d0f309943a
Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 13:37:00 +00:00
274ef7cd49
Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 01:22:31 +00:00
5d8bd61334
Fix crashes in NSS_CMSSignedData_GetDigestValue and
...
NSS_CMSContentInfo_GetContent that occur when a detached signature is not
accompanied by the data on which the signature was computed. Bug 229242.
Make NSS_CMSContentInfo_GetInnerContent and NSS_CMSMessage_GetContent
more easily debugged, by storing the results returned by function calls
in automatic variables before using them in subsequent calls/switches.
2004-01-07 00:09:17 +00:00
6a63299667
Bug 229193
...
Patch by wtc revied by relyea & ian
2003-12-31 23:19:26 +00:00
c54ac86e5f
Fix the security warning dialogs to work as designed for Firebird:
...
- All dialogs will appear the first time a user encounters them
- The "show every time" checkbox will default to off
- If the user checks the checkbox to see the dialogs every time, the choice will be remembered.
Because of the change in default prefs, this will cause Firebird users to see these dialogs again (but defaulted to not show after that) when upgrading. Bug 172091, r=brendan, sr=ben.
2003-12-31 23:03:08 +00:00
144c518d7a
Set NSS version to 3.9 Beta 6.
2003-12-24 06:22:49 +00:00
1550e4ab3e
Removed unused variable 'val'.
2003-12-23 21:40:52 +00:00
0ea554f2f9
Fixed unused variable compiler warning about 'html'. Declare it inside
...
the same ifdef with which it is used.
2003-12-23 21:37:07 +00:00
34519e6ab3
Removed unused variable 'rawSigLen'.
2003-12-23 21:24:01 +00:00
11c67b98af
Removed unused variable 'attribute'.
2003-12-23 21:21:39 +00:00
60cf880826
Include "nsslocks.h" for nss_InitLock.
2003-12-23 02:09:55 +00:00
5bfcd81514
Declare the argument to SECKEY_ECParamsToKeySize as const.
...
Modified Files: seckey.c pk11skey.c
2003-12-23 02:05:28 +00:00
95e1ce0279
Bugscape bug 54500: trim preceding/trailing whitespace from passed-in
...
String arguments.
2003-12-23 01:19:48 +00:00
09584fb9f9
Return a value of the correct type.
2003-12-23 01:03:39 +00:00
290a965230
Fixed a spelling error.
2003-12-23 00:52:06 +00:00
0433b41c3b
Moved ecl-curve.h from the EXPORTS to the PRIVATE_EXPORTS list.
2003-12-23 00:17:04 +00:00
79387320b7
Renamed SECKEY_ECParams2KeySize as SECKEY_ECParamsToKeySize. Do not export
...
this function from the nss3 shared library.
Modified Files: seckey.c pk11skey.c nss.def
2003-12-22 23:36:40 +00:00
7adfc17d1d
Declare the 'input' argument to CERT_DecodeTimeChoice as 'const'. Removed
...
an extraneous semicolon (;) after the SEC_ASN1_CHOOSER_IMPLEMENT macro.
Modified Files: secder.h sectime.c
2003-12-22 23:33:39 +00:00
4b807fd2b8
Bugzilla bug 228907: added a stub implementation for the obsolete native
...
function Java_org_mozilla_jss_pkcs11_PK11Cert_getNickname, which is listed
in the symbol export file jss.def.
2003-12-20 15:56:11 +00:00
76bb8f646c
Some further cleanup of p12d.c. Bugscape bug 52528. r=wtc.
2003-12-20 01:33:06 +00:00
7905ca6b6f
Set NSS version to 3.9 Beta 5.
2003-12-20 00:35:01 +00:00
9ccb6b87c5
Made wincx the last argument of PK11_PubDeriveExtended. r=relyea.
...
Modified Files: pk11func.h pk11skey.c ssl3con.c
2003-12-19 23:54:29 +00:00
312061509b
Impose new limits on RSA public key sizes. 8k bits for modulus,
...
64 bits for public exponent. This prevents certain attacks on SSL
servers. Bugscape bug 54019. r=wtc,relyea.
2003-12-19 23:50:45 +00:00
010acd81c1
PK11_MoveKey was renamed PK11_MoveSymKey. r=relyea.
...
Modified Files: symkeyutil.c nss.def pk11func.h pk11skey.c
2003-12-19 23:29:43 +00:00
6e767fb4eb
Make database access to the key db thread safe.
2003-12-19 23:24:48 +00:00
8ec4937462
Add keydb lock type. keydb should be locked like the certdb.
2003-12-19 23:24:00 +00:00
5014045f8c
Backed out the previous checkin, which broke our S/MIME QA tests.
2003-12-19 22:54:20 +00:00
fac46295ff
Bugzilla bug 228624: we need to call STAN_ForceCERTCertificateUpdate if
...
the cert's instances changed. r=relyea.
2003-12-19 22:33:12 +00:00
64276531dd
Bugscape bug 54627: made the fix for NSS_CMSSignedData_Encode_BeforeData
...
the same as the code in NSS_CMSSignedData_Decode_BeforeData. r=nelsonb.
2003-12-19 22:08:12 +00:00
c367aa403a
Bugscape bug 54500: Improved the previous checkin: fixed leaks of the
...
return values of PK11_GetSymKeyNickname. Removed unnecessary assignment
statements "symKeyObj = NULL;". Removed an unnecessary else { }.
2003-12-19 19:36:30 +00:00
deb29c8f1f
Import NSPR 4.4.1.
2003-12-19 17:02:57 +00:00
4a54a29151
Bugzilla bug 221133: fixed unused variable warning on some platforms.
...
The patch is contributed by timeless@bemail.org . r=wtc.
2003-12-19 16:35:14 +00:00
ec5678ff34
Bugscape bug 54500: added some new methods to the SecretDecoderRing
...
KeyManager class. The patch is contributed by Matthew Harmsen of AOL.
Modified Files:
lib/jss.def org/mozilla/jss/SecretDecoderRing/KeyManager.c
org/mozilla/jss/SecretDecoderRing/KeyManager.java
2003-12-19 05:33:50 +00:00
546a8a6e87
Set JSS version to 3.5 Beta.
...
Modified Files:
org/mozilla/jss/CryptoManager.java
org/mozilla/jss/util/jssver.h
2003-12-19 05:08:34 +00:00
70470925e0
Don't overwrite pointers to existing message digests if they've been
...
precomputed. Bugscape bug 54627. r=wtc, jpierre.
2003-12-19 03:58:28 +00:00
a08b14e07e
Bugzilla bug 228907: enable PK11Store.getCertificates to return the correct
...
nicknames for certs with multiple instances. This requires adding a new
nickname argument to the constructors of the various cert classes and
passing a nickname better than NSS's cert->nickname where possible.
r=thomask.
Modified Files:
pkcs11/PK11Cert.c
pkcs11/PK11Cert.java
pkcs11/PK11InternalCert.java
pkcs11/PK11InternalTokenCert.java
pkcs11/PK11Store.c
pkcs11/PK11TokenCert.java
pkcs11/pk11util.h
util/java_ids.h
2003-12-19 00:19:57 +00:00
8bfb2f97fd
Set NSS version to 3.9 Beta 4.
2003-12-18 21:45:34 +00:00
991ddf2ba6
Bugzilla bug 228624: made PK11_ListCertsInSlot reach into the Stan layer
...
to obtain the correct nicknames of the cert instances (pk11cert.c). Fixed
the bug that if a cert we want to add the the cache is already in the
cache, we should merge the instances of the cert before destroying the
duplicate cert (tdcache.c). r=jpierre,relyea.
2003-12-18 18:23:17 +00:00
ec4dda5d19
Bugzilla bug 219982: removed an unused local variable. (The function call
...
is needed for its side effect.) Thanks to timeless@bemail.org and
Serge GAUTHERIE <gautheri@noos.fr> for the patch. r=wtc.
2003-12-17 22:43:25 +00:00
634bb98533
Allow NSS_CMSDigestContext objects to be created, even when there are
...
no valid digest algorithm OIDs. This allows "certs only" messages to
be decoded. Bugzilla bug 228707. r=jpierre, wtc.
2003-12-17 03:49:10 +00:00
e3cda94421
Bugzilla bug 228618: fixed an incorrect use of realloc. Fixed an unused
...
variable compiler warning. r=jpierre.
2003-12-16 04:24:57 +00:00
b41986df1b
Fix S/MIME bugs that caused parallel arrays of digest OIDs and digest
...
values to become out of sync. Bugscape bug 54256. r=relyea.
Modified Files: cmd/smimetools/cmsutil.c lib/smime/cmsdigest.c
2003-12-12 23:55:06 +00:00
3331d24ed7
Fix for 54061 . Return SEC_ERROR_INVALID_ARGS and remove assertions . r=wtc,misterssl
2003-12-12 21:42:02 +00:00
cbcce6aa7e
fixes bug 228062 "NTLM authentication fails with mod_ntlm, mod_ntlm reports 'missing/corrupt NTLM header'" r+sr=bryner a=dbaron
2003-12-12 02:58:42 +00:00
ec74b37f9f
fix 227991, nsNSSCertificateDB::AddCertFromBase64 crashes (only used from auto config), r=kaie, sr=mscott, a=sspitzer
2003-12-11 16:02:08 +00:00
fff428a34a
CERT_ImportCerts now returns SECFailure when NONE of the certs was succesfully imported. r=wtc. Bugscape bug 54311.
2003-12-06 06:52:53 +00:00
7ed9720eb2
__CERT_AddTempCertToPerm will now set error SEC_ERROR_ADDING_CERT
...
when attempting to make a cert perm that is already permanent.
Bugzilla bug 227559. r=wtc
2003-12-06 06:46:27 +00:00
87f5c7ded0
NSC_Finalize will now destroy 3 softoken free lists and one more
...
global pointer. Plugs some memory leaks. Bugscape bug 54301. r=wtc
2003-12-06 06:41:51 +00:00
6f425d9730
Add /FIXED:NO argument to linker command line for EXEs. Purify
...
requires this to precisely instrument EXEs. r=wtc
2003-12-06 06:34:20 +00:00
2b4825491c
Add new -k option to NSS QA test program cmsutil. By default, cmsutil
...
will no longer add any decoded certs to the cert db file, which is
useful for reproducibility of results in QA scripts.
Bugscape bug 54293. r=relyea,jpierre,wtc
2003-12-06 06:31:08 +00:00
2483a508a7
Bugzilla bug 227296: fixed the bug that NSS_CMSAttribute_AddValue adds the
...
address of a stack variable to the attr->values array. Added a new
function SECITEM_ArenaDupItem. r=nelsonb.
Modified Files:
nss/nss.def util/secitem.c util/secitem.h smime/cmsarray.c
smime/cmsattr.c
2003-12-06 01:16:50 +00:00
265f6a9b37
Further simplification and improvement of the parsing of UTCTime
...
and GeneralizedTime to avoid UMRs. Bugscape bug 54198. r=wtc
2003-12-05 04:53:28 +00:00
b87fc256c1
NSS_CMSContentInfo_Destroy()
...
- The patch destroys the digest context member of the CMSContentInfo.
It calls the previously unused function NSS_CMSDigestContext_Cancel
to destroy the digest context. Eliminates an object reference leak.
Bugscape bug 54208, r=relyea
2003-12-04 00:39:24 +00:00
697b57f151
In functions NSS_CMSSignedData_Encode_AfterData and
...
NSS_CMSSignedData_Decode_AfterData
- These functions call NSS_CMSDigestContext_FinishMultiple, which
always destroys the digest context, regardless of whether it returns
SECSUccess or SECFailure. So, change these functions to always NULL
out the context pointer regardless of the returned value.
NSS_CMSSignedData_VerifySignerInfo()
- Always call NSS_CMSSignerInfo_Verify() to set the verification status
in the signerinfo object, even if some of the other arguments are NULL,
or other failures have occurred, but avoid NULL pointer dereferences
along the way. Notice that this change is dependent on changes to
NSS_CMSSignerInfo_Verify() (see below.)
NSS_CMSSignedData_SetDigests() - skip over missing digests. Don't fail
the function, and don't crash, if digest pointers are NULL.
Bugscape bug 54208, r=relyea
2003-12-04 00:36:47 +00:00
8a0ca297e4
Functions NSS_CMSDigestedData_Encode_AfterData and
...
NSS_CMSDigestedData_Decode_AfterData
- Since NSS_CMSDigestContext_FinishSingle always destroys the context,
regardless of whether it returns SECSuccess or SECFailure, these
functions have been changed to always NULL out the context pointer
after calling NSS_CMSDigestContext_FinishSingle, regardless of the
outcome.
Bugscape bug 54208, r=relyea
2003-12-04 00:35:02 +00:00
d0960c05d3
There is a lot of "cleanup" in this file, wrapping source at 80 columns.
...
The relevant fixes for this bug include:
NSS_CMSDigestContext_StartMultiple()
- make sure that cmsdigcx->digcxs and cmsdigcx->digobjs are initialized.
- at the "loser" label, be sure to free the digest context itself.
NSS_CMSDigestContext_Cancel()
- after destroying all the objects, free the arrays of pointers to the
objects, and the digest context itself. Previously these items were
leaked by this function.
NSS_CMSDigestContext_FinishMultiple()
- ensure that this function ALWAYS destroys all the NSS digest objects,
and doesn't stop destroying them if it encounters an error. Note that
this is a newer revision of an older patch for that problem.
- always Free the arrays of pointers used in this object.
NSS_CMSDigestContext_FinishSingle()
- simplify this code.
Bugscape bug 54208, r=relyea
2003-12-04 00:32:18 +00:00
f6f1a0d2e4
NSS_CMSSignerInfo_Verify()
...
- This function is changed to explicitly allow some of its input arguments
to be NULL. It will set the verification status in the CMSSignerInfo
object accordingly. Since this is the ONLY function that ever sets the
verification status, it must be able to do so even when problems have
occurred.
- lots of cleanup of this source code.
Bugscape bug 54208, r=relyea
2003-12-04 00:29:31 +00:00
874fa3a93d
Add null pointer checks to nss_cms_after_end and NSS_CMSEnvelopedData_Decode_AfterData. Bugscape bug 54061. r=wtc,relyea
...
Lots of code "cleanup" (reformatting for 80 columns) in cmsdecode.c
2003-12-04 00:14:24 +00:00
e4d53231f8
Avoid UMRs in dertime.c. Bugscape bug 54198. r=wtc.
2003-12-03 04:03:40 +00:00
e6c9ba62d7
Fix for 54061 - null pointer check . r=nelsonb
2003-12-03 02:42:08 +00:00
80462e9cb1
Bugscape bug 54021: in CERT_FindSubjectKeyIDExtension, if PORT_NewArena
...
fails we should return SECFailure. Document that the return values of
CERT_GetCommonName and NSS_CMSSignerInfo_GetSignerCommonName must be freed
with PORT_Free. r=nelsonb.
Modified Files:
certdb/alg1485.c certdb/cert.h certdb/certv3.c smime/cms.h
smime/cmssiginfo.c
2003-12-03 00:09:05 +00:00
d5582721b7
Separate locale version from Mozilla version so we do not have to bump locale version for every release. b=226377 r=kairo, bsmedberg sr=ben a=asa
2003-12-02 23:22:11 +00:00
e5c708bb65
Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb
2003-12-02 05:46:27 +00:00
7eef555978
Fix for 54088 . Don't try to encode attributes with no value. r=wtc
2003-12-02 05:05:30 +00:00
02198fd686
Bound stan error stack at 16 error codes to limit growth.
...
Bugscape bug 54021. r=wtc.
2003-12-02 02:05:47 +00:00
cb7164249f
Reverted to NSPR 4.3 until Sun has NSPR 4.4.1 binary distributions.
2003-11-28 05:41:42 +00:00
785b886515
Detect invalid input buffer lengths, and return error instead of UMR>
...
Bugscape bug 54021. r=wchang0222
2003-11-27 05:08:20 +00:00
13f3e6fa94
Fix leak in CERT_FindSubjectKeyIDExtension, and use the Quick DER
...
decoder. Bugscape bug 54021. r=jpierre
2003-11-27 05:06:20 +00:00
1731be9206
Upgraded to NSPR 4.4.1.
2003-11-27 01:43:15 +00:00
931071736c
Clean up some arithmetic used for UCS4. Detect when UCS2 and UCS4
...
buffers have invalid lengths. Bugscape bug 54021. r=whang0222, relyea
2003-11-27 01:08:59 +00:00
dcc1fa5880
Bugzilla bug 226861: removed NSS_CMSSignedData_GetDigestByAlgTag, which is
...
a duplicate of NSS_CMSSignedData_GetDigestValue. r=nelsonb.
Modified Files: cms.h cmssigdata.c
2003-11-26 23:50:02 +00:00
1c7b6a8ea4
In NSS_CMSSignedData_VerifySignerInfo(), test all returned pointers
...
for NULL before attempting to dereference them.
Bugscape bug 54057. r=wchang0222
2003-11-26 22:02:38 +00:00
36fc65a627
Performance enhancement. Detect absurdly large modulae in public keys,
...
and don't waste time on them. Bugscape bug 54019. r=relyea.
2003-11-26 06:26:31 +00:00
d596531040
Remove an unnecessary and incorrect assert call.
...
Bugscape bug 54018. r=jpierre
2003-11-26 06:16:01 +00:00
8cc8dfcdf3
This patch reduces the scope of many variables in cmsutil's decode function. It frees the signer's CN string after use.
...
Bugscape bug 54021. r=jpierre
2003-11-25 23:26:39 +00:00
2c0d2708f3
fixes bug 226639 "send NegotiateAlwaysSign in NTLM type 1 message to make NetApp/6.3.3 happy" r+sr=bryner a=dbaron
2003-11-25 02:12:41 +00:00
86e2d2c45d
Bugzilla bug 226470: removed -qarch=com, which is the default for the
...
compiler. r=pkw@us.ibm.com .
2003-11-24 19:45:18 +00:00
034bf93de9
Bugzilla bug 226470: use a C compiler rather than a C++ compiler to compile
...
C code. The patch is contributed by Philip K. Warren <pkw@us.ibm.com>.
2003-11-22 06:45:50 +00:00
20abf0c0aa
Don't invoke PKCS11 with an invalid handle. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:10:56 +00:00
d3382c6ffe
Remove an overreaching constraing on modulus length. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:09:27 +00:00
0fa7d0adc8
Implement new "batch mode" (see the -b option). Plug some leaks.
...
Facilitates memory leak testing of the SMIME library.
This revision combines the patches for Bugzilla bug 225513 and
Bugscape bug 53775. r = relyea and wchang0222
2003-11-20 02:33:18 +00:00
52dffd46a8
Don't accept ASN.1 items whose length is 2GB or more.
...
Bugscape bug 53875. r=wchang0222 and r=relyea.
2003-11-20 02:08:34 +00:00
67d78ccfb9
Dont attempt to allocate 2GB or more from an arenapool.
...
Bugscape bug 53875. r=relyea.
2003-11-20 02:06:16 +00:00
511a262edc
Remove as assertion that is triggered by bad data input, but does not
...
indicate a code flaw. Bugscape bug 53875. r=relyea
2003-11-20 02:04:07 +00:00
75ca774270
Be sure not to ask NSS to use an invalid PKCS11 mechanism.
...
Bugscape bug 53875. r=relyea.
2003-11-20 02:00:04 +00:00
b79aed8a42
Plug a leak that occurs when code asks NSS to use an invalid PKCS11
...
mechanism. Bugscape bug 53875. r=relyea
2003-11-20 01:59:07 +00:00
d7ce33ed84
fix two "might be used uninitialized" warnings from NTLM patch, bug=224653.
2003-11-19 05:00:43 +00:00
eb21d36254
near total rewrite of PK11_ParamFromAlgid to eliminate leaks.
...
Partial fix for Bugscape bug 53875.
2003-11-19 03:23:41 +00:00
c7610ca80e
Bugzilla bug 222568: fixed a bug introduced in rev. 1.54.
2003-11-19 01:38:26 +00:00
604c4a98c3
Turns out that we can use a space to separate directories in a vpath
...
directive. This works cross platform.
2003-11-19 01:12:31 +00:00
069f394fa8
Fix bugs in the new implementation of URI name constraints.
...
Bugzilla Bug 221616.
2003-11-19 00:56:59 +00:00
f2fe58e2e0
Removed the declaration and a comment about PK11_FreeSlotCerts, which was
...
deleted in NSS 3.4.
Modified Files: pk11func.h pk11slot.c
2003-11-19 00:14:04 +00:00
c4ce0736e8
Fix unnecessary assertion failures occuring in SMIME testing in
...
debug builds only. Partial fix for bugscape bug 53775. r=wchang0222
2003-11-18 06:16:26 +00:00
cf0793aa0b
revert part of last checkin.
2003-11-18 05:57:28 +00:00
a0dd5e04d1
attempting to fix IRIX bustage
2003-11-18 05:56:08 +00:00
157dedc0c2
Most platforms use ':' as path separator, but OS/2 uses ';'. So we use
...
vpath directivies that specify a single directory to avoid dealing with
path separator.
2003-11-18 04:04:05 +00:00
f142a6ea88
fixes bug 224653 "provide cross-platform NTLM auth implementation" r=kaie sr=bryner
2003-11-18 02:20:34 +00:00
c48834ab7e
Set NSS version to 3.9 Beta 3.
2003-11-18 00:57:26 +00:00
25f92109eb
Bugzilla bug 224707: added Linux HPPA support. The patch came from the
...
Debian Mozilla package (maintainer is Takuo KITAME <kitame@debian.org>).
2003-11-16 00:10:16 +00:00
9bc7ce19bb
Removed an extraneous character (`) after #endif.
2003-11-15 16:16:33 +00:00
3569f15993
Removed an extraneous comma (,) at the end of an enum type definition.
2003-11-15 16:15:01 +00:00
e9f81f8499
Detect empty emailAddr strings in CERTCertificate. Bugzilla bug 211540.
2003-11-15 00:15:28 +00:00
b904b47318
Detect empty emailAddr strings in CERTCertificates. Bugzilla bug 211540.
...
Modified Files:
cmd/dbck/dbck.c cmd/signtool/util.c lib/certdb/certdb.c
lib/certdb/stanpcertdb.c lib/pkcs7/p7decode.c lib/pki/certificate.c
lib/pki/pki3hack.c lib/smime/cmssiginfo.c lib/softoken/pkcs11u.c
2003-11-15 00:10:01 +00:00
a157ed2b26
Fix windows breakage.
2003-11-14 18:06:50 +00:00
aa736fe5ed
Add symkeyutil to the manifest file
2003-11-14 03:27:23 +00:00
4f0cd96574
New tool to manage fixed keys in the database.
2003-11-14 03:26:47 +00:00
12bf9a0f9f
Changes for symkey support.
2003-11-14 03:25:52 +00:00
750ff55aa5
Bugzilla bug 225619: fixed memory leaks.
2003-11-14 01:42:51 +00:00
31e5ec1ebe
Bugzilla bug 225626: need to allocate PORTArenaPool rather than PLArenaPool
...
for the 'arena' member of CERTVerifyLog. Fixed memory leaks on an error
path.
2003-11-14 01:41:15 +00:00
b1b3012d66
Set JSS version to 3.4.2 Beta 2.
...
Modified Files: CryptoManager.java util/jssver.h
2003-11-14 01:37:04 +00:00
c90a594d65
Upgraded to NSS_3_7_9_RTM (from NSS_3_7_8_RTM).
...
Modified Files: manifest.mn org/mozilla/jss/CryptoManager.java
2003-11-13 23:39:46 +00:00
c3e4461e42
Fix 225615: memory leak in SSLSocket.socketConnect.
2003-11-13 23:10:13 +00:00
aa085e7956
Fix bugzilla bug 225301. r=jpierre. This patch does the following:
...
1. Fixes the Usage message to document the command line options.
2. Changes the "decode" function to
a) report an error on bad signatures, only when decoding the input file,
not when decoding an ancillary "enveloped file".
b) only output the contents of the "detached content" file (-c option)
when that file's content was actually used in the computation.
3. Sundry other cleanup and added comments.
2003-11-13 23:03:12 +00:00
a5782dcab7
Fixed a comment error. r=relyea.
2003-11-13 16:21:46 +00:00
4868d7e8c2
Bugzilla bug 225373: the return value of CERT_NameToAscii must be freed
...
with PORT_Free.
Modified Files:
cmd/lib/secutil.c cmd/selfserv/selfserv.c
cmd/signver/pk7print.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c lib/certdb/cert.h
2003-11-13 16:10:45 +00:00
d1e962a746
Workaround race. Reduce leaks. Not a real fix. Bugzilla bug 225525.
2003-11-13 03:41:32 +00:00
08e3f5e2fa
Bugzilla bug 225259: link NSS dynamic shared libraries with the
...
-headerpad_max_install_names option. r=ccarlen, sr=sfraser.
2003-11-13 01:59:22 +00:00
dd7a8790e8
Added a comment to note a question I had while reviewing the code.
2003-11-12 23:25:33 +00:00
1b6811ad2b
Eliminate some leaks in Stan cert code.
...
Partial fix to bugscape bug 53573.
2003-11-11 21:46:53 +00:00
019719d8a8
Eliminate a cert leak. Patch is Bob Relyea's.
...
Parial fix for Bugscape bug 53573.
2003-11-11 21:45:48 +00:00
c8ebc52544
Fix crash in certutil if usage is omitted
2003-11-11 00:01:32 +00:00
14c8c093a3
Repair error case for DH code in previous patch.
2003-11-07 16:21:40 +00:00
8cac9b6d61
Verify Parameters from the user before passing it on to freebl. r=nelson
2003-11-07 03:38:59 +00:00
4af3118d62
Add defines for DH and RSA key limits
2003-11-07 03:36:33 +00:00
314acd2bb7
Correct the validity checks on certain ASN.1 objects, allowing some that
...
were previous disallowed, and vice versa. Bug 53339.
2003-11-07 01:41:22 +00:00
87e5cbd19a
Fix some bugs in the code that formats OIDs for printing.
...
Bugscape bug 53334.
2003-11-06 02:02:32 +00:00
390b635832
Grow handshake message buffer once per message, not once per each message
...
segment received. Bugscape bug 53418.
2003-11-05 06:22:57 +00:00
d45bb29e40
Set NSS version to 3.9 Beta 2.
2003-11-04 05:52:51 +00:00
0feb5dfd5f
Fix numerous errors (mostly off-by-1 errors) in the code that formats
...
and prints certs and CRLs. This code is common to certutil and pp.
Bug 222568 r=nicholson (for this portion).
2003-11-04 02:16:42 +00:00
bc763436c5
Better cleanup. Plug leaks in pp. bug 222568. r=nicolson (this part).
2003-11-04 01:51:54 +00:00
374349f143
Rename get_oid_string to CERT_GetOidString and export it. Also, export
...
CERT_DestroyOidSequence. bug 222568. r=jpierre (for this portion).
2003-11-04 01:48:39 +00:00
7809adca33
Fix missing cx param problem (223041, r=caillon, sr=dbaron).
2003-11-03 04:26:55 +00:00
f9f591a28f
Fix for bug 224231 (Need AppendASCIItoUTF16). r=jst, sr=dbaron.
2003-11-01 10:57:41 +00:00
1cd3ab9050
Bugzilla bug 223624: fixed the compiler warning that case ecKey is not
...
handled in the switch statement. r=nelsonb.
2003-11-01 05:17:16 +00:00
afd97d4f96
Remove one unnecessary transition from the SSL3 state machine.
...
Reduce the number of reallocations of the SSL3 handshake message buffer.
Bugscape bugs 53287 and 53337
2003-10-31 07:01:05 +00:00
522e0fe2b8
Enable generation of DES2 keys with mechanism CKM_DES2_KEY_GEN. Bug 201521
2003-10-31 02:33:16 +00:00
a973e0dc48
Correct the code that detects DES2 keys based on their lengths. Bug 201521
2003-10-30 22:31:09 +00:00
1a37e6c822
Fix for 223494 - cmsutil signing does not work with hardware tokens. r=wtc, relyea
2003-10-28 02:34:15 +00:00
2316ca4f0e
Bugzilla bug 223624: declare pk11_FindAttrInTemplate before it is used.
...
r=nelsonb.
2003-10-25 14:10:11 +00:00
d5bd3135a1
Bugzilla bug 223624: use PR_MAX to avoid redefining MAX, a macro commonly
...
defined in system headers. r=nelsonb.
2003-10-25 14:08:31 +00:00
76cb52bad5
Bugzilla bug 223624: removed an extraneous format string for fprintf.
...
r=nelsonb.
2003-10-25 14:05:08 +00:00
8cfbd7293c
Bugzilla bug 223624: node->error is a 'long', so it should match a %ld
...
format. r=nelsonb.
2003-10-25 14:01:43 +00:00
4d26e30240
Initialize crlHandle . r=wtc
2003-10-25 00:41:14 +00:00
1ce0f542ee
Require DES, DES2 and DES3 keys to have correct length in all cases.
...
Expand DES2 keys to be DES3 keys when used with DES3 mechanisms.
Bug 201521.
2003-10-25 00:12:34 +00:00
4bab03c0f6
Bugzilla bug 173715: fixed a crash in OCSP. We incorrectly assumed that
...
'addr' was the last IP address of the host when PR_EnumerateHostEnt
returned 0 and attempted to connect to 'addr', resulting in an assertion
failure in PR_Connect. The fix is to not use 'addr' when
PR_EnumerateHostEnt returns 0. r=relyea.
2003-10-24 17:17:37 +00:00
e4c6ee1dbb
Removed the nonexistent directory 'rngtest' from DIRS.
2003-10-24 06:22:58 +00:00
6dac9765c9
Removed nonexistent directory "crypto" from DIRS.
2003-10-24 05:29:08 +00:00
ee1dc4bffd
Bugzilla bug 223427: added a note section so that the linker knows we're
...
not executing off the stack. This patch is received from Christopher
Blizzard of Red Hat <blizzard@redhat.com>.
2003-10-24 04:47:23 +00:00
975c6d1b52
try forcing the bourne shell to execute the command line.
2003-10-23 22:01:55 +00:00
605cc06382
deCOMtaminate nsIDocument by changing methods to use return value instead of out-params, eliminating unused nsresult return values, moving some members to nsIDocument and inlining the getters/setters. Bug 222134, r=bzbarsky, sr=jst.
2003-10-22 06:09:48 +00:00
2d8d587276
more debugging info.
2003-10-22 04:08:17 +00:00
4327068745
Bugzilla bug 222065: fixed a bug (inside #ifdef WINNT) introduced in the
...
previous checkin.
2003-10-22 01:00:10 +00:00
66caced69a
Re-land patch for bug 83536, merging principal objects.
...
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
2003-10-21 22:11:49 +00:00
b5a0a53d62
NIST PKITS tests:first checkin, without CRLS:bug 177398:six sections implemented
2003-10-21 21:35:04 +00:00
1227476783
fix 221329 add ability to add root certs from autoconfig js, r=misterSSL@aol.com, sr=sspitzer
2003-10-20 15:00:17 +00:00
b6e5abc24b
Add new -N option, which completely suppresses the initialization and use
...
of the SSL server session ID cache. Used to test the fix for bug 222726.
2003-10-19 05:18:11 +00:00
0aaf7a10b3
Put the NSS 3.9 block back in ASCII sorting order, AGAIN.
2003-10-19 04:41:20 +00:00
9413aae7aa
When the SSL_NO_CACHE option is set on an SSL server socket, don't touch
...
the server session cache AT ALL. Bug 222726
2003-10-19 01:55:50 +00:00
6436ed5ab3
Declare SSL_NO_STEP_DOWN option. Partial fix to bug 148452.
2003-10-19 01:31:41 +00:00
47dc9b03e8
SSL_ShutdownServerSessionIDCache no longer leaks the cache memory.
...
Bug 222065. r=wchang0222
2003-10-19 01:25:10 +00:00
7b21e2d4eb
bug 154927 - automate localeVersion updates based on milestone.txt - we'll now create all those files during compile time from .in files, r=leaf, sr=bz
2003-10-18 17:54:07 +00:00
e07da99055
221067 NSS needs to be able to create token symkeys from unwrap and derive.
2003-10-18 00:38:04 +00:00
02bc947b35
Detect buffer overruns caused by flawed application-supplied callbacks,
...
and avoid crashing due to them. Bugscape bug 52528. r=wchang
2003-10-17 21:12:13 +00:00
5eeaac60fc
Incorporate WTC's review comments..
2003-10-17 17:56:56 +00:00
a3fb7ce4e9
missed SSL ECC test files in last checkin
2003-10-17 14:10:18 +00:00
5c2c5888f9
ECC code landing.
...
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
2003-10-17 13:45:42 +00:00
525a14b3ed
Put the NSS 3.9 block in ASCII sorting order.
2003-10-17 05:45:19 +00:00
952d217499
Bug 156770 When we do a file import and give a bad password we get wrong errors back
...
When we fail to decode based on a bad password, don't continue.
So once we've tried failed to decode a ANS.1 stream, don't continue collecting
more data.
On microsoft.pfx files, we would wind up decoding to the end of the encrypted
stream, then fail in the padding in PKCS #7 . This code bypasses this problem by
making sure we don't continue to try to decode data once we've hit a bad
password failure.
2003-10-16 23:49:15 +00:00
01b4508c5d
More debugging information.
2003-10-16 22:17:00 +00:00
e552a95d25
Bug 220106 @mozilla.org/security/nsCertTree;1 doesn't null check mTreeArray
...
r=kaie sr=bz
2003-10-16 15:33:56 +00:00
b9a02f9962
Bug 220230 Change PSM preferences windows behaviour to be more consistent with the rest of the Preference windows
...
patch by borggraefe@despammed.com r=kaie sr=bienvenu
2003-10-16 15:26:28 +00:00
03573a14f2
Try * instead of . to get zip to grab all the contents of a directory.
2003-10-16 03:28:19 +00:00
8963533a51
Fix for bug 222180 . remove redundant code
2003-10-15 01:40:10 +00:00
4efbc18260
Fix for bug 222180 . Change to quick decoder . r=wtc
2003-10-15 01:34:22 +00:00
5251bce355
Eliminate redundant function declarations. Bug 208854. r=wchang0222
2003-10-14 17:44:33 +00:00
be2e372c47
Fix tinderbox breakage
2003-10-12 22:55:09 +00:00
510c723d9d
Try to get zip working properly on the Windows build machines.
2003-10-12 20:21:04 +00:00
886718db18
Correctly handle a NULL moduleSpecList. Bug 220217.
2003-10-11 01:49:24 +00:00
159d38edba
This file has been dead code since NSS 3.4 released, if not sooner.
2003-10-11 01:10:51 +00:00
f2e03876cf
Fix for bug 221743 - incorrect certificate usage macro
2003-10-10 23:22:31 +00:00
40c2250bfc
Bug 191467
...
Multipart signing and verifying broken for several mechanisms in softoken
Reporter: Andreas.Sterbenz@sun.com (Andreas Sterbenz)
sr=nelsonb
2003-10-10 15:32:26 +00:00
df0d80f9a5
Bug 203866
...
Make unloaded modules visible for administrative purposes.
sr=wtc r=nelson
2003-10-10 15:29:43 +00:00
e64bfbce5e
Bug 203866. Make unloaded modules visible for administrative purposes.
...
sr=wtc r=nelson
2003-10-10 15:26:23 +00:00
d87d5b77b6
Change ';' to '&&' so the command fails if any of the subcommands fails.
...
Print out the return value of the command.
This is to debug a problem where the zip file is not being created on windows.
2003-10-09 22:39:54 +00:00
115f203647
fix bug 203450
...
jarevil.c:345: warning: implicit declaration of function \
`__CERT_AddTempCertToPerm'
Obviously missing a declaration somewhere.
r=jpierr, wtc
2003-10-09 22:17:04 +00:00
7f696b676c
Fix for bug 55898 - print name of certificate causing failure in certutil . r=wtc
2003-10-08 01:00:37 +00:00
810ec798b2
Eliminate one of several redundant OID table lookups. Bug 207033.
2003-10-07 17:19:55 +00:00
8464dc0bb6
Eliminate unnecessary copying of CA names in HandleCertRequest.
...
Bug 204686.
2003-10-07 02:24:01 +00:00
655adbd496
The "valid CA" trust flag now overrides other CA cert checks.
...
Works for SSL client as well as other usages. Bug 200225
2003-10-07 02:17:56 +00:00
0cd1f0b182
Export new function PK11_ExportEncryptedPrivKeyInfo. Bug 207033.
2003-10-07 01:29:32 +00:00
a1a6a4697c
Create new function SECKEYEncryptedPrivateKeyInfo which is just like
...
SECKEYEncryptedPrivateKeyInfo except that it identifies the private
key by a private key pointer, rather than by a certificate. Bug 207033.
2003-10-07 01:26:38 +00:00
8dd13ab659
Make tstclnt work with IPv6 addresses. Bug 161610.
2003-10-06 23:50:11 +00:00
7fab02474b
Check for presence of secmod.db file prior to acting on it, for all
...
cases except "multiaccess:". Bug 220217. r=relyea
2003-10-06 23:33:03 +00:00
96f28b4691
Detect Zero length certs and zero length CA names. Bug 204686.
...
Also, eliminate unnecessary copying of incoming certs.
2003-10-03 02:01:18 +00:00
9bb8114b44
Bug 220963: need to handle the possibility that symKey may be NULL before
...
dereferencing it.
2003-10-01 23:01:46 +00:00
60c78ee111
Fix for bug 141882 - convert email query keys to lowercase when searching . r=wtc
2003-09-30 02:33:40 +00:00
347ed6b99f
Fix for bug 94413 - OCSP needs more fine tuned error messages. r=wtc
2003-09-30 01:18:55 +00:00
b74d8438f9
Updating my email address
2003-09-29 06:04:02 +00:00
4b6b1fdf59
Move a brace so vi will find the beginning of the function.
2003-09-27 01:45:35 +00:00
79d90909dc
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-27 00:01:45 +00:00
bsmedberg%covad.net
nelsonb%netscape.com
relyea%netscape.com
bryner%brianryner.com
wchang0222%aol.com
jpierre%netscape.com
darin%meer.net
bienvenu%nventure.com
dbaron%dbaron.org
nicolson%netscape.com
brendan%mozilla.org
peter%propagandism.org
caillon%returnzero.com
bishakhabanerjee%netscape.com
kairo%kairo.at
ian.mcgreer%sun.com
timeless%mozdev.org
wtc%netscape.com