Граф коммитов

3560 Коммитов

Автор SHA1 Сообщение Дата
jpierre%netscape.com 376c737166 Correctly identify tty on OS/2 - fix for 164420 2002-08-24 13:46:50 +00:00
jpierre%netscape.com 4cb9f34407 Fix for 164403 - make console input work in NSS tools on OS/2 2002-08-24 11:51:42 +00:00
jpierre%netscape.com 1b0f78ea2f Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea 2002-08-24 00:52:47 +00:00
nicolson%netscape.com b00e21219b A FilterInputStream to decode base64-encoded data. 2002-08-23 23:17:00 +00:00
wtc%netscape.com ed0053311b Removed CERT_VerifyCertChain from the export list. Use
CERT_VerifyCACertForUsage instead.
2002-08-23 18:58:52 +00:00
rangansen%netscape.com 21cbbdab2e Removing c++ style comment 2002-08-23 18:31:22 +00:00
rangansen%netscape.com 27bd82d858 Making sure VerifyCACertForUsage checks CRL if usage is statusResponder. Changes reviewed by Bob Relyea 2002-08-23 18:02:10 +00:00
kaie%netscape.com 0470f79669 b=157927 Fix memory leaks in nsNSSCertificate.cpp, fix some compiler warnings, do some cleanup.
r=javi sr=jag
2002-08-23 10:40:27 +00:00
kaie%netscape.com 30f1d04fae b=124624 [RFE]Wording change for SSL, Privacy Pref
r=cotter sr=jag
2002-08-23 10:28:07 +00:00
kaie%netscape.com ff2328481e b=100129 UI: extra space in "Security Error: Domain Name Mismatch" title
r=kaie sr=jag
2002-08-23 10:13:47 +00:00
kaie%netscape.com 9469ea3506 b=142147 Viewing signed message crashes Mozilla, if I did not log-in into the FIPS module
r=javi sr=bryner
2002-08-23 10:10:17 +00:00
kaie%netscape.com becc0ca0bc b=106587 FIPS enabled mode fails when Master PWD is not set.
r=javi/cotter sr=shaver
2002-08-23 10:07:47 +00:00
relyea%netscape.com 98d8818a74 Fix mixing different free calls. PR_smprintf requires PR_smprintf_free() 2002-08-23 02:12:05 +00:00
relyea%netscape.com f03134761b handle attribute types more intellegently. Don't fetch the object for invalid attributes if we don't have to. 2002-08-23 02:11:03 +00:00
wtc%netscape.com 7f6fa6070f Added coreconf config file for Solaris 10 Intel. 2002-08-23 00:33:48 +00:00
wtc%netscape.com de3cc2f10e Bug 164035: checked in a small code optimization suggested by
J�rg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
2002-08-22 18:05:32 +00:00
relyea%netscape.com 617cbb77a3 Add pubwrap with flags 2002-08-22 00:41:41 +00:00
wtc%netscape.com 1b3066fd5c Bug 163863: removed duplicate PORT_Memset calls in CERT_KeyFromDERCert.
Thanks to J�rg Brunsmann <joerg_brunsmann@yahoo.de> for the fix.
2002-08-21 18:05:20 +00:00
relyea%netscape.com fc447dbc65 1) fix crl memory.
2) remove several memory copies in the crl.
2002-08-21 00:09:23 +00:00
kaie%netscape.com 2c3672f406 b=140302 hang when collapsing some ssl-security details
r=javi sr=bryner
2002-08-20 12:51:55 +00:00
relyea%netscape.com a8a45a9d6e Bug 142172
1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
2002-08-19 18:24:58 +00:00
relyea%netscape.com f9a5a2f1e7 use error code in secutil.
Clean up the output.
Print out cert chain parsing issues more completely.
2002-08-16 23:09:02 +00:00
relyea%netscape.com 8afdfba321 Quick and dirty utility to pink SSL servers to see if they are configured
correctly.

NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.

Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
2002-08-16 16:29:18 +00:00
jpierre%netscape.com a6cb806320 Correctly count the number of items in a SEQUENCE OF or SET OF in quickder decoder. Bug found by one of Terry's tests. 2002-08-16 00:05:55 +00:00
nicolson%netscape.com 0a6876533b Fix 162761: PK11_GetKeyGen should work if you pass in a keygen alg.
Make PK11_GetKeyGen an identity function for keygen algs.
2002-08-14 23:57:45 +00:00
kaie%netscape.com c430cd9340 Patch from bug 87902 to fix SSL/TLS logic.
- make TLS intolerant server detection over proxies work
  (this bug 87902)
- on connection failure, only retry without TLS when it is really
  likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
  (see removed comments in patch)
- avoid to confuse programmers reading code,
  by renaming TLSStepUp (which means something else)
  to the correct term STARTTLS (what the code is actually doing).
  (As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
  a warning is shown. If the user decides to cancel,
  network activity should stop immediately.
  (we currently warn multiple times) (bug 87209)

r=javi/darin/ducarroz/dmose sr=alecf
2002-08-14 23:43:28 +00:00
nicolson%netscape.com e293e9c434 Remove try/catch block when loading libjss. This allows any UnsatisfiedLinkError
to get thrown to the application, where it can print it out with all its
information. Also stop checking for jssjava.
2002-08-14 23:00:45 +00:00
nicolson%netscape.com f15db4ddc5 fine-tune javadoc commands. 2002-08-14 22:55:47 +00:00
relyea%netscape.com 8e47db3b48 bug 161552: Make the recipient list traversal functions call the internal
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
2002-08-14 20:42:40 +00:00
antonio.xu%sun.com e5c68f5f9b replace the hardcode of "@mozilla.org/embedcomp/dialogparam;1" with NS_DIALOGPARAMBLOCK_CONTRACTID
Bug 158608 r=Henry sr=alecf
2002-08-14 12:39:03 +00:00
blakeross%telocity.com 4601104a75 Making security dialogs default to off after one viewing *in Phoenix only*. Not part of normal build. 2002-08-13 05:25:34 +00:00
kaie%netscape.com 54e56de249 b=154040 Deleting cert does nothing when key DB has no password
r=relyea sr=alecf
2002-08-13 01:15:05 +00:00
relyea%netscape.com 303d8667f8 Mozilla bug 145228. Clear out buffer to protect agains lazy PKCS #11 modules. 2002-08-13 00:13:48 +00:00
seawood%netscape.com 8ae6c40f5d Removing old nmake build makefiles. Bug #158528 r=pavlov 2002-08-10 07:55:43 +00:00
nelsonb%netscape.com bc507f2bc9 Test the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Also, order
tests so all SSL3 tests are done before all TLS tests.
2002-08-09 22:09:18 +00:00
nelsonb%netscape.com 2429d1642c Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Fix Usage. 2002-08-09 22:06:12 +00:00
nelsonb%netscape.com 088d76c0ff Add support for SSL_RSA_WITH_NULL_SHA. Bug 161529. Fix usage message. 2002-08-09 21:58:28 +00:00
nelsonb%netscape.com 023dda1402 Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. 2002-08-09 21:53:17 +00:00
relyea%netscape.com 2c369a41a8 Handle the switch from the static buffer to the realloc buffer. 2002-08-09 18:48:31 +00:00
relyea%netscape.com b019252683 remove unreferenced Variable. 2002-08-09 18:05:24 +00:00
jpierre%netscape.com 4d78d86372 Add comment about partial CRLs 2002-08-09 07:09:25 +00:00
wtc%netscape.com 2c32d30b8c Bug 148220: removed the unused field 'isFIPS'. 2002-08-08 22:52:14 +00:00
relyea%netscape.com 44c20b212b Bug 607834. save the correct name on so we can reset the database. 2002-08-08 18:02:34 +00:00
kaie%netscape.com 1b18e19429 b=161394 Fix crash in debug builds
r=javi sr=alecf
2002-08-08 14:10:42 +00:00
jpierre%netscape.com cd77147500 Stop referencing deleted quickder.h header 2002-08-08 01:55:34 +00:00
jpierre%netscape.com ad91aa9fdc Updates to quick DER decoder, bug # 161215
Fixes from Terry's review :
- remove quick allocator
- always allocate entry array even if there is 0 entry
- rename DecodeConstructed to DecodeExplicit and use a better test for that case
- other misc small fixes
Also move SEC_QuickDERDecodeItem to secasn1.h
2002-08-08 01:54:38 +00:00
wtc%netscape.com 1bb0a45cea Bug 148220: implements FIPS 198 conformance. r=relyea.
Modified Files: alghmac.c alghmac.h lowpbe.c pkcs11c.c
2002-08-07 23:27:58 +00:00
nicolson%netscape.com 3df500a731 Don't link to libhpi.so. 2002-08-07 22:53:01 +00:00
nelsonb%netscape.com 25b06b0922 Fix bug 160207 by changing the error alerts we send for failed decryption. 2002-08-07 20:01:51 +00:00
kaie%netscape.com a19bf9fc49 b=161379 Fix JavaScript warnings in security code
r=ssaux sr=mscott
2002-08-07 14:24:04 +00:00