33b126149c
Bug 353904. Fix potential NULL ptr deref. Klocwork. r=alexei.volkov
2007-01-03 12:57:41 +00:00
a2f54df6a6
Bug 354423. Get the right string length. R=alexei.volkov,rrelyea
2007-01-03 12:54:10 +00:00
d0fdcbf71c
Improve checking of received SSL2 records.
...
Bug 364319, bug 364323. r=rrelyea, wtchang
2007-01-03 05:30:33 +00:00
8dab19b1f9
Resolves: bug 299995
...
Description: Use PK11_TokenKeyGenWithFlags instead of PK11_KeyGen
Fix Description: Use the new function and pass in CKF_ENCRYPT|CKF_DECRYPT
as the keygen flags.
2006-12-14 17:09:17 +00:00
0660fc6940
Resolves: bug 363168
...
Description: Add autotool support to svrcore; have svrcore build shared libs
Fix Description: This is a pretty basic autotool-ization using libtool
to build the shared library. The vast majority of the work was done
by Toshio-san. However, there are a couple of extras worth noting:
1) Windows builds are different now. In order to build on Windows using
the MSVC compiler, you still have to use coreconf. I just could not get
configure/libtool to work correctly with the MSVC compiler. The old
makefile has been moved to src/Makefile.win, so you just have to
cd src ; make -f Makefile.win
I also updated the README and INSTALL.win to add this information.
2) I added some m4 files to find and figure out which nspr and nss to use
based on the environment and pkg-config.
2006-12-14 17:07:32 +00:00
db39c54c49
Bug 236613: added newline at end of file.
2006-12-12 23:26:40 +00:00
584a6edf70
Bug 355409, unable to search LDAP server (over SSL) with tbird 2.0 build, but 1.5.0.7 works
...
r=wtchang
2006-12-11 13:51:25 +00:00
caae487a24
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-12-11 09:45:41 +00:00
9f7d451f99
Bugzilla Bug 358785: merged the mozilla/security/nss/lib/libpkix from the
...
NSS_LIBPKIX_BRANCH onto the NSS trunk. Approved by rrelyea and nelsonb.
2006-12-09 00:27:38 +00:00
6defe87ad2
Bugzilla Bug 363073: verify that the peer's ephemeral public key is the
...
type we expect before using it. r=nelsonb
Modified Files: ssl3con.c ssl3ecc.c
2006-12-08 22:37:29 +00:00
36db94292d
Bugzilla Bug 357197: a small but subtle change to reject a hash algorithm
...
identifier with bogus 'parameters', and a large but straightforward change
of renaming function arguments and improving comments to clarify the
asymmetry between the two certID arguments. r=nelsonb
2006-12-08 22:10:52 +00:00
b71144ac43
Bugzilla Bug 361077: removed commented-out code. r=christophe.ravel
2006-12-07 18:31:49 +00:00
55af5b19ae
Bugzilla Bug 361077: fixed the bug that HP-UXB.11.*.mk test USE_PTHREADS
...
before it is set. Since we always use pthreads now, we can unconditionally
add -D_POSIX_C_SOURCE=199506L to OS_CFLAGS in HP-UXB.11.mk.
r=christophe.ravel
Modified Files:
HP-UXB.11.00.mk HP-UXB.11.11.mk HP-UXB.11.20.mk
HP-UXB.11.22.mk HP-UXB.11.23.mk HP-UXB.11.mk
2006-12-07 18:28:40 +00:00
5be8e17fe9
Bug 362980, Unable to verify the identity of [www.something.com] as a trusted site
...
Fixes a regression from yesterday's checkin for bug 176501.
r=rrelyea, r=wtchang
2006-12-07 13:02:28 +00:00
3628ebbf9c
Bugzilla Bug 345482: changed abspath to core_abspath to avoid conflict with
...
the built-in abspath function of GNU make 3.81. The patch is contributed
by Benjamin Smedberg <benjamin@smedbergs.us>. r=wtc,christophe.ravel
Modified Files:
coreconf/rules.mk nss/cmd/shlibsign/Makefile
nss/lib/freebl/Makefile nss/lib/pk11wrap/Makefile
2006-12-07 01:57:18 +00:00
5a40d49a00
Bug 332350: fixed a typo in the comment.
2006-12-06 23:00:17 +00:00
f43e37d11b
Bugzilla Bug 342795: the call-once functions need to store the error code
...
on failure so that the error code can be retrieved later. r=nelsonb and
alexei.volkov.
2006-12-06 21:50:40 +00:00
ca95de552d
Bugzilla 362857 Simplify the NSS version string definition.
...
r+ wtchang
2006-12-06 21:14:54 +00:00
3af4185ee2
Bugzilla Bug 362857: simplified the NSS and softoken version string
...
definition. r=christophe.ravel,nelsonb.
Modified files: nss/nss.h softoken/softkver.h
2006-12-06 19:51:30 +00:00
7d28513beb
Bug 362967, export SECMOD_DeleteModuleEx
...
r=rrelyea, r=wtchang
2006-12-06 17:56:04 +00:00
75410ae8da
follow up checkin, make sure entries in nss.def are sorted
2006-12-06 17:32:47 +00:00
4540b73845
Bug 345277, When "Certificate Viewer" is shut, the object leaks
...
r=rrelyea
2006-12-06 17:25:14 +00:00
c2228af20b
Export two NSS functions, required for:
...
Bug 307319, Certificate details show incorrect public key information
r=rrelyea
2006-12-06 17:12:41 +00:00
6a93344bb3
Bug 360526, Cert not imported - Feedback prompt sometimes does not work
...
r=rrelyea
2006-12-06 16:31:32 +00:00
c204990ad5
Bug 360528, Can no longer import trusted email cert
...
r=rrelyea
2006-12-06 16:20:08 +00:00
07ea6d51d9
Bug 164707, Provide a way to view/delete orphan certs
...
r=rrelyea
2006-12-06 16:16:52 +00:00
625ec5ca20
Bug 176501, mozilla apps must manage NSS configuration for PKCS#11 shared libs, including nssckbi.dll
...
r=rrelyea
2006-12-06 15:42:39 +00:00
93d4e5a864
Bugzilla Bug 357197: when we compare hash algorithm identifiers, allow the
...
'parameters' to be either NULL or missing. r=nelsonb,relyea
2006-12-06 02:25:52 +00:00
6fcff517e0
Bugzilla Bug 358248: SSL_ShutdownServerSessionIDCache should stop the
...
LockPoller thread. r=nelsonb,relyea
2006-12-06 01:36:08 +00:00
f430d03a0b
Bugzilla Bug 362173: The NSS cryptographic module (the softoken and freebl
...
shared libraries) should have its own version numbers. r=nelsonb and
neil.williams.
Modified Files:
lib/freebl/freebl.rc lib/freebl/freeblver.c
lib/softoken/manifest.mn lib/softoken/pkcs11.c
lib/softoken/softkver.c lib/softoken/softokn.rc
Added Files:
lib/softoken/softkver.h
2006-12-04 23:31:35 +00:00
e3c549190e
343231: certutil issues certs for invalid requests. r=nelson
2006-12-01 01:10:03 +00:00
e02f09041f
Bugzilla Bug 358785: fixed incorrect x509PolicyConstraints OID and typos in
...
a comment. r=relyea
2006-11-30 00:27:28 +00:00
d3cc76a662
Bugzilla Bug 361089: fixed memory leaks in mp_bdivmod. r=douglas.stebila
2006-11-30 00:21:04 +00:00
33537036df
Bug 359718 - Page info: Security tab never shown. r=gavin, mpa=darin.
2006-11-23 09:41:03 +00:00
7dd5c39a89
Backing out bug 359718, tree is closed
2006-11-22 21:24:56 +00:00
a4e5a5340b
Bug 359718 - Page info: Security tab never shown. r=gavin, mpa=darin.
2006-11-22 21:23:35 +00:00
a31821060f
Bugzilla Bug 361076: removed code that handled multiple NSPR threading
...
implementations. We only use the pthreads-based implementation now.
r=christophe.ravel.
2006-11-17 21:57:14 +00:00
394cd26fbd
335454: Unable to find library 'libsoftokn3.sl' on HP-UX 64 bit
...
r=nelson, sr=wan-teh
2006-11-17 01:30:16 +00:00
b82ec2ed15
bug 360818, set RPATH for signtool, signver
...
r=wan-teh, nelson
2006-11-17 01:16:53 +00:00
3ce134cf12
Export two new functions that were added in NSS 3.11:
...
SSL_ForceHandshakeWithTimeout and SSL_ReHandshakeWithTimeout
Bug 127960. r=alexei.volkov,wtchang
2006-11-15 00:14:42 +00:00
f6144cb805
Bugzilla Bug 359484: made the fix for bug 341707 work for the SSL2 client
...
hello case. r=nelsonb,alexei.volkov
2006-11-14 01:09:54 +00:00
492039f374
Bugzilla Bug 357197: fixed the fallthrough case in ocsp_CertIDsMatch. The
...
patch is contributed by Steve Parkinson <sparkins@redhat.com>. r=nelson,wtc
2006-11-13 18:16:58 +00:00
7820ce6270
Bug 356309, CertVerifyLog in CERT_VerifyCertificate terminates early on expired certs
...
r=rrelyea
2006-11-08 18:41:53 +00:00
e71bbe8d57
Bug 356109, Improve KU_NON_REPUDIATION indication in client auth prompt
...
r=rrelyea
2006-11-08 18:14:21 +00:00
dcd873788a
Bug 355447, Certificate Viewer shows no details for certs in chain
...
Patch v2 - make extension display in cert viewer more robust
Contributed by Kaspar Brand
r=kengert
2006-11-02 22:48:32 +00:00
5d1ba10a53
Bug 359280, fix typo in mozilla/security/nss/cmd/lib/SSLerrs.h
...
r=nelson
2006-11-02 22:07:57 +00:00
690955f219
Bug 355447, Certificate Viewer shows no details for certs in chain
...
Fix template patch
r=kengert
2006-11-02 21:49:22 +00:00
14a234befa
bug 346766, tons of valgrind warnings if nsEntropyCollector collects entropy before NSS initialization
...
r=kengert, r=rrelyea
2006-11-02 19:22:56 +00:00
1de51a708c
Bug 328346, Certificates with keyusage nonRepudiation should not be used as SSL client certificates
...
Checking in incremental patch to fix an obvious mistake.
r=kengert
2006-11-02 18:51:27 +00:00
07c83e0e53
353763: klocwork Null ptr dereferences in pk11cert.c. r=nelson
2006-10-31 00:31:53 +00:00
0625316efb
353865: klocwork Null ptr deref in softoken/pk11db.c. r=nelson
2006-10-31 00:29:43 +00:00
33f9b12c9f
353902: klocwork bugs in stanpcertdb.c. r=nelson
2006-10-31 00:24:38 +00:00
341b92ca26
additional fix for 353909: klocwork ptr dereference before NULL check in devutil.c. r=nelson
2006-10-31 00:21:24 +00:00
1deb23d955
353909: klocwork ptr dereference before NULL check in devutil.c. r=nelson
2006-10-31 00:05:04 +00:00
280bcba7da
Fix for bug 350948 . freebl macro change gives 1% improvement in RSA on Solaris AMD64
2006-10-26 22:22:57 +00:00
a723cfe070
Fix leaks in softoken's argument string parsin. r=rrelyea,alexei.
...
Bug 339173. Modified Files: pk11db.c pk11pars.h
2006-10-25 18:47:02 +00:00
0ce72c77cd
Make nsIStreamLoader and nsIUnicharStreamLoader be stream listeners. Bug
...
281153, patch by Son Le <son.le0@gmail.com>, r=biesi, sr=darin
2006-10-24 21:47:40 +00:00
61caebbe8a
Bugzilla Bug 351140: handle the case that params->field is an invalid
...
value. The patch is by Ryan Jones <sciguyryan+bugzilla@gmail.com>.
r=nelsonb,wtc.
2006-10-24 00:05:43 +00:00
966e3934b8
265784: SSL interoperability regression testing. r=nelson
...
To turn on the feature, set and export env variable
IOPR_HOSTADDR_LIST to space separated interoperability server fqdn list
2006-10-23 23:46:47 +00:00
91dfa64226
Bugzilla Bug 341122: it's not necessary to test slot->slotLock because
...
slot->slotLock cannot be NULL at that point. The patch is contributed by
Ryan Jones <sciguyryan+bugzilla@gmail.com>. r=nelsonb,wtc.
2006-10-23 22:56:31 +00:00
c491737eac
Bugzilla Bug 339907: fixed the leak of sha1cx. The patch is contributed by
...
Ryan Jones <sciguyryan+bugzilla@gmail.com>. r=nelsonb,wtc.
2006-10-23 21:24:38 +00:00
4c82545467
Bugzilla Bug 351897: Say a != b instead of (! (a == b)). r=jpierre.
2006-10-23 20:46:50 +00:00
dbb6ae1065
Bugzilla Bug 357015: it turns out the code is correct. it's the comment
...
that's wrong.
2006-10-18 23:45:32 +00:00
a9aa5230b7
Bugzilla Bug 357015: added a comment to describe the actual number of files
...
ReadSystemFiles reads.
2006-10-18 23:05:59 +00:00
951283acfa
Fix for previous patch.
2006-10-18 17:59:40 +00:00
a3c9bc84e3
Bugzilla Bug 356595: noted in the comment that GetCurrentProcess returns
...
a constant pseudo handle. Added a GetCurrentThreadId call. r=glen.beasley,
neil.williams.
2006-10-17 17:58:06 +00:00
9ed6996ee7
1. Adding timestamps + total time measure for testing subscripts
...
2. Enables using TESTS variable from system environment (for example TESTS=cert
./all.sh will test only cert tests)
2006-10-17 09:48:17 +00:00
7e38c40e38
Bugzilla Bug 355297: changed the way we reseed the RNG so that we modify
...
all the 256 bits of XKEY. Define struct SHA256ContextStr in the new header
sha256.h so that prng_fips1861.c can use it. r=nelsonb,jpierre.
Modified files: manifest.mn prng_fips1861.c sha512.c
Added file: sha256.h
2006-10-13 16:54:04 +00:00
075590b967
Bug 338022: remove dead code in buildASN1ObjectFromDER, patch by Ryan Jones <sciguyryan+bugzilla@gmail.com>, r=darin+kaie
2006-10-13 15:35:59 +00:00
081ca00a78
355297 rng update checking in wan-tehs patch
2006-10-12 22:48:19 +00:00
390792a63d
356073 C_GetTokenInfo should return CKR_CRYPTOKI_NOT_INITIALIZED if not initialized r=nelson,sr=neil
2006-10-12 22:27:16 +00:00
51cd930242
Bugzilla Bug 355297: added new function RNG_SystemRNG, which gets random
...
bits from the system RNG, and use it for the very first RNG_RandomUpdate
call in rng_init so that we initialize the RNG's XKEY with high quality
entropy. r=jpierre,relyea.
Modified Files:
os2_rand.c prng_fips1861.c secrng.h unix_rand.c win_rand.c
2006-10-12 02:23:49 +00:00
ffca628aba
Bugzilla Bug 354900: code cleanup -- consolidates some duplicate code,
...
checks for NULL pointers, and renames the SFTK_IS_SECURE_KEY_OBJECT macro.
r=glen.beasley,relyea.
Modified files: fipsaudt.c fipstokn.c
2006-10-10 22:28:48 +00:00
328a1f6b55
Bug 328346, Certificates with keyusage nonRepudiation should not be used as SSL client certificates
...
r=rrelyea
2006-10-10 02:04:40 +00:00
3b9a109d82
353908: klocwork OOM crash in tdcache.c. r=nelson
2006-10-09 22:29:12 +00:00
a8f4eefb65
353903: klocwork oom crash in softoken/keydb.c. r=nelson
2006-10-09 22:28:07 +00:00
f4e98c2852
353888: klockwork IDs for ssl3con.c. r=nelson
2006-10-09 22:26:44 +00:00
12668703e3
353777: Klocwork Null ptr dereferences in pk11obj.c. r=nelson
2006-10-09 22:25:36 +00:00
164d4c2907
353773: klocwork Null ptr dereferences in pk11nobj.c. r=nelson
2006-10-09 22:24:18 +00:00
76dff9c91f
353760: klocwork null pointer dereference in p7decode.c. r=nelson
2006-10-09 22:22:33 +00:00
4cc26433e6
353742: klocwork null ptr dereferences in pki3hack.c. r=nelson
2006-10-09 22:21:41 +00:00
c93ff6a5f2
353742: klocwork null ptr dereference in ocsp_DecodeResponseBytes. r=nelson
2006-10-09 22:19:58 +00:00
6d632efb6c
353741: klocwork cascading memory leak in mpp_make_prime. r=nelson
2006-10-09 22:18:38 +00:00
c8c6d0c339
353739: Klocwork Null ptr dereferences in instance.c. r=nelson
2006-10-09 22:16:59 +00:00
a555a69765
353423: Klocwork bugs in nss/lib/pk11wrap/dev3hack.c. r=nelson
2006-10-09 22:14:04 +00:00
eb392ed332
353416: Klocwork 76593 null ptr deref in nssCryptokiPrivateKey_SetCertificate. r=nelson
2006-10-09 22:11:44 +00:00
a168b0dbcc
353375: Klocwork 76513 - Null ptr deref in nssCertificateList_DoCallback. r=nelson
2006-10-09 18:51:55 +00:00
a7edef3088
353371: Klocwork 91117 - Null Pointer Dereference in CERT_CertChainFromCert. r=nelson
2006-10-09 18:45:02 +00:00
fc1706cbbb
338226: Core files may be reported in the wrong tests for SSL, or missed. r=neil
2006-10-09 17:42:58 +00:00
4d79de55ec
Bugzilla Bug 354565: improved an error message as suggested by Neil
...
Williams.
2006-10-06 23:50:48 +00:00
80b56f2e83
Bugzilla Bug 115951: libfreebl3.dylib should be built as a loadable bundle
...
just like libnssckbi.dylib because it is only dynamically loaded. We don't
have the import library freebl3.lib on Windows either. r=julien.pierre
2006-10-06 23:45:39 +00:00
6f25509ce4
Bugzilla Bug 354900: audit the modifications, accesses, deletions, and
...
additions of cryptographic keys. r=glen.beasley,relyea.
Modified files: fipstokn.c manifest.mn pkcs11c.c softoken.h
Added file: fipsaudt.c
2006-10-02 22:48:31 +00:00
73f3b25c8c
Bugzilla Bug 351482: fail if some of the needed functions don't exist.
...
r=glen.beasley,relyea.
2006-10-02 22:04:33 +00:00
81bb832c8f
Fix for bug 115951 . Separate BL_Cleanup and BL_Unload . r=wtchang,nelson
2006-10-02 21:15:46 +00:00
4773f65967
Bug 344817, PSM: fix UI display problems for X.509 certs with empty DNs
...
Patch for GetWindowTitle, contributed by Kaspar Brand
r=kengert
2006-10-02 20:16:23 +00:00
630d4f6a21
Bug 352867, Cert Manager shows incorrect cert names if any twisty is closed
...
r=rrelyea
2006-10-02 20:11:49 +00:00
1928a929d5
Bug 352401, Cert Manager: If issuer org is empty, fall back to display common name
...
r=rrelyea
2006-10-02 20:06:27 +00:00
500db6f324
Bug 353475. When building NSS with MSVC 2005, use the "mt" command to
...
embed the manifest files into the executables and DLLs.
Patch contributed by Allan Beaufour <allan@beaufour.dk>, r=nelson,wtchang
2006-10-01 06:48:25 +00:00
7c15fcda7a
Bug 354384. Fix some (not all) of the reference leaks in vfyserv.
...
Also, improve usage message. r=alexei,julien
2006-10-01 05:47:18 +00:00
d4df5484a3
Bug 354313. Fix leak in STAN_GetCERTCertificateName. r=julien,rrelyea
2006-10-01 05:37:24 +00:00
nelson%bolyard.com
richm%stanfordalumni.org
wtchang%redhat.com
kaie%kuix.de
gerv%gerv.net
christophe.ravel.bugs%sun.com
alexei.volkov.bugs%sun.com
mozilla.mano%sent.com
neil.williams%sun.com
julien.pierre.bugs%sun.com
bzbarsky%mit.edu
slavomir.katuscak%sun.com
gavin%gavinsharp.com
glen.beasley%sun.com