relyea%netscape.com
46ee0eea31
bug 162976: make crl update atomic. Set up new Crl with a new Object ID which is different from the old one.
2003-03-04 22:36:27 +00:00
relyea%netscape.com
72f513f7ef
Bug 162976. Make CRL updates 'atomic' . Insert new CRL before deleting the
...
old one.b
2003-03-04 22:34:56 +00:00
relyea%netscape.com
df2b3f1e6e
Print all the certs for a given nickname, not just the first.
2003-03-04 22:32:24 +00:00
relyea%netscape.com
be7d152cb3
Fix QA failures on tip (don't dereference through a NULL pointer).
2003-03-03 19:46:22 +00:00
wtc%netscape.com
ac86d72617
Bug 195127: 1. Enable DEBUG_SHVERIFY. 2. Added debug output to print the
...
file name if PR_Open fails.
2003-03-01 01:53:11 +00:00
relyea%netscape.com
26e539e088
bug 19590
...
RFE:Add ability to encode/decode NSSCMSRecipientInfo structures
r=javi,wtc
2003-02-28 23:32:29 +00:00
ian.mcgreer%sun.com
64a832e0e7
bug 177556, signtool -l fails
...
r=wtc
2003-02-28 21:14:36 +00:00
ian.mcgreer%sun.com
cccb7a3f68
bug 191757, InitOIDHash() not threadsafe
...
r=relyea
2003-02-28 21:13:20 +00:00
bolian.yin%sun.com
67a96671aa
Bug 194821, Page Info: add access keys for _H_elp button, and _V_iew in Security tab
...
r=db48x, sr=jaggernaut, patch by jessie.li@sun.com .
2003-02-28 11:20:20 +00:00
wtc%netscape.com
d31cd6e89d
Bug 195196: fixed a typo.
2003-02-27 14:49:30 +00:00
nelsonb%netscape.com
42fae25f24
Add support for Elliptic Curve Cryptography. Bug 195135.
...
Modified Files:
cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
lib/cryptohi/keythi.h lib/cryptohi/seckey.c
lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
lib/softoken/lowkeyti.h lib/softoken/manifest.mn
lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
lib/util/secoid.c lib/util/secoidt.h
Added Files:
lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
lib/freebl/ec.h lib/softoken/ecdecode.c
2003-02-27 01:31:38 +00:00
kairo%kairo.at
11348f5311
bug 194924 - localeVersion update for 1.4a, r=rchen, sr=blizzard
2003-02-27 00:05:44 +00:00
nelsonb%netscape.com
66f7b8cddb
Add missing dependency on error headers.
2003-02-26 23:52:40 +00:00
nelsonb%netscape.com
e7a02a41a4
Fix bug 194840. Get new random seed before each attempt to sign with DSA.
2003-02-25 23:45:23 +00:00
kirk.erickson%sun.com
1fb9fd4cdd
Addresses bug 193378 modutil should print an error message,
...
by printing error on SECMOD_DeleteInternalModule() failure.
2003-02-25 02:09:11 +00:00
wtc%netscape.com
6d5833f249
Bug 190537: build OS/2 DLLs using the map files to control symbol export.
...
The patch is contributed by Javier Pedemonte <pedemont@us.ibm.com>.
Modified files: coreconf/OS2.mk coreconf/rules.mk nss/lib/ckfw/nssck.api
2003-02-25 01:40:04 +00:00
pete.zha%sun.com
29f051b1d6
bug=193068
...
Missing accesskeys in preference dialogs
r=timeless sr=jaggernaut@netscape.com
2003-02-24 07:59:17 +00:00
robin.lu%sun.com
0203ef6893
fixed bug 149841 It should NOT be possible to open cert manager twice at the same time. r=kaie sr=alecf
2003-02-24 07:07:13 +00:00
wtc%netscape.com
0bff47a153
Simplified the test for substrings.
2003-02-22 15:20:07 +00:00
varga%netscape.com
0d0ab083d9
Fix for bug 192365. Remove extraneous seltype="multiple" attributes of <tree>s in xul.
...
r=varga, sr=jag, patch by Daniel Crisman <bugzilla@w.d6.org>
2003-02-22 11:48:19 +00:00
mscott%netscape.com
105486968a
ACK this wasn't meant for the trunk. File wasn't tagged properly. Sorry. backing out.
2003-02-22 02:35:31 +00:00
mscott%netscape.com
47ae6e0aab
hide ftp channel when building minotaur
2003-02-22 02:22:51 +00:00
nelsonb%netscape.com
95525c28a1
Fix bug 160207. Make TLS implementation resistant to timing attacks on
...
CBC block mode cipher suites in TLS. See bug for details.
2003-02-21 23:00:16 +00:00
wtc%netscape.com
d97151bee3
Bug 194309: cvs removed libpath.c because the freebl_GetLibraryFilePathname
...
function has been replaced by the new NSPR 4.3 function
PR_GetLibraryFilePathname.
2003-02-21 02:40:52 +00:00
wtc%netscape.com
c6ada6f97b
Bug 194309: replaced freebl_GetLibraryFilePathname by the new NSPR 4.3
...
function PR_GetLibraryFilePathname.
Modified files: config.mk manifest.mn shvfy.c
2003-02-21 00:41:24 +00:00
mkaply%us.ibm.com
176876e10c
OS/2 bustage - PR_CALLBACK
2003-02-20 19:09:43 +00:00
wtc%netscape.com
1d3e993c7a
Bug 194222: Removed SECMOD_CallOnce. It is replaced by the new NSPR 4.3
...
function PR_CallOnceWithArg.
Modified files: nss/nssinit.c pk11wrap/pk11cert.c pk11wrap/secmodi.h
2003-02-20 16:58:57 +00:00
wtc%netscape.com
b7882c433d
Bug 118832: do not include NSS private header files. "genname.h" is simply
...
not needed. "crmfi.h" can be avoided by using the public function
CRMF_EncodeCertReqMessages. r=kaie. sr=bryner. a=asa for mozilla 1.3.
Modified Files: Makefile.in nsCrypto.cpp nsNSSIOLayer.cpp
2003-02-20 14:56:10 +00:00
sonja.mirtitsch%sun.com
57ec96bba5
writing actual return of modutil to output.log, bug 193394 r=wtc
2003-02-20 00:52:40 +00:00
kaie%netscape.com
1f21ec5ceb
b=173369 Migrating NSS databases from the "CFM" build to the "mach-o" build
...
r=javi sr=peterv a=asa
2003-02-20 00:19:45 +00:00
sonja.mirtitsch%sun.com
a79dc7f765
echoing modutil commandline to output.log, bug 193394 r=wtc
2003-02-19 23:26:52 +00:00
sonja.mirtitsch%sun.com
1945c33989
switching the NSPR version to v4.3-beta1
2003-02-19 23:21:23 +00:00
jpierre%netscape.com
4c5cf50f52
Patch for 193961 - incorporate Wan-Teh's feedback
2003-02-19 21:50:49 +00:00
wtc%netscape.com
c210ab5523
Bug 190960: added the DHE ciphersuites back because the underlying NSS bug
...
(bug 188856) that broke them has been fixed. r=kaie. sr=bryner. a=asa for
mozilla1.3.
Modified Files:
netwerk/base/public/security-prefs.js
security/manager/pki/resources/content/ssl3tlsciphers2.xul
security/manager/pki/resources/locale/en-US/pref-ssl.dtd
security/manager/ssl/src/nsNSSComponent.cpp
2003-02-19 15:08:50 +00:00
jpierre%netscape.com
cc0db2005f
Fix for bug 193691 . Make QuickDER return an error rather than assert if extraneous data is present in the buffer
2003-02-19 02:29:48 +00:00
thayes%netscape.com
1f3f0e69ef
Bug 192639: Use utility functions for managing token passwords so that
...
cmsutil will prompt for the value if it is not given on the command line.
r=nelsonb
2003-02-19 00:39:39 +00:00
wtc%netscape.com
3d0a1f67b4
Bug 193367: do not call PR_Now() in a loop. r=nelsonb.
2003-02-18 23:26:39 +00:00
ian.mcgreer%sun.com
d84324a740
bug 174200, don't attempt to decode cert when destroying it, handle failure
...
to decode cert serial number
r=nelsonb
2003-02-18 20:53:14 +00:00
wtc%netscape.com
a44277fff4
Add DHE algorithms to the list. (Merged relyea's checkin (rev. 1.3.2.1)
...
from the NSS_3_7_BRANCH to the trunk.)
2003-02-18 02:53:54 +00:00
wtc%netscape.com
442aeeb97a
Bug 188856: it is not necessary to declare 'crv' in these blocks because it
...
is already declared in the outer scope.
2003-02-18 02:47:04 +00:00
wtc%netscape.com
60391f57be
Bug 192617: export NSS_CMSRecipientInfo_Wrap/UnwrapBulkKey from the smime3
...
shared library.
2003-02-18 00:45:34 +00:00
wtc%netscape.com
91857ca5bd
Bug 134967: handle spaces and hyphens in $(USERNAME). Convert them to
...
underscores. r=seawood@netscape.com .
2003-02-15 20:39:01 +00:00
wtc%netscape.com
43ac537225
Bug 193055: the "cat ${file} | while read ...do ... done" construct does
...
not work under MKS Korn shell on Windows XP. Replaced it by the equivalent
construct "while read ... do ... done < ${file}".
2003-02-15 04:48:13 +00:00
relyea%netscape.com
b13bd23954
Bug 167756. Address Nelson's review comments. remove socket specific latency
...
in favor of a slot specific latency test (already done by pk11wrap code).
2003-02-15 01:21:25 +00:00
relyea%netscape.com
ff5dbf2eed
bug193367: Don't blindly copy all the certs from a given S/MIME message into the db.
2003-02-15 00:23:04 +00:00
sonja.mirtitsch%sun.com
bf0426a4ab
bug 193394, change to check returncode of modutil after switching to
...
fips mode, r=wtc
2003-02-14 21:30:45 +00:00
wtc%netscape.com
74b8cae5f0
There should be no token after #endif.
2003-02-14 05:32:35 +00:00
kirk.erickson%sun.com
5c579360c2
Changed License: MPL to MPL/GPL.
2003-02-13 18:24:07 +00:00
relyea%netscape.com
69ce67aba4
Turn off debugging output now that we have the tinderboxen working correctly.
2003-02-13 17:41:45 +00:00
kirk.erickson%sun.com
2908f09255
Added softokn3 library, and the new integrity check files.
2003-02-13 03:30:19 +00:00
wtc%netscape.com
973801b199
Bug 193057: add WINNT5.1_* symlinks in mozilla/dist for Windows XP QA.
2003-02-13 01:45:01 +00:00
relyea%netscape.com
6270df5573
Turn off the mangle test for now.
2003-02-12 22:21:59 +00:00
kirk.erickson%sun.com
f1af545d36
Removed extraneous ` from PRODUCT_VERSION.
2003-02-12 16:12:14 +00:00
wtc%netscape.com
684c1663ec
Bug 107976: allow CC to be overridden (with the full pathname of the C
...
compiler) on the make command line.
Modified files: AIX.mk ruleset.mk
2003-02-11 01:15:36 +00:00
relyea%netscape.com
2d128d88e2
Always free the key reference passed to us from the client
2003-02-10 22:36:45 +00:00
kirk.erickson%sun.com
9d79e728d1
Resolves bug 191221, by adding dynamic versioning for Solaris.
2003-02-10 18:18:52 +00:00
wtc%netscape.com
165f568bae
Bug 131826: backed out the zlib 1.1.4 upgrade because the signtool tests
...
failed.
Modified Files:
README adler32.c compress.c crc32.c deflate.c deflate.h
example.c gzio.c infblock.c infblock.h infcodes.c infcodes.h
inffast.c inffast.h inflate.c inftrees.c inftrees.h infutil.c
infutil.h minigzip.c trees.c uncompr.c zconf.h zlib.h zutil.c
zutil.h
2003-02-08 15:00:13 +00:00
wtc%netscape.com
6edc864d6e
Bug 131826: checked in the README file of zlib 1.1.4.
2003-02-08 09:10:36 +00:00
wtc%netscape.com
7d4ad3fc60
Bug 131826: upgraded to zlib 1.1.4.
...
Modified Files:
adler32.c compress.c crc32.c deflate.c deflate.h example.c
gzio.c infblock.c infblock.h infcodes.c infcodes.h inffast.c
inffast.h inflate.c inftrees.c inftrees.h infutil.c infutil.h
minigzip.c trees.c uncompr.c zconf.h zlib.h zutil.c zutil.h
2003-02-08 08:50:42 +00:00
wtc%netscape.com
899b4b00c5
Bug 131826: added maketree.c from zlib 1.1.4.
2003-02-08 08:37:00 +00:00
wtc%netscape.com
51a2c07941
Removed unused files stubs.c and zip_nodl.c.
2003-02-08 08:35:07 +00:00
wtc%netscape.com
23f47b2e4d
Bug 131826: added new header files from zlib 1.1.4.
...
Added Files: trees.h inffixed.h
2003-02-08 08:30:11 +00:00
relyea%netscape.com
dae21534d8
Sigh, the QA scripts look for the word 'failed', but it's common that we
...
can't open the shared library and isn't a real failure, so change the wording
2003-02-08 01:52:37 +00:00
relyea%netscape.com
c40beead4c
Skip corruption test if someone has locked down the shared library on us.
2003-02-08 00:02:06 +00:00
wtc%netscape.com
34372e7cee
Exit with 1 rather than -1 on failure. Make sure the program exit with 1
...
on all failures. Remove the symlink, if a file/symlink by that name already
exists, before creating it to avoid the EEXIST error.
2003-02-07 23:41:15 +00:00
wtc%netscape.com
8d38bb626b
Use <> around standard/system header files. This file does not need
...
string.h, but it should include stdio.h because it uses fprintf and printf.
2003-02-07 23:21:53 +00:00
nelsonb%netscape.com
923827d462
Fix bug 190527. Properly extend buffer when data exceeds 512 bytes.
2003-02-07 23:09:35 +00:00
relyea%netscape.com
d3fd98806e
Fix signed/unsigned display issue.
...
Add more loggin information on errors (rev 1.3 added this but lost it's log).
2003-02-07 23:05:07 +00:00
relyea%netscape.com
bcafc7572b
*** empty log message ***
2003-02-07 23:02:43 +00:00
relyea%netscape.com
4dd6b2da64
Add test to see if the shlib was actually changed.
2003-02-07 21:13:10 +00:00
relyea%netscape.com
aa9dafae78
Add Mangle logging...
2003-02-07 21:12:26 +00:00
relyea%netscape.com
70e3aa6345
Add debugging information. Turn on tempararily to get debug info from tinderbox failures.
2003-02-07 19:22:42 +00:00
kirk.erickson%sun.com
03a251009f
Moved rules.mk include to the end.
2003-02-07 07:16:37 +00:00
wtc%netscape.com
e1fe9f07a3
Set the default compiler to cc.
2003-02-07 06:57:57 +00:00
nelsonb%netscape.com
645cb762cb
Move the implementation of the TLS Pseudo Random Function (PRF) from
...
pkcs11c.c into a new file: tlsprf.c.
2003-02-07 06:42:20 +00:00
nelsonb%netscape.com
f9133aa19e
Fix the dbtests test on Windows, when run in all.sh.
...
The problem was that fips.sh created a file in . named dbtest, which was
actually some text output by a previous test. This dbtest file prevented
the dbtest program from running. The text file now has another name.
2003-02-07 06:32:59 +00:00
kirk.erickson%sun.com
edc53c0499
Resolves bug 189504 (Build Linux RPMS).
2003-02-07 05:56:15 +00:00
nelsonb%netscape.com
d6bf23b21d
MKS shell doesn't know about echor command. Does any shell?
2003-02-07 05:48:34 +00:00
nelsonb%netscape.com
e7ff335e8c
Remove unreferenced local variables from functions.
2003-02-07 05:08:01 +00:00
wtc%netscape.com
5376fc6d82
Moved the definition of MD_LIB_RELEASE_FILES from manifest.mn to Makefile
...
so that it is right next to the definition of CHECKLOC, which it uses.
2003-02-06 22:37:37 +00:00
relyea%netscape.com
929ac59217
Clean up tests
...
Suppress error messages which we were expecting because it causes the QA
scripts to report a QA failure.
2003-02-06 19:06:39 +00:00
relyea%netscape.com
6b8ac1fb4b
Mangle will be changing the shared libraries, so it should link with them.
2003-02-06 18:18:42 +00:00
wtc%netscape.com
7870b01f6d
Bug 177387: Put the configuration/assignments before the rules in Makefile.
...
Define MD_LIB_RELEASE_FILES in manifest.mn so that the *.chk files are
included in the mdbinary.jar files generated by the release target.
2003-02-06 16:56:46 +00:00
relyea%netscape.com
6d2419f541
Turn on FIPS test again.
2003-02-06 16:13:44 +00:00
relyea%netscape.com
d32d519e9e
Introduce shell variables for DLL_PREFIX and DLL_SUFFIX
2003-02-06 16:13:22 +00:00
wtc%netscape.com
edb8b5fe44
Support both ";" and ":" as PATH separators on Windows. MKS Korn shell
...
uses ";" but Cygwin bash uses ":".
2003-02-06 14:52:43 +00:00
wtc%netscape.com
82345876f3
Backed out the previous checkin because it doesn't work on Windows.
2003-02-06 05:33:33 +00:00
wtc%netscape.com
2574db9f16
Bug 188441: compile with -D_USE_BIG_FDS on HP-UX. This ensures that fd_set
...
is large enough for 60,000 file descriptors.
2003-02-06 04:43:03 +00:00
wtc%netscape.com
92c86ec530
Bug 177387: include the *.chk files in the mdbinary.jar files generated by
...
the release makefile target.
Modified Files: lib/freebl/manifest.mn lib/softoken/manifest.mn
2003-02-06 03:52:37 +00:00
relyea%netscape.com
c611d55441
Remove mangle test until we can get the correct library name inside fips.sh for all platforms
2003-02-06 01:07:39 +00:00
relyea%netscape.com
8bc877fcf9
Add check to 1) make sure we are in FIPS mode. and 2) to verify that we
...
detect corrupted shared libraries while in FIPS mode.
2003-02-06 00:50:00 +00:00
relyea%netscape.com
d25559ff9f
The NSPR get shared lib interface requires the library name only,
...
not a partial path to the library. This affects AIX.
2003-02-06 00:49:09 +00:00
relyea%netscape.com
c613b5df3c
Try to load the new module before we've unloaded the old one. This now
...
works in NSS, and it allows us to back out if the new one didn't load (because
FIPS could not verify the shared module for instance).
2003-02-05 00:35:53 +00:00
relyea%netscape.com
9eb1dbcff9
Update db test to verify cert8 not cert7
2003-02-05 00:33:52 +00:00
relyea%netscape.com
bc5d891538
Surface the Err codes if we fail to shift to FIPS mode.
...
Add new option to verify that we have shifted to FIPS mode.
2003-02-05 00:31:15 +00:00
relyea%netscape.com
b8ee14395c
1) turn on mangle builds.
...
2) better fix for the missing MAXPATHLEN missing define.
3) make room for the '\0' in the pathname.
2003-02-05 00:29:35 +00:00
relyea%netscape.com
1ed41d69c9
Fix LINUX breakage (define MAXPATHLEN if it wasn't defined the the standard
...
system headers).
2003-02-04 23:39:15 +00:00
relyea%netscape.com
c5679652a6
Add code to handle symlinks.
...
Add verbose output to print out hashes and signatures.
2003-02-04 23:18:08 +00:00
relyea%netscape.com
b66f562dec
Add program which will mangle exactly 1 bit in a file.
2003-02-04 23:16:56 +00:00
relyea%netscape.com
883af5be6e
Fix windows build breakage.
2003-02-04 19:03:11 +00:00
kaie%netscape.com
a7bcf48918
b=191301 Crash if I cancel "Choose token" dialog on Cert import
...
r=javi sr=darin a=dbaron
2003-02-04 01:37:23 +00:00
relyea%netscape.com
2cf013ba38
Shell script to set up the path before running the signing tool
2003-02-03 21:06:57 +00:00
relyea%netscape.com
cb166d81a7
Generate .chk file at build time when we build shlibsign
2003-02-03 21:06:18 +00:00
relyea%netscape.com
ab6d0dea43
Check bug 188856 into the tip.
...
1)return proper error code in more cases. 2) Fix bug in DH KeyPair Generation.
the essential part of this fix in pkcs11c.c where we add the CKA_NETSCAPE_DB
attribute on Diffie-Hellman key gen. I don't know why the code would have even
thought of working without this (unless we were testing with pregenerated
keys).
The rest of the fix is to surface more of the PKCS #11 error back up. There is
a separate bug to continue tracking the issue of lost PKCS #11 errors.
2003-01-31 23:39:34 +00:00
kaie%netscape.com
8fdd6beaad
b=189974 Profile Switching fails after JavaScript based cert import
...
PSM portion of fix
r=javi sr=darin a=asa
2003-01-31 22:33:49 +00:00
nelsonb%netscape.com
7874d8d788
Fix an uninitialized variable. Bug 191396.
2003-01-31 22:26:56 +00:00
nelsonb%netscape.com
91b818b389
Fix crash in CERT_CheckKeyUsage caused by dereferencing a returned pointer
...
without checkin it for NULL.
2003-01-31 02:49:13 +00:00
nelsonb%netscape.com
04c74fc4ac
Fix bug 191396. Don't generate SEC_ERROR_LIBRARY_FAILURE unnecessarily
...
while doing dsa signatures.
2003-01-31 02:39:36 +00:00
relyea%netscape.com
2d71279799
FIPS library verifier.
2003-01-30 23:38:07 +00:00
relyea%netscape.com
bd68779b0c
FIPS library verifier
2003-01-30 23:36:37 +00:00
wtc%netscape.com
751c48b5e5
Bug 191214: fixed the object leaks in signtool that prevented NSS_Shutdown
...
from succeeding and added the NSS_Shutdown call back. r=jpierre.
Modified Files: certgen.c sign.c signtool.c
2003-01-30 23:11:13 +00:00
wtc%netscape.com
5f51d20223
Bug 177387: temporarily added freebl_GetLibraryFilePathname to libfreebl.a.
...
This function has the same semantics as the NSPR 4.3 function
PR_GetLibraryFilePathname. This patch should be backed out when NSPR 4.3 is
released.
Modified Files: config.mk manifest.mn
Added Files: libpath.c
2003-01-30 07:00:32 +00:00
jpierre%netscape.com
4efd6d4409
Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute. r=wtc
2003-01-30 05:12:10 +00:00
jpierre%netscape.com
e3c369562b
Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute . r=wtc
2003-01-30 03:02:55 +00:00
jpierre%netscape.com
468dc9f9ab
Patch for memory leak . Bug 189976 . r=wtc
2003-01-30 02:59:35 +00:00
wtc%netscape.com
fedddcffe2
Bug 191214: backed out the previous checkin until this bug (object leaks)
...
is fixed.
2003-01-30 01:50:31 +00:00
wtc%netscape.com
4dbc437731
Bug 171263: signtool should call NSS_Shutdown before it exits.
2003-01-30 00:39:37 +00:00
relyea%netscape.com
3788b0eeec
Move LIBJAR definitions around so that NT builds.
2003-01-29 23:37:10 +00:00
kaie%netscape.com
69c368b1a9
b=165301 False mixed content (encrypted page with unencrypted information) Security Warning
...
r=javi sr=darin a=asa
2003-01-29 03:52:01 +00:00
relyea%netscape.com
807a5de681
1) add vfyserv to the standard build.
...
2) add tool to build shared library signature files for FIP's.
Code to verify requires NSPR changes before we can check it in.
2003-01-28 18:53:22 +00:00
relyea%netscape.com
fa9c0d1f91
New header file to dump defines for managing signed FIPs libraries.
2003-01-28 18:50:02 +00:00
relyea%netscape.com
97ee121321
Compile modutil with shared libraries.
2003-01-28 16:44:33 +00:00
relyea%netscape.com
ca368d8e94
Export functions needed for modutil to be compiled dynamically.
2003-01-28 16:41:46 +00:00
relyea%netscape.com
2a6c459c18
Remove dead code and symbols from lib jar so that modutil can compile when
...
linked with it.
2003-01-28 16:39:32 +00:00
relyea%netscape.com
88f5c92825
Sign 3 sets of changes are here:
...
1) Provide accessor functions for the PK11_DefaultArray so that modutil
does not have to link statically to access it.
2) Try setting the attribute on an object before we go to the work of copying
it (Function Only used in Java).
3) Optimize searching for the more common types of attributes.
2003-01-28 16:38:04 +00:00
kaie%netscape.com
6b9785edcd
b=190640 Remove the DHE ciphersuites until they work
...
r=javi sr=bryner a=asa
2003-01-28 15:06:29 +00:00
kaie%netscape.com
64cd67a3d0
b=190394 "website certified by an unknown authority" - nssckbi not found breaks PKI trust
...
r=dougt sr=darin a=asa
2003-01-27 23:53:02 +00:00
wtc%netscape.com
6d046ab3c2
Bug 90010: added support for parisc64. I received this patch from
...
Christopher Blizzard <blizzard@mozilla.org>.
2003-01-27 22:36:06 +00:00
wtc%netscape.com
d4ac75f3a6
Bug 190396.
...
Don't fail the search if the token returned an error that indicates that it
legitimately couldn't find a CRL
2003-01-24 06:37:03 +00:00
relyea%netscape.com
04df2266d3
Bug 167756. Clean up previous patch: add lastState field, and set the SSL Error on failure.
2003-01-23 22:02:37 +00:00
relyea%netscape.com
797a5bc51c
Write changes back to the database when we correct incorrect user bit settings.
2003-01-23 19:38:53 +00:00
relyea%netscape.com
48191e6dde
Set the size value when extracting a key 19011.
2003-01-23 17:30:15 +00:00
relyea%netscape.com
c5e06bef79
Check for token removal before continuing SSL sessions which have client auth
...
with certs associated with that token. bug 167756.
2003-01-23 17:27:34 +00:00
relyea%netscape.com
a54ce85446
Fix bug 180824 Version 3.4 string hard coded in default token name.
2003-01-23 17:16:50 +00:00
wtc%netscape.com
722dc7dcf5
Bug 90010: added support for Linux for s390 and s390x. The patch is
...
contributed by Gerhard Tonn <GerhardTonn@swol.de>.
2003-01-23 17:16:32 +00:00
ian.mcgreer%sun.com
c05c7c3f1e
always use explicit serial numbers on generated certs, should fix QA failures on leia
2003-01-23 15:38:03 +00:00
jpierre%netscape.com
d68a388386
Fix for bug #126930 - make SSL_ConfigServreSessionIDCache work on OS/2 by not using shared memory in single process mode. r=nelsonb
2003-01-23 00:15:08 +00:00
wtc%netscape.com
dcfc314ddc
Bug 190112: PK11_ReadAttribute needs to call PK11_ExitSlotMonitor before
...
we return because of allocation failure.
2003-01-22 17:44:36 +00:00
wtc%netscape.com
ba247cd419
Bug 189546: updated the comments to reflect what the new code does.
2003-01-22 06:24:53 +00:00
timeless%mozdev.org
e87b036988
Bug 179798 cookie confirm dialog no longer works in embedding (doesn't call nsIPrompt service)
...
patch by mvl@exedo.nl r=dwitte sr=darin
2003-01-22 05:52:33 +00:00
nelsonb%netscape.com
e5ea957b6e
Add OIDs for AES Key Wrap mechanism.
2003-01-22 04:35:54 +00:00
wtc%netscape.com
ddc27a6bbf
Bug 189546: moved the switch statement for known key lengths to the
...
beginning of PK11_GetKeyLength to work around a deadlock in nCipher
module if PK11_ExtractKeyValue is called.
2003-01-22 03:55:21 +00:00
kaie%netscape.com
153d01add8
b=188363 Bad error messages when server uses an invalid cert (-8054)
...
r=nelsonb sr=blizzard
2003-01-22 03:41:35 +00:00
nelsonb%netscape.com
2770ec645e
Implement new AES Key Wrap mechanisms. Bug 167818.
2003-01-22 03:13:04 +00:00
wtc%netscape.com
f20a97ef6a
Bug 189345: we incorrectly assumed that a C_XxxFinal call to determine the
...
length of the buffer would also terminate the active operation if the
buffer length is 0. PKCS#11 says it doesn't, so we need to make the
additional C_XxxFinal call even if the buffer length is 0. Allocate a
buffer from the heap if the stack buffer is too small and free the
heap-allocated buffer before we return from pk11_Finalize. We can use the
stack buffer if count is equal to its size.
2003-01-21 19:33:24 +00:00
seawood%netscape.com
a4b8644bc9
I always forget to change both the declaration & the definition.
...
Thanks to bird@anduin.net for the patch.
Fixing OS/2 bustage.
2003-01-19 06:43:19 +00:00
seawood%netscape.com
6e4b727afc
Callback functions must be defined as such.
...
Fixing OS/2 bustage.
2003-01-19 02:43:13 +00:00
kaie%netscape.com
499c2e67f7
b=189205 Implement early shutdown of NSS resources
...
r=javi sr=darin
2003-01-18 14:03:00 +00:00
relyea%netscape.com
402a4a6710
Bug 198364. Tokens keys do not own their handles. Don't let the key
...
get destroyed when freed.
2003-01-18 01:49:33 +00:00
nelsonb%netscape.com
48e8c13dcd
When wrapping secret keys with an unpadded block cipher, null padd the keys
...
as necessary, per the PKCS 11 spec. Also, implement padding and unpadding
for single-part only ciphers.
2003-01-17 05:50:08 +00:00
wtc%netscape.com
12a72288a3
Bug 145029: fixed compiler warnings (mostly "xxx might be used
...
uninitialized").
2003-01-17 02:49:11 +00:00
nelsonb%netscape.com
3c2c7f33bb
One more fix for HPUX and Solaris.
2003-01-16 01:44:43 +00:00
jpierre%netscape.com
8796ef7732
Fix incorrect usage of QuickDER . See bug 160805 comment 16
2003-01-16 00:56:10 +00:00
nelsonb%netscape.com
5c71d8774b
Fix compilation error. This file is only compiled on 2 platforms.
2003-01-16 00:55:53 +00:00
nelsonb%netscape.com
a234db694e
Switch from the old vendor-defined mechanism numbers to the new official
...
PKCS 11 mechanism numbers. These numbers will appear in v2.20.
2003-01-16 00:43:58 +00:00
nelsonb%netscape.com
fc19041388
Enforce that softoken's mechanisms are used only with the PKCS 11
...
functions that they're defined to work with.
2003-01-16 00:28:05 +00:00
nelsonb%netscape.com
472aaf52b9
Complete the addition of AES Key Wrap to blapi in freebl.
2003-01-16 00:15:21 +00:00
nelsonb%netscape.com
1a0e61f69a
Remove the implementation of CKM_KEY_WRAP_LYNKS from softoken.
2003-01-16 00:14:07 +00:00
nelsonb%netscape.com
8d818d5064
aeskeywrap.c - implement AES Key Wrap algorithm from RFC 3394
2003-01-14 22:16:04 +00:00
glen.beasley%sun.com
3810215899
solaris pkg version
2003-01-14 20:26:36 +00:00
bishakhabanerjee%netscape.com
1403d269af
Bug 171263 - NSS test apps to check return value of NSS_Shutdown
2003-01-14 01:03:21 +00:00
bishakhabanerjee%netscape.com
45ba9d6985
Bug 171263 - NSS test apps shd check return value of NSS_Shutdown
2003-01-13 22:36:39 +00:00
glen.beasley%sun.com
0a41355aa2
solaris pkging support
2003-01-13 20:35:36 +00:00
glen.beasley%sun.com
b765908949
solaris pkg support
2003-01-13 19:44:21 +00:00
glen.beasley%sun.com
1b2cfef182
Solaris pkg support
2003-01-13 19:43:15 +00:00
relyea%netscape.com
3f15ddacc5
Check for Empty CRL list as well.
...
Bug 164501.
2003-01-10 19:09:46 +00:00
relyea%netscape.com
0c506b280f
Declare PK11_TokenRefresh()
2003-01-10 17:53:01 +00:00
relyea%netscape.com
ab1f73ddf5
Add the ability to generate certs with multiple DNS names.
2003-01-09 22:59:42 +00:00
glen.beasley%sun.com
3300c59b7d
Solaris pkg copyright
2003-01-09 22:53:13 +00:00
relyea%netscape.com
1544ed637e
Remember to include the global: tag
2003-01-09 18:44:26 +00:00
relyea%netscape.com
b2f0cd3e28
backport NSS 3.7 fixes to the tip.
2003-01-09 18:15:11 +00:00
wtc%netscape.com
570a9e5387
Bug 186201: should handle a null 'environ' pointer, which can happen on
...
Solaris if NSS is loaded with dlopen() by an executable linked with the
RTLD_GROUP flag.
2003-01-09 04:34:31 +00:00
wtc%netscape.com
c1b180a77c
Bug 187629: do not refresh a CERTCertificate if the same instance of a
...
cached cert is added to the collection.
2003-01-09 04:29:01 +00:00
dbaron%dbaron.org
f2cd5e3e66
Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it is no longer needed. r=timeless sr=jag
2003-01-08 23:19:20 +00:00
dbaron%dbaron.org
3da694f7ae
Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it is no longer needed. r=timeless sr=jag
2003-01-08 22:45:23 +00:00
wtc%netscape.com
27fc2706ca
Bug 186586: If at NSS shutdown there are still certs in the cert caches,
...
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later. New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
2003-01-08 21:58:29 +00:00
wtc%netscape.com
3e2a98c878
Bug 186586: If at NSS shutdown there are still certs in the cert caches,
...
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later. New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
Modified Files:
base/errorval.c nss/nssinit.c pki/pki3hack.c pki/pki3hack.h
pki/pkistore.c pki/pkistore.h pki/tdcache.c pki/trustdomain.c
util/secerr.h
2003-01-08 21:48:47 +00:00
wtc%netscape.com
388899d82d
Need to call SSL_ClearSessionCache before calling NSS_Shutdown.
2003-01-08 21:40:52 +00:00
bishakhabanerjee%netscape.com
b09495bd63
checking return value of NSS_Shutdown. Bug 171263
2003-01-07 22:53:13 +00:00
bishakhabanerjee%netscape.com
53f2c2caf6
checking return value of NSS_Shutdown. Bug 171263
2003-01-07 22:31:36 +00:00
bishakhabanerjee%netscape.com
36e8d3c8c6
new revision: 1.19; previous revision: 1.18
2003-01-07 22:29:54 +00:00
bishakhabanerjee%netscape.com
cfca3d09e1
set and exported NSS_STRICT_SHUTDOWN. Bug 171263
2003-01-07 22:10:10 +00:00
kaie%netscape.com
233f20dbed
b=184940 Enable additional SSL ciphers, add configuration UI
...
r=javi sr=jaggernaut
2003-01-07 00:58:24 +00:00
kaie%netscape.com
3c02966450
b=177260 Fix known leaks in PSM, track blocking PSM UI, track open SSL sockets
...
r=javi sr=darin
2003-01-06 22:23:49 +00:00
kairo%kairo.at
a7555a91fe
change all localeVersion strings, as well as brand.dtd/region.dtd to 1.3b; bug 185698, r=tao, sr=blizzard
2003-01-03 19:57:47 +00:00
dbaron%fas.harvard.edu
0a31e6afb5
Change my email address from dbaron@fas.harvard.edu to dbaron@dbaron.org. Comment changes only.
2003-01-01 23:53:20 +00:00
nicolson%netscape.com
5d7f9a2a14
Upgrade version from 3.2 to 3.3.
...
Uncomment MessageDigest implementations (doh!).
2003-01-01 02:58:22 +00:00
nicolson%netscape.com
6162fa3b3d
Add DigestTest to all.pl.
...
Make DigestTest and SigTest return nonzero error code on failure.
2003-01-01 02:57:50 +00:00
seawood%netscape.com
cd1497a3ab
Add hack upon dependency hack to Avoid constant NSS rebuilds when pulling from CVS.
2002-12-28 05:50:17 +00:00
seawood%netscape.com
4588fb970a
Start installing GRE libraries & components into a separate dist/gre directory as part of the default build.
...
Bug #186241 r=dougt
2002-12-28 01:15:07 +00:00
wtc%netscape.com
b75e4a55f8
Bug 183612: added some comments.
2002-12-24 02:25:36 +00:00
wtc%netscape.com
71527c989a
Bug 183612: SECMOD_InitCallOnce() and SECMOD_CleanupCallOnce() should be
...
declared and defined with an argument list of "(void)" instead of "()".
Modified Files: pk11cert.c secmodi.h
2002-12-19 07:03:39 +00:00
nicolson%netscape.com
a46f58f6b3
Fix 186097: ProofOfPossession.encode() has paranoid assertion.
2002-12-19 02:31:38 +00:00
wtc%netscape.com
587dca7fd1
Bug 183612: renamed some new functions to be consistent with existing
...
function names containing SubjectKey and PublicKey. Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
2002-12-19 00:26:34 +00:00
relyea%netscape.com
67dbcd1b25
Bug 186058
2002-12-18 23:55:53 +00:00
nicolson%netscape.com
1a0dc15ee3
Partial fix for 184754: assertion violation in get_token_certs_for_cache.
...
Don't assert if we fail to lookup the cert we just imported. It could
be a bug in the PKCS #11 driver. Instead, throw an exception.
2002-12-18 23:14:48 +00:00
kaie%netscape.com
0b56a2ae45
Temporary fix for bug 182803.
...
While this masks the reported crashes, this is nothing more than a workaround patch.
As long as this patch is in place, any attempt to do profile switching at run time will fail.
We need real fixes for bug 181230 and 177260.
r=javi sr=darin
2002-12-18 12:50:35 +00:00
wtc%netscape.com
24e76ce1c2
Bug 183612: fixed the bug that 'extra' may be used uninitialized. r=javi.
2002-12-18 02:06:01 +00:00
wtc%netscape.com
c37a82ab51
Set NSS version to 3.8 Beta on the trunk.
2002-12-17 23:04:46 +00:00
wtc%netscape.com
42182a9d9e
Export CERT_DestroyOCSPResponse in 3.7. Moved HASH_GetHashObjectByOidTag,
...
HASH_GetHashTypeByOidTag, and SECITEM_ItemsAreEqual from 3.7 to 3.8.
2002-12-17 23:02:53 +00:00
relyea%netscape.com
8ab634d5b8
Make sure the session is protected over PKCS #11 calls.
2002-12-17 18:22:38 +00:00
wtc%netscape.com
59393fce3e
Need to test for null pointers before destroying the lock and condition
...
variable. If NSS initialization fails, this lock and condition variable
may not get created.
2002-12-17 02:47:46 +00:00
wtc%netscape.com
cc65e89c5e
I made a mistake in the previous checkin. certdb.h doesn't need to be
...
included because the new function CERT_FindCertBySubjKeyID is declared in
cert.h.
2002-12-17 02:08:51 +00:00
wtc%netscape.com
0d2d65efb2
Bug 183612: added support for looking up a cert by subject key ID and
...
creating a CMS recipient info from a subject key ID. The patch was
contributed by Javi Delgadillo <javi@netscape.com>. r=relyea, wtc.
Modified Files:
certdb/cert.h certdb/certdb.c certdb/certdb.h certdb/certv3.c
certdb/stanpcertdb.c nss/nss.def nss/nssinit.c
pk11wrap/pk11cert.c pk11wrap/pk11func.h pk11wrap/secmod.h
pki/pki3hack.c smime/cms.h smime/cmslocal.h smime/cmspubkey.c
smime/cmsrecinfo.c smime/cmssiginfo.c smime/cmst.h
smime/smime.def
2002-12-17 01:39:46 +00:00
dougt%netscape.com
9ed66e1abc
Allow caller to obtain cert. r=mstoltz, javi. sr=dveditz, b=179016
2002-12-13 22:26:43 +00:00
kaie%netscape.com
6fc801b267
b=182258 Give separate signature validity and sender address mismatch feedback
...
r=javi sr=bienvenu
2002-12-13 20:47:32 +00:00
relyea%netscape.com
cd008946a6
Increment the tmpbuf pointer to the correct index point
2002-12-13 19:02:13 +00:00
nicolson%netscape.com
f3f2064030
Fix 180827: Update version strings for JSS 3.3.
2002-12-13 06:12:30 +00:00
wtc%netscape.com
31af94e751
Bug 185074: open the files we just did a "chmod -w" on once to work around
...
a Mac OS X NFS bug. Subsequent opens will see the file is readonly with no
delay.
2002-12-13 02:06:34 +00:00
nelsonb%netscape.com
1942331c4e
Clean up command line options parsing and Usage message.
2002-12-13 01:25:45 +00:00
relyea%netscape.com
f37146e332
Use correct sense of the timeout value.
2002-12-13 00:25:21 +00:00
nelsonb%netscape.com
d442ab6107
Support SHA256, SHA384, and SHA512 hashes in NSS.
2002-12-12 06:05:45 +00:00
relyea%netscape.com
b96f690161
Don't break solaris or linux (add the ';')
2002-12-11 17:56:49 +00:00
relyea%netscape.com
3fbd2fdc4d
Export new command to pull for token change events.
2002-12-11 17:53:20 +00:00
relyea%netscape.com
0a024139f7
Program to test smartcard removal and insertion detection.
2002-12-11 17:44:53 +00:00
relyea%netscape.com
2c6c4ceeae
Add token removal blocking function.
2002-12-11 17:43:24 +00:00
thayes%netscape.com
b815bf47be
Bug 184557: Allow usage specified on command line (-u) to be used to validate
...
certificates used for signing (-S option). Also add special handling for
nickname "NONE" in the -Y option. This specifies that no certificate and
encryption key preference should be included in the signature object.
2002-12-11 01:44:37 +00:00
wtc%netscape.com
177487f4d0
Bug 180294: moved the OpenVMS build from the POSIX subsystem to native
...
VMS (GNV). The patch is contributed by Colin Blakes <colin@theblakes.com>.
Modified files: OpenVMS.mk config.mk rules.mk nsinstall/nsinstall.c
2002-12-10 20:27:45 +00:00
relyea%netscape.com
7f3a67f9d9
Sigh, this is what was breaking the Linux builds... incorrect initializer.
2002-12-10 18:09:16 +00:00
relyea%netscape.com
52f2bf446b
Make SubjectAltEncode a public function. Fixes build breakage in Linux
2002-12-10 17:41:16 +00:00
relyea%netscape.com
cc608e2484
Add test cases for multiple email addresses in a single certificate.
2002-12-10 17:19:00 +00:00
relyea%netscape.com
4ffa798d64
Add code to create multiple email addresses in a single cert.
2002-12-10 17:18:06 +00:00
relyea%netscape.com
1e2ce4d929
Export the AltSubjectEncode function so our test programs can build certs
...
with multiple email addresses.
2002-12-10 17:15:15 +00:00
relyea%netscape.com
35158986f8
Create profiles for all the email addresses in a certificate.
2002-12-10 17:14:17 +00:00
relyea%netscape.com
5eec52b558
Fix padding value.
2002-12-06 19:11:57 +00:00
nelsonb%netscape.com
5f8ba2e198
Expunge dead code.
2002-12-05 22:16:22 +00:00
nelsonb%netscape.com
8bd068d9de
Don't compile the .c files in lib/pki1 on the trunk. These files are used
...
only in Stan.
2002-12-05 22:15:36 +00:00
wtc%netscape.com
88fc40da69
Bug 39494: added a check to prevent buffer overflow. r=mcgreer,nelsonb.
2002-12-04 23:41:49 +00:00
wtc%netscape.com
74b384630f
Fixed the build breakage of const unsigned char[] and unsigned char *
...
mismatch on the Mac (compiler warnings on other platforms) by adding
(unsigned char *) typecasts. r=relyea. (Bug 183350)
2002-12-04 00:28:56 +00:00
kaie%netscape.com
7fd5ae87db
b=182158 JavaScript error when pressing Ok in "Cert already exists" dialog - setWindowName is not defined
...
r=kaie sr=alecf
2002-12-03 15:27:27 +00:00
wtc%netscape.com
27f7537130
Bug 181913: disable the makefile rule for .s for OS/2 so that .asm files
...
are used when there are same-named .s files in the same directory. The
patch is contributed by Javier Pedemonte <pedemont@us.ibm.com>.
2002-12-02 22:57:21 +00:00
kaie%netscape.com
210417ee19
b=115294 Support S/Mime signing only configuration / relax certificate configuration requirements
...
r=javi sr=sspitzer
2002-11-28 18:31:03 +00:00
wtc%netscape.com
dcf06adbf8
Bug 181878: fixed two more bugs in the new code to support multiple email
...
addresses per certificate. r=nelsonb.
2002-11-27 01:28:03 +00:00
wtc%netscape.com
f0d3f33fc5
Bug 182086: on Mac OS X, ranlib needs to be rerun after static libraries
...
are moved.
2002-11-26 23:05:56 +00:00
relyea%netscape.com
7415bef4e9
More review changes,
...
Fix incorrect return in pcertdb.c
2002-11-26 22:14:56 +00:00
relyea%netscape.com
510f05d5ec
Incorporate some of Nelson's review changes.
...
Collapse all the profile data into an array for easier processing when printing out.
2002-11-26 21:03:18 +00:00
relyea%netscape.com
88fc8a45eb
Move mac build changes from 3.6 branch back to the trunk
2002-11-26 21:00:31 +00:00
wtc%netscape.com
87867e38a5
Bug 180228: moved CERT_CRLCacheRefreshIssuer from the NSS_3.6.1 section to
...
the NSS_3.7 section.
2002-11-26 19:21:55 +00:00
relyea%netscape.com
f8616133e5
Incorporate Terry's and Nelson's reviews.
2002-11-26 18:27:25 +00:00
nelsonb%netscape.com
45f8bf2425
Back out my last change.
2002-11-26 07:07:20 +00:00
nelsonb%netscape.com
6f7aad8486
Eliminate bug due to uninitialized variable index. Eliminate leak.
...
Remove lots of warnings about signed/unsigned and assigning int to uchar.
2002-11-26 05:58:51 +00:00
relyea%netscape.com
6a88119773
Bug 181878 allow multiple email addresses to point to a single subject record.
2002-11-26 00:13:54 +00:00
nelsonb%netscape.com
15355f6f00
Put the nss 3.7 section after the nss 3.6.1 section.
2002-11-21 23:22:52 +00:00
ian.mcgreer%sun.com
dc9b4b2415
bug 172247, don't allow import of duplicate issuer/serial certs
2002-11-21 20:43:15 +00:00
nelsonb%netscape.com
1707fa2738
Add tests for sha256, sha384, and sha512.
2002-11-21 05:44:41 +00:00
nelsonb%netscape.com
f1eeafdf46
Add test modes for sha256, sha384 and sha512.
...
Fix the -c (restart) option for testing hashes. It works with all hashes.
When the -d option is given along with the -i or -o filename option,
and the filename is not absolute, the filename is taken to be relative to
the the mode's test directory.
2002-11-21 05:44:03 +00:00
nelsonb%netscape.com
34fe8ef195
Use the 32-bit code on Solaris x86 platforms, too.
2002-11-21 02:54:04 +00:00
nelsonb%netscape.com
14ddb41e02
Add test cases from FIPS 180-2.
2002-11-21 02:26:50 +00:00
nelsonb%netscape.com
db4bc48d65
Back out revision 1.2, which was a workaround for a c preprocessor bug
...
in a certain version of the c compiler for Dec/Compaq Alpha OSF1.
The file now requires one of these compilers on that platform:
Compaq C V6.3-132 or Compaq C V6.4-214 (dtk)
2002-11-20 05:25:58 +00:00
nelsonb%netscape.com
b9eda3bb3e
Optimization: change macros to do only 32-bit arithmetic on platforms
...
with only 32-bit registers.
2002-11-20 00:48:09 +00:00
jpierre%netscape.com
b30a666577
Fix for bug 180894 - don't assert in ShutdownCRLCache()
2002-11-19 21:37:50 +00:00
nicolson%netscape.com
18c1b06a60
Fix 180396: javax.crypto.Cipher wrapping does not work with RSA algorithm.
...
Support RSA as a wrapping/unwrapping algorithm.
2002-11-19 00:41:09 +00:00
nicolson%netscape.com
dc7f89d956
Throw InvalidKeyException instead of InvalidAlgorithmParameterException,
...
because the latter may get thrown away by our caller, but the former will
not be.
2002-11-19 00:39:43 +00:00
nicolson%netscape.com
c9a373cf69
Change silly switch statement to an if statement.
2002-11-19 00:31:10 +00:00
nicolson%netscape.com
2039d8bfc6
Make NotExtractableException take a String argument to its constructor.
2002-11-19 00:30:43 +00:00
kirk.erickson%sun.com
0c2290fea7
Made 'solarispkg' copy pkg/solars to pkg/$(OBJDIR), and go there to
...
build packages. This addresses the problems Sonja reported which
resulted from building in the same tree nfs'd from multiple platforms
simultaneously. Also removed -$(MACH) and ROOT-$OBJDIR changes that
failed to address this problem.
2002-11-17 17:26:51 +00:00
timeless%mozdev.org
7875f468ed
Bug 58221 don't use strlen to check if a string is of length 0
...
patch by aaronl@vitelus.com r=timeless sr=bz
2002-11-17 05:16:49 +00:00
cbiesinger%web.de
1e0c16a749
patch by abecevello@sympatico.ca r=rangansen,me sr=roc+moz
...
fix some spelling errors
2002-11-16 20:44:32 +00:00
nelsonb%netscape.com
71faf153cf
Change all functions that create contexts for encryption to treat their
...
input buffers as const. Warning reduction.
2002-11-16 06:09:58 +00:00
jpierre%netscape.com
5956bc8bc3
Fix again?
2002-11-16 05:05:17 +00:00
jpierre%netscape.com
eb0bdd665f
Fix build again !
2002-11-16 04:27:39 +00:00
nelsonb%netscape.com
d94a05f7d5
Recognize new SHAxxx OIDs.
2002-11-16 03:34:53 +00:00
jpierre%netscape.com
443590936a
Fix build
2002-11-16 03:32:40 +00:00
nelsonb%netscape.com
b3a9787176
Correct softoken routines to work with new larger SHAxxx hashes.
2002-11-16 03:32:39 +00:00
nelsonb%netscape.com
9d71a03c06
Correct HMAC code to work with new larger SHAxxx hashes.
2002-11-16 03:30:37 +00:00
nelsonb%netscape.com
f8c8c1c0c3
Add new SHAxxx hash algorithms to tables of SECHashObjects.
2002-11-16 03:29:32 +00:00
nelsonb%netscape.com
bd2c63cb6d
Declare new vendor-defined mechanisms for SHA256, SHA384 and SHA512.
2002-11-16 03:25:01 +00:00
nelsonb%netscape.com
b1cb2c9cfd
Now that we have hashes larger than SHA1,
...
#define HASH_LENGTH_MAX SHA512_LENGTH
2002-11-16 03:21:53 +00:00
nelsonb%netscape.com
af4639ae92
Don't reject a cert request with an empty list of CA cert names.
...
Don't crash with an empty CA name list.
2002-11-16 03:19:48 +00:00
nelsonb%netscape.com
3ee18753f6
Add "const" modifier to all fixed arrays used for keys or known text.
2002-11-16 01:00:44 +00:00
nelsonb%netscape.com
48dace80e4
Fix crash when formatting a cert with optional version not given.
2002-11-15 06:32:51 +00:00
jpierre%netscape.com
0203577bab
Patch for 180228 - export CRL cache flush API . r=wtc
2002-11-15 05:04:05 +00:00
nelsonb%netscape.com
0dba5a0882
Make selfserv build for Darwin.
2002-11-14 23:33:24 +00:00
ian.mcgreer%sun.com
3e3b24225a
bug 39494, handle non-standard AVAs properly
...
r=nelsonb
2002-11-14 17:04:43 +00:00
kaie%netscape.com
11e4a80cf5
b=168450 Cleanup some PSM code and add JavaDoc documentation to all freeze candidates
...
r=javi sr=alecf
2002-11-14 00:50:02 +00:00
relyea%netscape.com
1945b7684e
Adjust the time values so we have correct and consistant displays.
2002-11-11 22:01:57 +00:00
relyea%netscape.com
faebb28e1e
Multi-access database race condition patches. These changes are already checked
...
into NSS 3.6.1.
2002-11-11 22:00:03 +00:00
kirk.erickson%sun.com
2cff9b4e29
Made awk_pkginfo-$(MACH) machine dependent for Sonja's release build.
2002-11-11 20:44:55 +00:00
relyea%netscape.com
33b32fcae3
Remove long dead code from util. triggered by bug 179038
2002-11-11 18:17:24 +00:00
jpierre%netscape.com
ec1c48a069
Assert if the QuickDER decoder does not consume all the input
2002-11-09 01:56:01 +00:00
relyea%netscape.com
c651ab3821
Bug 176667: kaie authored the patch, ian/relyea reviewed it.
2002-11-08 19:10:54 +00:00
nicolson%netscape.com
b008376057
default doesProduceOutput to true for compatibility.
2002-11-08 02:24:20 +00:00
nicolson%netscape.com
2a0afd7964
Add isExtensionPresent and getExtension.
2002-11-08 00:40:26 +00:00
glen.beasley%sun.com
a4596115af
removes sun provider and set passwords
2002-11-07 22:49:26 +00:00
glen.beasley%sun.com
90e4e6c683
move removeSunProvider after JSS JCE provider is loaded
2002-11-07 03:33:04 +00:00
jpierre%netscape.com
f9e36ad6fc
Fix for 177798 . Improve handling of initialization / shutdown of the CRL cache using a static status variable
2002-11-07 00:02:31 +00:00
ian.mcgreer%sun.com
b158d2ec1c
bug 177366, clean up refcounting
...
r=relyea
2002-11-06 18:53:55 +00:00
nicolson%netscape.com
4095e4165d
Add license header to new file.
2002-11-06 03:24:39 +00:00
nicolson%netscape.com
65418ae140
Add TestSDR, to test the new SecretDecoderRing.
...
In all.pl, always set the CLASSPATH to be the signed JSS JAR file, so
that we can use the JCE (javax.crypto.*) interface.
2002-11-06 03:22:10 +00:00
nicolson%netscape.com
7d68fcdc8a
Correctly detect a missing key.
2002-11-06 03:20:53 +00:00
nicolson%netscape.com
376e771586
Improve InvalidBERException.
...
Add feature of SEQUENCE.OF_Template whereby elements need not produce
any output. This is for dealing with very large SEQUENCEs, such as
large CRLs, where the list should be processed in some way, but not made
into an ASN1 object hierarchy.
2002-11-06 02:00:55 +00:00
kaie%netscape.com
3315b57c76
b=166655 ERROR -12227 / Extend the list of TLS intolerance error codes
...
r=javi sr=jag a=blizzard
2002-11-05 14:49:52 +00:00
nelsonb%netscape.com
9eabbe6063
Workaround a c preprocessor bug on a certain 64-bit platform. Bug 178314.
2002-11-05 01:52:49 +00:00
nelsonb%netscape.com
3efeebefc6
Fix missing strings that cause crash in SSL_SecurityStatus(). Bug 178342.
2002-11-05 00:25:20 +00:00
relyea%netscape.com
1e9a50c7f3
!@#!$@! signtool thinks it knows how to verify if the certdb's are there and
...
OK or not. Of course it doesn't.
bob
2002-11-04 20:37:08 +00:00
relyea%netscape.com
1cacdab8cb
db8 code part 1:
...
1) Create new dbs with 32 k buffers.
2) New dbs never store a single entry greater than 30 k (those are stored
using the blob code).
3) NSS can run with either new or old dbs read only.
4) If possible a new db is upgraded from and old db.
2002-11-04 19:31:59 +00:00
nelsonb%netscape.com
6d09fce4d9
Add some processor and compiler dependent optimizations to SHA1.
2002-11-02 01:53:01 +00:00
nelsonb%netscape.com
2683429fa3
Add SHA256 SHA512 and SHA384 hashes to freebl.
2002-11-02 01:51:44 +00:00
jpierre%netscape.com
e18a2330bd
Fix for bug 177798 - NULL pointers in ShutdownCRLCache to allow shutdown/restart
...
of NSS.
2002-11-02 00:07:48 +00:00
nelsonb%netscape.com
8d635de722
Fix several problems related to error messages, including an attempt to
...
print a null string pointer.
2002-11-01 21:04:33 +00:00
nelsonb%netscape.com
5172f581a5
Reformat text. Fix syntax error in first examples.
2002-11-01 21:03:24 +00:00
jpierre%netscape.com
042d6deac1
Remove call to PL_ArenaFinish . This effectively shut down NSPR arenas and created problems when restarting NSS . r=relyea
2002-10-31 22:02:10 +00:00
jpierre%netscape.com
5a01280dd3
Fix for 177208 - unmark arena when DER decoding is successful
2002-10-31 01:54:13 +00:00
jpierre%netscape.com
7a45a11c75
Fix for bug 175115 . Remove incorrect check for CA cert expiration. Also fix CRL signature verification and clean up internal functions . r=mcgreer,relyea,nelsonb,wtc
2002-10-30 23:31:38 +00:00
relyea%netscape.com
0bab9cc714
Fix build breakage. Some platforms do not like to assign unsigned char * to
...
char * without a cast.
2002-10-30 19:01:21 +00:00
relyea%netscape.com
1981d33467
The Serial number needs to be the DEREncoded serial number, not the decoded
...
Serial number.
2002-10-30 17:22:06 +00:00
relyea%netscape.com
4304e22d73
Check in new certdata file generated from certdata.txt
2002-10-30 17:20:59 +00:00
relyea%netscape.com
4e8bc74d53
Allow the builtin's to accept old style serial numbers as well the the correct
...
PKCS #11 serial numbers.
2002-10-30 17:18:14 +00:00
relyea%netscape.com
fc6cba0405
Make the Serial Numbers DER Wrapped rather than raw serial numbers.
...
This is required by PKCS #11 and was causing some bugs in NSS 3.6.
2002-10-30 17:09:28 +00:00
wtc%netscape.com
c9df2cbab2
Bug 174143: Removed the obsolete platform.mk file. Do not allow overriding
...
of PLATFORM by the environment because PLATFORM is a common environment
variable.
2002-10-30 15:50:59 +00:00
kairo%kairo.at
0978ac7de5
Bug 175853, Update localeVersion strings for 1.2 final - and do it correctly, r=jbetak, sr=bzbarsky, a=blizzard
2002-10-30 12:41:38 +00:00
wtc%netscape.com
df8d78acf0
Bug 177201: declare NSS_CMSEncoder_Cancel.
2002-10-30 01:31:01 +00:00
bishakhabanerjee%netscape.com
92a8c5d62b
creating the cmdtests.sh script - bug 144316
2002-10-30 00:20:10 +00:00
jpierre%netscape.com
9dd99a1133
Fix for bug 95311 - copy the DER input key to the arena, and free the arena upon decoding failure.
2002-10-29 23:47:31 +00:00
jpierre%netscape.com
275880efb1
Use QuickDER to decode DER public key. Bug #95311
2002-10-29 22:52:31 +00:00
kirk.erickson%sun.com
1b8eab1507
Integrated bundle of changes that we're done on NSS_3_3_2_SUN_PKG_BRANCH.
...
x86 support (separate prototype_sparc, prototype_i386)
single updated copyright on common_files
no pkgdepend in common_files
2002-10-26 18:04:40 +00:00
nelsonb%netscape.com
ca964e366b
Plug cert leak in NSS_SMIMESignerInfo_SaveSMIMEProfile. Bug 176799.
...
Patch contributed by Kai Engert.
2002-10-25 22:46:48 +00:00
nelsonb%netscape.com
071477a1c8
Add new function CERT_VerifySignedDataWithPublicKey containing common code
...
factored from existing functions CERT_VerifySignedDataWithPubKeyInfo and
CERT_VerifySignedData. Bug 174193.
2002-10-25 03:21:24 +00:00
jpierre%netscape.com
eb47211db1
Fix for 169038 - bump builtins library version to 1.20 on the tip
2002-10-25 00:17:37 +00:00
nelsonb%netscape.com
43194fe941
Add -v option, which prints email addresses in certs. This excersizes
...
the new functions for extracting email addresses from certs. Bug 152986.
2002-10-24 01:40:40 +00:00
bishakhabanerjee%netscape.com
18c8cb54aa
commented out unchecked in tests
2002-10-24 00:19:53 +00:00
jpierre%netscape.com
1f25ac6059
Fix comment formatting style
2002-10-23 23:41:02 +00:00
jpierre%netscape.com
7d2f24403c
Fix for bug 95311 - replace assertion with comments
2002-10-23 23:18:17 +00:00
relyea%netscape.com
9e75e1c8d8
Make sure the array is big enough to handle all the cases.
2002-10-23 22:51:10 +00:00
nelsonb%netscape.com
8bacf2ad20
Include certi.h to resolve invocation of undeclared function.
2002-10-23 22:00:48 +00:00
nelsonb%netscape.com
b7a054c16f
Add 2 new functions to NSS, so an application can get a list of all
...
email addresses in a cert. Bug 152986.
Modified Files: lib/nss/nss.def lib/certdb/alg1485.c lib/certdb/cert.h
lib/certdb/certdb.c lib/certdb/certi.h
2002-10-23 20:50:51 +00:00
wtc%netscape.com
b368ead682
The version of the builtin root certs module is now specified in nssckbi.h.
2002-10-23 19:04:22 +00:00
jpierre%netscape.com
c27e2ab55d
Up library number for TC roots - bug #169038
2002-10-23 01:38:57 +00:00
ian.mcgreer%sun.com
754a241906
bug 174634, fix handling of authorityCertIssuer in chain construction
2002-10-22 14:43:08 +00:00
nicolson%netscape.com
57d337308c
update version strings.
2002-10-18 23:59:01 +00:00
jpierre%netscape.com
21bacd94cc
Fix for bug 175167 - SEC_QuickDERDecodeItem should fre memory upon failure. r=wtc
2002-10-18 22:32:34 +00:00
nelsonb%netscape.com
5935c31c0a
Verify the self-signed signature on PKCS 10 cert requests before honoring
...
them. Bug 174193.
2002-10-18 21:58:24 +00:00
kaie%netscape.com
a46ed1b240
b=101847 keygen does not work if Master Pwd is set to "Everytime it is needed"
...
r=javi sr=jag a=asa
2002-10-18 13:49:58 +00:00
bishakhabanerjee%netscape.com
d11498b3ae
changed error string to reflect error better: 162714
2002-10-18 00:13:03 +00:00
nelsonb%netscape.com
82695dfe41
New utility to test cert chain verification using certs in files.
2002-10-17 22:24:35 +00:00
nelsonb%netscape.com
28afcbb82d
Change instructions for entering a new token password to say "should"
...
instead of "must". Bug 174135.
2002-10-17 02:06:31 +00:00
nelsonb%netscape.com
faa1dd67ec
Use unsigned ints for serial numbers. Bug 173872.
...
Add missing line break to cert requests. Bug 174659.
Remove unused variables, and #ifndef NSPR20 code.
2002-10-17 01:41:14 +00:00
nicolson%netscape.com
ec09156712
The new SecretDecoderRing.
2002-10-17 00:33:42 +00:00
nicolson%netscape.com
862752acd6
Generate a permanent key pair, since KeyStore isn't working yet.
2002-10-17 00:32:48 +00:00
nicolson%netscape.com
2ee91189c8
remove print statements.
2002-10-17 00:07:50 +00:00
nicolson%netscape.com
a311a1c035
Forget KeyStore, it is still very broken.
2002-10-17 00:07:29 +00:00
nicolson%netscape.com
44b1e8461e
More little hacks, but it still doesn't work right.
2002-10-17 00:07:08 +00:00
nicolson%netscape.com
81756146a2
Fix an implementation detail.
2002-10-17 00:05:53 +00:00
kaie%netscape.com
f012271e37
b=163605 Use of blocking I/O for SSL in PSM stalls network activity
...
r=javi sr=darin a=asa
2002-10-16 22:20:42 +00:00
leaf%mozilla.org
aeba91a83f
update localeVersion for 1.2b, a=asa
2002-10-16 17:51:38 +00:00
nelsonb%netscape.com
7f85560c28
Use the new quick DER decoder to decode Certificate requests, because
...
it does it correctly. Fix some memory leaks in print code.
Print OCTET strings and bits strings better.
2002-10-16 05:34:54 +00:00
nelsonb%netscape.com
ebd0b8920b
Eliminate a crash in pp formatting cert requests. Bug 174188.
...
When asking for a new password and the two values don't match, ask for
both again. Bug 174133.
2002-10-16 01:40:22 +00:00
nelsonb%netscape.com
7f6f169d11
Fix DER_GetInteger. Bug 174644.
2002-10-16 01:36:10 +00:00
relyea%netscape.com
840166d8cb
Make grammar, punctuation, capitalization, and content changes suggested by
...
nelson.
2002-10-15 00:56:23 +00:00
kaie%netscape.com
ac52336656
b=169185 remove call to non-existant function
...
r=rangansen sr=jag a=asa
2002-10-14 17:57:58 +00:00