julien.pierre.bugs%sun.com
f98d49a913
Remove dead config.mk files for modutil and ssltap. Fix for 294720. r=nelson
2005-11-10 03:00:05 +00:00
julien.pierre.bugs%sun.com
7e9a679a65
Resolve symlinks when loader freebl shared libs, and limit iterations to 20. r=wtchang
2005-11-10 02:18:22 +00:00
kaie%kuix.de
0fdc7201d3
bug 126601, "Web" should be "web" in Master Password pref panel
...
patch by Henrik Lynggaard Hansen, working change only, r=brendan, r=kengert
2005-11-09 15:32:24 +00:00
wtchang%redhat.com
560f560f03
Bugzilla Bug 311432: renamed USE_FP_CODE as ECL_USE_FP. Do not set
...
ECL_USE_FP to 1 on Linux x86 to work around the bug. Moved a dependency
rule to the appropriate section of the makefile. r=nelsonb.
2005-11-08 22:03:17 +00:00
wtchang%redhat.com
4c003bfe53
Improved a comment. Suggested by Nelson Bolyard of Sun. r=wtc.
2005-11-08 22:00:46 +00:00
kaie%kuix.de
df2f98120c
bug 200119, crash when I shutdown (StopCRLUpdateTimer) [@ nsHashtable::Reset ]
...
r=darin, sr=bienvenu
2005-11-08 17:49:52 +00:00
alexei.volkov.bugs%sun.com
71d67849a3
fix for 313680: add missing TLS cipher types to SSLTAP. r=nelson
2005-11-07 23:54:33 +00:00
christophe.ravel.bugs%sun.com
e748b37142
238319: Sun packages changes
...
Set rpm release to 2 for NSS 3.11
2005-11-07 20:20:10 +00:00
christophe.ravel.bugs%sun.com
d348103b57
238319: Sun packages changes
...
Reset rpm release to 1 for JSS 4.2
2005-11-07 20:19:05 +00:00
wtchang%redhat.com
ff785bd766
Bugzilla Bug 298522: added power-up self tests for HMAC SHA-384 and HMAC
...
SHA-512. The patch was written by Glen Beasley of Sun. r=wtc.
2005-11-07 19:05:45 +00:00
wtchang%redhat.com
4029572119
Bugzilla bug 313196: include the minimal headers.
2005-11-07 19:00:58 +00:00
wtchang%redhat.com
126f513f21
Bugzilla Bug 313196: checked in a header inclusion change that I missed in
...
the previous checkin.
2005-11-07 18:48:39 +00:00
wtchang%redhat.com
1714be323f
Bugzilla Bug 313196: HMAC code should not use a fixed hash input block size
...
of 64 bytes, which is wrong for SHA-384 and SHA-512. This requires adding
the hash input block size to the SECHashObject structure. r=relyea,nelsonb
Modified Files:
cryptohi/hasht.h cryptohi/sechash.c freebl/alghmac.c
freebl/blapit.h freebl/rawhash.c
2005-11-07 18:44:21 +00:00
wtchang%redhat.com
d576bf2833
Replaced the magic constant 20 by SHA1_LENGTH. Use sizeof(buffer) to
...
be more robust. r=nelsonb
2005-11-05 01:00:14 +00:00
relyea%netscape.com
ce75b22933
replace missing header files.
2005-11-04 23:44:19 +00:00
glen.beasley%sun.com
4c538f769b
313176 jss version 4.2 because JSS needs NSS 3.11 and up for bypass sr=sandeep
2005-11-04 23:16:43 +00:00
wtchang%redhat.com
1ce181b01e
Bugzilla Bug 311958: Update the nssckbi versions for NSS 3.11. r=relyea.
2005-11-04 22:51:55 +00:00
julien.pierre.bugs%sun.com
799adefa45
Move ret_cr16.s from util to freebl. r=nelsonb
2005-11-04 04:11:04 +00:00
relyea%netscape.com
3597080dab
Initial CAPI PKCS #11 Module.
...
Needs the updated ckfw.
2005-11-04 02:05:04 +00:00
wtchang%redhat.com
898c89fc45
Bugzilla Bug 298512: Ensure the seed and seed key input for RNG do not have
...
same value for FIPS 140-2. r=nelsonb.
2005-11-04 01:07:30 +00:00
julien.pierre.bugs%sun.com
f1c5542df0
Remove dead files. r=wtchang
2005-11-04 01:02:50 +00:00
julien.pierre.bugs%sun.com
bd999cb1b2
Remove nmake Makefiles and references to them. r=nelson
2005-11-04 01:01:37 +00:00
julien.pierre.bugs%sun.com
4fb160cf44
Remove dead files. r=wtchang
2005-11-04 00:48:41 +00:00
glen.beasley%sun.com
3033b29443
311934 added PORT_JSSE_SERVER and PORT_JSSE_SERVER plus testing bypass r=sandeep
2005-11-03 23:30:38 +00:00
glen.beasley%sun.com
972005ad9a
313176 allow JSS to enable more NSS SSLOptions r=wtc, sr=nelson
2005-11-03 23:09:26 +00:00
kaie%kuix.de
f242eb6db4
fix bug 252436, non-ascii characters not recognized by master password dialog
...
r=dbaron, sr=shaver
2005-11-03 11:25:53 +00:00
sandeep.konchady%sun.com
d4966d18a9
Bugzilla id: 314583, removed linking of JVM to JSS library and replaced
...
reference to classes.zip with rt.jar.
2005-11-03 00:11:59 +00:00
bsmedberg%covad.net
9f17e5b53d
Bug 314821 - stop building dist/gre because nobody uses it and all plans to use it have evaporated, r=cls+dougt
2005-11-02 21:50:36 +00:00
wtchang%redhat.com
e5bbe64221
Import NSPR 4.6 and NSS 3.10.2 temporarily. We will import NSPR 4.6.1
...
and NSS 3.11 when they are released.
2005-11-01 19:00:12 +00:00
wtchang%redhat.com
5ae998a3cd
Bugzilla Bug 308242: expose the opFlags and the temporary/permanent
...
attributes of PK11_TokenKeyGenWithFlags. r=glen.beasley.
Modified Files:
crypto/KeyGenerator.java crypto/SymmetricKey.java
pkcs11/PK11KeyGenerator.c pkcs11/PK11KeyGenerator.java
2005-11-01 18:38:47 +00:00
julien.pierre.bugs%sun.com
da619f8dec
Fix for 314115 . Comments about QuickDER and classic ASN.1 decoders relating to SECItem.type field
2005-10-31 18:52:20 +00:00
julien.pierre.bugs%sun.com
3e221bfb46
Fix for 314115 - QuickDER modifies SECItem.type while decoding. r=wtchang
2005-10-31 18:34:42 +00:00
neil%parkwaycc.co.uk
7fe9ea373d
Bug 289444 Adding access keys p=giacomo.magnini@portalis.it r=kaie sr=me
2005-10-30 11:21:44 +00:00
sandeep.konchady%sun.com
b851582ca9
Bugzila bug : 314098 Changed Double to Double.doubleValue() in constructing java.Security.Provider(). sr=wtc
2005-10-28 22:22:44 +00:00
cvshook%sicking.cc
64a0fbd45f
Bug 311827: Make GetAttr return a bool rather then an nsresult.
...
r/sr=bz
2005-10-28 11:25:24 +00:00
sandeep.konchady%sun.com
99af98bd06
Bugzilla bug : 314098. Modified JSS provider version to 4.1.1 in
...
JSSProvider.java. Reflected this information in all places that needs
to be changed when there is a change in JSS version. r=wtc
2005-10-28 04:21:16 +00:00
wtchang%redhat.com
2d980ccd93
Bugzilla bug 314089: On HP-UX, use rt.jar instead of classes.zip; for JDK
...
1.4 or later use the "server" JVM. Fixed an error in the pathname of
rt.jar for Linux. r=sandeep.konchady.
2005-10-28 00:20:38 +00:00
wtchang%redhat.com
e9ee302906
Bugzilla Bug 302212: set DARWIN_SDK_DSOFLAGS and pass -F arguments to ld
...
when GCC <= 3. Contributed by Mark Mentovai <mark@moxienet.com>. r=wtc.
2005-10-28 00:06:56 +00:00
wtchang%redhat.com
8732358f93
Bugzilla bug 239960: cvs removed cmd/swfort. r=relyea.
2005-10-27 22:49:22 +00:00
wtchang%redhat.com
63eff804d1
Bugzilla Bug 308242: added the extractablePairs method to KeyPairGenerator
...
to make the new PK11_ATTR_EXTRACTABLE/PK11_ATTR_UNEXTRACTABLE flags of the
new PK11_GenerateKeyPairWithFlags function available to JSS. r=nkwan.
sr=glen.beasley.
Modified Files:
crypto/KeyPairGenerator.java crypto/KeyPairGeneratorSpi.java
pkcs11/PK11KeyPairGenerator.c pkcs11/PK11KeyPairGenerator.java
2005-10-27 20:47:26 +00:00
wtchang%redhat.com
40145d9911
Bugzilla Bug 302212: allow Mac OS X x86 builds to target SDKs. The patch
...
was written by Mark Mentovai <mark@moxienet.com>. r=joshmoz. sr=bryner.
Modified Files:
configure.in config/autoconf.mk.in config/config.mk
extensions/java/xpcom/tools/xpidl/Makefile.in
security/manager/Makefile.in xpcom/typelib/xpidl/Makefile.in
2005-10-26 19:01:18 +00:00
wtchang%redhat.com
b5bdaf152c
Bugzilla Bug 302212: allow Mac OS X x86 builds to target SDKs. The patch
...
is contributed by Mark Mentovai <mark@moxienet.com>. r=wtc,joshmoz.
2005-10-26 17:00:07 +00:00
darin%meer.net
41f1ce15e8
fixes bug 271194 "When going from a secure to a non-secure page without clicking a button in the security dialog, the non-secure page appears as secure" patch by kai, r=dveditz, sr=darin
2005-10-21 18:33:26 +00:00
wtchang%redhat.com
8e70cf6f2e
Bugzilla bug 298522: added power-up self tests for HMAC SHA-1 and HMAC
...
SHA-256. The patch is contributed by Glen Beasley of Sun. r=wtc.
2005-10-20 21:46:51 +00:00
wtchang%redhat.com
7b145dd9ac
Bugzilla bug 312774: support building and running the test with IBM JDK.
...
Removed the class name and provider name of the SUN provider. Instead,
we compare our message digest result with the result of all providers that
support the message digest algorithm. The patch is contributed by Rich
Megginson of Red Hat and improved by Glen Beasley of Sun. r=wtc.
2005-10-19 01:17:44 +00:00
wtchang%redhat.com
5d658b3517
Build fipstest.
2005-10-19 01:14:20 +00:00
julien.pierre.bugs%sun.com
c3b3a7e2c1
Add dependency on freebl so ssl will rebuild if freebl has changed.
2005-10-19 01:04:16 +00:00
julien.pierre.bugs%sun.com
4c37a26617
Add dependency on freebl so softoken will rebuild if freebl has changed.
2005-10-19 01:03:31 +00:00
wtchang%redhat.com
cc8b26183b
Added a shell script for running the NIST AES Algorithm Validation Suite.
2005-10-19 00:55:20 +00:00
wtchang%redhat.com
41c3b79ae3
Bugzilla bug 312774: support building with IBM JDK on Linux. Added -L
...
linker flags for IBM JDK's pathnames. The patch is contributed by Rich
Megginson of Red Hat. r=wtc,glen.beasley.
2005-10-18 22:36:19 +00:00
darin%meer.net
a6f6369c29
fixes bug 304286 "Certificate failures during automatic check for updates should not give user choice to connect anyway" r=biesi sr=dveditz
2005-10-15 02:46:06 +00:00
wtchang%redhat.com
d2dee7d603
Bugzilla Bug 312395: Added FIPS AES Known Answer Test, Multi-block Message
...
Test, and Monte Carlo Test in ECB and CBC modes. Also changed the types
of some variables from int to unsigned int to fix compiler warnings about
signed/unsigned comparisons.
2005-10-14 20:04:39 +00:00
wtchang%redhat.com
e58492ea00
Bugzilla bug 311440: ssl3_ConsumeHandshakeVariable now longer returns a
...
SECItem pointing to memory allocated with PORT_Alloc, so we don't need to
use PORT_Free to free the SECItem's buffer. r=nelsonb.
2005-10-14 16:48:58 +00:00
wtchang%redhat.com
b957c8d0a7
Bugzilla Bug 312202: checked in HP-UX IPF (Itanium) porting changes
...
contributed by Grace Lu of HP. Use the .so suffix for shared libraries
on HP-UX IPF. Support building on HP-UX B.11.23. r=wtc.
Modified Files:
coreconf/HP-UX.mk nss/lib/nss/nssinit.c
Added Files:
coreconf/HP-UXB.11.23.mk
2005-10-12 19:04:13 +00:00
wtchang%redhat.com
2193d926c7
Bugzilla Bug 302998: disallow x=0,1 and k=0. r=nelsonb.
2005-10-12 00:48:25 +00:00
neil.williams%sun.com
8657972540
CBug 290263, patch CERT_CreateCertificateRequest for doing extensions
...
r=bob
`VS: ----------------------------------------------------------------------
2005-10-12 00:10:17 +00:00
wtchang%redhat.com
b0f84afae7
Bugzilla Bug 311074: cvs removed the unused nfspwd.pl script (which only
...
worked on the old Netscape intranet). r=relyea.
Modified Files: OS2.mk command.mk rules.mk
Removed Files: nsinstall/nfspwd nsinstall/nfspwd.pl
2005-10-10 23:46:13 +00:00
relyea%netscape.com
f8422acc69
Attempt to fix HPUX test failures.
...
Bug 311279 crmftest core dumps on HP-UX
(verbal) r=wtc
2005-10-08 00:57:31 +00:00
wtchang%redhat.com
491b4ef092
Bugzilla Bug 304360: generate ECC key with private key value less than the
...
group order using a combination of ANSI X9.62 A.4.1 and FIPS 186-2 Change
Notice 1. Also changed structure of EC key generation functions to match
the scheme used in dsa.c. The patch is contributed by Douglas Stebila
<douglas@stebila.ca> of Sun Labs. r=wtc.
2005-10-06 23:16:20 +00:00
wtchang%redhat.com
81299cbc68
Bugzilla Bug 257693: set the correct error code in EC_ValidatePublicKey.
...
Documented the return values of ECPoint_validate. Have the tests compare
the return value of ECPoint_validate with MP_NO for negative test cases.
r=doublas.stebila.
Modified Files:
ec.c ecl/ecl.h ecl/tests/ec2_test.c ecl/tests/ecp_test.c
2005-10-06 21:42:55 +00:00
wtchang%redhat.com
a548d37af0
Bugzilla Bug 311074: removed the unused nfspwd Perl script from TARGETS,
...
which caused "gmake clean" to break on a read-only source tree. The patch
is contributed by Benjamin Smedberg <benjamin@smedbergs.us>. r=wtc.
2005-10-05 22:25:37 +00:00
wtchang%redhat.com
d420dda744
Bugzilla bug 259135: fixed build breakage. In C, declarations must precede
...
code.
2005-10-05 22:03:14 +00:00
wtchang%redhat.com
002c9cc505
Bugzilla bug 259135: minor comment fix.
2005-10-05 17:58:01 +00:00
glen.beasley%sun.com
2ae43f58d5
171027 removed deprecated code from tests ran by all.pl sr=sandeep
2005-10-05 17:09:03 +00:00
glen.beasley%sun.com
814a61d561
259135 added SHA 256,384,512 and AES powerupself tests sr=Wan-Teh
2005-10-05 16:31:01 +00:00
relyea%netscape.com
b0d1e52691
Back out non-reviewed strictly white space change in pk11sdr.c
2005-10-04 01:11:01 +00:00
wtchang%redhat.com
1a02e7736f
Made the test compile and link without errors.
2005-10-04 00:46:50 +00:00
wtchang%redhat.com
775508c3c2
Fixed test file line endings. This file must be considered part of the
...
NSS module because it needs the private NSS header blapi.h.
2005-10-04 00:35:51 +00:00
wtchang%redhat.com
3fad97d84a
Fixed test file line endings.
2005-10-04 00:28:55 +00:00
wtchang%redhat.com
058312eaa6
Bugzilla bug 310518: map CKR_PIN_INVALID and CKR_PIN_LEN_RANGE to
...
SEC_ERROR_INVALID_PASSWORD instead of SEC_ERROR_BAD_PASSWORD. r=relyea.
2005-10-03 22:41:45 +00:00
relyea%netscape.com
2fcee3f720
remove depricated mechanisms so pk11table continues to build.
2005-10-03 22:19:43 +00:00
relyea%netscape.com
5c3685a18e
Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
...
r=wtc [part 3 of 3]
2005-10-03 22:01:57 +00:00
relyea%netscape.com
0cefb4acd8
Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
...
r=wtc [part 2 of 3]
2005-10-03 22:00:22 +00:00
relyea%netscape.com
0223a07982
This change was not part of bug 272484 and has not been reviewed.
...
Back it out.
2005-10-03 21:58:24 +00:00
relyea%netscape.com
53f4189369
Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
...
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)
This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.
r=wtc
2005-10-03 21:55:29 +00:00
bugzilla%arlen.demon.co.uk
a2056d8b42
Bug 309542 Fix a11y problems and crop="right" is deprecated in page info dialog
...
p=me r=db48x sr=neil.parkwaycc.co.uk
2005-10-02 00:09:37 +00:00
wtchang%redhat.com
5d52123474
Bugzilla Bug 294106: removed an assertion that's no longer necessary.
...
Added buffer length error checking to back up an assertion. r=nelsonb.
2005-09-30 22:01:46 +00:00
relyea%netscape.com
bb7e1cb9f9
Bugzilla Bug 244922 ASN.1 encoder outputs trash for optional may-stream subtemplate
...
r=nelson (original patch by nelson, modifications by me).
2005-09-30 19:22:48 +00:00
christophe.ravel.bugs%sun.com
f25e5155ef
238319: Sun packages changes.
...
Add an extra line to the copyright file to have the same as NSS and NSPR.
2005-09-30 01:56:59 +00:00
relyea%netscape.com
b354997d97
Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported
...
wtc's review r=wtc
2005-09-29 23:44:39 +00:00
wtchang%redhat.com
5c38b2d572
Bugzilla Bug 294106: dsa.c: use const in the function prototype of
...
DSA_GenerateGlobalRandomBytes. prng_fips1861.c: implemented Algorithm 1
of FIPS 186-2 Change Notice 1 and increased the size (b) of the RNG's
seed-key from 160 bits to 256 bits. r=relyea,nelsonb.
2005-09-29 23:22:53 +00:00
relyea%netscape.com
952e8e8f45
Tests won't pass if we don't build crmftest
2005-09-29 22:01:52 +00:00
relyea%netscape.com
f07ca5cfef
Bug 308887 CRMF request generation problem when using latest firefox
...
Add crmf tests to the test suite.
2005-09-29 21:36:42 +00:00
relyea%netscape.com
9c9cecb9d7
Bugzilla Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported
...
r=nelson
This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
2005-09-29 21:00:58 +00:00
sandeep.konchady%sun.com
913985ea4b
Bugzilla Bug 164692 SSL ops that timeout should throw
...
java.net.SocketTimeoutException. sr=Glen.Beasley
2005-09-29 18:48:34 +00:00
wtchang%redhat.com
fc511c7607
Bug 271317, remove the old fortezza code
2005-09-29 18:09:11 +00:00
relyea%netscape.com
93e1f22027
Bugzilla Bug 298630 freebl needs a memory cache invariant RSA implementation.
...
r=nelson
2005-09-29 17:17:09 +00:00
relyea%netscape.com
b8917d3493
Add better tests for detached signatures. Actually test the other sha
...
variants rather than just say we do. done in the context of bug 30887
r=nelson
2005-09-29 17:14:19 +00:00
smontagu%smontagu.org
159e0a2eab
Make the dates shown in the Expired Certificate alert have consistent (short) format. Bug 246905, patch by Constantine A. Murenin <cnst+bmo@bugmail.mojo.ru>, r=jgmyers, sr=brendan
2005-09-29 08:41:22 +00:00
relyea%netscape.com
665d2accd1
Bug 271317, remove the old fortezza code
2005-09-29 00:36:53 +00:00
relyea%netscape.com
8d4f93463a
Internal NSS defines shared between softoken and the rest of NSS, but not
...
exported.
added as part of bug 305697.
2005-09-28 23:52:59 +00:00
wtchang%redhat.com
6fe5b3ee79
Bugzilla Bug 310336: support building on Windows Server 2003.
...
r=Sandeep.Konchady.
2005-09-28 23:14:44 +00:00
relyea%netscape.com
c4abacd281
Bug 305697 Softoken needs to give on the fly access to additional databases. Part 2, User interface
...
r=julien
2005-09-28 17:17:49 +00:00
relyea%netscape.com
e35607b9c4
bug 305697: open additional database on the fly in softoken. part1: softoken changes.
...
r=julien
2005-09-28 17:12:17 +00:00
nelsonb%netscape.com
ac626ee74e
Avoid NULL ptr deref. Bug 310260. patch by Glen.Beasley. r=nelson.
2005-09-28 07:55:37 +00:00
wtchang%redhat.com
3a398b46ec
Bugzilla bug 298045: when importing a package of CA certs, display and ask
...
the user to trust the root most CA (instead of the leaf most CA) in the
package. Also make sure that the cert is indeed a CA cert. r=kaie,relyea.
sr=sfraser.
2005-09-26 22:43:22 +00:00
neil.williams%sun.com
7b415783ba
Bug 303508, committing attachment 196965. r=nelson,saul
2005-09-23 02:15:03 +00:00
nelsonb%netscape.com
abc6a22d68
Eliminate environment variable SSLNOLOCKS, add environment variable
...
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option. Bug 305147. r=rrelyea.
2005-09-23 01:04:32 +00:00
nelsonb%netscape.com
facd708671
Don't crash when printing an ASN.1 NULL primitive with a NULL prefix
...
string. Bug 309651. r=wtchang.
2005-09-22 22:45:32 +00:00
wtchang%redhat.com
343315772e
Bugzilla bug 309640: replaced the French accented a (�) with ASCII a
...
because IBM JDK can't handle that 8-bit character in UTF8 locales. The
patch is contributed by Rich Megginson of Red Hat. r=wtc,glen.beasley.
2005-09-22 17:58:35 +00:00
christophe.ravel.bugs%sun.com
3f8cd3784d
Unset Beta flag to sync up JSS 4.1.1 RTM with NSS 3.10.2 RTM build date.
2005-09-21 21:06:54 +00:00
nelsonb%netscape.com
d05886f50d
Add version info to freebl shared libs for Windows and Unix. bub 303508.
...
Modified Files: config.mk ldvector.c manifest.mn
Added Files: freebl.rc freeblver.c r=wtc.
2005-09-21 03:01:49 +00:00
nelsonb%netscape.com
f12a0e5a63
Replace "fast" and "slow" with fpu and int in loader.c. Also add a
...
comment explaining ISA lists. r=wtc. bug 303508.
2005-09-21 02:53:25 +00:00
wtchang%redhat.com
73f597f990
Bug 299197: added the comment for PK11_TokenKeyGen back. r=relyea.
2005-09-21 01:32:11 +00:00
wtchang%redhat.com
ecdf90d92d
Bug 299197: fixed comments. r=relyea.
2005-09-21 01:31:37 +00:00
db48x%yahoo.com
acc7931e28
fix bug 217611: Page Info can be opened multiple times
...
patch by Jason Barnabe (np) <jason_barnabe@fastmail.fm>, r=mconnor
2005-09-21 01:12:29 +00:00
relyea%netscape.com
aa8a2c0490
Only call C_WaitForSlotEvent if the module is PKCS #11 v2.01 or later.
...
bug 196811 r=wtc sr=julien
2005-09-20 20:56:07 +00:00
julien.pierre.bugs%sun.com
b8d9f0ef9a
Fix for 293686. Check status from SECU_ParseCommandLine. r=nelson
2005-09-20 05:13:01 +00:00
julien.pierre.bugs%sun.com
48b2d654bd
Fix for 292390. NSS tools with missing command-line operands cause crash. r=nelson
2005-09-19 20:59:46 +00:00
julien.pierre.bugs%sun.com
7e8884e00e
Fix for 293686 . signver has command-line options with optional arguments. r=nelsonb
2005-09-19 20:52:11 +00:00
christophe.ravel.bugs%sun.com
41da874bf6
238319: Sun packages changes.
...
Change libfreebl name on Solaris x86 (following changes from Bugzilla 303508).
2005-09-19 19:12:24 +00:00
bzbarsky%mit.edu
1d3384b1c6
Only do expensive GetName() calls if we're actually logging. Bug 304847,
...
r=kaie, sr=dmose
2005-09-19 03:23:21 +00:00
cst%andrew.cmu.edu
7ce62d0cd1
Bug 284636 Fix typo in Website Certified by an Unknown Authority alert
...
Patch by stephend and Kurt <supernova_00@yahoo.com> r=kaie sr=bzbarsky
2005-09-19 00:05:02 +00:00
wtchang%redhat.com
13f41d4840
Bugzilla bug 303508: a more elegant way to decide when we need to prefix
...
LIBRARY_VERSION with '_'. r=nelsonb.
2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com
d42e92ad88
Fix hoarked build from previous checkin. Doh.
2005-09-16 21:28:20 +00:00
wtchang%redhat.com
b427dc6efe
Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and
...
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute. r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
2005-09-16 20:37:58 +00:00
julien.pierre.bugs%sun.com
c56d3589f6
Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson
2005-09-16 20:33:09 +00:00
smfr%smfr.org
8bda56063a
Fix bug 307293: make sure we initialize the mType and mTag members of nsNSSASN1Object. r=wtchang, sr=rrelyea.
2005-09-16 18:57:55 +00:00
wtchang%redhat.com
2e75eae9d5
Bugzilla Bug 288728: handle invalid values of recipient identifier type.
...
r=jpierre,relyea.
2005-09-16 17:54:31 +00:00
wtchang%redhat.com
019a13cbeb
Bugzilla Bug 288728: use a whitelist instead of a blacklist when checking
...
for invalid values of "type". r=jpierre,relyea.
2005-09-16 17:52:37 +00:00
wtchang%redhat.com
dcad184fa4
Bugzilla Bug 303508: removed the underscore from the name of the "single"
...
freebl shared library (freebl_3.dll -> freebl3.dll). Do the recursive
child builds without changing directories. This fixed the BUILD_TREE build
problem. r=nelsonb,saul.edwards.
Modified files: Makefile freebl.def manifest.mn
2005-09-16 17:17:45 +00:00
wtchang%redhat.com
d67071df3f
Bugzilla Bug 303508: enhanced the makefile rule for $(MAPFILE). Added
...
the new variable MAPFILE_SOURCE instead of the hardcoded
$(LIBRARY_NAME).def to represent the "source" mapfile, and use $< to
refer to the "source" mapfile (prerequisite of the target) in
PROCESS_MAP_FILE. r=nelsonb.
Modified Files:
AIX.mk BSD_OS.mk Darwin.mk FreeBSD.mk HP-UX.mk IRIX.mk
Linux.mk Linux2.1.mk Linux2.2.mk Linux2.4.mk Linux2.5.mk
Linux2.6.mk NCR3.0.mk NEC4.2.mk NetBSD.mk OS2.mk OSF1.mk
OpenUNIX.mk OpenVMS.mk ReliantUNIX.mk SCO_SV3.2.mk SunOS5.mk
UNIXWARE2.1.mk WIN16.mk WIN32.mk WINCE.mk rules.mk ruleset.mk
2005-09-16 17:09:23 +00:00
wtchang%redhat.com
65241f7ef4
Removed an unnecessary -L linker flag. r=nelsonb,saul.edwards.
2005-09-16 17:02:49 +00:00
wtchang%redhat.com
3eac80068d
Bugzilla Bug 303508: code cleanup. r=nelsonb,jpierre.
2005-09-16 16:59:22 +00:00
sandeep.konchady%sun.com
50fdf2b49f
Modified import.pl, jdk.mk and release.pl under coreconf and all.pl under
...
jss test directory for bug #302550 . Attached below is the diff of the
changes done to these files.
Index: coreconf/import.pl
===================================================================
RCS file: /cvsroot/mozilla/security/coreconf/import.pl,v
retrieving revision 1.2
diff -u -r1.2 import.pl
--- coreconf/import.pl 25 Apr 2004 15:02:17 -0000 1.2
+++ coreconf/import.pl 15 Sep 2005 18:37:51 -0000
@@ -46,7 +46,6 @@
#######-- read in variables on command line into %var
-$var{ZIP} = "zip";
$var{UNZIP} = "unzip -o";
&parse_argv;
Index: coreconf/jdk.mk
===================================================================
RCS file: /cvsroot/mozilla/security/coreconf/jdk.mk,v
retrieving revision 1.14
diff -u -r1.14 jdk.mk
--- coreconf/jdk.mk 25 Apr 2004 15:02:17 -0000 1.14
+++ coreconf/jdk.mk 15 Sep 2005 18:37:52 -0000
@@ -123,14 +123,14 @@
# set [Sun Solaris] platforms
ifeq ($(OS_ARCH), SunOS)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
+ JAVA_CLASSES = $(JAVA_HOME)/jre/lib/rt.jar
ifeq ($(JRE_HOME),)
JRE_HOME = $(JAVA_HOME)
JRE_CLASSES = $(JAVA_CLASSES)
else
ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
+ JRE_CLASSES = $(JRE_HOME)/lib/rt.jar
endif
endif
@@ -144,9 +144,13 @@
# (3) specify "linker" information
ifeq ($(USE_64), 1)
- JAVA_CPU = $(shell uname -p)v9
+ ifeq ($(CPU_ARCH), x86_64)
+ JAVA_CPU = amd64
+ else
+ JAVA_CPU := $(shell uname -p)v9
+ endif
else
- JAVA_CPU = $(shell uname -p)
+ JAVA_CPU := $(shell uname -p)
endif
ifeq ($(JDK_VERSION), 1.1)
@@ -163,8 +167,6 @@
ifneq ($(JDK_VERSION), 1.1)
ifeq ($(USE_64), 1)
JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server
-else
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic
endif
JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)
JAVA_LIBS += -ljvm -ljava
@@ -220,14 +222,14 @@
# set [Redhat Linux] platforms
ifeq ($(OS_ARCH), Linux)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
+ JAVA_CLASSES = $(JAVA_HOME)/jre/lib/rt.jar
ifeq ($(JRE_HOME),)
JRE_HOME = $(JAVA_HOME)
JRE_CLASSES = $(JAVA_CLASSES)
else
ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
+ JRE_CLASSES = $(JRE_HOME)/jre/lib/rt.jar
endif
endif
@@ -241,16 +243,21 @@
# (3) specify "linker" information
JAVA_CPU = i386
-
+ ifeq ($(CPU_ARCH),x86_64)
+ ifeq ($(USE_64), 1)
+ JAVA_CPU = amd64
+ else
+ JAVA_CPU = i386
+ endif
+ endif
JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
JAVA_CLIBS =
ifeq ($(JDK_VERSION), 1.4)
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server -ljvm
- else
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
+ JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server -ljvm
endif
+
JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
JAVA_LIBS += $(JAVA_CLIBS)
Index: coreconf/release.pl
===================================================================
RCS file: /cvsroot/mozilla/security/coreconf/release.pl,v
retrieving revision 1.3
diff -u -r1.3 release.pl
--- coreconf/release.pl 25 Apr 2004 15:02:17 -0000 1.3
+++ coreconf/release.pl 15 Sep 2005 18:37:52 -0000
@@ -41,7 +41,14 @@
#######-- read in variables on command line into %var
-$var{ZIP} = "zip";
+$use_jar = 1;
+$ZIP = "$ENV{JAVA_HOME}/bin/jar";
+
+if ( $ENV{JAVA_HOME} eq "" ) {
+ $ZIP = "zip";
+ $use_jar = 0;
+}
+
&parse_argv;
@@ -56,11 +63,15 @@
($jardir,$jaropts) = split(/\|/,$jarinfo);
- $zipoptions = "-T";
- if ($jaropts =~ /a/) {
- if ($var{OS_ARCH} eq 'WINNT') {
- $zipoptions .= ' -ll';
- }
+ if ( $use_jar ) {
+ $zipoptions = "-cvf";
+ } else {
+ $zipoptions = "-T -r";
+ if ($jaropts =~ /a/) {
+ if ($var{OS_ARCH} eq 'WINNT') {
+ $zipoptions .= ' -ll';
+ }
+ }
}
# just in case the directory ends in a /, remove it
@@ -117,8 +128,8 @@
}
closedir(DIR);
- print STDERR "zip $zipoptions -r $jarfile $filelist\n";
- system("zip $zipoptions -r $jarfile $filelist");
+ print STDERR "$ZIP $zipoptions $jarfile $filelist\n";
+ system("$ZIP $zipoptions $jarfile $filelist");
rmdir("META-INF");
for $i (1 .. $dirdepth) {
chdir("..");
Index: jss/org/mozilla/jss/tests/all.pl
===================================================================
RCS file: /cvsroot/mozilla/security/jss/org/mozilla/jss/tests/all.pl,v
retrieving revision 1.22
diff -u -r1.22 all.pl
--- jss/org/mozilla/jss/tests/all.pl 6 Sep 2005 17:57:40 -0000 1.22
+++ jss/org/mozilla/jss/tests/all.pl 15 Sep 2005 18:37:54 -0000
@@ -136,12 +136,26 @@
exit(1);
}
+ #
+ # Use 64-bit Java on AMD64.
+ #
+
$java = "$ENV{JAVA_HOME}/jre/bin/java$exe_suffix";
+ my $java_64bit = 0;
+ if ($osname eq "SunOS") {
+ if ($ENV{USE_64}) {
+ my $cpu = `/usr/bin/isainfo -n`;
+ if ($cpu == "amd64") {
+ $java = "$ENV{JAVA_HOME}/jre/bin/amd64/java$exe_suffix";
+ $java_64bit = 1;
+ }
+ }
+ }
(-f $java) or die "'$java' does not exist\n";
$java = $java . $ENV{NATIVE_FLAG};
- if ($ENV{USE_64}) {
- $java = $java . " -d64";
+ if ($ENV{USE_64} && !$java_64bit) {
+ $java = $java . " -d64";
}
$pwfile = "passwords";
2005-09-16 00:33:23 +00:00
nelsonb%netscape.com
9499265f5c
Plug leaks in SSL bypass code. Add freeit argument to HMAC_Destroy function.
...
Change existing callers to pass this argument. Call HMAC_Destroy from SSL.
Bug 305147. r=Julien.Pierre
Modified Files: freebl/alghmac.c freebl/alghmac.h freebl/loader.c
freebl/loader.h freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
ssl/ssl3con.c
2005-09-14 04:12:50 +00:00
wtchang%redhat.com
f889a99cbb
Bugzilla Bug 301554: Clear the 'present' flag if slot fails to refresh.
...
relyea wrote the patch. r=wtc,nelsonb.
2005-09-14 01:35:02 +00:00
cbiesinger%web.de
853c2b4645
bug 292368 remove obsolete file; replaced by nsICryptoHash
2005-09-12 17:51:57 +00:00
nelsonb%netscape.com
fdffe11308
Fix regression introduced in last checkin. If the caller disables the
...
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack. bug 305147. r=julien.pierre
2005-09-10 01:18:40 +00:00
saul.edwards%sun.com
d016e006b8
Bug 305147: add -B (bypass SSL) and -s (disable SSL locking) to server and client commands; add bypass testing to SSL test suite.
2005-09-09 04:50:07 +00:00
nelsonb%netscape.com
4b56704437
Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS.
...
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c. derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
1d31068271
Export function PK11_MapSignKeyType for use by libSSL. Bug 305147.
...
r=relyea.
Modified Files: nss/nss.def pk11wrap/pk11mech.c pk11wrap/pk11obj.c
pk11wrap/pk11pub.h pk11wrap/secmodi.h
2005-09-09 02:03:57 +00:00
christophe.ravel.bugs%sun.com
cba8f8955c
238319: Sun packages changes.
...
Install 64 bit libraries in lib64 on Linux.
2005-09-08 22:23:54 +00:00
saul.edwards%sun.com
80e0981d59
Packaging for bug 303508: new freebl library names for Solaris packages.
...
Note that Linux does not require these changes because the Makefile picks up
all .so and .chk files for Linux packages.
2005-09-08 02:25:49 +00:00
wtchang%redhat.com
4250ad5929
Bugzilla Bug 299197: define two bitflags for every PKCS #11 object
...
attribute with no exceptions. renamed PK11_ATTR_READONLY as
PK11_ATTR_UNMODIFIABLE. In pk11_OpFlagsToAttributes, backed out a change
I made before. Made pk11_AttrFlagsToAttributes table-driven. In
pk11_loadPrivKeyWithFlags, fixed the bug (always loading the public key as
a token object). Other code cleanups. r=relyea,nelsonb.
Modified files: pk11akey.c pk11obj.c pk11pub.h pk11skey.c secmodt.h
2005-09-07 18:23:35 +00:00
saul.edwards%sun.com
0194469cc5
Bug 303508: Add freebl shared libs that do 64-bit integer math. Bug 274984: softoken fails to load freebl in setuid programs. freebl becomes a shared library on all platforms. r=nelson
...
Modified Files:
coreconf/HP-UXB.11.mk coreconf/SunOS5.mk
nss/cmd/shlibsign/Makefile nss/cmd/shlibsign/manifest.mn
nss/lib/freebl/Makefile nss/lib/freebl/arcfour.c
nss/lib/freebl/blapi.h nss/lib/freebl/config.mk
nss/lib/freebl/ldvector.c nss/lib/freebl/loader.c
nss/lib/freebl/loader.h nss/lib/freebl/manifest.mn
Added Files:
nss/lib/freebl/freebl.def
2005-09-07 02:47:16 +00:00
glen.beasley%sun.com
2a16957317
306114 enable/disable FIPS modes files: CryptoManager.c, tests/all.pl, tests/FipsTest.java r=sandeep,sr=wtc
2005-09-06 17:57:40 +00:00
glen.beasley%sun.com
8ebcacd943
305984 update FIPS values for cipher suites file=sslinfo.c r=bob,sr=wtc
2005-09-06 17:15:32 +00:00
smfr%smfr.org
c6ba13f2ab
Fix bug 306795: nsNSSCertificateDB::IsCertTrusted() fails to check the return value from CERT_GetCertTrust(), so can return random trust bits. r=dougt, sr=rrelyea
2005-09-04 19:05:01 +00:00
sandeep.konchady%sun.com
fca60837f2
Added Password.clear() and PBEKeyGenParams.clear() so that the objects are
...
released when GC tries to collect them.
2005-09-02 22:48:46 +00:00
sandeep.konchady%sun.com
09666e78db
Adding JSS SelfServ test client and server.
2005-09-02 20:58:08 +00:00
julien.pierre.bugs%sun.com
132ddbe43e
Fix 306785 . Memory leaks in PQG_ParamGenSeedLen . r=nelson
2005-09-02 20:05:35 +00:00
wtchang%redhat.com
db235ef59a
Bugzilla Bug 299197: added PK11AttrFlags and PK11_GenerateKeyPairWithFlags.
...
Modified PK11_TokenKeyGenWithFlags to take a PK11AttrFlags parameter.
PK11AttrFlags controls the values of commonly used PKCS #11 object
attributes that have Boolean values. r=relyea,nelsonb.
Modified Files:
nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11obj.c
pk11wrap/pk11pub.h pk11wrap/pk11skey.c pk11wrap/secmodi.h
pk11wrap/secmodt.h
2005-09-02 18:25:04 +00:00
wtchang%redhat.com
184d7ab678
Bugzilla Bug 305835: removed NSS_ENABLE_ECC ifdefs under nss/lib except
...
nss/lib/{freebl,softoken,ssl}. r=nelsonb.
Modified Files:
cryptohi/keyhi.h cryptohi/manifest.mn cryptohi/seckey.c
cryptohi/secsign.c freebl/ec.c pk11wrap/manifest.mn
pk11wrap/pk11akey.c pk11wrap/pk11cert.c pk11wrap/pk11mech.c
pk11wrap/pk11obj.c pk11wrap/pk11skey.c pkcs12/manifest.mn
pkcs12/p12d.c pkcs7/config.mk pkcs7/p7decode.c
pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
smime/config.mk
2005-09-02 01:24:57 +00:00
wtchang%redhat.com
4113e9229d
Bugzilla Bug 303507: changed GCC's default OPTIMIZER back to -O2.
...
r=saul.edwards.
2005-09-02 00:59:00 +00:00
bsmedberg%covad.net
a63c75a8a1
Bug 306615 - Fold PSM into libxul r=darin
2005-09-01 12:43:58 +00:00
wtchang%redhat.com
afccecc775
Bugzilla Bug 257693: code cleanup. 1. Change "X9.63" to "X9.62". 2. In
...
EC_ValidatePublicKey, set error codes and handle a NULL return from
ECGroup_fromName. 3. In the ECGroupStr structure, move the validate_point
field up. 4. In the test cases, if the tests that should fail, passed,
say so in the error messages. r=douglas@stebila.ca .
Modified Files:
blapi.h ec.c ecl/ecl-priv.h ecl/ecl.c ecl/ecl.h
ecl/tests/ec2_test.c ecl/tests/ecp_test.c
2005-08-27 01:09:22 +00:00
gavin%gavinsharp.com
5c09c35d46
Bug 263182: Page Info (Security tab) doesn't explain mixed secure/insecure, r=kaie.bugs, sr=neil.parkwaycc.co.uk
2005-08-26 20:34:31 +00:00
dougt%meer.net
7c0ee6b9d3
Bug 302284. add xpi hash support to InstallTrigger.install(). r=dveditz, sr=shaver, a=asa
2005-08-26 06:46:21 +00:00
julien.pierre.bugs%sun.com
32714968eb
Fix for 297802 . r=wtchang . Add $(OS_LIBS) to MKSHLIB rules.
...
Add -z defs linker option for Solaris and Linux .
Also add -z ignore on Solaris .
2005-08-26 02:17:05 +00:00
wtchang%redhat.com
dd1fe47c6d
Bugzilla bug 302212: backed out the previous checkin. The corresponding
...
Mozilla patch hasn't been checked in yet.
2005-08-25 23:23:40 +00:00
relyea%netscape.com
33f6464950
Bug 302416 NSS root cert module & fortezza should not be using NSPR static libraries
...
r=wtc
sr-julien
Side effects: Root cert module now works with CKF_OS_LOCKING_OK and not callbacks,
but does not work if CKF_OS_LOCKING_OK == 0 and callbacks are define.
2005-08-25 20:08:27 +00:00
saul.edwards%sun.com
54f6fe8f80
Addendum to 303507 - set default OPTIMIZER for Linux and Solaris gcc builds
...
to -O3, consolidate flags to Linux.mk.
2005-08-24 23:58:36 +00:00
christophe.ravel.bugs%sun.com
a58024a52e
Uprev JSS version to 4.1.1 Beta.
2005-08-24 23:39:12 +00:00
wtchang%redhat.com
d624f9129a
Bugzilla Bug 296410: further simplify the code by always referencing the
...
buffer using the same union member. r=relyea.
VFYContextCVS: ----------------------------------------------------------------------
2005-08-24 23:05:39 +00:00
wtchang%redhat.com
bb71b54311
Bugzilla bug 302670: backed out the use of system zlib because some Linux
...
distributions are using zlib 1.1.4, which causes our signtool tests to
fail intermittently. Don't know why.
2005-08-20 01:05:44 +00:00
bienvenu%nventure.com
690785e15a
add optional support for mit kerberos for windows, patches by cneberg@gmail.com, r=darin, sr=bienvenu 280792
2005-08-19 14:25:22 +00:00
julien.pierre.bugs%sun.com
22ff330626
Fix AIX build problem
2005-08-18 23:37:31 +00:00
wtchang%redhat.com
b344095748
Bugzilla Bug 266123: support 64-bit PowerPC builds for Linux distributions
...
(such as Red Hat and Fedora) whose GCC generates 32-bit code by default.
r=cls.
2005-08-18 17:48:26 +00:00
nelsonb%netscape.com
3c64b87604
Remove fortezza header files from package. Bug 239960. patch by
...
wtchang@redhat.com , r=nelson@bolyard.com Modified Files: prototype
2005-08-18 03:42:00 +00:00
cbiesinger%web.de
e519fb7724
bug 277587 nsSecureBrowserUIImpl's nsUIContext interface requestor doesn't give
...
access to the dom window
patch by Christian Persch <chpe@gnome.org> r=jgmyers sr=roc a=asa
2005-08-17 13:38:03 +00:00
julien.pierre.bugs%sun.com
6b5d842c09
Fix for bug 217024. add a function for comparing cert validity periods. r=wtchang
2005-08-17 02:04:12 +00:00
sandeep.konchady%sun.com
9c0e116e76
Bug Id: 304195
...
Added try/catch block around the method calls within toString(). Calls
such as getInetAddress(), getPort() etc does not check if the socket is
closed, and when applications use toString() on a closed socket, there
is an uncaught exception.
2005-08-16 23:44:45 +00:00
saul.edwards%sun.com
c3fa2091c5
Bug 303507: Add comba for MPI's multiply and square routines.
...
This code is currently for AMD 64 on both Linux and Solaris only.
2005-08-16 19:25:48 +00:00
nelsonb%netscape.com
d391504d03
Remove fortezza code from libSSL and from the SSL test programs.
...
Stop building fortezza's special software token, and fortezza specific
test programs. Bug 239960. r=rrelyea.
Modified Files:
cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
lib/ssl/sslt.h
2005-08-16 03:42:26 +00:00
wtchang%redhat.com
3e2e9c754f
Bugzilla bug 296410: checked in a better fix than the previous checkin.
...
Also removed the unused, unexported function SEC_VerifyFile. r=nelsonb.
2005-08-16 01:57:51 +00:00
wtchang%redhat.com
88fb7bee52
Bugzilla bug 296410: removed unused, unexported function SEC_SignFile.
...
r=nelsonb.
2005-08-16 01:52:17 +00:00
wtchang%redhat.com
af11fc1310
Bugzilla Bug 302670: enable NSS to use system zlib and do that on Linux.
...
r=nelsonb.
Modified Files:
coreconf/Linux.mk nss/cmd/Makefile nss/cmd/manifest.mn
nss/cmd/platlibs.mk
2005-08-16 01:08:59 +00:00
wtchang%redhat.com
f95409ea4c
Bugzilla Bug 302212: enable Mac OS X x86 builds to target SDKs. The patch
...
is contributed by Mark Mentovai <mark@moxienet.com>. r=wtc.
2005-08-15 22:44:22 +00:00
wtchang%redhat.com
e758a9999b
Bugzilla Bug 298612: make sure that the int argument that we pass to the
...
isspace, etc. macros is EOF or between 0 and 255. r=nelsonb.
2005-08-15 22:06:47 +00:00
wtchang%redhat.com
5e25df8763
Bugzilla Bug 298957: removed a comment. The code already does what the
...
comment asked for. r=relyea.
2005-08-15 21:34:42 +00:00
relyea%netscape.com
80d892f39d
Bug 225034 Certificate Manager Crashes Mozilla [@ nsCertTree::CmpByCrit]
...
sr=brendan r=wtc a=dbaron
The issue is the use of the PL_DHash* functions. It's possible that a given call
to PL_DHashOperate which adds a new entry may cause the hash table to expand,
and all the existing entries to be reallocated. PL_DHash does this by allocating
new memory, then copying the entries.
getCacheEntry() returns one of these hash entries. CmpBy() makes two consecutive
calls to getCacheEntry, then uses the returned entries for it's comparisons. If
the second entry call causes a new entry to be added to the table, and causes
the hash table to expand, the pointer to the first entry we retrieved will point
to freed memory.
The fix is to make the usable entry a pointer in the hashtable entry, and return
that pointer. When the hashtable rebuilds it's entries, the pointer will be
copied to the new entry and not be disturbed.
2005-08-15 21:23:51 +00:00
wtchang%redhat.com
55197b5cfd
Bugzilla Bug 289530: fixed signed/unsigned comparison compiler warnings.
...
Fixed compilation errors of new ECC code added in the previous checkin.
r=nelsonb.
2005-08-15 21:23:39 +00:00
relyea%netscape.com
29e52be20d
Remove ^M from the tree version of mpcpucache.c
2005-08-15 19:00:17 +00:00
saul.edwards%sun.com
95723d010a
Bug 285932: Faster SHA1 implementation for AMD64: sha-fast-amd64-sun.s is
...
currently only for Solaris AMD 64 when using Sun studio compilers.
2005-08-15 16:55:22 +00:00
wtchang%redhat.com
2577eb148c
Bugzilla bug 302286: fixed the bug that NSS misinterpreted the
...
CKA_PRIME_BITS attribute for DSA's p parameter. r=relyea.
Modified files: pk11wrap/pk11pqg.c softoken/pkcs11c.c
2005-08-13 00:09:26 +00:00
wtchang%redhat.com
12ebc20147
Bugzilla Bug 302286: PQG_PBITS_TO_INDEX should reject p bits that are
...
less than 512 or greater than 1024. r=relyea.
2005-08-13 00:07:18 +00:00
wtchang%redhat.com
0824c317a1
Bugzilla Bug 296410: enlarge the buffer size for message digest so that
...
we can generate and verify signatures that use SHA-512. r=relyea
Modified files: secsign.c secvfy.c
2005-08-12 23:50:19 +00:00
wtchang%redhat.com
3caf238827
Bugzilla bug 240554: Alice's cert doesn't need to be added to Bob's db.
...
r=relyea.
Modified files: cert.sh eccert.sh
2005-08-12 23:27:44 +00:00
wtchang%redhat.com
148653a358
Bugzilla bug 240554: we should pass the signature algorithm, not the
...
public key's algorithm, to VFY_VerifyData and VFY_VerifyDigest. Only
fixed this in cmssiginfo.c. In p7decode.c I just added comments saying
they should be fixed. r=relyea.
Modified files: lib/smime/cmssiginfo.c lib/pkcs7/p7decode.c
2005-08-12 23:26:38 +00:00
wtchang%redhat.com
1a568d0852
Bugzilla bug 240554: set (better) error codes and removed an unreachable
...
break statement. r=relyea.
2005-08-12 23:24:22 +00:00
wtchang%redhat.com
c0bd0e749a
Bugzilla bug 240554: fixed signed/unsigned comparison compiler warning.
...
r=relyea.
2005-08-12 23:22:28 +00:00
wtchang%redhat.com
e09393045c
Bugzilla bug 292239: have the softoken report Cryptoki version 2.20.
...
r=relyea.
2005-08-12 23:14:22 +00:00
wtchang%redhat.com
2d2b80688d
Bugzilla bug 292239: added a change missed in the previous checkin.
...
r=relyea.
2005-08-12 23:12:18 +00:00
relyea%netscape.com
684e5d1c2b
Correct mistyped version of wtc patch.
2005-08-12 22:19:19 +00:00
relyea%netscape.com
a584ef4a1d
Bug 292239 r wtc & julien
...
Merge PKCS #11 v2.20 header files
2005-08-12 18:58:47 +00:00
sandeep.konchady%sun.com
62ee9e4e59
As per Wan-Teh's suggestion, the comments are modified to look as shown below.
...
#/********************************************************************/
#/* The VERSION Strings should be updated in the following */
#/* files everytime a new release of JSS is generated: */
#/* */
#/* org/mozilla/jss/CryptoManager.java */
#/* org/mozilla/jss/CryptoManager.c */
#/* org/mozilla/jss/util/jssver.h */
#/* lib/manifest.mn */
#/* */
#/********************************************************************/
2005-08-12 18:39:14 +00:00
relyea%netscape.com
5ab7c1109c
Bug 303010 Certificate upgrade can drop S/MIME certificates
...
r=wtc.
Delay loading the S/MIME records on upgrade until the cert is loaded
2005-08-12 18:01:26 +00:00
jst%mozilla.jstenback.com
e23ea875f3
Followup changes to bzabarsky's review for bug 296639. Reviews pending, a=drivers@mozilla.org
2005-08-12 04:11:00 +00:00
wtchang%redhat.com
0543618d9c
Bugzilla Bug 257693: actually implemented EC_ValidatePublicKey and added a
...
test case. The patch is contributed by Douglas Stebila
<douglas@stebila.ca>. r=wtc.
Modified Files:
ec.c ecl/ec2.h ecl/ec2_aff.c ecl/ecl-priv.h ecl/ecl.c
ecl/ecl.h ecl/ecp.h ecl/ecp_aff.c ecl/tests/ec2_test.c
ecl/tests/ecp_test.c
2005-08-12 00:59:19 +00:00
wtchang%redhat.com
67ffaff684
Bugzilla Bug 298514: added a missing break statement and removed an unused
...
variable. r=jpierre.
2005-08-12 00:44:35 +00:00
wtchang%redhat.com
9a026f7eba
Bugzilla Bug 240554: added ECDSA support in S/MIME. The patch is
...
contributed by Vipul Gupta <vipul.gupta@sun.com>. r=wtc.
Modified Files:
cryptohi/secsign.c pkcs7/config.mk pkcs7/p7decode.c
pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
smime/config.mk
2005-08-11 23:11:40 +00:00
wtchang%redhat.com
e8ad6847cf
Bugzilla Bug 240554: added S/MIME tests for ECDSA. The patch is
...
contributed by Vipul Gupta <vipul.gupta@sun.com>. r=wtc.
Modified files: fixtests.sh cert/eccert.sh
Added file: smime/ecsmime.sh
2005-08-11 22:50:12 +00:00
sandeep.konchady%sun.com
c3281b24a7
Older release of JSS had an issue with gradually slowing socket read time when
...
transfering large files (> 10MB). In order to test this in current and future
release, there needs to be a test client that can read a file and transfer it to
a server (remote or local) via JSS socket. The server should report the number
of bytes read and the time it took to read these bytes. There should not no
degradation in read time if there is no leak of any sort.
This is not part of all.pl, but is a client/server that uses JSS to transfer
files securely. The main purpose of this test would be to test the performance
of large file transfer using JSS.
NOTE: If bufferedStream.mark(Integer.MAX_VALUE); method is invoked then fill
method of BufferedInputStream class copies lot of data using System.arraycopy
(which in-turn use memcpy). This causes very high CPU usage. This is one of
the reasons secure large file transfer can become slow over time.
2005-08-11 18:28:59 +00:00
nelsonb%netscape.com
0d980a5ea1
A faster c implementation of SHA1 for most platforms. Bug 285932.
...
r=wtchang Modified Files: prng_fips1861.c sha_fast.c sha_fast.h
2005-08-11 01:01:08 +00:00
wtchang%redhat.com
9b7075b1d2
Bugzilla Bug 303116: fixed an off-by-one error in the size of the NAF
...
buffer. We access this buffer using indices from 0 to orderBitSize.
r=douglas.stebila.
2005-08-10 20:35:07 +00:00
wtchang%redhat.com
24b5ce2c08
Bugzilla Bug 303116: fixed an off-by-one error when duplicating a string.
...
r=douglas.stebila.
2005-08-10 18:49:29 +00:00
wtchang%redhat.com
19e9429f0d
Bugzilla Bug 303116: this file doesn't need to include <strings.h>, which
...
doesn't exist on Windows. r=relyea.
Bugzilla Bug 303130: fixed memory leak of mp_int in ECPoints_mul.
r=douglas.stebila.
2005-08-10 18:46:29 +00:00
wtchang%redhat.com
f728d5d9bb
Bugzilla Bug 266123: added ppc64 support. The patch is contributed by
...
Markus Rothe <markus@unixforces.net>. r=wtc.
2005-08-09 22:31:24 +00:00
wtchang%redhat.com
51a9c2f4bd
Bugzilla bug 303986: do not assume the line ending is '\n'; it may be the
...
two character sequence '\r''\n'. Make sure a character is a digit before
using it as a digit. r=jpierre.
2005-08-09 22:19:09 +00:00