531a6a7a9d
Changes required to get the trunk of NSS building on the Mac.
2002-01-09 23:22:23 +00:00
4b50e9da08
Fix 114787 - ssl_recv crashes in client. bogus assert. reviewed by nelson
2001-12-12 21:44:04 +00:00
fe2e2268dc
1) NT need the err= defines, use macros to set it appropriately (or not).
...
2) restore missing sec = function
2001-12-07 02:30:53 +00:00
256cddee89
emulate does not include PORT_ functions, use PR_ASSERT
2001-12-07 02:04:24 +00:00
75f3b7599d
Clean up compilier warnings on Solaris and Linux, most particularly:
...
1) Implicit declaration of function.
2) Possibly unitialized variables.
These warnings have indicated some real problems in the code, so many changes
are not just to silence the warnings, but to fix the problems. Others were
inocuous, but the warnings were silenced to reduce the noise.
2001-12-07 01:36:25 +00:00
3b03ab07c0
Bugzilla bug 111294: make NSS build on QNX6 (Neutrino). The patch was
...
contributed by Dave Inglis <dinglis@qnx.com>. r=wtc.
Modified Files:
coreconf/config.mk coreconf/nsinstall/nsinstall.c
nss/lib/freebl/unix_rand.c nss/lib/ssl/unix_err.c
Added Files:
coreconf/QNX.mk
2001-12-04 18:20:57 +00:00
35f75a1a56
Fixes for OS/2 build
2001-11-22 00:46:48 +00:00
ab7e346965
changes for PSM to compile against NSS shared libraries.
...
Move SSL and S/MIME to the new common MAPFILE usage
2001-11-21 18:00:28 +00:00
6d66aee5ea
Add localCert field to sid cache entry so SSL_LocalCertificate can
...
remember the certs it sent back when it established the SSL session.
Bug 78959. Also, hold on the certs in the received cert chain until
the SSL connection is complete. This makes it easier for applications
to look at the entire cert chain after the handshake is over without
having to write their own custom authCert callbacks. It is backwards
compatible with older NSS SSL applications, but may use more memory.
2001-11-09 05:39:36 +00:00
d2f7dcc16c
Implement new function SSL_LocalCertificate(). Bug 78959.
2001-11-08 02:15:38 +00:00
e27189dd1d
Land BOB_WORK_BRANCH unto the tip.
...
remove lots of depricated files.
move some files to appropriate directories (pcertdb *_rand
associated headers to soft token, for instance)
rename several stan files which had the same name as other nss files.
remove depricated functions.
2001-11-08 00:15:51 +00:00
9740e66d2f
Reimplement SSL_GetChannelInfo. Add new function SSL_GetCipherSuiteInfo().
...
Also, implement new ciphersuite preference order. Bug 78959.
2001-11-02 04:24:28 +00:00
f941ac3116
Put better comments by the table of preconfigured policies.
2001-11-02 04:00:27 +00:00
e5822372e8
Don't crash on SSL2 failures.
2001-10-31 20:03:29 +00:00
874e400e1a
Fix bug 107619. The new DHE_ ciphersuites were enabled by default.
...
Now they are disabled by default, for compatibility with NSS 2.0.
2001-10-30 21:09:47 +00:00
673f014f10
Fix Linux build
2001-10-08 18:49:17 +00:00
80858924e3
Fix for 102251 . Just updating a comment
2001-10-06 00:16:56 +00:00
b163eeba5a
Fix for 102251 . Implement 2-level locking for the SSL session cache to properly support SSL server applications using Windows NT fibers . Also optimize and enhance portability of locking primitives for single-process servers on all platforms by using a PRLock instead of cross-process locks . Reviewed by wtc
2001-10-06 00:14:33 +00:00
a62eec532e
Bugzilla bug 83593: worked around a possible HP-UX B.11.00 bug, where
...
getpeername() occasionally fails with ENOTCONN after a successful
completion of non-blocking connect.
2001-09-25 01:25:41 +00:00
a2bae99930
Add support to TLS for new 128-bit and 256-bit AES ciphersuites. 87021.
2001-09-21 03:07:35 +00:00
d62c65c9a6
Remove dependancy on direct calls inside softoken.
2001-09-20 21:26:40 +00:00
0e45538807
Implement new function SSL_GetChannelInfo(). Bugzilla bug 78959.
2001-09-18 01:59:21 +00:00
4ba020ddd2
Bugzilla bug 94685: deleted the unreferenced label 'no_wrapped_key'.
2001-08-22 23:15:45 +00:00
86f0b37c13
Check to make sure we're still logged into a slot when trying
...
to re-use a client-auth session.
2001-08-22 22:50:26 +00:00
fcc917f873
NSS 3.3 has been renamed NSS 3.4. Two '-' chars should be '+'.
2001-07-03 17:41:19 +00:00
37217ae4f0
Change PR_Writev so it will drive the handshake when len == 0.
...
Patch by John G Myers. Bug 87359.
2001-06-23 00:01:17 +00:00
7aef7b8c79
The environment variable NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT specifies
...
the maximum amount of time to wait before recovering a session cache
mutex (semaphore) from a dead process on Unix.
2001-06-22 03:38:05 +00:00
5b19a40e9e
Fix bug 68869. Don't ignore TLS no certificate messages when the server
...
requires client auth. Work around bug in NT TCP stack by only shutting
down the socket for SEND (not for BOTH) after sending a bad_certificate
alert. This avoids bogus CONNECTION_RESET_BY_PEER errors at the client.
2001-06-13 21:14:54 +00:00
83a08b6967
Don't use PR_Atomic functions on AIX since PPC cpus require memory
...
barrier instructions.
2001-06-12 22:53:00 +00:00
35577f7c85
Add two new functions to permit application tuning of the number of SSL
...
server session cache locks. We may yet decide to back this out for the
NSS 3.3 release. Modified Files: ssl.def ssl.h sslsnce.c
2001-06-12 20:27:12 +00:00
2fb89eeb0a
Use NSPR's Atomic increment and decrement functions in the simulated
...
Posix semaphore code to make the non-contention case really fast.
Modified Files: sslmutex.c sslmutex.h
2001-06-12 01:10:01 +00:00
7ae1c3135d
Reduce warnings on Unix platforms that don't like bitfields in chars.
2001-06-09 19:45:22 +00:00
f41192132c
Fix two bugs found in nightly QA. On Solaris/x86, don't assert that the
...
sid cache entry is a multiple of 8 bytes long. On OSF1, reduce the
maximum number of POSIX semaphores so it doesn't exceed the per-process
limit of 256.
2001-06-09 19:30:21 +00:00
26c1355d94
Change ssl_Time() to use time() instead of PR_Now on systems that have it.
2001-06-09 03:20:13 +00:00
9509618196
3 Changes:
...
1. New SSL server session cache implementation that uses finer grained
locking to reduce lock contention, and does 128-way associative caching.
2. rename symbol SSL_SESSIONID_BYTES to SSL2_SESSIONID_BYTES.
3. Work around compiler bug on Solaris i386.
Modified Files:
manifest.mn sslcon.c sslimpl.h sslsecur.c sslsnce.c
2001-06-09 03:18:09 +00:00
6166732e49
Portable POSIX-like unnamed semaphores that work in process-shared memory.
2001-06-08 02:56:31 +00:00
6bfd47f3e1
Fix bug that caused version number to be wrong in SSL3 client hellos
...
when restarting an SSL3 (not TLS) session. (no bug number)
2001-06-05 00:26:37 +00:00
70ba3f51b2
Bugzilla bug #77199 : Make NSS build under OS/2. Thanks to Javier
...
Pedemonte <pedemont@us.ibm.com> for the patch.
Modified Files:
coreconf/OS2.mk coreconf/rules.mk coreconf/ruleset.mk
nss/lib/freebl/Makefile nss/lib/pkcs12/p12.h nss/lib/ssl/ssl.h
nss/lib/util/secport.h
2001-05-21 21:25:32 +00:00
6b57d89463
Add a workaround for bug 80092. If the last write returned WOULDBLOCK
...
and data is now buffered for sending and the application calls PR_Poll
to poll on read, poll on write also. This way, if the socket becomes
writable, the application's read attempt will send (more of) the buffered
write data.
2001-05-18 20:44:35 +00:00
da41cda585
Only disable Nagle delays on those platforms that benefit from doing so.
2001-05-10 02:37:59 +00:00
975e24163f
Disable TCP Nagle delays on SSL sockets for NSS 3.3. Bug 67898.
...
Modified Files:
ssldef.c sslimpl.h sslsecur.c sslsock.c
2001-05-08 23:12:34 +00:00
e49455a04c
Eliminate cause of assertion failure that occurs when SSL is not the top
...
protocol on the socket's stack.
2001-04-26 21:53:11 +00:00
9bd14a2bc5
Merge in NSS 3.2.1 changes. (VersionCheck function)
2001-04-11 22:52:09 +00:00
f8e2a2a948
Implementation of 5 DHE ciphersuites, client side only.
...
Contributed by Dr Stephen Henson <stephen.henson@gemplus.com>
2001-04-11 00:29:18 +00:00
661c26b99c
Fix a couple of memory leaks that occur in rare error paths.
2001-03-31 02:49:59 +00:00
3ef58c1b72
Fix bug in SSL_ResetHandshake introduced in last checkin.
2001-03-20 00:39:02 +00:00
46c15355d3
Reinterpret the READ and WRITE poll flags depending on the state of the
...
socket and the SSL handshake. Rename the badly named "connected" flag.
Bugzilla bugs 56924, 56926, 66706.
Modified Files:
ssl3con.c sslauth.c sslcon.c ssldef.c sslgathr.c sslimpl.h
sslsecur.c sslsock.c
2001-03-16 23:26:06 +00:00
b22a7c1f09
bug 70992 patches to build 4.2 BSD
2001-03-13 19:02:05 +00:00
ecb09e90e8
Modify ssl_FindSocket() to set error PR_BAD_DESCRIPTOR_ERROR when it
...
cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
prelib.c sslauth.c sslsecur.c sslsock.c
2001-02-09 02:11:31 +00:00
7dcf6f9722
Make SSL API consistent in using SECStatus as return value for functions
...
that return only values in that enumeration. Bug 68097. R&A = relyea.
Modified Files:
lib/ssl/ssl.h lib/ssl/sslauth.c lib/ssl/sslsecur.c
lib/ssl/sslsnce.c lib/ssl/sslsock.c cmd/selfserv/selfserv.c
cmd/strsclnt/strsclnt.c
2001-02-09 00:32:14 +00:00
javi%netscape.com
jpierre%netscape.com
relyea%netscape.com
wtc%netscape.com
nelsonb%netscape.com