Граф коммитов

4952 Коммитов

Автор SHA1 Сообщение Дата
nelsonb%netscape.com 021426e1be Two new functions: PK11_PubEncryptPKCS1 and PK11_PrivDecryptPKCS1.
Bugzilla bug 258366. Ported from NSS 3.9 branch.
2004-09-08 02:52:15 +00:00
nelsonb%netscape.com 33f837fce0 export CERT_ConvertAndDecodeCertificate and SEC_PKCS7EncodeItem from
libSMIME.  Bugzilla bug 258362.  Fix ported from 3.9 branch.
2004-09-08 01:20:46 +00:00
kjh-5727%comcast.net a65fe10ff7 Bug 232068: security should use newer nsIPrefService APIs instead of nsIPref. Patch by Mikael Parknert (mikael@parknert.se), r=bienvenu, sr=darin. 2004-09-07 18:54:02 +00:00
glen.beasley%sun.com 4c5c490a6f 244865 MEM Leak in callbacks.c using SSL_RevealURL 2004-09-03 18:32:03 +00:00
glen.beasley%sun.com c15b52ac55 244881 Mem leak in SSLSocket getStatus 2004-09-03 17:15:12 +00:00
nelsonb%netscape.com 543ad3460e Add root CA certs for Certum, Comodo, and IPS.
Bugzilla bugs 242040 244982 252132.
2004-09-03 04:35:28 +00:00
wchang0222%aol.com 30a16b5c36 Added a comment explaining how NSS_BUILTINS_LIBRARY_VERSION_MINOR should be
incremented.
2004-08-31 17:39:15 +00:00
wchang0222%aol.com 5d7dc7dab2 Bugzilla bug 252375: added version information to the nssckbi shared
library. r=relyea.
Modified Files: config.mk manifest.mn nssckbi.h
Added Files: ckbiver.c nssckbi.rc
2004-08-31 17:28:50 +00:00
dbaron%dbaron.org aaad759204 A user who wants to see the security confirmation (as opposed to alert) dialogs shouldn't need to check the checkbox every time (for Firefox values of default prefs). b=245655 r+sr=bryner 2004-08-27 22:10:26 +00:00
wchang0222%aol.com 371548241e Bugzilla bug 244231: white space changes to conform to NSS's coding style.
Modified Files:
	WIN954.0.mk WINCE3.0.mk WINNT3.51.mk WINNT4.0.mk WINNT5.0.mk
	WINNT5.1.mk
2004-08-27 00:33:40 +00:00
wchang0222%aol.com 3cf00d4f33 Bugzilla bug 244231: added new make variable MOZ_DEBUG_SYMBOLS which
generates debug symbols for optimized builds in PDB files.  Also took the
opportunity to remove -DEBUGTYPE:CV, which is the default and will be
removed in MSVC .NET 2005.  The patch is contributed by Brian Ryner of IBM
<bryner@brianryner.com>. r=wtc.
Modified Files:
	WIN32.mk WIN954.0.mk WINCE3.0.mk WINNT3.51.mk WINNT4.0.mk
	WINNT5.0.mk WINNT5.1.mk
2004-08-26 23:47:10 +00:00
glen.beasley%sun.com 811d10b138 BugId 251635 jss4.jar needs to load libjss4 2004-08-25 18:05:04 +00:00
christophe.ravel.bugs%sun.com 713a021f84 238319: Sun packages changes. 2004-08-23 21:09:12 +00:00
jpierre%netscape.com 3999bc5713 Fix for 254393 - r=nelsonb . PK11_FindKeyByAnyCert returned invalid key objects 2004-08-06 02:24:31 +00:00
jpierre%netscape.com 4f0ae17800 Fix for 249488 - make Single-Threaded mode work 2004-08-03 23:24:37 +00:00
relyea%netscape.com e3b2fc3a46 1) Add time command to time specific functions.
2) improve the help system.
3) bug fixes for arrays.
2004-07-30 00:25:21 +00:00
relyea%netscape.com f54cd1c23e Error strings for new error codes. 2004-07-30 00:19:49 +00:00
relyea%netscape.com a5a2371249 Bugzilla Bug 252702
NSS needs to handle better token insertion and removal.

Applied from patch to NSS 3.9
2004-07-29 23:38:14 +00:00
jpierre%netscape.com f7bdd8a2b3 Fix for 249488 - root cert module requires locking functions in CK_C_INITIALIZE_ARGS . r=ian, sr=relyea 2004-07-29 22:51:00 +00:00
christophe.ravel.bugs%sun.com 0674986920 238319: Sun packages changes. 2004-07-29 18:42:59 +00:00
nelsonb%netscape.com f1060d0bfb Correct option parsing, and add missing error messages. 2004-07-28 21:10:07 +00:00
kaie%kuix.de db59167ab0 b=249004 Do not import invalid/untrusted certs, prevent a DoS that disables SSL connections to trusted peers.
r=relyea sr=jst/brendan
2004-07-28 00:31:37 +00:00
jst%mozilla.jstenback.com ca04e29894 Fixing bug 253121. Make wyciwyg channels and documents carry the source channels security info. r=darin@meer.net, sr=bzbarsky@mit.edu 2004-07-28 00:26:58 +00:00
nelsonb%netscape.com 7e38c3777a Support GeneralizeTime in the CRMF library. Bug 219080. r=julien.
Patch by nelson and julien.
2004-07-27 05:06:02 +00:00
christophe.ravel.bugs%sun.com 912ac54d1c 238319: Sun packages changes. 2004-07-22 17:52:04 +00:00
christophe.ravel.bugs%sun.com 8acfdf7d1d 238319: Sun packages changes. 2004-07-21 23:23:41 +00:00
relyea%netscape.com 1288ee3b83 Bug 250687
NSS Crashes or leaks Cert references if bad certs are passed up by PKCS #11 modules.
r=nelson
sr=ian
2004-07-21 18:18:05 +00:00
relyea%netscape.com 1e25701255 Backing out pk11cert.c changes (not ready for checkin yet). (revert to 1.133) 2004-07-20 23:04:31 +00:00
relyea%netscape.com 2ceccf402a Fix optimized builds (make tinderbox go green). 2004-07-20 23:02:04 +00:00
glen.beasley%sun.com d6b9bfab6a 251635 upgrading to JSS to 4.0 2004-07-20 20:39:25 +00:00
relyea%netscape.com 0c874c941c Missed function definition in previous checkin. 2004-07-19 22:37:48 +00:00
relyea%netscape.com 73f15b0963 refactor pk11util, splitting large single files down to a managable size.
bug 246130. The new factor is:

pk11akey.c - asymetric keys constructed from pk11cert.c and pk11skey.c
pk11auth.c - authentication/password management factored from pk11slot.c
pk11cert.c - cert code with private key, crls and trust factored out.
pk11ctx.c -- pkcs11 context code, factored out of pk11skey.c
new pk11func.h -- for backward compatibility.
pk11mech.c - mechanism mapping code, factored mostly from pk11slot.c
pk11nobj.c - netscape objects (crls and trust), factored mostly from pk11cert.c
pk11obj.c - generic object support, factored from pk11skey.c pk11slot.c and
pk11cert.c
pk11priv.h -- private functions factored from pk11func.h
pk11pub.h -- public functions factored from pk11func.h
pk11skey.c - now only symetric key ops; private, public key ops, generic ops
and crypto contexs have been factored out.
pk11slot.c - still slot operations. Authentication, generic object ops,
mechanism mapping has been factored out.

This patch should only have refactoring, no new functions or other changes.
2004-07-19 22:12:38 +00:00
nelsonb%netscape.com 2a84b08103 Use the "c beautifier" (cb) to give this code a common K&R style with
an indentation of 4.  Also rewrap a few strangely wrapped lines.
Bug 249330.
2004-07-16 00:04:47 +00:00
nelsonb%netscape.com c073805446 Apply review feedback to signtool sources. Add test case to QA tests.
Bug 248751.
2004-07-15 22:21:57 +00:00
nelsonb%netscape.com 4ef1db07ed Add -X option to produce signed XPI files for mozilla. Bug 248751.
Path contributed by jeff klawiter <jeff@j-maxx.net>. r=nelson
2004-07-15 00:01:50 +00:00
nelsonb%netscape.com 7a430910a6 Allow subtemplates to have the SEC_ASN1_DYNAMIC flag without asserting.
Bug 245429. Patch 4 of 5.  r=relyea.
2004-07-13 06:02:54 +00:00
nelsonb%netscape.com 5f668e3062 Fix some casts. Wrap some long lines. Remove a bogus assert.
Factor a function call out of the arguments of another function call,
which is mostly to make that code more easily debugged.
This is patch 3 of 5 for bug 245429. r=wtc.
2004-07-13 05:52:24 +00:00
nelsonb%netscape.com d21cac18a0 Function sec_asn1e_write_contents was two functions combined into one,
separated by one huge if-then-else.  They do different things and take
different arguments.  So, I split them into two separate functions:
sec_asn1e_write_contents and sec_asn1e_write_contents_from_buf
the latter of which takes a buf pointer and length argument.
The if statement that chooses between the two is now in the caller.
This is patch 2 of 5 for bug 245429.  r=wtc.
2004-07-13 05:49:48 +00:00
nelsonb%netscape.com 2969f3c7d2 rename "explicit" to "isExplicit" because MSVC6 thinks explicit is a c
keyword.  rename "ignore_stream" to "disallowStreaming" because it
doesn't merely ignore.  rename "ignoresubstream" to "disallowStreaming"
for the same reason.  Patch 1 of 5 for bug 245429. sr=wtc.
2004-07-13 05:44:47 +00:00
nelsonb%netscape.com 9ddfbb482f Greatly improve the output of the PKCS12 encoder. Adds output buffering
to the output callback function that is called by the ASN.1 encoders,
and which feeds into the next PKCS7 encoder in the outward direction.
Bug 210179.  sr=relyea
2004-07-13 05:31:34 +00:00
nelsonb%netscape.com 22bf8a6efd Ensure that the CRMF library always uses a non-null pool pointer when it
calls the ASN1 Decoder.  This prevents leaks.  Bug 178898. r=relyea.
2004-07-13 05:12:31 +00:00
wchang0222%aol.com 1ff5e8c5f0 Bugzilla bug 248981: PKCS #11 modules that are based on older lib/ckfw (for
example, the nssckbi module) save a pointer to the CK_C_INITIALIZE_ARGS
passed to them. So if we pass a pointer to the stack variable moduleArgs,
the pointer will point to a structure that has gone out of scope. To
prevent crashes in these broken modules, we continue to pass a pointer to
the global secmodLockFunctions whenever we can. r=relyea.
2004-07-08 23:23:50 +00:00
wchang0222%aol.com a0ac1ae9b8 Bugzilla bug 249284: removed a duplicate declaration of
CERT_DecodeDERCertificate. r=nelsonb. Thanks to Chris Newman
of Sun for the bug report.
2004-07-07 00:48:53 +00:00
jpierre%netscape.com cb1458d0c2 Fix for 248981 - make SECMOD_LoadPKCS11Module thread safe. r=relyea 2004-07-01 19:20:51 +00:00
nelsonb%netscape.com d7befbead9 Output properly encoded PQGParams. r=wtc. Bug 247738. 2004-07-01 02:07:02 +00:00
jpierre%netscape.com 0919d3c3c1 Fix for 249310 - add option to disable SSL2 in selfserv . r=nelson 2004-07-01 02:06:31 +00:00
nelsonb%netscape.com 91795a0dc5 Treat non-repudiation-only certs as valid signature certs.
Bug 240456.  r=wtc, sr=relyea.
2004-07-01 00:26:00 +00:00
nelsonb%netscape.com c0162bda09 Correct NSS to use the most specific, not most general CN attribute in
a cert subject name.  Bug 197964.  r=wtc.
2004-07-01 00:21:42 +00:00
nelsonb%netscape.com 2f2d7ae1b1 Follow the SSL2 specification more closely in accepting and rejecting
SSL messages.  Previously NSS would reject some it should accept
and vice versa.  Bugscape bug 57121. r=wtc,julien
2004-06-24 02:02:39 +00:00
christophe.ravel.bugs%sun.com 1dc2c7cb4d 238319: Sun packages changes. 2004-06-24 01:18:12 +00:00