security/certverifier/CertVerifier.cpp
6f3709b3878117466168c40affa7bca0b60cf75b
created 2018-11-30 11:46 +0100
pushed 2019-01-21 12:33 +0000
Sylvestre Ledru Sylvestre Ledru - Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
432a98e50d2bfab224328254266069aef1a474cc
created 2018-10-02 14:59 +0200
pushed 2018-12-03 15:51 +0000
Franziskus Kiefer Franziskus Kiefer - Bug 1479787 - use NSS mozpkix in Firefox, r=mt,keeler,glandium
cec74a3c6a5cf518f175ba9d7903e5dd66f25cc8
created 2018-10-01 16:20 +0000
pushed 2018-12-03 15:51 +0000
Dana Keeler Dana Keeler - Bug 1493788 - remove other mozilla-specific dependencies from certificate transparency implementation r=jcj
f1a361f8d51d87a77b18483020d3bc4d67b46d56
created 2018-10-01 20:27 +0000
pushed 2018-12-03 15:51 +0000
Dana Keeler Dana Keeler - Bug 1493788 - convert mozilla::Vector to std::vector in certificate transparency implementation r=jcj
73325580ec50b11f94dc7300c1df77596e8e814b
created 2018-06-20 16:43 -0700
pushed 2018-10-15 10:40 +0000
David Keeler David Keeler - bug 1470030 - convert manually-written nsINSSComponent definition to idl r=fkiefer
b54db66223586b4e04f5cb926fccdacf8a176b91
created 2018-05-30 21:15 +0200
pushed 2018-08-24 17:02 +0000
Emilio Cobos Álvarez Emilio Cobos Álvarez - Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
47d306cfac90a964882781e135cc70b3359b7a95
created 2018-04-23 18:09 +0200
pushed 2018-08-24 17:02 +0000
David Keeler David Keeler - bug 1456489 - prevent making OCSP requests on the main thread r=fkiefer,jcj
9f177350741f5dfd072f66b2597e90539919ba8e
created 2018-03-16 11:36 +0100
pushed 2018-06-18 21:12 +0000
Franziskus Kiefer Franziskus Kiefer - Bug 1450967 - mitm detection v0.0.1, r=keeler,johannh
17e7971cb125034bb7b603804113cedfdb6db0ab
created 2018-03-29 11:51 +0200
pushed 2018-06-18 21:12 +0000
Franziskus Kiefer Franziskus Kiefer - Bug 1448787 - separate error for self-signed certs, r=keeler,johannh
f88944c6ae0d2f8d204f8489540823e7f2e697a5
created 2018-03-14 14:01 -0700
pushed 2018-04-26 16:43 +0000
J.C. Jones J.C. Jones - Bug 1444440 - Ensure the correct error is emitted for policy distrusts. r=keeler, a=jcristau
53f2c8abb352ff7986b9c59072226a7d8fdedbd4
created 2018-02-27 16:04 -0700
pushed 2018-04-26 16:43 +0000
J.C. Jones J.C. Jones - Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler
b15691743aba624c320246fb696b980abc360b0e
created 2017-09-28 14:27 -0700
pushed 2018-01-11 17:45 +0000
David Keeler David Keeler - bug 1381154 - remove smartcard monitoring threads r=jcj,mgoodwin
efebd70a62b5bf7b42253be5d93e0d49c526af72
created 2017-10-02 16:24 -0700
pushed 2018-01-11 17:45 +0000
David Keeler David Keeler - bug 1257362 - remove the code-signing usage from certverifier as nothing uses it r=Cykesiopka
1f50f6c0e56ce1568acf6e6f4d954b51a9570be2
created 2017-10-05 00:36 +0200
pushed 2018-01-11 17:45 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset ee6479d783a6 (bug 1257362) for sometimes failing security/manager/ssl/tests/mochitest/browser/browser_certViewer.js, at least on Linux x64 debug. r=backout on a CLOSED TREE
ee6479d783a60ad7ba4aad54a50bc8c1d77a894e
created 2017-10-02 16:24 -0700
pushed 2018-01-11 17:45 +0000
David Keeler David Keeler - bug 1257362 - remove the code-signing usage from certverifier as nothing uses it r=Cykesiopka
a189001e988683bac65a2ef910f903d69a263c3f
created 2017-09-22 15:42 -0700
pushed 2018-01-11 17:45 +0000
David Keeler David Keeler - bug 1257403 - don't bother verifying CA or email certificates when importing r=Cykesiopka
11b46d2109c423c10ad890282acd9da08c00a409
created 2017-09-18 10:28 -0700
pushed 2017-11-02 12:36 +0000
David Keeler David Keeler - bug 1400913 - back out the functionality changes from bug 1364159 (but keep the test) r=jcj
ad20fd5faada2aedfea3e290c7501b8f6edff3c3
created 2017-06-08 16:10 -0700
pushed 2017-11-02 12:36 +0000
David Keeler David Keeler - bug 1372656 - load loadable roots on a background thread r=Cykesiopka,jcj
c263f45e41cea8b6014db61d0584bd123604d695
created 2017-06-03 13:35 +0800
pushed 2017-07-31 14:08 +0000
Cykesiopka Cykesiopka - Bug 1368107 - Remove TransportSecurityInfo::GetHostNameRaw(). r=keeler
600b709c2634cfd9d57f0eefd56af8d1200791c9
created 2017-05-11 16:41 -0700
pushed 2017-07-31 14:08 +0000
David Keeler David Keeler - bug 1364159 - potentially avoid calling CERT_CreateSubjectCertList in NSSCertDBTrustDomain::FindIssuer r=Cykesiopka,jcj
d0e27739f47519e531fd86e2f594a2c955751a51
created 2017-03-31 15:21 -0700
pushed 2017-07-31 14:08 +0000
David Keeler David Keeler - bug 1352262 - make OCSP timeout values configurable r=Cykesiopka,jcj
df65d15b648daef67f1a76987c21f4fe9b23bdb7
created 2017-02-24 12:32 -0800
pushed 2017-06-05 19:31 +0000
David Keeler David Keeler - bug 1294580 - prevent end-entity certificates from being their own trust anchors r=Cykesiopka
37a4221a05122c908f37c24f40bc7bc4946a151f
created 2017-02-22 15:07 -0800
pushed 2017-06-05 19:31 +0000
David Keeler David Keeler - bug 1341905 - double-check that uses of CERT_LIST_* are safe in PSM r=jcj
7ded5e348dad0bc2ed8f820ccd831b1fe6a6adb3
created 2017-02-22 18:02 +0100
pushed 2017-06-05 19:31 +0000
Kai Engert Kai Engert - Bug 1324096, PSM should check the roots module for a flag, that allows to distinguish between Mozilla-CA-Policy CAs and other CAs, r=dkeeler
495b8a307555744c3b8320098a4e526b9bc6404e
created 2016-12-15 20:16 -0700
pushed 2017-06-05 19:31 +0000
Tom Tromey Tom Tromey - Bug 1060419 - make log_print use Printf.h, r=froydnj
9faf10e794e61d45e42246f101681ceb9f10cced
created 2017-01-09 08:22 +0200
pushed 2017-06-05 19:31 +0000
Sergei Chernov Sergei Chernov - Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler
75e0388a1c2ba34871f4e9b6bc3d4f372cc7fd70
created 2017-02-24 09:40 -0800
pushed 2017-04-10 20:44 +0000
David Keeler David Keeler - Bug 1341905 - double-check that uses of CERT_LIST_* are safe in PSM r=jcj a=gchang
8fe52da5cb90209689b41879843ba93f6acda884
created 2017-01-12 17:38 +0100
pushed 2017-04-10 20:44 +0000
Andrea Marchesini Andrea Marchesini - Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby
75a82021c03e5c4e9ff12e26edea7e170ba57eb7
created 2017-01-10 14:48 -0800
pushed 2017-04-10 20:44 +0000
David Keeler David Keeler - bug 1330043 - disable SHA-1 in signatures on certificates issued by publicly-trusted roots r=jcj
9957c63c664df44054c7930a5632ba9e07af3f55
created 2017-01-02 14:11 +0800
pushed 2017-04-10 20:44 +0000
Cykesiopka Cykesiopka - Bug 1325107 - Stop using PR_ASSERT() in PSM. r=mgoodwin
676ca54f13dbfbab36e40b1bbc0e42416c6a3ea8
created 2016-12-14 20:10 +0800
pushed 2017-04-10 20:44 +0000
Cykesiopka Cykesiopka - Bug 1313715 - Avoid unnecessary uses of PR_SetError() under security/apps/ and security/certverifier/. r=keeler
adf193b5d6c9ce92b05a9370e8b4a5699bae537a
created 2016-11-29 22:51 +0200
pushed 2017-04-10 20:44 +0000
Sergei Chernov Sergei Chernov - Bug 1317951, part 2 - Certificate Transparency - basic support for disqualified logs. r=keeler
0d8eb74cce6f781c95d84c875b6f94dd6a29c305
created 2016-11-23 15:37 +0200
pushed 2017-04-10 20:44 +0000
Sergei Chernov Sergei Chernov - Bug 1317951, part 1 - Certificate Transparency - extracted verification related fields from SCT to a separate struct. r=keeler
80a39e170b4106eae2d15d56ff10d1d0a5feb84b
created 2016-11-14 18:26 +0800
pushed 2017-04-10 20:44 +0000
Jonathan Hao Jonathan Hao - Bug 1315143 - Make OCSP use Origin Attribute framework (PSM). r=Cykesiopka,keeler
eaefbcd7fd7fc85551dc57b1a3c14f3d0bfcd772
created 2016-11-14 12:52 +0100
pushed 2017-04-10 20:44 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 81a11a25d25d (bug 1315143)
68157e467e6c5e7b14cac0002610d271ac2d9610
created 2017-02-24 09:36 -0800
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - Bug 1341905 - double-check that uses of CERT_LIST_* are safe in PSM on a CLOSED TREE r=jcj a=jcristau
3aaf82595ea5f1b6270741b70f4a394103a4150a
created 2017-01-10 14:48 -0800
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - Bug 1330043 - Disable SHA-1 in signatures on certificates issued by publicly-trusted roots. r=jcj, a=jcristau
c916ea845d3653d33cfcbcb9441bd4242c7b37de
created 2016-11-14 18:26 +0800
pushed 2017-02-27 14:59 +0000
Jonathan Hao Jonathan Hao - Bug 1315143 - Make OCSP use Origin Attribute framework (PSM). r=Cykesiopka,keeler a=jcristau
6810346363585085e260d47a58cf5b7d58542d44
created 2016-09-30 18:08 -0700
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - bug 1227638 - deterministically load EV information r=Cykesiopka,mgoodwin
ae2a347924822bf4b55bd45e0825820dfcc66be8
created 2016-10-04 16:49 +0800
pushed 2017-02-27 14:59 +0000
Jonathan Hao Jonathan Hao - Bug 1264562 - Part 4: Instantiates an NSSCertDBTrustDomain containing the first party domain (adapted from Tor Browser patch #13670) r=keeler
9fa614d8310db9aabe85cc3c3cff6281fe1edb0c
created 2016-10-17 15:08 -0700
pushed 2017-02-27 14:59 +0000
Wes Kocher Wes Kocher - Backed out changeset 003ec40aa484 (bug 1227638) for android Cpp failures a=backout
003ec40aa48433d748cacfcd7baf82d6347db407
created 2016-09-30 18:08 -0700
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - bug 1227638 - deterministically load EV information r=Cykesiopka,mgoodwin
12c51a960f265258615dcb04304509d8499bb975
created 2016-10-10 15:44 +0800
pushed 2017-02-27 14:59 +0000
Cykesiopka Cykesiopka - Bug 1296317 - Stop calling PR_SetError() in VerifyCert() and VerifySSLServerCert(). r=keeler
50143dbdcb47bf47c8827c8777b0e11e92e25418
created 2016-08-11 13:41 +0300
pushed 2017-02-27 14:59 +0000
Sergei Chernov Sergei Chernov - Bug 1293231 - Certificate Transparency - basic telemetry reports; r=Cykesiopka,keeler
5436f8c05f6d05eaf561cba34c845b0328e949df
created 2016-09-14 15:11 -0700
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - bug 1302140 - add policy to disable SHA-1 except for certificates issued by non-built-in CAs r=jcj,rbarnes
d8b95e0d8843fd08aebefe39b102b99291610c91
created 2016-09-21 20:47 +0200
pushed 2017-02-27 14:59 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 2df66e8b7411 (bug 1302140) for Windows build bustage in CertVerifier.cpp. r=backout on a CLOSED TREE
2df66e8b7411fa3f7a998f9d87dc967371577c17
created 2016-09-14 15:11 -0700
pushed 2017-02-27 14:59 +0000
David Keeler David Keeler - bug 1302140 - add policy to disable SHA-1 except for certificates issued by non-built-in CAs r=jcj,rbarnes
43c724bde81cd7dbd154e8741da017b86c43cdbd
created 2016-09-14 15:11 -0700
pushed 2017-01-16 13:07 +0000
David Keeler David Keeler - Bug 1302140 - add policy to disable SHA-1 except for certificates issued by non-built-in CAs r=jcj,rbarnes a=gchang
cb23a7c310c8184550a84a3eef40a3adbef77781
created 2016-09-08 20:46 +0800
pushed 2017-01-16 13:07 +0000
Cykesiopka Cykesiopka - Bug 1274135 - Replace char_ptr_cast() and uint8_t_ptr_cast() with mozilla::BitwiseCast. r=keeler,valentin
2b13fe2601d7369f8373756e94f4dc9a170d62b3
created 2016-09-07 20:52 -0400
pushed 2017-01-16 13:07 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out changeset db5d2a3899c0 (bug 1274135) for bustage.
db5d2a3899c084e73c49de970575f02dde5ccea2
created 2016-09-01 15:58 +0800
pushed 2017-01-16 13:07 +0000
Cykesiopka Cykesiopka - Bug 1274135 - Replace char_ptr_cast() and uint8_t_ptr_cast() with mozilla::BitwiseCast. r=keeler,valentin
f615741c86eed245173be02078053f4801403ba4
created 2016-09-02 10:45 +0200
pushed 2017-01-16 13:07 +0000
Cykesiopka Cykesiopka - Bug 1256302 - Remove CertVerifier::InitCertVerifierLog(). r=jcj
50a6f462a97c39f473455a8fa496134e8a606f8a
created 2016-06-23 15:43 -0700
pushed 2016-10-31 18:13 +0000
David Keeler David Keeler - bug 1272858 - use a name-agnostic method to find the built-in root PKCS#11 slot r=Cykesiopka
8b2fb1aabf141e0c9f9d1f75af9b130c56733217
created 2016-05-05 16:11 -0700
pushed 2016-09-05 20:01 +0000
David Keeler David Keeler - bug 982932 - only allow Netscape-stepUp to be used for serverAuth for old CA certificates r=Cykesiopka,jcj
6fc34759465ee7246858c63d090270797cd1f220
created 2016-05-05 14:56 -0700
pushed 2016-09-05 20:01 +0000
Cykesiopka Cykesiopka - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. r=keeler
9c98c0300a89bfe655a1213c91ceb57c517e8bf7
created 2016-04-20 01:14 -0700
pushed 2016-07-25 16:35 +0000
Cykesiopka Cykesiopka - Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. r=keeler
dc40f46fae4832e4ff2e15e1034c40a96bf1851c
created 2016-02-09 10:14 -0800
pushed 2016-07-25 16:35 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin
8772f2293eaba94a6890eadb525711e5d11ebf63
created 2016-03-28 12:52 -0700
pushed 2016-07-25 16:35 +0000
David Keeler David Keeler - bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r=jcj
c61726fe9e644fa8269e5daafbaa4520d55983ac
created 2016-03-29 16:38 -0700
pushed 2016-07-25 16:35 +0000
Wes Kocher Wes Kocher - Backed out changeset 3ff2b12ffedc (bug 1254667) for upsetting the test_ocsp_caching.js gods on android CLOSED TREE
3ff2b12ffedc9e74d01013d685ab5a07d7c9f87b
created 2016-03-28 12:52 -0700
pushed 2016-07-25 16:35 +0000
David Keeler David Keeler - bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r=jcj
less more (0) -100 -60 tip