be72ca16c5
bug 180268, reimplement ssl step-up for builtins
2004-05-17 20:08:38 +00:00
3634d4d94b
Bug 236613: change to MPL/LGPL/GPL tri-license.
2004-04-25 15:03:26 +00:00
7debba55ce
Import base64 encoded certificate files with old MAC line endings.
...
Bug 221272. sr=wtc.
2004-02-16 23:52:46 +00:00
46de977590
Removed unused function _OS_SELECT for AIX. Thanks to Philip K. Warren
...
<pkw@us.ibm.com> for reporting this.
2004-02-13 03:13:04 +00:00
2703a27453
Fix for bug 233605 . Check CRL entry extensions after partial decoding. Also add some new CRL decoding errors. r=nelsonb
2004-02-11 06:05:18 +00:00
5c995a5d18
Bugzilla bug 233239: do not include cmd/zlib and cmd/lib headers and
...
libraries in NSS binary releases.
Modified Files:
lib/Makefile lib/manifest.mn makepqg/manifest.mn zlib/Makefile
zlib/manifest.mn
2004-02-07 00:26:02 +00:00
792e8d1e9e
Bug 132942. r=wtc
...
Make the following enhancements to NSS's ASN.1 printing code:
- Print warning messages that are properly indendented.
- PrintAsHex notices when the buffer contains entirely printable characters, and is larger than an int, and prints it as text in that case.
- PrintRawString now indents the string, rather than always printing it on
a separate line.
- now prints decoded bit strings
- now prints BMP (UCS2) strings as strings (not as hex) when they contain only printable ASCII characters.
- now prints Universal (UCS4) Strings as strings (not hex) when they contain only printable ASCII characters.
- Decodes certain encoded data that was previously printed as hex.
- Generically decodes ASN.1 data, rather than merely printing an error, when the ASN.1 data doesn't fit a known template.
- properly handles all optional components of basic constraints extensions.
- Prints the names of the bits in the X509 Key Usage extension.
- Prints General Names.
- Print Auth Key ID extensions
- Print subject and issuer alt name extensions
- Print CRL distribution points extensions
- format and print name constraints extensions
- print Authority Information Access extensions
- Print optional X509v2 subject and issuer Unique ID bit strings
2004-01-29 22:45:20 +00:00
14ff763caa
Use the results from PK11_ProtectedAuthenticationPath(slot) in the
...
password callback function. Bug 229023. r=relyea. verified by submittor.
2004-01-21 00:18:59 +00:00
0a29c7fe2b
Fix double free introduced in rev 1.54. r=wtc. bug 230774.
...
Bug occurs only in NSS utilities that import base64 encoded files, e.g.
with the -a option.
2004-01-14 01:19:26 +00:00
1550e4ab3e
Removed unused variable 'val'.
2003-12-23 21:40:52 +00:00
c7610ca80e
Bugzilla bug 222568: fixed a bug introduced in rev. 1.54.
2003-11-19 01:38:26 +00:00
c4ce0736e8
Fix unnecessary assertion failures occuring in SMIME testing in
...
debug builds only. Partial fix for bugscape bug 53775. r=wchang0222
2003-11-18 06:16:26 +00:00
4868d7e8c2
Bugzilla bug 225373: the return value of CERT_NameToAscii must be freed
...
with PORT_Free.
Modified Files:
cmd/lib/secutil.c cmd/selfserv/selfserv.c
cmd/signver/pk7print.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c lib/certdb/cert.h
2003-11-13 16:10:45 +00:00
0feb5dfd5f
Fix numerous errors (mostly off-by-1 errors) in the code that formats
...
and prints certs and CRLs. This code is common to certutil and pp.
Bug 222568 r=nicholson (for this portion).
2003-11-04 02:16:42 +00:00
8cfbd7293c
Bugzilla bug 223624: node->error is a 'long', so it should match a %ld
...
format. r=nelsonb.
2003-10-25 14:01:43 +00:00
5c2c5888f9
ECC code landing.
...
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
2003-10-17 13:45:42 +00:00
4efbc18260
Fix for bug 222180 . Change to quick decoder . r=wtc
2003-10-15 01:34:22 +00:00
159d38edba
This file has been dead code since NSS 3.4 released, if not sooner.
2003-10-11 01:10:51 +00:00
7f696b676c
Fix for bug 55898 - print name of certificate causing failure in certutil . r=wtc
2003-10-08 01:00:37 +00:00
347ed6b99f
Fix for bug 94413 - OCSP needs more fine tuned error messages. r=wtc
2003-09-30 01:18:55 +00:00
e608b7e0f4
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-26 06:18:40 +00:00
aeaa70ccff
Correctly compute certificate fingerprints. Bug 220016.
2003-09-23 02:05:47 +00:00
945c4207d2
Fix for 215182 - certutil prints incorrect nickname. r=wtc
2003-09-23 00:10:54 +00:00
ce11300ca6
Bug 206926: 1. Undo the changes to secrng.h, pqgutil.h, swfutl.c,
...
unix_rand.c, and win_rand.c. 2. Make secrng.h and pqgutil.h private.
3. Public header pk11pqg.h can't include private header pqgutil.h.
4. Many files don't need to include secrng.h. A few don't need to include
pqgutil.h. 5. Remove duplicate declarations of PQG_DestroyParams and
PQG_DestroyVerify from blapi.h.
2003-05-30 23:31:32 +00:00
34bce4985a
Bug 205346: need to include <unistd.h> on BeOS for isatty(). Thanks to
...
timeless@bemail.org for the patch.
2003-05-12 19:52:44 +00:00
05536f8c3a
Bug 205346: fixed a compiler warning about a zero-length format string for
...
sprintf.
2003-05-12 18:58:33 +00:00
ba8e91e37c
Fix bug 198099. Display DSA public keys in certs properly.
2003-03-25 03:45:04 +00:00
7b8dfc1a95
remove last references to TraverseCerts by removing depricated functions with call it. r=wtc
2003-03-05 21:46:20 +00:00
f87129ad87
Add support for Elliptic Curve Cryptography. Bug 195135.
...
Modified Files:
cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
lib/cryptohi/keythi.h lib/cryptohi/seckey.c
lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
lib/softoken/lowkeyti.h lib/softoken/manifest.mn
lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
lib/util/secoid.c lib/util/secoidt.h
Added Files:
lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
lib/freebl/ec.h lib/softoken/ecdecode.c
2003-02-27 01:31:38 +00:00
83101081ca
Add missing dependency on error headers.
2003-02-26 23:52:40 +00:00
72edde5172
bug 172247, don't allow import of duplicate issuer/serial certs
2002-11-21 20:43:15 +00:00
2d2f10ff75
Fix crash when formatting a cert with optional version not given.
2002-11-15 06:32:51 +00:00
37feda0de1
Remove long dead code from util. triggered by bug 179038
2002-11-11 18:17:24 +00:00
72e8094d87
Change instructions for entering a new token password to say "should"
...
instead of "must". Bug 174135.
2002-10-17 02:06:31 +00:00
16d37d34ce
Use the new quick DER decoder to decode Certificate requests, because
...
it does it correctly. Fix some memory leaks in print code.
Print OCTET strings and bits strings better.
2002-10-16 05:34:54 +00:00
acdec25c4b
Eliminate a crash in pp formatting cert requests. Bug 174188.
...
When asking for a new password and the two values don't match, ask for
both again. Bug 174133.
2002-10-16 01:40:22 +00:00
72fe83e3f2
Make grammar, punctuation, capitalization, and content changes suggested by
...
nelson.
2002-10-15 00:56:23 +00:00
e7544aab69
Add missing errors from secerr.h in lib/util
2002-10-10 20:31:25 +00:00
e179fe8904
Fix 164126: makefile build error.
...
Change the NSS module name from "security" to "nss".
2002-09-06 16:38:56 +00:00
a897ae16a9
Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux.
...
The patch for this checkin is attached to bug 166785.
2002-09-06 00:27:52 +00:00
dc99c08db3
Fix for 164471 - Hide passwords in NSS command-line tools on OS/2
2002-08-25 03:00:34 +00:00
95bad7466f
Correctly identify tty on OS/2 - fix for 164420
2002-08-24 13:46:50 +00:00
cdaf8705fe
Fix for 164403 - make console input work in NSS tools on OS/2
2002-08-24 11:51:42 +00:00
e6ee1f4c60
Add comment about partial CRLs
2002-08-09 07:09:25 +00:00
41ba83e283
Fix for 142658 - fix certutil crash with NULL nickname
2002-05-06 23:10:40 +00:00
29d5f9376c
Add missing #include to fix errors on AIX.
2002-04-04 01:35:13 +00:00
515ed51a75
Add cross-platform (WinCE) support.
2002-04-04 00:00:27 +00:00
608314e686
Bugzilla bug 131078: fixed compiler warnings. r=mcgreer.
2002-03-15 06:07:41 +00:00
fad9c854e8
Patch for bug 119368: SECU_PrintError prints decimal error code now if
...
unknown error
2002-02-08 01:20:04 +00:00
c66d0660f4
1) put some defensive programming so we don't crash on invalid der.
...
2) set the start offset correctly for multi-byte lengths when decoding sets
and sequences
2002-01-30 00:24:12 +00:00
f28551787a
More 'pretty print' improvements. Decode context specific data a little more.
2002-01-29 17:50:27 +00:00
9bcaa806b7
Add error strings for new NSPR error codes. Bug 118668.
2002-01-10 03:00:30 +00:00
e27189dd1d
Land BOB_WORK_BRANCH unto the tip.
...
remove lots of depricated files.
move some files to appropriate directories (pcertdb *_rand
associated headers to soft token, for instance)
rename several stan files which had the same name as other nss files.
remove depricated functions.
2001-11-08 00:15:51 +00:00
04173d6cc2
Fix for OS/2 build
2001-11-02 03:10:29 +00:00
ad3b9d7e36
Fix compilier warnings.
...
Remove calls to low level key structures.
2001-09-20 21:47:29 +00:00
e17976568a
Fix a crash. An attempt to move a sensitive key longer than 48 bytes
...
from one token to another will no longer crash. Instead, it will fail
with the new error code SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY. Bug 97887.
In addition, DHE key pairs are now generated with CKA_SENSITIVE false.
2001-09-06 03:00:39 +00:00
f5e05df41e
be strict about passing wincx in pk12util.
2001-08-12 20:57:40 +00:00
c63a539773
print a useful error message when password fails
2001-08-09 20:14:15 +00:00
d454f0472f
when doing file passwords, only open the file once to retrieve the password, then keep it in memory. Seems to fix scripting problems (especially in FIPS, which hits the password prompt a lot).
2001-08-09 13:58:30 +00:00
5da4560b7a
copy the plaintext password over
2001-08-07 21:11:46 +00:00
cc91679cd9
Add function SECU_PrintBuf() which prints a buffer in hex and ASCII.
2001-03-20 04:23:38 +00:00
4c010838b2
On NT, it looks like isatty doesn't always work. Since we always use stdin for this use
...
that test instead.
2001-02-28 01:58:02 +00:00
804472db43
Bugzilla bug #60143 : checked in OpenVMS patch from Colin Blake
...
<colin@theblakes.com>.
Modified Files:
coreconf/OpenVMS.mk coreconf/arch.mk coreconf/rules.mk
coreconf/ruleset.mk nss/cmd/lib/secpwd.c nss/lib/nss/nss.h
nss/lib/nss/nssinit.c
2001-02-04 05:52:42 +00:00
a83eb31b00
Bugzilla bug #63768 : removed references to the obsolete PURE_LIBRARY,
...
HAVE_PURIFY etc. make variables in NSS files. Reviewed by nelson Bolyard.
Modified Files:
cmd/platrules.mk cmd/crmf-cgi/config.mk cmd/crmftest/config.mk
cmd/lib/config.mk cmd/zlib/config.mk lib/base/config.mk
lib/certdb/config.mk lib/certhigh/config.mk lib/ckfw/config.mk
lib/crmf/config.mk lib/cryptohi/config.mk
lib/fortcrypt/swfort/config.mk lib/freebl/config.mk
lib/jar/config.mk lib/nss/config.mk lib/pk11wrap/config.mk
lib/pkcs12/config.mk lib/pkcs7/config.mk lib/smime/config.mk
lib/softoken/config.mk lib/ssl/config.mk lib/util/config.mk
2001-02-02 01:49:57 +00:00
0f7d6dba5f
remove cdbhdl.h bug 64260 reviewed by wtc.
2001-02-01 18:09:50 +00:00
b4bed1dcdb
Resolves bug 66244 - Many NSS command do not detect failure of NSS_Init* functions. Introduced SECU_PrintPRandOSError(progName); to print on failure. Each command is responsible for exiting with appropriate status to distinguish failure points.
2001-01-31 23:25:02 +00:00
ef5aed7aaa
Bugzilla bug #65416 : assign values to enumeration constants in secutil.h
...
and nssilock.h explicitly. Reviewed by Ian McGreer.
2001-01-25 19:05:50 +00:00
eea673c43a
MSVC won't let you initialize a pointer in a data structure with the
...
address of an external variable that comes from another DLL.
This is a fundamental difference between WIN32 DLLs and Unix DSOs.
So, for every SEC_ASN1Template inside of libnss3 that is referenced by
other templates outside of libnss3, a new "chooser" function was created
that returns the address of that template. For WIN32, the templates
outside of libnss3 access libnss3's templates by the chooser function
rather than by direct reference. Some simple macros allow Unix to
continue to use direct references, avoiding the extra function calls.
With these changes, all.sh (qa script) passes all tests on NT with DLLs.
Modified Files:
cmd/checkcert/checkcert.c cmd/lib/secutil.c lib/asn1/asn1t.h
lib/certdb/certdb.c lib/certdb/certt.h lib/certdb/crl.c
lib/certhigh/certreq.c lib/crmf/asn1cmn.c lib/crmf/crmfcont.c
lib/crmf/crmftmpl.c lib/cryptohi/secsign.c lib/nss/nss.def
lib/pkcs12/p12local.c lib/pkcs12/p12tmpl.c
lib/pkcs7/certread.c lib/pkcs7/p7decode.c lib/pkcs7/p7local.c
lib/smime/cmsasn1.c lib/smime/cmsattr.c lib/smime/cmspubkey.c
lib/smime/cmssigdata.c lib/smime/smimeutil.c
lib/softoken/keydb.c lib/softoken/keydbt.h lib/util/secalgid.c
lib/util/secasn1.h lib/util/secasn1d.c lib/util/secasn1t.h
lib/util/secasn1u.c lib/util/secdig.c lib/util/secdig.h
lib/util/secoid.h
2001-01-07 08:13:13 +00:00
fbb67a9c4c
Eliminate warnings about functions returning values of the wrong type.
2001-01-07 07:49:22 +00:00
a97e2c5e3d
Add missing declaration of library function printflags().
2001-01-07 07:48:04 +00:00
dcb55c3980
Move the cert searching and printing utility function out of secutil.c so that
...
most functions which call secutil can still be used in the shared libraries.
2001-01-06 21:09:28 +00:00
b91a0677ac
remove depricated functions from secutil.
2001-01-06 21:05:36 +00:00
97cc48fda6
Reduce warnings by adding missing #includes to eliminate calls to
...
undeclared functions.
2001-01-04 08:21:15 +00:00
8df1f34f24
fix bug 63447 where certutil was opening an unneccessary output terminal.
2000-12-21 01:51:37 +00:00
5a0634f3c0
Open VMS changes bug 60143
2000-12-07 22:24:46 +00:00
bf75619d8f
add a new function, SECU_TextFileToItem, for reading text files.
2000-10-11 00:56:32 +00:00
55b0cfddec
fix problems encountered in shell script. it appears that "echo nss > passfile" creates a file with 6 bytes on NT using the dos shell. the added bytes were causing problems with password files, which this while loop attempted to fix. however, it broke DER-encoded input that has added whitespace at the end. this checkin returns SECU_FileToItem to it's original state, which blindly accepts whitespace characters at the end of the file.
...
the second change is forced because SECITEM_AllocItem asserts dst->data == NULL, and many NSS utilities pass uninitialized SECItem's around. In the future, those should be fixed, but for now zero the output buffer.
2000-10-02 22:30:27 +00:00
ccd7cc788f
changes to use blapitest on NT.
2000-09-29 22:27:14 +00:00
255eadd741
add seeding call (for 3.1, for 3.2 I think this function needs to go away).
2000-09-29 15:27:00 +00:00
38ba5d81e9
NT still buggy with password files, this seems to fix it
2000-09-15 18:45:20 +00:00
2fbeac9dd1
extra #endif broke build
2000-09-15 15:58:42 +00:00
b2e3a4121c
Fix NT so it can read from a password file. (do the correct EOL conversions).
...
Fix trust display for certs not in the database.
2000-09-15 15:35:03 +00:00
0be7764833
added fingerprints to list of things dumped with cert, bug 45303
2000-08-30 01:07:12 +00:00
11bcfbe3d6
fingerprint had to handled in certutil for now since SECU_PrintCertificate receives a decoded DER. see #45303
2000-07-12 22:42:57 +00:00
d42ada9be0
add fingerprints to info dumped with certificate
2000-07-12 20:48:47 +00:00
1d084af74a
merge changes from NSS 3.0 branch to allow NT automated tests to work.
2000-06-29 21:25:41 +00:00
568524e3be
Fixed bug in sequence printing code: array counter was overshooting by one
2000-06-20 14:35:17 +00:00
1a4bf955be
more cleanup on cert listing
2000-06-16 00:36:43 +00:00
091d437eca
Sorted output for certutil -L
2000-06-12 22:25:40 +00:00
7f2818aa4e
Applying ancient patch to dump out extended key usage extensions
2000-05-18 01:02:40 +00:00
9fd7059a19
Initial NSS Open Source checkin
2000-03-31 20:13:40 +00:00
ian.mcgreer%sun.com
gerv%gerv.net
nelsonb%netscape.com
wchang0222%aol.com
jpierre%netscape.com
wtc%netscape.com
relyea%netscape.com
nicolson%netscape.com
bishakhabanerjee%netscape.com
mcgreer%netscape.com
kirke%netscape.com
chrisk%netscape.com
roeber%netscape.com