jpierre%netscape.com
376c737166
Correctly identify tty on OS/2 - fix for 164420
2002-08-24 13:46:50 +00:00
jpierre%netscape.com
4cb9f34407
Fix for 164403 - make console input work in NSS tools on OS/2
2002-08-24 11:51:42 +00:00
jpierre%netscape.com
1b0f78ea2f
Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea
2002-08-24 00:52:47 +00:00
nicolson%netscape.com
b00e21219b
A FilterInputStream to decode base64-encoded data.
2002-08-23 23:17:00 +00:00
wtc%netscape.com
ed0053311b
Removed CERT_VerifyCertChain from the export list. Use
...
CERT_VerifyCACertForUsage instead.
2002-08-23 18:58:52 +00:00
rangansen%netscape.com
21cbbdab2e
Removing c++ style comment
2002-08-23 18:31:22 +00:00
rangansen%netscape.com
27bd82d858
Making sure VerifyCACertForUsage checks CRL if usage is statusResponder. Changes reviewed by Bob Relyea
2002-08-23 18:02:10 +00:00
kaie%netscape.com
0470f79669
b=157927 Fix memory leaks in nsNSSCertificate.cpp, fix some compiler warnings, do some cleanup.
...
r=javi sr=jag
2002-08-23 10:40:27 +00:00
kaie%netscape.com
30f1d04fae
b=124624 [RFE]Wording change for SSL, Privacy Pref
...
r=cotter sr=jag
2002-08-23 10:28:07 +00:00
kaie%netscape.com
ff2328481e
b=100129 UI: extra space in "Security Error: Domain Name Mismatch" title
...
r=kaie sr=jag
2002-08-23 10:13:47 +00:00
kaie%netscape.com
9469ea3506
b=142147 Viewing signed message crashes Mozilla, if I did not log-in into the FIPS module
...
r=javi sr=bryner
2002-08-23 10:10:17 +00:00
kaie%netscape.com
becc0ca0bc
b=106587 FIPS enabled mode fails when Master PWD is not set.
...
r=javi/cotter sr=shaver
2002-08-23 10:07:47 +00:00
relyea%netscape.com
98d8818a74
Fix mixing different free calls. PR_smprintf requires PR_smprintf_free()
2002-08-23 02:12:05 +00:00
relyea%netscape.com
f03134761b
handle attribute types more intellegently. Don't fetch the object for invalid attributes if we don't have to.
2002-08-23 02:11:03 +00:00
wtc%netscape.com
7f6fa6070f
Added coreconf config file for Solaris 10 Intel.
2002-08-23 00:33:48 +00:00
wtc%netscape.com
de3cc2f10e
Bug 164035: checked in a small code optimization suggested by
...
J�rg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
2002-08-22 18:05:32 +00:00
relyea%netscape.com
617cbb77a3
Add pubwrap with flags
2002-08-22 00:41:41 +00:00
wtc%netscape.com
1b3066fd5c
Bug 163863: removed duplicate PORT_Memset calls in CERT_KeyFromDERCert.
...
Thanks to J�rg Brunsmann <joerg_brunsmann@yahoo.de> for the fix.
2002-08-21 18:05:20 +00:00
relyea%netscape.com
fc447dbc65
1) fix crl memory.
...
2) remove several memory copies in the crl.
2002-08-21 00:09:23 +00:00
kaie%netscape.com
2c3672f406
b=140302 hang when collapsing some ssl-security details
...
r=javi sr=bryner
2002-08-20 12:51:55 +00:00
relyea%netscape.com
a8a45a9d6e
Bug 142172
...
1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
2002-08-19 18:24:58 +00:00
relyea%netscape.com
f9a5a2f1e7
use error code in secutil.
...
Clean up the output.
Print out cert chain parsing issues more completely.
2002-08-16 23:09:02 +00:00
relyea%netscape.com
8afdfba321
Quick and dirty utility to pink SSL servers to see if they are configured
...
correctly.
NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.
Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
2002-08-16 16:29:18 +00:00
jpierre%netscape.com
a6cb806320
Correctly count the number of items in a SEQUENCE OF or SET OF in quickder decoder. Bug found by one of Terry's tests.
2002-08-16 00:05:55 +00:00
nicolson%netscape.com
0a6876533b
Fix 162761: PK11_GetKeyGen should work if you pass in a keygen alg.
...
Make PK11_GetKeyGen an identity function for keygen algs.
2002-08-14 23:57:45 +00:00
kaie%netscape.com
c430cd9340
Patch from bug 87902 to fix SSL/TLS logic.
...
- make TLS intolerant server detection over proxies work
(this bug 87902)
- on connection failure, only retry without TLS when it is really
likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
(see removed comments in patch)
- avoid to confuse programmers reading code,
by renaming TLSStepUp (which means something else)
to the correct term STARTTLS (what the code is actually doing).
(As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
a warning is shown. If the user decides to cancel,
network activity should stop immediately.
(we currently warn multiple times) (bug 87209)
r=javi/darin/ducarroz/dmose sr=alecf
2002-08-14 23:43:28 +00:00
nicolson%netscape.com
e293e9c434
Remove try/catch block when loading libjss. This allows any UnsatisfiedLinkError
...
to get thrown to the application, where it can print it out with all its
information. Also stop checking for jssjava.
2002-08-14 23:00:45 +00:00
nicolson%netscape.com
f15db4ddc5
fine-tune javadoc commands.
2002-08-14 22:55:47 +00:00
relyea%netscape.com
8e47db3b48
bug 161552: Make the recipient list traversal functions call the internal
...
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
2002-08-14 20:42:40 +00:00
antonio.xu%sun.com
e5c68f5f9b
replace the hardcode of "@mozilla.org/embedcomp/dialogparam;1" with NS_DIALOGPARAMBLOCK_CONTRACTID
...
Bug 158608 r=Henry sr=alecf
2002-08-14 12:39:03 +00:00
blakeross%telocity.com
4601104a75
Making security dialogs default to off after one viewing *in Phoenix only*. Not part of normal build.
2002-08-13 05:25:34 +00:00
kaie%netscape.com
54e56de249
b=154040 Deleting cert does nothing when key DB has no password
...
r=relyea sr=alecf
2002-08-13 01:15:05 +00:00
relyea%netscape.com
303d8667f8
Mozilla bug 145228. Clear out buffer to protect agains lazy PKCS #11 modules.
2002-08-13 00:13:48 +00:00
seawood%netscape.com
8ae6c40f5d
Removing old nmake build makefiles. Bug #158528 r=pavlov
2002-08-10 07:55:43 +00:00
nelsonb%netscape.com
bc507f2bc9
Test the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Also, order
...
tests so all SSL3 tests are done before all TLS tests.
2002-08-09 22:09:18 +00:00
nelsonb%netscape.com
2429d1642c
Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Fix Usage.
2002-08-09 22:06:12 +00:00
nelsonb%netscape.com
088d76c0ff
Add support for SSL_RSA_WITH_NULL_SHA. Bug 161529. Fix usage message.
2002-08-09 21:58:28 +00:00
nelsonb%netscape.com
023dda1402
Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529.
2002-08-09 21:53:17 +00:00
relyea%netscape.com
2c369a41a8
Handle the switch from the static buffer to the realloc buffer.
2002-08-09 18:48:31 +00:00
relyea%netscape.com
b019252683
remove unreferenced Variable.
2002-08-09 18:05:24 +00:00
jpierre%netscape.com
4d78d86372
Add comment about partial CRLs
2002-08-09 07:09:25 +00:00
wtc%netscape.com
2c32d30b8c
Bug 148220: removed the unused field 'isFIPS'.
2002-08-08 22:52:14 +00:00
relyea%netscape.com
44c20b212b
Bug 607834. save the correct name on so we can reset the database.
2002-08-08 18:02:34 +00:00
kaie%netscape.com
1b18e19429
b=161394 Fix crash in debug builds
...
r=javi sr=alecf
2002-08-08 14:10:42 +00:00
jpierre%netscape.com
cd77147500
Stop referencing deleted quickder.h header
2002-08-08 01:55:34 +00:00
jpierre%netscape.com
ad91aa9fdc
Updates to quick DER decoder, bug # 161215
...
Fixes from Terry's review :
- remove quick allocator
- always allocate entry array even if there is 0 entry
- rename DecodeConstructed to DecodeExplicit and use a better test for that case
- other misc small fixes
Also move SEC_QuickDERDecodeItem to secasn1.h
2002-08-08 01:54:38 +00:00
wtc%netscape.com
1bb0a45cea
Bug 148220: implements FIPS 198 conformance. r=relyea.
...
Modified Files: alghmac.c alghmac.h lowpbe.c pkcs11c.c
2002-08-07 23:27:58 +00:00
nicolson%netscape.com
3df500a731
Don't link to libhpi.so.
2002-08-07 22:53:01 +00:00
nelsonb%netscape.com
25b06b0922
Fix bug 160207 by changing the error alerts we send for failed decryption.
2002-08-07 20:01:51 +00:00
kaie%netscape.com
a19bf9fc49
b=161379 Fix JavaScript warnings in security code
...
r=ssaux sr=mscott
2002-08-07 14:24:04 +00:00