summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl
Commit message (Collapse)AuthorAgeLines
* Issue #1498 - Part 6: Remove STS preloadlist pref.wolfbeast2020-03-27-8/+0
|
* Issue #1498 - Part 5: Update SSService CID and correct mismatch.wolfbeast2020-03-27-4/+4
|
* Issue #1498 - Part 4: Remove clearPreloads.wolfbeast2020-03-27-20/+0
| | | | Also tag #1280
* Issue #1498 - Part 3: Remove support for storing "knockout" values.wolfbeast2020-03-27-10/+4
|
* Issue #1498 - Part 1: Stop persisting preload states.wolfbeast2020-03-27-6/+1
| | | | | | Since we don't use preloading anymore for either HPKP or HSTS, we no longer need persistent storage in the profile for preload states. Tag #1280 also
* Issue #1498 - Part 1: Stop using HSTS preload lists.wolfbeast2020-03-27-103420/+8
|
* Take nsSiteSecurityService out of UNIFIED_SOURCESMatt A. Tobin2020-03-25-1/+4
| | | | It exceeded the obj file sections limit because of the HSTS preload list so it cannot be built in UNIFIED mode.
* Issue #447 - Update HSTS preload listwolfbeast2020-03-24-9018/+14842
|
* Issue #1467 - Part 4: Rename NSS_SQLSTORE to MOZ_SECURITY_SQLSTORE.wolfbeast2020-03-19-3/+3
| | | | Rename the build config option accordingly.
* Issue #1467 - Part 3: Use UTF-8 file paths for NSS-SQL database.wolfbeast2020-03-17-2/+11
|
* Issue #1467 - Part 1: Set up conditional NSS-SQL builds.wolfbeast2020-03-16-0/+11
| | | | | | | - Adds buildconfig option --enable-nss-sqlstore - Prefixes NSS dbinit with either sql: or dbm: depending on config - Pre-initializes mozStorage when NSS-SQL storage is used to prevent an sqlite3_config race in NSS Init
* Issue #1053 - Remove android support from nsNSSComponent.cppMatt A. Tobin2020-02-28-61/+17
|
* Issue #447 - Update HSTS preload list & reduce debug spewwolfbeast2020-02-01-8489/+14123
| | | | | Commented out spewing dump() statements in loops. With the ever growing HSTS list it takes too much time and is pointless to display.
* Be more consistent about decoding IP addresses in PSM.wolfbeast2020-01-09-2/+7
|
* Issue #1118 - Part 6: Fix various tests that are no longer correct.wolfbeast2019-12-22-1/+1
| | | | | The behavior change of document.open() requires these tests to be changed to account for the new spec behavior.
* Issue #447 - Update HSTS preload listwolfbeast2019-11-19-3828/+3982
|
* Issue #1289 - Part 3: Update tests.wolfbeast2019-11-14-0/+36
|
* Issue #1289 - Part 2: Clear out the preload list except for testwolfbeast2019-11-14-503/+2
| | | | domains.
* Issue #1289 - Part 1: Add a pref to disable HPKP header processing.wolfbeast2019-11-14-4/+37
|
* Issue #447 - Update HSTS preload list.wolfbeast2019-11-09-11027/+26141
|
* Properly implement various HSTS states.wolfbeast2019-09-05-16/+27
| | | | | | | | Previously, HSTS preload list values could be overridden temporarily due to counter-intuitive behavior of the API's removeState function. This adds an explicit flag to the API for writing knockout values to the Site Security Service, with the default resetting to whatever the preload list state is.
* Update HSTS preload listtrav902019-06-26-4115/+6505
| | | | Tag #447
* Update HSTS preload listwolfbeast2019-05-28-8368/+16300
| | | | Tag #447
* Remove SecurityUI telemetry.adeshkp2019-04-21-151/+0
|
* Fix order of member variables in a couple of initializer listsadeshkp2019-03-14-1/+1
|
* Update HSTS preload listtrav902019-01-31-2982/+5618
| | | | Tag #447
* Fix check for HSTS when service is disabled.Ascrod2019-01-17-1/+1
|
* Add preference for fully disabling HSTS.Ascrod2019-01-16-0/+25
|
* Remove a pointless `switch` after telemetry cleanupadeshkp2019-01-14-14/+0
|
* Telemetry: Remove stubs and related codeadeshkp2019-01-12-782/+6
|
* Update HSTS preload listtrav902019-01-02-1989/+1978
| | | | Tag #447
* Update HSTS preload listtrav902018-12-15-2240/+3430
| | | | Tag #447
* Update HSTS preload listtrav902018-11-27-2835/+4530
| | | | Tag #447
* Remove AccumulateCipherSuite()wolfbeast2018-11-08-71/+2
| | | | This resolves #858
* Remove ancient workaround in client certificate codewolfbeast2018-11-02-57/+1
| | | | | | | | Apparently a prehistoric server implementation would send a certificate_authorities field that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and work around it. This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo server bug workaround can be removed.
* Make sure nsNSSCertList handling checks for valid certs.wolfbeast2018-11-02-3/+36
|
* Update HSTS preload listtrav902018-10-27-1940/+3077
| | | | Tag #447
* Update HSTS preload listtrav902018-10-12-1500/+2523
| | | | Tag #447
* Ensure we got an nsISSLStatus when deserializing in TransportSecurityInfo.wolfbeast2018-10-04-1/+92
|
* Update HSTS preload listtrav902018-09-29-1907/+2923
| | | | Tag #447
* Get rid of the incorrect mechanism to remove insecure fallback hosts.wolfbeast2018-09-29-12/+0
| | | | This fixes #797.
* Update HSTS preload listtrav902018-09-11-1799/+3198
| | | | Tag #447
* Remove all C++ Telemetry Accumulation calls.wolfbeast2018-09-03-295/+4
| | | | | This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables). Stub resolution/removal should be a follow-up to this.
* Remove support for TLS session caches in TLSServerSocket.wolfbeast2018-09-01-15/+0
| | | | This resolves #738
* Update HSTS preload listtrav902018-08-27-2462/+4464
| | | | Tag #447
* Fix missed in32->int64 in df852120098dc7ba5df4a76126c6297c6d2d1b7bwolfbeast2018-08-17-1/+1
| | | | Tag #709.
* Reinstate RC4 and mark 3DES weak.wolfbeast2018-08-17-1/+7
| | | | Tag #709
* Extend {EnabledWeakCiphers} bit field to allow more cipher suites.wolfbeast2018-08-17-8/+8
| | | | Tag #709.
* Update HSTS preload listtrav902018-08-01-1735/+1719
| | | | Tag #447
* replace "certErrorCodePrefix2" with "certErrorCodePrefix"yami2018-07-22-2/+2
|