c2d639aa9f
Set NSS version to 3.9 Beta 2.
2003-11-04 05:52:51 +00:00
cb4b243066
Fix numerous errors (mostly off-by-1 errors) in the code that formats
...
and prints certs and CRLs. This code is common to certutil and pp.
Bug 222568 r=nicholson (for this portion).
2003-11-04 02:16:42 +00:00
f0ab5a779e
Better cleanup. Plug leaks in pp. bug 222568. r=nicolson (this part).
2003-11-04 01:51:54 +00:00
3e23562169
Rename get_oid_string to CERT_GetOidString and export it. Also, export
...
CERT_DestroyOidSequence. bug 222568. r=jpierre (for this portion).
2003-11-04 01:48:39 +00:00
4be366b3cf
Fix missing cx param problem (223041, r=caillon, sr=dbaron).
2003-11-03 04:26:55 +00:00
816b00b6cc
Fix for bug 224231 (Need AppendASCIItoUTF16). r=jst, sr=dbaron.
2003-11-01 10:57:41 +00:00
db80db9956
Bugzilla bug 223624: fixed the compiler warning that case ecKey is not
...
handled in the switch statement. r=nelsonb.
2003-11-01 05:17:16 +00:00
201c406020
Remove one unnecessary transition from the SSL3 state machine.
...
Reduce the number of reallocations of the SSL3 handshake message buffer.
Bugscape bugs 53287 and 53337
2003-10-31 07:01:05 +00:00
1ca2f7bff1
Enable generation of DES2 keys with mechanism CKM_DES2_KEY_GEN. Bug 201521
2003-10-31 02:33:16 +00:00
74bf975468
Correct the code that detects DES2 keys based on their lengths. Bug 201521
2003-10-30 22:31:09 +00:00
d20b923bd7
Fix for 223494 - cmsutil signing does not work with hardware tokens. r=wtc, relyea
2003-10-28 02:34:15 +00:00
624f671470
Bugzilla bug 223624: declare pk11_FindAttrInTemplate before it is used.
...
r=nelsonb.
2003-10-25 14:10:11 +00:00
c96d1ed9b5
Bugzilla bug 223624: use PR_MAX to avoid redefining MAX, a macro commonly
...
defined in system headers. r=nelsonb.
2003-10-25 14:08:31 +00:00
31dbf3bf9f
Bugzilla bug 223624: removed an extraneous format string for fprintf.
...
r=nelsonb.
2003-10-25 14:05:08 +00:00
ab5ecc5b5c
Bugzilla bug 223624: node->error is a 'long', so it should match a %ld
...
format. r=nelsonb.
2003-10-25 14:01:43 +00:00
ded6578ea5
Initialize crlHandle . r=wtc
2003-10-25 00:41:14 +00:00
95d6c3f26e
Require DES, DES2 and DES3 keys to have correct length in all cases.
...
Expand DES2 keys to be DES3 keys when used with DES3 mechanisms.
Bug 201521.
2003-10-25 00:12:34 +00:00
ec00f34485
Bugzilla bug 173715: fixed a crash in OCSP. We incorrectly assumed that
...
'addr' was the last IP address of the host when PR_EnumerateHostEnt
returned 0 and attempted to connect to 'addr', resulting in an assertion
failure in PR_Connect. The fix is to not use 'addr' when
PR_EnumerateHostEnt returns 0. r=relyea.
2003-10-24 17:17:37 +00:00
ba7cb76b6a
Removed the nonexistent directory 'rngtest' from DIRS.
2003-10-24 06:22:58 +00:00
7cba11a0bb
Removed nonexistent directory "crypto" from DIRS.
2003-10-24 05:29:08 +00:00
24e7c95246
Bugzilla bug 223427: added a note section so that the linker knows we're
...
not executing off the stack. This patch is received from Christopher
Blizzard of Red Hat <blizzard@redhat.com>.
2003-10-24 04:47:23 +00:00
d39df80ec1
try forcing the bourne shell to execute the command line.
2003-10-23 22:01:55 +00:00
a0e219b348
deCOMtaminate nsIDocument by changing methods to use return value instead of out-params, eliminating unused nsresult return values, moving some members to nsIDocument and inlining the getters/setters. Bug 222134, r=bzbarsky, sr=jst.
2003-10-22 06:09:48 +00:00
b0e7253075
more debugging info.
2003-10-22 04:08:17 +00:00
2e23dc9849
Bugzilla bug 222065: fixed a bug (inside #ifdef WINNT) introduced in the
...
previous checkin.
2003-10-22 01:00:10 +00:00
de3d3fbf61
Re-land patch for bug 83536, merging principal objects.
...
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
2003-10-21 22:11:49 +00:00
1a5bf9ea5d
NIST PKITS tests:first checkin, without CRLS:bug 177398:six sections implemented
2003-10-21 21:35:04 +00:00
648771bdd9
fix 221329 add ability to add root certs from autoconfig js, r=misterSSL@aol.com, sr=sspitzer
2003-10-20 15:00:17 +00:00
38375e8faf
Add new -N option, which completely suppresses the initialization and use
...
of the SSL server session ID cache. Used to test the fix for bug 222726.
2003-10-19 05:18:11 +00:00
7b5ce7e5c8
Put the NSS 3.9 block back in ASCII sorting order, AGAIN.
2003-10-19 04:41:20 +00:00
9c532ab8ec
When the SSL_NO_CACHE option is set on an SSL server socket, don't touch
...
the server session cache AT ALL. Bug 222726
2003-10-19 01:55:50 +00:00
edd5736597
Declare SSL_NO_STEP_DOWN option. Partial fix to bug 148452.
2003-10-19 01:31:41 +00:00
f8af4da928
SSL_ShutdownServerSessionIDCache no longer leaks the cache memory.
...
Bug 222065. r=wchang0222
2003-10-19 01:25:10 +00:00
07e3c65080
bug 154927 - automate localeVersion updates based on milestone.txt - we'll now create all those files during compile time from .in files, r=leaf, sr=bz
2003-10-18 17:54:07 +00:00
74ffbef42d
221067 NSS needs to be able to create token symkeys from unwrap and derive.
2003-10-18 00:38:04 +00:00
c78198ebda
Detect buffer overruns caused by flawed application-supplied callbacks,
...
and avoid crashing due to them. Bugscape bug 52528. r=wchang
2003-10-17 21:12:13 +00:00
3d25bd9959
Incorporate WTC's review comments..
2003-10-17 17:56:56 +00:00
e929b84d2a
missed SSL ECC test files in last checkin
2003-10-17 14:10:18 +00:00
0028f943d4
ECC code landing.
...
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
2003-10-17 13:45:42 +00:00
2019c55137
Put the NSS 3.9 block in ASCII sorting order.
2003-10-17 05:45:19 +00:00
7ef01f4ada
Bug 156770 When we do a file import and give a bad password we get wrong errors back
...
When we fail to decode based on a bad password, don't continue.
So once we've tried failed to decode a ANS.1 stream, don't continue collecting
more data.
On microsoft.pfx files, we would wind up decoding to the end of the encrypted
stream, then fail in the padding in PKCS #7 . This code bypasses this problem by
making sure we don't continue to try to decode data once we've hit a bad
password failure.
2003-10-16 23:49:15 +00:00
9671bb6586
More debugging information.
2003-10-16 22:17:00 +00:00
6fb084ae36
Bug 220106 @mozilla.org/security/nsCertTree;1 doesn't null check mTreeArray
...
r=kaie sr=bz
2003-10-16 15:33:56 +00:00
e75c04e1c1
Bug 220230 Change PSM preferences windows behaviour to be more consistent with the rest of the Preference windows
...
patch by borggraefe@despammed.com r=kaie sr=bienvenu
2003-10-16 15:26:28 +00:00
58b44ccb0c
Try * instead of . to get zip to grab all the contents of a directory.
2003-10-16 03:28:19 +00:00
8968621f4c
Fix for bug 222180 . remove redundant code
2003-10-15 01:40:10 +00:00
1d1e003b2c
Fix for bug 222180 . Change to quick decoder . r=wtc
2003-10-15 01:34:22 +00:00
bb642e9de3
Eliminate redundant function declarations. Bug 208854. r=wchang0222
2003-10-14 17:44:33 +00:00
b80fd62f5d
Fix tinderbox breakage
2003-10-12 22:55:09 +00:00
09c79e0878
Try to get zip working properly on the Windows build machines.
2003-10-12 20:21:04 +00:00
55ecb1638f
Correctly handle a NULL moduleSpecList. Bug 220217.
2003-10-11 01:49:24 +00:00
c7195e7f01
This file has been dead code since NSS 3.4 released, if not sooner.
2003-10-11 01:10:51 +00:00
4b274eadf6
Fix for bug 221743 - incorrect certificate usage macro
2003-10-10 23:22:31 +00:00
6feb3bc391
Bug 191467
...
Multipart signing and verifying broken for several mechanisms in softoken
Reporter: Andreas.Sterbenz@sun.com (Andreas Sterbenz)
sr=nelsonb
2003-10-10 15:32:26 +00:00
da0e767ef3
Bug 203866
...
Make unloaded modules visible for administrative purposes.
sr=wtc r=nelson
2003-10-10 15:29:43 +00:00
d9ea331302
Bug 203866. Make unloaded modules visible for administrative purposes.
...
sr=wtc r=nelson
2003-10-10 15:26:23 +00:00
40a30d219e
Change ';' to '&&' so the command fails if any of the subcommands fails.
...
Print out the return value of the command.
This is to debug a problem where the zip file is not being created on windows.
2003-10-09 22:39:54 +00:00
6c37cf315f
fix bug 203450
...
jarevil.c:345: warning: implicit declaration of function \
`__CERT_AddTempCertToPerm'
Obviously missing a declaration somewhere.
r=jpierr, wtc
2003-10-09 22:17:04 +00:00
8e693bd25b
Fix for bug 55898 - print name of certificate causing failure in certutil . r=wtc
2003-10-08 01:00:37 +00:00
297c871d38
Eliminate one of several redundant OID table lookups. Bug 207033.
2003-10-07 17:19:55 +00:00
da831f0be3
Eliminate unnecessary copying of CA names in HandleCertRequest.
...
Bug 204686.
2003-10-07 02:24:01 +00:00
b4001cf1b8
The "valid CA" trust flag now overrides other CA cert checks.
...
Works for SSL client as well as other usages. Bug 200225
2003-10-07 02:17:56 +00:00
0af05aaf1a
Export new function PK11_ExportEncryptedPrivKeyInfo. Bug 207033.
2003-10-07 01:29:32 +00:00
7c3772d3d7
Create new function SECKEYEncryptedPrivateKeyInfo which is just like
...
SECKEYEncryptedPrivateKeyInfo except that it identifies the private
key by a private key pointer, rather than by a certificate. Bug 207033.
2003-10-07 01:26:38 +00:00
adf3bd4810
Make tstclnt work with IPv6 addresses. Bug 161610.
2003-10-06 23:50:11 +00:00
4bb3ccc8bd
Check for presence of secmod.db file prior to acting on it, for all
...
cases except "multiaccess:". Bug 220217. r=relyea
2003-10-06 23:33:03 +00:00
96a4f8926a
Detect Zero length certs and zero length CA names. Bug 204686.
...
Also, eliminate unnecessary copying of incoming certs.
2003-10-03 02:01:18 +00:00
470c7c30c0
Bug 220963: need to handle the possibility that symKey may be NULL before
...
dereferencing it.
2003-10-01 23:01:46 +00:00
64c44a50f4
Fix for bug 141882 - convert email query keys to lowercase when searching . r=wtc
2003-09-30 02:33:40 +00:00
58d2922f0d
Fix for bug 94413 - OCSP needs more fine tuned error messages. r=wtc
2003-09-30 01:18:55 +00:00
cd60efa8ac
Updating my email address
2003-09-29 06:04:02 +00:00
fd6bfd34f5
Move a brace so vi will find the beginning of the function.
2003-09-27 01:45:35 +00:00
7a8c91801a
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-27 00:01:45 +00:00
b220af50ec
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-26 06:18:40 +00:00
2fb81c5b8c
Don't use windowed exponentiation for small public exponents.
...
Speeds up public key operations. Path contributed by
Sheueling Chang Shantz <sheueling.chang@sun.com>,
Stephen Fung <stephen.fung@sun.com>, and
Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
2003-09-26 02:15:12 +00:00
9aa0859dc2
Correct an inaccurate log message.
2003-09-25 21:40:02 +00:00
53b39d4951
Fix typo
2003-09-25 00:25:06 +00:00
5277304f0b
Bugzilla bug 216117: added a TokenProxy member to the PK11Cert class to
...
store the slot pointer for the certificate *instance*. This slot pointer
is not necessarily cert->slot. Try to get the correct slot pointer for a
cert instance where possible. This patch helps us handle multiple
instances of the same cert better.
Modified Files:
PK11Finder.c pkcs11/PK11Cert.c pkcs11/PK11Cert.java
pkcs11/PK11InternalCert.java pkcs11/PK11InternalTokenCert.java
pkcs11/PK11Store.c pkcs11/PK11Token.c
pkcs11/PK11TokenCert.java pkcs11/pk11util.h
provider/java/security/JSSKeyStoreSpi.c ssl/SSLServerSocket.c
ssl/callbacks.c ssl/common.c ssl/jssl.h util/java_ids.h
2003-09-24 22:20:15 +00:00
f633274323
Fix usage message to list all commands. Also, fix a few lines of
...
code that did not follow the file's convention for indentation.
Bug 203870.
2003-09-24 21:49:49 +00:00
9907123463
Bugzilla bug 220209: fixed a cert reference leak in
...
JSSL_CallCertSelectionCallback if the PK11_FindKeyByAnyCert call fails.
2003-09-24 21:07:17 +00:00
f64cfc45de
Deleted unused code.
2003-09-23 22:56:46 +00:00
4e2ed74884
Set JSS version to 3.4.2 Beta 1.
...
Modified Files: CryptoManager.java util/jssver.h
2003-09-23 20:57:15 +00:00
84a7421314
Fix bug 204549. Properly handle memory allocation failures.
2003-09-23 20:47:43 +00:00
ea9c7b9cf1
Bugzilla bug 204549: find_objects_by_template was not setting *statusOpt
...
before one return statement. r=nelsonb.
2003-09-23 20:34:15 +00:00
3ecdf5b682
Correctly compute certificate fingerprints. Bug 220016.
2003-09-23 02:05:47 +00:00
cacf90504b
Fix for 215182 - certutil prints incorrect nickname. r=wtc
2003-09-23 00:10:54 +00:00
54ba648af3
Bugzilla bug 219756: fixed a CERTCertificate reference leak.
2003-09-20 00:27:30 +00:00
ff0ab0d5e6
Bugzilla bug 219713: fixed build bustage on all Unix platforms. We need
...
to export CERT_TimeChoiceTemplate as data for Unix.
2003-09-19 18:00:48 +00:00
c1f8a20c18
Fix for 219082 - support GeneralizedTime in PKCS#7 signatures. r=nelsonb, sr=wtc
2003-09-19 04:16:19 +00:00
41dfa35b34
Fix for 219524 - support GeneralizedTime in S/MIME v3 signatures. r=wtc, sr=nelsonb
2003-09-19 04:14:50 +00:00
c54ab44432
Fix for bug 143334 : add support for GeneralizedTime in certificates and CRLs. r=wtc,nelsonb
2003-09-19 04:08:51 +00:00
06f53aa46d
Fix for 215214 - make certutil show all instances of certs . r=wtc
2003-09-18 02:00:32 +00:00
fca2dd1924
The isOnList function is now unused.
2003-09-18 01:28:52 +00:00
81af9c614e
Fix for bug 215186 - add missing options to PK11_ListCerts . r=wtc
2003-09-18 00:22:18 +00:00
2317ba9006
Bugzilla bug 124958: added support for pthreads on OpenBSD. The patch is
...
contributed by Mats Palmgren <mats.palmgren@bredband.net>. r=wtc.
2003-09-16 20:50:50 +00:00
b92b8f3328
When calling windres, use a temp file to work around resource issues.
...
Bugzilla bug #213281 . The patch is contributed by cls@seawood.org . r=wtc
2003-09-15 20:34:55 +00:00
2d02a55087
Add comment in the header for PK11_FindSlotsByAliases
2003-09-12 22:11:31 +00:00
78933c07aa
Bugzilla bug 215152: removed redundant pointer tests. Use
...
SEC_ERROR_LIBRARY_FAILURE for NSS internal errors.
2003-09-12 20:01:56 +00:00
00bfcc6ae5
Bugzilla bug 217247: improved the memory leak fix for the appData nicknames
...
returned by PK11_ListCerts. Instead of allocating them from the heap first
and copying to the arena, allocate them from the arena directly. r=jpierre
Modified Files: certhigh.c pk11cert.c pki3hack.h pki3hack.c
2003-09-12 19:38:04 +00:00
3e12ba21f2
Bugzilla bug 214535: fixed a recursive dead lock on cache->lock. We must
...
not call nssSlot_IsTokenPresent while cache->lock is locked because
that function may call nssToken_Remove, which locks cache->lock. r=mcgreer
2003-09-12 19:17:15 +00:00
8989a2213a
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-11 20:32:33 +00:00
a89f8f7ab1
Bugzilla bug 215581: build with GCC 3.2.2 for OS/2. The patch is
...
contributed by Javier Pedemonte <pedemont@us.ibm.com>. r=jpierre.
2003-09-11 20:29:51 +00:00
1096a8c745
Bugzilla bug 214824: use -no-cpp-precomp instead of -traditional-cpp, which
...
has changed to mean a different thing (the standard GCC meaning, rather
than Apple's earlier hacks). The patch is contributed by Brian Ryner
<bryner@brianryner.com>.
2003-09-11 18:41:22 +00:00
33dafeb6d1
Bug 211291 void nsCertTree::InitCompareHash doesn't check the return value of PL_DHashTableInit
...
r=kaie sr=bz
2003-09-11 01:59:21 +00:00
c629bfb394
Bugzilla bug 208971: remove obsolete Mac CFM build files from NSS.
2003-09-11 00:04:38 +00:00
160d767599
Bugzilla bug 208971: removed obsolete Mac CFM build files from NSS.
2003-09-11 00:01:07 +00:00
c71f55bb2a
Fix for 215152 - better error handling
2003-09-10 01:33:25 +00:00
24dbc103c8
Fix for bug 215152 . Improve error handling in PK11_FindSlotsByAliases
2003-09-10 01:31:54 +00:00
cc713fc8d3
Further enhance the verbose debugging command line option in tstclnt
...
for the case where client auth is requested by the server. It will
now report the name of the cert sent to the server, or "send no cert".
2003-09-09 20:22:54 +00:00
683c3f9505
Prevent crash if certlist is NULL
2003-09-09 00:54:20 +00:00
20a95ddfde
Fix bug 214307 - add certutil batch mode . r=wtc
2003-09-08 23:30:29 +00:00
51bd14780b
Add PORT_Strpbrk macro
2003-09-08 23:29:14 +00:00
20386efec4
Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan.
2003-09-08 00:18:24 +00:00
842a5d79c8
Fix for bug 72291 . resolve memory leak on nicknames . r=relyea
2003-09-05 00:15:52 +00:00
891e05f8b0
Remove erroneous assertions
2003-09-03 23:52:01 +00:00
b4b593cf0a
Fix for bug 215152 . Export PK11_FindSlotsByAliases. r=relyea
2003-09-03 22:55:10 +00:00
610ac28a42
Add PK11_FindSlotsByAliases function . r=relyea
2003-09-03 22:48:20 +00:00
609557163f
Fix for 216701 - verify CRLs with cert verification date rather than CRL lastupdate date
2003-08-30 01:07:21 +00:00
90064ce7fc
Bugzilla bug 214674: made the Linux implementation of sslMutex really work.
...
They were no-ops in multiprocess mode before. The patch is Nelson
Bolyard's. r=wtc.
2003-08-28 22:23:59 +00:00
a5934c7cc6
Bugzilla bug 217504: 1. Do not use -lsvld on recent AIX releases.
...
2. Specify the standard AIX libpath, otherwise the directories we pass to
the -L linker flags get added to the libpath. 3. Support building on AIX
5.2. The patch is contributed by Philip K. Warren <pkw@us.ibm.com>. r=wtc.
Modified Files: AIX.mk AIX4.2.mk AIX4.3.mk AIX5.1.mk
Added Files: AIX5.2.mk
2003-08-28 00:15:43 +00:00
2990fa08b0
Fix for 214201. remove unused variable
2003-08-27 01:47:57 +00:00
97baeaa545
Bugzilla bug 216693: use "." instead of "org" to specify the list for zip.
2003-08-27 01:13:06 +00:00
36e8c13857
Import NSS_3_7_8_RTM.
2003-08-27 01:01:59 +00:00
3e239ffcd7
Update JSS to version 3.4.1.
2003-08-27 00:08:43 +00:00
a9cb356856
Bugzilla bug 72291: have PK11_ListCerts return all the cert instances on
...
tokens. The patch is Julien Pierre's, with changes by Wan-Teh Chang.
Modified Files: pk11wrap/pk11cert.c pki/pki3hack.c pki/pki3hack.h
2003-08-25 19:18:02 +00:00
b3edbc2128
Bugzilla bug 209827: disable optimization to work around what appears to
...
be a VACPP optimizer bug.
2003-08-22 22:34:07 +00:00
59256190ce
Fix for bug 216944 - CERT_VerifyCertificate optimizations issues . r= wtc
2003-08-22 18:47:07 +00:00
c11c6acb17
Backing out the patch to bug 83536.
...
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
2003-08-22 03:06:53 +00:00
6dc37259b8
Bugzilla bug 216693: running make in mozilla/security/jss should build the
...
class jar file.
Modified Files: rules.mk build_java.pl
2003-08-19 20:08:33 +00:00
c08e99a287
Set MODULE in makefiles at the top of a heirarchy so that module-deps lists are more precise and builds will have the proper order if some subdirs contain other modules.
2003-08-16 00:42:35 +00:00
86e30540a2
Bugscape bug 50033: make the KeyType class public and force it to load
...
during CryptoManager.initialize(), before we add JSS as a provider. The
KeyType class was failing to load properly, because its static initializers
force the class load of KeyWrapAlgorithm, whose signature needed to be
verified, which invoked JSS's signature provider, which accessed KeyType.
Basically, installing JSS as the default signature provider before its
classes have loaded creates a possibility of circular dependencies in class
initialization. The patch is due to Jamie Nicolson. r=wtc.
Modified Files: CryptoManager.java pkcs11/KeyType.java
2003-08-15 01:00:35 +00:00
be4ed5debc
Fix from Ian to address Bugzilla bug 202179.
...
The fix restores some old code that was removed as part of our
performance work (Bugzilla bug 145322). Thus, there may be a
slight performance hit, but obviously, we need to have correct
code first.
This is a part of the code I really don't like. To summarize,
there was a hack put in a long time ago to make sure that the
PKCS#11 session in which the SSL keys are generated was never
closed until the last key was deleted. This only worked by chance,
and if any part of the code was changed (as was the case here), this
unstable equilibrium would be lost. As with all hacks, it wasn't
really documented, so the problem escaped our notice. As a result of
putting the hack back in, we're going back to the horribly wasteful
operation of opening 4 sessions and immediately closing them. I intend
to have a proper solution in a later release.
2003-08-12 18:21:55 +00:00
1bb0160b47
Bug 211695 Fix bugs in nsCertTree.cpp r=varga sr=alecf moa=kaie a=asa
2003-08-12 11:20:50 +00:00
b6208f06a9
bug 214207 - update localeVersion for 1.5b - rs=blizzard, a=asa
2003-08-11 11:31:24 +00:00
655056191f
Deleted useless local variable 'arena' in cert_ImportCAChain.
2003-08-08 23:15:50 +00:00
a32141f5d2
Bugscape bug 49314: code cleanup. Throw InvalidKeyException directly
...
instead of NoSuchAlgorithmException.
2003-08-07 21:45:35 +00:00
7523a62658
215190 delete CA created certs
2003-08-07 00:34:32 +00:00
f6be8fe74f
Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron).
2003-08-05 20:09:21 +00:00
1ded6df12e
Convert public key to JSS public key.
2003-08-05 18:54:49 +00:00
13f5b9e4ff
Bugzilla bug 214695: fixed incorrect use of PR_AtomicDecrement on reference
...
counts. The reference count should not be read "naked". Instead, we
should simply use the return value of PR_AtomicDecrement for the result of
the decrement.
Modified Files: dev/devmod.c dev/devslot.c dev/devtoken.c pki/certificate.c
pki/pkibase.c
2003-08-01 02:02:47 +00:00
5da7e31f4d
Fix bug 213084. Detect when cert in signature cannot be imported.
...
Detect NULL pointer, don't crash.
2003-07-31 00:16:27 +00:00
9b590c4f17
Bug 213903: removing unused variables 'delold', 'save', 'entry'
2003-07-28 22:55:16 +00:00
52a39ca16f
Bug 213902 : removing unused variable "next" in "cert_DecodeNameConstraintSubTree"
2003-07-28 21:53:16 +00:00
95256ce645
DeCOMify GetParent/GetBindingParent/GetDocument on nsIContent. Bug 213823,
...
r+sr=jst
2003-07-28 21:35:53 +00:00
0c479eebe6
remove no longer used include blapi.h
2003-07-24 23:01:08 +00:00
9c22160a4b
Bug 83536.
...
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
2003-07-24 05:15:20 +00:00
c771349946
Allow freebl to build correctly under MS VC++ .net 2003 . sr=nelsonb
2003-07-22 02:04:57 +00:00
e3b945b14b
Bugzilla bug 213192: take the first two components of $(OS_RELEASE) the
...
right way. The basename function that we were using only works when
$(OS_RELEASE) has exactly three components. The patch is contributed by
Ed Catmur <ed@catmur.co.uk>. r=wtc.
2003-07-21 23:40:51 +00:00
b5a53a661e
Bugzilla bug 211350: support IRIX Alpha releases, whose 'uname -r' output
...
contains "-ALPHA...".
2003-07-21 18:51:08 +00:00
f008bc2bad
Bug 25886: Get rid of a bunch of unused NS_DEFINE_IID, NS_DEFINE_CID. r=caillon, sr=dbaron
2003-07-20 07:47:59 +00:00
5d8a4a4934
Bugzilla bug 212797: added Linux2.6.mk so that we can build on Linux 2.6
...
kernels.
2003-07-19 21:21:50 +00:00
a08188e177
Bugzilla bug 213158: fixed the misspelling of "attach". The patch is
...
contributed by Pierre Chanial <chanial@noos.fr>.
Modified Files: pk11slot.c secmodt.h
2003-07-19 20:49:35 +00:00
20004e3489
Bug 73353: clean up MODULE/REQUIRES story. r=cls, sr=bryner
2003-07-13 22:29:00 +00:00
e17d8ed21d
change the doctype from window to dialog. Thanks to Christian Biesinger for pointing that out.
...
r/sr=mscott
2003-07-12 03:31:16 +00:00
c860a04974
Bug #212459 --> Give the certificate manager a face lift. Add a 5 pixel border around the tabbox,
...
add an ok button which can be used to dismiss the window, inherit the ok/help buttons from the dialog
overlay.
Add spacing between the tree control and the edit / delete buttons underneath the tree control.
r=kaie
sr=sspitzer
2003-07-12 00:36:01 +00:00
8a8acecae0
Backed out Bob Relyea's workaround for the deadlock in rev. 1.15. The
...
correct fix is in rev. 1.36 of tdcache.c (see Bugzilla bug 212112).
2003-07-11 21:52:04 +00:00
32ec0bd37b
Remove dependency on secrng.h. We don't need it.
2003-07-11 18:13:26 +00:00
d8bfc7ae2c
Restore sslreq.txt to text form, where it will have different line
...
endings on unix, than on windows or on Mac.
2003-07-11 04:14:24 +00:00
a7db0ece51
Test with the new file sslreq.dat rather than the old file sslreq.txt.
2003-07-11 04:05:12 +00:00
d5d6b8ccc7
This is sslreq.txt with a different file name, to clearly show that
...
this file is to be treated as a binary file, not as text.
2003-07-11 03:55:55 +00:00
bd92e280fe
Bug 212112: we don't need to lock td->cache->lock while calling
...
STAN_ForceCERTCertificateUpdate. This fixed a recursive deadlock.
r=mcgreer.
2003-07-10 01:24:17 +00:00
634e667950
Change cert_GetCertificateEmailAddresses to return NULL rather than
...
a pointer to an empty string when a cert has no email addresses.
Partial fix for bug 211540. Modified certdb/alg1485.c
2003-07-09 04:14:23 +00:00
9b53efa290
Bug 212004: in CERT_IsUserCert we should test for a null cert->trust and
...
treat it as no trust. r=nelsonb.
2003-07-09 04:12:16 +00:00
77b1d5b56e
Export SEC_DupCRL and declare it in certdb.h. Bug 208194.
...
Modified Files: nss/nss.def certdb/certdb.h
2003-07-09 04:00:48 +00:00
60aaf7bbf5
Bug 211384: fixed the bug that importing a CRL that already exists in the
...
DB causes NSS_Shutdown to fail. Two files were changed. 1. crl.c: we
should not obtain a slot reference because PK11_FindCrlByName already
obtained a slot reference. 2. pk11cert.c: cleaned up code and fixed a slot
reference leak if the SECITEM_AllocItem call fails. r=nelsonb.
2003-07-08 18:41:28 +00:00
90f86dc111
Re-enabled the fix for bug 208177.
2003-07-08 18:11:24 +00:00
2dc27003e2
b=210948 Some file dialogs have harcoded filter description
...
patch from Vincent B�ron
r=kaie sr=brendan
2003-07-08 14:46:21 +00:00
f82f7c9d38
b=195574 SSL extremely flaky if Ask for Master Password is 'Every time'
...
r=darin sr=brendan
2003-07-08 14:41:02 +00:00
f6802aac5b
patch to correct false failure reporting - bug 167825
2003-07-03 17:50:18 +00:00
a206d21cd7
Add missing declaration of NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
2003-07-03 07:04:30 +00:00
edb69e7969
Fix bug 211049. Another issue with empty pointer lists from group
...
decodings. Patch by Wan-Teh Chang <wtc@netscape.com>.
2003-07-01 01:16:57 +00:00
8c68d71e97
Change the function definitions in dev so that the ctags program will
...
produce valid tags from these sources.
2003-07-01 00:32:22 +00:00
b71485c4fe
Bug 210660: backed out the main change in the fix for bug 145322 because
...
the adoption of session is not thread safe. This eliminates most of the
saving of sessions, but we must be correct first, and then optimize.
r=nicolson,nelsonb.
Modified Files: pk11func.h pk11skey.c
2003-06-27 22:28:50 +00:00
66b6198a4f
Fix several bugs reported in bug 210707.
...
Change loops over RDNs and AVAs to detect NULL pointers.
Change list of attribute type "keywords" to match RFCs and internet
drafts.
Quote attribute values strings that contain adjacent embedded blanks.
Don't quote hex string values.
Always use hex string values when type OID is unrecognized.
2003-06-27 00:33:05 +00:00
a3501517f5
Move the declaration for CERT_CompareNameSpace from cert.h to genname.h
...
because it is a private function. Change the interface for this
function so that it returns a SECStatus, unambiguously indicating the
success or failure of the name constraints test. The function no
longer takes a list of cert subject names, instead, it takes a list
of cert pointers, and optionally outputs one of those pointers when
an error occurs. This eliminates a cert reference leak.
2003-06-26 01:56:34 +00:00
b54a7e669d
This patch extracts rfc822 names from a cert's distinguished name at the
...
time when the list of cert names is being built and builds a GeneralName
out of it, just as if the rfc822 name had come from a subject alt name
extension. This way, no special handling is needed of either directory
names or rfc822 names in the name constraints code. The special "phase 1"
loop in cert_CompareNameWithConstraints disappears compmletely. And all
the cases in the (former phase 2) loop can now simply assert that the
name's type matches the constraint's type exactly.
This patch also factors out the code that creates new CERTGeneralNames and
that copies a single CERTGeneralName into new separate functions. This
eliminates a lot of duplicated code whose correctness required lengthy
inspection. Now these primitive operations are centralized.
2003-06-26 01:25:10 +00:00
195925a071
enabling log scraping in header instead
2003-06-25 21:57:21 +00:00
7361de7ee8
enabling log scraping in header instead, where RESULTDIRURL gets created
2003-06-25 21:56:19 +00:00
0d74efc36a
removed new variable for Win platform - extra - don't need
2003-06-25 21:39:54 +00:00
2ff0613d68
fix URL for Windows platform
2003-06-25 20:43:18 +00:00
e886704557
taking out un-needed stuff
2003-06-25 17:39:38 +00:00
02c8289ae0
Shorten the clickable text portion of RESULTDIRURL.
2003-06-25 04:23:34 +00:00
21cb365b1b
enabling log scraping
2003-06-25 00:55:13 +00:00
2e8edec781
Fixing bug 209884. Writing an inline helper to safely get an nsIScriptContext from a JSContext and making direct callers of JS_GetContextPrivate() use the helper. r=caillon@aillon.org, sr=peterv@netscape.com
2003-06-24 21:43:01 +00:00
854c25c27f
Whitespace cleanup. This patch causes numerous lines that were wider
...
than 80 columns to be folded according to NSS coding conventions.
This patch does not fix any run-time error.
2003-06-23 23:15:33 +00:00
98ada63a79
bug 205649 : replace U+00E5 represented in ISO-8859-1 (0xe5) with U+00E5 in
...
UTF-8 in all XUL files to make them to be genuinely encoded in UTF-8. All the
changes are in comments so that this shouldn't affect anything at run-time.
(r=hwaara)
2003-06-23 13:18:12 +00:00
0eb7881d00
CERT_EncodeGeneralName and CERT_DecodeGeneralName contain large switch
...
statements that repeat code for every case. This patch factors out that
common code from the cases, making the switches much smaller and reducing
bloat.
2003-06-21 08:10:07 +00:00
c40a094aad
Cleanup CERT_GetGeneralNameByType so that it detects when it has
...
encountered a general name of a type that it doesn't recognize, and
so that it properly casts the return value to be of the right type.
2003-06-21 07:07:47 +00:00
c45b36fd03
The general name code uses arenas, which is good, but it never marks
...
and releases space in the arenas, so the arenas just grow and grow
until the test is completely over. This patch adds comments showing
where mark and release calls could (and probably should) be added.
It also changes CERT_CopyGeneralName to have only two exit paths,
two return statements, in preparation for the eventual use of mark and
release.
2003-06-21 06:44:43 +00:00
f97a7f6cd8
a) Add more missing null pointer tests that I discovered. Bug 208649.
...
b) change all PORT_*Alloc calls that allocate new structs or arrays of
same to use the PORT_*New* macros instead.
c) ifdef out some dead functions that are rife with failure to detect
allocation failures.
2003-06-21 05:23:07 +00:00
87bcdd00c7
Fix deadlock bugscape 46733
2003-06-20 23:34:46 +00:00
20c2ba3f7f
sigh, another time
2003-06-20 23:24:11 +00:00
2f8ca931b2
one more time, trying to make link clickable
2003-06-20 18:36:57 +00:00
c46e246f05
Declare src argument to SEC_ASN1DecodeItem to be const.
2003-06-20 01:52:19 +00:00
b969bf4b64
Don't include private and unnecessary js header files.
2003-06-19 23:13:59 +00:00
6e7873e60b
echo out RESULTDIRURL; r=wtc
2003-06-19 23:04:25 +00:00
2350158b22
made RESULTDIRURL clickable link; r=wtc
2003-06-19 23:03:59 +00:00
3d80fd68c8
Carry Wan-Teh's fix for bug 208996 forward to trunk.
2003-06-19 03:48:19 +00:00
1b8ef33451
Fix numerous more potential NULL pointer deref crashes. Bug 208038
2003-06-19 01:08:53 +00:00
c10a03ec6a
checking in version 1.60 with additional space
2003-06-18 19:13:11 +00:00
4e44c2364d
Bug 209661 remove unnecessary NS_LITERAL_CSTRING( with ).get() r=jag sr=alecf
2003-06-18 14:31:45 +00:00
7fe19d8d55
backing out my recent changes - some platforms showing tests failed
2003-06-18 08:13:07 +00:00
ffece90162
had to put in netscape specific unix base dir as well
2003-06-18 07:11:15 +00:00
42f215d88f
put URL specific stuff inside nscp specific loop
2003-06-18 06:02:28 +00:00
4e4909c4db
Further refinements to the Name Constraints checking logic, to make it
...
more compliant with RFC 3280. Bug 208047.
2003-06-18 04:32:44 +00:00
1674961d5e
Move declarations of NSS private functions for general names from cert.h
...
to genname.h, and eliminate declarations from cert.h that were also
in genname.h. If we ever decide to make any of these functions public,
we can move their declarations back to cert.h.
2003-06-18 00:38:12 +00:00
b7d5426a55
Make CERT_DecodeAVAValue take const inputs and detect NULL pointers.
...
Rewrite CERT_CompareAVA to compare the type OIDs first, and then if
the values are not of the same encoding, convert them before comparing.
Also, do comparisons of printableString encoding properly. Bug 208649.
2003-06-17 23:44:14 +00:00
6b7628ab46
b=209082 Certificate viewer is broken
...
r=danm sr=jst
2003-06-17 23:16:23 +00:00
8770abe071
modified header to print link of resultsdir to browser log
2003-06-17 21:21:33 +00:00
ba75de772b
Bug 209087
...
Content interface out-parameters should use ptr-to-ptrs instead of ref-to-ptrs and some small deCOMtamination.
r+sr=jst@netscape.com
2003-06-13 20:10:01 +00:00
e2f19a7070
b=209168 Mozilla Mail S/Mime instructs NSS to import the wrong certs
...
r=relyea sr=kin
2003-06-12 20:03:40 +00:00
0d1f5df277
const. Got it? Const!
2003-06-11 23:12:38 +00:00
6934dc37a9
Removing old cfm build files. Use the CFM_LAST_RITES tag to resurrect. r=macdev
2003-06-10 20:12:33 +00:00
fa4bc3aeac
Removing old cfm build files. r=macdev
2003-06-10 19:03:46 +00:00
2b945570e0
Harden SECITEM_CompareItem against NULL pointers.
2003-06-07 03:05:49 +00:00
95192f3460
Add echo-requires-recursive rule to get a full list of tree's dependencies
2003-06-06 19:21:57 +00:00
24f3d87aec
Rewrite of cert_CompareNameWithConstraints and the static functions it
...
calls, to make it conform with RFC 3280. Bug 208047.
2003-06-06 09:12:21 +00:00
42c05f5adf
Rewrite SECITEM_ItemsAreEqual to be faster when item lengths are not
...
equal and to not crash if an item contains a NULL data pointer.
2003-06-06 04:51:26 +00:00
67066de273
Add new OIDs for directory name attribute types. Bug 207711.
2003-06-06 04:48:45 +00:00
d88e22d7a7
Augment and centralize the list of known cert name attribute types.
...
Bug 207711.
2003-06-06 01:17:04 +00:00
ea8360788d
Eliminate more NULL pointer dereferences. Bug 207740.
2003-06-05 04:59:38 +00:00
a37c36f1a7
Bug 208343: removed two Baltimore root certificates.
...
Modified Files: certdata.c certdata.txt
2003-06-05 00:53:27 +00:00
6ab8b20067
Temporarily disabled the fix for bug 208177 so that we can debug bug
...
167825.
2003-06-04 14:49:13 +00:00
108ef75354
bug 207642 - update localeVersion for 1.5a - r=rchen, sr=blizzard
2003-06-04 11:11:19 +00:00
81e3889b8f
PORT_Alloc and PORT_ZAlloc always allocate at least one byte, even if
...
the caller requests zero bytes. This patch makes PORT_ArenaAlloc
and PORT_ArenaZAlloc do the same.
2003-06-03 23:24:31 +00:00
70fd6c9c78
Bug 208177: Our HP-UX build machine has a strange problem. If a 64-bit
...
PA-RISC executable calls getcwd() in a network-mounted directory, it fails
with ENOENT. Since nsinstall calls getcwd(), this breaks our 64-bit HP-UX
nightly builds. We worked around this problem by building nsinstall as a
32-bit PA-RISC executable for 64-bit PA-RISC builds. This checkin added a
new make variable INTERNAL_TOOLS which can be set in makefiles whose target
is a tool used only during the build. Such a tool can be built differently
from NSS proper as long as the tool runs on the build machine.
Modified Files: HP-UXB.11.mk nsinstall/Makefile
2003-06-03 23:14:03 +00:00
9ea284e156
bug 156256, removed unused Stan files with long names
2003-06-03 20:59:15 +00:00
6a94e6afc1
Bug 207379: added instructions for removing a builtin root CA cert from
...
NSS.
2003-06-02 23:16:51 +00:00
3deaa56778
Back out rev 1.27, which turned verbose mode on by default for debugging
...
QA test script failures that only occurred on tinderbox machines.
bug 207313 is now fixed.
2003-06-02 20:39:48 +00:00
712fea2e39
Bug 204555: Eliminated other potential crashes in code related to
...
certificate names. r=wtc. (The patch is Nelson's.)
2003-06-02 18:10:43 +00:00
bf31f92133
This patch does two things, one large and one small. Bug 207313.
...
1, It uses two new symbols SSOCK_FD and STDIN_FD instead of 0 and 1 to
reference members of the poll set array. I just could never remember whether
pollset[0] was the socket or was stdin. Now I don't have to remember.
This changes a lot of lines, but is very simple.
2. It implementa a new flag clientSpeaksFirst, set with the -f option.
The only effect of this flag is whether the value of
pollset[SSOCK_FD].in_flags is initially zero (if true) or PR_POLL_READ (if false). Note that pollset[SSOCK_FD].in_flags is set to PR_POLL_READ after
each succesful write to the socket.
2003-06-01 03:01:39 +00:00
34fcdc2566
Bug 206926: Added the makefile rule to export PRIVATE_EXPORTS headers.
2003-05-31 00:12:18 +00:00
bebd4ac34e
Bug 206926: 1. Undo the changes to secrng.h, pqgutil.h, swfutl.c,
...
unix_rand.c, and win_rand.c. 2. Make secrng.h and pqgutil.h private.
3. Public header pk11pqg.h can't include private header pqgutil.h.
4. Many files don't need to include secrng.h. A few don't need to include
pqgutil.h. 5. Remove duplicate declarations of PQG_DestroyParams and
PQG_DestroyVerify from blapi.h.
2003-05-30 23:31:32 +00:00
072b028b11
Eliminate TCP connection reset errors that occur when server requires
...
client auth and SSL3 client doesn't authenticate. The fix is to coalesce
the SSL3 no_certificate alert record with the following records (e.g.
client_key_exchange handshake, change_cipher_spec and finished handshake).
Fix bugs 207313 and 118668.
2003-05-30 23:22:39 +00:00
c7f2b76a30
Resolves bug 206971 - selfserv should OptimizeSpeed (use NSS_Initialize).
...
Both selfserv and strsclnt no longer OptimizeSpace. Moved SECMOD_DB
defines from nssinit.c to nss.h, make it availble for public use with
NSS_Initialize().
2003-05-30 17:25:13 +00:00
2ede35f2c3
Back out rev 1.28 to test some hypotheses about bug 207313.
2003-05-30 10:06:29 +00:00
01d479d131
Correct all the tests in which the server requires client auth, but the
...
client does not supply it, so that the client actually will NOT supply
it. Previously, the client was supplying client auth in all these tests,
and the https requests were completing succesfully, when they should have
been failing. Bug 207398.
2003-05-30 05:40:40 +00:00
772d71205a
Change the SSL3 stress test to disable TLS, so that it will actually
...
test SSL3. Uses the new -T option recently added to strsclnt.
2003-05-30 05:38:12 +00:00
c8b735a8c3
Add -3 and -T options, with same meaning as in tstclnt and selfserv,
...
disabling SSL3 and TLS respectively. With this change, the QA stress
tests that say they're testing SSL3 or TLS can finally test what they
claim they are testing.
2003-05-30 05:35:52 +00:00
4b13346f0d
Bugzilla 207379: removed the certificate "ValiCert OCSP Responder".
...
Bumped version to 1.40 (for NSS 3.9). r=relyea.
Modified Files: certdata.c certdata.txt nssckbi.h
2003-05-29 14:26:16 +00:00
8576f4ea62
Correctly copy RDNs with empty AVA lists. Partial fix for bug 204555.
2003-05-28 21:18:09 +00:00
ba98042a1a
Adding Darwin 6.5 platform
2003-05-28 17:28:36 +00:00
1e2859edec
Fix this file to be proper http request syntax. Note: file is now a
...
binary file to assure identical line endings on all platforms.
2003-05-28 02:18:27 +00:00
92993f0ad4
All diagnostic output goes to stderr, not stdout. This change facilitates
...
investigation of bug 207313.
2003-05-28 02:11:17 +00:00
2a87d0d523
Bug 206926: certcgi.c should not include blapi.h. Use the PK11_PQG_
...
functions instead.
2003-05-28 00:47:47 +00:00
710239c9ca
Bug 206934: use __declspec instead of _declspec. __declspec is the
...
documented form and the only form accepted by the MinGW compiler. The
patch is contributed by Christopher Seawood <seawood@netscape.com>. r=wtc.
2003-05-28 00:07:36 +00:00
a5136af537
Checked in more temporary debugging code for the strange QA failure on
...
Windows.
2003-05-25 19:19:28 +00:00
f85e9f91a8
Enabled verbose mode temporarily for debugging a strange QA failure on
...
Windows.
2003-05-25 04:16:03 +00:00
dd3c7fb4fe
Bug 206926: now that secrng.h and pqgutil.h include blapit.h instead of
...
blapi.h, some files that include secrng.h or pqgutil.h need to include
blapi.h directly.
Modified Files: certcgi.c swfutl.c unix_rand.c win_rand.c
2003-05-25 01:21:27 +00:00
3f9a09add1
Fix bugs experienced with oddly constructed general names.
...
Partially fixes bug 204555. r=wtc a=sspitzer
2003-05-24 06:27:35 +00:00
wchang0222%aol.com
nelsonb%netscape.com
brendan%mozilla.org
peter%propagandism.org
jpierre%netscape.com
nicolson%netscape.com
bryner%brianryner.com
caillon%returnzero.com
bishakhabanerjee%netscape.com
bienvenu%nventure.com
kairo%kairo.at
relyea%netscape.com
ian.mcgreer%sun.com
timeless%mozdev.org
wtc%netscape.com
darin%meer.net
cls%seawood.org
neil%parkwaycc.co.uk
glen.beasley%sun.com
bzbarsky%mit.edu
jaggernaut%netscape.com
scott%scott-macgregor.org
kaie%netscape.com
jst%netscape.com
jshin%mailaps.org
seawood%netscape.com
kirk.erickson%sun.com