alexei.volkov.bugs%sun.com
c332ce14e9
[Bug 220380] Add SSL client auth stress tests.
...
Attachment "auth patch"(#222740 ). r=nelson
2006-05-31 18:06:02 +00:00
wtchang%redhat.com
91c3167816
Bugzilla Bug 338552: added StartCom CA certificate to NSS. The patch is
...
contributed by Eddy Nigg, StartCom Ltd. <eddy_nigg@startcom.org>. r=wtc.
a=hecker.
Modified Files: certdata.c certdata.txt nssckbi.h
2006-05-31 17:18:54 +00:00
julien.pierre.bugs%sun.com
5fc5a905a0
Fix for bug 336477 . Fix for CERT_UncacheCRL error checking. r=nelson
2006-05-31 01:57:55 +00:00
richm%stanfordalumni.org
6976b848c8
fixes from Nathan to fix the rpm build script
2006-05-24 13:40:09 +00:00
glen.beasley%sun.com
6a1e2d4459
335619 Template Fix for optional elements by rocky-s r=nkwan
2006-05-24 03:18:17 +00:00
glen.beasley%sun.com
10fedd99b7
338484 Run SSL tests in FIPS mode
2006-05-24 03:09:42 +00:00
alexei.volkov.bugs%sun.com
fbeb1e622a
[Bug 337014] OOM crash [@ PORT_ArenaAlloc - PK11_PQG_ParamGenSeedLen][@ PORT_ArenaAlloc - PK11_PQG_ParamGenSeedLen] Dereferencing possibly NULL "varena". r=nelson
2006-05-22 23:08:04 +00:00
alexei.volkov.bugs%sun.com
5d33d9eb9a
[Bug 337495] Double free in CRMF_CertReqMsgSetSignaturePOP (security/nss/lib/crmf/crmfpop.c) [Attachment 222949]. r=nelson
2006-05-22 22:38:56 +00:00
wtchang%redhat.com
af74c4cc82
Bugzilla Bug 320336: improved the comments for SECITEM_AllocItem in
...
secitem.h. Made SECITEM_AllocItem fail (return NULL) if the allocation of
the buffer fails, as documented. r=nelsonb.
Modified files: secitem.c secitem.h
2006-05-22 22:24:34 +00:00
wtchang%redhat.com
504ec551d2
Bugzilla Bug 298520: moved the RSA maximum size macros from rsa.c to
...
blapit.h. Removed an out-of-date comment from blapit.h. r=nelsonb.
Modified files: blapit.h rsa.c
2006-05-22 22:10:40 +00:00
wtchang%redhat.com
7371799647
Bugzilla Bug 298520: added a comment explain the meaning of the MAX_KEY_LEN
...
macro. r=nelsonb.
2006-05-22 22:08:40 +00:00
alexei.volkov.bugs%sun.com
2ea761455d
[Bug 337495] Double free in CRMF_CertReqMsgSetSignaturePOP (security/nss/lib/crmf/crmfpop.c). r=nelson
2006-05-22 21:46:14 +00:00
bugzilla%arlen.demon.co.uk
9b3d7fe28d
Bug 235773 TLS ECC cipher suites: PSM backend, SeaMonkey UI
...
Removal of files and entries in jar.mn
r=kengert
2006-05-22 14:33:09 +00:00
wtchang%redhat.com
6ac2945b15
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-05-21 21:02:26 +00:00
alexei.volkov.bugs%sun.com
dcaeb9d028
[Bug 220380] Add SSL client auth stress tests. Attachment #4 . r=julien
2006-05-20 18:32:08 +00:00
kaie%kuix.de
e877c41a17
bug 338421, Can no longer create SSL session to Cisco VPN concentrator by host name
...
Patch contributed by Bill Gianopoulos
r=kengert/nelson
2006-05-20 02:36:48 +00:00
nelson%bolyard.com
36ff5b1ae5
Promote the use of curve secp192r1 for client auth, since it is faster
...
than most. Bug 332350. r=rrelyea.
2006-05-19 03:59:06 +00:00
nelson%bolyard.com
5a8ca34ce9
Eliminate a crash and plug a leak in the error path for function
...
nssSMIMEProfile_Create. Coverity bug 337101. r=alexei.volkov.
2006-05-18 23:29:19 +00:00
nelson%bolyard.com
e72c25b0c0
Avoid crash if "item" pointer is NULL. Coverity bug 333555.
...
r=wtchang,alexei.volkov
2006-05-18 21:20:04 +00:00
alexei.volkov.bugs%sun.com
1ba3290360
[Bug 337008] OOM crash [@ nssList_Add - STAN_InitTokenForSlotInfo - STAN_LoadDefaultNSS3TrustDomain][@ nssList_Clone - nssList_CreateIterator - STAN_LoadDefaultNSS3TrustDomain] Dereferencing possibly NULL "(td)->tokenList". r=nelson, sr=wtc
2006-05-18 21:00:58 +00:00
alexei.volkov.bugs%sun.com
05dfd98f89
[Bug 337010] OOM crash [@ NSC_DigestKey] Dereferencing possibly NULL "att". r=ne
...
lson,wtc
2006-05-18 20:52:50 +00:00
nelson%bolyard.com
6113f329ce
Plug leak. Free cache. Coverity bug 338201. r=alexei.volkov
2006-05-18 20:46:19 +00:00
nelson%bolyard.com
86aff1cbdf
Fix several Coverity bugs. Bug 336982. NULL ptr check after ptr deref'ed.
...
Bug 337080. Dead code. r=alexei.volkov
2006-05-18 20:39:19 +00:00
nelson%bolyard.com
000e1bafa1
Remove dead old FORTEZZA KEA code. Coverity bug 337098. r=rrelyea,wtchang
2006-05-18 20:24:23 +00:00
alexei.volkov.bugs%sun.com
63a306d826
[Bug 337154] Coverity 321, dead code in mozilla/security/nss/lib/pk11wrap/pk11cert.c. (second patch) r=nelson
2006-05-18 20:21:12 +00:00
nelson%bolyard.com
dc9a12cb8d
Don't dereference a NULL secmodprefix argument. Coverity Bug 336981.
...
r=alexei.volkov
2006-05-18 19:44:24 +00:00
nelson%bolyard.com
74d2ccc785
In SEC_PKCS12DecoderGetCerts, don't dereference p12dcx until AFTER it has
...
been checked for NULL. Coverity bug 336971. r=alexei.volkov
2006-05-18 19:38:59 +00:00
nelson%bolyard.com
8bd2d1df8f
Add 3 assertions to satisfy coverity that tmpt is never NULL in these
...
places. Bug 336995. r=akexei.volkov,wtchang
2006-05-18 19:32:44 +00:00
nelson%bolyard.com
607d9cc069
Plug leak. Free "info" in error path. Coverity bug 336475.
...
r=wtchang,alexei.volkov
2006-05-18 04:35:32 +00:00
nelson%bolyard.com
715d420b77
Correct the amount returned by ssl_Writev for short writes on non-blocking
...
sockets. Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson
2006-05-18 01:10:21 +00:00
wtchang%redhat.com
f94d37ae7f
Bugzilla bug 338367: check that the array index params->name is within
...
bounds before taking an element from the ecCurve_map array.
r=doublas.stebila.
2006-05-17 23:58:18 +00:00
julien.pierre.bugs%sun.com
3840d8ffbf
Fix for bug 222300. r=nelson,wtchang
2006-05-17 22:20:08 +00:00
alexei.volkov.bugs%sun.com
0cae94a7e1
[Bug 337011] OOM crash [@ sftk_handleKeyObject][@ sftk_handleKeyParameterObject] Dereferencing possibly NULL "attribute". r=nelson
2006-05-17 20:52:16 +00:00
alexei.volkov.bugs%sun.com
7e414dbf0f
[Bug 337326] Leak in nsslowcert_UpdateSubjectEmailAddr (security/nss/lib/softoken/pcertdb.c). r=nelson
2006-05-17 20:46:47 +00:00
alexei.volkov.bugs%sun.com
1d7acda0c5
[Bug 337009] OOM crash [@ nssList_Count - nssTrustDomain_GetCertsFromCache] Dereferencing possibly NULL "certList". r=nelson
2006-05-17 20:38:59 +00:00
alexei.volkov.bugs%sun.com
951d5dab6d
[Bug 337332] Leak in OpenNewDB (security/nss/lib/softoken/keydb.c). r=nelson
2006-05-17 17:56:32 +00:00
wtchang%redhat.com
186930c8cf
Bugzilla Bug 337887: use the -mnop-fun-dllimport flag so that we can use
...
a pointer to a function declared with the dllimport attribute as a constant
address. We need to use such function pointers to initialize a const
structure in nss/lib/ssl/sslsock.c. The patch is contributed by Chris
Seawood <cls@seawood.org>. r=wtc.
2006-05-17 16:37:59 +00:00
alexei.volkov.bugs%sun.com
e779bc3002
[Bug 336485] coverity thinks that nssPKIObject_GetInstances could return null which would lead to a crash [@ listCertsCallback]. r=nelson
2006-05-16 23:47:43 +00:00
julien.pierre.bugs%sun.com
e68d3074e5
Fix for bug 335036. certutil tries to shutdown NSS even if it didn't initialize . r=wtchang, nelson
2006-05-16 02:16:25 +00:00
wtchang%redhat.com
29617c243e
Bugzilla Bug 337025: removed more unused or trivially used variables.
...
r=alexei.volkov,nelson.bolyard.
2006-05-16 01:57:04 +00:00
wtchang%redhat.com
9dd0f7625a
Bug 305835: Remove NSS_ENABLE_ECC ifdefs in libssl. r=wtc,nelsonb
2006-05-16 01:14:43 +00:00
kaie%kuix.de
f9d15206bc
But 235773, Seamonkey only, removes UI to edit and show cipher info
...
r=rrelyea, ui-review=neil
2006-05-16 01:09:37 +00:00
wtchang%redhat.com
a8e38b26cd
Bugzilla Bug 298506: a first cut at Solaris auditing. The patch is
...
contributed by Glen Beasley of Sun. r=wtc.
Modified Files:
cmd/platlibs.mk lib/softoken/config.mk lib/softoken/fipstokn.c
2006-05-16 01:04:05 +00:00
kaie%kuix.de
d29da504bd
bug 235773, Patch v13
...
This check in will make PSM aware of ECC cipher suites. Nightly builds will not yet contain ECC, because NSS is still
being compiled with ECC disabled.
r=rrelyea/darin
2006-05-16 00:33:44 +00:00
julien.pierre.bugs%sun.com
1c2c7ef6d1
Fix for bug 335036 . NSS_Shutdown() does not check that NSS is initialized. r=nelson, alexei
2006-05-16 00:10:04 +00:00
julien.pierre.bugs%sun.com
355ffcddab
Fix for bug 337789 . PK11_FindKeyByAnyCert doe snot work if softoken is in FIPS140-2 mode. r=wtchang, rrelyea, nelson
2006-05-15 23:51:01 +00:00
alexei.volkov.bugs%sun.com
b21f80cbe1
[Bug 336482] crash or hopefully deadcode [@ crmf_copy_poposigningkey]
...
because Pointer "destPopoSignKey" dereferenced before NULL check. r=nelson
2006-05-15 21:05:13 +00:00
alexei.volkov.bugs%sun.com
984af57822
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337154] Coverity 321, dead code in mozilla/security/nss/lib/pk11wrap/pk11cert.c. r=wtchang
2006-05-15 20:58:10 +00:00
alexei.volkov.bugs%sun.com
ec9f7e1887
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337086] Coverity 446, dead code in mozilla/security/nss/lib/certhigh/ocsp.c. r=wtchang
2006-05-15 20:52:01 +00:00
alexei.volkov.bugs%sun.com
16a84cc635
Patch contributed by jonsmirl@yahoo.com
...
[Bug 337085] Coverity 447, dead code in mozilla/security/nss/lib/certhigh/ocsp.c
. r=wtchang
2006-05-15 20:44:46 +00:00
alexei.volkov.bugs%sun.com
4e7d70e6a7
Patch contributed by timeless@bemail.org
...
[Bug 337025] Coverity 411, dead code in mozilla/security/nss/lib/certdb/stanpcertdb.c. r=nelson
2006-05-15 20:39:38 +00:00
christophe.ravel.bugs%sun.com
7a34787c99
Bugzilla 315445: Temp directory for AMD and Intel are the same, hence over writing each others files causing the tests to fail.
...
r+=glen.beasley
2006-05-15 18:38:48 +00:00
nelson%bolyard.com
812639c340
Remove files nsres.h and nsres.c from manifest.mn. Bug 336198. r=wtchang
2006-05-13 00:47:52 +00:00
alexei.volkov.bugs%sun.com
6f023dcf53
Patch contributed by timeless@bemail.org
...
[Bug 336992] crash [@ pk11_DoKeys] "arg" Pointer dereferenced before NULL check. r=nelson
2006-05-13 00:46:51 +00:00
alexei.volkov.bugs%sun.com
bbe6e8f9c5
Patch contributed by timeless@bemail.org
...
[Bug 336972] OOM crash [@ PK11_ImportDERPrivateKeyInfoAndReturnKey] "pki" Pointer allocated by PORT_NewArena dereferenced without NULL check. r=nelson
2006-05-13 00:41:16 +00:00
alexei.volkov.bugs%sun.com
729d4b4079
Patch contributed by timeless@bemail.org
...
[Bug 336466] oom crash [@ CERT_DecodeAuthKeyID]. r=nelson
2006-05-13 00:33:09 +00:00
alexei.volkov.bugs%sun.com
7475a20656
Patch contributed by jonsmirl@yahoo.com
...
[Bug 336935] Coverity 172, dead code in mozilla/security/nss/lib/softoken/keydb.c. r=nelson, r=alexei.volkov.bugs
2006-05-13 00:27:22 +00:00
julien.pierre.bugs%sun.com
b1cd34d3bf
Fix for bug 336477. Memory leak in CERT_UncacheCRL . r=nelson
2006-05-13 00:27:12 +00:00
alexei.volkov.bugs%sun.com
fec71bb342
Patch contributed by jonsmirl@yahoo.com
...
[Bug 336932] Coverity 163, dead code in mozilla/security/nss/lib/ssl/ssl3con.c. r=nelson
2006-05-13 00:15:43 +00:00
alexei.volkov.bugs%sun.com
fcabbc4e8d
Patch contributed by timeless@bemail.org
...
[Bug 336481] oom crash [@ crmf_copy_cert_req_msg]
2006-05-13 00:03:12 +00:00
nelson%bolyard.com
5e393813ff
Bug 337093. Remove dead code at label loser in function dbs_readBlob
...
Patch by Jon Smirl <jonsmirl@yahoo.com>, r=wtchang. Coverity bug
2006-05-12 23:37:58 +00:00
wtchang%redhat.com
26a2faa4f4
Bugzilla Bug 336521: we should search the build tree (${DIST}/${OBJDIR})
...
before /bin and /usr/bin. r=slavomir.katuscak
2006-05-12 20:50:53 +00:00
wtchang%redhat.com
91040ba950
Bugzilla Bug 336934: removed ununsed variable ck_id. The patch is
...
contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
2006-05-12 20:42:13 +00:00
wtchang%redhat.com
8e36011d8e
Bugzilla Bug 336937: removed a test that is guaranteed to be true. The
...
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
2006-05-12 20:33:47 +00:00
wtchang%redhat.com
c27522f973
Bugzilla bug 336938: removed a test that is guaranteed to be false. The
...
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=wtc.
2006-05-12 16:49:07 +00:00
christophe.ravel.bugs%sun.com
ac1c7bcb1c
Change JSS version to 4.2.4 Beta.
2006-05-11 22:58:33 +00:00
richm%stanfordalumni.org
d105e63963
Bug: 334561
...
Description: Clean up spec file for RPM build
Fix Description: Make the spec files use the conventions used by the Fedora/Red Hat packaging system
2006-05-11 14:51:02 +00:00
timeless%mozdev.org
1eeaad9dab
Bug 336479 oomish crash [@ cryptojs_GetScriptPrincipal] because of a missing *
...
r=kaie sr=bz
2006-05-11 13:20:37 +00:00
timeless%mozdev.org
e1804d6436
Bug 333689 [@ nsCertTree::ToggleOpenState]
...
patch by gijskruitbosch+bugs@gmail.com r=kaie sr=neil
2006-05-11 13:18:15 +00:00
wtchang%redhat.com
06ff3819b8
Bugzilla Bug 298506: Do not log the token name (so the declaration of
...
sftk_getDefTokName in pkcs11i.h and the previous change to sftk_SlotFromID
weren't necessary). Use Linux's audit subsystem if available. r=relyea.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
2006-05-10 21:33:11 +00:00
darin%meer.net
7d3e7d7acd
landing patch for bug 326273 "Implement nsIThreadManager" (Mac portions by Mark Mentovai) with reviews from bienvenu, bsmedberg, bzbarsky, josh, roc, and ssieb
2006-05-10 17:30:15 +00:00
wtchang%redhat.com
75071ce85c
Bugzilla Bug 298522: implemented ECDSA power-up self-test. The patch was
...
written by Glen Beasley of Sun. r=wtc.
2006-05-08 18:20:28 +00:00
timeless%mozdev.org
fe275a70e0
Bug 331023 Cleanup of IDL files; fixing type inconsistencies
...
removing stillborn interface nsICertSelect
r=kaie
2006-05-07 01:36:31 +00:00
timeless%mozdev.org
28727e3bf3
Bug 331023 Cleanup of IDL files; fixing type inconsistencies
...
removing stillborn interface
r=kaie
2006-05-07 01:34:59 +00:00
timeless%mozdev.org
21859b93ad
Bug 334193 nsContinueDespiteCertError's default case should set rv
...
r=kaie sr=bz
2006-05-06 22:33:44 +00:00
wtchang%redhat.com
1558324c75
Bugzilla Bug 333925: added a comment to paraphrase an obscure if statement.
2006-05-05 23:54:05 +00:00
wtchang%redhat.com
1c7f0bd0d7
Bugzilla Bug 333925: worked around AES test failures of code compiled by
...
Forte 6 update 2 by using the old optimization flags used in NSS 3.10.
r=relyea.
2006-05-05 23:39:29 +00:00
wtchang%redhat.com
cd93a908f1
Bugzilla Bug 334679: removed a duplicate line in ec_GF2m_validate_point.
...
r=douglas.stebila.
2006-05-05 23:08:50 +00:00
wtchang%redhat.com
91e0c508bd
Added/removed blank lines to eliminate the diffs between the trunk and the
...
NSS_3_11_BRANCH.
Modified files: pkcs11.c pkcs11c.c
2006-05-05 20:31:30 +00:00
wtchang%redhat.com
1e3fcc37a0
Bugzilla Bug 298506: implemented FIPS 140-2 Security Level 2 audit
...
requirements. r=glen.beasley.
Modified Files:
fipstokn.c pkcs11.c pkcs11c.c pkcs11i.h softoken.h softoknt.h
2006-05-05 20:02:47 +00:00
julien.pierre.bugs%sun.com
2c96d725d6
Fix for bug 336335 . Plug leak of a temporary bignum in modular exponentiation . r=wtchang
2006-05-05 01:22:59 +00:00
dveditz%cruzio.com
40db24602b
bug 283565 fix leak, return more specific error on OOM. patch by timeless, r=kengert, sr=dveditz, a=dveditz
2006-05-04 17:59:36 +00:00
julien.pierre.bugs%sun.com
11723362a4
Fix for bug 336335 - memory leaks in ECC code. r=wtchang
2006-05-04 01:05:04 +00:00
julien.pierre.bugs%sun.com
6b6c883634
Fix for bug 219932 . NISCC test script enhancements. Patch submitted by Jason Reid (jason.m.reid@sun.com) . r=slavomir.katuscak@sun.com,julien.pierre@sun.com
2006-05-01 22:52:32 +00:00
julien.pierre.bugs%sun.com
be7b45548d
Fix for bug 335021. Add SEC_ASN1_CONSTRUCTED to S/MIME EKP template. r=relyea
2006-04-29 00:18:42 +00:00
rrelyea%redhat.com
ea2f6788bc
Attachment #215739 : Use SSE2 multiply instructions on intel processors. for bug #326482
...
r=nelson r=wtc
2006-04-28 17:06:22 +00:00
benjamin%smedbergs.us
1da150a196
Bug 333308 - make clean/distclean misses various files, patch by Mike Hommey <mh+mozilla@glandium.org>, r=me
2006-04-28 14:54:54 +00:00
christophe.ravel.bugs%sun.com
fc04f7fa5e
[Bug 334843] Add rpath for HP-UX on pa-risc
...
r+ neil.williams.
2006-04-27 23:36:20 +00:00
glen.beasley%sun.com
100582d55a
JSS version 4.2.3 RTM
2006-04-27 23:18:44 +00:00
alexei.volkov.bugs%sun.com
42518adb1a
[Bug 334274] double free in CRMF_EncryptedKeyGetEncryptedValue. r=nelson
2006-04-27 22:09:28 +00:00
alexei.volkov.bugs%sun.com
f89a2a47f6
[Bug 334326] DecodeV4DBCertEntry: Variable "(entry)->nickname" tracked as NULL was passed to a function that dereferences it. r=rrelyea
2006-04-27 18:35:24 +00:00
bzbarsky%mit.edu
533eb3c678
Rename GetNodePrincipal to NodePrincipal. Bug 327246, r+sr=sicking
2006-04-27 18:21:11 +00:00
alexei.volkov.bugs%sun.com
9d830cc7c0
[Bug 334454] Variable "(key)->pkcs11Slot" tracked as NULL was passed to a function that dereferences it. [@ SECKEY_CopyPrivateKey - SSL_ConfigSecureServer]. r=nelson
2006-04-26 19:40:56 +00:00
alexei.volkov.bugs%sun.com
deecb18bef
[Bug 333389] sftk_NewAttribute should not crash when so is NULL [@ sftk_NewAttribute]. r=nelson
2006-04-26 19:18:00 +00:00
alexei.volkov.bugs%sun.com
3be7f320c2
[Bug 334522] pk12util crash in SEC_PKCS12DecoderValidateBags. r=nelson
2006-04-26 06:47:30 +00:00
gijskruitbosch%gmail.com
4f14b9bf85
Bug 153232 - Missing break; for BAD_SIGNATURE case
...
r+sr = Kai Engert
2006-04-25 14:33:15 +00:00
nelson%bolyard.com
36da56edd4
Disable AMD64 assembly optimizations. Bug 334057. r=nelson
2006-04-25 05:51:23 +00:00
nelson%bolyard.com
348e94e86f
Bug 294537: ssltap should display ASCII CA names from cert request message
...
r=alexei.volkov
2006-04-25 04:58:45 +00:00
nelson%bolyard.com
d954094b3e
Backout the last change, undoing the fix for bug 320336 and bug 333405.
2006-04-25 04:39:24 +00:00
alexei.volkov.bugs%sun.com
d337da0f9f
[Bug 334277] double free in [@ sftk_FreeAttribute - sftk_DeleteAttributeType]. r=relyea
2006-04-25 02:33:58 +00:00
alexei.volkov.bugs%sun.com
a1b44415b1
[Bug 334276] double free in [@ SECKEY_CopyPublicKey]. r=nelson
2006-04-25 02:23:52 +00:00
wtchang%redhat.com
67a579d353
Bugzilla Bug 335275: include pk11pqg.h to declare the PK11_PQG_ functions.
...
The PK11_PQG_ functions operate on PQGParams, so we declare pqgParams as
a pointer to PQGParams, and cast a SECKEYParams pointer to a PQGParams
pointer. (SECKEYParams and PQGParams are isomorphic.) r=nelson.
2006-04-25 01:26:42 +00:00
wtchang%redhat.com
0d1fe7135f
Bugzilla Bug 320336: SECITEM_AllocItem should return a NULL pointer if the
...
allocation of its 'data' buffer fails. r=nelson. This checkin fixed bug
333405 as a byproduct.
Modified files: secitem.c secitem.h
2006-04-24 22:50:13 +00:00
nelson%bolyard.com
7778802c53
Remove call to printf in ecl/ecp_224.c Bug 334448. r=wtchang
2006-04-24 21:27:38 +00:00
wtchang%redhat.com
cc75ab1cb9
Bugzilla bug 335275: compile with the GCC flag
...
-Werror-implicit-function-declaration. r=nelsonb.
Modified files: Linux.mk SunOS5.mk
2006-04-24 20:07:15 +00:00
nelson%bolyard.com
03361a06ad
Display TLS hello extensions and alerts. Display ECC cipher suites.
...
Bug 333600 and bug 334314. r=Alexei.Volkov
2006-04-24 06:11:41 +00:00
nelson%bolyard.com
3576a2ba86
Put nss.def file sections in numeric order, and alphabetical order
...
within sections.
2006-04-24 05:08:04 +00:00
nelson%bolyard.com
1adeecc0fc
Bug 323350. sr=rrelyea. This patch makes 3 changes:
...
1) it adds a new ifdef which enables SSL to limit itself to the 3 Suite B
curves.
2) it corrects the creation and parsing of the Supported Curve extension to
conform with the lastest definition, by using 2 bytes to encode the list
length,
3) it changes the algorithm that picks the curve for ECDHE to choose a curve
that is at least as strong as the "weakest link", is mutually supported
by client and server, and is the fastest for its size.
2006-04-23 00:17:18 +00:00
julien.pierre.bugs%sun.com
2bb5326ad4
Fix for bug 335039. Declare nssCKFWCRyptoOperation_UpdateCombo. r=wtchang
2006-04-22 05:30:18 +00:00
julien.pierre.bugs%sun.com
327800e01c
Fix red tree on Windows.
2006-04-22 05:18:20 +00:00
alexei.volkov.bugs%sun.com
f860030293
[Bug 334183] Double free on error because CERT_FindCertIssuer unexpectedly calls CERT_DestroyCertificate. r=alexei
2006-04-22 02:09:09 +00:00
julien.pierre.bugs%sun.com
9c4db6bb37
Fix for bug 331413 . replace signal with sigaction; fix logging. r=wtchang
2006-04-22 01:28:14 +00:00
alexei.volkov.bugs%sun.com
10716d62bd
Patch contributed by timeless@bemail.org
...
[Bug 334449] oom Crash in crmf_template_copy_secalg. r=nelson
2006-04-22 01:25:57 +00:00
alexei.volkov.bugs%sun.com
da21bcb177
Patch contributed by timeless@bemail.org
...
[Bug 334436] nsslowcert_UpdateSubjectEmailAddr doesn't consistently use emailAddrs as a guard of nemailAddrs guarding emailAddrs[0]. r=nelson
2006-04-22 01:19:41 +00:00
alexei.volkov.bugs%sun.com
04cf2a1ef8
Patch contributed by timeless@bemail.org
...
[Bug 334328] nsspkcs5_PKCS12PBE: Variable "A" tracked as NULL was dereferenced. r=nelson
2006-04-22 01:13:15 +00:00
alexei.volkov.bugs%sun.com
e5c5562641
[Bug 334275] double free in [@ PK11_ListPublicKeysInSlot]. r=nelson
2006-04-22 01:08:17 +00:00
alexei.volkov.bugs%sun.com
e501f654c4
[Bug 334273] double free in SECKEY_DecodeDERSubjectPublicKeyInfo. r=nelson
2006-04-22 01:03:18 +00:00
alexei.volkov.bugs%sun.com
eff087e1e9
[Bug 334240] double free in nsslowkey_ConvertToPublicKey if SECITEM_CopyItem or SECITEM_CopyItem fail. r=nelson
2006-04-22 00:59:13 +00:00
alexei.volkov.bugs%sun.com
56865501c8
[Bug 334236] double free in PK11_ListPrivKeysInSlot if keys allocation fails. r=nelson
2006-04-22 00:55:29 +00:00
wtchang%redhat.com
d57bf7591a
Bugzilla Bug 333932: fixed Solaris SPARC GCC build failures.
...
r=christophe.ravel
2006-04-22 00:13:29 +00:00
alexei.volkov.bugs%sun.com
60cc810354
[Bug 334234] PK11_NewSlotInfo returns freed objects if lock allocations fail. r=nelson
2006-04-21 23:29:37 +00:00
wtchang%redhat.com
e867c340a2
Bugzilla Bug 334533: in getPQseed we always set the most significant bit of
...
SEED to 1 to make NIST CMVP's PQG parameter validation tool happy. In
PQG_ParamGenSeedLen we require the length of SEED be at least 20 bytes.
r=nelson.
2006-04-21 17:48:30 +00:00
wtchang%redhat.com
cf972acbcf
Bugzilla Bug 298522: changed RSA modulus size to 1024 bits and added known
...
answer tests for RSA SHA1, SHA256, SHA384, and SHA512 signatures. The
patch is written by Glen Beasley. r=wtc.
2006-04-21 17:13:50 +00:00
wtchang%redhat.com
fe960835f8
Bugzilla Bug 236245: Use a stack buffer for ec_params.data in
...
ssl3_SendECDHServerKeyExchange. r=nelson.
2006-04-21 16:19:48 +00:00
wtchang%redhat.com
a9d89dfa7e
Bugzilla Bug 334553: fixed the comments because mp_digit is actually 64-bit
...
(unsigned long or unsigned long long). r=nelson.
2006-04-21 16:13:02 +00:00
rrelyea%redhat.com
6d35f6e09d
Performance tests for ec curves. Test's freebl and pkcs11 interfaces.
2006-04-21 01:40:48 +00:00
wtchang%redhat.com
a451a3674a
Bugzilla Bug 326754: checked the change back in. We failed the NIST DSA
...
PQGGen test for some other reason (bug 334533).
2006-04-20 21:55:24 +00:00
kaie%kuix.de
9e58e31dc8
Bug 333691, [@ nsSSLThread::requestPoll - nsSSLIOLayerPoll]
...
r=rrelyea
2006-04-20 16:21:57 +00:00
kaie%kuix.de
72235157d4
Bug 333385, [@ nsKeygenThread::UserCanceled]
...
r=rrelyea
2006-04-20 16:21:26 +00:00
kaie%kuix.de
d69f53927b
Bug 333404, freeString is unused DEADCODE in nsCrypto::ImportUserCertificates
...
r=rrelyea
2006-04-20 16:21:00 +00:00
kaie%kuix.de
9434ada70b
Bug 333767, nsNSSCertificateDB::AddCertFromBase64 mishandles trust settings
...
r=darin/kengert
2006-04-20 16:20:32 +00:00
nelson%bolyard.com
1f801d58d2
Bug 80092: SSL write indicates all data sent when some is buffered.
...
SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket. On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered. r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c
2006-04-20 08:46:34 +00:00
nelson%bolyard.com
41f4f6af5c
Fix buffer overflow regression. Bug 236245. sr=wtchang
2006-04-20 06:57:54 +00:00
alexei.volkov.bugs%sun.com
bc0594812b
Patch contributed by timeless@bemail.org
...
[Bug 334459] Variable "cipherName" tracked as NULL was passed to a
function that dereferences it. [@ PORT_Strdup - SSL_SecurityStatus]. r=nelson
2006-04-20 00:20:45 +00:00
alexei.volkov.bugs%sun.com
9a357d43aa
Patch contributed by timeless@bemail.org
...
[Bug 334446] oom Crash in nssCKFWFindObjects_Create. r=nelson
2006-04-20 00:03:33 +00:00
alexei.volkov.bugs%sun.com
ee09b992d0
Patch contributed by timeless@bemail.org
...
[Bug 334443] oom Crash in nssCKFWSession_Create. r=nelson
2006-04-19 23:50:43 +00:00
alexei.volkov.bugs%sun.com
9d9e9fd36c
Patch contributed by timeless@bemail.org
...
[Bug 334438] oom Crash in ReadDBCertEntry. r=nelson
2006-04-19 23:43:10 +00:00
alexei.volkov.bugs%sun.com
036803b272
Patch contributed by timeless@bemail.org
...
[Bug 334442] Incorrect use of realloc oom Crash in secmod_ReadPermDB;r=nelson
2006-04-19 22:53:45 +00:00
alexei.volkov.bugs%sun.com
6e5c579e53
Patch contributed by nelson@bolyard.com.
...
[Bug 334327] pk11_CreateNewContextInSlot: Variable "(context)->key" tracked as NULL was passed to a function that dereferences it. r=alexei
2006-04-19 22:32:30 +00:00
wtchang%redhat.com
4f7485a0cd
Bugzilla bug 334553: use the ULL suffix with unsigned long long constants.
...
r=douglas.stebila.
Modified files: ecl/ecp_256.c mpi/mp_gf2m.c
2006-04-19 22:19:09 +00:00
wtchang%redhat.com
d84b85ab89
Bugzilla bug 334683: removed extraneous semicolons. r=alexei.volkov.
...
Modified files: cmd/certutil/certutil.c lib/pki/pkistore.h
2006-04-19 19:04:23 +00:00
julien.pierre.bugs%sun.com
6b06044287
Fix for bug 331413. Don't set SO_LINGER in the Win95 build to workaround NSPR bug 332348. r=wtchang
2006-04-18 22:56:44 +00:00
wtchang%redhat.com
c015e94462
Bugzilla Bug 333917: the non-x86 code in at least the DES_CBCEn and
...
DES_EDE3CBCEn functions violates ANSI C's aliasing rules. So we compile
this file with strict aliasing rules turned off. r=nelsonb.
2006-04-18 17:33:56 +00:00
timeless%mozdev.org
6768a5a433
Bug 332324 crash [@ IsChildOfDomWindow]
...
r=kaie sr=bz
2006-04-16 20:33:28 +00:00
nelson%bolyard.com
b2865a93c9
Don't add 3 to the user-supplied number of validity months. Bug 333679.
...
r=neil.williams
2006-04-15 01:00:11 +00:00
julien.pierre.bugs%sun.com
6d1015000c
Fix for bug 262375 . Add clobber_dbm and clobber_nspr targets, as well as nss_clean_all . r=nelson
2006-04-14 22:48:31 +00:00
gavin%gavinsharp.com
aa52b10d67
Bug 331749: chrome://pippki/content/newserver.js is not UTF-8, patch by Philip Withnall <bugzilla@tecnocode.co.uk>, r=kaie
2006-04-14 19:12:31 +00:00
nelson%bolyard.com
402758d2c0
big cleanup of error codes returned by pkcs12 library.
...
No longer returns SEC_ERROR_NO_MEMORY for every possible error code.
Bug 321584. r=neil.williams
2006-04-14 18:34:44 +00:00
nelson%bolyard.com
8227715200
Fix broken optimized builds, caused by last checkin. Bug 236245.
2006-04-14 00:43:19 +00:00
nelson%bolyard.com
1c45d9d1ee
Implement TLS Hello extensions for ECC. Bug 236245. r=rrelyea.
...
This patch has a known problem, choosing ephemeral ECDH curves
according to the wrong (suboptimal, non-FIPS) criteria.
Modified Files: ssl3con.c ssl3ecc.c sslimpl.h
2006-04-13 23:08:18 +00:00
nelson%bolyard.com
56e0778f65
Add and use new -2 option for strsclnt to disable SSL2 compatible client
...
hellos, so we can stress test TLS hello extensions. Bug 333559.
r=julien.pierre,rrelyea
2006-04-13 22:43:31 +00:00
wtchang%redhat.com
3bdf9baec8
Bugzilla Bug 330114: corrected the checks for the PKCS #1 v1.5 padding
...
string and the length of the data (hash). r=nelsonb,relyea.
2006-04-13 22:12:17 +00:00
gijskruitbosch%gmail.com
75239445ad
Bug 333692 - Possible crash (Coverity) [@ PK11_DestroyContext - md5sum]
...
r+sr=darin
2006-04-12 22:33:52 +00:00
benjamin%smedbergs.us
185c761605
Freeze nsIArray (requires separating nsIMutableArray into another .idl file); also removes NS_NewArray and moves do_QueryElementAt into the glue, r=darin
2006-04-12 15:43:32 +00:00
julien.pierre.bugs%sun.com
92b2f48d10
Fix for 333657 . Increase maximum RSA key size to 8192 bits in freebl. r=nelson
2006-04-12 05:37:52 +00:00
alexei.volkov.bugs%sun.com
682c8b8e69
[Bug 332272] add core detection functionality to all.sh; r=nelson
2006-04-12 01:14:27 +00:00
wtchang%redhat.com
c4307dce10
Bugzilla Bug 331413: assert that the worker threads empty the jobQ before
...
they terminate. Fix a socket leak when the SSL_ImportFD call in
handle_connection fails. r=nelson.bolyard.
2006-04-11 21:12:28 +00:00
nelson%bolyard.com
520dcda31b
Implement new API for registering and deregistering shutdown callback functions.
...
Patch by Bob Relyea and Nelson Bolyard. r=rrelyea,nelson Bug 326482.
2006-04-08 05:11:55 +00:00
nelson%bolyard.com
c1fbfcc40a
Bug 333090: CKM_DH_PKCS_KEY_PAIR_GEN always fails. r=nelson, sr=rrelyea
...
Patch contributed by Andreas.Sterbenz@sun.com
2006-04-08 05:05:01 +00:00
nelson%bolyard.com
00dfcbd256
WORKAROUND: disable all the ECDH_RSA cipher suites tests, since all those
...
tests require a cert with an EC public key and an RSA signature, and the
test scripts do not presently generate such a cert.
This workaround can be backed out when the real fix is available.
Bug 332222. r=neil.williams
2006-04-08 04:28:32 +00:00
sandeep.konchady%sun.com
7dd8d26542
Bugzilla bug : 316448. Deprecated references to fortezza in code and test.
...
sr=glen.beasley
2006-04-07 15:56:50 +00:00
kaie%kuix.de
90586fbeae
bug 331648, signed/unsigned bug submitting CRMF cert requests
...
r=rrelyea, sr=nelson
2006-04-07 11:41:18 +00:00
nelson%bolyard.com
7a6d9fd99d
Implement generic support for TLS Hello Extensions. Bug 226271. r=vipul
2006-04-07 06:24:07 +00:00
julien.pierre.bugs%sun.com
06cfd97468
Fix for bug 311164 . Initialize stan cert store object early to fix a race condition. r=nelson
2006-04-07 05:49:04 +00:00
julien.pierre.bugs%sun.com
abf63f3923
Fix for bug 315793 . Wan-Teh's feedback for PWD
2006-04-07 04:10:28 +00:00
cbiesinger%web.de
eb2e0f5225
move an unfrozen interface out of SDK_XPIDLSRC (was added there in bug 111384)
2006-04-06 14:02:29 +00:00
julien.pierre.bugs%sun.com
b79555f358
Fix for bug 315793 . Make shlibsign run in the OBJDIR rather than the source directory . r=nelson
2006-04-06 06:22:02 +00:00
julien.pierre.bugs%sun.com
c4a1fdc5db
Fix for bug 315798 . run bltest and rsaperf from source directories in the QA . r=nelson
2006-04-06 06:19:41 +00:00
nelson%bolyard.com
4c932f8b38
Don't negotiate an ECDH_RSA cipher suite when the server's only ECDH cert
...
has an ECDSA signature. bug 332350. r=vipul.gupta.
2006-04-06 04:40:49 +00:00
julien.pierre.bugs%sun.com
072e4ae85d
Partial fix for bug 332348 . Add PR_POLL_EXCEPT to a PR_Poll . Allows tstclnt to wake up if server goes away. r=wtchang
2006-04-06 01:49:03 +00:00
nelson%bolyard.com
df3a1c8fa5
Fix shell script error that caused undetected QA failures. Bug 311931.
...
r=nelson.bolyard,alexei.volkov
2006-04-05 19:35:47 +00:00
nkwan%redhat.com
aa72ac0422
Updated tip to use NSS_3_11_RTM
2006-04-05 02:06:31 +00:00
dbaron%dbaron.org
ac49c790c1
Remove uses of MOZ_DECL_CTOR_COUNTER, which is always defined to nothing. b=332745 rs=roc,bzbarsky
2006-04-05 00:00:44 +00:00
kaie%kuix.de
e4a7a33017
Follow-up checkin to bug 111384, fixes the tinderbox tests failure.
...
If the thread runner C function calls the pure virtual Run too early,
before the constructor finished, it will crash.
This patch delays thread creation and virtual function call to a
separate startThread call.
Thanks a lot to Jag for his help in finding the problem!
r=jag
2006-04-04 13:18:48 +00:00
kaie%kuix.de
67587ec2e2
bug 111384, Support OCSP requests through a proxy
...
combined r= by darin / rrelyea
second checkin attempt
2006-04-04 13:14:40 +00:00
kaie%kuix.de
8957938fd7
backing out my checkin, because we can't reproduce the tinderbox test
...
failure
2006-04-04 09:48:08 +00:00
nelson%bolyard.com
020f267488
Add new -i (ignore errors) command line option to strsclnt. Strsclnt now
...
stops soon after the first error unless the -i option is given.
Strsclnt and tstclnt now look for an environment variable named
NSS_DEBUG_TIMEOUT, and if present, its value is used as a timeout time
for all socket IO operations. Bug 332348. r=julien.pierre.
2006-04-04 07:31:46 +00:00
kaie%kuix.de
18f6a01631
bug 111384, Support OCSP requests through a proxy
...
combined r= by darin / rrelyea
2006-04-04 06:41:37 +00:00
nelson%bolyard.com
476b7d2303
Eliminate duplicated header files in cmd/SSLsample. Bug 332633.
...
r=julien.pierre
Modified Files: SSLsample/client.mn SSLsample/server.mn lib/manifest.mn
Removed Files: SSLsample/NSPRerrs.h SSLsample/SECerrs.h SSLsample/SSLerrs.h
2006-04-04 01:56:27 +00:00
glen.beasley%sun.com
fcf0285383
David Baron fix for valgrind report of UMR r=wtchang sr=Nelson
2006-04-04 01:01:51 +00:00
nelson%bolyard.com
d5e09c7ca8
Define alerts and error codes for TLS Hello extensions. Bug 226271.
...
r=julien.pierre
2006-04-04 00:32:27 +00:00
nkwan%redhat.com
dcb658cb4b
bugzilla #332608 - added new function to just delete certificate
2006-04-03 23:09:49 +00:00
rrelyea%redhat.com
878b55fa39
Bug 332381 pk12util fails to import key/cert onto LunaSA HSM
...
r=nelson
2006-03-31 21:35:37 +00:00
gerv%gerv.net
e7a53f8e59
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-31 04:41:00 +00:00
rrelyea%redhat.com
aa172e9eab
bug 309701 Softtoken C_CreateObject() should not require
...
CKA_NETSCAPE_DB attribute to be present
r=alexei
2006-03-31 00:38:48 +00:00
rrelyea%redhat.com
4a9bb235ce
From Bug 331279.
...
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei
2006-03-30 21:07:22 +00:00
julien.pierre.bugs%sun.com
01550d8a23
Fix for 330068 . Be more verbose in strsclnt error cases
2006-03-29 22:35:44 +00:00
alexei.volkov.bugs%sun.com
601c015e0a
331515: selfserv Bus error on 3DES ciphersuites; r=julien, sr=nelson
2006-03-29 07:23:40 +00:00
julien.pierre.bugs%sun.com
ed974bdaa4
Remove comment in ssl.sh that messes execution. Part of fix for bug 331413.
2006-03-29 06:54:56 +00:00
julien.pierre.bugs%sun.com
2718276062
Fix for bug 330068 . Increment counter variable atomically. Be more verbose. r=nelson
2006-03-29 05:05:09 +00:00
julien.pierre.bugs%sun.com
3666e85fea
Partial fix for bug 331413 . Allow selfserv to be tested for reference leaks. r=nelson
2006-03-29 05:03:10 +00:00
benjamin%smedbergs.us
e69d6ac070
Bug 301249 - Checkout and build mozilla/dbm as part of NSS instead of the mozilla client, and pull NSS by the release tag instead of by the NSS_CLIENT_TAG which is now deprecated! r=dougt (+nelsonb)
2006-03-27 16:21:55 +00:00
glen.beasley%sun.com
8133edd3dc
318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea
2006-03-25 23:45:23 +00:00
rrelyea%redhat.com
e0e96b99fd
Bug 321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas r=vipul
2006-03-24 22:55:51 +00:00
nelson%bolyard.com
84418c784c
Backout changes for bug 321350
...
Implement optimized code for NIST Suite B elliptic curves
Those changes broke the build on Solaris. r=Sheriff Nelson
2006-03-24 09:08:24 +00:00
dbaron%dbaron.org
d62ddfa0b3
Check argc. b=330900 r=kengert sr=jst
2006-03-24 06:51:24 +00:00
rrelyea%redhat.com
22f4437ae4
321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas.
2006-03-23 19:55:37 +00:00
nkwan%redhat.com
6b0609fb19
bugzilla #331369 - avoid calling fromRaw which calls into a non-ECC compliant NSS function
2006-03-22 21:53:52 +00:00
rrelyea%redhat.com
f368fa9bc8
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson r=thomas.
patch in bug + white space changes suggested by nelson.
2006-03-22 19:18:30 +00:00
rrelyea%redhat.com
5cdb03b3a0
Updated previous patch with douglas's input. (still bug 323817
...
Truncation of hashes for ECDSA should be done at bit level, not octet level).
r= vipul r=douglas
2006-03-22 19:02:06 +00:00
dbaron%dbaron.org
6517b91848
Fix indexing botch. Patch from Mikolaj J. Habryn <dichro-mozilla@rcpt.to>. r=kengert sr=dbaron b=330897
2006-03-22 07:40:40 +00:00
rrelyea%redhat.com
4f7109ca35
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 19:36:53 +00:00
rrelyea%redhat.com
1df4844d30
Correct bug entry:
...
25683 EC param parsing error not propagated correctly
r=andreas.
2006-03-21 19:33:52 +00:00
rrelyea%redhat.com
05bebd6e05
Backing out previous changes that invalid or incorrect log entries for this
...
patch.
2006-03-21 19:30:10 +00:00
rrelyea%redhat.com
5560cefbe0
*** empty log message ***
2006-03-21 19:23:30 +00:00
kaie%kuix.de
69677b52b9
bug 284450, Only use SSL V2 compatible hello, if SSL V2 is enabled
...
r=jgmyers, r=nelson
2006-03-21 18:43:09 +00:00
rrelyea%redhat.com
a8ad190dbf
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 02:28:48 +00:00
nelson%bolyard.com
b90e7c50e0
Avoid stack overflow while generating primes. Bug 310145. r=wtchang
2006-03-19 05:09:30 +00:00
rrelyea%redhat.com
6b22522ae5
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson
2006-03-17 21:15:09 +00:00
rrelyea%redhat.com
a3d27aefe2
Bug 329072 client sometimes fails to authenticate despite having cert
...
r= nelson
2006-03-17 20:44:23 +00:00
rrelyea%redhat.com
27b4c6e8f2
Bug 323817 Truncation of hashes for ECDSA should be done at bit level, not octet level
...
r=vipul.gupta@sun.com
2006-03-17 16:58:06 +00:00
rrelyea%redhat.com
b4f12c8c77
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
Use SEC_GetSignatureAlgorithmOidTag() to map to the signature oid.
r=wtc
2006-03-15 21:46:24 +00:00
rrelyea%redhat.com
338d439f2f
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
patch makes SHA1 the default hashing for RSA rather than MD5.
patch by wtc r=rrelyea.
2006-03-15 21:42:21 +00:00
rrelyea%redhat.com
aedc2aa4dd
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:22:32 +00:00
rrelyea%redhat.com
415567e012
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:13:12 +00:00
kaie%kuix.de
86ecb2b046
Bug 236933, Disable SSL2 and other weak ciphers by default
...
This patch (v3c) removes the UI to control SSL 2.
Firefox UI-review: beltzner
Firefox code review: mconnor
SeaMonkey UI-review: neil
Seamonkey+PSM code review: rrelyea
2006-03-14 21:29:13 +00:00
nelson%bolyard.com
ec2c925bf4
Bug 324448. Convert mpi_x86.asm to mpi_x86_asm.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-10 06:48:46 +00:00
nelson%bolyard.com
02e3d7578a
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
2006-03-09 23:50:43 +00:00
nelson%bolyard.com
312856d27c
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-09 23:46:45 +00:00
nelson%bolyard.com
c6858ae1e4
Bug 329002. fix cert reference leak. r=alexei.volkov,rrelyea
2006-03-09 23:38:57 +00:00
christophe.ravel.bugs%sun.com
b458a866f2
Bugzilla 324887: merge ECC and non-ECC QA test scripts.
...
Add return code and error message for ssl_stress and ssl_cov.
r=vipul, sr=nelson.
2006-03-08 00:47:28 +00:00
wtchang%redhat.com
4951f5bfdc
Bugzilla Bug 329575: ECPoint_mul should multiply a point by the group order
...
faithfully because this operation is required by the public key validation
algorithm. r=douglas.stebila,vipul.gupta.
2006-03-08 00:19:34 +00:00
wtchang%redhat.com
4d4f8dd3de
Bugzilla Bug 320578: added a new function ec_GenerateRandomPrivateKey to
...
generate a random private key without bias using the algorithm of FIPS
186-2 Change Notice 1, and use it to generate EC private key d and ECDSA
ephemeral private key k. The patch is contributed by Douglas Stebila
<douglas@stebila.ca> and improved by me. r=douglas.stebila,vipul.gupta.
2006-03-06 23:48:39 +00:00
kaie%kuix.de
8e014c0581
fix bug 328771
...
r=rrelyea sr=dveditz
2006-03-04 12:22:22 +00:00
wtchang%redhat.com
4f233bf7c1
Bugzilla Bug 324887: The previous checkin introduced a comment bug. A
...
comment line must begin with exactly one '#' character followed by white
space.
2006-03-03 22:10:30 +00:00
wtchang%redhat.com
7c9d71030c
Bugzilla Bug 324887: merged ECC and non-ECC QA test scripts and removed
...
ECC QA test scripts. The patch is written by Vipul Gupta and Christophe
Ravel of Sun. r=wtc,nelsonb,jpierre
Modified Files:
cert/cert.sh smime/smime.sh ssl/ssl.sh ssl/sslauth.txt
ssl/sslcov.txt ssl/sslstress.txt tools/tools.sh
Removed Files:
fixtests.sh cert/eccert.sh smime/ecsmime.sh ssl/ecssl.sh
ssl/ecsslauth.txt ssl/ecsslcov.txt ssl/ecsslstress.txt
tools/ectools.sh
2006-03-03 20:06:03 +00:00
wtchang%redhat.com
e1c95dc9e4
Bugzilla bug 326482: code cleanup: ssl3_NewKeyPair should not create a key
...
pair with only one key. r=nelson.bolyard.
2006-03-03 18:48:09 +00:00
wtchang%redhat.com
db54a3ba4d
Bugzilla bug 326482: removed incorrect comments. r=nelson.bolyard.
2006-03-03 18:45:54 +00:00
nelson%bolyard.com
83ae991c8d
Fix standalone mpi Makefile to build on OS/X. Bug 327405.
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-03 04:21:56 +00:00
nelson%bolyard.com
dd859170b7
Bug 327677. Fix cert object reference leak. r=julien.pierre,nelson
...
Patch contributed by Alexei Volkov <alexei.volkov.bugs@sun.com>
2006-03-03 04:00:49 +00:00
wtchang%redhat.com
10904973ae
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-02 22:48:55 +00:00
wtchang%redhat.com
86add9f57e
Bugzilla Bug 320589: fixed PK11_SignatureLen to return the exact length of
...
ECDSA signatures. Backed out a temporary workaround in
ECDSA_SignDigestWithSeed. Made other changes related to signature lengths.
r=relyea,nelson.bolyard.
Modified Files:
cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secsign.c
freebl/ec.c pk11wrap/pk11obj.c pk11wrap/pk11pub.h
ssl/ssl3con.c
2006-03-02 00:07:08 +00:00
kaie%kuix.de
3401675964
bug 168629, Mozilla incorrectly prompts about submitting to an insecure location from a secure one with base
...
href="https://..."
r=rrelyea, sr=bzbarsky
2006-03-01 23:38:30 +00:00
wtchang%redhat.com
239b405b14
Bugzilla Bug 326403: use "Mozilla Foundation" as the manufacturer or
...
producer of our shared libraries/DLLs. Removed the optional copyright
notices from our DLLs. r=relyea,jpierre.
Modified Files:
lib/ckfw/builtins/constants.c lib/ckfw/builtins/nssckbi.rc
lib/ckfw/capi/nsscapi.rc lib/ckfw/dbm/instance.c
lib/freebl/freebl.rc lib/nss/nss.rc lib/smime/smime.rc
lib/softoken/pkcs11.c lib/softoken/softokn.rc lib/ssl/ssl.rc
2006-03-01 19:44:36 +00:00
rrelyea%redhat.com
c9bd3d91a9
Remove mp_init/mp_clear calls (and potential mallocs,frees and zeros)
...
in tight loops for bug #326482
r=nelson
2006-03-01 17:09:17 +00:00
rrelyea%redhat.com
53ae20dc78
bug 326482 Implement the derive sensitive only for those derivation functions that require it.
...
fixes a performance problem with ECDH.
r=wtchang, nelson.
2006-03-01 16:12:22 +00:00
nelson%bolyard.com
f39afabe6b
Bug 327405. Correct EC keypair Generation. r=vipul.gupta,nelson.bolyard
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-01 07:06:24 +00:00
nelson%bolyard.com
68bf5f0340
Bug 328262. Increment ssl3 statistics counters atomicly. r=wtchang,julien.pierre
2006-03-01 05:45:45 +00:00
wtchang%redhat.com
e1f071ebf1
Bugzilla Bug 327978: removed obsolete files, superseded by the ecl
...
directory. r=douglas.stebila.
Removed files: GF2m_ecl.c GF2m_ecl.h GFp_ecl.c GFp_ecl.h
2006-02-28 23:43:19 +00:00
wtchang%redhat.com
1f27da68d4
Bugzilla bug 327855: OS2 GCC build should define XP_OS2_EMX for NSPR
...
headers. Removed a duplicate XP_OS2 definition. r=Peter Weilbacher and
Julien Pierre.
2006-02-28 21:34:29 +00:00
kaie%kuix.de
3ef09fc4bf
bug 328302, Cert Viewer: Prefix "raw bytes" display with size information
...
r=rrelyea
2006-02-28 18:30:01 +00:00
nelson%bolyard.com
969236afbb
Bug 326315. Warning Reduction. On TRUNK only. r=Julien.Pierre
2006-02-28 05:56:07 +00:00
nelson%bolyard.com
d91164bf0e
Bug 325683. EC param parsing error not propagated correctly.
...
Fix the cases that Andreas identified. Patch by Andreas.Sterbenz@sun.com
r=Julien,wtchang,nelson
2006-02-28 05:44:56 +00:00
nelson%bolyard.com
61b48c1f2f
Bug 326690. Enable modutil to configure default slots for the
...
AES, SHA256 or SHA512 mechanisms. r=rrelyea,julien.pierre
2006-02-28 05:16:00 +00:00
nelson%bolyard.com
2f2900ce2e
Bug 327105. Reintroduce an old bug that prevents _DHE_ cipher suites
...
from being negotiated by NSS servers. Necessary until the server side
of the _DHE_ cipher suites is fully implemented. r=Julien,Wan-Teh,Vipul
2006-02-28 04:20:23 +00:00
wtchang%redhat.com
dff8039a7a
Bugzilla Bug 320038: checked in a better fix that allows us to write
...
EC domain parameters as hex strings with leading 00's. r=douglas.stebila
sr=relyea.
Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
2006-02-27 23:18:34 +00:00
wtchang%redhat.com
a8247496ad
Bugzilla Bug 322871: moved the three new EC-related JNI function symbols to
...
a new JSS_4.2.3 section. r=sandeep.konchady.
2006-02-24 23:56:41 +00:00
nkwan%redhat.com
d3491803d2
integrated patch 'build fix' from bugzilla #328246
2006-02-24 19:40:34 +00:00
sandeep.konchady%sun.com
a39794becf
Bugzilla bug: 328233 Fix for using SunJCE for all platformas that do not
...
use IBM JDK. sr=Alexei.Volkov
2006-02-23 16:47:17 +00:00
wtchang%redhat.com
8870a7917e
Bugzilla Bug 322871: Checked in Bob Relyea's patch again.
...
Add multi-hash ECC to jss (based on the 1.4 JCE).
2006-02-23 01:21:52 +00:00
wtchang%redhat.com
a33cc5c3df
Bug 322578: backed out the previous checkin. We avoided it by changing NSS.
...
r=mark.mentovai.
2006-02-22 22:40:03 +00:00
wtchang%redhat.com
1a8b4bd028
Bugzilla bug 322578: support ppc<->x86 cross builds for Mac OS X. The
...
patch is contributed by Mark Mentovai <mark@moxienet.com>. r=wtc.
2006-02-22 22:26:34 +00:00
wtchang%redhat.com
6272976cfc
Bugzilla Bug 328228: fixed the typo "secp169k1". The patch is contributed
...
by jyri <jyri.virkki@sun.com>. r=wtc,vipul.gupta.
Modified files: bltest/blapitest.c certutil/certutil.c
2006-02-22 22:15:57 +00:00
christophe.ravel.bugs%sun.com
f6ee50a1b0
Change NSS version to 3.12 Beta on the tip.
2006-02-22 21:22:54 +00:00
kaie%kuix.de
28c1f4ad33
bug 321598, Double memory free in nsIX509::getRawDER
...
r=rrelyea
2006-02-22 20:36:53 +00:00
wtchang%redhat.com
5a28fa6cbc
Bugzilla Bug 326754: the previous checkin made us fail the NIST DSA PQGGen
...
test for [mod = 768] only. Backed out the more likely culprit.
2006-02-22 02:12:09 +00:00
sandeep.konchady%sun.com
36c22a97e3
Bugzilla bug: 310368 Missed a file.
...
sr=Glen r=Alexei
2006-02-21 23:38:58 +00:00
sandeep.konchady%sun.com
40548840b8
Bugzilla bug: 326699 Added check for libjss4.$platform_lib_extension
...
sr=Alexei.Volkov r=Christophe.Ravel
2006-02-21 23:27:49 +00:00
sandeep.konchady%sun.com
713e3bd05b
Bugzilla bug: 310368 Modified JSSE_SSLServer and JSS_SSLClient for proper
...
cipher preference and communication. sr=Glen.Beasley r=Alexei.Volkov
2006-02-21 23:25:25 +00:00
sandeep.konchady%sun.com
245692418c
Bugzilla bug: 322998 Fix for SSLServerSocket.accept() consuming exception
...
cause. sr=Wan-Teh r=Alexei.Volkov
2006-02-21 22:43:27 +00:00
mark%moxienet.com
dbd781b833
322578 Support ppc<->x86 cross builds for Mac OS X. Core cross-compile support. r=bsmedberg r=cls sr=bryner
2006-02-21 00:21:55 +00:00
wtchang%redhat.com
0c86eb4eee
Bugzilla Bug 327529: unnamed arguments (third and after) for CERT_CreateRDN
...
must have the correct CERTAVA * type because compilers can't do automatic
type conversions. r=nelsonb,jpierre.
Modified files: alg1485.c secname.c
2006-02-20 23:06:55 +00:00
kaie%kuix.de
9b1dea62aa
bug=325366, Certificates: Large MS CA version causes decoding failure
...
Patch contributed by Martin v. Loewis
r=kengert
2006-02-20 13:20:47 +00:00
wtchang%redhat.com
b3c171eb42
Renamed DSA_TEST_SEED_BYTES to PQG_TEST_SEED_BYTES.
2006-02-18 02:39:12 +00:00
wtchang%redhat.com
f84184efdf
Bugzilla Bug 327384: fixed an off-by-one error in the size of the 'genenc'
...
array. The patch is contributed by Andreas Sterbenz
<Andreas.Sterbenz@sun.com>. r=wtc,nelsonb
2006-02-16 22:33:13 +00:00
sandeep.konchady%sun.com
dbf6d0080b
Bugzilla bug: 317479. Added IBMJCE for tests to work with IBM JDK.
...
sr=glen.beasley r=alexei.volkov
2006-02-16 19:54:08 +00:00
dveditz%cruzio.com
f688fccbca
bug 327126 prevent missing JSContext during generateCRMFRequest() r=mrbkap, r=kengert, sr=dbaron
2006-02-16 05:38:52 +00:00
glen.beasley%sun.com
ea2bb064f4
fix by wan-teh for RSA siggen tests r=glen
2006-02-16 01:50:55 +00:00
wtchang%redhat.com
e49bf918fc
Bugzilla Bug 318967: use 160-bit SEED when generating DSA domain parameters
...
(PQG). Removed unused keySizeIndex variables. Handle the return value and
result output parameter of PQG_VerifyParams separately. Pad H with leading
0's when printing. r=glen.beasley.
2006-02-16 01:28:35 +00:00
julien.pierre.bugs%sun.com
50ed7e0d79
Fix for bug 321765. Allow NSS to decode certs with unsupported critical extensions. r=wtchang,nelson,rrelyea.
2006-02-16 00:06:24 +00:00
alexei.volkov.bugs%sun.com
5156715044
[Bug 326963] Interoperability test with apache/mod_ssl: tstclnt
...
produces: assertion failure: secmod_PrivateModuleCount == 0; r=nelson, sr=julie
n
2006-02-15 22:22:32 +00:00
wtchang%redhat.com
3bd336da98
Bugzilla Bug 318962: fixed signed/unsigned comparison warnings by MSVC.
...
r=glen.beasley.
2006-02-15 19:14:09 +00:00
wtchang%redhat.com
88f7f20136
Bugzilla Bug 318968: more ECDSA test cleanup. Do not zeroize when freezing
...
ECParams' arenas. Use EC_CopyParams to copy ECParams to an EC public key
and allocate the public key's value from the same arena. r=glen.beasley.
2006-02-15 19:06:51 +00:00
christophe.ravel.bugs%sun.com
915ecf8936
322871: JSS needs to handle ECC keys and certs`
...
Back out changes by rrelyea (2006-02-10) and glen.beasley (2006-02-14).
r+: wtc
2006-02-14 23:53:05 +00:00
glen.beasley%sun.com
b244d5e0da
temp build fix
2006-02-14 20:16:45 +00:00
wtchang%redhat.com
44d4dbe3f6
Bugzilla Bug 326754: fixed two minor bugs related to the h parameter in
...
PQG parameter generation. r=nelsonb,glen.beasley.
2006-02-14 03:04:57 +00:00
wtchang%redhat.com
cb0068da5a
Bugzilla Bug 326144: need to zeroize a SECItem that contains a copy of the
...
secret key. r=relyea,jpierre.
2006-02-14 02:55:09 +00:00
wtchang%redhat.com
f0bf04743d
Bugzilla bug 326751: CKR_SIGNATURE_INVALID is a much better default error
...
code for NSC_VerifyRecover than CKR_DEVICE_ERROR is. r=relyea.
2006-02-11 02:03:25 +00:00
glen.beasley%sun.com
a2642d5f53
318970 RSA sigver test fix r=wan-teh
2006-02-10 23:27:38 +00:00
rrelyea%redhat.com
e2c07cef61
Add multi-hash ECC to jss (based on the 1.4 JCE).
2006-02-10 22:06:22 +00:00
rrelyea%redhat.com
4266eddd80
Bugzilla Bug 326482 NSS ECC performance problems.
...
Patch by Nelson, r=relyea.
Save the public key when we create the keypair so we can use it later.
2006-02-10 19:39:53 +00:00
rrelyea%redhat.com
fc19f10d2e
Bugzilla Bug 326482 NSS ECC performance problems.
...
r=nelsonb
Fix bug where ECC keys were not being copied on server startup
2006-02-10 18:54:58 +00:00
neil.williams%sun.com
99a30b78f0
Bug 325657, r=Nelson,Wan-Teh, Unset ECL_USE_FP INT Solaris SPARC freebl
2006-02-10 04:38:05 +00:00
rrelyea%redhat.com
9a4d9a97c2
Bug 320187 NSC_WrapKey called with null output returns short length
...
r=nelsonb
2006-02-09 19:54:22 +00:00
dougt%meer.net
a58511b4cd
Fixing bug 326358. checking for null mStringBundle is not needed. r/a=kaie
2006-02-09 18:52:28 +00:00
neil.williams%sun.com
9caf87f451
Bug #325682 , Adds -Wl,-rpath to link step for Linux distributions
...
r=Nelson, sr=Wan-Teh
2006-02-09 00:12:17 +00:00
rrelyea%redhat.com
a855b8fda9
Bug 320583 Support for SHA256/384/512 with ECC signing
2006-02-08 06:14:31 +00:00
julien.pierre.bugs%sun.com
7111e6ebf7
Fix for bug 326144 . softoken leaks in nsc_pbe_key_gen. r=nelson, rrelyea
2006-02-07 00:43:31 +00:00
wtchang%redhat.com
dbb143b269
Bugzilla Bug 318967: fixed compiler warnings, most of which were char *
...
and unsigned char * mismatches. r=glen.beasley.
2006-02-04 06:39:44 +00:00
kaie%kuix.de
6e44613a74
Fix build bustage, change // comment to /* */
2006-02-03 20:22:52 +00:00
kaie%kuix.de
93dc217dd8
bug 152426, delegation of HTTP download for OCSP
...
r=julien.pierre, r=rrelyea
2006-02-03 18:14:49 +00:00
cbiesinger%web.de
a898e666b8
bug 183156 remove *UCS2* functions, replacing them with *UTF16* ones
...
r+sr=darin
2006-02-03 14:18:39 +00:00
neil.williams%sun.com
b36cd3eaef
bug 245518 r=nelson, fix for p12 files encoded with null PWs
2006-02-02 20:26:03 +00:00
nelson%bolyard.com
d4b05e6bb3
Work around bug 292285: don't encode x400 addresses, don't print CRL contents
...
r=julien.pierre
2006-02-02 07:56:19 +00:00
wtchang%redhat.com
3dc55f1174
Allow CKM_ECDSA_SHA1 to be multipart. Bug 325494.
...
Patch contributed by Andreas Sterbenz <Andreas.Sterbenz@sun.com>
r=nelsonb,relyea,wtc.
2006-02-02 07:21:56 +00:00
alexei.volkov.bugs%sun.com
a2cde1a2cd
[Bug 325307] infinite loop in SECU_FindCrlIssuer. r=julien
2006-02-02 02:45:02 +00:00
alexei.volkov.bugs%sun.com
81fbb31a8a
[Bug 324878] crlutil -L outputs false CRL names. r=julien
2006-02-02 02:35:07 +00:00
alexei.volkov.bugs%sun.com
bc7dfc231d
325305: minor memory leak in CERT_FindCertByNameString. r=wtc
2006-02-02 00:57:54 +00:00
richm%stanfordalumni.org
9d4c7f77b0
added Windows build instructions - fixed spec file - added patch file for broken coreconf location.mk
2006-02-01 23:39:01 +00:00
sandeep.konchady%sun.com
3c41a24d51
Bugzilla bug: 324451. Changed JSS version to 4.2.3. sr=glen, r=alexei
2006-02-01 23:18:57 +00:00