df07cea047
Add missing license block. Wrap long lines. Bug 243580. r=relyea.
2004-05-22 00:56:46 +00:00
66d76ca008
script to run NISCC tests; cvs pull of NSS and does special build, runs SMIME
...
and SSL tests, logs results to file, summarizes log results
2004-05-20 00:56:40 +00:00
4ef3c0837a
certdata.c is checked in and shouldn't be ignored
2004-05-17 20:47:35 +00:00
02f1778eca
bug 180268, reimplement ssl step-up for builtins
2004-05-17 20:08:38 +00:00
76b3c42c33
238319 : Sun packaging changes
2004-05-13 07:13:01 +00:00
922ba661c4
Bugscape bug 57081: If the make variable NISCC_TEST is defined at build
...
time, add -DNISCC_TEST to the compile command line. The NISCC_TEST macro
enables special code that's conditionally compiled for NISCC testing.
Modified Files:
cmd/smimetools/Makefile cmd/smimetools/cmsutil.c
lib/ssl/config.mk lib/ssl/manifest.mn
2004-05-13 01:29:15 +00:00
19097be494
scripts for pk11util
2004-05-12 23:49:39 +00:00
416fa5ef5e
program for generating FIPS algorithm test results
2004-05-12 17:30:31 +00:00
2209adcdb4
Fix for 240784 - FIPS doesn't work on OS/2 . r=mkaply,wtc
2004-05-11 04:01:28 +00:00
3fde3ce243
Fix for 242984 - crash with application having incomplete PRIOMethods. r=nelsonb,wtc
2004-05-11 03:48:25 +00:00
9941ae1908
Fix for 240361 - crash in CERT_CheckValidTimes
2004-05-11 02:43:10 +00:00
5d0ee525db
Bug 242457 make NTLM Auth Module use nspr logging, instead of #ifdef+printf
...
r+sr=darin
2004-05-08 15:05:56 +00:00
8440778d84
Fix for 202979 . Resolve binary compatibility issue for CERT_ImportCerts . r=wtc, jpierre
2004-05-05 01:15:39 +00:00
c06f7bf9d6
Fix mechanism command.
2004-05-05 00:36:52 +00:00
8826e9b9f2
Bugzilla bug 238914: declare namesRunningOffset as unsigned long to avoid
...
overflow. Fixed a regression introduced by the previous checkin ('nss' is
allowed to be NULL). Set slotStrings[i] to NULL after freeing to avoid
double-free. r=relyea,nelsonb.
2004-04-30 23:41:44 +00:00
ab7b15f3a9
landing patch for bug 241124 "move GSSAPI code behind nsIAuthModule so it can be used by mail protocols" r=cneberg sr=bryner
2004-04-28 02:12:52 +00:00
9d50f0f223
Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines.
2004-04-27 23:04:40 +00:00
2cdff0bb4f
Bug 236613: change to MPL/LGPL/GPL tri-license.
2004-04-25 15:03:26 +00:00
6d79381510
VerifySignature should not leak on various failures. Bug 241013, r=jgmyers,
...
sr=brendan
2004-04-22 17:40:51 +00:00
34a10f2f1c
Fixing bug 240723. Cleaning up nsIFilePicker a bit, no more nsIDOMWindowInternal, and use our string classes and not raw strings. r=caillon@gmail.com, sr=bzbarsky@mit.edu
2004-04-21 23:38:22 +00:00
b25daac5dc
Bugzilla bug 90906: removed unused variable 'size'. The patch is from
...
Serge GAUTHERIE <gautheri@noos.fr>. r=wtc.
2004-04-21 18:57:51 +00:00
c40f4f93a2
Bug 236613: change to MPL/LGPL/GPL tri-license.
2004-04-18 22:01:16 +00:00
b57d435d13
move cert details code: bug 230655 r=ddrinan sr=jag
2004-04-18 21:20:31 +00:00
4f8b5bf9d4
deCOMtaminate nsIScriptObjectPrincipal (bug 240745). This also fixes some code in nsCrypto.cpp that sems to have been mis-braced (I don't think it was working as intended). r+sr=jst.
2004-04-18 00:28:47 +00:00
5026248834
Fix for bug 221619. Tree widget refactoring and enhancement. r=neil sr=bryner
2004-04-17 05:53:38 +00:00
8125ea348f
Bug 240256 Fixing DOCTYPE to match document element p=vberon@mecano.gme.usherb.ca r=me sr=mscott
2004-04-13 09:34:47 +00:00
12797ed717
Bug 237844 nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl doesn't need to removeObserver
...
r=jgmyers sr=alecf
2004-04-13 05:16:05 +00:00
08503de950
Check trust bits before examining cert fields when classifying certs: bug 178692 r=ssauxh sr=brendan a=asa
2004-04-11 21:03:05 +00:00
d08920202a
Change ssl test scripts to invoke tstclnt with the server's FQDN.
...
Necessary because of fix to bug 234058.
2004-04-08 03:01:02 +00:00
79bd1784c9
Remove code that attempted to compare simple host names in URLs with
...
FQDNs in certificate host names. This was insecure. Bug 234058. r=wtc.
2004-04-08 00:17:46 +00:00
a5a249a333
Fix missing indexes when fetching lengths (get tinderbox working again).
2004-04-07 19:00:08 +00:00
e77b48d527
Bug 239827: Fix race condition in unwrap private key (if target key is symetric).
2004-04-07 01:18:46 +00:00
2a5881fc37
Bug 238914. r=wchang sr=misterSSL
...
Agressive checks on database data before we actually reference it. This
should prevent crashes because of invalid databases.
2004-04-07 00:58:58 +00:00
ad467d8912
Bugzilla bug 238565: made the comment match the code. r=nelsonb.
2004-03-27 01:51:25 +00:00
9b34b9f10f
Bugzilla bug 237934: in nss_InitLock, nss_InitMonitor, and
...
NSSRWLock_AtomicCreate, we need to doublecheck the lock/monitor's pointer
after we acquired the spin lock. r=nelsonb,jpierre.
Modified Files: nsslocks.c nssrwlk.c
2004-03-27 01:08:15 +00:00
6fdacdabac
Correct the parsing of certain forms of GeneralName. Bug 233586.
...
r=julien.pierre
2004-03-26 01:15:33 +00:00
6e31324307
Use the brute force method to override NSS build variables when cross-compiling.
...
Bug #172651 r=darin a=chofmann
2004-03-23 04:15:56 +00:00
99d83c2326
Fix a regression introduced by rev 1.19, after NSS 3.9 was released.
...
r=julien.pierre. bugscape 56484.
2004-03-23 03:29:56 +00:00
16737ead2a
Bugzilla bug 237870: link the MinGW build with wsock32.dll (Winsock 1)
...
instead of ws2_32.dll (Winsock 2). Thanks to neil@parkwaycc.co.uk for the
patch. r=wtc.
2004-03-23 01:59:40 +00:00
9664be26db
Bugzilla bug 172651: added a necessary test for MinGW gcc in rules.mk.
...
Do not install 'nsinstall' to avoid overwriting Mozilla's 'nsinstall'.
r=cls.
Modified Files:
rules.mk nsinstall/Makefile
2004-03-23 00:54:36 +00:00
b54f0b152a
Program to decrypt passwords inline from prefs files
2004-03-23 00:46:38 +00:00
aed0986998
Fix arrays handling strings, and help
2004-03-13 02:44:26 +00:00
232efc45f9
Remove unused file
2004-03-11 10:03:24 +00:00
f88fe6501c
It is not necessary to define _THREAD_SAFE when using pthreads on OpenBSD.
...
(See Bugzilla bug 236599 comment 41).
2004-03-11 02:26:25 +00:00
57b64eb5d4
enhance certificate categorization: bug 193960 r=ssaux/nelsonb sr=brendan
2004-03-10 07:36:50 +00:00
ad137ed2d2
Clean up TLS intolerant restart code: but 191417 p=darin r=kaie sr=bryner
2004-03-10 05:28:39 +00:00
2e6fe47845
Fix for bug 143456 - add -P option for dbprefix to selfserv . r=MisterSSL
2004-03-10 02:47:13 +00:00
c43d9ba1de
Improve dup serno error message: bug 219980 r=ssaux
2004-03-09 02:21:37 +00:00
e63849b532
Remove stray semicolon.
2004-03-06 17:34:12 +00:00
408095fc4e
Bustage fix.
2004-03-06 17:22:13 +00:00
b22645514e
Fix for bug 29152 (Cannot do formsigning - crypto.signText). r=kaie, sr=jst.
2004-03-06 15:52:44 +00:00
0f97000599
Make KEYGEN tag treat KEYTYPE value case insensitively: bug 139473 r=ddrinan sr=jag
2004-03-06 05:41:38 +00:00
877a8f3fc7
Add conditionally compiled code for NISCC testing of NSS's SSL library.
...
patch by Ian McGreer. Bugscape bug 53322.
2004-03-05 23:28:57 +00:00
f97b41e5d1
make two strings localizable bug 178881 r=ssaux sr=blizzard
2004-03-05 05:42:45 +00:00
06f934a820
backout prev checkin
2004-03-05 05:41:45 +00:00
ee18808ccb
make two strings localizable bug 178881 r=ssaux sr=blizzard
2004-03-05 05:38:58 +00:00
757070dec7
adding platform RH_Linux_7.3
2004-03-04 22:47:43 +00:00
f0eb03e36f
adjusting the platform strings as the header file specifies
2004-03-04 20:16:36 +00:00
ba439774ec
remove 512-bit keygen bug 235972 r=ssaux sr=bienvenu
2004-03-04 07:09:02 +00:00
34abf16656
removed old,unused platforms; and added newer used ones
2004-03-04 00:35:09 +00:00
60d624b3ca
Fix for 235874 - crash in PK11_DigestKey . r=wtc, nelsonb
2004-03-03 03:18:56 +00:00
1d2d419885
landing dbaron's patch for bug 235735 "fix callers that cast away const on result of ns[C]String::get" r+sr=darin
2004-02-28 22:34:07 +00:00
c7ea8bc357
fix cert tree view corruption: bug 217082 p=dewildt r=ssaux sr=sspitzer
2004-02-27 03:13:26 +00:00
c05734181d
Clean up string stuff: bug 232812 r=ssaux sr=jag
2004-02-26 04:07:23 +00:00
cf4a702ba2
Detect NULL arguments to CERT_DecodeTrustString instead of crashing.
...
Bug 235617. r=wtc.
2004-02-26 00:05:29 +00:00
65870a5d38
fix for Bugzilla bug 232481: removed a loop in smime.sh
2004-02-25 23:05:41 +00:00
2bbf510808
added negative cert import function, changed relevant Policies tests accordingly
2004-02-25 22:34:25 +00:00
8c818ed6c3
landing string defragmentation patch for bug 231995, r/sr=dbaron,jst,dougt
2004-02-19 02:44:03 +00:00
1e6e264133
Import base64 encoded certificate files with old MAC line endings.
...
Bug 221272. sr=wtc.
2004-02-16 23:52:46 +00:00
5f45d77d55
Removed unused function _OS_SELECT for AIX. Thanks to Philip K. Warren
...
<pkw@us.ibm.com> for reporting this.
2004-02-13 03:13:04 +00:00
14ab9446d3
Bugzilla bug 233048: 1. Support doing 64-bit Solaris SPARC builds using
...
gcc. 2. Enable all.sh to work with gcc-compiled NSS tests which require
setting LD_LIBRARY_PATH to point to the directory where libgcc.so resides.
The patch is contributed by Vladim�r Marek <Vladimir.Marek@printsoft.cz>.
r=wtc,nelsonb.
Modified Files: coreconf/SunOS5.mk nss/tests/common/init.sh
2004-02-13 02:47:53 +00:00
3d988159e3
Fix strings in SECU_PrintError. bug 233493
2004-02-12 02:08:59 +00:00
72b4f0a82f
Bugzilla bug 229297: fixed compiler warning "conversion from 'double' to
...
'long', possible loss of data". r=jpierre,relyea.
2004-02-11 19:43:29 +00:00
92d497302e
Bugzilla bug 229293: fixed compiler warning "unary minus operator applied
...
to unsigned type". r=relyea,jpierre.
2004-02-11 19:37:18 +00:00
6cca3beefc
Fix for bug 233605 . Check CRL entry extensions after partial decoding. Also add some new CRL decoding errors. r=nelsonb
2004-02-11 06:05:18 +00:00
21dcb34f6a
Fix for 233493 . Corrections based on Wan-Teh's feedback.
2004-02-11 05:27:32 +00:00
f0399f13b2
Fix for 233118 . additional check for CRL signing usage. r=nelsonb
2004-02-11 05:25:01 +00:00
343223baf3
Bugzilla bug 232742: support Linux/AMD64. The patch is contributed by
...
Henrik Lynggaard Hansen <admin@mozillatranslator.org>. r=wtc.
2004-02-11 02:31:22 +00:00
0015b0322e
Bugzilla bug 233321: fixed the problem with building utf8.c as a standalone
...
test program. Fixed byte-order issue on little-endian architecture.
r=nelsonb.
Modified Files: Makefile utf8.c
2004-02-11 02:17:24 +00:00
3cb3b9cc92
checking in 5 sections of Certificate Policies. Need to set
...
NSS_NO_PKITS_POLICIES to run these five sections
2004-02-11 01:31:43 +00:00
3877f51a30
Fix for 233493 - fix symkeyutil build on OS/2. r=relyea
2004-02-10 23:48:37 +00:00
9d94b7d3ae
removing dependency of a testcase on a previous testcase; i.e. each testcase
...
now imports all the CRLs required for it, and then deletes them at the end
of the test
2004-02-09 23:33:26 +00:00
8b6dc1c3ca
Fixing bug 233307. deCOMtaminating nsIScript* and related interfaces. r+sr=bryner@brianryner.com.
2004-02-09 22:48:53 +00:00
48abfb9563
Bugzilla bug 233319: prepend, rather than append, the NSS lib and bin
...
directories to PATH. r=relyea.
2004-02-09 22:39:11 +00:00
9bcf6bba06
Enable a chain to validate when a perm cert has been issued by a
...
temp cert. Bug 233038. r=ian,relyea
2004-02-07 07:17:31 +00:00
1eceb408a4
Bugzilla bug 225808: 1. Use a 32-bit integer type for cert->nsCertType so
...
that it can be safely passed to PR_AtomicSet on all platforms. Note that
we still use an unsigned type to avoid introducing signed/unsigned compiler
warnings. 2. Added a (PRInt32 *) cast to eliminate a pre-existing
signed/unsigned warning. r=nelsonb.
Modified Files: certdb.c certt.h
2004-02-07 01:41:15 +00:00
8174f82b2a
Bugzilla bug 233239: do not include cmd/zlib and cmd/lib headers and
...
libraries in NSS binary releases.
Modified Files:
lib/Makefile lib/manifest.mn makepqg/manifest.mn zlib/Makefile
zlib/manifest.mn
2004-02-07 00:26:02 +00:00
31cb0b2ebb
Bugzilla bug 123693: improved the fix for this bug. Maintain the
...
consistency between the slot hash table and slot list when the
creation of a slot fails. r=relyea,nelsonb.
2004-02-06 02:04:48 +00:00
b8350510e0
Bugzilla bug 233112: fixed a typo: "futuer" -> "future". Thanks to
...
Heikki Toivonen <hjtoi-bugzilla@comcast.net> for the bug report.
2004-02-05 05:56:54 +00:00
ae563c8b57
added a few more missing $ for variable PKITSdb for more accurate log reporting
...
also, minor optimization of crlImport and crlImportn script so that $crls does
not have to be specified on every line
2004-02-04 20:04:14 +00:00
9ec4b6c21a
bug 232011 - Use the XUL preprocessor for build-time inserting of localeVersion strings, this removes contents*.rdf.in files and resurrects the contents*.rdf files, using preprocessor.pl via the jar.mn definitions
2004-02-04 14:24:38 +00:00
15ab853103
Fix numerous bugs in CERT_FindCertByKeyID. Bug 233019. r=jpierre
2004-02-04 08:54:06 +00:00
b2c290e682
Add a feature to disable all use of CRLs with an environment variable.
...
Don't run most vfychain commands after crlutil fails to import the CRL,
when that is the expected result.
Remove one error that caused the HTML output to be invalid.
2004-02-04 04:07:32 +00:00
6c156a7f01
Put in missing $, so log output will show actual commands exeuted.
2004-02-04 02:23:40 +00:00
76865b1ed6
correcting header of section 4.1, minor edits to make headers more definitive
2004-02-03 20:13:26 +00:00
71a7773d75
Fix some incorrect string usage and improve performance in a few places that show up in an LXR search for the previous pattern. b=232339 r=jshin sr=darin
2004-02-03 18:23:41 +00:00
ddc08ff79d
Invoke crlImportn instead of crlImport in several places where a
...
negative outcome is expected. More work on this is needed.
crlImportN should return a value that tells us if it actually failed,
so that the script can decide whether or not to proceed with vfychain.
But this change makes the outcome more green, less red.
2004-02-03 07:14:52 +00:00
68ca6ac4ad
Honor key usage extensions, whether they're critical or not.
...
Bug 232738. r=jpiperre.
2004-02-03 07:10:04 +00:00
eba26f5336
Max crlutil return 0 or 1 correctly, depending on the success of the
...
operation. Bug 232937. r=jpierre.
2004-02-03 06:59:35 +00:00
df5c3e2347
Change script so that html output and logfile will be broken up into
...
clearly defined and easy-to-find sections.
2004-02-03 04:15:08 +00:00
5842f65a6f
Make output log file more readable by separating each test case.
2004-02-03 03:07:38 +00:00
8d35c478d7
fixed one typo
2004-02-03 01:27:47 +00:00
31eae812f3
checking with all latest revew comments addressed
2004-02-03 00:59:53 +00:00
20c1620040
Bug 232186 Remove deprecated nsIPref usage from PKI chrome moa=kaie r=caillon sr=brendan
2004-01-31 21:11:27 +00:00
76264234dc
Extend set of OIDs mapped to text: bug 97406 r=kaie sr=spitzer
2004-01-31 07:10:35 +00:00
d9dfdc173c
Don't use strcmp() on UTF-16: bug 154121 r=kaie sr=sspitzer
2004-01-31 07:09:21 +00:00
3362ec5c98
When an attempt to initialize a slot fails, free up the resources
...
right away, rather than waiting until NSS_Shutdown. Bug 123693.
Second try. r=relyea.
2004-01-30 04:15:47 +00:00
66a5f14215
Back out rev 1.90. It breaks shlibsign.
2004-01-29 23:34:21 +00:00
3746806bae
Export SECOID_AddEntry. Bug 132942. r=wtc.
2004-01-29 22:51:55 +00:00
87037886de
Invoke SECU_RegisterDynamicOids() so that more OIDs will print out.
...
Bug 132942. a=wtc.
2004-01-29 22:48:58 +00:00
1178524031
Bug 132942. r=wtc
...
Make the following enhancements to NSS's ASN.1 printing code:
- Print warning messages that are properly indendented.
- PrintAsHex notices when the buffer contains entirely printable characters, and is larger than an int, and prints it as text in that case.
- PrintRawString now indents the string, rather than always printing it on
a separate line.
- now prints decoded bit strings
- now prints BMP (UCS2) strings as strings (not as hex) when they contain only printable ASCII characters.
- now prints Universal (UCS4) Strings as strings (not hex) when they contain only printable ASCII characters.
- Decodes certain encoded data that was previously printed as hex.
- Generically decodes ASN.1 data, rather than merely printing an error, when the ASN.1 data doesn't fit a known template.
- properly handles all optional components of basic constraints extensions.
- Prints the names of the bits in the X509 Key Usage extension.
- Prints General Names.
- Print Auth Key ID extensions
- Print subject and issuer alt name extensions
- Print CRL distribution points extensions
- format and print name constraints extensions
- print Authority Information Access extensions
- Print optional X509v2 subject and issuer Unique ID bit strings
2004-01-29 22:45:20 +00:00
ffac3ff18d
Change some comments and one variable as suggested in review comments.
...
r=relyea,wtc. Bug 124923.
2004-01-29 21:57:41 +00:00
ae49b07260
Make SECOID_AddEntry be thread safe. Export it. Bug 124923. r=relyea.
2004-01-29 21:23:36 +00:00
aa1cc56ff2
Plug leaks. Bug 123693. r=wtc,relyea
2004-01-29 21:18:24 +00:00
0b2945333d
Fix for 232377 - assertion in vfychain with DSA cert. r=wtc, nelsonb
2004-01-28 23:25:07 +00:00
770792a092
Export cert functions that decode extensions and traverse decoded
...
extensions. Bug 231881. r= relyea, wtc.
2004-01-28 23:23:45 +00:00
2cd0aefb3a
Change program return value to reflect test outcome. Bug 221737. r=wtc
2004-01-28 22:30:27 +00:00
218facb68e
Bugzilla bug 232380: deleted CERT_FindExpiredIssuer, which is dead code.
...
In cert_VerifyCertChain, make sure that subjectCert and issuerCert never
point to the same cert to prevent from destroying that cert twice.
r=jpierre,nelsonb.
Modified Files: certdb/cert.h certhigh/certvfy.c
2004-01-28 21:51:10 +00:00
d001ae79d0
address review comments: bug 231659
2004-01-28 04:29:14 +00:00
21362b48fa
rewrite utf8 parser for strictness: bug 231659 r=MisterSSL
2004-01-28 03:48:43 +00:00
ca5e04ee48
fix charset conversion: bug 185167 r=kaie sr=sspitzer
2004-01-28 03:44:38 +00:00
9eb7b71e75
Fix for 231051 - crlutil asserts after deleting CRL. r=wtc, nelsonb
2004-01-28 01:17:13 +00:00
808ec4877d
Bugzilla bug 231018: use AIX.mk for all AIX versions. Removed the
...
AIXm.n.mk files. Removed support for AIX 3.2, 4.1, and 4.2. Removed
unused make variable EXPORT_RULES. Removed unused macro define -DAIX4_3.
The patch is contributed by Philip K. Warren <pkw@us.ibm.com>. r=wtc.
Modified Files:
AIX.mk config.mk
Removed Files:
AIX3.2.mk AIX4.1.mk AIX4.2.mk AIX4.3.mk AIX5.1.mk AIX5.2.mk
2004-01-27 23:55:38 +00:00
d1378d4081
bug 231698: fix regression in reading SDR data in databases written on 64-bit platforms.
...
r=MisterSSL
2004-01-27 18:31:29 +00:00
1ed44eba40
AddRef() the out parameter, and check for OOM.
...
Fixes bug 231709, iframes pointing to signed XUL crashes browser
r+sr=jst
2004-01-27 05:01:48 +00:00
ed30b5426d
Fix for 231051 - crlutil asserts after importing CRL. r=nelsonb, wtc
2004-01-27 00:02:16 +00:00
367ac2cf5c
Fix crashes that occur when optional policyQualifiers are not present.
...
Bug 230951. r=kinmoz.
2004-01-23 22:50:01 +00:00
77ef0ec709
Bumped version to 1.50 (for NSS 3.10).
2004-01-23 22:15:39 +00:00
e1776d7a4b
RFC 3280 says Name Constraints do not apply to self-issued CA certs,
...
including self-issued intermediate CA certs (so-called "roll-over" certs).
This fixes an NISCC test failure. Bug 231030. r=wtc.
2004-01-23 06:06:06 +00:00
d39242dda7
When a name attribute's value exceeds the maximum allowed length, display
...
a truncated version of it, followed by ellipsis. Bug 220855. r=wtc
2004-01-22 23:45:30 +00:00
c3e741505b
Add -a option for Base64 encoded ASCII input and output.
...
The -i and -o options now understand "-" to mean stdin and stdout.
Usage is displayed when -? or no arguments are given.
Bug 231536. r=relyea.
2004-01-22 22:08:59 +00:00
ab62ea0dcd
Correct NSS's key usage tests for certs with non-RSA public keys.
...
Bug 221638. r=relyea.
2004-01-22 22:04:54 +00:00
abe30316c3
Detect duplicate issuer name and serial number between two temp certs.
...
Bug 230996. r=ian, relyea.
2004-01-22 02:36:53 +00:00
6b4f2582f5
Fix name constraints code to pass NIST PKITS test 38. r=wtc. Bug 231223.
2004-01-22 02:33:41 +00:00
6eb4db4380
Move an extern function declaration to the header file where it belongs.
...
Bug 229212. r=relyea.
2004-01-22 02:19:42 +00:00
1cf2dd38f1
Fix some erronous code that set SEC_ERROR_NO_MEMORY when there had been
...
no memory failure. r=relyea. Bug 231566
2004-01-22 02:17:26 +00:00
6a8f1df53b
Fix bug in cert path length validation. Bug 221644. r=jpierre
2004-01-21 05:32:18 +00:00
3e7249335c
Support GeneralizedTime in NSS tools. bug 210530. r=wtc
2004-01-21 01:15:01 +00:00
14c61e40e0
Use the results from PK11_ProtectedAuthenticationPath(slot) in the
...
password callback function. Bug 229023. r=relyea. verified by submittor.
2004-01-21 00:18:59 +00:00
600d5d5236
Bugzilla bug 229299: fixed unused variable warning. r=nelsonb.
2004-01-20 22:57:40 +00:00
ae8711f043
fix review comment: bug 53133
2004-01-20 19:57:17 +00:00
c7a655b980
Make this code build on Windows as well as Unix.
2004-01-19 01:05:53 +00:00
ea240a20f0
Fix two more incorrect cert names that caused erroneous test results.
...
Bug 231221.
2004-01-17 05:55:20 +00:00
ded78bdcc6
Correct this script to more accurately report errors. Bug 231221.
2004-01-17 05:04:42 +00:00
dde3b2789c
Detect absent isCA flags in basic constraints. Detect and reject negative
...
or too large positive path length constraints in basic constraints.
Bug 221644. r=jpierre.
2004-01-16 21:33:16 +00:00
187f146641
Fix template for Cert policy extensions. Bug 230951, r=jpierre
2004-01-16 05:36:08 +00:00
f0ce21ebbf
Fix NSS parsing of Issuer Unique ID and Subject Unique ID fields in
...
certificate. Bug 216116. r=jpierre
2004-01-16 02:11:44 +00:00
baa193b610
Add vfychain to list of NSS cmds being built nightly. r=wtc. Bug 231025
2004-01-16 02:03:08 +00:00
3180f3e51c
fix comment per review: bug 53133
2004-01-16 01:04:57 +00:00
37d598af3d
Set JSS version to 3.5.
...
Modified Files:
org/mozilla/jss/CryptoManager.java
org/mozilla/jss/util/jssver.h pkg/solaris/Makefile.com
2004-01-16 00:50:21 +00:00
5bf5f4d3d8
Another file, pkg/solaris/Makefile.com, also needs to be updated when we
...
change the JSS version.
2004-01-16 00:48:49 +00:00
e99fda1edc
Minor change after review of previous checkin. Bug 53133.
2004-01-15 22:34:26 +00:00
0d7b150a77
Fix build problems on some platforms.
2004-01-15 16:27:02 +00:00
3104e67dcf
Set NSS version to 3.10 Beta.
2004-01-15 15:08:58 +00:00
b08688fb89
Convert T61String-labeled ISO-8859-1 to UTF-8: bug 53133 r=nelsonb a=wtc
2004-01-15 06:23:14 +00:00
84fa42598b
Add 2 additional OIDs to the list of acceptable digestEncryptionAlgIDs,
...
per RFC 3370. r=thayes. Bug 230761.
2004-01-14 22:20:44 +00:00
760edf0053
Tool to manage pkcs 11 module tests.
2004-01-14 21:34:20 +00:00
b3ec77edc5
Fix double free introduced in rev 1.54. r=wtc. bug 230774.
...
Bug occurs only in NSS utilities that import base64 encoded files, e.g.
with the -a option.
2004-01-14 01:19:26 +00:00
7f0e9e3c69
Bugzilla bug 229289: fixed an unused variable warning. r=relyea.
2004-01-13 01:59:41 +00:00
4ab234b8be
General deCOMtamination of nsIDocument, nsIContent, and nsIFormSubmission. Eliminating nsIAttributeContent, and doing some URL->URI changes. r+sr=peterv@propagandism.org
2004-01-09 23:54:21 +00:00
7305e479fd
Upgraded to NSPR 4.4.1 and NSS 3.9.
2004-01-09 02:34:14 +00:00
04ce1832e8
Bugscape bug 54500: made uniqueNamedKeyExists public.
2004-01-08 18:09:15 +00:00
11aea91a5a
Overload the error code SSL_ERROR_RX_RECORD_TOO_LONG to report SSL2
...
records that are too short. Bugscape bug 54814
2004-01-08 06:52:00 +00:00
ff24f13dc1
Rename PK11_PubDeriveExtended to PK11_PubDeriveWithKDF
2004-01-08 01:37:46 +00:00
c477412c15
Set NSS version to 3.9.
2004-01-08 01:04:56 +00:00
64e1c653c2
Rename PK11_FindSlotsByAliases to PK11_FindSlotsByNames
2004-01-07 23:12:01 +00:00
cec1dc097b
Rename CERT_DecodeTimeChoice/CERT_EncodeTimeChoice to DER_DecodeTimeChoice/DER_EncodeTimeChoice
2004-01-07 23:07:24 +00:00
1f4ab81acd
Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 13:37:00 +00:00
f0bfff2628
Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 01:22:31 +00:00
aa9d288d07
Fix crashes in NSS_CMSSignedData_GetDigestValue and
...
NSS_CMSContentInfo_GetContent that occur when a detached signature is not
accompanied by the data on which the signature was computed. Bug 229242.
Make NSS_CMSContentInfo_GetInnerContent and NSS_CMSMessage_GetContent
more easily debugged, by storing the results returned by function calls
in automatic variables before using them in subsequent calls/switches.
2004-01-07 00:09:17 +00:00
0e78bb5436
Bug 229193
...
Patch by wtc revied by relyea & ian
2003-12-31 23:19:26 +00:00
cb9dbe008a
Fix the security warning dialogs to work as designed for Firebird:
...
- All dialogs will appear the first time a user encounters them
- The "show every time" checkbox will default to off
- If the user checks the checkbox to see the dialogs every time, the choice will be remembered.
Because of the change in default prefs, this will cause Firebird users to see these dialogs again (but defaulted to not show after that) when upgrading. Bug 172091, r=brendan, sr=ben.
2003-12-31 23:03:08 +00:00
f03919eea5
Set NSS version to 3.9 Beta 6.
2003-12-24 06:22:49 +00:00
21dc9e9b04
Removed unused variable 'val'.
2003-12-23 21:40:52 +00:00
3de8b3b578
Fixed unused variable compiler warning about 'html'. Declare it inside
...
the same ifdef with which it is used.
2003-12-23 21:37:07 +00:00
a0b0269ff5
Removed unused variable 'rawSigLen'.
2003-12-23 21:24:01 +00:00
eddbc41fde
Removed unused variable 'attribute'.
2003-12-23 21:21:39 +00:00
f157b4204b
Include "nsslocks.h" for nss_InitLock.
2003-12-23 02:09:55 +00:00
f7f1d072bd
Declare the argument to SECKEY_ECParamsToKeySize as const.
...
Modified Files: seckey.c pk11skey.c
2003-12-23 02:05:28 +00:00
a7721556a1
Bugscape bug 54500: trim preceding/trailing whitespace from passed-in
...
String arguments.
2003-12-23 01:19:48 +00:00
66c670fbbf
Return a value of the correct type.
2003-12-23 01:03:39 +00:00
d4eb24316c
Fixed a spelling error.
2003-12-23 00:52:06 +00:00
4219037f37
Moved ecl-curve.h from the EXPORTS to the PRIVATE_EXPORTS list.
2003-12-23 00:17:04 +00:00
756f7aff67
Renamed SECKEY_ECParams2KeySize as SECKEY_ECParamsToKeySize. Do not export
...
this function from the nss3 shared library.
Modified Files: seckey.c pk11skey.c nss.def
2003-12-22 23:36:40 +00:00
770fccd41b
Declare the 'input' argument to CERT_DecodeTimeChoice as 'const'. Removed
...
an extraneous semicolon (;) after the SEC_ASN1_CHOOSER_IMPLEMENT macro.
Modified Files: secder.h sectime.c
2003-12-22 23:33:39 +00:00
9600321508
Bugzilla bug 228907: added a stub implementation for the obsolete native
...
function Java_org_mozilla_jss_pkcs11_PK11Cert_getNickname, which is listed
in the symbol export file jss.def.
2003-12-20 15:56:11 +00:00
6a7ea65c54
Some further cleanup of p12d.c. Bugscape bug 52528. r=wtc.
2003-12-20 01:33:06 +00:00
d176a987be
Set NSS version to 3.9 Beta 5.
2003-12-20 00:35:01 +00:00
5532bc074d
Made wincx the last argument of PK11_PubDeriveExtended. r=relyea.
...
Modified Files: pk11func.h pk11skey.c ssl3con.c
2003-12-19 23:54:29 +00:00
f1bf35b807
Impose new limits on RSA public key sizes. 8k bits for modulus,
...
64 bits for public exponent. This prevents certain attacks on SSL
servers. Bugscape bug 54019. r=wtc,relyea.
2003-12-19 23:50:45 +00:00
ae22e439e8
PK11_MoveKey was renamed PK11_MoveSymKey. r=relyea.
...
Modified Files: symkeyutil.c nss.def pk11func.h pk11skey.c
2003-12-19 23:29:43 +00:00
49dcbf8eda
Make database access to the key db thread safe.
2003-12-19 23:24:48 +00:00
77fe7fa8fa
Add keydb lock type. keydb should be locked like the certdb.
2003-12-19 23:24:00 +00:00
52de07bb40
Backed out the previous checkin, which broke our S/MIME QA tests.
2003-12-19 22:54:20 +00:00
b650fd4b68
Bugzilla bug 228624: we need to call STAN_ForceCERTCertificateUpdate if
...
the cert's instances changed. r=relyea.
2003-12-19 22:33:12 +00:00
9305af43fc
Bugscape bug 54627: made the fix for NSS_CMSSignedData_Encode_BeforeData
...
the same as the code in NSS_CMSSignedData_Decode_BeforeData. r=nelsonb.
2003-12-19 22:08:12 +00:00
49a280f7c5
Bugscape bug 54500: Improved the previous checkin: fixed leaks of the
...
return values of PK11_GetSymKeyNickname. Removed unnecessary assignment
statements "symKeyObj = NULL;". Removed an unnecessary else { }.
2003-12-19 19:36:30 +00:00
b8d2b1f69e
Import NSPR 4.4.1.
2003-12-19 17:02:57 +00:00
1138321adf
Bugzilla bug 221133: fixed unused variable warning on some platforms.
...
The patch is contributed by timeless@bemail.org . r=wtc.
2003-12-19 16:35:14 +00:00
691f55297a
Bugscape bug 54500: added some new methods to the SecretDecoderRing
...
KeyManager class. The patch is contributed by Matthew Harmsen of AOL.
Modified Files:
lib/jss.def org/mozilla/jss/SecretDecoderRing/KeyManager.c
org/mozilla/jss/SecretDecoderRing/KeyManager.java
2003-12-19 05:33:50 +00:00
265753bc14
Set JSS version to 3.5 Beta.
...
Modified Files:
org/mozilla/jss/CryptoManager.java
org/mozilla/jss/util/jssver.h
2003-12-19 05:08:34 +00:00
c6bdd51adf
Don't overwrite pointers to existing message digests if they've been
...
precomputed. Bugscape bug 54627. r=wtc, jpierre.
2003-12-19 03:58:28 +00:00
485ad745a6
Bugzilla bug 228907: enable PK11Store.getCertificates to return the correct
...
nicknames for certs with multiple instances. This requires adding a new
nickname argument to the constructors of the various cert classes and
passing a nickname better than NSS's cert->nickname where possible.
r=thomask.
Modified Files:
pkcs11/PK11Cert.c
pkcs11/PK11Cert.java
pkcs11/PK11InternalCert.java
pkcs11/PK11InternalTokenCert.java
pkcs11/PK11Store.c
pkcs11/PK11TokenCert.java
pkcs11/pk11util.h
util/java_ids.h
2003-12-19 00:19:57 +00:00
81fde151dc
Set NSS version to 3.9 Beta 4.
2003-12-18 21:45:34 +00:00
89e653ae9d
Bugzilla bug 228624: made PK11_ListCertsInSlot reach into the Stan layer
...
to obtain the correct nicknames of the cert instances (pk11cert.c). Fixed
the bug that if a cert we want to add the the cache is already in the
cache, we should merge the instances of the cert before destroying the
duplicate cert (tdcache.c). r=jpierre,relyea.
2003-12-18 18:23:17 +00:00
1752cbbaed
Bugzilla bug 219982: removed an unused local variable. (The function call
...
is needed for its side effect.) Thanks to timeless@bemail.org and
Serge GAUTHERIE <gautheri@noos.fr> for the patch. r=wtc.
2003-12-17 22:43:25 +00:00
ab2738ede9
Allow NSS_CMSDigestContext objects to be created, even when there are
...
no valid digest algorithm OIDs. This allows "certs only" messages to
be decoded. Bugzilla bug 228707. r=jpierre, wtc.
2003-12-17 03:49:10 +00:00
704e59f314
Bugzilla bug 228618: fixed an incorrect use of realloc. Fixed an unused
...
variable compiler warning. r=jpierre.
2003-12-16 04:24:57 +00:00
76d85c560b
Fix S/MIME bugs that caused parallel arrays of digest OIDs and digest
...
values to become out of sync. Bugscape bug 54256. r=relyea.
Modified Files: cmd/smimetools/cmsutil.c lib/smime/cmsdigest.c
2003-12-12 23:55:06 +00:00
2011673dcb
Fix for 54061 . Return SEC_ERROR_INVALID_ARGS and remove assertions . r=wtc,misterssl
2003-12-12 21:42:02 +00:00
aa4638806c
fixes bug 228062 "NTLM authentication fails with mod_ntlm, mod_ntlm reports 'missing/corrupt NTLM header'" r+sr=bryner a=dbaron
2003-12-12 02:58:42 +00:00
1de1d0f5fb
fix 227991, nsNSSCertificateDB::AddCertFromBase64 crashes (only used from auto config), r=kaie, sr=mscott, a=sspitzer
2003-12-11 16:02:08 +00:00
d4d04655e1
CERT_ImportCerts now returns SECFailure when NONE of the certs was succesfully imported. r=wtc. Bugscape bug 54311.
2003-12-06 06:52:53 +00:00
e537bc9692
__CERT_AddTempCertToPerm will now set error SEC_ERROR_ADDING_CERT
...
when attempting to make a cert perm that is already permanent.
Bugzilla bug 227559. r=wtc
2003-12-06 06:46:27 +00:00
8704f98c04
NSC_Finalize will now destroy 3 softoken free lists and one more
...
global pointer. Plugs some memory leaks. Bugscape bug 54301. r=wtc
2003-12-06 06:41:51 +00:00
c905879d28
Add /FIXED:NO argument to linker command line for EXEs. Purify
...
requires this to precisely instrument EXEs. r=wtc
2003-12-06 06:34:20 +00:00
ec6dec704f
Add new -k option to NSS QA test program cmsutil. By default, cmsutil
...
will no longer add any decoded certs to the cert db file, which is
useful for reproducibility of results in QA scripts.
Bugscape bug 54293. r=relyea,jpierre,wtc
2003-12-06 06:31:08 +00:00
a0deea3e3a
Bugzilla bug 227296: fixed the bug that NSS_CMSAttribute_AddValue adds the
...
address of a stack variable to the attr->values array. Added a new
function SECITEM_ArenaDupItem. r=nelsonb.
Modified Files:
nss/nss.def util/secitem.c util/secitem.h smime/cmsarray.c
smime/cmsattr.c
2003-12-06 01:16:50 +00:00
0515e55abf
Further simplification and improvement of the parsing of UTCTime
...
and GeneralizedTime to avoid UMRs. Bugscape bug 54198. r=wtc
2003-12-05 04:53:28 +00:00
87fc420381
NSS_CMSContentInfo_Destroy()
...
- The patch destroys the digest context member of the CMSContentInfo.
It calls the previously unused function NSS_CMSDigestContext_Cancel
to destroy the digest context. Eliminates an object reference leak.
Bugscape bug 54208, r=relyea
2003-12-04 00:39:24 +00:00
288de30d7f
In functions NSS_CMSSignedData_Encode_AfterData and
...
NSS_CMSSignedData_Decode_AfterData
- These functions call NSS_CMSDigestContext_FinishMultiple, which
always destroys the digest context, regardless of whether it returns
SECSUccess or SECFailure. So, change these functions to always NULL
out the context pointer regardless of the returned value.
NSS_CMSSignedData_VerifySignerInfo()
- Always call NSS_CMSSignerInfo_Verify() to set the verification status
in the signerinfo object, even if some of the other arguments are NULL,
or other failures have occurred, but avoid NULL pointer dereferences
along the way. Notice that this change is dependent on changes to
NSS_CMSSignerInfo_Verify() (see below.)
NSS_CMSSignedData_SetDigests() - skip over missing digests. Don't fail
the function, and don't crash, if digest pointers are NULL.
Bugscape bug 54208, r=relyea
2003-12-04 00:36:47 +00:00
39b3925b9d
Functions NSS_CMSDigestedData_Encode_AfterData and
...
NSS_CMSDigestedData_Decode_AfterData
- Since NSS_CMSDigestContext_FinishSingle always destroys the context,
regardless of whether it returns SECSuccess or SECFailure, these
functions have been changed to always NULL out the context pointer
after calling NSS_CMSDigestContext_FinishSingle, regardless of the
outcome.
Bugscape bug 54208, r=relyea
2003-12-04 00:35:02 +00:00
a4b319833e
There is a lot of "cleanup" in this file, wrapping source at 80 columns.
...
The relevant fixes for this bug include:
NSS_CMSDigestContext_StartMultiple()
- make sure that cmsdigcx->digcxs and cmsdigcx->digobjs are initialized.
- at the "loser" label, be sure to free the digest context itself.
NSS_CMSDigestContext_Cancel()
- after destroying all the objects, free the arrays of pointers to the
objects, and the digest context itself. Previously these items were
leaked by this function.
NSS_CMSDigestContext_FinishMultiple()
- ensure that this function ALWAYS destroys all the NSS digest objects,
and doesn't stop destroying them if it encounters an error. Note that
this is a newer revision of an older patch for that problem.
- always Free the arrays of pointers used in this object.
NSS_CMSDigestContext_FinishSingle()
- simplify this code.
Bugscape bug 54208, r=relyea
2003-12-04 00:32:18 +00:00
87f679f22f
NSS_CMSSignerInfo_Verify()
...
- This function is changed to explicitly allow some of its input arguments
to be NULL. It will set the verification status in the CMSSignerInfo
object accordingly. Since this is the ONLY function that ever sets the
verification status, it must be able to do so even when problems have
occurred.
- lots of cleanup of this source code.
Bugscape bug 54208, r=relyea
2003-12-04 00:29:31 +00:00
595bef62f1
Add null pointer checks to nss_cms_after_end and NSS_CMSEnvelopedData_Decode_AfterData. Bugscape bug 54061. r=wtc,relyea
...
Lots of code "cleanup" (reformatting for 80 columns) in cmsdecode.c
2003-12-04 00:14:24 +00:00
4261b30e83
Avoid UMRs in dertime.c. Bugscape bug 54198. r=wtc.
2003-12-03 04:03:40 +00:00
1a4d392dcf
Fix for 54061 - null pointer check . r=nelsonb
2003-12-03 02:42:08 +00:00
8dfbb57876
Bugscape bug 54021: in CERT_FindSubjectKeyIDExtension, if PORT_NewArena
...
fails we should return SECFailure. Document that the return values of
CERT_GetCommonName and NSS_CMSSignerInfo_GetSignerCommonName must be freed
with PORT_Free. r=nelsonb.
Modified Files:
certdb/alg1485.c certdb/cert.h certdb/certv3.c smime/cms.h
smime/cmssiginfo.c
2003-12-03 00:09:05 +00:00
f35f2c3708
Separate locale version from Mozilla version so we do not have to bump locale version for every release. b=226377 r=kairo, bsmedberg sr=ben a=asa
2003-12-02 23:22:11 +00:00
52158427da
Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb
2003-12-02 05:46:27 +00:00
9383aa4e6e
Fix for 54088 . Don't try to encode attributes with no value. r=wtc
2003-12-02 05:05:30 +00:00
684a62349d
Bound stan error stack at 16 error codes to limit growth.
...
Bugscape bug 54021. r=wtc.
2003-12-02 02:05:47 +00:00
fb221f5058
Reverted to NSPR 4.3 until Sun has NSPR 4.4.1 binary distributions.
2003-11-28 05:41:42 +00:00
3831fe52a1
Detect invalid input buffer lengths, and return error instead of UMR>
...
Bugscape bug 54021. r=wchang0222
2003-11-27 05:08:20 +00:00
45d0142b79
Fix leak in CERT_FindSubjectKeyIDExtension, and use the Quick DER
...
decoder. Bugscape bug 54021. r=jpierre
2003-11-27 05:06:20 +00:00
26c03108b1
Upgraded to NSPR 4.4.1.
2003-11-27 01:43:15 +00:00
f2932f6e38
Clean up some arithmetic used for UCS4. Detect when UCS2 and UCS4
...
buffers have invalid lengths. Bugscape bug 54021. r=whang0222, relyea
2003-11-27 01:08:59 +00:00
25e490c787
Bugzilla bug 226861: removed NSS_CMSSignedData_GetDigestByAlgTag, which is
...
a duplicate of NSS_CMSSignedData_GetDigestValue. r=nelsonb.
Modified Files: cms.h cmssigdata.c
2003-11-26 23:50:02 +00:00
a0f6f0dea3
In NSS_CMSSignedData_VerifySignerInfo(), test all returned pointers
...
for NULL before attempting to dereference them.
Bugscape bug 54057. r=wchang0222
2003-11-26 22:02:38 +00:00
c8d02d5f8b
Performance enhancement. Detect absurdly large modulae in public keys,
...
and don't waste time on them. Bugscape bug 54019. r=relyea.
2003-11-26 06:26:31 +00:00
512f1560b2
Remove an unnecessary and incorrect assert call.
...
Bugscape bug 54018. r=jpierre
2003-11-26 06:16:01 +00:00
a458b641ae
This patch reduces the scope of many variables in cmsutil's decode function. It frees the signer's CN string after use.
...
Bugscape bug 54021. r=jpierre
2003-11-25 23:26:39 +00:00
adc6c275b6
fixes bug 226639 "send NegotiateAlwaysSign in NTLM type 1 message to make NetApp/6.3.3 happy" r+sr=bryner a=dbaron
2003-11-25 02:12:41 +00:00
251f8a47fb
Bugzilla bug 226470: removed -qarch=com, which is the default for the
...
compiler. r=pkw@us.ibm.com .
2003-11-24 19:45:18 +00:00
10c3b4308c
Bugzilla bug 226470: use a C compiler rather than a C++ compiler to compile
...
C code. The patch is contributed by Philip K. Warren <pkw@us.ibm.com>.
2003-11-22 06:45:50 +00:00
50b6382c60
Don't invoke PKCS11 with an invalid handle. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:10:56 +00:00
a7dd9b1bf2
Remove an overreaching constraing on modulus length. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:09:27 +00:00
3188a9ceb1
Implement new "batch mode" (see the -b option). Plug some leaks.
...
Facilitates memory leak testing of the SMIME library.
This revision combines the patches for Bugzilla bug 225513 and
Bugscape bug 53775. r = relyea and wchang0222
2003-11-20 02:33:18 +00:00
f90a628dd9
Don't accept ASN.1 items whose length is 2GB or more.
...
Bugscape bug 53875. r=wchang0222 and r=relyea.
2003-11-20 02:08:34 +00:00
59a1ced121
Dont attempt to allocate 2GB or more from an arenapool.
...
Bugscape bug 53875. r=relyea.
2003-11-20 02:06:16 +00:00
nelsonb%netscape.com
bishakhabanerjee%netscape.com
ian.mcgreer%sun.com
christophe.ravel.bugs%sun.com
wchang0222%aol.com
relyea%netscape.com
jpierre%netscape.com
cbiesinger%web.de
darin%meer.net
gerv%gerv.net
bzbarsky%mit.edu
jst%mozilla.jstenback.com
jgmyers%speakeasy.net
bryner%brianryner.com
varga%nixcorp.com
neil%parkwaycc.co.uk
timeless%mozdev.org
cls%seawood.org
peterv%propagandism.org
kairo%kairo.at
dbaron%dbaron.org
caillon%returnzero.com
bsmedberg%covad.net
bienvenu%nventure.com