mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
116 181 коммит 615 Ветки 98 Теги 6 GiB
Граф коммитов

4158 Коммитов

Автор SHA1 Сообщение Дата
wtc%netscape.com b5e025dea3 Bug 183612: renamed some new functions to be consistent with existing 
function names containing SubjectKey and PublicKey.  Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
 2002-12-19 00:26:34 +00:00
relyea%netscape.com 04963b62bb Bug 186058 2002-12-18 23:55:53 +00:00
nicolson%netscape.com a7f090b8a6 Partial fix for 184754: assertion violation in get_token_certs_for_cache. 
Don't assert if we fail to lookup the cert we just imported. It could
be a bug in the PKCS #11 driver. Instead, throw an exception.
 2002-12-18 23:14:48 +00:00
kaie%netscape.com 5245de3429 Temporary fix for bug 182803. 
While this masks the reported crashes, this is nothing more than a workaround patch.
As long as this patch is in place, any attempt to do profile switching at run time will fail.
We need real fixes for bug 181230 and 177260.
r=javi sr=darin
 2002-12-18 12:50:35 +00:00
wtc%netscape.com ee51cff828 Bug 183612: fixed the bug that 'extra' may be used uninitialized. r=javi. 2002-12-18 02:06:01 +00:00
wtc%netscape.com 8c5bcf00c1 Set NSS version to 3.8 Beta on the trunk. 2002-12-17 23:04:46 +00:00
wtc%netscape.com a67a4928f3 Export CERT_DestroyOCSPResponse in 3.7. Moved HASH_GetHashObjectByOidTag, 
HASH_GetHashTypeByOidTag, and SECITEM_ItemsAreEqual from 3.7 to 3.8.
 2002-12-17 23:02:53 +00:00
relyea%netscape.com 2602912c3d Make sure the session is protected over PKCS #11 calls. 2002-12-17 18:22:38 +00:00
wtc%netscape.com 1c4cebd09f Need to test for null pointers before destroying the lock and condition 
variable.  If NSS initialization fails, this lock and condition variable
may not get created.
 2002-12-17 02:47:46 +00:00
wtc%netscape.com 5a045514c6 I made a mistake in the previous checkin. certdb.h doesn't need to be 
included because the new function CERT_FindCertBySubjKeyID is declared in
cert.h.
 2002-12-17 02:08:51 +00:00
wtc%netscape.com 12860a5501 Bug 183612: added support for looking up a cert by subject key ID and 
creating a CMS recipient info from a subject key ID.  The patch was
contributed by Javi Delgadillo <javi@netscape.com>. r=relyea, wtc.
Modified Files:
	certdb/cert.h certdb/certdb.c certdb/certdb.h certdb/certv3.c
	certdb/stanpcertdb.c nss/nss.def nss/nssinit.c
	pk11wrap/pk11cert.c pk11wrap/pk11func.h pk11wrap/secmod.h
	pki/pki3hack.c smime/cms.h smime/cmslocal.h smime/cmspubkey.c
	smime/cmsrecinfo.c smime/cmssiginfo.c smime/cmst.h
	smime/smime.def
 2002-12-17 01:39:46 +00:00
dougt%netscape.com 8d74b970e3 Allow caller to obtain cert. r=mstoltz, javi. sr=dveditz, b=179016 2002-12-13 22:26:43 +00:00
kaie%netscape.com 3880b9cdab b=182258 Give separate signature validity and sender address mismatch feedback 
r=javi sr=bienvenu
 2002-12-13 20:47:32 +00:00
relyea%netscape.com 3e6d515d45 Increment the tmpbuf pointer to the correct index point 2002-12-13 19:02:13 +00:00
nicolson%netscape.com f5c66b92aa Fix 180827: Update version strings for JSS 3.3. 2002-12-13 06:12:30 +00:00
wtc%netscape.com d212358f78 Bug 185074: open the files we just did a "chmod -w" on once to work around 
a Mac OS X NFS bug. Subsequent opens will see the file is readonly with no
delay.
 2002-12-13 02:06:34 +00:00
nelsonb%netscape.com 49ca4445ae Clean up command line options parsing and Usage message. 2002-12-13 01:25:45 +00:00
relyea%netscape.com 88da4209b7 Use correct sense of the timeout value. 2002-12-13 00:25:21 +00:00
nelsonb%netscape.com a4ffefd8be Support SHA256, SHA384, and SHA512 hashes in NSS. 2002-12-12 06:05:45 +00:00
relyea%netscape.com 15ce24e7da Don't break solaris or linux (add the ';') 2002-12-11 17:56:49 +00:00
relyea%netscape.com 986ee61360 Export new command to pull for token change events. 2002-12-11 17:53:20 +00:00
relyea%netscape.com 79fda8d95f Program to test smartcard removal and insertion detection. 2002-12-11 17:44:53 +00:00
relyea%netscape.com b3956b6cb3 Add token removal blocking function. 2002-12-11 17:43:24 +00:00
thayes%netscape.com 8d4be901b5 Bug 184557: Allow usage specified on command line (-u) to be used to validate 
certificates used for signing (-S option).  Also add special handling for
nickname "NONE" in the -Y option.  This specifies that no certificate and
encryption key preference should be included in the signature object.
 2002-12-11 01:44:37 +00:00
wtc%netscape.com 79592c0eb3 Bug 180294: moved the OpenVMS build from the POSIX subsystem to native 
VMS (GNV).  The patch is contributed by Colin Blakes <colin@theblakes.com>.
Modified files: OpenVMS.mk config.mk rules.mk nsinstall/nsinstall.c
 2002-12-10 20:27:45 +00:00
relyea%netscape.com abf1a9ae02 Sigh, this is what was breaking the Linux builds... incorrect initializer. 2002-12-10 18:09:16 +00:00
relyea%netscape.com 5a83c35578 Make SubjectAltEncode a public function. Fixes build breakage in Linux 2002-12-10 17:41:16 +00:00
relyea%netscape.com 1e02f10049 Add test cases for multiple email addresses in a single certificate. 2002-12-10 17:19:00 +00:00
relyea%netscape.com 7ba80c7f5c Add code to create multiple email addresses in a single cert. 2002-12-10 17:18:06 +00:00
relyea%netscape.com fa12d2382e Export the AltSubjectEncode function so our test programs can build certs 
with multiple email addresses.
 2002-12-10 17:15:15 +00:00
relyea%netscape.com 962c8ddfb3 Create profiles for all the email addresses in a certificate. 2002-12-10 17:14:17 +00:00
relyea%netscape.com 603a1de75c Fix padding value. 2002-12-06 19:11:57 +00:00
nelsonb%netscape.com aad3764409 Expunge dead code. 2002-12-05 22:16:22 +00:00
nelsonb%netscape.com 62b8516bb9 Don't compile the .c files in lib/pki1 on the trunk. These files are used 
only in Stan.
 2002-12-05 22:15:36 +00:00
wtc%netscape.com 5fa50f792d Bug 39494: added a check to prevent buffer overflow. r=mcgreer,nelsonb. 2002-12-04 23:41:49 +00:00
wtc%netscape.com 89bb676522 Fixed the build breakage of const unsigned char[] and unsigned char * 
mismatch on the Mac (compiler warnings on other platforms) by adding
(unsigned char *) typecasts.  r=relyea.  (Bug 183350)
 2002-12-04 00:28:56 +00:00
kaie%netscape.com 2fda7d4793 b=182158 JavaScript error when pressing Ok in "Cert already exists" dialog - setWindowName is not defined 
r=kaie sr=alecf
 2002-12-03 15:27:27 +00:00
wtc%netscape.com f64d594319 Bug 181913: disable the makefile rule for .s for OS/2 so that .asm files 
are used when there are same-named .s files in the same directory.  The
patch is contributed by Javier Pedemonte <pedemont@us.ibm.com>.
 2002-12-02 22:57:21 +00:00
kaie%netscape.com da1410e6e1 b=115294 Support S/Mime signing only configuration / relax certificate configuration requirements 
r=javi sr=sspitzer
 2002-11-28 18:31:03 +00:00
wtc%netscape.com 0def6ffdbe Bug 181878: fixed two more bugs in the new code to support multiple email 
addresses per certificate.  r=nelsonb.
 2002-11-27 01:28:03 +00:00
wtc%netscape.com b78a21a145 Bug 182086: on Mac OS X, ranlib needs to be rerun after static libraries 
are moved.
 2002-11-26 23:05:56 +00:00
relyea%netscape.com c40360b6a9 More review changes, 
Fix incorrect return in pcertdb.c
 2002-11-26 22:14:56 +00:00
relyea%netscape.com 25a292272c Incorporate some of Nelson's review changes. 
Collapse all the profile data into an array for easier processing when printing out.
 2002-11-26 21:03:18 +00:00
relyea%netscape.com 7ee6bebcae Move mac build changes from 3.6 branch back to the trunk 2002-11-26 21:00:31 +00:00
wtc%netscape.com fd00621e5c Bug 180228: moved CERT_CRLCacheRefreshIssuer from the NSS_3.6.1 section to 
the NSS_3.7 section.
 2002-11-26 19:21:55 +00:00
relyea%netscape.com c296a3a69f Incorporate Terry's and Nelson's reviews. 2002-11-26 18:27:25 +00:00
nelsonb%netscape.com 4bdff07d6f Back out my last change. 2002-11-26 07:07:20 +00:00
nelsonb%netscape.com c4ae2fc1f4 Eliminate bug due to uninitialized variable index. Eliminate leak. 
Remove lots of warnings about signed/unsigned and assigning int to uchar.
 2002-11-26 05:58:51 +00:00
relyea%netscape.com 58543311f7 Bug 181878 allow multiple email addresses to point to a single subject record. 2002-11-26 00:13:54 +00:00
nelsonb%netscape.com b415060cf8 Put the nss 3.7 section after the nss 3.6.1 section. 2002-11-21 23:22:52 +00:00
ian.mcgreer%sun.com 72edde5172 bug 172247, don't allow import of duplicate issuer/serial certs 2002-11-21 20:43:15 +00:00
nelsonb%netscape.com e2809aa4e8 Add tests for sha256, sha384, and sha512. 2002-11-21 05:44:41 +00:00
nelsonb%netscape.com 6b8d4e688b Add test modes for sha256, sha384 and sha512. 
Fix the -c (restart) option for testing hashes.  It works with all hashes.
When the -d option is given along with the -i or -o filename option,
and the filename is not absolute, the filename is taken to be relative to
the the mode's test directory.
 2002-11-21 05:44:03 +00:00
nelsonb%netscape.com 924b265d37 Use the 32-bit code on Solaris x86 platforms, too. 2002-11-21 02:54:04 +00:00
nelsonb%netscape.com f8fead2f58 Add test cases from FIPS 180-2. 2002-11-21 02:26:50 +00:00
nelsonb%netscape.com c9be494de9 Back out revision 1.2, which was a workaround for a c preprocessor bug 
in a certain version of the c compiler for Dec/Compaq Alpha OSF1.
The file now requires one of these compilers on that platform:
Compaq C V6.3-132  or Compaq C V6.4-214 (dtk)
 2002-11-20 05:25:58 +00:00
nelsonb%netscape.com 6986b980f7 Optimization: change macros to do only 32-bit arithmetic on platforms 
with only 32-bit registers.
 2002-11-20 00:48:09 +00:00
jpierre%netscape.com e965a244ec Fix for bug 180894 - don't assert in ShutdownCRLCache() 2002-11-19 21:37:50 +00:00
nicolson%netscape.com 844a47f512 Fix 180396: javax.crypto.Cipher wrapping does not work with RSA algorithm. 
Support RSA as a wrapping/unwrapping algorithm.
 2002-11-19 00:41:09 +00:00
nicolson%netscape.com 80f7fdb602 Throw InvalidKeyException instead of InvalidAlgorithmParameterException, 
because the latter may get thrown away by our caller, but the former will
not be.
 2002-11-19 00:39:43 +00:00
nicolson%netscape.com 929e00e5b5 Change silly switch statement to an if statement. 2002-11-19 00:31:10 +00:00
nicolson%netscape.com 5f21037ae6 Make NotExtractableException take a String argument to its constructor. 2002-11-19 00:30:43 +00:00
kirk.erickson%sun.com b32a73f6fe Made 'solarispkg' copy pkg/solars to pkg/$(OBJDIR), and go there to 
build packages.  This addresses the problems Sonja reported which
resulted from building in the same tree nfs'd from multiple platforms
simultaneously.  Also removed -$(MACH) and ROOT-$OBJDIR changes that
failed to address this problem.
 2002-11-17 17:26:51 +00:00
timeless%mozdev.org 384066e98e Bug 58221 don't use strlen to check if a string is of length 0 
patch by aaronl@vitelus.com r=timeless sr=bz
 2002-11-17 05:16:49 +00:00
cbiesinger%web.de 74eba6fb3e patch by abecevello@sympatico.ca r=rangansen,me sr=roc+moz 
fix some spelling errors
 2002-11-16 20:44:32 +00:00
nelsonb%netscape.com 0391c3a0ab Change all functions that create contexts for encryption to treat their 
input buffers as const.  Warning reduction.
 2002-11-16 06:09:58 +00:00
jpierre%netscape.com 071bcc8ef0 Fix again? 2002-11-16 05:05:17 +00:00
jpierre%netscape.com 2854b0f273 Fix build again ! 2002-11-16 04:27:39 +00:00
nelsonb%netscape.com c69f246d7a Recognize new SHAxxx OIDs. 2002-11-16 03:34:53 +00:00
jpierre%netscape.com a46a21ce98 Fix build 2002-11-16 03:32:40 +00:00
nelsonb%netscape.com d2a0920045 Correct softoken routines to work with new larger SHAxxx hashes. 2002-11-16 03:32:39 +00:00
nelsonb%netscape.com 5556b4b77f Correct HMAC code to work with new larger SHAxxx hashes. 2002-11-16 03:30:37 +00:00
nelsonb%netscape.com dd4c5651b8 Add new SHAxxx hash algorithms to tables of SECHashObjects. 2002-11-16 03:29:32 +00:00
nelsonb%netscape.com 0575c4bc91 Declare new vendor-defined mechanisms for SHA256, SHA384 and SHA512. 2002-11-16 03:25:01 +00:00
nelsonb%netscape.com eeb4bc7c50 Now that we have hashes larger than SHA1, 
#define HASH_LENGTH_MAX         SHA512_LENGTH
 2002-11-16 03:21:53 +00:00
nelsonb%netscape.com 6b4fae5a4a Don't reject a cert request with an empty list of CA cert names. 
Don't crash with an empty CA name list.
 2002-11-16 03:19:48 +00:00
nelsonb%netscape.com 9ee53c1fde Add "const" modifier to all fixed arrays used for keys or known text. 2002-11-16 01:00:44 +00:00
nelsonb%netscape.com 2d2f10ff75 Fix crash when formatting a cert with optional version not given. 2002-11-15 06:32:51 +00:00
jpierre%netscape.com d654882327 Patch for 180228 - export CRL cache flush API . r=wtc 2002-11-15 05:04:05 +00:00
nelsonb%netscape.com 4f733e25ac Make selfserv build for Darwin. 2002-11-14 23:33:24 +00:00
ian.mcgreer%sun.com 476282ab25 bug 39494, handle non-standard AVAs properly 
r=nelsonb
 2002-11-14 17:04:43 +00:00
kaie%netscape.com a16a952116 b=168450 Cleanup some PSM code and add JavaDoc documentation to all freeze candidates 
r=javi sr=alecf
 2002-11-14 00:50:02 +00:00
relyea%netscape.com de6635b1b4 Adjust the time values so we have correct and consistant displays. 2002-11-11 22:01:57 +00:00
relyea%netscape.com c89a0a7444 Multi-access database race condition patches. These changes are already checked 
into NSS 3.6.1.
 2002-11-11 22:00:03 +00:00
kirk.erickson%sun.com 7b5d682d55 Made awk_pkginfo-$(MACH) machine dependent for Sonja's release build. 2002-11-11 20:44:55 +00:00
relyea%netscape.com 37feda0de1 Remove long dead code from util. triggered by bug 179038 2002-11-11 18:17:24 +00:00
jpierre%netscape.com cc471dc4ee Assert if the QuickDER decoder does not consume all the input 2002-11-09 01:56:01 +00:00
relyea%netscape.com df7578f751 Bug 176667: kaie authored the patch, ian/relyea reviewed it. 2002-11-08 19:10:54 +00:00
nicolson%netscape.com 62297d34ca default doesProduceOutput to true for compatibility. 2002-11-08 02:24:20 +00:00
nicolson%netscape.com ac141012ed Add isExtensionPresent and getExtension. 2002-11-08 00:40:26 +00:00
glen.beasley%sun.com d39fba9d10 removes sun provider and set passwords 2002-11-07 22:49:26 +00:00
glen.beasley%sun.com da13ded012 move removeSunProvider after JSS JCE provider is loaded 2002-11-07 03:33:04 +00:00
jpierre%netscape.com 3fe1f54335 Fix for 177798 . Improve handling of initialization / shutdown of the CRL cache using a static status variable 2002-11-07 00:02:31 +00:00
ian.mcgreer%sun.com 9ec0046baa bug 177366, clean up refcounting 
r=relyea
 2002-11-06 18:53:55 +00:00
nicolson%netscape.com c6fdcc6563 Add license header to new file. 2002-11-06 03:24:39 +00:00
nicolson%netscape.com ecfe6a3ccd Add TestSDR, to test the new SecretDecoderRing. 
In all.pl, always set the CLASSPATH to be the signed JSS JAR file, so
that we can use the JCE (javax.crypto.*) interface.
 2002-11-06 03:22:10 +00:00
nicolson%netscape.com 7ddd008d89 Correctly detect a missing key. 2002-11-06 03:20:53 +00:00
nicolson%netscape.com 10b3205212 Improve InvalidBERException. 
Add feature of SEQUENCE.OF_Template whereby elements need not produce
any output. This is for dealing with very large SEQUENCEs, such as
large CRLs, where the list should be processed in some way, but not made
into an ASN1 object hierarchy.
 2002-11-06 02:00:55 +00:00
kaie%netscape.com 4e9b0249fd b=166655 ERROR -12227 / Extend the list of TLS intolerance error codes 
r=javi sr=jag a=blizzard
 2002-11-05 14:49:52 +00:00
nelsonb%netscape.com e1484b41c3 Workaround a c preprocessor bug on a certain 64-bit platform. Bug 178314. 2002-11-05 01:52:49 +00:00
nelsonb%netscape.com 6710514e32 Fix missing strings that cause crash in SSL_SecurityStatus(). Bug 178342. 2002-11-05 00:25:20 +00:00
relyea%netscape.com 789fae9e28 !@#!$@! signtool thinks it knows how to verify if the certdb's are there and 
OK or not. Of course it doesn't.

bob
 2002-11-04 20:37:08 +00:00
relyea%netscape.com 9452f46ac8 db8 code part 1: 
1) Create new dbs with 32 k buffers.
   2) New dbs never store a single entry greater than 30 k (those are stored
using the blob code).
   3) NSS can run with either new or old dbs read only.
   4) If possible a new db is upgraded from and old db.
 2002-11-04 19:31:59 +00:00
nelsonb%netscape.com c2ff4f68a2 Add some processor and compiler dependent optimizations to SHA1. 2002-11-02 01:53:01 +00:00
nelsonb%netscape.com 2ff4c01664 Add SHA256 SHA512 and SHA384 hashes to freebl. 2002-11-02 01:51:44 +00:00
jpierre%netscape.com edd979ec33 Fix for bug 177798 - NULL pointers in ShutdownCRLCache to allow shutdown/restart 
of NSS.
 2002-11-02 00:07:48 +00:00
nelsonb%netscape.com 95badac2f4 Fix several problems related to error messages, including an attempt to 
print a null string pointer.
 2002-11-01 21:04:33 +00:00
nelsonb%netscape.com cea8a96338 Reformat text. Fix syntax error in first examples. 2002-11-01 21:03:24 +00:00
jpierre%netscape.com 9c6ca52dde Remove call to PL_ArenaFinish . This effectively shut down NSPR arenas and created problems when restarting NSS . r=relyea 2002-10-31 22:02:10 +00:00
jpierre%netscape.com f3907a7439 Fix for 177208 - unmark arena when DER decoding is successful 2002-10-31 01:54:13 +00:00
jpierre%netscape.com 8083074fbc Fix for bug 175115 . Remove incorrect check for CA cert expiration. Also fix CRL signature verification and clean up internal functions . r=mcgreer,relyea,nelsonb,wtc 2002-10-30 23:31:38 +00:00
relyea%netscape.com 5d8b5a40ce Fix build breakage. Some platforms do not like to assign unsigned char * to 
char * without a cast.
 2002-10-30 19:01:21 +00:00
relyea%netscape.com 4db4a5989a The Serial number needs to be the DEREncoded serial number, not the decoded 
Serial number.
 2002-10-30 17:22:06 +00:00
relyea%netscape.com c301258ee1 Check in new certdata file generated from certdata.txt 2002-10-30 17:20:59 +00:00
relyea%netscape.com 014936248b Allow the builtin's to accept old style serial numbers as well the the correct 
PKCS #11 serial numbers.
 2002-10-30 17:18:14 +00:00
relyea%netscape.com a8cddf9408 Make the Serial Numbers DER Wrapped rather than raw serial numbers. 
This is required by PKCS #11 and was causing some bugs in NSS 3.6.
 2002-10-30 17:09:28 +00:00
wtc%netscape.com 4759c969ee Bug 174143: Removed the obsolete platform.mk file. Do not allow overriding 
of PLATFORM by the environment because PLATFORM is a common environment
variable.
 2002-10-30 15:50:59 +00:00
kairo%kairo.at 150568bb2e Bug 175853, Update localeVersion strings for 1.2 final - and do it correctly, r=jbetak, sr=bzbarsky, a=blizzard 2002-10-30 12:41:38 +00:00
wtc%netscape.com 182f81490a Bug 177201: declare NSS_CMSEncoder_Cancel. 2002-10-30 01:31:01 +00:00
bishakhabanerjee%netscape.com 446c866598 creating the cmdtests.sh script - bug 144316 2002-10-30 00:20:10 +00:00
jpierre%netscape.com c4e2aa9127 Fix for bug 95311 - copy the DER input key to the arena, and free the arena upon decoding failure. 2002-10-29 23:47:31 +00:00
jpierre%netscape.com 31ce9957ca Use QuickDER to decode DER public key. Bug #95311 2002-10-29 22:52:31 +00:00
kirk.erickson%sun.com 46d92ed7fa Integrated bundle of changes that we're done on NSS_3_3_2_SUN_PKG_BRANCH. 
x86 support (separate prototype_sparc, prototype_i386)
	single updated copyright on common_files
	no pkgdepend in common_files
 2002-10-26 18:04:40 +00:00
nelsonb%netscape.com b1090ac99f Plug cert leak in NSS_SMIMESignerInfo_SaveSMIMEProfile. Bug 176799. 
Patch contributed by Kai Engert.
 2002-10-25 22:46:48 +00:00
nelsonb%netscape.com 4554b52c1c Add new function CERT_VerifySignedDataWithPublicKey containing common code 
factored from existing functions CERT_VerifySignedDataWithPubKeyInfo and
CERT_VerifySignedData.  Bug 174193.
 2002-10-25 03:21:24 +00:00
jpierre%netscape.com f759ddb2eb Fix for 169038 - bump builtins library version to 1.20 on the tip 2002-10-25 00:17:37 +00:00
nelsonb%netscape.com 2d36f59d67 Add -v option, which prints email addresses in certs. This excersizes 
the new functions for extracting email addresses from certs.  Bug 152986.
 2002-10-24 01:40:40 +00:00
bishakhabanerjee%netscape.com 1d08dec690 commented out unchecked in tests 2002-10-24 00:19:53 +00:00
jpierre%netscape.com 85f14ab5f0 Fix comment formatting style 2002-10-23 23:41:02 +00:00
jpierre%netscape.com 55df3cd350 Fix for bug 95311 - replace assertion with comments 2002-10-23 23:18:17 +00:00
relyea%netscape.com 940043e883 Make sure the array is big enough to handle all the cases. 2002-10-23 22:51:10 +00:00
nelsonb%netscape.com 25d4b3dd39 Include certi.h to resolve invocation of undeclared function. 2002-10-23 22:00:48 +00:00
nelsonb%netscape.com b0c5f20ec4 Add 2 new functions to NSS, so an application can get a list of all 
email addresses in a cert.  Bug 152986.
Modified Files: lib/nss/nss.def lib/certdb/alg1485.c lib/certdb/cert.h
                lib/certdb/certdb.c lib/certdb/certi.h
 2002-10-23 20:50:51 +00:00
wtc%netscape.com 1521c67903 The version of the builtin root certs module is now specified in nssckbi.h. 2002-10-23 19:04:22 +00:00
jpierre%netscape.com 50bc3486f0 Up library number for TC roots - bug #169038 2002-10-23 01:38:57 +00:00
ian.mcgreer%sun.com b9d29eefdc bug 174634, fix handling of authorityCertIssuer in chain construction 2002-10-22 14:43:08 +00:00
nicolson%netscape.com bf773f650f update version strings. 2002-10-18 23:59:01 +00:00
jpierre%netscape.com 8797b2c565 Fix for bug 175167 - SEC_QuickDERDecodeItem should fre memory upon failure. r=wtc 2002-10-18 22:32:34 +00:00
nelsonb%netscape.com dc79671232 Verify the self-signed signature on PKCS 10 cert requests before honoring 
them.  Bug 174193.
 2002-10-18 21:58:24 +00:00
kaie%netscape.com 07ead46166 b=101847 keygen does not work if Master Pwd is set to "Everytime it is needed" 
r=javi sr=jag a=asa
 2002-10-18 13:49:58 +00:00
bishakhabanerjee%netscape.com 7fcb4ea142 changed error string to reflect error better: 162714 2002-10-18 00:13:03 +00:00
nelsonb%netscape.com b0606e475e New utility to test cert chain verification using certs in files. 2002-10-17 22:24:35 +00:00
nelsonb%netscape.com 72e8094d87 Change instructions for entering a new token password to say "should" 
instead of "must".  Bug 174135.
 2002-10-17 02:06:31 +00:00
nelsonb%netscape.com 5a4244682c Use unsigned ints for serial numbers. Bug 173872. 
Add missing line break to cert requests.  Bug 174659.
Remove unused variables, and #ifndef NSPR20 code.
 2002-10-17 01:41:14 +00:00
nicolson%netscape.com c30e440420 The new SecretDecoderRing. 2002-10-17 00:33:42 +00:00
nicolson%netscape.com 9327ee2bc2 Generate a permanent key pair, since KeyStore isn't working yet. 2002-10-17 00:32:48 +00:00
nicolson%netscape.com 2ed819fbe8 remove print statements. 2002-10-17 00:07:50 +00:00
nicolson%netscape.com 0dc2c94550 Forget KeyStore, it is still very broken. 2002-10-17 00:07:29 +00:00
nicolson%netscape.com 9f40fcb3c9 More little hacks, but it still doesn't work right. 2002-10-17 00:07:08 +00:00
nicolson%netscape.com f061515562 Fix an implementation detail. 2002-10-17 00:05:53 +00:00
kaie%netscape.com 0d20ac0fbc b=163605 Use of blocking I/O for SSL in PSM stalls network activity 
r=javi sr=darin a=asa
 2002-10-16 22:20:42 +00:00
leaf%mozilla.org b25d2a38f7 update localeVersion for 1.2b, a=asa 2002-10-16 17:51:38 +00:00
nelsonb%netscape.com 16d37d34ce Use the new quick DER decoder to decode Certificate requests, because 
it does it correctly.  Fix some memory leaks in print code.
Print OCTET strings and bits strings better.
 2002-10-16 05:34:54 +00:00
nelsonb%netscape.com acdec25c4b Eliminate a crash in pp formatting cert requests. Bug 174188. 
When asking for a new password and the two values don't match, ask for
both again.  Bug 174133.
 2002-10-16 01:40:22 +00:00
nelsonb%netscape.com f1d2ae9c89 Fix DER_GetInteger. Bug 174644. 2002-10-16 01:36:10 +00:00
relyea%netscape.com 72fe83e3f2 Make grammar, punctuation, capitalization, and content changes suggested by 
nelson.
 2002-10-15 00:56:23 +00:00
kaie%netscape.com 9ab0709805 b=169185 remove call to non-existant function 
r=rangansen sr=jag a=asa
 2002-10-14 17:57:58 +00:00
kaie%netscape.com c114606c21 b=165574 PSM embedding freeze/ step 3/ replace nsISupportsArray with nsIArray 
r=javi sr=alecf a=asa
 2002-10-14 14:49:00 +00:00
kaie%netscape.com 9ebc65bda6 b=147280 Ensure Mozilla uses the shipped nssckbi or a newer builtin roots module 
r=javi sr=dveditz a=asa
 2002-10-14 14:39:04 +00:00
jpierre%netscape.com 1dfb9604b6 Fix for 169038 - correct entries for TC TrustCenter roots 2002-10-12 01:05:47 +00:00
jpierre%netscape.com 634583edc6 Fix for 169038 - correct entries for TC TrustCenter roots 2002-10-12 01:04:53 +00:00
jpierre%netscape.com 66672a3266 Fix addbuiltin t add issuer & serial number to trust object 2002-10-12 01:00:33 +00:00
kaie%netscape.com d03c5bdd14 b=172455 Mozilla crashes when viewing certificate details 
r=javi sr=jag a=dbaron
 2002-10-11 13:21:58 +00:00
nicolson%netscape.com 5a6988bce7 Temporary fix for 164692: SSL ops that timeout should throw 
java.net.SocketTimeoutException.
 2002-10-11 03:49:34 +00:00
relyea%netscape.com e00f4b4887 Fix memory leaks in the startup of the builtins. 2002-10-10 22:39:23 +00:00
relyea%netscape.com 7db5df2a89 Fix memory leak in vfyserv.c 2002-10-10 22:38:09 +00:00
relyea%netscape.com 936e0f80f3 Fix optimized build failures 2002-10-10 21:17:39 +00:00
wtc%netscape.com 00c4231267 Bug 131386: use 'tee' (in a pipe) instead of 'tail -f' when we need to 
display the test output on stdout.  This avoids the need to kill the tail
process, which is tricky to do under MKS Korn Shell on Windows.
Modified Files: all.sh jssqa common/init.sh
 2002-10-10 20:36:53 +00:00
relyea%netscape.com 7cb062be5d Fix Cert Reference leak in error path 2002-10-10 20:34:29 +00:00
relyea%netscape.com e7544aab69 Add missing errors from secerr.h in lib/util 2002-10-10 20:31:25 +00:00
relyea%netscape.com 5fd94ca1a9 Bug 164501. Return a proper error code from PK11_FindCrlByName() so the CRL 
code can decide if there is a hw or system failure preventing the reading of a
CRL or if the CRL is just not there.
 2002-10-10 20:30:19 +00:00
relyea%netscape.com e352244c4b Unix and Mac platforms need to load librdb.* not rdb.*. 2002-10-10 20:11:09 +00:00
relyea%netscape.com 006424c6d4 Fix minor memory leak on init. 2002-10-10 20:09:30 +00:00
glen.beasley%sun.com 827c5b030a 171027 removed deprecated code 2002-10-10 04:35:56 +00:00
nicolson%netscape.com 6649c1141a upgrade to NSS 3.6 RTM and NSPR 4.2.2. 2002-10-09 18:30:38 +00:00
jpierre%netscape.com fa9b7e0590 Bump softoken version to 3.7 on tip 2002-10-08 04:07:22 +00:00
nelsonb%netscape.com 44827860fe Make indentation style self-consistent: 4 spaces per indent. 
Save error code at the beginning of printCertProblems, and restore it at
the end, since CERT_VerifyCert nearly always sets the error code to
-8157 Certificate extension not found when building an error log.
Bug 172036.
 2002-10-08 03:39:50 +00:00
jpierre%netscape.com 2495acd6a6 Fix for 172732. r=relyea 2002-10-08 01:23:09 +00:00
wtc%netscape.com 51729f2108 Set NSS version to 3.7 Beta on the tip. 2002-10-07 20:47:18 +00:00
nicolson%netscape.com 07d11e97ed fix warning. 2002-10-07 18:00:28 +00:00
jpierre%netscape.com d1ffbcafb9 Fix for 172678 - move internal functions InitCRLCache and ShutdownCRLCache to private header certi.h 2002-10-05 02:24:25 +00:00
nicolson%netscape.com cc61c535dd Fix 158727: JSSKeyStoreSpi.getCertificateChain is questionable. 
Make KeyStore.getCertificateChain() work.
 2002-10-05 00:19:49 +00:00
nicolson%netscape.com a2394e4148 Fix 162904: Missing invalidityDate in RevRequest in CMMF package. 
Update RevRequest to conform to RFC 2797.
Also updated the CRLReason enumeration.
 2002-10-04 22:46:04 +00:00
nicolson%netscape.com 82f245ad70 Fix 160028: JSSKeyGeneratorSpi.HmacSHA1 should be renamed to PBAHmacSHA1. 2002-10-04 22:27:46 +00:00
nicolson%netscape.com ef56ced392 Fix 160017: getAlgorithm() not implemented for PKCS #11 keys. 2002-10-04 22:13:21 +00:00
wtc%netscape.com 83c6850bf0 Sorted NSS 3.6 symbols in alphabetical order. 2002-10-04 22:11:34 +00:00
wtc%netscape.com b9b6bf16b8 Import nspr20/v4.2.2. 2002-10-04 21:26:10 +00:00
nicolson%netscape.com d227f02eee Open up the class a little. 2002-10-04 21:18:35 +00:00
nicolson%netscape.com f013957a9e Remove hardcoded algorithms (now that NSS bug 162761 is fixed). 2002-10-04 21:05:18 +00:00
nicolson%netscape.com 035d09e748 Deprecate this, start using javax.crypto.BadPaddingException instead. 2002-10-04 21:04:37 +00:00
nicolson%netscape.com ad556c8a45 Fix EncryptionAlgorithm to handle lookups from JCA descriptions. 
Support CipherSpi.engineGetKeySize.
Handle javax.crypto.spec.IvParameterSpec.
Handle multiple parameter classes.
 2002-10-04 21:04:09 +00:00
nicolson%netscape.com d761e8497b support storing private and symmetric keys (now that NSS bug 128172 is fixed). 2002-10-04 21:02:50 +00:00
nicolson%netscape.com cac200a7c2 Handle AES keys. 2002-10-04 21:02:16 +00:00
nicolson%netscape.com 3fd1601e52 allow algorithms to support multiple parameter classes. 2002-10-04 21:00:58 +00:00
nicolson%netscape.com a793f44808 Cleanup spurious printlns and exceptions. 2002-10-04 20:59:20 +00:00
nicolson%netscape.com 19c38d81ff Add SymmetricKey.getLength(). 2002-10-04 20:58:05 +00:00
kirk.erickson%sun.com 3b89f811a5 Added SUNW_ISA=sparcv9 to clear up error message. 2002-10-04 20:43:35 +00:00
wtc%netscape.com 63fb76c996 Bug 164744: fixed the comment block style. 2002-10-03 04:01:34 +00:00
wtc%netscape.com 22c42f1c08 Bug 149832: renamed highestUsage as certificateUsageHighest. 
Modified files: certdb/certt.h certhigh/certvfy.c
 2002-10-03 03:48:55 +00:00
jpierre%netscape.com b0fe3718ae Fix for 164744 - implement new functions for pk12util . r=wtc 2002-10-03 03:35:32 +00:00
wtc%netscape.com 9a64e105d5 Restored a # that was accidentally deleted. 2002-10-03 02:11:01 +00:00
kirk.erickson%sun.com f519d2bd89 Moved solarispkg target to the end of the file. 2002-10-02 23:42:40 +00:00
kirk.erickson%sun.com 57d8aec96c Fixes 158683, adds new directory mozilla/security/nss/pkg/solaris. 
And 'solarispkg' target to mozilla/security/nss/Makefile.
 2002-10-02 23:11:39 +00:00
kaie%netscape.com 5364d2634e b=170562 Some CA's are blank lines 
r=javi sr=alecf
 2002-10-02 18:54:21 +00:00
kaie%netscape.com 5592ed3a8b b=171217 Bustage: Cannot activate auto CRL update. 
r=javi
 2002-10-02 18:52:07 +00:00
kaie%netscape.com ce65064a68 b=107034 OE requires special attribute in incoming signed messages to 
support dual key certificates (PSM portion)
r=relyea sr=mscott
 2002-10-02 10:56:11 +00:00
kaie%netscape.com b856423104 b=160746 Update PSM's version number to 2.4 
r=javi sr=alecf
 2002-10-02 10:51:02 +00:00
jpierre%netscape.com 2e48c1c8a4 Fix for 164744 - fix for pk12util to export multiple certs 2002-10-02 04:32:17 +00:00
jdunn%netscape.com c1d37cfb46 add support for hpux 11.20/ia64, which doesn't have separate freebl libs 
so we shouldn't export them
r=cls@seawood.org
# 145053
 2002-10-01 14:42:41 +00:00
ian.mcgreer%sun.com 6199159d80 bug 171224, changes to path construction 
r=nelsonb
 2002-10-01 14:32:15 +00:00
relyea%netscape.com b6295815f9 Bug 16296: fix race in sdr code. 2002-10-01 00:46:20 +00:00
relyea%netscape.com 487a7f5f6a Fix SDR race condition with a coarse lock. Does not address multiaccess DB 
races. Bug 169296.
 2002-10-01 00:23:46 +00:00
ian.mcgreer%sun.com cc2b80a48a bug 166793, uninitialized variables 
r=wtc
 2002-09-30 21:15:07 +00:00
wtc%netscape.com 886e30e17b Bug 154689: removed the "with Shared Database" string. NSS is always built 
that way now.
 2002-09-30 21:00:43 +00:00
wtc%netscape.com d7b153e145 Bug 127740: added a comment to explain the thread yield in 
ssl3_SendApplicationData.
 2002-09-30 20:51:05 +00:00
wtc%netscape.com ca4da40f13 Use the enumeration constant 'siBuffer' instead of 0. 2002-09-30 20:36:54 +00:00
wtc%netscape.com 22503c53a1 Bug 171422: removed unused (and incorrect) code. r=mcgreer. 2002-09-30 20:33:44 +00:00
wtc%netscape.com 4ae061289f Bug 166772: 'cinfo' needs to be initialized to NULL. Fixed an indentation 
problem.
 2002-09-30 20:31:55 +00:00
wtc%netscape.com 2e33cb369f Bug 153258: fixed a misspelling in pk11_getDefTokName. 2002-09-28 14:14:18 +00:00
nicolson%netscape.com 0654510b0b Fix 128172: function to convert a session key to a token key. 2002-09-28 00:48:32 +00:00
jpierre%netscape.com 6ce325d896 Fix for 167615 - fix for crash with bad CRLs from token. Also fix error handling 2002-09-28 00:05:34 +00:00
wtc%netscape.com bd264d3f32 Bug 166781: fixed the bug that 'r2' may be used uninitialized. r=nicolson. 2002-09-27 22:22:12 +00:00
ian.mcgreer%sun.com e128398d1a bug 171198, leak moving temp cert to perm; add force parameter 
r=wtc,relyea
 2002-09-27 21:23:00 +00:00
relyea%netscape.com 34f3c0635f Bug 167861: PK11_GetModInfo needs to set the error code. 2002-09-27 17:50:59 +00:00
relyea%netscape.com 20b909f88a bug 130966: fix problems in searching and storing fixed keys. 
bug 170423: Turn on block symetric and Mac'ing functions in the DB token so we can use the fixed keys there without moving them around.

Fix memory leak on shutdown (leaking the sessions).
 2002-09-27 17:46:36 +00:00
relyea%netscape.com 9c8a68e08d Bug 166894: Handle changing Trust when cert is in the token. 2002-09-27 15:55:01 +00:00
nelsonb%netscape.com 8bdfd22acf Add targets for HPUX Itanium family processors. 2002-09-27 01:23:28 +00:00
nicolson%netscape.com 65af04c0b9 Fix error message when we find something unexpected in a SEQUENCE. 2002-09-27 00:07:11 +00:00
nicolson%netscape.com 5fe2828356 Fix 169798: Failed to install ca signing certificate with NS3.6beta. 
r=wtc
 2002-09-27 00:01:53 +00:00
nicolson%netscape.com 72d7f9c27c override INTEGER.getTemplate() with one that returns an ENUMERATED.Template. 2002-09-26 23:25:21 +00:00
ian.mcgreer%sun.com 0f153605e9 bug 158078, unitialized variable due to a lot of unneccessary code 2002-09-26 20:30:11 +00:00
glen.beasley%sun.com f24613dd00 163762 configureOCSPNative 2002-09-26 19:52:06 +00:00
wtc%netscape.com 10bb630725 Get NSS headers from the new location (dist/public/nss) only. 
Modified files: boot/src/Makefile.in pki/src/Makefile.in ssl/src/Makefile.in
 2002-09-26 17:56:09 +00:00
jpierre%netscape.com 8885d6de5f Fix for 167615 - don't crash if a token returns a NULL CRL object 2002-09-26 01:38:45 +00:00
jpierre%netscape.com 7150fbd4e4 Fix for 167615 - don't crash if the CRL isn't found due to a database error 2002-09-26 01:37:41 +00:00
wtc%netscape.com fda8e75512 Bug 170379: fix the stack overflow crash by not allocating the 32K "sieve" 
array on the stack.
 2002-09-26 00:04:25 +00:00
wtc%netscape.com 1f1b0dc528 Bug 166894: destroy nssTrust before returning from STAN_ChangeCertTrust. 2002-09-24 18:47:33 +00:00
wtc%netscape.com c07287ed58 Bug 169944: declare PK11_TokenKeyGen in pk11func.h and export it from the 
nss3 shared library.
Modified Files: nss/nss.def pk11wrap/pk11func.h
 2002-09-24 18:40:29 +00:00
kaie%netscape.com 106f567abb b=170438 Crash opening cert manager 
r=javi sr=alecf
 2002-09-24 03:00:37 +00:00
kaie%netscape.com 45b75de492 b=170359 Make sure new code from bug 168448 uses NS_INIT_ISUPPORTS 
r=javi sr=alecf
 2002-09-24 02:57:51 +00:00
wtc%netscape.com cf907092d8 Bug 169785: CERT_AddOCSPAcceptableResponses should have a second argument 
of type SECOidTag, followed by the optional arguments ..., because it needs
at least one argument of type SECOidTag.  r=nelsonb.
 2002-09-23 23:47:49 +00:00
kaie%netscape.com 2a3ea54ed5 b=169443 Form submit buttons not working [embedding apps] 
r=javi sr=rpotts
Adding files forgotton on earlier checkin
 2002-09-23 23:30:22 +00:00
kaie%netscape.com e0ac174edc b=168946 More PSM cleanup 
r=javi sr=rpotts
 2002-09-23 23:23:05 +00:00
kaie%netscape.com 0e02f8a7c7 b=168976 Remove RsaPubModulus from nsIX509Cert 
r=javi sr=rpotts
 2002-09-23 23:20:18 +00:00
kaie%netscape.com 03f7ce8e87 b=169765 View button doesn't work in cert manager 
r=javi sr=rpotts
 2002-09-23 23:16:46 +00:00
kaie%netscape.com 410f942d29 b=169943 Form submit buttons not working [embedding apps] 
Moving implementation of security warnings from pippki to pipboot.
r=javi sr=rpotts
 2002-09-23 23:11:10 +00:00
nelsonb%netscape.com b155ff5183 Change coding style used in nss/lib/pki to one that works with ctags. 
Bug 169999.   Modified Files:
  asymmkey.c certdecode.c certificate.c cryptocontext.c pki3hack.c
  pkibase.c pkistore.c symmkey.c tdcache.c trustdomain.c
 2002-09-23 21:32:35 +00:00
wtc%netscape.com ec39c6ef5f Bug 169790: renamed CERT_DecodeDERCrlEx to CERT_DecodeDERCrlWithFlags. 
Modified files: certdb/cert.h certdb/crl.c nss/nss.def pk11wrap/pk11cert.c
 2002-09-23 21:31:47 +00:00
kaie%netscape.com ec41544988 b=169932 Replace wstring with AString in IDL 
r=darin sr=alecf
 2002-09-23 20:17:16 +00:00
nicolson%netscape.com 667a8762e8 Fix 169578: PK11_ImportAndReturnPrivateKey sets wrong key type. 2002-09-20 21:48:32 +00:00