mkEntry(CKO_NSS_CRL, Object),
     mkEntry(CKO_NSS_SMIME, Object),
     mkEntry(CKO_NSS_TRUST, Object),
@@ -255,8 +254,8 @@ const Constant _consts[] = {
     mkEntry2(CKA_TRUST_TIME_STAMPING, Attribute, Trust),
     mkEntry2(CKA_CERT_SHA1_HASH, Attribute, None),
     mkEntry2(CKA_CERT_MD5_HASH, Attribute, None),
-    mkEntry2(CKA_NETSCAPE_DB, Attribute, None),
-    mkEntry2(CKA_NETSCAPE_TRUST, Attribute, Trust),
+    mkEntry2(CKA_NSS_DB, Attribute, None),
+    mkEntry2(CKA_NSS_TRUST, Attribute, Trust),
 
     mkEntry(CKM_RSA_PKCS, Mechanism),
     mkEntry(CKM_RSA_9796, Mechanism),
@@ -473,16 +472,16 @@ const Constant _consts[] = {
     mkEntry(CKM_DH_PKCS_PARAMETER_GEN, Mechanism),
     mkEntry(CKM_NSS_AES_KEY_WRAP, Mechanism),
     mkEntry(CKM_NSS_AES_KEY_WRAP_PAD, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_DES_CBC, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, Mechanism),
-    mkEntry(CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_DES_CBC, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_40_BIT_RC4, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_128_BIT_RC4, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC, Mechanism),
+    mkEntry(CKM_NSS_PBE_SHA1_HMAC_KEY_GEN, Mechanism),
+    mkEntry(CKM_NSS_PBE_MD5_HMAC_KEY_GEN, Mechanism),
+    mkEntry(CKM_NSS_PBE_MD2_HMAC_KEY_GEN, Mechanism),
     mkEntry(CKM_TLS_PRF_GENERAL, Mechanism),
     mkEntry(CKM_NSS_TLS_PRF_GENERAL_SHA256, Mechanism),
 
@@ -520,7 +519,6 @@ const Constant _consts[] = {
     mkEntry(CKR_KEY_FUNCTION_NOT_PERMITTED, Result),
     mkEntry(CKR_KEY_NOT_WRAPPABLE, Result),
     mkEntry(CKR_KEY_UNEXTRACTABLE, Result),
-    mkEntry(CKR_KEY_PARAMS_INVALID, Result),
     mkEntry(CKR_MECHANISM_INVALID, Result),
     mkEntry(CKR_MECHANISM_PARAM_INVALID, Result),
     mkEntry(CKR_OBJECT_HANDLE_INVALID, Result),
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
index 703845e98..b70a14172 100644
--- a/security/nss/cmd/lib/secutil.c
+++ b/security/nss/cmd/lib/secutil.c
@@ -494,23 +494,30 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
     if (ascii) {
         /* First convert ascii to binary */
         SECItem filedata;
-        char *asc, *body;
 
         /* Read in ascii data */
         rv = SECU_FileToItem(&filedata, inFile);
         if (rv != SECSuccess)
             return rv;
-        asc = (char *)filedata.data;
-        if (!asc) {
+        if (!filedata.data) {
             fprintf(stderr, "unable to read data from input file\n");
             return SECFailure;
         }
+        /* need one additional byte for zero terminator */
+        rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
+        if (rv != SECSuccess) {
+            PORT_Free(filedata.data);
+            return rv;
+        }
+        char *asc = (char *)filedata.data;
+        asc[filedata.len - 1] = '\0';
 
         if (warnOnPrivateKeyInAsciiFile && strstr(asc, "PRIVATE KEY")) {
             fprintf(stderr, "Warning: ignoring private key. Consider to use "
                             "pk12util.\n");
         }
 
+        char *body;
         /* check for headers and trailers and remove them */
         if ((body = strstr(asc, "-----BEGIN")) != NULL) {
             char *trailer = NULL;
@@ -528,14 +535,7 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
                 return SECFailure;
             }
         } else {
-            /* need one additional byte for zero terminator */
-            rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
-            if (rv != SECSuccess) {
-                PORT_Free(filedata.data);
-                return rv;
-            }
-            body = (char *)filedata.data;
-            body[filedata.len - 1] = '\0';
+            body = asc;
         }
 
         /* Convert to binary */
@@ -4159,3 +4159,57 @@ exportKeyingMaterials(PRFileDesc *fd,
 
     return SECSuccess;
 }
+
+SECStatus
+readPSK(const char *arg, SECItem *psk, SECItem *label)
+{
+    SECStatus rv = SECFailure;
+    char *str = PORT_Strdup(arg);
+    if (!str) {
+        goto cleanup;
+    }
+
+    char *pskBytes = strtok(str, ":");
+    if (!pskBytes) {
+        goto cleanup;
+    }
+    if (PORT_Strncasecmp(pskBytes, "0x", 2) != 0) {
+        goto cleanup;
+    }
+
+    psk = SECU_HexString2SECItem(NULL, psk, &pskBytes[2]);
+    if (!psk || !psk->data || psk->len != strlen(&str[2]) / 2) {
+        goto cleanup;
+    }
+
+    SECItem labelItem = { siBuffer, NULL, 0 };
+    char *inLabel = strtok(NULL, ":");
+    if (inLabel) {
+        labelItem.data = (unsigned char *)PORT_Strdup(inLabel);
+        if (!labelItem.data) {
+            goto cleanup;
+        }
+        labelItem.len = strlen(inLabel);
+
+        if (PORT_Strncasecmp(inLabel, "0x", 2) == 0) {
+            rv = SECU_SECItemHexStringToBinary(&labelItem);
+            if (rv != SECSuccess) {
+                SECITEM_FreeItem(&labelItem, PR_FALSE);
+                goto cleanup;
+            }
+        }
+        rv = SECSuccess;
+    } else {
+        PRUint8 defaultLabel[] = { 'C', 'l', 'i', 'e', 'n', 't', '_',
+                                   'i', 'd', 'e', 'n', 't', 'i', 't', 'y' };
+        SECItem src = { siBuffer, defaultLabel, sizeof(defaultLabel) };
+        rv = SECITEM_CopyItem(NULL, &labelItem, &src);
+    }
+    if (rv == SECSuccess) {
+        *label = labelItem;
+    }
+
+cleanup:
+    PORT_Free(str);
+    return rv;
+}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
index c6da961e7..0bdfa9508 100644
--- a/security/nss/cmd/lib/secutil.h
+++ b/security/nss/cmd/lib/secutil.h
@@ -424,6 +424,8 @@ SECStatus exportKeyingMaterials(PRFileDesc *fd,
                                 const secuExporter *exporters,
                                 unsigned int exporterCount);
 
+SECStatus readPSK(const char *arg, SECItem *psk, SECItem *label);
+
 /*
  *
  *  Error messaging