| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
SFTKSession objects are only ever actually destroyed at PK11 session
closure, as the session is always the final holder -- and asserting
refCount == 1 shows that to be true. Because of that, NSC_CloseSession
can just call `sftk_DestroySession` directly and leave
`sftk_FreeSession` as a no-op to be removed in the future.
|
| | |
|
| | |
|
| |
|
|
| |
domains.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Use HEAD instead of GET for probe to avoid loading pages
- Reduce retries to 2
- Reduce timeout to 10 s (since we're just getting a HEAD this is royal)
- Identify ourselves to websites as an automated tool
- Improve performance of list merging (O(n^2) was getting too expensive)
- Add a total counter and perform GC every 200 requests
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |\
| | |
| | | |
Support Modern Solaris
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Solaris.
https://bugzilla.mozilla.org/show_bug.cgi?id=1513913
Mozilla's solution to this is arguably overkill, since the namespace issue on Solaris only required them to change (or temporarily undefine) __log2. Instead they changed ALL the functions to be something along the lines of dbm_log2. They haven't changed the external interface at all, though.
If you're unhappy with this patch, I think I could also use XP_SOLARIS ifdefs to undefine __log2 prior to where it's declared in the dbm headers. The good thing about Mozilla's solution is that it guarantees this namespace issue never occurs again on any platform, though.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This rollup patch adds additional length checks around cryptographic
primitives.
|
| | |/
| |
| |
| |
| |
| | |
HKDF-Expand enforces a maximum output length much shorter than stated in
the RFC. This patch aligns the implementation with the RFC by allocating
more output space when necessary.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Previously, HSTS preload list values could be overridden temporarily due
to counter-intuitive behavior of the API's removeState function.
This adds an explicit flag to the API for writing knockout values to
the Site Security Service, with the default resetting to whatever the
preload list state is.
|
| | |
| |
| |
| |
| | |
- Fix some quoting, comments and inconsistencies and code style
- Swap manually grabbing service components out for using `Services.*`
|
| |/
|
|
|
|
|
| |
This avoids getting data synchronously on the main thread in an XHR
(which has been deprecated for a long time and _may_ actually be blocked
in our networking) and attempts to be more predictable by always firing
an update request for the dialog from the XHR request handlers.
|
| | |
|
| |
|
|
| |
This is a spec compliance issue.
|
| | |
|
| | |
|
| |
|
|
|
| |
within industry standard security, considering our db hashing is more
CPU intensive than anticipated.
|
| |\
| |
| | |
Update HSTS preload list
|
| | |
| |
| |
| | |
Tag #447
|
| |/
|
|
| |
This resolves #82
|
| |
|
|
| |
This reverts commit fbc2eaacd679f0c484993ffe23d786fd06da22c3.
|
| |
|
|
| |
This resolves #82
|
| |
|
|
| |
Tag #447
|
| |
|
|
| |
MOZ_FENNEC
|
| | |
|
| | |
|
| |
|
|
| |
Tag #447
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Tag #447
|
| |
|
|
| |
Tag #447
|
| | |
|
| |
|
|
| |
Tag #447
|
| |
|
|
| |
This resolves #858
|
| |
|
|
|
|
|
|
| |
Apparently a prehistoric server implementation would send a certificate_authorities field
that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and
work around it.
This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo
server bug workaround can be removed.
|
| | |
|
| |
|
|
| |
Tag #447
|
| |
|
|
| |
Tag #447
|
| | |
|
| |
|
|
| |
Tag #447
|
