d92b7e25c7c728d2bfe44f238da7ede5a9f54b13: backout bug 985021 (5ef925251f56) for another build breakage on a CLOSED TREE r=backout
David Keeler <dkeeler@mozilla.com> - Fri, 21 Mar 2014 11:47:06 -0700 - rev 14506
Push 3202 by franziskuskiefer@gmail.com at Mon, 01 Oct 2018 08:30:12 +0000
backout bug 985021 (5ef925251f56) for another build breakage on a CLOSED TREE r=backout
5ef925251f56b4cbb653229e6f149316bc0edf57: bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
David Keeler <dkeeler@mozilla.com> - Fri, 21 Mar 2014 10:38:36 -0700 - rev 14505
Push 3202 by franziskuskiefer@gmail.com at Mon, 01 Oct 2018 08:30:12 +0000
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
65f5d187786ade4bde386847ada8d2b8f46af28f: backout bug 985021 (76f63c6ad15b) for build breakage r=backout
David Keeler <dkeeler@mozilla.com> - Thu, 20 Mar 2014 16:06:15 -0700 - rev 14504
Push 3202 by franziskuskiefer@gmail.com at Mon, 01 Oct 2018 08:30:12 +0000
backout bug 985021 (76f63c6ad15b) for build breakage r=backout
76f63c6ad15b9aa648474c0ebecce8bad2b48d32: bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
David Keeler <dkeeler@mozilla.com> - Thu, 20 Mar 2014 15:50:12 -0700 - rev 14503
Push 3202 by franziskuskiefer@gmail.com at Mon, 01 Oct 2018 08:30:12 +0000
bug 985021 - mozilla::pkix: temporarily accept pathLenConstraint in EE basic constraints extensions r=briansmith
b67a4d8cf24cc0e8378582fa1f12560c0e614936: bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
David Keeler <dkeeler@mozilla.com> - Thu, 20 Mar 2014 14:29:21 -0700 - rev 14502
Push 3202 by franziskuskiefer@gmail.com at Mon, 01 Oct 2018 08:30:12 +0000
bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
a706ba3c4fa9522a75059657707ade5f59d3955f: Bug 1494901 - Implement ESNI. r=mt
EKR <ekr@rtfm.com> - Sat, 30 Jun 2018 16:45:09 -0700 - rev 14501
Push 3201 by ekr@mozilla.com at Fri, 28 Sep 2018 14:01:15 +0000
Bug 1494901 - Implement ESNI. r=mt Phabricator: https://phabricator.services.mozilla.com/D6042
64de5aec1c11e6de491347dacea77fb81930137c: Bug 1478698, preserve leading zeros when computing TLS 1.3 DHE key share, r=mt
Robert Relyea <rrelyea@redhat.com> - Tue, 25 Sep 2018 09:33:20 +0200 - rev 14500
Push 3200 by dueno@redhat.com at Thu, 27 Sep 2018 07:43:08 +0000
Bug 1478698, preserve leading zeros when computing TLS 1.3 DHE key share, r=mt
4d002e297849d098a4d6c6f08842a8de9147563c: Bug 1488967 - Move tls-interop back to mozilla/tls-interop from fork r=mt
J.C. Jones <jjones@mozilla.com> - Wed, 05 Sep 2018 16:54:10 -0700 - rev 14499
Push 3199 by jjones@mozilla.com at Tue, 25 Sep 2018 16:12:10 +0000
Bug 1488967 - Move tls-interop back to mozilla/tls-interop from fork r=mt The tests/interop/interop.sh script is using a forked repository of tls-interop, which is merging back into the mainline. Going forward, we should use the mainline repo.
3762ca8ff3326cac80280241cc59d7c069d36a77: Bug 1485989, integrate tlsfuzzer interop tests with Taskcluster, r=mt
Daiki Ueno <dueno@redhat.com> - Mon, 24 Sep 2018 17:28:24 +0200 - rev 14498
Push 3198 by dueno@redhat.com at Mon, 24 Sep 2018 15:28:52 +0000
Bug 1485989, integrate tlsfuzzer interop tests with Taskcluster, r=mt Summary: As a start, it only tests TLS 1.3 so far; 8 out of 18 are skipped because of failures. Reviewers: franziskus, HubertKario, mt Reviewed By: mt Subscribers: mt Bug #: 1485989 Differential Revision: https://phabricator.services.mozilla.com/D4217
1252064f09dc772057e67b1852b84fd48783e65a: Backed out changeset 8bea05067a0b
Martin Thomson <martin.thomson@gmail.com> - Sun, 23 Sep 2018 12:44:07 -0700 - rev 14497
Push 3197 by martin.thomson@gmail.com at Sun, 23 Sep 2018 19:44:19 +0000
Backed out changeset 8bea05067a0b
8bea05067a0ba403f4066860ae8a59d4410e2e19: Bug 1434943 - Support for MSVC in build.sh, r=jcj
Martin Thomson <martin.thomson@gmail.com> - Fri, 01 Jun 2018 17:25:21 +1000 - rev 14496
Push 3196 by martin.thomson@gmail.com at Sun, 23 Sep 2018 19:25:41 +0000
Bug 1434943 - Support for MSVC in build.sh, r=jcj This adds basic support for MSVC to build.sh. It uses the registry and vswhere (which is part of the standard mozilla-build setup now) to work out paths and set them properly. It's probably a little fragile, but it's better than the shoestring and tape we have in builds right now. I took the liberty of sanitizing the command-line options a little here. Mostly that is sorting them, but I also deprecated the -m32 option in favour of specifying target architecture with -t. That turned out to be a lot cleaner.
a74229a54349be704bdede56b6f567e0988b9653: Bug 1488148 - clang-4.0, a=bustage
Martin Thomson <martin.thomson@gmail.com> - Sun, 23 Sep 2018 10:54:15 -0700 - rev 14495
Push 3195 by martin.thomson@gmail.com at Sun, 23 Sep 2018 17:54:19 +0000
Bug 1488148 - clang-4.0, a=bustage
3d41453587e4a03dad482cea95222a4c88a5b7ad: Bug 1489691 - clang-format, a=bustage
Martin Thomson <martin.thomson@gmail.com> - Sun, 23 Sep 2018 10:48:42 -0700 - rev 14494
Push 3194 by martin.thomson@gmail.com at Sun, 23 Sep 2018 17:48:47 +0000
Bug 1489691 - clang-format, a=bustage
e56241dc5b61300dc426884b7c3cf50f28e9586b: Bug 1488148 - Rework CI images, r=jcj
Martin Thomson <martin.thomson@gmail.com> - Mon, 03 Sep 2018 16:31:31 +1000 - rev 14493
Push 3193 by martin.thomson@gmail.com at Sun, 23 Sep 2018 17:42:25 +0000
Bug 1488148 - Rework CI images, r=jcj This does some fairly major restructuring of the docker images we use for CI. The genesis of the change is that we were pulling a version of clang that didn't work for fuzzing tests. It turns out that is a use case that is not well-supported anyway, and we have open bugs on it, but this installs workarounds for all the problems I found. Firstly, our images were bloated. This slims down most of the images. The biggest gains are in the clang-format image (down to around a fifth of its previous size). The main linux image we use for building and running tests is also less than half its original size. To achieve that, I had to make two new images. One for all the esoteric builds we run (we compile with multiple gcc and clang versions, and I've added some more to that list). That's a fairly sizeable image. The other is for the interop and bogo suites, where we rely on having Rust and go available. go adds a tidy 250Mb to an image, and Rust adds 750Mb. Using an image with both of those for regular builds can't be good for performance. I didn't expect to see real performance gains here, but the Linux build (32-bit, default config) went from 4:18 down to 2:42 (roughly). The bulk of that time is accounted for by downloading the docker image, so it's clear that an optimization worth spending the time on. Secondly, we had a lot of custom configuration stuff in the builds. This removes most of that in favour of using stock Ubuntu packages from 18.04. The one exception here is - I hope - temporary. As noted in the bug comments, the current release of LLVM 6 has a bug where you can't run address sanitizer on a 32-bit machine if it has glibc 2.27 (which Ubuntu 18.04 does). That's fairly crippling because we need a newer version of LLVM than runs by default on Ubuntu 16.04, so we're stuck with installing a non-stock version for 32-bit runs. I've opted to (temporarily) run 16.04 with an LLVM from the LLVM project. The final change, which is minor, but a little odd and worth noting: the images now rely on "localhost.localdomain" being aliased to the local machine. This is something :wcosta has done for us (thanks!). Thus, we no longer have to run as root so that we can tweak /etc/hosts before we run. There is a little cleanup related to this, but nothing significant. (The scripts still include the `su worker` tweak for aarch64, but I've added a guard and we can remove that with bug 1488325.) There is still more work to be done for the HACL* and SAW builds, which use some very strange configurations. Also, all of the aarch64 images aren't built automatically, so we use images from Franziskus' dockerhub account. This is not good. After digging around a little, there's probably something to be done with QEMU, but I decided that was a project for another time.
87b0372b6a2da431630336702ae8c2d0d0fdb04e: Bug 1459824 - Enable 0.5 RTT data from the server, r=ekr
Martin Thomson <martin.thomson@gmail.com> - Tue, 08 May 2018 15:11:14 +1000 - rev 14492
Push 3192 by martin.thomson@gmail.com at Sun, 23 Sep 2018 17:29:06 +0000
Bug 1459824 - Enable 0.5 RTT data from the server, r=ekr This uses the recently added tls13_CanRequestClientAuth() function to determine whether the server is able to request a certificate. If it can, then we disable 0.5 RTT. Note that there are two ways to enable 0.5 RTT as a result: 1. Don't request a client certificate 2. This is a resumption handshake The latter is non-obvious, so I've added a big comment.
2c85f81f9b5eda0fe8adc969ab0c2e90c33f7947: Bug 1489691 - CTR_Update_HW_AES assert failure r=mt
Dipen Patel <bugzilla@pansara.org> - Fri, 21 Sep 2018 18:25:21 -0700 - rev 14491
Push 3191 by jjones@mozilla.com at Sat, 22 Sep 2018 01:28:21 +0000
Bug 1489691 - CTR_Update_HW_AES assert failure r=mt Summary: The assert for outlen == 0 was being hit when multiple cipher updates that were not block aligned were invoked for a single context. The assumption that intel_aes_ctr_worker() set outlen to zero was incorrect. It only sets the return result to 0. Reviewers: mt Reviewed By: mt Subscribers: rhelmer Bug #: 1489691 Differential Revision: https://phabricator.services.mozilla.com/D5984
fe738aae0bcc2400fdc90d9847262a06cb5bfeb4: Bug 1480647 - Warn about deprecation of key.h and keyt.h. Include keyhi.h instead of key.h, and keythi.h instead of keyt.h. r=rrelyea
Cosmin Truta <ctruta@magicleap.com> - Fri, 14 Sep 2018 12:33:57 +0200 - rev 14490
Push 3190 by kaie@kuix.de at Fri, 14 Sep 2018 10:34:04 +0000
Bug 1480647 - Warn about deprecation of key.h and keyt.h. Include keyhi.h instead of key.h, and keythi.h instead of keyt.h. r=rrelyea
168510d45e3112cc7d9764799da5a72be130cc06: Bug 1434943 - Update paths on Windows workers, r=pmoore
Martin Thomson <martin.thomson@gmail.com> - Tue, 11 Sep 2018 09:09:42 +1000 - rev 14489
Push 3189 by martin.thomson@gmail.com at Fri, 14 Sep 2018 02:55:40 +0000
Bug 1434943 - Update paths on Windows workers, r=pmoore
8f6014565b91d90ffe67f28a74c4e5cb0d4ab0ec: Bug 1488320 - Cross-version resumption tests, r=ekr
Martin Thomson <martin.thomson@gmail.com> - Tue, 04 Sep 2018 13:30:11 +1000 - rev 14488
Push 3188 by martin.thomson@gmail.com at Thu, 06 Sep 2018 01:34:05 +0000
Bug 1488320 - Cross-version resumption tests, r=ekr This fixes an issue that arises from an interaction between compatibility mode and cross-version resumption in DTLS. The DTLS 1.3 spec has an open PR that makes the spec align with this: https://github.com/tlswg/dtls13-spec/pull/59
36d2e0ea6e9f1d58d80c0b42ad1c50598dce9323: Bug 1486925 - explicitly specify x86 files in freebl_base.gypi; r=mt
Nathan Froyd <froydnj@mozilla.com> - Wed, 29 Aug 2018 12:01:30 -0400 - rev 14487
Push 3187 by martin.thomson@gmail.com at Thu, 06 Sep 2018 01:00:13 +0000
Bug 1486925 - explicitly specify x86 files in freebl_base.gypi; r=mt Just because we're compiling for !x64 on Windows, it does not follow that we are necessarily compiling for x86.
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 tip