sr=brendan r=wtc a=dbaron
The issue is the use of the PL_DHash* functions. It's possible that a given call
to PL_DHashOperate which adds a new entry may cause the hash table to expand,
and all the existing entries to be reallocated. PL_DHash does this by allocating
new memory, then copying the entries.
getCacheEntry() returns one of these hash entries. CmpBy() makes two consecutive
calls to getCacheEntry, then uses the returned entries for it's comparisons. If
the second entry call causes a new entry to be added to the table, and causes
the hash table to expand, the pointer to the first entry we retrieved will point
to freed memory.
The fix is to make the usable entry a pointer in the hashtable entry, and return
that pointer. When the hashtable rebuilds it's entries, the pointer will be
copied to the new entry and not be disturbed.
public key's algorithm, to VFY_VerifyData and VFY_VerifyDigest. Only
fixed this in cmssiginfo.c. In p7decode.c I just added comments saying
they should be fixed. r=relyea.
Modified files: lib/smime/cmssiginfo.c lib/pkcs7/p7decode.c
#/********************************************************************/
#/* The VERSION Strings should be updated in the following */
#/* files everytime a new release of JSS is generated: */
#/* */
#/* org/mozilla/jss/CryptoManager.java */
#/* org/mozilla/jss/CryptoManager.c */
#/* org/mozilla/jss/util/jssver.h */
#/* lib/manifest.mn */
#/* */
#/********************************************************************/
test case. The patch is contributed by Douglas Stebila
<douglas@stebila.ca>. r=wtc.
Modified Files:
ec.c ecl/ec2.h ecl/ec2_aff.c ecl/ecl-priv.h ecl/ecl.c
ecl/ecl.h ecl/ecp.h ecl/ecp_aff.c ecl/tests/ec2_test.c
ecl/tests/ecp_test.c
transfering large files (> 10MB). In order to test this in current and future
release, there needs to be a test client that can read a file and transfer it to
a server (remote or local) via JSS socket. The server should report the number
of bytes read and the time it took to read these bytes. There should not no
degradation in read time if there is no leak of any sort.
This is not part of all.pl, but is a client/server that uses JSS to transfer
files securely. The main purpose of this test would be to test the performance
of large file transfer using JSS.
NOTE: If bufferedStream.mark(Integer.MAX_VALUE); method is invoked then fill
method of BufferedInputStream class copies lot of data using System.arraycopy
(which in-turn use memcpy). This causes very high CPU usage. This is one of
the reasons secure large file transfer can become slow over time.
Sparc v8 (not V8plus) CPUs. This works around a performance regression
by restoring the former code. Bug 303338. r=wtchang.
Modified Files: Makefile
Added Files: mpi/mpv_sparcv8x.s
Upgrade license to tri-license. Fix a bunch of whitespace problems,
WAY too much indentation. Related to bug 303338. r=wtchang.
Modified Files: mpi/mpv_sparcv8.s
to nss/lib/freebl. This version is identical to the first version
of this file in nss/lib/freebl. Bug 303316. r=wtchang.
Modified Files: alghmac.c alghmac.h rawhash.c
so that all those functions can initialize a preallocated context.
Bug 303334. r=rrelyea.
Modified Files: aeskeywrap.c alg2268.c arcfour.c blapi.h blapit.h desblapi.c
ldvector.c loader.c loader.h md2.c md5.c rijndael.c rijndael.h sha512.c
automatically created by the fixtests.sh script by copying the non-ECC
(default) test scripts to these names. r=vipul.gupta.
Removed Files: cert/noeccert.sh tools/noectools.sh
RSA private key to a session key, to eliminate DB lookups and 3DES
unwrapping for every use. Bug 274538. r=rrelyea.
Modified Files: nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11pub.h
nelsonb%netscape.com
wtchang%redhat.com
relyea%netscape.com
saul.edwards%sun.com
sandeep.konchady%sun.com
jst%mozilla.jstenback.com
cbiesinger%web.de
julien.pierre.bugs%sun.com
dougt%meer.net