alexei.volkov.bugs%sun.com
3e699dc0f0
[Bug 337110] OOM Crash and memory leak [@ PK11_CreatePBEParams]. r=julien, sr=nelson
2006-06-16 00:42:46 +00:00
wtchang%redhat.com
d3ad378479
Bugzilla Bug 341590: in FIPS mode, softoken should report the more serious
...
fatalError condition before the !isLoggedIn condition. r=nelson.
2006-06-15 23:55:59 +00:00
alexei.volkov.bugs%sun.com
d5aa4d29c5
[Bug 337008] OOM crash [@ nssList_Add - STAN_InitTokenForSlotInfo - STAN_LoadDefaultNSS3TrustDomain][@ nssList_Clone - nssList_CreateIterator - STAN_LoadDefaultNSS3TrustDomain] Dereferencing possibly NULL "(td)->tokenList". r=nelson, sr=wtc
2006-06-13 21:36:29 +00:00
wtchang%redhat.com
82930ed07a
Bugzilla Bug 341111: added a dummy reference to the SCCS and RCS version
...
strings so that they won't be optimized away. r=nelsonb.
2006-06-13 17:48:03 +00:00
alexei.volkov.bugs%sun.com
51b89f627d
[Bug 337110] OOM Crash [@ PK11_CreatePBEParams]. r=nelson
2006-06-13 17:33:06 +00:00
alexei.volkov.bugs%sun.com
4fe5c22675
[Bug 337099] Crash [@ PK11_ParamFromIV] Variable "iv" tracked as NULL
...
was dereferenced. r=nelson
2006-06-12 21:16:49 +00:00
alexei.volkov.bugs%sun.com
cc3d04b60e
[Bug 339886] param leaked at NSS_CMSCipherContext_StartEncrypt(nss/lib/smime/cmscipher.c). r=nelson
2006-06-12 21:05:12 +00:00
nelson%bolyard.com
7d6b311cd3
Don't call nssCKFWToken_Destroy with NULL. Bug 340018. r=alexei.volkov
2006-06-10 22:21:10 +00:00
nelson%bolyard.com
4f4902f94e
Fix leak and OOM crash. Bug 338352 and 338356. Coverity.
...
r=rrelyea, alexei.volkov
2006-06-10 22:13:46 +00:00
kaie%kuix.de
969191a00e
Bug 340183, Add the Netlock Class QA root certificate
...
Approval for adding CA cert granted by Frank Hecker in bug 313942
Patch by Wan-Teh Chang, r=me
2006-06-09 21:02:16 +00:00
nelson%bolyard.com
bae0b415d1
Fix leaks in CERT_DistNamesFromNicknames (bug 339916) and in
...
CERT_GetCertNicknames (bug 339919). Coverity bugs. r=alexei.volkov
2006-06-09 01:24:39 +00:00
nelson%bolyard.com
5498c37db3
Fix leak in NSS_CMSEncoder_Start error path. Bug 339914. r=alexei.volkov
2006-06-08 22:01:02 +00:00
nelson%bolyard.com
4c913b0390
Fix leak in sec_asn1d_add_to_subitems. Bug 339913. r=alexei.volkov
2006-06-08 21:40:31 +00:00
nelson%bolyard.com
5b368c8808
Remove dead code. Coverity 506. r=nelson,wtchang. Bug 337027.
...
Patch by Jon Smirl <jonsmirl@yahoo.com>
2006-06-07 18:36:26 +00:00
nelson%bolyard.com
995213d2df
Fix bug 337104 and bug 337105. Don't crash if we run out of memory
...
in ssl2_ConstructCipherSpecs(). r=Alexei.Volkov Coverity 442 & 443.
2006-06-07 17:53:19 +00:00
julien.pierre.bugs%sun.com
172c1bdf45
Fix for bug 326637 . Unnecessary request of PKCS11 device password. r=rrelyea
2006-06-07 02:30:27 +00:00
alexei.volkov.bugs%sun.com
e70d27d7ba
[Bug 339908] 3 NULL ptr crashes when PK11_GetBestSlot returns NULL. r=nelson
2006-06-02 20:34:04 +00:00
wtchang%redhat.com
cdd64c7beb
Bugzilla bug 338599: added new function SECKEY_SignatureLen and use it
...
instead of SECKEY_PublicKeyStrength to get ECDSA signature lengths.
Removed the 'type' member from the VFYContextStr structure because that
info is in the 'key->keyType' field. Set error codes when functions
fail (return 0). r=nelsonb.
Modified Files:
cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secvfy.c
nss/nss.def ssl/ssl3con.c
2006-05-31 23:54:52 +00:00
wtchang%redhat.com
a07f869b7a
Bugzilla Bug 338552: added StartCom CA certificate to NSS. The patch is
...
contributed by Eddy Nigg, StartCom Ltd. <eddy_nigg@startcom.org>. r=wtc.
a=hecker.
Modified Files: certdata.c certdata.txt nssckbi.h
2006-05-31 17:18:54 +00:00
julien.pierre.bugs%sun.com
ba7825ee28
Fix for bug 336477 . Fix for CERT_UncacheCRL error checking. r=nelson
2006-05-31 01:57:55 +00:00
alexei.volkov.bugs%sun.com
47817668ff
[Bug 337014] OOM crash [@ PORT_ArenaAlloc - PK11_PQG_ParamGenSeedLen][@ PORT_ArenaAlloc - PK11_PQG_ParamGenSeedLen] Dereferencing possibly NULL "varena". r=nelson
2006-05-22 23:08:04 +00:00
alexei.volkov.bugs%sun.com
3aa52be061
[Bug 337495] Double free in CRMF_CertReqMsgSetSignaturePOP (security/nss/lib/crmf/crmfpop.c) [Attachment 222949]. r=nelson
2006-05-22 22:38:56 +00:00
wtchang%redhat.com
3533f0c590
Bugzilla Bug 320336: improved the comments for SECITEM_AllocItem in
...
secitem.h. Made SECITEM_AllocItem fail (return NULL) if the allocation of
the buffer fails, as documented. r=nelsonb.
Modified files: secitem.c secitem.h
2006-05-22 22:24:34 +00:00
wtchang%redhat.com
68708d13f4
Bugzilla Bug 298520: moved the RSA maximum size macros from rsa.c to
...
blapit.h. Removed an out-of-date comment from blapit.h. r=nelsonb.
Modified files: blapit.h rsa.c
2006-05-22 22:10:40 +00:00
wtchang%redhat.com
06496e21ff
Bugzilla Bug 298520: added a comment explain the meaning of the MAX_KEY_LEN
...
macro. r=nelsonb.
2006-05-22 22:08:40 +00:00
alexei.volkov.bugs%sun.com
7cd142bd9c
[Bug 337495] Double free in CRMF_CertReqMsgSetSignaturePOP (security/nss/lib/crmf/crmfpop.c). r=nelson
2006-05-22 21:46:14 +00:00
nelson%bolyard.com
43d0a92ac7
Promote the use of curve secp192r1 for client auth, since it is faster
...
than most. Bug 332350. r=rrelyea.
2006-05-19 03:59:06 +00:00
nelson%bolyard.com
505671ed77
Eliminate a crash and plug a leak in the error path for function
...
nssSMIMEProfile_Create. Coverity bug 337101. r=alexei.volkov.
2006-05-18 23:29:19 +00:00
nelson%bolyard.com
1eb10c802e
Avoid crash if "item" pointer is NULL. Coverity bug 333555.
...
r=wtchang,alexei.volkov
2006-05-18 21:20:04 +00:00
alexei.volkov.bugs%sun.com
e05b17bc20
[Bug 337008] OOM crash [@ nssList_Add - STAN_InitTokenForSlotInfo - STAN_LoadDefaultNSS3TrustDomain][@ nssList_Clone - nssList_CreateIterator - STAN_LoadDefaultNSS3TrustDomain] Dereferencing possibly NULL "(td)->tokenList". r=nelson, sr=wtc
2006-05-18 21:00:58 +00:00
alexei.volkov.bugs%sun.com
b0a8ac4918
[Bug 337010] OOM crash [@ NSC_DigestKey] Dereferencing possibly NULL "att". r=ne
...
lson,wtc
2006-05-18 20:52:50 +00:00
nelson%bolyard.com
08e023d910
Plug leak. Free cache. Coverity bug 338201. r=alexei.volkov
2006-05-18 20:46:19 +00:00
nelson%bolyard.com
5c56ef5776
Fix several Coverity bugs. Bug 336982. NULL ptr check after ptr deref'ed.
...
Bug 337080. Dead code. r=alexei.volkov
2006-05-18 20:39:19 +00:00
nelson%bolyard.com
88c4f3a0b3
Remove dead old FORTEZZA KEA code. Coverity bug 337098. r=rrelyea,wtchang
2006-05-18 20:24:23 +00:00
alexei.volkov.bugs%sun.com
538630b067
[Bug 337154] Coverity 321, dead code in mozilla/security/nss/lib/pk11wrap/pk11cert.c. (second patch) r=nelson
2006-05-18 20:21:12 +00:00
nelson%bolyard.com
a1423c99e4
Don't dereference a NULL secmodprefix argument. Coverity Bug 336981.
...
r=alexei.volkov
2006-05-18 19:44:24 +00:00
nelson%bolyard.com
780c599d61
In SEC_PKCS12DecoderGetCerts, don't dereference p12dcx until AFTER it has
...
been checked for NULL. Coverity bug 336971. r=alexei.volkov
2006-05-18 19:38:59 +00:00
nelson%bolyard.com
0a6525e406
Add 3 assertions to satisfy coverity that tmpt is never NULL in these
...
places. Bug 336995. r=akexei.volkov,wtchang
2006-05-18 19:32:44 +00:00
nelson%bolyard.com
68f51af5fe
Plug leak. Free "info" in error path. Coverity bug 336475.
...
r=wtchang,alexei.volkov
2006-05-18 04:35:32 +00:00
nelson%bolyard.com
9dc19d4fe0
Correct the amount returned by ssl_Writev for short writes on non-blocking
...
sockets. Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson
2006-05-18 01:10:21 +00:00
wtchang%redhat.com
5e3f18a4c6
Bugzilla bug 338367: check that the array index params->name is within
...
bounds before taking an element from the ecCurve_map array.
r=doublas.stebila.
2006-05-17 23:58:18 +00:00
julien.pierre.bugs%sun.com
6f65f3a2dd
Fix for bug 222300. r=nelson,wtchang
2006-05-17 22:20:08 +00:00
alexei.volkov.bugs%sun.com
e58e3e05ba
[Bug 337011] OOM crash [@ sftk_handleKeyObject][@ sftk_handleKeyParameterObject] Dereferencing possibly NULL "attribute". r=nelson
2006-05-17 20:52:16 +00:00
alexei.volkov.bugs%sun.com
5713a8afaf
[Bug 337326] Leak in nsslowcert_UpdateSubjectEmailAddr (security/nss/lib/softoken/pcertdb.c). r=nelson
2006-05-17 20:46:47 +00:00
alexei.volkov.bugs%sun.com
e1b759198c
[Bug 337009] OOM crash [@ nssList_Count - nssTrustDomain_GetCertsFromCache] Dereferencing possibly NULL "certList". r=nelson
2006-05-17 20:38:59 +00:00
alexei.volkov.bugs%sun.com
ef6e49c6b2
[Bug 337332] Leak in OpenNewDB (security/nss/lib/softoken/keydb.c). r=nelson
2006-05-17 17:56:32 +00:00
alexei.volkov.bugs%sun.com
4fe8d81c2b
[Bug 336485] coverity thinks that nssPKIObject_GetInstances could return null which would lead to a crash [@ listCertsCallback]. r=nelson
2006-05-16 23:47:43 +00:00
wtchang%redhat.com
844f45261e
Bugzilla Bug 337025: removed more unused or trivially used variables.
...
r=alexei.volkov,nelson.bolyard.
2006-05-16 01:57:04 +00:00
wtchang%redhat.com
942eb77419
Bug 305835: Remove NSS_ENABLE_ECC ifdefs in libssl. r=wtc,nelsonb
2006-05-16 01:14:43 +00:00
wtchang%redhat.com
49a4fc689f
Bugzilla Bug 298506: a first cut at Solaris auditing. The patch is
...
contributed by Glen Beasley of Sun. r=wtc.
Modified Files:
cmd/platlibs.mk lib/softoken/config.mk lib/softoken/fipstokn.c
2006-05-16 01:04:05 +00:00
julien.pierre.bugs%sun.com
42f2f41bff
Fix for bug 335036 . NSS_Shutdown() does not check that NSS is initialized. r=nelson, alexei
2006-05-16 00:10:04 +00:00
julien.pierre.bugs%sun.com
5ea61ffe76
Fix for bug 337789 . PK11_FindKeyByAnyCert doe snot work if softoken is in FIPS140-2 mode. r=wtchang, rrelyea, nelson
2006-05-15 23:51:01 +00:00
alexei.volkov.bugs%sun.com
6b1e6d3bf2
[Bug 336482] crash or hopefully deadcode [@ crmf_copy_poposigningkey]
...
because Pointer "destPopoSignKey" dereferenced before NULL check. r=nelson
2006-05-15 21:05:13 +00:00
alexei.volkov.bugs%sun.com
5940997e85
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337154] Coverity 321, dead code in mozilla/security/nss/lib/pk11wrap/pk11cert.c. r=wtchang
2006-05-15 20:58:10 +00:00
alexei.volkov.bugs%sun.com
968bb1125f
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337086] Coverity 446, dead code in mozilla/security/nss/lib/certhigh/ocsp.c. r=wtchang
2006-05-15 20:52:01 +00:00
alexei.volkov.bugs%sun.com
7b49a9fc5a
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337085] Coverity 447, dead code in mozilla/security/nss/lib/certhigh/ocsp.c
. r=wtchang
2006-05-15 20:44:46 +00:00
alexei.volkov.bugs%sun.com
02307faea5
Patch contributed by timeless@bemail.org
...
[Bug 337025] Coverity 411, dead code in mozilla/security/nss/lib/certdb/stanpcertdb.c. r=nelson
2006-05-15 20:39:38 +00:00
alexei.volkov.bugs%sun.com
b2eede4173
Patch contributed by timeless@bemail.org
...
[Bug 336992] crash [@ pk11_DoKeys] "arg" Pointer dereferenced before NULL check. r=nelson
2006-05-13 00:46:51 +00:00
alexei.volkov.bugs%sun.com
39db992bd1
Patch contributed by timeless@bemail.org
...
[Bug 336972] OOM crash [@ PK11_ImportDERPrivateKeyInfoAndReturnKey] "pki" Pointer allocated by PORT_NewArena dereferenced without NULL check. r=nelson
2006-05-13 00:41:16 +00:00
alexei.volkov.bugs%sun.com
4176224c5b
Patch contributed by timeless@bemail.org
...
[Bug 336466] oom crash [@ CERT_DecodeAuthKeyID]. r=nelson
2006-05-13 00:33:09 +00:00
alexei.volkov.bugs%sun.com
0d612a798a
Patch contributed by jonsmirl@yahoo.com
...
[Bug 336935] Coverity 172, dead code in mozilla/security/nss/lib/softoken/keydb.c. r=nelson, r=alexei.volkov.bugs
2006-05-13 00:27:22 +00:00
julien.pierre.bugs%sun.com
a172cbe397
Fix for bug 336477. Memory leak in CERT_UncacheCRL . r=nelson
2006-05-13 00:27:12 +00:00
alexei.volkov.bugs%sun.com
d76295c913
Patch contributed by jonsmirl@yahoo.com
...
[Bug 336932] Coverity 163, dead code in mozilla/security/nss/lib/ssl/ssl3con.c. r=nelson
2006-05-13 00:15:43 +00:00
alexei.volkov.bugs%sun.com
73626f65a8
Patch contributed by timeless@bemail.org
...
[Bug 336481] oom crash [@ crmf_copy_cert_req_msg]
2006-05-13 00:03:12 +00:00
nelson%bolyard.com
28a533ac47
Bug 337093. Remove dead code at label loser in function dbs_readBlob
...
Patch by Jon Smirl <jonsmirl@yahoo.com>, r=wtchang. Coverity bug
2006-05-12 23:37:58 +00:00
wtchang%redhat.com
68093029ef
Bugzilla Bug 336934: removed ununsed variable ck_id. The patch is
...
contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
2006-05-12 20:42:13 +00:00
wtchang%redhat.com
4e43ea1d0a
Bugzilla Bug 336937: removed a test that is guaranteed to be true. The
...
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
2006-05-12 20:33:47 +00:00
wtchang%redhat.com
cddae0bdc9
Bugzilla bug 336938: removed a test that is guaranteed to be false. The
...
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=wtc.
2006-05-12 16:49:07 +00:00
wtchang%redhat.com
321cb8386e
Bugzilla Bug 298506: Do not log the token name (so the declaration of
...
sftk_getDefTokName in pkcs11i.h and the previous change to sftk_SlotFromID
weren't necessary). Use Linux's audit subsystem if available. r=relyea.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
2006-05-10 21:33:11 +00:00
wtchang%redhat.com
90e7d73574
Bugzilla Bug 298522: implemented ECDSA power-up self-test. The patch was
...
written by Glen Beasley of Sun. r=wtc.
2006-05-08 18:20:28 +00:00
wtchang%redhat.com
16146af129
Bugzilla Bug 333925: added a comment to paraphrase an obscure if statement.
2006-05-05 23:54:05 +00:00
wtchang%redhat.com
580b97817e
Bugzilla Bug 333925: worked around AES test failures of code compiled by
...
Forte 6 update 2 by using the old optimization flags used in NSS 3.10.
r=relyea.
2006-05-05 23:39:29 +00:00
wtchang%redhat.com
836e0c0b9c
Bugzilla Bug 334679: removed a duplicate line in ec_GF2m_validate_point.
...
r=douglas.stebila.
2006-05-05 23:08:50 +00:00
wtchang%redhat.com
798e8d1bc1
Added/removed blank lines to eliminate the diffs between the trunk and the
...
NSS_3_11_BRANCH.
Modified files: pkcs11.c pkcs11c.c
2006-05-05 20:31:30 +00:00
wtchang%redhat.com
01891a9574
Bugzilla Bug 298506: implemented FIPS 140-2 Security Level 2 audit
...
requirements. r=glen.beasley.
Modified Files:
fipstokn.c pkcs11.c pkcs11c.c pkcs11i.h softoken.h softoknt.h
2006-05-05 20:02:47 +00:00
julien.pierre.bugs%sun.com
ba58910b9e
Fix for bug 336335 . Plug leak of a temporary bignum in modular exponentiation . r=wtchang
2006-05-05 01:22:59 +00:00
julien.pierre.bugs%sun.com
1964aace2e
Fix for bug 336335 - memory leaks in ECC code. r=wtchang
2006-05-04 01:05:04 +00:00
julien.pierre.bugs%sun.com
d15ad02799
Fix for bug 335021. Add SEC_ASN1_CONSTRUCTED to S/MIME EKP template. r=relyea
2006-04-29 00:18:42 +00:00
rrelyea%redhat.com
5f24a2a77c
Attachment #215739 : Use SSE2 multiply instructions on intel processors. for bug #326482
...
r=nelson r=wtc
2006-04-28 17:06:22 +00:00
alexei.volkov.bugs%sun.com
143f21193c
[Bug 334274] double free in CRMF_EncryptedKeyGetEncryptedValue. r=nelson
2006-04-27 22:09:28 +00:00
alexei.volkov.bugs%sun.com
f5f5d893ff
[Bug 334326] DecodeV4DBCertEntry: Variable "(entry)->nickname" tracked as NULL was passed to a function that dereferences it. r=rrelyea
2006-04-27 18:35:24 +00:00
alexei.volkov.bugs%sun.com
20919d892f
[Bug 334454] Variable "(key)->pkcs11Slot" tracked as NULL was passed to a function that dereferences it. [@ SECKEY_CopyPrivateKey - SSL_ConfigSecureServer]. r=nelson
2006-04-26 19:40:56 +00:00
alexei.volkov.bugs%sun.com
49cb46e26c
[Bug 333389] sftk_NewAttribute should not crash when so is NULL [@ sftk_NewAttribute]. r=nelson
2006-04-26 19:18:00 +00:00
alexei.volkov.bugs%sun.com
c353bf9e7b
[Bug 334522] pk12util crash in SEC_PKCS12DecoderValidateBags. r=nelson
2006-04-26 06:47:30 +00:00
nelson%bolyard.com
b9c189458d
Disable AMD64 assembly optimizations. Bug 334057. r=nelson
2006-04-25 05:51:23 +00:00
nelson%bolyard.com
f02321e973
Backout the last change, undoing the fix for bug 320336 and bug 333405.
2006-04-25 04:39:24 +00:00
alexei.volkov.bugs%sun.com
7fc553fcf8
[Bug 334277] double free in [@ sftk_FreeAttribute - sftk_DeleteAttributeType]. r=relyea
2006-04-25 02:33:58 +00:00
alexei.volkov.bugs%sun.com
97c78b7911
[Bug 334276] double free in [@ SECKEY_CopyPublicKey]. r=nelson
2006-04-25 02:23:52 +00:00
wtchang%redhat.com
085b36691e
Bugzilla Bug 320336: SECITEM_AllocItem should return a NULL pointer if the
...
allocation of its 'data' buffer fails. r=nelson. This checkin fixed bug
333405 as a byproduct.
Modified files: secitem.c secitem.h
2006-04-24 22:50:13 +00:00
nelson%bolyard.com
dbe80e7489
Remove call to printf in ecl/ecp_224.c Bug 334448. r=wtchang
2006-04-24 21:27:38 +00:00
nelson%bolyard.com
1930ea6074
Put nss.def file sections in numeric order, and alphabetical order
...
within sections.
2006-04-24 05:08:04 +00:00
nelson%bolyard.com
0c05899fa2
Bug 323350. sr=rrelyea. This patch makes 3 changes:
...
1) it adds a new ifdef which enables SSL to limit itself to the 3 Suite B
curves.
2) it corrects the creation and parsing of the Supported Curve extension to
conform with the lastest definition, by using 2 bytes to encode the list
length,
3) it changes the algorithm that picks the curve for ECDHE to choose a curve
that is at least as strong as the "weakest link", is mutually supported
by client and server, and is the fastest for its size.
2006-04-23 00:17:18 +00:00
julien.pierre.bugs%sun.com
ff004c3373
Fix for bug 335039. Declare nssCKFWCRyptoOperation_UpdateCombo. r=wtchang
2006-04-22 05:30:18 +00:00
alexei.volkov.bugs%sun.com
fc87dbb2fe
[Bug 334183] Double free on error because CERT_FindCertIssuer unexpectedly calls CERT_DestroyCertificate. r=alexei
2006-04-22 02:09:09 +00:00
alexei.volkov.bugs%sun.com
76a9749ba0
Patch contributed by timeless@bemail.org
...
[Bug 334449] oom Crash in crmf_template_copy_secalg. r=nelson
2006-04-22 01:25:57 +00:00
alexei.volkov.bugs%sun.com
d4f39e6449
Patch contributed by timeless@bemail.org
...
[Bug 334436] nsslowcert_UpdateSubjectEmailAddr doesn't consistently use emailAddrs as a guard of nemailAddrs guarding emailAddrs[0]. r=nelson
2006-04-22 01:19:41 +00:00
alexei.volkov.bugs%sun.com
aea5eb0f12
Patch contributed by timeless@bemail.org
...
[Bug 334328] nsspkcs5_PKCS12PBE: Variable "A" tracked as NULL was dereferenced. r=nelson
2006-04-22 01:13:15 +00:00
alexei.volkov.bugs%sun.com
86494ef39a
[Bug 334275] double free in [@ PK11_ListPublicKeysInSlot]. r=nelson
2006-04-22 01:08:17 +00:00
alexei.volkov.bugs%sun.com
9c061b607a
[Bug 334273] double free in SECKEY_DecodeDERSubjectPublicKeyInfo. r=nelson
2006-04-22 01:03:18 +00:00
alexei.volkov.bugs%sun.com
5f88dfbdaa
[Bug 334240] double free in nsslowkey_ConvertToPublicKey if SECITEM_CopyItem or SECITEM_CopyItem fail. r=nelson
2006-04-22 00:59:13 +00:00
alexei.volkov.bugs%sun.com
8feb62dbd0
[Bug 334236] double free in PK11_ListPrivKeysInSlot if keys allocation fails. r=nelson
2006-04-22 00:55:29 +00:00
wtchang%redhat.com
e8b0114d09
Bugzilla Bug 333932: fixed Solaris SPARC GCC build failures.
...
r=christophe.ravel
2006-04-22 00:13:29 +00:00
alexei.volkov.bugs%sun.com
5f22914b4a
[Bug 334234] PK11_NewSlotInfo returns freed objects if lock allocations fail. r=nelson
2006-04-21 23:29:37 +00:00
wtchang%redhat.com
6f1bd4dc40
Bugzilla Bug 334533: in getPQseed we always set the most significant bit of
...
SEED to 1 to make NIST CMVP's PQG parameter validation tool happy. In
PQG_ParamGenSeedLen we require the length of SEED be at least 20 bytes.
r=nelson.
2006-04-21 17:48:30 +00:00
wtchang%redhat.com
37a7e6c417
Bugzilla Bug 298522: changed RSA modulus size to 1024 bits and added known
...
answer tests for RSA SHA1, SHA256, SHA384, and SHA512 signatures. The
patch is written by Glen Beasley. r=wtc.
2006-04-21 17:13:50 +00:00
wtchang%redhat.com
d0604ba735
Bugzilla Bug 236245: Use a stack buffer for ec_params.data in
...
ssl3_SendECDHServerKeyExchange. r=nelson.
2006-04-21 16:19:48 +00:00
wtchang%redhat.com
333657e660
Bugzilla Bug 334553: fixed the comments because mp_digit is actually 64-bit
...
(unsigned long or unsigned long long). r=nelson.
2006-04-21 16:13:02 +00:00
wtchang%redhat.com
432ccc0173
Bugzilla Bug 326754: checked the change back in. We failed the NIST DSA
...
PQGGen test for some other reason (bug 334533).
2006-04-20 21:55:24 +00:00
nelson%bolyard.com
fe04651c77
Bug 80092: SSL write indicates all data sent when some is buffered.
...
SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket. On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered. r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c
2006-04-20 08:46:34 +00:00
nelson%bolyard.com
43a7c5e950
Fix buffer overflow regression. Bug 236245. sr=wtchang
2006-04-20 06:57:54 +00:00
alexei.volkov.bugs%sun.com
b67f75bc05
Patch contributed by timeless@bemail.org
...
[Bug 334459] Variable "cipherName" tracked as NULL was passed to a
function that dereferences it. [@ PORT_Strdup - SSL_SecurityStatus]. r=nelson
2006-04-20 00:20:45 +00:00
alexei.volkov.bugs%sun.com
0f639ba66a
Patch contributed by timeless@bemail.org
...
[Bug 334446] oom Crash in nssCKFWFindObjects_Create. r=nelson
2006-04-20 00:03:33 +00:00
alexei.volkov.bugs%sun.com
60674bc568
Patch contributed by timeless@bemail.org
...
[Bug 334443] oom Crash in nssCKFWSession_Create. r=nelson
2006-04-19 23:50:43 +00:00
alexei.volkov.bugs%sun.com
3a8f586a3c
Patch contributed by timeless@bemail.org
...
[Bug 334438] oom Crash in ReadDBCertEntry. r=nelson
2006-04-19 23:43:10 +00:00
alexei.volkov.bugs%sun.com
ff6fa1f51c
Patch contributed by timeless@bemail.org
...
[Bug 334442] Incorrect use of realloc oom Crash in secmod_ReadPermDB;r=nelson
2006-04-19 22:53:45 +00:00
alexei.volkov.bugs%sun.com
c501854878
Patch contributed by nelson@bolyard.com.
...
[Bug 334327] pk11_CreateNewContextInSlot: Variable "(context)->key" tracked as NULL was passed to a function that dereferences it. r=alexei
2006-04-19 22:32:30 +00:00
wtchang%redhat.com
fcca57e69e
Bugzilla bug 334553: use the ULL suffix with unsigned long long constants.
...
r=douglas.stebila.
Modified files: ecl/ecp_256.c mpi/mp_gf2m.c
2006-04-19 22:19:09 +00:00
wtchang%redhat.com
2c62bf1d13
Bugzilla bug 334683: removed extraneous semicolons. r=alexei.volkov.
...
Modified files: cmd/certutil/certutil.c lib/pki/pkistore.h
2006-04-19 19:04:23 +00:00
wtchang%redhat.com
0a3bf353d3
Bugzilla Bug 333917: the non-x86 code in at least the DES_CBCEn and
...
DES_EDE3CBCEn functions violates ANSI C's aliasing rules. So we compile
this file with strict aliasing rules turned off. r=nelsonb.
2006-04-18 17:33:56 +00:00
nelson%bolyard.com
b39425fcfa
big cleanup of error codes returned by pkcs12 library.
...
No longer returns SEC_ERROR_NO_MEMORY for every possible error code.
Bug 321584. r=neil.williams
2006-04-14 18:34:44 +00:00
nelson%bolyard.com
efdb126901
Fix broken optimized builds, caused by last checkin. Bug 236245.
2006-04-14 00:43:19 +00:00
nelson%bolyard.com
c4fb4fa280
Implement TLS Hello extensions for ECC. Bug 236245. r=rrelyea.
...
This patch has a known problem, choosing ephemeral ECDH curves
according to the wrong (suboptimal, non-FIPS) criteria.
Modified Files: ssl3con.c ssl3ecc.c sslimpl.h
2006-04-13 23:08:18 +00:00
wtchang%redhat.com
b95ecf558f
Bugzilla Bug 330114: corrected the checks for the PKCS #1 v1.5 padding
...
string and the length of the data (hash). r=nelsonb,relyea.
2006-04-13 22:12:17 +00:00
nelson%bolyard.com
c65c61b8c5
Implement new API for registering and deregistering shutdown callback functions.
...
Patch by Bob Relyea and Nelson Bolyard. r=rrelyea,nelson Bug 326482.
2006-04-08 05:11:55 +00:00
nelson%bolyard.com
424fabe58a
Bug 333090: CKM_DH_PKCS_KEY_PAIR_GEN always fails. r=nelson, sr=rrelyea
...
Patch contributed by Andreas.Sterbenz@sun.com
2006-04-08 05:05:01 +00:00
kaie%kuix.de
1c0c7bbeb8
bug 331648, signed/unsigned bug submitting CRMF cert requests
...
r=rrelyea, sr=nelson
2006-04-07 11:41:18 +00:00
nelson%bolyard.com
1f32c2cf8f
Implement generic support for TLS Hello Extensions. Bug 226271. r=vipul
2006-04-07 06:24:07 +00:00
julien.pierre.bugs%sun.com
7ceb91038f
Fix for bug 311164 . Initialize stan cert store object early to fix a race condition. r=nelson
2006-04-07 05:49:04 +00:00
nelson%bolyard.com
acfe04a6dd
Don't negotiate an ECDH_RSA cipher suite when the server's only ECDH cert
...
has an ECDSA signature. bug 332350. r=vipul.gupta.
2006-04-06 04:40:49 +00:00
glen.beasley%sun.com
482dc1a71e
David Baron fix for valgrind report of UMR r=wtchang sr=Nelson
2006-04-04 01:01:51 +00:00
nelson%bolyard.com
fecbcf26d6
Define alerts and error codes for TLS Hello extensions. Bug 226271.
...
r=julien.pierre
2006-04-04 00:32:27 +00:00
rrelyea%redhat.com
c152a5f5fa
Bug 332381 pk12util fails to import key/cert onto LunaSA HSM
...
r=nelson
2006-03-31 21:35:37 +00:00
gerv%gerv.net
41fd37565a
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-31 04:41:00 +00:00
rrelyea%redhat.com
2cef28020c
bug 309701 Softtoken C_CreateObject() should not require
...
CKA_NETSCAPE_DB attribute to be present
r=alexei
2006-03-31 00:38:48 +00:00
rrelyea%redhat.com
f6290f423b
From Bug 331279.
...
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei
2006-03-30 21:07:22 +00:00
alexei.volkov.bugs%sun.com
209577ded2
331515: selfserv Bus error on 3DES ciphersuites; r=julien, sr=nelson
2006-03-29 07:23:40 +00:00
glen.beasley%sun.com
0224b3a860
318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea
2006-03-25 23:45:23 +00:00
rrelyea%redhat.com
c8e770c69d
Bug 321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas r=vipul
2006-03-24 22:55:51 +00:00
nelson%bolyard.com
a9beb655f0
Backout changes for bug 321350
...
Implement optimized code for NIST Suite B elliptic curves
Those changes broke the build on Solaris. r=Sheriff Nelson
2006-03-24 09:08:24 +00:00
rrelyea%redhat.com
e72ce470d4
321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas.
2006-03-23 19:55:37 +00:00
rrelyea%redhat.com
e13e6cc7f7
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson r=thomas.
patch in bug + white space changes suggested by nelson.
2006-03-22 19:18:30 +00:00
rrelyea%redhat.com
2bfdfe5969
Updated previous patch with douglas's input. (still bug 323817
...
Truncation of hashes for ECDSA should be done at bit level, not octet level).
r= vipul r=douglas
2006-03-22 19:02:06 +00:00
rrelyea%redhat.com
01ef3de28a
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 19:36:53 +00:00
rrelyea%redhat.com
dd7e2a2cf6
Correct bug entry:
...
25683 EC param parsing error not propagated correctly
r=andreas.
2006-03-21 19:33:52 +00:00
rrelyea%redhat.com
6a7da6374e
Backing out previous changes that invalid or incorrect log entries for this
...
patch.
2006-03-21 19:30:10 +00:00
rrelyea%redhat.com
e182cdf8e2
*** empty log message ***
2006-03-21 19:23:30 +00:00
rrelyea%redhat.com
c385e5088d
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 02:28:48 +00:00
nelson%bolyard.com
6c95b75b6a
Avoid stack overflow while generating primes. Bug 310145. r=wtchang
2006-03-19 05:09:30 +00:00
rrelyea%redhat.com
5f90fef71c
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson
2006-03-17 21:15:09 +00:00
rrelyea%redhat.com
14c38aa668
Bug 329072 client sometimes fails to authenticate despite having cert
...
r= nelson
2006-03-17 20:44:23 +00:00
rrelyea%redhat.com
9e18a1acf3
Bug 323817 Truncation of hashes for ECDSA should be done at bit level, not octet level
...
r=vipul.gupta@sun.com
2006-03-17 16:58:06 +00:00
rrelyea%redhat.com
11b860880e
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
Use SEC_GetSignatureAlgorithmOidTag() to map to the signature oid.
r=wtc
2006-03-15 21:46:24 +00:00
rrelyea%redhat.com
2b42f9feb9
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
patch makes SHA1 the default hashing for RSA rather than MD5.
patch by wtc r=rrelyea.
2006-03-15 21:42:21 +00:00
rrelyea%redhat.com
aab12ab3a8
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:22:32 +00:00
rrelyea%redhat.com
c783f88c97
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:13:12 +00:00
nelson%bolyard.com
2996640c67
Bug 324448. Convert mpi_x86.asm to mpi_x86_asm.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-10 06:48:46 +00:00
nelson%bolyard.com
d42549b7ac
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
2006-03-09 23:50:43 +00:00
nelson%bolyard.com
41a9b174bd
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-09 23:46:45 +00:00
nelson%bolyard.com
19a46702bf
Bug 329002. fix cert reference leak. r=alexei.volkov,rrelyea
2006-03-09 23:38:57 +00:00
wtchang%redhat.com
a0ed51d33e
Bugzilla Bug 329575: ECPoint_mul should multiply a point by the group order
...
faithfully because this operation is required by the public key validation
algorithm. r=douglas.stebila,vipul.gupta.
2006-03-08 00:19:34 +00:00
wtchang%redhat.com
d679dc6d35
Bugzilla Bug 320578: added a new function ec_GenerateRandomPrivateKey to
...
generate a random private key without bias using the algorithm of FIPS
186-2 Change Notice 1, and use it to generate EC private key d and ECDSA
ephemeral private key k. The patch is contributed by Douglas Stebila
<douglas@stebila.ca> and improved by me. r=douglas.stebila,vipul.gupta.
2006-03-06 23:48:39 +00:00
wtchang%redhat.com
de8be1e067
Bugzilla bug 326482: code cleanup: ssl3_NewKeyPair should not create a key
...
pair with only one key. r=nelson.bolyard.
2006-03-03 18:48:09 +00:00
wtchang%redhat.com
aed20ed068
Bugzilla bug 326482: removed incorrect comments. r=nelson.bolyard.
2006-03-03 18:45:54 +00:00
nelson%bolyard.com
ac042bff56
Fix standalone mpi Makefile to build on OS/X. Bug 327405.
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-03 04:21:56 +00:00
nelson%bolyard.com
5e2ca73982
Bug 327677. Fix cert object reference leak. r=julien.pierre,nelson
...
Patch contributed by Alexei Volkov <alexei.volkov.bugs@sun.com>
2006-03-03 04:00:49 +00:00
wtchang%redhat.com
57a3c7aa21
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-02 22:48:55 +00:00
wtchang%redhat.com
b69eb504ce
Bugzilla Bug 320589: fixed PK11_SignatureLen to return the exact length of
...
ECDSA signatures. Backed out a temporary workaround in
ECDSA_SignDigestWithSeed. Made other changes related to signature lengths.
r=relyea,nelson.bolyard.
Modified Files:
cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secsign.c
freebl/ec.c pk11wrap/pk11obj.c pk11wrap/pk11pub.h
ssl/ssl3con.c
2006-03-02 00:07:08 +00:00
wtchang%redhat.com
8696bd362e
Bugzilla Bug 326403: use "Mozilla Foundation" as the manufacturer or
...
producer of our shared libraries/DLLs. Removed the optional copyright
notices from our DLLs. r=relyea,jpierre.
Modified Files:
lib/ckfw/builtins/constants.c lib/ckfw/builtins/nssckbi.rc
lib/ckfw/capi/nsscapi.rc lib/ckfw/dbm/instance.c
lib/freebl/freebl.rc lib/nss/nss.rc lib/smime/smime.rc
lib/softoken/pkcs11.c lib/softoken/softokn.rc lib/ssl/ssl.rc
2006-03-01 19:44:36 +00:00
rrelyea%redhat.com
f95ae18fe7
Remove mp_init/mp_clear calls (and potential mallocs,frees and zeros)
...
in tight loops for bug #326482
r=nelson
2006-03-01 17:09:17 +00:00
rrelyea%redhat.com
6a21aaef0e
bug 326482 Implement the derive sensitive only for those derivation functions that require it.
...
fixes a performance problem with ECDH.
r=wtchang, nelson.
2006-03-01 16:12:22 +00:00
nelson%bolyard.com
340adcfbfa
Bug 327405. Correct EC keypair Generation. r=vipul.gupta,nelson.bolyard
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-01 07:06:24 +00:00
nelson%bolyard.com
56fc6fa166
Bug 328262. Increment ssl3 statistics counters atomicly. r=wtchang,julien.pierre
2006-03-01 05:45:45 +00:00
wtchang%redhat.com
7986d13c5b
Bugzilla Bug 327978: removed obsolete files, superseded by the ecl
...
directory. r=douglas.stebila.
Removed files: GF2m_ecl.c GF2m_ecl.h GFp_ecl.c GFp_ecl.h
2006-02-28 23:43:19 +00:00
nelson%bolyard.com
a86941f281
Bug 326315. Warning Reduction. On TRUNK only. r=Julien.Pierre
2006-02-28 05:56:07 +00:00
nelson%bolyard.com
74a0a6eea2
Bug 325683. EC param parsing error not propagated correctly.
...
Fix the cases that Andreas identified. Patch by Andreas.Sterbenz@sun.com
r=Julien,wtchang,nelson
2006-02-28 05:44:56 +00:00
nelson%bolyard.com
4b1a1b7cb3
Bug 326690. Enable modutil to configure default slots for the
...
AES, SHA256 or SHA512 mechanisms. r=rrelyea,julien.pierre
2006-02-28 05:16:00 +00:00
nelson%bolyard.com
52395a4abb
Bug 327105. Reintroduce an old bug that prevents _DHE_ cipher suites
...
from being negotiated by NSS servers. Necessary until the server side
of the _DHE_ cipher suites is fully implemented. r=Julien,Wan-Teh,Vipul
2006-02-28 04:20:23 +00:00
wtchang%redhat.com
7a0f0203c7
Bugzilla Bug 320038: checked in a better fix that allows us to write
...
EC domain parameters as hex strings with leading 00's. r=douglas.stebila
sr=relyea.
Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
2006-02-27 23:18:34 +00:00
christophe.ravel.bugs%sun.com
178bda1252
Change NSS version to 3.12 Beta on the tip.
2006-02-22 21:22:54 +00:00
wtchang%redhat.com
8c8a6af5ea
Bugzilla Bug 326754: the previous checkin made us fail the NIST DSA PQGGen
...
test for [mod = 768] only. Backed out the more likely culprit.
2006-02-22 02:12:09 +00:00
wtchang%redhat.com
c449f54be3
Bugzilla Bug 327529: unnamed arguments (third and after) for CERT_CreateRDN
...
must have the correct CERTAVA * type because compilers can't do automatic
type conversions. r=nelsonb,jpierre.
Modified files: alg1485.c secname.c
2006-02-20 23:06:55 +00:00
wtchang%redhat.com
0c104c2ece
Bugzilla Bug 327384: fixed an off-by-one error in the size of the 'genenc'
...
array. The patch is contributed by Andreas Sterbenz
<Andreas.Sterbenz@sun.com>. r=wtc,nelsonb
2006-02-16 22:33:13 +00:00
julien.pierre.bugs%sun.com
a4db2be2c9
Fix for bug 321765. Allow NSS to decode certs with unsupported critical extensions. r=wtchang,nelson,rrelyea.
2006-02-16 00:06:24 +00:00
alexei.volkov.bugs%sun.com
e393d91fcb
[Bug 326963] Interoperability test with apache/mod_ssl: tstclnt
...
produces: assertion failure: secmod_PrivateModuleCount == 0; r=nelson, sr=julie
n
2006-02-15 22:22:32 +00:00
wtchang%redhat.com
c0887f9e1d
Bugzilla Bug 326754: fixed two minor bugs related to the h parameter in
...
PQG parameter generation. r=nelsonb,glen.beasley.
2006-02-14 03:04:57 +00:00
wtchang%redhat.com
b19b5965a5
Bugzilla Bug 326144: need to zeroize a SECItem that contains a copy of the
...
secret key. r=relyea,jpierre.
2006-02-14 02:55:09 +00:00
wtchang%redhat.com
cfe8a9f253
Bugzilla bug 326751: CKR_SIGNATURE_INVALID is a much better default error
...
code for NSC_VerifyRecover than CKR_DEVICE_ERROR is. r=relyea.
2006-02-11 02:03:25 +00:00
rrelyea%redhat.com
1f4cae4de9
Bugzilla Bug 326482 NSS ECC performance problems.
...
Patch by Nelson, r=relyea.
Save the public key when we create the keypair so we can use it later.
2006-02-10 19:39:53 +00:00
rrelyea%redhat.com
57d9010865
Bugzilla Bug 326482 NSS ECC performance problems.
...
r=nelsonb
Fix bug where ECC keys were not being copied on server startup
2006-02-10 18:54:58 +00:00
neil.williams%sun.com
fd25589676
Bug 325657, r=Nelson,Wan-Teh, Unset ECL_USE_FP INT Solaris SPARC freebl
2006-02-10 04:38:05 +00:00
rrelyea%redhat.com
2cf33676b0
Bug 320187 NSC_WrapKey called with null output returns short length
...
r=nelsonb
2006-02-09 19:54:22 +00:00
rrelyea%redhat.com
2c3bfd1312
Bug 320583 Support for SHA256/384/512 with ECC signing
2006-02-08 06:14:31 +00:00
julien.pierre.bugs%sun.com
af4804d7ef
Fix for bug 326144 . softoken leaks in nsc_pbe_key_gen. r=nelson, rrelyea
2006-02-07 00:43:31 +00:00
kaie%kuix.de
58262b951b
Fix build bustage, change // comment to /* */
2006-02-03 20:22:52 +00:00
kaie%kuix.de
3aa755acfa
bug 152426, delegation of HTTP download for OCSP
...
r=julien.pierre, r=rrelyea
2006-02-03 18:14:49 +00:00
wtchang%redhat.com
b8088299c2
Allow CKM_ECDSA_SHA1 to be multipart. Bug 325494.
...
Patch contributed by Andreas Sterbenz <Andreas.Sterbenz@sun.com>
r=nelsonb,relyea,wtc.
2006-02-02 07:21:56 +00:00
alexei.volkov.bugs%sun.com
22c94ce3da
325305: minor memory leak in CERT_FindCertByNameString. r=wtc
2006-02-02 00:57:54 +00:00
wtchang%redhat.com
c20388e588
Bugzilla Bug 318966: added two RNG functions FIPS186Change_GenerateX and
...
FIPS186Change_ReduceModQForDSA to blapi.h for the NIST RNG Validation
System. r=relyea,nelsonb.
Modified files: blapi.h ldvector.c loader.c loader.h prng_fips1861.c
2006-02-01 21:18:44 +00:00
rrelyea%redhat.com
3ebd845ca9
Bug 319619 "large" ECC private keys cannot be exported through PKCS #11
...
1) Change the export encrypted private key function to ask the token the wrap
size rather than trying to figure it out ourselves.
2) Fix the soften to correctly return the size.
r=wtc, nelsonb
2006-02-01 16:43:47 +00:00
glen.beasley%sun.com
b4358c2729
318970 RSA FIPS Alg Tests r=wan-teh, sr=bRelyea
2006-01-30 19:58:52 +00:00
nelsonb%netscape.com
ddca75b829
Set SSL2 and SSL3 timeout times properly for SSL server session cache.
...
Bug 223242. r=jullien.pierre
2006-01-28 02:21:31 +00:00
wtchang%redhat.com
d2bce3f900
Bugzilla Bug 320589: temporary workaround for SEC_SignData ECDSA signature
...
generation bug introduced by the previous checkin.
2006-01-26 23:51:42 +00:00
wtchang%redhat.com
55e2995224
Removed an extraneous semicolon after the last parameter in a function
...
declaration.
2006-01-26 23:21:39 +00:00
nelsonb%netscape.com
6f9d05f035
Remove unnecessary ISALIST test from sparc versions of freebl DSOs.
...
Bug 302658. r=jullien.pierre,wtchang
2006-01-22 08:43:57 +00:00
nelsonb%netscape.com
944db2b329
Don't use variables as structure initializers. Bug 274512. Fix build
...
on HPUX. r=julien.pierre,wtchang
2006-01-22 06:42:14 +00:00
nelsonb%netscape.com
06c2abf1fa
Detect certdb reference leaks at shutdown with assertions. Bug 324103.
...
r=rrelyea.
2006-01-22 06:36:36 +00:00
wtchang%redhat.com
d6b2459e61
Bugzilla Bug 323977: use the "mapfile" (ld version script) on FreeBSD.
...
Build the freebl shared libraries with the -Bsymbolic flag for GNU ld.
r=nelsonb. Thanks to Glenn Randers-Pehrson <glennrp@imagemagick.org> for
reporting this bug and verifying these changes.
Modified files: coreconf/FreeBSD.mk nss/lib/freebl/Makefile
2006-01-21 02:33:33 +00:00
nelsonb%netscape.com
9633334de2
Plug a cert DB reference leak in softoken, related to trust objects.
...
Bug 324103, r=rrelyea
2006-01-21 02:23:42 +00:00
wtchang%redhat.com
f116200e1d
Bugzilla Bug 320589: miscellaneous code cleanup: distinguish between the
...
length of the field size and the length of the base point order. Report
better error codes. In ECDSA_VerifyDigest, removed unnecessary local
variables and be lenient in the signature lengths we accept.
r=relyea,nelsonb
2006-01-21 02:14:46 +00:00
nelsonb%netscape.com
6f9e66cf05
Detect NULL server key pair pointer. Bug 321161. r=wtchang.
2006-01-20 17:40:21 +00:00
rrelyea%redhat.com
26731456ca
Bugzilla Bug 95323. Conditionally compile nsscapi.
...
r=julien
2006-01-19 19:55:28 +00:00
nelsonb%netscape.com
a3089c6a9d
Prevent crash when making new cert8.db from old cert5.db.
...
This is not the final solution, but it works.
Bug 320029. r=rrelyea,sr=julien.pierre. On TRUNK.
2006-01-19 02:16:30 +00:00
nelsonb%netscape.com
f32a4d3f27
Add new function nsslowcert_DecodeAnyDBEntry. Correct the union
...
certDBEntry by adding the missing members. Bug 323570. r=rrelyea.
2006-01-19 02:09:37 +00:00
nelsonb%netscape.com
446a084b09
Softoken will no longer generate excessive key material for some SSL3
...
cipher suites. Bug 274512. r=rrelyea.
2006-01-19 01:12:53 +00:00
wtchang%redhat.com
d27a2d48d9
Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and
...
PR_EmulateSendFile added in NSPR 4.1. r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c
2006-01-18 23:06:57 +00:00
rrelyea%redhat.com
f822c8f7d0
NSS ECDSA can only sign SHA-1 bug 320583
...
r=nelson patch ammended to change SHA-1 to HASH per wtc comment.
2006-01-17 00:38:59 +00:00
wtchang%redhat.com
143f08953f
Bugzilla Bug 320497: indicate that we don't need an executable stack.
...
r=wolfgang.rosenauer,jpierre.
Modified files: arcfour-amd64-gas.s mpi/mpi_amd64_gas.s
2006-01-13 17:33:10 +00:00
wtchang%redhat.com
cdf90d5eb6
Bugzilla Bug 323079: when libsoftoken and libssl load the freebl library,
...
first try without resolving symlinks. If we fail to load the library and
the pathname is a symbolic link, resolve the symbolic link and try again.
r=jpierre. sr=relyea.
2006-01-12 23:46:31 +00:00
wtchang%redhat.com
3b577f224d
Bugzilla Bug 317052: removed the obsolete file lib/base/whatnspr.c from
...
CVS. r=relyea.
Modified Files:
base.h error.c manifest.mn
Removed Files:
whatnspr.c
2005-12-19 17:53:28 +00:00
wtchang%redhat.com
165d7b9185
Bugzilla Bug 272484: code cleanup. keythi.h: remove the unused type
...
definition of SEC_PKCS5KeyAndPassword. p12d.c: We only need to set
p12dcx->currentASafeP7Dcx to NULL if it isn't NULL. r=relyea.
Modified Files: cryptohi/keythi.h pkcs12/p12d.c
2005-12-19 17:46:30 +00:00
rrelyea%redhat.com
4961f4ed28
Mac fixes to ckfw.
2005-12-16 01:57:41 +00:00
rrelyea%redhat.com
ec7b991d91
Add support for the cryptoki crypto functions. This support is necessary for
...
capi and mackey. r=kaie
2005-12-16 00:48:02 +00:00
wtchang%redhat.com
cfdbc102fe
Bugzilla Bug 320047: mp_to_unsigned/signed/fixlen_octets copies nothing to
...
the buffer if the mp_int is zero. r=nelsonb.
2005-12-14 02:18:35 +00:00
wtchang%redhat.com
fff23fc797
Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12
...
plus upcoming revisions. The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
tests/ssl/ssl.sh
2005-12-14 01:49:40 +00:00
wtchang%redhat.com
d1a203a963
Bugzilla Bug 320038: ecl/ecl-curve.h: removed unnecessary leading zero byte
...
in the base point orders of curves K-233 and K-409. ec.c: pad the private
key with leading zeros to the length of the base point order.
r=douglas.steblia.
2005-12-13 22:31:34 +00:00
relyea%netscape.com
4092a7d72e
Initialize mpi data using mpi macros, not static data bug 319252
...
r=douglas
2005-12-08 23:22:26 +00:00
relyea%netscape.com
77cb1d9d48
Bug 316925
...
Key export does not work on tokens with non-sensitive keys that can't wrap.
r=kaie
2005-11-24 00:40:14 +00:00
relyea%netscape.com
38154c250e
Bug 129303
...
NSS needs to expose interfaces to deal with multiple token sources of certs.
r=kaie
2005-11-23 23:56:38 +00:00
relyea%netscape.com
4b7f9f6804
Bug 129303 NSS needs to expose interfaces to deal with multiple token sources of certs
...
r=kaie
2005-11-23 23:54:15 +00:00
relyea%netscape.com
cdcebb8e7e
PKCS #11 module to supply Access to the Mac OS X Keychain.
2005-11-23 23:04:08 +00:00
nelsonb%netscape.com
b64584ad16
Fix bug in MP_ALIGN macro that always truncated pointers to 32-bits,
...
even on 64-bin platforms. Bug 298630. r=rrelyea.
2005-11-23 01:12:34 +00:00
relyea%netscape.com
2537abf9f5
Weave patch: bug 298630 r=nelson
2005-11-22 07:16:43 +00:00
nelsonb%netscape.com
ac287b2f5a
Begin building mpcpucache.c. On Sun Studio platforms, build from two
...
new .s files. Bug 298630. r=rrelyea.
2005-11-22 07:13:32 +00:00
christophe.ravel.bugs%sun.com
0750e1e7ef
Turn NSS_BETA off for NSS 3.11 RC2.
...
r+ Julien Pierre.
2005-11-22 01:58:35 +00:00
christophe.ravel.bugs%sun.com
dc5fae9e7c
Back to BETA flag on the trunk.
...
r+ Julien Pierre
2005-11-21 18:46:12 +00:00
christophe.ravel.bugs%sun.com
46f08a0c89
Turn NSS_BETA to FALSE for NSS 3.11 RC.
...
r+: Julien Pierre.
2005-11-21 04:08:44 +00:00
nelsonb%netscape.com
94fdf98965
Initialize slot pointer in ssl3_HandleServerHello. Bug 311590. r=wtchang
2005-11-18 01:25:20 +00:00
nelsonb%netscape.com
719073fb14
Restore binary compatilibity for old Fortezza cipher suites.
...
Bug 316640. r-glen.beasley
2005-11-18 01:21:22 +00:00
relyea%netscape.com
a8e0c27896
Handle nicknames on certificates.
...
Fix bug where we weren't allocating enough space for wchar (wide, utf16, etc).
strings in ckcapi_UTF8ToWide().
2005-11-16 01:17:25 +00:00
julien.pierre.bugs%sun.com
77223c1981
fix for bug 316446 . -z defs option was included twice in linker line . r=nelson
2005-11-15 19:01:18 +00:00
relyea%netscape.com
af1573d374
Add r/w support. The Capi token can now:
...
Import certs and keys.
Delete certs and keys.
2005-11-15 00:13:58 +00:00
julien.pierre.bugs%sun.com
f82a46ec10
Fix for bug 316219. Don't build an import library on OS/2. r=wtchang
2005-11-14 00:13:41 +00:00
julien.pierre.bugs%sun.com
4f35393d59
Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson
2005-11-12 00:14:25 +00:00
julien.pierre.bugs%sun.com
c5d6929c9f
Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson
2005-11-11 23:36:33 +00:00
julien.pierre.bugs%sun.com
f0de63d8ed
Fix for 292156. Prevent crash in SSL session cache init if invalid arguments are passed. r=nelson
2005-11-11 02:45:59 +00:00
julien.pierre.bugs%sun.com
7e9a679a65
Resolve symlinks when loader freebl shared libs, and limit iterations to 20. r=wtchang
2005-11-10 02:18:22 +00:00
wtchang%redhat.com
560f560f03
Bugzilla Bug 311432: renamed USE_FP_CODE as ECL_USE_FP. Do not set
...
ECL_USE_FP to 1 on Linux x86 to work around the bug. Moved a dependency
rule to the appropriate section of the makefile. r=nelsonb.
2005-11-08 22:03:17 +00:00
wtchang%redhat.com
4c003bfe53
Improved a comment. Suggested by Nelson Bolyard of Sun. r=wtc.
2005-11-08 22:00:46 +00:00
wtchang%redhat.com
ff785bd766
Bugzilla Bug 298522: added power-up self tests for HMAC SHA-384 and HMAC
...
SHA-512. The patch was written by Glen Beasley of Sun. r=wtc.
2005-11-07 19:05:45 +00:00
wtchang%redhat.com
4029572119
Bugzilla bug 313196: include the minimal headers.
2005-11-07 19:00:58 +00:00