mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
116 741 коммит 40 Ветки 136 Теги 1,1 GiB
Граф коммитов

4193 Коммитов

Автор SHA1 Сообщение Дата
relyea%netscape.com 2d71279799 FIPS library verifier. 2003-01-30 23:38:07 +00:00
relyea%netscape.com bd68779b0c FIPS library verifier 2003-01-30 23:36:37 +00:00
wtc%netscape.com 751c48b5e5 Bug 191214: fixed the object leaks in signtool that prevented NSS_Shutdown 
from succeeding and added the NSS_Shutdown call back.  r=jpierre.
Modified Files: certgen.c sign.c signtool.c
 2003-01-30 23:11:13 +00:00
wtc%netscape.com 5f51d20223 Bug 177387: temporarily added freebl_GetLibraryFilePathname to libfreebl.a. 
This function has the same semantics as the NSPR 4.3 function
PR_GetLibraryFilePathname. This patch should be backed out when NSPR 4.3 is
released.
Modified Files: config.mk manifest.mn
Added Files: libpath.c
 2003-01-30 07:00:32 +00:00
jpierre%netscape.com 4efd6d4409 Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute. r=wtc 2003-01-30 05:12:10 +00:00
jpierre%netscape.com e3c369562b Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute . r=wtc 2003-01-30 03:02:55 +00:00
jpierre%netscape.com 468dc9f9ab Patch for memory leak . Bug 189976 . r=wtc 2003-01-30 02:59:35 +00:00
wtc%netscape.com fedddcffe2 Bug 191214: backed out the previous checkin until this bug (object leaks) 
is fixed.
 2003-01-30 01:50:31 +00:00
wtc%netscape.com 4dbc437731 Bug 171263: signtool should call NSS_Shutdown before it exits. 2003-01-30 00:39:37 +00:00
relyea%netscape.com 3788b0eeec Move LIBJAR definitions around so that NT builds. 2003-01-29 23:37:10 +00:00
kaie%netscape.com 69c368b1a9 b=165301 False mixed content (encrypted page with unencrypted information) Security Warning 
r=javi sr=darin a=asa
 2003-01-29 03:52:01 +00:00
relyea%netscape.com 807a5de681 1) add vfyserv to the standard build. 
2) add tool to build shared library signature files for FIP's.

Code to verify requires NSPR changes before we can check it in.
 2003-01-28 18:53:22 +00:00
relyea%netscape.com fa9c0d1f91 New header file to dump defines for managing signed FIPs libraries. 2003-01-28 18:50:02 +00:00
relyea%netscape.com 97ee121321 Compile modutil with shared libraries. 2003-01-28 16:44:33 +00:00
relyea%netscape.com ca368d8e94 Export functions needed for modutil to be compiled dynamically. 2003-01-28 16:41:46 +00:00
relyea%netscape.com 2a6c459c18 Remove dead code and symbols from lib jar so that modutil can compile when 
linked with it.
 2003-01-28 16:39:32 +00:00
relyea%netscape.com 88f5c92825 Sign 3 sets of changes are here: 
1) Provide accessor functions for the PK11_DefaultArray so that modutil
does not have to link statically to access it.

2) Try setting the attribute on an object before we go to the work of copying
it (Function Only used in Java).

3) Optimize searching for the more common types of attributes.
 2003-01-28 16:38:04 +00:00
kaie%netscape.com 6b9785edcd b=190640 Remove the DHE ciphersuites until they work 
r=javi sr=bryner a=asa
 2003-01-28 15:06:29 +00:00
kaie%netscape.com 64cd67a3d0 b=190394 "website certified by an unknown authority" - nssckbi not found breaks PKI trust 
r=dougt sr=darin a=asa
 2003-01-27 23:53:02 +00:00
wtc%netscape.com 6d046ab3c2 Bug 90010: added support for parisc64. I received this patch from 
Christopher Blizzard <blizzard@mozilla.org>.
 2003-01-27 22:36:06 +00:00
wtc%netscape.com d4ac75f3a6 Bug 190396. 
Don't fail the search if the token returned an error that indicates that it
legitimately couldn't find a CRL
 2003-01-24 06:37:03 +00:00
relyea%netscape.com 04df2266d3 Bug 167756. Clean up previous patch: add lastState field, and set the SSL Error on failure. 2003-01-23 22:02:37 +00:00
relyea%netscape.com 797a5bc51c Write changes back to the database when we correct incorrect user bit settings. 2003-01-23 19:38:53 +00:00
relyea%netscape.com 48191e6dde Set the size value when extracting a key 19011. 2003-01-23 17:30:15 +00:00
relyea%netscape.com c5e06bef79 Check for token removal before continuing SSL sessions which have client auth 
with certs associated with that token. bug 167756.
 2003-01-23 17:27:34 +00:00
relyea%netscape.com a54ce85446 Fix bug 180824 Version 3.4 string hard coded in default token name. 2003-01-23 17:16:50 +00:00
wtc%netscape.com 722dc7dcf5 Bug 90010: added support for Linux for s390 and s390x. The patch is 
contributed by Gerhard Tonn <GerhardTonn@swol.de>.
 2003-01-23 17:16:32 +00:00
ian.mcgreer%sun.com c05c7c3f1e always use explicit serial numbers on generated certs, should fix QA failures on leia 2003-01-23 15:38:03 +00:00
jpierre%netscape.com d68a388386 Fix for bug #126930 - make SSL_ConfigServreSessionIDCache work on OS/2 by not using shared memory in single process mode. r=nelsonb 2003-01-23 00:15:08 +00:00
wtc%netscape.com dcfc314ddc Bug 190112: PK11_ReadAttribute needs to call PK11_ExitSlotMonitor before 
we return because of allocation failure.
 2003-01-22 17:44:36 +00:00
wtc%netscape.com ba247cd419 Bug 189546: updated the comments to reflect what the new code does. 2003-01-22 06:24:53 +00:00
timeless%mozdev.org e87b036988 Bug 179798 cookie confirm dialog no longer works in embedding (doesn't call nsIPrompt service) 
patch by mvl@exedo.nl r=dwitte sr=darin
 2003-01-22 05:52:33 +00:00
nelsonb%netscape.com e5ea957b6e Add OIDs for AES Key Wrap mechanism. 2003-01-22 04:35:54 +00:00
wtc%netscape.com ddc27a6bbf Bug 189546: moved the switch statement for known key lengths to the 
beginning of PK11_GetKeyLength to work around a deadlock in nCipher
module if PK11_ExtractKeyValue is called.
 2003-01-22 03:55:21 +00:00
kaie%netscape.com 153d01add8 b=188363 Bad error messages when server uses an invalid cert (-8054) 
r=nelsonb sr=blizzard
 2003-01-22 03:41:35 +00:00
nelsonb%netscape.com 2770ec645e Implement new AES Key Wrap mechanisms. Bug 167818. 2003-01-22 03:13:04 +00:00
wtc%netscape.com f20a97ef6a Bug 189345: we incorrectly assumed that a C_XxxFinal call to determine the 
length of the buffer would also terminate the active operation if the
buffer length is 0.  PKCS#11 says it doesn't, so we need to make the
additional C_XxxFinal call even if the buffer length is 0.  Allocate a
buffer from the heap if the stack buffer is too small and free the
heap-allocated buffer before we return from pk11_Finalize.  We can use the
stack buffer if count is equal to its size.
 2003-01-21 19:33:24 +00:00
seawood%netscape.com a4b8644bc9 I always forget to change both the declaration & the definition. 
Thanks to bird@anduin.net for the patch.
Fixing OS/2 bustage.
 2003-01-19 06:43:19 +00:00
seawood%netscape.com 6e4b727afc Callback functions must be defined as such. 
Fixing OS/2 bustage.
 2003-01-19 02:43:13 +00:00
kaie%netscape.com 499c2e67f7 b=189205 Implement early shutdown of NSS resources 
r=javi sr=darin
 2003-01-18 14:03:00 +00:00
relyea%netscape.com 402a4a6710 Bug 198364. Tokens keys do not own their handles. Don't let the key 
get destroyed when freed.
 2003-01-18 01:49:33 +00:00
nelsonb%netscape.com 48e8c13dcd When wrapping secret keys with an unpadded block cipher, null padd the keys 
as necessary, per the PKCS 11 spec.  Also, implement padding and unpadding
for single-part only ciphers.
 2003-01-17 05:50:08 +00:00
wtc%netscape.com 12a72288a3 Bug 145029: fixed compiler warnings (mostly "xxx might be used 
uninitialized").
 2003-01-17 02:49:11 +00:00
nelsonb%netscape.com 3c2c7f33bb One more fix for HPUX and Solaris. 2003-01-16 01:44:43 +00:00
jpierre%netscape.com 8796ef7732 Fix incorrect usage of QuickDER . See bug 160805 comment 16 2003-01-16 00:56:10 +00:00
nelsonb%netscape.com 5c71d8774b Fix compilation error. This file is only compiled on 2 platforms. 2003-01-16 00:55:53 +00:00
nelsonb%netscape.com a234db694e Switch from the old vendor-defined mechanism numbers to the new official 
PKCS 11 mechanism numbers.  These numbers will appear in v2.20.
 2003-01-16 00:43:58 +00:00
nelsonb%netscape.com fc19041388 Enforce that softoken's mechanisms are used only with the PKCS 11 
functions that they're defined to work with.
 2003-01-16 00:28:05 +00:00
nelsonb%netscape.com 472aaf52b9 Complete the addition of AES Key Wrap to blapi in freebl. 2003-01-16 00:15:21 +00:00
nelsonb%netscape.com 1a0e61f69a Remove the implementation of CKM_KEY_WRAP_LYNKS from softoken. 2003-01-16 00:14:07 +00:00
nelsonb%netscape.com 8d818d5064 aeskeywrap.c - implement AES Key Wrap algorithm from RFC 3394 2003-01-14 22:16:04 +00:00
glen.beasley%sun.com 3810215899 solaris pkg version 2003-01-14 20:26:36 +00:00
bishakhabanerjee%netscape.com 1403d269af Bug 171263 - NSS test apps to check return value of NSS_Shutdown 2003-01-14 01:03:21 +00:00
bishakhabanerjee%netscape.com 45ba9d6985 Bug 171263 - NSS test apps shd check return value of NSS_Shutdown 2003-01-13 22:36:39 +00:00
glen.beasley%sun.com 0a41355aa2 solaris pkging support 2003-01-13 20:35:36 +00:00
glen.beasley%sun.com b765908949 solaris pkg support 2003-01-13 19:44:21 +00:00
glen.beasley%sun.com 1b2cfef182 Solaris pkg support 2003-01-13 19:43:15 +00:00
relyea%netscape.com 3f15ddacc5 Check for Empty CRL list as well. 
Bug 164501.
 2003-01-10 19:09:46 +00:00
relyea%netscape.com 0c506b280f Declare PK11_TokenRefresh() 2003-01-10 17:53:01 +00:00
relyea%netscape.com ab1f73ddf5 Add the ability to generate certs with multiple DNS names. 2003-01-09 22:59:42 +00:00
glen.beasley%sun.com 3300c59b7d Solaris pkg copyright 2003-01-09 22:53:13 +00:00
relyea%netscape.com 1544ed637e Remember to include the global: tag 2003-01-09 18:44:26 +00:00
relyea%netscape.com b2f0cd3e28 backport NSS 3.7 fixes to the tip. 2003-01-09 18:15:11 +00:00
wtc%netscape.com 570a9e5387 Bug 186201: should handle a null 'environ' pointer, which can happen on 
Solaris if NSS is loaded with dlopen() by an executable linked with the
RTLD_GROUP flag.
 2003-01-09 04:34:31 +00:00
wtc%netscape.com c1b180a77c Bug 187629: do not refresh a CERTCertificate if the same instance of a 
cached cert is added to the collection.
 2003-01-09 04:29:01 +00:00
dbaron%dbaron.org f2cd5e3e66 Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it is no longer needed. r=timeless sr=jag 2003-01-08 23:19:20 +00:00
dbaron%dbaron.org 3da694f7ae Bug 178643: Remove uses of NS_INIT_ISUPPORTS, since it is no longer needed. r=timeless sr=jag 2003-01-08 22:45:23 +00:00
wtc%netscape.com 27fc2706ca Bug 186586: If at NSS shutdown there are still certs in the cert caches, 
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later.  New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
 2003-01-08 21:58:29 +00:00
wtc%netscape.com 3e2a98c878 Bug 186586: If at NSS shutdown there are still certs in the cert caches, 
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later.  New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
Modified Files:
	base/errorval.c nss/nssinit.c pki/pki3hack.c pki/pki3hack.h
	pki/pkistore.c pki/pkistore.h pki/tdcache.c pki/trustdomain.c
	util/secerr.h
 2003-01-08 21:48:47 +00:00
wtc%netscape.com 388899d82d Need to call SSL_ClearSessionCache before calling NSS_Shutdown. 2003-01-08 21:40:52 +00:00
bishakhabanerjee%netscape.com b09495bd63 checking return value of NSS_Shutdown. Bug 171263 2003-01-07 22:53:13 +00:00
bishakhabanerjee%netscape.com 53f2c2caf6 checking return value of NSS_Shutdown. Bug 171263 2003-01-07 22:31:36 +00:00
bishakhabanerjee%netscape.com 36e8d3c8c6 new revision: 1.19; previous revision: 1.18 2003-01-07 22:29:54 +00:00
bishakhabanerjee%netscape.com cfca3d09e1 set and exported NSS_STRICT_SHUTDOWN. Bug 171263 2003-01-07 22:10:10 +00:00
kaie%netscape.com 233f20dbed b=184940 Enable additional SSL ciphers, add configuration UI 
r=javi sr=jaggernaut
 2003-01-07 00:58:24 +00:00
kaie%netscape.com 3c02966450 b=177260 Fix known leaks in PSM, track blocking PSM UI, track open SSL sockets 
r=javi sr=darin
 2003-01-06 22:23:49 +00:00
kairo%kairo.at a7555a91fe change all localeVersion strings, as well as brand.dtd/region.dtd to 1.3b; bug 185698, r=tao, sr=blizzard 2003-01-03 19:57:47 +00:00
dbaron%fas.harvard.edu 0a31e6afb5 Change my email address from dbaron@fas.harvard.edu to dbaron@dbaron.org. Comment changes only. 2003-01-01 23:53:20 +00:00
nicolson%netscape.com 5d7f9a2a14 Upgrade version from 3.2 to 3.3. 
Uncomment MessageDigest implementations (doh!).
 2003-01-01 02:58:22 +00:00
nicolson%netscape.com 6162fa3b3d Add DigestTest to all.pl. 
Make DigestTest and SigTest return nonzero error code on failure.
 2003-01-01 02:57:50 +00:00
seawood%netscape.com cd1497a3ab Add hack upon dependency hack to Avoid constant NSS rebuilds when pulling from CVS. 2002-12-28 05:50:17 +00:00
seawood%netscape.com 4588fb970a Start installing GRE libraries & components into a separate dist/gre directory as part of the default build. 
Bug #186241 r=dougt
 2002-12-28 01:15:07 +00:00
wtc%netscape.com b75e4a55f8 Bug 183612: added some comments. 2002-12-24 02:25:36 +00:00
wtc%netscape.com 71527c989a Bug 183612: SECMOD_InitCallOnce() and SECMOD_CleanupCallOnce() should be 
declared and defined with an argument list of "(void)" instead of "()".
Modified Files: pk11cert.c secmodi.h
 2002-12-19 07:03:39 +00:00
nicolson%netscape.com a46f58f6b3 Fix 186097: ProofOfPossession.encode() has paranoid assertion. 2002-12-19 02:31:38 +00:00
wtc%netscape.com 587dca7fd1 Bug 183612: renamed some new functions to be consistent with existing 
function names containing SubjectKey and PublicKey.  Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
 2002-12-19 00:26:34 +00:00
relyea%netscape.com 67dbcd1b25 Bug 186058 2002-12-18 23:55:53 +00:00
nicolson%netscape.com 1a0dc15ee3 Partial fix for 184754: assertion violation in get_token_certs_for_cache. 
Don't assert if we fail to lookup the cert we just imported. It could
be a bug in the PKCS #11 driver. Instead, throw an exception.
 2002-12-18 23:14:48 +00:00
kaie%netscape.com 0b56a2ae45 Temporary fix for bug 182803. 
While this masks the reported crashes, this is nothing more than a workaround patch.
As long as this patch is in place, any attempt to do profile switching at run time will fail.
We need real fixes for bug 181230 and 177260.
r=javi sr=darin
 2002-12-18 12:50:35 +00:00
wtc%netscape.com 24e76ce1c2 Bug 183612: fixed the bug that 'extra' may be used uninitialized. r=javi. 2002-12-18 02:06:01 +00:00
wtc%netscape.com c37a82ab51 Set NSS version to 3.8 Beta on the trunk. 2002-12-17 23:04:46 +00:00
wtc%netscape.com 42182a9d9e Export CERT_DestroyOCSPResponse in 3.7. Moved HASH_GetHashObjectByOidTag, 
HASH_GetHashTypeByOidTag, and SECITEM_ItemsAreEqual from 3.7 to 3.8.
 2002-12-17 23:02:53 +00:00
relyea%netscape.com 8ab634d5b8 Make sure the session is protected over PKCS #11 calls. 2002-12-17 18:22:38 +00:00
wtc%netscape.com 59393fce3e Need to test for null pointers before destroying the lock and condition 
variable.  If NSS initialization fails, this lock and condition variable
may not get created.
 2002-12-17 02:47:46 +00:00
wtc%netscape.com cc65e89c5e I made a mistake in the previous checkin. certdb.h doesn't need to be 
included because the new function CERT_FindCertBySubjKeyID is declared in
cert.h.
 2002-12-17 02:08:51 +00:00
wtc%netscape.com 0d2d65efb2 Bug 183612: added support for looking up a cert by subject key ID and 
creating a CMS recipient info from a subject key ID.  The patch was
contributed by Javi Delgadillo <javi@netscape.com>. r=relyea, wtc.
Modified Files:
	certdb/cert.h certdb/certdb.c certdb/certdb.h certdb/certv3.c
	certdb/stanpcertdb.c nss/nss.def nss/nssinit.c
	pk11wrap/pk11cert.c pk11wrap/pk11func.h pk11wrap/secmod.h
	pki/pki3hack.c smime/cms.h smime/cmslocal.h smime/cmspubkey.c
	smime/cmsrecinfo.c smime/cmssiginfo.c smime/cmst.h
	smime/smime.def
 2002-12-17 01:39:46 +00:00
dougt%netscape.com 9ed66e1abc Allow caller to obtain cert. r=mstoltz, javi. sr=dveditz, b=179016 2002-12-13 22:26:43 +00:00
kaie%netscape.com 6fc801b267 b=182258 Give separate signature validity and sender address mismatch feedback 
r=javi sr=bienvenu
 2002-12-13 20:47:32 +00:00
relyea%netscape.com cd008946a6 Increment the tmpbuf pointer to the correct index point 2002-12-13 19:02:13 +00:00
nicolson%netscape.com f3f2064030 Fix 180827: Update version strings for JSS 3.3. 2002-12-13 06:12:30 +00:00
wtc%netscape.com 31af94e751 Bug 185074: open the files we just did a "chmod -w" on once to work around 
a Mac OS X NFS bug. Subsequent opens will see the file is readonly with no
delay.
 2002-12-13 02:06:34 +00:00
nelsonb%netscape.com 1942331c4e Clean up command line options parsing and Usage message. 2002-12-13 01:25:45 +00:00
relyea%netscape.com f37146e332 Use correct sense of the timeout value. 2002-12-13 00:25:21 +00:00
nelsonb%netscape.com d442ab6107 Support SHA256, SHA384, and SHA512 hashes in NSS. 2002-12-12 06:05:45 +00:00
relyea%netscape.com b96f690161 Don't break solaris or linux (add the ';') 2002-12-11 17:56:49 +00:00
relyea%netscape.com 3fbd2fdc4d Export new command to pull for token change events. 2002-12-11 17:53:20 +00:00
relyea%netscape.com 0a024139f7 Program to test smartcard removal and insertion detection. 2002-12-11 17:44:53 +00:00
relyea%netscape.com 2c6c4ceeae Add token removal blocking function. 2002-12-11 17:43:24 +00:00
thayes%netscape.com b815bf47be Bug 184557: Allow usage specified on command line (-u) to be used to validate 
certificates used for signing (-S option).  Also add special handling for
nickname "NONE" in the -Y option.  This specifies that no certificate and
encryption key preference should be included in the signature object.
 2002-12-11 01:44:37 +00:00
wtc%netscape.com 177487f4d0 Bug 180294: moved the OpenVMS build from the POSIX subsystem to native 
VMS (GNV).  The patch is contributed by Colin Blakes <colin@theblakes.com>.
Modified files: OpenVMS.mk config.mk rules.mk nsinstall/nsinstall.c
 2002-12-10 20:27:45 +00:00
relyea%netscape.com 7f3a67f9d9 Sigh, this is what was breaking the Linux builds... incorrect initializer. 2002-12-10 18:09:16 +00:00
relyea%netscape.com 52f2bf446b Make SubjectAltEncode a public function. Fixes build breakage in Linux 2002-12-10 17:41:16 +00:00
relyea%netscape.com cc608e2484 Add test cases for multiple email addresses in a single certificate. 2002-12-10 17:19:00 +00:00
relyea%netscape.com 4ffa798d64 Add code to create multiple email addresses in a single cert. 2002-12-10 17:18:06 +00:00
relyea%netscape.com 1e2ce4d929 Export the AltSubjectEncode function so our test programs can build certs 
with multiple email addresses.
 2002-12-10 17:15:15 +00:00
relyea%netscape.com 35158986f8 Create profiles for all the email addresses in a certificate. 2002-12-10 17:14:17 +00:00
relyea%netscape.com 5eec52b558 Fix padding value. 2002-12-06 19:11:57 +00:00
nelsonb%netscape.com 5f8ba2e198 Expunge dead code. 2002-12-05 22:16:22 +00:00
nelsonb%netscape.com 8bd068d9de Don't compile the .c files in lib/pki1 on the trunk. These files are used 
only in Stan.
 2002-12-05 22:15:36 +00:00
wtc%netscape.com 88fc40da69 Bug 39494: added a check to prevent buffer overflow. r=mcgreer,nelsonb. 2002-12-04 23:41:49 +00:00
wtc%netscape.com 74b384630f Fixed the build breakage of const unsigned char[] and unsigned char * 
mismatch on the Mac (compiler warnings on other platforms) by adding
(unsigned char *) typecasts.  r=relyea.  (Bug 183350)
 2002-12-04 00:28:56 +00:00
kaie%netscape.com 7fd5ae87db b=182158 JavaScript error when pressing Ok in "Cert already exists" dialog - setWindowName is not defined 
r=kaie sr=alecf
 2002-12-03 15:27:27 +00:00
wtc%netscape.com 27f7537130 Bug 181913: disable the makefile rule for .s for OS/2 so that .asm files 
are used when there are same-named .s files in the same directory.  The
patch is contributed by Javier Pedemonte <pedemont@us.ibm.com>.
 2002-12-02 22:57:21 +00:00
kaie%netscape.com 210417ee19 b=115294 Support S/Mime signing only configuration / relax certificate configuration requirements 
r=javi sr=sspitzer
 2002-11-28 18:31:03 +00:00
wtc%netscape.com dcf06adbf8 Bug 181878: fixed two more bugs in the new code to support multiple email 
addresses per certificate.  r=nelsonb.
 2002-11-27 01:28:03 +00:00
wtc%netscape.com f0d3f33fc5 Bug 182086: on Mac OS X, ranlib needs to be rerun after static libraries 
are moved.
 2002-11-26 23:05:56 +00:00
relyea%netscape.com 7415bef4e9 More review changes, 
Fix incorrect return in pcertdb.c
 2002-11-26 22:14:56 +00:00
relyea%netscape.com 510f05d5ec Incorporate some of Nelson's review changes. 
Collapse all the profile data into an array for easier processing when printing out.
 2002-11-26 21:03:18 +00:00
relyea%netscape.com 88fc8a45eb Move mac build changes from 3.6 branch back to the trunk 2002-11-26 21:00:31 +00:00
wtc%netscape.com 87867e38a5 Bug 180228: moved CERT_CRLCacheRefreshIssuer from the NSS_3.6.1 section to 
the NSS_3.7 section.
 2002-11-26 19:21:55 +00:00
relyea%netscape.com f8616133e5 Incorporate Terry's and Nelson's reviews. 2002-11-26 18:27:25 +00:00
nelsonb%netscape.com 45f8bf2425 Back out my last change. 2002-11-26 07:07:20 +00:00
nelsonb%netscape.com 6f7aad8486 Eliminate bug due to uninitialized variable index. Eliminate leak. 
Remove lots of warnings about signed/unsigned and assigning int to uchar.
 2002-11-26 05:58:51 +00:00
relyea%netscape.com 6a88119773 Bug 181878 allow multiple email addresses to point to a single subject record. 2002-11-26 00:13:54 +00:00
nelsonb%netscape.com 15355f6f00 Put the nss 3.7 section after the nss 3.6.1 section. 2002-11-21 23:22:52 +00:00
ian.mcgreer%sun.com dc9b4b2415 bug 172247, don't allow import of duplicate issuer/serial certs 2002-11-21 20:43:15 +00:00
nelsonb%netscape.com 1707fa2738 Add tests for sha256, sha384, and sha512. 2002-11-21 05:44:41 +00:00
nelsonb%netscape.com f1eeafdf46 Add test modes for sha256, sha384 and sha512. 
Fix the -c (restart) option for testing hashes.  It works with all hashes.
When the -d option is given along with the -i or -o filename option,
and the filename is not absolute, the filename is taken to be relative to
the the mode's test directory.
 2002-11-21 05:44:03 +00:00
nelsonb%netscape.com 34fe8ef195 Use the 32-bit code on Solaris x86 platforms, too. 2002-11-21 02:54:04 +00:00
nelsonb%netscape.com 14ddb41e02 Add test cases from FIPS 180-2. 2002-11-21 02:26:50 +00:00
nelsonb%netscape.com db4bc48d65 Back out revision 1.2, which was a workaround for a c preprocessor bug 
in a certain version of the c compiler for Dec/Compaq Alpha OSF1.
The file now requires one of these compilers on that platform:
Compaq C V6.3-132  or Compaq C V6.4-214 (dtk)
 2002-11-20 05:25:58 +00:00
nelsonb%netscape.com b9eda3bb3e Optimization: change macros to do only 32-bit arithmetic on platforms 
with only 32-bit registers.
 2002-11-20 00:48:09 +00:00
jpierre%netscape.com b30a666577 Fix for bug 180894 - don't assert in ShutdownCRLCache() 2002-11-19 21:37:50 +00:00
nicolson%netscape.com 18c1b06a60 Fix 180396: javax.crypto.Cipher wrapping does not work with RSA algorithm. 
Support RSA as a wrapping/unwrapping algorithm.
 2002-11-19 00:41:09 +00:00
nicolson%netscape.com dc7f89d956 Throw InvalidKeyException instead of InvalidAlgorithmParameterException, 
because the latter may get thrown away by our caller, but the former will
not be.
 2002-11-19 00:39:43 +00:00
nicolson%netscape.com c9a373cf69 Change silly switch statement to an if statement. 2002-11-19 00:31:10 +00:00
nicolson%netscape.com 2039d8bfc6 Make NotExtractableException take a String argument to its constructor. 2002-11-19 00:30:43 +00:00
kirk.erickson%sun.com 0c2290fea7 Made 'solarispkg' copy pkg/solars to pkg/$(OBJDIR), and go there to 
build packages.  This addresses the problems Sonja reported which
resulted from building in the same tree nfs'd from multiple platforms
simultaneously.  Also removed -$(MACH) and ROOT-$OBJDIR changes that
failed to address this problem.
 2002-11-17 17:26:51 +00:00
timeless%mozdev.org 7875f468ed Bug 58221 don't use strlen to check if a string is of length 0 
patch by aaronl@vitelus.com r=timeless sr=bz
 2002-11-17 05:16:49 +00:00
cbiesinger%web.de 1e0c16a749 patch by abecevello@sympatico.ca r=rangansen,me sr=roc+moz 
fix some spelling errors
 2002-11-16 20:44:32 +00:00
nelsonb%netscape.com 71faf153cf Change all functions that create contexts for encryption to treat their 
input buffers as const.  Warning reduction.
 2002-11-16 06:09:58 +00:00
jpierre%netscape.com 5956bc8bc3 Fix again? 2002-11-16 05:05:17 +00:00
jpierre%netscape.com eb0bdd665f Fix build again ! 2002-11-16 04:27:39 +00:00
nelsonb%netscape.com d94a05f7d5 Recognize new SHAxxx OIDs. 2002-11-16 03:34:53 +00:00
jpierre%netscape.com 443590936a Fix build 2002-11-16 03:32:40 +00:00
nelsonb%netscape.com b3a9787176 Correct softoken routines to work with new larger SHAxxx hashes. 2002-11-16 03:32:39 +00:00
nelsonb%netscape.com 9d71a03c06 Correct HMAC code to work with new larger SHAxxx hashes. 2002-11-16 03:30:37 +00:00
nelsonb%netscape.com f8c8c1c0c3 Add new SHAxxx hash algorithms to tables of SECHashObjects. 2002-11-16 03:29:32 +00:00
nelsonb%netscape.com bd2c63cb6d Declare new vendor-defined mechanisms for SHA256, SHA384 and SHA512. 2002-11-16 03:25:01 +00:00
nelsonb%netscape.com b1cb2c9cfd Now that we have hashes larger than SHA1, 
#define HASH_LENGTH_MAX         SHA512_LENGTH
 2002-11-16 03:21:53 +00:00
nelsonb%netscape.com af4639ae92 Don't reject a cert request with an empty list of CA cert names. 
Don't crash with an empty CA name list.
 2002-11-16 03:19:48 +00:00
nelsonb%netscape.com 3ee18753f6 Add "const" modifier to all fixed arrays used for keys or known text. 2002-11-16 01:00:44 +00:00
nelsonb%netscape.com 48dace80e4 Fix crash when formatting a cert with optional version not given. 2002-11-15 06:32:51 +00:00
jpierre%netscape.com 0203577bab Patch for 180228 - export CRL cache flush API . r=wtc 2002-11-15 05:04:05 +00:00
nelsonb%netscape.com 0dba5a0882 Make selfserv build for Darwin. 2002-11-14 23:33:24 +00:00
ian.mcgreer%sun.com 3e3b24225a bug 39494, handle non-standard AVAs properly 
r=nelsonb
 2002-11-14 17:04:43 +00:00
kaie%netscape.com 11e4a80cf5 b=168450 Cleanup some PSM code and add JavaDoc documentation to all freeze candidates 
r=javi sr=alecf
 2002-11-14 00:50:02 +00:00
relyea%netscape.com 1945b7684e Adjust the time values so we have correct and consistant displays. 2002-11-11 22:01:57 +00:00
relyea%netscape.com faebb28e1e Multi-access database race condition patches. These changes are already checked 
into NSS 3.6.1.
 2002-11-11 22:00:03 +00:00
kirk.erickson%sun.com 2cff9b4e29 Made awk_pkginfo-$(MACH) machine dependent for Sonja's release build. 2002-11-11 20:44:55 +00:00
relyea%netscape.com 33b32fcae3 Remove long dead code from util. triggered by bug 179038 2002-11-11 18:17:24 +00:00
jpierre%netscape.com ec1c48a069 Assert if the QuickDER decoder does not consume all the input 2002-11-09 01:56:01 +00:00
relyea%netscape.com c651ab3821 Bug 176667: kaie authored the patch, ian/relyea reviewed it. 2002-11-08 19:10:54 +00:00
nicolson%netscape.com b008376057 default doesProduceOutput to true for compatibility. 2002-11-08 02:24:20 +00:00
nicolson%netscape.com 2a0afd7964 Add isExtensionPresent and getExtension. 2002-11-08 00:40:26 +00:00
glen.beasley%sun.com a4596115af removes sun provider and set passwords 2002-11-07 22:49:26 +00:00
glen.beasley%sun.com 90e4e6c683 move removeSunProvider after JSS JCE provider is loaded 2002-11-07 03:33:04 +00:00
jpierre%netscape.com f9e36ad6fc Fix for 177798 . Improve handling of initialization / shutdown of the CRL cache using a static status variable 2002-11-07 00:02:31 +00:00
ian.mcgreer%sun.com b158d2ec1c bug 177366, clean up refcounting 
r=relyea
 2002-11-06 18:53:55 +00:00
nicolson%netscape.com 4095e4165d Add license header to new file. 2002-11-06 03:24:39 +00:00
nicolson%netscape.com 65418ae140 Add TestSDR, to test the new SecretDecoderRing. 
In all.pl, always set the CLASSPATH to be the signed JSS JAR file, so
that we can use the JCE (javax.crypto.*) interface.
 2002-11-06 03:22:10 +00:00
nicolson%netscape.com 7d68fcdc8a Correctly detect a missing key. 2002-11-06 03:20:53 +00:00
nicolson%netscape.com 376e771586 Improve InvalidBERException. 
Add feature of SEQUENCE.OF_Template whereby elements need not produce
any output. This is for dealing with very large SEQUENCEs, such as
large CRLs, where the list should be processed in some way, but not made
into an ASN1 object hierarchy.
 2002-11-06 02:00:55 +00:00
kaie%netscape.com 3315b57c76 b=166655 ERROR -12227 / Extend the list of TLS intolerance error codes 
r=javi sr=jag a=blizzard
 2002-11-05 14:49:52 +00:00
nelsonb%netscape.com 9eabbe6063 Workaround a c preprocessor bug on a certain 64-bit platform. Bug 178314. 2002-11-05 01:52:49 +00:00
nelsonb%netscape.com 3efeebefc6 Fix missing strings that cause crash in SSL_SecurityStatus(). Bug 178342. 2002-11-05 00:25:20 +00:00
relyea%netscape.com 1e9a50c7f3 !@#!$@! signtool thinks it knows how to verify if the certdb's are there and 
OK or not. Of course it doesn't.

bob
 2002-11-04 20:37:08 +00:00
relyea%netscape.com 1cacdab8cb db8 code part 1: 
1) Create new dbs with 32 k buffers.
   2) New dbs never store a single entry greater than 30 k (those are stored
using the blob code).
   3) NSS can run with either new or old dbs read only.
   4) If possible a new db is upgraded from and old db.
 2002-11-04 19:31:59 +00:00
nelsonb%netscape.com 6d09fce4d9 Add some processor and compiler dependent optimizations to SHA1. 2002-11-02 01:53:01 +00:00
nelsonb%netscape.com 2683429fa3 Add SHA256 SHA512 and SHA384 hashes to freebl. 2002-11-02 01:51:44 +00:00
jpierre%netscape.com e18a2330bd Fix for bug 177798 - NULL pointers in ShutdownCRLCache to allow shutdown/restart 
of NSS.
 2002-11-02 00:07:48 +00:00
nelsonb%netscape.com 8d635de722 Fix several problems related to error messages, including an attempt to 
print a null string pointer.
 2002-11-01 21:04:33 +00:00
nelsonb%netscape.com 5172f581a5 Reformat text. Fix syntax error in first examples. 2002-11-01 21:03:24 +00:00
jpierre%netscape.com 042d6deac1 Remove call to PL_ArenaFinish . This effectively shut down NSPR arenas and created problems when restarting NSS . r=relyea 2002-10-31 22:02:10 +00:00
jpierre%netscape.com 5a01280dd3 Fix for 177208 - unmark arena when DER decoding is successful 2002-10-31 01:54:13 +00:00
jpierre%netscape.com 7a45a11c75 Fix for bug 175115 . Remove incorrect check for CA cert expiration. Also fix CRL signature verification and clean up internal functions . r=mcgreer,relyea,nelsonb,wtc 2002-10-30 23:31:38 +00:00
relyea%netscape.com 0bab9cc714 Fix build breakage. Some platforms do not like to assign unsigned char * to 
char * without a cast.
 2002-10-30 19:01:21 +00:00
relyea%netscape.com 1981d33467 The Serial number needs to be the DEREncoded serial number, not the decoded 
Serial number.
 2002-10-30 17:22:06 +00:00
relyea%netscape.com 4304e22d73 Check in new certdata file generated from certdata.txt 2002-10-30 17:20:59 +00:00
relyea%netscape.com 4e8bc74d53 Allow the builtin's to accept old style serial numbers as well the the correct 
PKCS #11 serial numbers.
 2002-10-30 17:18:14 +00:00