367ac2cf5c
Fix crashes that occur when optional policyQualifiers are not present.
...
Bug 230951. r=kinmoz.
2004-01-23 22:50:01 +00:00
77ef0ec709
Bumped version to 1.50 (for NSS 3.10).
2004-01-23 22:15:39 +00:00
e1776d7a4b
RFC 3280 says Name Constraints do not apply to self-issued CA certs,
...
including self-issued intermediate CA certs (so-called "roll-over" certs).
This fixes an NISCC test failure. Bug 231030. r=wtc.
2004-01-23 06:06:06 +00:00
d39242dda7
When a name attribute's value exceeds the maximum allowed length, display
...
a truncated version of it, followed by ellipsis. Bug 220855. r=wtc
2004-01-22 23:45:30 +00:00
c3e741505b
Add -a option for Base64 encoded ASCII input and output.
...
The -i and -o options now understand "-" to mean stdin and stdout.
Usage is displayed when -? or no arguments are given.
Bug 231536. r=relyea.
2004-01-22 22:08:59 +00:00
ab62ea0dcd
Correct NSS's key usage tests for certs with non-RSA public keys.
...
Bug 221638. r=relyea.
2004-01-22 22:04:54 +00:00
abe30316c3
Detect duplicate issuer name and serial number between two temp certs.
...
Bug 230996. r=ian, relyea.
2004-01-22 02:36:53 +00:00
6b4f2582f5
Fix name constraints code to pass NIST PKITS test 38. r=wtc. Bug 231223.
2004-01-22 02:33:41 +00:00
6eb4db4380
Move an extern function declaration to the header file where it belongs.
...
Bug 229212. r=relyea.
2004-01-22 02:19:42 +00:00
1cf2dd38f1
Fix some erronous code that set SEC_ERROR_NO_MEMORY when there had been
...
no memory failure. r=relyea. Bug 231566
2004-01-22 02:17:26 +00:00
6a8f1df53b
Fix bug in cert path length validation. Bug 221644. r=jpierre
2004-01-21 05:32:18 +00:00
3e7249335c
Support GeneralizedTime in NSS tools. bug 210530. r=wtc
2004-01-21 01:15:01 +00:00
14c61e40e0
Use the results from PK11_ProtectedAuthenticationPath(slot) in the
...
password callback function. Bug 229023. r=relyea. verified by submittor.
2004-01-21 00:18:59 +00:00
600d5d5236
Bugzilla bug 229299: fixed unused variable warning. r=nelsonb.
2004-01-20 22:57:40 +00:00
ae8711f043
fix review comment: bug 53133
2004-01-20 19:57:17 +00:00
c7a655b980
Make this code build on Windows as well as Unix.
2004-01-19 01:05:53 +00:00
ea240a20f0
Fix two more incorrect cert names that caused erroneous test results.
...
Bug 231221.
2004-01-17 05:55:20 +00:00
ded78bdcc6
Correct this script to more accurately report errors. Bug 231221.
2004-01-17 05:04:42 +00:00
dde3b2789c
Detect absent isCA flags in basic constraints. Detect and reject negative
...
or too large positive path length constraints in basic constraints.
Bug 221644. r=jpierre.
2004-01-16 21:33:16 +00:00
187f146641
Fix template for Cert policy extensions. Bug 230951, r=jpierre
2004-01-16 05:36:08 +00:00
f0ce21ebbf
Fix NSS parsing of Issuer Unique ID and Subject Unique ID fields in
...
certificate. Bug 216116. r=jpierre
2004-01-16 02:11:44 +00:00
baa193b610
Add vfychain to list of NSS cmds being built nightly. r=wtc. Bug 231025
2004-01-16 02:03:08 +00:00
3180f3e51c
fix comment per review: bug 53133
2004-01-16 01:04:57 +00:00
37d598af3d
Set JSS version to 3.5.
...
Modified Files:
org/mozilla/jss/CryptoManager.java
org/mozilla/jss/util/jssver.h pkg/solaris/Makefile.com
2004-01-16 00:50:21 +00:00
5bf5f4d3d8
Another file, pkg/solaris/Makefile.com, also needs to be updated when we
...
change the JSS version.
2004-01-16 00:48:49 +00:00
e99fda1edc
Minor change after review of previous checkin. Bug 53133.
2004-01-15 22:34:26 +00:00
0d7b150a77
Fix build problems on some platforms.
2004-01-15 16:27:02 +00:00
3104e67dcf
Set NSS version to 3.10 Beta.
2004-01-15 15:08:58 +00:00
b08688fb89
Convert T61String-labeled ISO-8859-1 to UTF-8: bug 53133 r=nelsonb a=wtc
2004-01-15 06:23:14 +00:00
84fa42598b
Add 2 additional OIDs to the list of acceptable digestEncryptionAlgIDs,
...
per RFC 3370. r=thayes. Bug 230761.
2004-01-14 22:20:44 +00:00
760edf0053
Tool to manage pkcs 11 module tests.
2004-01-14 21:34:20 +00:00
b3ec77edc5
Fix double free introduced in rev 1.54. r=wtc. bug 230774.
...
Bug occurs only in NSS utilities that import base64 encoded files, e.g.
with the -a option.
2004-01-14 01:19:26 +00:00
7f0e9e3c69
Bugzilla bug 229289: fixed an unused variable warning. r=relyea.
2004-01-13 01:59:41 +00:00
4ab234b8be
General deCOMtamination of nsIDocument, nsIContent, and nsIFormSubmission. Eliminating nsIAttributeContent, and doing some URL->URI changes. r+sr=peterv@propagandism.org
2004-01-09 23:54:21 +00:00
7305e479fd
Upgraded to NSPR 4.4.1 and NSS 3.9.
2004-01-09 02:34:14 +00:00
04ce1832e8
Bugscape bug 54500: made uniqueNamedKeyExists public.
2004-01-08 18:09:15 +00:00
11aea91a5a
Overload the error code SSL_ERROR_RX_RECORD_TOO_LONG to report SSL2
...
records that are too short. Bugscape bug 54814
2004-01-08 06:52:00 +00:00
ff24f13dc1
Rename PK11_PubDeriveExtended to PK11_PubDeriveWithKDF
2004-01-08 01:37:46 +00:00
c477412c15
Set NSS version to 3.9.
2004-01-08 01:04:56 +00:00
64e1c653c2
Rename PK11_FindSlotsByAliases to PK11_FindSlotsByNames
2004-01-07 23:12:01 +00:00
cec1dc097b
Rename CERT_DecodeTimeChoice/CERT_EncodeTimeChoice to DER_DecodeTimeChoice/DER_EncodeTimeChoice
2004-01-07 23:07:24 +00:00
1f4ab81acd
Continuing to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 13:37:00 +00:00
f0bfff2628
Beginning to land the PACKAGING_20030906_BRANCH for bug 20640. Not part of the build, yet.
2004-01-07 01:22:31 +00:00
aa9d288d07
Fix crashes in NSS_CMSSignedData_GetDigestValue and
...
NSS_CMSContentInfo_GetContent that occur when a detached signature is not
accompanied by the data on which the signature was computed. Bug 229242.
Make NSS_CMSContentInfo_GetInnerContent and NSS_CMSMessage_GetContent
more easily debugged, by storing the results returned by function calls
in automatic variables before using them in subsequent calls/switches.
2004-01-07 00:09:17 +00:00
0e78bb5436
Bug 229193
...
Patch by wtc revied by relyea & ian
2003-12-31 23:19:26 +00:00
cb9dbe008a
Fix the security warning dialogs to work as designed for Firebird:
...
- All dialogs will appear the first time a user encounters them
- The "show every time" checkbox will default to off
- If the user checks the checkbox to see the dialogs every time, the choice will be remembered.
Because of the change in default prefs, this will cause Firebird users to see these dialogs again (but defaulted to not show after that) when upgrading. Bug 172091, r=brendan, sr=ben.
2003-12-31 23:03:08 +00:00
f03919eea5
Set NSS version to 3.9 Beta 6.
2003-12-24 06:22:49 +00:00
21dc9e9b04
Removed unused variable 'val'.
2003-12-23 21:40:52 +00:00
3de8b3b578
Fixed unused variable compiler warning about 'html'. Declare it inside
...
the same ifdef with which it is used.
2003-12-23 21:37:07 +00:00
a0b0269ff5
Removed unused variable 'rawSigLen'.
2003-12-23 21:24:01 +00:00
eddbc41fde
Removed unused variable 'attribute'.
2003-12-23 21:21:39 +00:00
f157b4204b
Include "nsslocks.h" for nss_InitLock.
2003-12-23 02:09:55 +00:00
f7f1d072bd
Declare the argument to SECKEY_ECParamsToKeySize as const.
...
Modified Files: seckey.c pk11skey.c
2003-12-23 02:05:28 +00:00
a7721556a1
Bugscape bug 54500: trim preceding/trailing whitespace from passed-in
...
String arguments.
2003-12-23 01:19:48 +00:00
66c670fbbf
Return a value of the correct type.
2003-12-23 01:03:39 +00:00
d4eb24316c
Fixed a spelling error.
2003-12-23 00:52:06 +00:00
4219037f37
Moved ecl-curve.h from the EXPORTS to the PRIVATE_EXPORTS list.
2003-12-23 00:17:04 +00:00
756f7aff67
Renamed SECKEY_ECParams2KeySize as SECKEY_ECParamsToKeySize. Do not export
...
this function from the nss3 shared library.
Modified Files: seckey.c pk11skey.c nss.def
2003-12-22 23:36:40 +00:00
770fccd41b
Declare the 'input' argument to CERT_DecodeTimeChoice as 'const'. Removed
...
an extraneous semicolon (;) after the SEC_ASN1_CHOOSER_IMPLEMENT macro.
Modified Files: secder.h sectime.c
2003-12-22 23:33:39 +00:00
9600321508
Bugzilla bug 228907: added a stub implementation for the obsolete native
...
function Java_org_mozilla_jss_pkcs11_PK11Cert_getNickname, which is listed
in the symbol export file jss.def.
2003-12-20 15:56:11 +00:00
6a7ea65c54
Some further cleanup of p12d.c. Bugscape bug 52528. r=wtc.
2003-12-20 01:33:06 +00:00
d176a987be
Set NSS version to 3.9 Beta 5.
2003-12-20 00:35:01 +00:00
5532bc074d
Made wincx the last argument of PK11_PubDeriveExtended. r=relyea.
...
Modified Files: pk11func.h pk11skey.c ssl3con.c
2003-12-19 23:54:29 +00:00
f1bf35b807
Impose new limits on RSA public key sizes. 8k bits for modulus,
...
64 bits for public exponent. This prevents certain attacks on SSL
servers. Bugscape bug 54019. r=wtc,relyea.
2003-12-19 23:50:45 +00:00
ae22e439e8
PK11_MoveKey was renamed PK11_MoveSymKey. r=relyea.
...
Modified Files: symkeyutil.c nss.def pk11func.h pk11skey.c
2003-12-19 23:29:43 +00:00
49dcbf8eda
Make database access to the key db thread safe.
2003-12-19 23:24:48 +00:00
77fe7fa8fa
Add keydb lock type. keydb should be locked like the certdb.
2003-12-19 23:24:00 +00:00
52de07bb40
Backed out the previous checkin, which broke our S/MIME QA tests.
2003-12-19 22:54:20 +00:00
b650fd4b68
Bugzilla bug 228624: we need to call STAN_ForceCERTCertificateUpdate if
...
the cert's instances changed. r=relyea.
2003-12-19 22:33:12 +00:00
9305af43fc
Bugscape bug 54627: made the fix for NSS_CMSSignedData_Encode_BeforeData
...
the same as the code in NSS_CMSSignedData_Decode_BeforeData. r=nelsonb.
2003-12-19 22:08:12 +00:00
49a280f7c5
Bugscape bug 54500: Improved the previous checkin: fixed leaks of the
...
return values of PK11_GetSymKeyNickname. Removed unnecessary assignment
statements "symKeyObj = NULL;". Removed an unnecessary else { }.
2003-12-19 19:36:30 +00:00
b8d2b1f69e
Import NSPR 4.4.1.
2003-12-19 17:02:57 +00:00
1138321adf
Bugzilla bug 221133: fixed unused variable warning on some platforms.
...
The patch is contributed by timeless@bemail.org . r=wtc.
2003-12-19 16:35:14 +00:00
691f55297a
Bugscape bug 54500: added some new methods to the SecretDecoderRing
...
KeyManager class. The patch is contributed by Matthew Harmsen of AOL.
Modified Files:
lib/jss.def org/mozilla/jss/SecretDecoderRing/KeyManager.c
org/mozilla/jss/SecretDecoderRing/KeyManager.java
2003-12-19 05:33:50 +00:00
265753bc14
Set JSS version to 3.5 Beta.
...
Modified Files:
org/mozilla/jss/CryptoManager.java
org/mozilla/jss/util/jssver.h
2003-12-19 05:08:34 +00:00
c6bdd51adf
Don't overwrite pointers to existing message digests if they've been
...
precomputed. Bugscape bug 54627. r=wtc, jpierre.
2003-12-19 03:58:28 +00:00
485ad745a6
Bugzilla bug 228907: enable PK11Store.getCertificates to return the correct
...
nicknames for certs with multiple instances. This requires adding a new
nickname argument to the constructors of the various cert classes and
passing a nickname better than NSS's cert->nickname where possible.
r=thomask.
Modified Files:
pkcs11/PK11Cert.c
pkcs11/PK11Cert.java
pkcs11/PK11InternalCert.java
pkcs11/PK11InternalTokenCert.java
pkcs11/PK11Store.c
pkcs11/PK11TokenCert.java
pkcs11/pk11util.h
util/java_ids.h
2003-12-19 00:19:57 +00:00
81fde151dc
Set NSS version to 3.9 Beta 4.
2003-12-18 21:45:34 +00:00
89e653ae9d
Bugzilla bug 228624: made PK11_ListCertsInSlot reach into the Stan layer
...
to obtain the correct nicknames of the cert instances (pk11cert.c). Fixed
the bug that if a cert we want to add the the cache is already in the
cache, we should merge the instances of the cert before destroying the
duplicate cert (tdcache.c). r=jpierre,relyea.
2003-12-18 18:23:17 +00:00
1752cbbaed
Bugzilla bug 219982: removed an unused local variable. (The function call
...
is needed for its side effect.) Thanks to timeless@bemail.org and
Serge GAUTHERIE <gautheri@noos.fr> for the patch. r=wtc.
2003-12-17 22:43:25 +00:00
ab2738ede9
Allow NSS_CMSDigestContext objects to be created, even when there are
...
no valid digest algorithm OIDs. This allows "certs only" messages to
be decoded. Bugzilla bug 228707. r=jpierre, wtc.
2003-12-17 03:49:10 +00:00
704e59f314
Bugzilla bug 228618: fixed an incorrect use of realloc. Fixed an unused
...
variable compiler warning. r=jpierre.
2003-12-16 04:24:57 +00:00
76d85c560b
Fix S/MIME bugs that caused parallel arrays of digest OIDs and digest
...
values to become out of sync. Bugscape bug 54256. r=relyea.
Modified Files: cmd/smimetools/cmsutil.c lib/smime/cmsdigest.c
2003-12-12 23:55:06 +00:00
2011673dcb
Fix for 54061 . Return SEC_ERROR_INVALID_ARGS and remove assertions . r=wtc,misterssl
2003-12-12 21:42:02 +00:00
aa4638806c
fixes bug 228062 "NTLM authentication fails with mod_ntlm, mod_ntlm reports 'missing/corrupt NTLM header'" r+sr=bryner a=dbaron
2003-12-12 02:58:42 +00:00
1de1d0f5fb
fix 227991, nsNSSCertificateDB::AddCertFromBase64 crashes (only used from auto config), r=kaie, sr=mscott, a=sspitzer
2003-12-11 16:02:08 +00:00
d4d04655e1
CERT_ImportCerts now returns SECFailure when NONE of the certs was succesfully imported. r=wtc. Bugscape bug 54311.
2003-12-06 06:52:53 +00:00
e537bc9692
__CERT_AddTempCertToPerm will now set error SEC_ERROR_ADDING_CERT
...
when attempting to make a cert perm that is already permanent.
Bugzilla bug 227559. r=wtc
2003-12-06 06:46:27 +00:00
8704f98c04
NSC_Finalize will now destroy 3 softoken free lists and one more
...
global pointer. Plugs some memory leaks. Bugscape bug 54301. r=wtc
2003-12-06 06:41:51 +00:00
c905879d28
Add /FIXED:NO argument to linker command line for EXEs. Purify
...
requires this to precisely instrument EXEs. r=wtc
2003-12-06 06:34:20 +00:00
ec6dec704f
Add new -k option to NSS QA test program cmsutil. By default, cmsutil
...
will no longer add any decoded certs to the cert db file, which is
useful for reproducibility of results in QA scripts.
Bugscape bug 54293. r=relyea,jpierre,wtc
2003-12-06 06:31:08 +00:00
a0deea3e3a
Bugzilla bug 227296: fixed the bug that NSS_CMSAttribute_AddValue adds the
...
address of a stack variable to the attr->values array. Added a new
function SECITEM_ArenaDupItem. r=nelsonb.
Modified Files:
nss/nss.def util/secitem.c util/secitem.h smime/cmsarray.c
smime/cmsattr.c
2003-12-06 01:16:50 +00:00
0515e55abf
Further simplification and improvement of the parsing of UTCTime
...
and GeneralizedTime to avoid UMRs. Bugscape bug 54198. r=wtc
2003-12-05 04:53:28 +00:00
87fc420381
NSS_CMSContentInfo_Destroy()
...
- The patch destroys the digest context member of the CMSContentInfo.
It calls the previously unused function NSS_CMSDigestContext_Cancel
to destroy the digest context. Eliminates an object reference leak.
Bugscape bug 54208, r=relyea
2003-12-04 00:39:24 +00:00
288de30d7f
In functions NSS_CMSSignedData_Encode_AfterData and
...
NSS_CMSSignedData_Decode_AfterData
- These functions call NSS_CMSDigestContext_FinishMultiple, which
always destroys the digest context, regardless of whether it returns
SECSUccess or SECFailure. So, change these functions to always NULL
out the context pointer regardless of the returned value.
NSS_CMSSignedData_VerifySignerInfo()
- Always call NSS_CMSSignerInfo_Verify() to set the verification status
in the signerinfo object, even if some of the other arguments are NULL,
or other failures have occurred, but avoid NULL pointer dereferences
along the way. Notice that this change is dependent on changes to
NSS_CMSSignerInfo_Verify() (see below.)
NSS_CMSSignedData_SetDigests() - skip over missing digests. Don't fail
the function, and don't crash, if digest pointers are NULL.
Bugscape bug 54208, r=relyea
2003-12-04 00:36:47 +00:00
39b3925b9d
Functions NSS_CMSDigestedData_Encode_AfterData and
...
NSS_CMSDigestedData_Decode_AfterData
- Since NSS_CMSDigestContext_FinishSingle always destroys the context,
regardless of whether it returns SECSuccess or SECFailure, these
functions have been changed to always NULL out the context pointer
after calling NSS_CMSDigestContext_FinishSingle, regardless of the
outcome.
Bugscape bug 54208, r=relyea
2003-12-04 00:35:02 +00:00
a4b319833e
There is a lot of "cleanup" in this file, wrapping source at 80 columns.
...
The relevant fixes for this bug include:
NSS_CMSDigestContext_StartMultiple()
- make sure that cmsdigcx->digcxs and cmsdigcx->digobjs are initialized.
- at the "loser" label, be sure to free the digest context itself.
NSS_CMSDigestContext_Cancel()
- after destroying all the objects, free the arrays of pointers to the
objects, and the digest context itself. Previously these items were
leaked by this function.
NSS_CMSDigestContext_FinishMultiple()
- ensure that this function ALWAYS destroys all the NSS digest objects,
and doesn't stop destroying them if it encounters an error. Note that
this is a newer revision of an older patch for that problem.
- always Free the arrays of pointers used in this object.
NSS_CMSDigestContext_FinishSingle()
- simplify this code.
Bugscape bug 54208, r=relyea
2003-12-04 00:32:18 +00:00
87f679f22f
NSS_CMSSignerInfo_Verify()
...
- This function is changed to explicitly allow some of its input arguments
to be NULL. It will set the verification status in the CMSSignerInfo
object accordingly. Since this is the ONLY function that ever sets the
verification status, it must be able to do so even when problems have
occurred.
- lots of cleanup of this source code.
Bugscape bug 54208, r=relyea
2003-12-04 00:29:31 +00:00
595bef62f1
Add null pointer checks to nss_cms_after_end and NSS_CMSEnvelopedData_Decode_AfterData. Bugscape bug 54061. r=wtc,relyea
...
Lots of code "cleanup" (reformatting for 80 columns) in cmsdecode.c
2003-12-04 00:14:24 +00:00
4261b30e83
Avoid UMRs in dertime.c. Bugscape bug 54198. r=wtc.
2003-12-03 04:03:40 +00:00
1a4d392dcf
Fix for 54061 - null pointer check . r=nelsonb
2003-12-03 02:42:08 +00:00
8dfbb57876
Bugscape bug 54021: in CERT_FindSubjectKeyIDExtension, if PORT_NewArena
...
fails we should return SECFailure. Document that the return values of
CERT_GetCommonName and NSS_CMSSignerInfo_GetSignerCommonName must be freed
with PORT_Free. r=nelsonb.
Modified Files:
certdb/alg1485.c certdb/cert.h certdb/certv3.c smime/cms.h
smime/cmssiginfo.c
2003-12-03 00:09:05 +00:00
f35f2c3708
Separate locale version from Mozilla version so we do not have to bump locale version for every release. b=226377 r=kairo, bsmedberg sr=ben a=asa
2003-12-02 23:22:11 +00:00
52158427da
Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb
2003-12-02 05:46:27 +00:00
9383aa4e6e
Fix for 54088 . Don't try to encode attributes with no value. r=wtc
2003-12-02 05:05:30 +00:00
684a62349d
Bound stan error stack at 16 error codes to limit growth.
...
Bugscape bug 54021. r=wtc.
2003-12-02 02:05:47 +00:00
fb221f5058
Reverted to NSPR 4.3 until Sun has NSPR 4.4.1 binary distributions.
2003-11-28 05:41:42 +00:00
3831fe52a1
Detect invalid input buffer lengths, and return error instead of UMR>
...
Bugscape bug 54021. r=wchang0222
2003-11-27 05:08:20 +00:00
45d0142b79
Fix leak in CERT_FindSubjectKeyIDExtension, and use the Quick DER
...
decoder. Bugscape bug 54021. r=jpierre
2003-11-27 05:06:20 +00:00
26c03108b1
Upgraded to NSPR 4.4.1.
2003-11-27 01:43:15 +00:00
f2932f6e38
Clean up some arithmetic used for UCS4. Detect when UCS2 and UCS4
...
buffers have invalid lengths. Bugscape bug 54021. r=whang0222, relyea
2003-11-27 01:08:59 +00:00
25e490c787
Bugzilla bug 226861: removed NSS_CMSSignedData_GetDigestByAlgTag, which is
...
a duplicate of NSS_CMSSignedData_GetDigestValue. r=nelsonb.
Modified Files: cms.h cmssigdata.c
2003-11-26 23:50:02 +00:00
a0f6f0dea3
In NSS_CMSSignedData_VerifySignerInfo(), test all returned pointers
...
for NULL before attempting to dereference them.
Bugscape bug 54057. r=wchang0222
2003-11-26 22:02:38 +00:00
c8d02d5f8b
Performance enhancement. Detect absurdly large modulae in public keys,
...
and don't waste time on them. Bugscape bug 54019. r=relyea.
2003-11-26 06:26:31 +00:00
512f1560b2
Remove an unnecessary and incorrect assert call.
...
Bugscape bug 54018. r=jpierre
2003-11-26 06:16:01 +00:00
a458b641ae
This patch reduces the scope of many variables in cmsutil's decode function. It frees the signer's CN string after use.
...
Bugscape bug 54021. r=jpierre
2003-11-25 23:26:39 +00:00
adc6c275b6
fixes bug 226639 "send NegotiateAlwaysSign in NTLM type 1 message to make NetApp/6.3.3 happy" r+sr=bryner a=dbaron
2003-11-25 02:12:41 +00:00
251f8a47fb
Bugzilla bug 226470: removed -qarch=com, which is the default for the
...
compiler. r=pkw@us.ibm.com .
2003-11-24 19:45:18 +00:00
10c3b4308c
Bugzilla bug 226470: use a C compiler rather than a C++ compiler to compile
...
C code. The patch is contributed by Philip K. Warren <pkw@us.ibm.com>.
2003-11-22 06:45:50 +00:00
50b6382c60
Don't invoke PKCS11 with an invalid handle. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:10:56 +00:00
a7dd9b1bf2
Remove an overreaching constraing on modulus length. Bug 226285.
...
r=relyea sr=wchang0222
2003-11-21 22:09:27 +00:00
3188a9ceb1
Implement new "batch mode" (see the -b option). Plug some leaks.
...
Facilitates memory leak testing of the SMIME library.
This revision combines the patches for Bugzilla bug 225513 and
Bugscape bug 53775. r = relyea and wchang0222
2003-11-20 02:33:18 +00:00
f90a628dd9
Don't accept ASN.1 items whose length is 2GB or more.
...
Bugscape bug 53875. r=wchang0222 and r=relyea.
2003-11-20 02:08:34 +00:00
59a1ced121
Dont attempt to allocate 2GB or more from an arenapool.
...
Bugscape bug 53875. r=relyea.
2003-11-20 02:06:16 +00:00
e0674b83b2
Remove as assertion that is triggered by bad data input, but does not
...
indicate a code flaw. Bugscape bug 53875. r=relyea
2003-11-20 02:04:07 +00:00
726f43bce3
Be sure not to ask NSS to use an invalid PKCS11 mechanism.
...
Bugscape bug 53875. r=relyea.
2003-11-20 02:00:04 +00:00
446d11f275
Plug a leak that occurs when code asks NSS to use an invalid PKCS11
...
mechanism. Bugscape bug 53875. r=relyea
2003-11-20 01:59:07 +00:00
c1a8384a29
fix two "might be used uninitialized" warnings from NTLM patch, bug=224653.
2003-11-19 05:00:43 +00:00
b2fe1655e5
near total rewrite of PK11_ParamFromAlgid to eliminate leaks.
...
Partial fix for Bugscape bug 53875.
2003-11-19 03:23:41 +00:00
873eed9a1b
Bugzilla bug 222568: fixed a bug introduced in rev. 1.54.
2003-11-19 01:38:26 +00:00
920e86ba81
Turns out that we can use a space to separate directories in a vpath
...
directive. This works cross platform.
2003-11-19 01:12:31 +00:00
3d05b2e562
Fix bugs in the new implementation of URI name constraints.
...
Bugzilla Bug 221616.
2003-11-19 00:56:59 +00:00
b10d68b98a
Removed the declaration and a comment about PK11_FreeSlotCerts, which was
...
deleted in NSS 3.4.
Modified Files: pk11func.h pk11slot.c
2003-11-19 00:14:04 +00:00
fff129fc2a
Fix unnecessary assertion failures occuring in SMIME testing in
...
debug builds only. Partial fix for bugscape bug 53775. r=wchang0222
2003-11-18 06:16:26 +00:00
51b6dc57ae
revert part of last checkin.
2003-11-18 05:57:28 +00:00
321a365a86
attempting to fix IRIX bustage
2003-11-18 05:56:08 +00:00
b4d414ff1a
Most platforms use ':' as path separator, but OS/2 uses ';'. So we use
...
vpath directivies that specify a single directory to avoid dealing with
path separator.
2003-11-18 04:04:05 +00:00
5fb0075b24
fixes bug 224653 "provide cross-platform NTLM auth implementation" r=kaie sr=bryner
2003-11-18 02:20:34 +00:00
c62571d17d
Set NSS version to 3.9 Beta 3.
2003-11-18 00:57:26 +00:00
6dda3d9c41
Bugzilla bug 224707: added Linux HPPA support. The patch came from the
...
Debian Mozilla package (maintainer is Takuo KITAME <kitame@debian.org>).
2003-11-16 00:10:16 +00:00
3a0fc1c3c4
Removed an extraneous character (`) after #endif.
2003-11-15 16:16:33 +00:00
c31daf7e42
Removed an extraneous comma (,) at the end of an enum type definition.
2003-11-15 16:15:01 +00:00
c4fe475028
Detect empty emailAddr strings in CERTCertificate. Bugzilla bug 211540.
2003-11-15 00:15:28 +00:00
2bbf4a1e89
Detect empty emailAddr strings in CERTCertificates. Bugzilla bug 211540.
...
Modified Files:
cmd/dbck/dbck.c cmd/signtool/util.c lib/certdb/certdb.c
lib/certdb/stanpcertdb.c lib/pkcs7/p7decode.c lib/pki/certificate.c
lib/pki/pki3hack.c lib/smime/cmssiginfo.c lib/softoken/pkcs11u.c
2003-11-15 00:10:01 +00:00
8b98f3daad
Fix windows breakage.
2003-11-14 18:06:50 +00:00
9d169ea136
Add symkeyutil to the manifest file
2003-11-14 03:27:23 +00:00
6edd6fc183
New tool to manage fixed keys in the database.
2003-11-14 03:26:47 +00:00
c30b6976e6
Changes for symkey support.
2003-11-14 03:25:52 +00:00
9ffa2f5ec9
Bugzilla bug 225619: fixed memory leaks.
2003-11-14 01:42:51 +00:00
fb034545bc
Bugzilla bug 225626: need to allocate PORTArenaPool rather than PLArenaPool
...
for the 'arena' member of CERTVerifyLog. Fixed memory leaks on an error
path.
2003-11-14 01:41:15 +00:00
47741668f0
Set JSS version to 3.4.2 Beta 2.
...
Modified Files: CryptoManager.java util/jssver.h
2003-11-14 01:37:04 +00:00
ff71ba8afd
Upgraded to NSS_3_7_9_RTM (from NSS_3_7_8_RTM).
...
Modified Files: manifest.mn org/mozilla/jss/CryptoManager.java
2003-11-13 23:39:46 +00:00
816f550813
Fix 225615: memory leak in SSLSocket.socketConnect.
2003-11-13 23:10:13 +00:00
e38d0f38ac
Fix bugzilla bug 225301. r=jpierre. This patch does the following:
...
1. Fixes the Usage message to document the command line options.
2. Changes the "decode" function to
a) report an error on bad signatures, only when decoding the input file,
not when decoding an ancillary "enveloped file".
b) only output the contents of the "detached content" file (-c option)
when that file's content was actually used in the computation.
3. Sundry other cleanup and added comments.
2003-11-13 23:03:12 +00:00
901d06bf68
Fixed a comment error. r=relyea.
2003-11-13 16:21:46 +00:00
e395b0a792
Bugzilla bug 225373: the return value of CERT_NameToAscii must be freed
...
with PORT_Free.
Modified Files:
cmd/lib/secutil.c cmd/selfserv/selfserv.c
cmd/signver/pk7print.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c lib/certdb/cert.h
2003-11-13 16:10:45 +00:00
698d18e57c
Workaround race. Reduce leaks. Not a real fix. Bugzilla bug 225525.
2003-11-13 03:41:32 +00:00
280ac7db5a
Bugzilla bug 225259: link NSS dynamic shared libraries with the
...
-headerpad_max_install_names option. r=ccarlen, sr=sfraser.
2003-11-13 01:59:22 +00:00
213fc9e160
Added a comment to note a question I had while reviewing the code.
2003-11-12 23:25:33 +00:00
077a1507e3
Eliminate some leaks in Stan cert code.
...
Partial fix to bugscape bug 53573.
2003-11-11 21:46:53 +00:00
22c35687f1
Eliminate a cert leak. Patch is Bob Relyea's.
...
Parial fix for Bugscape bug 53573.
2003-11-11 21:45:48 +00:00
bc4bdefabb
Fix crash in certutil if usage is omitted
2003-11-11 00:01:32 +00:00
b6b661b262
Repair error case for DH code in previous patch.
2003-11-07 16:21:40 +00:00
41cf12eef3
Verify Parameters from the user before passing it on to freebl. r=nelson
2003-11-07 03:38:59 +00:00
774ace3846
Add defines for DH and RSA key limits
2003-11-07 03:36:33 +00:00
b92041f55c
Correct the validity checks on certain ASN.1 objects, allowing some that
...
were previous disallowed, and vice versa. Bug 53339.
2003-11-07 01:41:22 +00:00
8f9e2674d3
Fix some bugs in the code that formats OIDs for printing.
...
Bugscape bug 53334.
2003-11-06 02:02:32 +00:00
b731d32dbb
Grow handshake message buffer once per message, not once per each message
...
segment received. Bugscape bug 53418.
2003-11-05 06:22:57 +00:00
c2d639aa9f
Set NSS version to 3.9 Beta 2.
2003-11-04 05:52:51 +00:00
cb4b243066
Fix numerous errors (mostly off-by-1 errors) in the code that formats
...
and prints certs and CRLs. This code is common to certutil and pp.
Bug 222568 r=nicholson (for this portion).
2003-11-04 02:16:42 +00:00
f0ab5a779e
Better cleanup. Plug leaks in pp. bug 222568. r=nicolson (this part).
2003-11-04 01:51:54 +00:00
3e23562169
Rename get_oid_string to CERT_GetOidString and export it. Also, export
...
CERT_DestroyOidSequence. bug 222568. r=jpierre (for this portion).
2003-11-04 01:48:39 +00:00
4be366b3cf
Fix missing cx param problem (223041, r=caillon, sr=dbaron).
2003-11-03 04:26:55 +00:00
816b00b6cc
Fix for bug 224231 (Need AppendASCIItoUTF16). r=jst, sr=dbaron.
2003-11-01 10:57:41 +00:00
db80db9956
Bugzilla bug 223624: fixed the compiler warning that case ecKey is not
...
handled in the switch statement. r=nelsonb.
2003-11-01 05:17:16 +00:00
201c406020
Remove one unnecessary transition from the SSL3 state machine.
...
Reduce the number of reallocations of the SSL3 handshake message buffer.
Bugscape bugs 53287 and 53337
2003-10-31 07:01:05 +00:00
1ca2f7bff1
Enable generation of DES2 keys with mechanism CKM_DES2_KEY_GEN. Bug 201521
2003-10-31 02:33:16 +00:00
74bf975468
Correct the code that detects DES2 keys based on their lengths. Bug 201521
2003-10-30 22:31:09 +00:00
d20b923bd7
Fix for 223494 - cmsutil signing does not work with hardware tokens. r=wtc, relyea
2003-10-28 02:34:15 +00:00
624f671470
Bugzilla bug 223624: declare pk11_FindAttrInTemplate before it is used.
...
r=nelsonb.
2003-10-25 14:10:11 +00:00
c96d1ed9b5
Bugzilla bug 223624: use PR_MAX to avoid redefining MAX, a macro commonly
...
defined in system headers. r=nelsonb.
2003-10-25 14:08:31 +00:00
31dbf3bf9f
Bugzilla bug 223624: removed an extraneous format string for fprintf.
...
r=nelsonb.
2003-10-25 14:05:08 +00:00
ab5ecc5b5c
Bugzilla bug 223624: node->error is a 'long', so it should match a %ld
...
format. r=nelsonb.
2003-10-25 14:01:43 +00:00
ded6578ea5
Initialize crlHandle . r=wtc
2003-10-25 00:41:14 +00:00
95d6c3f26e
Require DES, DES2 and DES3 keys to have correct length in all cases.
...
Expand DES2 keys to be DES3 keys when used with DES3 mechanisms.
Bug 201521.
2003-10-25 00:12:34 +00:00
ec00f34485
Bugzilla bug 173715: fixed a crash in OCSP. We incorrectly assumed that
...
'addr' was the last IP address of the host when PR_EnumerateHostEnt
returned 0 and attempted to connect to 'addr', resulting in an assertion
failure in PR_Connect. The fix is to not use 'addr' when
PR_EnumerateHostEnt returns 0. r=relyea.
2003-10-24 17:17:37 +00:00
ba7cb76b6a
Removed the nonexistent directory 'rngtest' from DIRS.
2003-10-24 06:22:58 +00:00
7cba11a0bb
Removed nonexistent directory "crypto" from DIRS.
2003-10-24 05:29:08 +00:00
24e7c95246
Bugzilla bug 223427: added a note section so that the linker knows we're
...
not executing off the stack. This patch is received from Christopher
Blizzard of Red Hat <blizzard@redhat.com>.
2003-10-24 04:47:23 +00:00
d39df80ec1
try forcing the bourne shell to execute the command line.
2003-10-23 22:01:55 +00:00
a0e219b348
deCOMtaminate nsIDocument by changing methods to use return value instead of out-params, eliminating unused nsresult return values, moving some members to nsIDocument and inlining the getters/setters. Bug 222134, r=bzbarsky, sr=jst.
2003-10-22 06:09:48 +00:00
b0e7253075
more debugging info.
2003-10-22 04:08:17 +00:00
2e23dc9849
Bugzilla bug 222065: fixed a bug (inside #ifdef WINNT) introduced in the
...
previous checkin.
2003-10-22 01:00:10 +00:00
de3d3fbf61
Re-land patch for bug 83536, merging principal objects.
...
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
2003-10-21 22:11:49 +00:00
1a5bf9ea5d
NIST PKITS tests:first checkin, without CRLS:bug 177398:six sections implemented
2003-10-21 21:35:04 +00:00
648771bdd9
fix 221329 add ability to add root certs from autoconfig js, r=misterSSL@aol.com, sr=sspitzer
2003-10-20 15:00:17 +00:00
38375e8faf
Add new -N option, which completely suppresses the initialization and use
...
of the SSL server session ID cache. Used to test the fix for bug 222726.
2003-10-19 05:18:11 +00:00
7b5ce7e5c8
Put the NSS 3.9 block back in ASCII sorting order, AGAIN.
2003-10-19 04:41:20 +00:00
9c532ab8ec
When the SSL_NO_CACHE option is set on an SSL server socket, don't touch
...
the server session cache AT ALL. Bug 222726
2003-10-19 01:55:50 +00:00
edd5736597
Declare SSL_NO_STEP_DOWN option. Partial fix to bug 148452.
2003-10-19 01:31:41 +00:00
f8af4da928
SSL_ShutdownServerSessionIDCache no longer leaks the cache memory.
...
Bug 222065. r=wchang0222
2003-10-19 01:25:10 +00:00
07e3c65080
bug 154927 - automate localeVersion updates based on milestone.txt - we'll now create all those files during compile time from .in files, r=leaf, sr=bz
2003-10-18 17:54:07 +00:00
74ffbef42d
221067 NSS needs to be able to create token symkeys from unwrap and derive.
2003-10-18 00:38:04 +00:00
c78198ebda
Detect buffer overruns caused by flawed application-supplied callbacks,
...
and avoid crashing due to them. Bugscape bug 52528. r=wchang
2003-10-17 21:12:13 +00:00
3d25bd9959
Incorporate WTC's review comments..
2003-10-17 17:56:56 +00:00
e929b84d2a
missed SSL ECC test files in last checkin
2003-10-17 14:10:18 +00:00
0028f943d4
ECC code landing.
...
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
2003-10-17 13:45:42 +00:00
2019c55137
Put the NSS 3.9 block in ASCII sorting order.
2003-10-17 05:45:19 +00:00
7ef01f4ada
Bug 156770 When we do a file import and give a bad password we get wrong errors back
...
When we fail to decode based on a bad password, don't continue.
So once we've tried failed to decode a ANS.1 stream, don't continue collecting
more data.
On microsoft.pfx files, we would wind up decoding to the end of the encrypted
stream, then fail in the padding in PKCS #7 . This code bypasses this problem by
making sure we don't continue to try to decode data once we've hit a bad
password failure.
2003-10-16 23:49:15 +00:00
9671bb6586
More debugging information.
2003-10-16 22:17:00 +00:00
6fb084ae36
Bug 220106 @mozilla.org/security/nsCertTree;1 doesn't null check mTreeArray
...
r=kaie sr=bz
2003-10-16 15:33:56 +00:00
e75c04e1c1
Bug 220230 Change PSM preferences windows behaviour to be more consistent with the rest of the Preference windows
...
patch by borggraefe@despammed.com r=kaie sr=bienvenu
2003-10-16 15:26:28 +00:00
58b44ccb0c
Try * instead of . to get zip to grab all the contents of a directory.
2003-10-16 03:28:19 +00:00
8968621f4c
Fix for bug 222180 . remove redundant code
2003-10-15 01:40:10 +00:00
1d1e003b2c
Fix for bug 222180 . Change to quick decoder . r=wtc
2003-10-15 01:34:22 +00:00
bb642e9de3
Eliminate redundant function declarations. Bug 208854. r=wchang0222
2003-10-14 17:44:33 +00:00
b80fd62f5d
Fix tinderbox breakage
2003-10-12 22:55:09 +00:00
09c79e0878
Try to get zip working properly on the Windows build machines.
2003-10-12 20:21:04 +00:00
55ecb1638f
Correctly handle a NULL moduleSpecList. Bug 220217.
2003-10-11 01:49:24 +00:00
c7195e7f01
This file has been dead code since NSS 3.4 released, if not sooner.
2003-10-11 01:10:51 +00:00
4b274eadf6
Fix for bug 221743 - incorrect certificate usage macro
2003-10-10 23:22:31 +00:00
6feb3bc391
Bug 191467
...
Multipart signing and verifying broken for several mechanisms in softoken
Reporter: Andreas.Sterbenz@sun.com (Andreas Sterbenz)
sr=nelsonb
2003-10-10 15:32:26 +00:00
da0e767ef3
Bug 203866
...
Make unloaded modules visible for administrative purposes.
sr=wtc r=nelson
2003-10-10 15:29:43 +00:00
d9ea331302
Bug 203866. Make unloaded modules visible for administrative purposes.
...
sr=wtc r=nelson
2003-10-10 15:26:23 +00:00
40a30d219e
Change ';' to '&&' so the command fails if any of the subcommands fails.
...
Print out the return value of the command.
This is to debug a problem where the zip file is not being created on windows.
2003-10-09 22:39:54 +00:00
6c37cf315f
fix bug 203450
...
jarevil.c:345: warning: implicit declaration of function \
`__CERT_AddTempCertToPerm'
Obviously missing a declaration somewhere.
r=jpierr, wtc
2003-10-09 22:17:04 +00:00
8e693bd25b
Fix for bug 55898 - print name of certificate causing failure in certutil . r=wtc
2003-10-08 01:00:37 +00:00
297c871d38
Eliminate one of several redundant OID table lookups. Bug 207033.
2003-10-07 17:19:55 +00:00
da831f0be3
Eliminate unnecessary copying of CA names in HandleCertRequest.
...
Bug 204686.
2003-10-07 02:24:01 +00:00
b4001cf1b8
The "valid CA" trust flag now overrides other CA cert checks.
...
Works for SSL client as well as other usages. Bug 200225
2003-10-07 02:17:56 +00:00
0af05aaf1a
Export new function PK11_ExportEncryptedPrivKeyInfo. Bug 207033.
2003-10-07 01:29:32 +00:00
7c3772d3d7
Create new function SECKEYEncryptedPrivateKeyInfo which is just like
...
SECKEYEncryptedPrivateKeyInfo except that it identifies the private
key by a private key pointer, rather than by a certificate. Bug 207033.
2003-10-07 01:26:38 +00:00
adf3bd4810
Make tstclnt work with IPv6 addresses. Bug 161610.
2003-10-06 23:50:11 +00:00
4bb3ccc8bd
Check for presence of secmod.db file prior to acting on it, for all
...
cases except "multiaccess:". Bug 220217. r=relyea
2003-10-06 23:33:03 +00:00
96a4f8926a
Detect Zero length certs and zero length CA names. Bug 204686.
...
Also, eliminate unnecessary copying of incoming certs.
2003-10-03 02:01:18 +00:00
470c7c30c0
Bug 220963: need to handle the possibility that symKey may be NULL before
...
dereferencing it.
2003-10-01 23:01:46 +00:00
64c44a50f4
Fix for bug 141882 - convert email query keys to lowercase when searching . r=wtc
2003-09-30 02:33:40 +00:00
58d2922f0d
Fix for bug 94413 - OCSP needs more fine tuned error messages. r=wtc
2003-09-30 01:18:55 +00:00
cd60efa8ac
Updating my email address
2003-09-29 06:04:02 +00:00
fd6bfd34f5
Move a brace so vi will find the beginning of the function.
2003-09-27 01:45:35 +00:00
7a8c91801a
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-27 00:01:45 +00:00
b220af50ec
Fix for bug 219539 - support GeneralizedTime in NSS tools
2003-09-26 06:18:40 +00:00
2fb81c5b8c
Don't use windowed exponentiation for small public exponents.
...
Speeds up public key operations. Path contributed by
Sheueling Chang Shantz <sheueling.chang@sun.com>,
Stephen Fung <stephen.fung@sun.com>, and
Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
2003-09-26 02:15:12 +00:00
9aa0859dc2
Correct an inaccurate log message.
2003-09-25 21:40:02 +00:00
53b39d4951
Fix typo
2003-09-25 00:25:06 +00:00
5277304f0b
Bugzilla bug 216117: added a TokenProxy member to the PK11Cert class to
...
store the slot pointer for the certificate *instance*. This slot pointer
is not necessarily cert->slot. Try to get the correct slot pointer for a
cert instance where possible. This patch helps us handle multiple
instances of the same cert better.
Modified Files:
PK11Finder.c pkcs11/PK11Cert.c pkcs11/PK11Cert.java
pkcs11/PK11InternalCert.java pkcs11/PK11InternalTokenCert.java
pkcs11/PK11Store.c pkcs11/PK11Token.c
pkcs11/PK11TokenCert.java pkcs11/pk11util.h
provider/java/security/JSSKeyStoreSpi.c ssl/SSLServerSocket.c
ssl/callbacks.c ssl/common.c ssl/jssl.h util/java_ids.h
2003-09-24 22:20:15 +00:00
f633274323
Fix usage message to list all commands. Also, fix a few lines of
...
code that did not follow the file's convention for indentation.
Bug 203870.
2003-09-24 21:49:49 +00:00
9907123463
Bugzilla bug 220209: fixed a cert reference leak in
...
JSSL_CallCertSelectionCallback if the PK11_FindKeyByAnyCert call fails.
2003-09-24 21:07:17 +00:00
f64cfc45de
Deleted unused code.
2003-09-23 22:56:46 +00:00
4e2ed74884
Set JSS version to 3.4.2 Beta 1.
...
Modified Files: CryptoManager.java util/jssver.h
2003-09-23 20:57:15 +00:00
84a7421314
Fix bug 204549. Properly handle memory allocation failures.
2003-09-23 20:47:43 +00:00
ea9c7b9cf1
Bugzilla bug 204549: find_objects_by_template was not setting *statusOpt
...
before one return statement. r=nelsonb.
2003-09-23 20:34:15 +00:00
3ecdf5b682
Correctly compute certificate fingerprints. Bug 220016.
2003-09-23 02:05:47 +00:00
cacf90504b
Fix for 215182 - certutil prints incorrect nickname. r=wtc
2003-09-23 00:10:54 +00:00
54ba648af3
Bugzilla bug 219756: fixed a CERTCertificate reference leak.
2003-09-20 00:27:30 +00:00
ff0ab0d5e6
Bugzilla bug 219713: fixed build bustage on all Unix platforms. We need
...
to export CERT_TimeChoiceTemplate as data for Unix.
2003-09-19 18:00:48 +00:00
c1f8a20c18
Fix for 219082 - support GeneralizedTime in PKCS#7 signatures. r=nelsonb, sr=wtc
2003-09-19 04:16:19 +00:00
41dfa35b34
Fix for 219524 - support GeneralizedTime in S/MIME v3 signatures. r=wtc, sr=nelsonb
2003-09-19 04:14:50 +00:00
c54ab44432
Fix for bug 143334 : add support for GeneralizedTime in certificates and CRLs. r=wtc,nelsonb
2003-09-19 04:08:51 +00:00
06f53aa46d
Fix for 215214 - make certutil show all instances of certs . r=wtc
2003-09-18 02:00:32 +00:00
fca2dd1924
The isOnList function is now unused.
2003-09-18 01:28:52 +00:00
81af9c614e
Fix for bug 215186 - add missing options to PK11_ListCerts . r=wtc
2003-09-18 00:22:18 +00:00
2317ba9006
Bugzilla bug 124958: added support for pthreads on OpenBSD. The patch is
...
contributed by Mats Palmgren <mats.palmgren@bredband.net>. r=wtc.
2003-09-16 20:50:50 +00:00
b92b8f3328
When calling windres, use a temp file to work around resource issues.
...
Bugzilla bug #213281 . The patch is contributed by cls@seawood.org . r=wtc
2003-09-15 20:34:55 +00:00
2d02a55087
Add comment in the header for PK11_FindSlotsByAliases
2003-09-12 22:11:31 +00:00
78933c07aa
Bugzilla bug 215152: removed redundant pointer tests. Use
...
SEC_ERROR_LIBRARY_FAILURE for NSS internal errors.
2003-09-12 20:01:56 +00:00
00bfcc6ae5
Bugzilla bug 217247: improved the memory leak fix for the appData nicknames
...
returned by PK11_ListCerts. Instead of allocating them from the heap first
and copying to the arena, allocate them from the arena directly. r=jpierre
Modified Files: certhigh.c pk11cert.c pki3hack.h pki3hack.c
2003-09-12 19:38:04 +00:00
3e12ba21f2
Bugzilla bug 214535: fixed a recursive dead lock on cache->lock. We must
...
not call nssSlot_IsTokenPresent while cache->lock is locked because
that function may call nssToken_Remove, which locks cache->lock. r=mcgreer
2003-09-12 19:17:15 +00:00
8989a2213a
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-11 20:32:33 +00:00
a89f8f7ab1
Bugzilla bug 215581: build with GCC 3.2.2 for OS/2. The patch is
...
contributed by Javier Pedemonte <pedemont@us.ibm.com>. r=jpierre.
2003-09-11 20:29:51 +00:00
1096a8c745
Bugzilla bug 214824: use -no-cpp-precomp instead of -traditional-cpp, which
...
has changed to mean a different thing (the standard GCC meaning, rather
than Apple's earlier hacks). The patch is contributed by Brian Ryner
<bryner@brianryner.com>.
2003-09-11 18:41:22 +00:00
33dafeb6d1
Bug 211291 void nsCertTree::InitCompareHash doesn't check the return value of PL_DHashTableInit
...
r=kaie sr=bz
2003-09-11 01:59:21 +00:00
c629bfb394
Bugzilla bug 208971: remove obsolete Mac CFM build files from NSS.
2003-09-11 00:04:38 +00:00
160d767599
Bugzilla bug 208971: removed obsolete Mac CFM build files from NSS.
2003-09-11 00:01:07 +00:00
c71f55bb2a
Fix for 215152 - better error handling
2003-09-10 01:33:25 +00:00
24dbc103c8
Fix for bug 215152 . Improve error handling in PK11_FindSlotsByAliases
2003-09-10 01:31:54 +00:00
cc713fc8d3
Further enhance the verbose debugging command line option in tstclnt
...
for the case where client auth is requested by the server. It will
now report the name of the cert sent to the server, or "send no cert".
2003-09-09 20:22:54 +00:00
683c3f9505
Prevent crash if certlist is NULL
2003-09-09 00:54:20 +00:00
20a95ddfde
Fix bug 214307 - add certutil batch mode . r=wtc
2003-09-08 23:30:29 +00:00
51bd14780b
Add PORT_Strpbrk macro
2003-09-08 23:29:14 +00:00
20386efec4
Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan.
2003-09-08 00:18:24 +00:00
842a5d79c8
Fix for bug 72291 . resolve memory leak on nicknames . r=relyea
2003-09-05 00:15:52 +00:00
891e05f8b0
Remove erroneous assertions
2003-09-03 23:52:01 +00:00
b4b593cf0a
Fix for bug 215152 . Export PK11_FindSlotsByAliases. r=relyea
2003-09-03 22:55:10 +00:00
610ac28a42
Add PK11_FindSlotsByAliases function . r=relyea
2003-09-03 22:48:20 +00:00
609557163f
Fix for 216701 - verify CRLs with cert verification date rather than CRL lastupdate date
2003-08-30 01:07:21 +00:00
90064ce7fc
Bugzilla bug 214674: made the Linux implementation of sslMutex really work.
...
They were no-ops in multiprocess mode before. The patch is Nelson
Bolyard's. r=wtc.
2003-08-28 22:23:59 +00:00
a5934c7cc6
Bugzilla bug 217504: 1. Do not use -lsvld on recent AIX releases.
...
2. Specify the standard AIX libpath, otherwise the directories we pass to
the -L linker flags get added to the libpath. 3. Support building on AIX
5.2. The patch is contributed by Philip K. Warren <pkw@us.ibm.com>. r=wtc.
Modified Files: AIX.mk AIX4.2.mk AIX4.3.mk AIX5.1.mk
Added Files: AIX5.2.mk
2003-08-28 00:15:43 +00:00
2990fa08b0
Fix for 214201. remove unused variable
2003-08-27 01:47:57 +00:00
97baeaa545
Bugzilla bug 216693: use "." instead of "org" to specify the list for zip.
2003-08-27 01:13:06 +00:00
36e8c13857
Import NSS_3_7_8_RTM.
2003-08-27 01:01:59 +00:00
3e239ffcd7
Update JSS to version 3.4.1.
2003-08-27 00:08:43 +00:00
a9cb356856
Bugzilla bug 72291: have PK11_ListCerts return all the cert instances on
...
tokens. The patch is Julien Pierre's, with changes by Wan-Teh Chang.
Modified Files: pk11wrap/pk11cert.c pki/pki3hack.c pki/pki3hack.h
2003-08-25 19:18:02 +00:00
b3edbc2128
Bugzilla bug 209827: disable optimization to work around what appears to
...
be a VACPP optimizer bug.
2003-08-22 22:34:07 +00:00
59256190ce
Fix for bug 216944 - CERT_VerifyCertificate optimizations issues . r= wtc
2003-08-22 18:47:07 +00:00
c11c6acb17
Backing out the patch to bug 83536.
...
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
2003-08-22 03:06:53 +00:00
6dc37259b8
Bugzilla bug 216693: running make in mozilla/security/jss should build the
...
class jar file.
Modified Files: rules.mk build_java.pl
2003-08-19 20:08:33 +00:00
c08e99a287
Set MODULE in makefiles at the top of a heirarchy so that module-deps lists are more precise and builds will have the proper order if some subdirs contain other modules.
2003-08-16 00:42:35 +00:00
86e30540a2
Bugscape bug 50033: make the KeyType class public and force it to load
...
during CryptoManager.initialize(), before we add JSS as a provider. The
KeyType class was failing to load properly, because its static initializers
force the class load of KeyWrapAlgorithm, whose signature needed to be
verified, which invoked JSS's signature provider, which accessed KeyType.
Basically, installing JSS as the default signature provider before its
classes have loaded creates a possibility of circular dependencies in class
initialization. The patch is due to Jamie Nicolson. r=wtc.
Modified Files: CryptoManager.java pkcs11/KeyType.java
2003-08-15 01:00:35 +00:00
be4ed5debc
Fix from Ian to address Bugzilla bug 202179.
...
The fix restores some old code that was removed as part of our
performance work (Bugzilla bug 145322). Thus, there may be a
slight performance hit, but obviously, we need to have correct
code first.
This is a part of the code I really don't like. To summarize,
there was a hack put in a long time ago to make sure that the
PKCS#11 session in which the SSL keys are generated was never
closed until the last key was deleted. This only worked by chance,
and if any part of the code was changed (as was the case here), this
unstable equilibrium would be lost. As with all hacks, it wasn't
really documented, so the problem escaped our notice. As a result of
putting the hack back in, we're going back to the horribly wasteful
operation of opening 4 sessions and immediately closing them. I intend
to have a proper solution in a later release.
2003-08-12 18:21:55 +00:00
1bb0160b47
Bug 211695 Fix bugs in nsCertTree.cpp r=varga sr=alecf moa=kaie a=asa
2003-08-12 11:20:50 +00:00
b6208f06a9
bug 214207 - update localeVersion for 1.5b - rs=blizzard, a=asa
2003-08-11 11:31:24 +00:00
655056191f
Deleted useless local variable 'arena' in cert_ImportCAChain.
2003-08-08 23:15:50 +00:00
a32141f5d2
Bugscape bug 49314: code cleanup. Throw InvalidKeyException directly
...
instead of NoSuchAlgorithmException.
2003-08-07 21:45:35 +00:00
7523a62658
215190 delete CA created certs
2003-08-07 00:34:32 +00:00
f6be8fe74f
Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron).
2003-08-05 20:09:21 +00:00
1ded6df12e
Convert public key to JSS public key.
2003-08-05 18:54:49 +00:00
13f5b9e4ff
Bugzilla bug 214695: fixed incorrect use of PR_AtomicDecrement on reference
...
counts. The reference count should not be read "naked". Instead, we
should simply use the return value of PR_AtomicDecrement for the result of
the decrement.
Modified Files: dev/devmod.c dev/devslot.c dev/devtoken.c pki/certificate.c
pki/pkibase.c
2003-08-01 02:02:47 +00:00
5da7e31f4d
Fix bug 213084. Detect when cert in signature cannot be imported.
...
Detect NULL pointer, don't crash.
2003-07-31 00:16:27 +00:00
9b590c4f17
Bug 213903: removing unused variables 'delold', 'save', 'entry'
2003-07-28 22:55:16 +00:00
52a39ca16f
Bug 213902 : removing unused variable "next" in "cert_DecodeNameConstraintSubTree"
2003-07-28 21:53:16 +00:00
95256ce645
DeCOMify GetParent/GetBindingParent/GetDocument on nsIContent. Bug 213823,
...
r+sr=jst
2003-07-28 21:35:53 +00:00
0c479eebe6
remove no longer used include blapi.h
2003-07-24 23:01:08 +00:00
9c22160a4b
Bug 83536.
...
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
2003-07-24 05:15:20 +00:00
c771349946
Allow freebl to build correctly under MS VC++ .net 2003 . sr=nelsonb
2003-07-22 02:04:57 +00:00
e3b945b14b
Bugzilla bug 213192: take the first two components of $(OS_RELEASE) the
...
right way. The basename function that we were using only works when
$(OS_RELEASE) has exactly three components. The patch is contributed by
Ed Catmur <ed@catmur.co.uk>. r=wtc.
2003-07-21 23:40:51 +00:00
b5a53a661e
Bugzilla bug 211350: support IRIX Alpha releases, whose 'uname -r' output
...
contains "-ALPHA...".
2003-07-21 18:51:08 +00:00
f008bc2bad
Bug 25886: Get rid of a bunch of unused NS_DEFINE_IID, NS_DEFINE_CID. r=caillon, sr=dbaron
2003-07-20 07:47:59 +00:00
5d8a4a4934
Bugzilla bug 212797: added Linux2.6.mk so that we can build on Linux 2.6
...
kernels.
2003-07-19 21:21:50 +00:00
a08188e177
Bugzilla bug 213158: fixed the misspelling of "attach". The patch is
...
contributed by Pierre Chanial <chanial@noos.fr>.
Modified Files: pk11slot.c secmodt.h
2003-07-19 20:49:35 +00:00
20004e3489
Bug 73353: clean up MODULE/REQUIRES story. r=cls, sr=bryner
2003-07-13 22:29:00 +00:00
e17d8ed21d
change the doctype from window to dialog. Thanks to Christian Biesinger for pointing that out.
...
r/sr=mscott
2003-07-12 03:31:16 +00:00
c860a04974
Bug #212459 --> Give the certificate manager a face lift. Add a 5 pixel border around the tabbox,
...
add an ok button which can be used to dismiss the window, inherit the ok/help buttons from the dialog
overlay.
Add spacing between the tree control and the edit / delete buttons underneath the tree control.
r=kaie
sr=sspitzer
2003-07-12 00:36:01 +00:00
8a8acecae0
Backed out Bob Relyea's workaround for the deadlock in rev. 1.15. The
...
correct fix is in rev. 1.36 of tdcache.c (see Bugzilla bug 212112).
2003-07-11 21:52:04 +00:00
32ec0bd37b
Remove dependency on secrng.h. We don't need it.
2003-07-11 18:13:26 +00:00
d8bfc7ae2c
Restore sslreq.txt to text form, where it will have different line
...
endings on unix, than on windows or on Mac.
2003-07-11 04:14:24 +00:00
a7db0ece51
Test with the new file sslreq.dat rather than the old file sslreq.txt.
2003-07-11 04:05:12 +00:00
d5d6b8ccc7
This is sslreq.txt with a different file name, to clearly show that
...
this file is to be treated as a binary file, not as text.
2003-07-11 03:55:55 +00:00
bd92e280fe
Bug 212112: we don't need to lock td->cache->lock while calling
...
STAN_ForceCERTCertificateUpdate. This fixed a recursive deadlock.
r=mcgreer.
2003-07-10 01:24:17 +00:00
634e667950
Change cert_GetCertificateEmailAddresses to return NULL rather than
...
a pointer to an empty string when a cert has no email addresses.
Partial fix for bug 211540. Modified certdb/alg1485.c
2003-07-09 04:14:23 +00:00
9b53efa290
Bug 212004: in CERT_IsUserCert we should test for a null cert->trust and
...
treat it as no trust. r=nelsonb.
2003-07-09 04:12:16 +00:00
77b1d5b56e
Export SEC_DupCRL and declare it in certdb.h. Bug 208194.
...
Modified Files: nss/nss.def certdb/certdb.h
2003-07-09 04:00:48 +00:00
60aaf7bbf5
Bug 211384: fixed the bug that importing a CRL that already exists in the
...
DB causes NSS_Shutdown to fail. Two files were changed. 1. crl.c: we
should not obtain a slot reference because PK11_FindCrlByName already
obtained a slot reference. 2. pk11cert.c: cleaned up code and fixed a slot
reference leak if the SECITEM_AllocItem call fails. r=nelsonb.
2003-07-08 18:41:28 +00:00
90f86dc111
Re-enabled the fix for bug 208177.
2003-07-08 18:11:24 +00:00
2dc27003e2
b=210948 Some file dialogs have harcoded filter description
...
patch from Vincent B�ron
r=kaie sr=brendan
2003-07-08 14:46:21 +00:00
f82f7c9d38
b=195574 SSL extremely flaky if Ask for Master Password is 'Every time'
...
r=darin sr=brendan
2003-07-08 14:41:02 +00:00
f6802aac5b
patch to correct false failure reporting - bug 167825
2003-07-03 17:50:18 +00:00
a206d21cd7
Add missing declaration of NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
2003-07-03 07:04:30 +00:00
edb69e7969
Fix bug 211049. Another issue with empty pointer lists from group
...
decodings. Patch by Wan-Teh Chang <wtc@netscape.com>.
2003-07-01 01:16:57 +00:00
8c68d71e97
Change the function definitions in dev so that the ctags program will
...
produce valid tags from these sources.
2003-07-01 00:32:22 +00:00
b71485c4fe
Bug 210660: backed out the main change in the fix for bug 145322 because
...
the adoption of session is not thread safe. This eliminates most of the
saving of sessions, but we must be correct first, and then optimize.
r=nicolson,nelsonb.
Modified Files: pk11func.h pk11skey.c
2003-06-27 22:28:50 +00:00
66b6198a4f
Fix several bugs reported in bug 210707.
...
Change loops over RDNs and AVAs to detect NULL pointers.
Change list of attribute type "keywords" to match RFCs and internet
drafts.
Quote attribute values strings that contain adjacent embedded blanks.
Don't quote hex string values.
Always use hex string values when type OID is unrecognized.
2003-06-27 00:33:05 +00:00
a3501517f5
Move the declaration for CERT_CompareNameSpace from cert.h to genname.h
...
because it is a private function. Change the interface for this
function so that it returns a SECStatus, unambiguously indicating the
success or failure of the name constraints test. The function no
longer takes a list of cert subject names, instead, it takes a list
of cert pointers, and optionally outputs one of those pointers when
an error occurs. This eliminates a cert reference leak.
2003-06-26 01:56:34 +00:00
b54a7e669d
This patch extracts rfc822 names from a cert's distinguished name at the
...
time when the list of cert names is being built and builds a GeneralName
out of it, just as if the rfc822 name had come from a subject alt name
extension. This way, no special handling is needed of either directory
names or rfc822 names in the name constraints code. The special "phase 1"
loop in cert_CompareNameWithConstraints disappears compmletely. And all
the cases in the (former phase 2) loop can now simply assert that the
name's type matches the constraint's type exactly.
This patch also factors out the code that creates new CERTGeneralNames and
that copies a single CERTGeneralName into new separate functions. This
eliminates a lot of duplicated code whose correctness required lengthy
inspection. Now these primitive operations are centralized.
2003-06-26 01:25:10 +00:00
195925a071
enabling log scraping in header instead
2003-06-25 21:57:21 +00:00
7361de7ee8
enabling log scraping in header instead, where RESULTDIRURL gets created
2003-06-25 21:56:19 +00:00
0d74efc36a
removed new variable for Win platform - extra - don't need
2003-06-25 21:39:54 +00:00
2ff0613d68
fix URL for Windows platform
2003-06-25 20:43:18 +00:00
e886704557
taking out un-needed stuff
2003-06-25 17:39:38 +00:00
02c8289ae0
Shorten the clickable text portion of RESULTDIRURL.
2003-06-25 04:23:34 +00:00
nelsonb%netscape.com
wchang0222%aol.com
jpierre%netscape.com
jgmyers%speakeasy.net
relyea%netscape.com
jst%mozilla.jstenback.com
bsmedberg%covad.net
bryner%brianryner.com
darin%meer.net
bienvenu%nventure.com
dbaron%dbaron.org
nicolson%netscape.com
brendan%mozilla.org
peter%propagandism.org
caillon%returnzero.com
bishakhabanerjee%netscape.com
kairo%kairo.at
ian.mcgreer%sun.com
timeless%mozdev.org
wtc%netscape.com
cls%seawood.org
neil%parkwaycc.co.uk
glen.beasley%sun.com
bzbarsky%mit.edu
jaggernaut%netscape.com
scott%scott-macgregor.org
kaie%netscape.com