mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
101 305 коммитов 40 Ветки 136 Теги 1,1 GiB
Граф коммитов

1908 Коммитов

Автор SHA1 Сообщение Дата
sonja.mirtitsch%sun.com 2d5741ee27 QAstatus file now made at the right place (global Exit()) and putting 
killed info in as well
partial fix for 122632 r=wtc
 2002-02-08 01:50:26 +00:00
bishakhabanerjee%netscape.com 72a45eb95a Patch for bug 119368: SECU_PrintError prints decimal error code now if 
unknown error
 2002-02-08 01:20:04 +00:00
sonja.mirtitsch%sun.com 07a85eef74 removed compiler workshop 5 marker bug# 124256 r=nelsonb 2002-02-08 00:43:18 +00:00
relyea%netscape.com 677f4822c8 Bug 120651: Stop up memory leaks in the built-in token. We are slowly leaking 
memory in arenas by allocating temporary objects out of permanment arenas.

Also rename file sin the builtins directory that conflict with it's parent.

xxxxx.c -> bxxxx.c except instance.c becomes binst.c
 2002-02-08 00:10:07 +00:00
ian.mcgreer%sun.com e788196849 bug 124268, -P is used twice 2002-02-07 22:28:04 +00:00
ian.mcgreer%sun.com 6a275b1a17 This is a revision of the patch shown in bug 122907. It should fix the leakage seen with client auth. It is needed either way, as NSS 3.3 always checked for pre-existing temp certs before creating a new one. 2002-02-07 14:58:05 +00:00
wtc%netscape.com 292ec76f67 Bugzilla bug 119376: initialize a local variable to eliminate a compiler 
warning.
 2002-02-07 01:57:48 +00:00
wtc%netscape.com 7f3dc2cfd6 Bugzilla bug 119376: fixed the uninitialized variable 'rv' in 
rsa_PrivateKeyOp.
 2002-02-07 01:00:31 +00:00
relyea%netscape.com 4127ac3d22 Identify certs that have no trust as CA's if they have the right settings 2002-02-07 00:50:47 +00:00
ian.mcgreer%sun.com 5092e137a7 another misused arena 2002-02-06 23:11:08 +00:00
ian.mcgreer%sun.com 561dbc5cd9 Don't waste time searching on tokens for trust of a temp cert. It can only be found in the temp store. 2002-02-06 20:18:18 +00:00
ian.mcgreer%sun.com 0d5a3dc052 cleanup shutdown leak 2002-02-06 19:58:54 +00:00
ian.mcgreer%sun.com b2b1c06032 PK11_VerifyRecover leaks a slot reference, this fixes it. 
r=relyea
 2002-02-06 19:21:20 +00:00
sonja.mirtitsch%sun.com 386c1bd3bd changing the way to figure out if selfserv is still present from ps to 
kill -0 so we might be able to debug the disapearing selfserv problem
better
 2002-02-06 05:34:16 +00:00
sonja.mirtitsch%sun.com 10f0ec789e start of fix for 122632 to avoid overflows 2002-02-06 04:02:46 +00:00
sonja.mirtitsch%sun.com 2525dbb183 calling the selfserv now with -y to get the certs at the end, adjusted clients and wait times 2002-02-06 02:51:59 +00:00
relyea%netscape.com a5f6f6c5b3 Fix memory leak in hash table keys. Hash tables stay around forever. 
keys go into and out of the table. the old code allocated the keys from
the hash table's arena, so they would grow without bounds. Now the keys
are allocated from the heap, and get freed when they are expunged from the
table.
 2002-02-06 02:42:08 +00:00
wtc%netscape.com 20884bdbc3 Bugzilla bug 119340: write the "selfserv: received SIGTERM" message to 
standard output (fd 1) instead of standard error (fd 2) because the test
script writes its output to standard output (with the echo command).
 2002-02-06 01:38:06 +00:00
sonja.mirtitsch%sun.com ea6595109c debugging info for the intermittant multiple recipient problem on linux 2002-02-06 01:15:51 +00:00
ian.mcgreer%sun.com 763e13a71b fixes for bugs 123479 and 123081 (possibly others). break up arena usage in hash table entries for the temp store and cert cache. 2002-02-05 23:55:43 +00:00
wtc%netscape.com e0791adbd8 Bugzilla bug 121523: checked in Kirk Erickson's session lock fix. 
Modified Files:
	lib/pk11wrap/pk11slot.c lib/softoken/pkcs11.c
	lib/softoken/pkcs11i.h lib/softoken/pkcs11u.c
 2002-02-05 23:41:36 +00:00
ian.mcgreer%sun.com 9a71398ea2 place where iterator was not freed 2002-02-05 22:32:38 +00:00
jpierre%netscape.com b393a837fa Fix for 122907 - patch to disable arena free lists with environment variable 2002-02-05 22:20:43 +00:00
ian.mcgreer%sun.com e62a65dd6c some of the output in bug 123081 shows potential leaks around iterators, since the iterator is explicitly freed allocate it in its own block to avoid this 2002-02-05 22:08:12 +00:00
ian.mcgreer%sun.com 18d1d08e68 cleanup suggested by review by Nelson 2002-02-05 03:53:50 +00:00
relyea%netscape.com d47cd2d11a Fix error path, only free arena is one was allocated. 2002-02-05 01:47:01 +00:00
nelsonb%netscape.com 3ade452eb9 Plug one of the leaks reported in bugzilla bug 123081 2002-02-04 23:15:11 +00:00
ian.mcgreer%sun.com 21e8624189 plug leak found doing client auth, move freeing of cert's slot down a level in case the cert was not made external 2002-02-04 23:04:11 +00:00
ian.mcgreer%sun.com 6caebdc0ff fix leak reported in bug 123081 by avoiding allocation for time variable 2002-02-04 22:34:22 +00:00
ian.mcgreer%sun.com 8faaba0e2f last part of bug 121628, permanent slots should respond immediately to IsPresent() call 2002-02-04 21:57:07 +00:00
relyea%netscape.com 72ba690a4c Function to read PQG params from the key. 2002-02-04 18:00:14 +00:00
wtc%netscape.com 45cce1a40d Temporary hack to make 'depend' do a 'clean' in NSS. 2002-02-04 15:57:38 +00:00
relyea%netscape.com 0ae90e9fb1 Bug 117978: accessor functions to all JCE keystore API to be implemented. 2002-02-03 03:37:26 +00:00
ian.mcgreer%sun.com e4a9a4769d Fix cert leaks when building a chain. There are several client auth bugs filed, this may not be for any one in particular, but was found with tstclnt. 2002-02-02 20:01:22 +00:00
ian.mcgreer%sun.com 43e609386f bug 90518, selfserv dumps cache state before shutdown with -y option 2002-02-02 19:39:48 +00:00
wtc%netscape.com 1512dc6f0e Bugzilla bug 122961: export CERT_CreateSubjectCertList for PSM. 2002-02-02 04:41:06 +00:00
relyea%netscape.com 26815e4981 Add new PK11_ImportSymKeyWithFlags function for JSS 2002-02-02 01:46:05 +00:00
javi%netscape.com 17bbdeab99 Fix Mac bustage. 2002-02-02 01:20:54 +00:00
wtc%netscape.com 1fd06e9576 Bugzilla bug 122712: moved the two newly exported symbols to the right 
place.
 2002-02-01 21:16:43 +00:00
ian.mcgreer%sun.com 50efa45321 fix cert leak found by client auth 2002-02-01 18:18:13 +00:00
relyea%netscape.com 74d272df70 Fix memory leak. 2002-02-01 17:57:05 +00:00
ian.mcgreer%sun.com 9d0bbe4ab6 bug 121628, persistent cache of hardware token certs 2002-02-01 17:25:15 +00:00
wtc%netscape.com c2c17dc8ed Bugzilla bug 119340: install a SIGTERM handler on Linux for debugging. 2002-02-01 05:57:49 +00:00
relyea%netscape.com c7c406a007 certutil -L now opens the DB ReadOnly. Add the '-X' option to the test is still 
testing the R/W case.
 2002-02-01 02:28:32 +00:00
relyea%netscape.com fbb3cd1af1 Make the following functions open the databases Readonly: 
ListCerts PrintHelp ListKeys ListModules CheckCertValidity Version

Add an option (-X) to restore the old behaviour of openning the Databases R/W
 2002-02-01 02:26:40 +00:00
ian.mcgreer%sun.com 4eac0e224a have certutil shutdown cleanly so purify is easier to deal with 2002-01-31 19:27:07 +00:00
relyea%netscape.com 9694fb3322 Fix thread local storage leak. 2002-01-31 19:18:55 +00:00
javi%netscape.com eb955bd006 Make the projects depend on a .exp file that doesn't start with '_' so that we know the .exp file wasn't generated by CodeWarrior. 2002-01-31 19:10:46 +00:00
javi%netscape.com c3c6171f0b Use LoadableRoots.mcp.exp instead of _*.exp so that we know 
the .exp wasn't generated by CodeWarrior.
 2002-01-31 19:05:27 +00:00
ian.mcgreer%sun.com 73ada3b8ed couple of fixes 2002-01-31 17:28:49 +00:00
ian.mcgreer%sun.com 17924181a5 bug 90518, implement methods for dumping the state of the cache and temp cert store in NSS 3.4 2002-01-31 17:08:32 +00:00
ddrinan%netscape.com a38e12497e Checkin for relyea. Call CERT_DestoryCertificateList instead of CERT_DestroyCertList 2002-01-31 04:00:12 +00:00
relyea%netscape.com 14606c9f4f Fix certlist memory leak. 2002-01-31 02:19:43 +00:00
wtc%netscape.com 1ba4f766ad Bugzilla bug 119340: backed out the fix. We are still seeing the 
"selfserv process not detectable" errors on Linux and I don't have
time to get to the bottom of it.
Modified files:
	cmd/selfserv/selfserv.c tests/common/init.sh tests/ssl/ssl.sh
 2002-01-31 02:03:57 +00:00
wtc%netscape.com 33eec413e9 Bugzilla bug 122712: temporarily export two additional symbols for Mozilla 
static build.
 2002-01-31 01:03:21 +00:00
sonja.mirtitsch%sun.com 56fd0efd0d put the sleep 30 back into the linux ssl test to give the selfserv time 
to free the socket...
 2002-01-31 01:01:47 +00:00
relyea%netscape.com 79e23ff590 restore checks for critical extenstions and fail if we have any we don't 
recognize. Just remove the bogus check that v2 crls must have critical extensions
 2002-01-31 00:42:43 +00:00
sonja.mirtitsch%sun.com 2f09854c0e next thry for bug 115200 2002-01-31 00:34:04 +00:00
relyea%netscape.com 4a065a35a8 Set token flag when saving the CRLs so they actually get put into the database! 2002-01-31 00:18:09 +00:00
relyea%netscape.com c55125bdd6 Fix searching code so it can find CRL's 2002-01-31 00:16:29 +00:00
sonja.mirtitsch%sun.com 41f16942a4 another try for QA / RE / tinderbox problem bug #115200 2002-01-30 04:37:35 +00:00
relyea%netscape.com 5324ba124a Unsigned values are always greater than '0'! 2002-01-30 00:48:24 +00:00
relyea%netscape.com b17e47bc7b Indexes are zero based. Do our realloc when index == size (not after). 2002-01-30 00:25:34 +00:00
relyea%netscape.com 3dfd980fd3 1) put some defensive programming so we don't crash on invalid der. 
2) set the start offset correctly for multi-byte lengths when decoding sets
and sequences
 2002-01-30 00:24:12 +00:00
relyea%netscape.com 3d5799a0e4 Restore idempontency to nss_init* 2002-01-29 22:27:15 +00:00
relyea%netscape.com 6087924968 Built-ins set the ulValueLen to -1 to indicate an unknown attribute type. 2002-01-29 21:12:13 +00:00
relyea%netscape.com 761c8f9882 Token and slot names are already converted to NULL terminated strings in the slot structure 2002-01-29 21:10:50 +00:00
relyea%netscape.com 7e91df2901 Don't leak memory in the arena pool 2002-01-29 19:00:47 +00:00
relyea%netscape.com 2ffdebcb02 More 'pretty print' improvements. Decode context specific data a little more. 2002-01-29 17:50:27 +00:00
ian.mcgreer%sun.com 2e7dccd29d changes related to bug 115660 
* fipstoken will only force authentication for object-related functions when the object is a private or secret key
* certutil does not authenticate to token when in FIPS and only doing cert-related operations
* QA does not provide password to certutil when doing cert-related operations in FIPS tests
 2002-01-29 17:30:22 +00:00
relyea%netscape.com f58a765819 (sigh) not only do we need to find the objects, we need to be able to read 
them as well.
 2002-01-28 23:28:29 +00:00
sonja.mirtitsch%sun.com 3503c53808 fixed typo 2002-01-28 20:59:23 +00:00
jpierre%netscape.com 3b1ba6dc44 Fix for 69556 - remove expired CA "Verisign Class 4 Primary CA" 2002-01-28 20:43:37 +00:00
sonja.mirtitsch%sun.com 68984c4764 attempted fix for bug 115200, tinderbox reports false failures on machines 
that run 32 and 63 bit tinderboxes
 2002-01-28 19:35:53 +00:00
relyea%netscape.com 88fccf56cf Fix crashing problem when trying two switch from fips to non-fips and back. 
bug 119214.
 2002-01-28 19:18:41 +00:00
wtc%netscape.com 1da3195968 Bugzilla bug 100447: on BSD/OS 4.2 and 4.3, we have problem calling 
safe_popen in a threaded program.  So we don't call safe_popen when
we obtained some entropy from /dev/urandom.  Thanks to lidl@pix.net
for the bug report and the fix.
 2002-01-27 00:14:59 +00:00
wtc%netscape.com d6b8ef5d90 Bugzilla bug 111206: make the Solaris version test flexible so that we 
don't need to add a new test for each new Solaris release.
 2002-01-26 16:19:51 +00:00
relyea%netscape.com 237f52188c Fix PBE_Context failure by making sure CKM_PBA is it's own keygen type. 2002-01-26 01:20:50 +00:00
relyea%netscape.com e5d11d5431 Fix 2 memory leaks and a UMR. 
(keyhand needs to be initialized before we start xor hashing)
Free item and time elements which are transparently allocated for us.
 2002-01-26 00:16:03 +00:00
relyea%netscape.com 1b36216be7 Change Sha1_hash to a simple XOR hash for building key handles for token 
objects.
 2002-01-25 19:09:34 +00:00
relyea%netscape.com 2cd0e7823b Fix key leak in S/Mime. 2002-01-25 19:08:19 +00:00
relyea%netscape.com 66838540ff Fix bug 115660. Note that fixing the bugs necessitates fixing the test 
cases as well. The test case was depending on the failure to read certs to
detect the failure to read keys. Now certutil returns a failure if no keys
are found. This also means that the FIPS test after the key and cert
has been deleted should expect a failure to list any keys.
 2002-01-25 19:03:17 +00:00
relyea%netscape.com 0b8fb8f0d7 Too agressive on fixing leaks;). This one isn't a leak. 
bob
 2002-01-24 21:33:51 +00:00
ian.mcgreer%sun.com 3afd5c3d8d fix aix issues 2002-01-24 15:45:55 +00:00
relyea%netscape.com 7f26c10bd8 Fix NT crash on startup. (load builtins after trust domain gets initialized). 2002-01-24 02:46:07 +00:00
nicolson%netscape.com 56bb80f8db Fix 118679: PK11SDR_Encrypt fails if not logged into token. 2002-01-24 01:06:22 +00:00
ian.mcgreer%sun.com ab89e69ce2 implement istemp and isperm in case clients depend on it, make sure certs own a reference to their slot and then free it 2002-01-24 00:58:02 +00:00
ian.mcgreer%sun.com b2cc5d03dc fix leakage in traversal functions that convert certs to CERTCertificates 2002-01-24 00:34:03 +00:00
relyea%netscape.com 65b7f7d46b Fix memory leaks. 2002-01-24 00:26:29 +00:00
ian.mcgreer%sun.com 422c06a4ed make sure path string has terminator 2002-01-24 00:25:32 +00:00
ian.mcgreer%sun.com 3a1d638a39 restore function CERT_SaveImportedCert, used to set the trust bits of a cert on import. Fixes bug 121487 2002-01-23 21:43:30 +00:00
ian.mcgreer%sun.com 115a64c8c2 traverse functions need to cache as they run in order to catch multiple instances of certs correctly 2002-01-23 20:35:18 +00:00
ian.mcgreer%sun.com ced7fd120a traversed certs also need to be cached 2002-01-23 18:24:29 +00:00
ian.mcgreer%sun.com 3b7ccbb61c fix core when token list is emptied (caused by switch to fips mode) 2002-01-23 17:39:29 +00:00
ian.mcgreer%sun.com bc65724129 * keep stan in sync with both addition and removal of modules 
* clean up compatibilty issues with PKCS#11 serial numbers.  Need to search both encoded and decoded values, while making sure stan code only deals with DER value
 2002-01-23 17:00:39 +00:00
ian.mcgreer%sun.com 952afebdb5 make the load function for the root token work 2002-01-23 15:36:54 +00:00
ian.mcgreer%sun.com 17b74fe184 fix breakage caused by yesterday's checkins; since softoken no longer returns terminating NULL for strings must add it above PKCS#11 
also fixes bug 121384
 2002-01-23 14:37:48 +00:00
relyea%netscape.com 79f61f853a Restore code automatic Built-in loading code. 2002-01-23 04:42:21 +00:00
relyea%netscape.com c8fcdeb68d Function to return if any builtins have been loaded yet. 2002-01-23 04:41:25 +00:00
ian.mcgreer%sun.com f4b110b8ac fix PSM crash described in bug 120647 2002-01-23 03:53:16 +00:00
wtc%netscape.com 1eff2860ba Bugzilla bug 119340: an inelegant but more reliable way to kill the 
multithreaded 'selfserv' process on Linux.
Modified files:
    cmd/selfserv/selfserv.c tests/common/init.sh tests/ssl/ssl.sh
 2002-01-23 03:18:57 +00:00
relyea%netscape.com 3ad5024f8a Fix wrong polarity on if statement (should check for success, not failure). 2002-01-23 02:10:31 +00:00
sonja.mirtitsch%sun.com 27cfb4c716 added the TCP connection aborted to the lines that are OK in the log 2002-01-23 02:07:08 +00:00
relyea%netscape.com c3ca8a1a48 Fix memory like in readSMimeEntry 2002-01-23 01:44:22 +00:00
relyea%netscape.com 1947921305 Fix label stuff. 2002-01-23 01:20:32 +00:00
relyea%netscape.com f235b85944 Labels don't have NULL's by default. 2002-01-23 00:53:53 +00:00
ian.mcgreer%sun.com 0a7c8a4e7c PSM bug 119359, NSS 3.4 also needs to recognize valid CA trust in order for cert download to work correctly 2002-01-23 00:49:23 +00:00
sonja.mirtitsch%sun.com 2cc7908640 added comments 2002-01-23 00:27:10 +00:00
sonja.mirtitsch%sun.com d19d19b941 removing tmpfiles on tinderboxes 2002-01-23 00:21:01 +00:00
sonja.mirtitsch%sun.com 020d8a3b2d changes so nssqa will run on netscape's daily builds as well 2002-01-23 00:19:32 +00:00
ian.mcgreer%sun.com 7462cbdfd4 last change to INTEGER encoding, strip extraneous leading zeros from integer values passed to encoder 2002-01-22 22:48:26 +00:00
ian.mcgreer%sun.com 5b01d3a7d1 fix for bug 120824; functions which collect certs based on subject need to examine *both* the temp and perm stores 2002-01-22 21:56:19 +00:00
relyea%netscape.com 1e98db5857 remove bogus verify step (the cert passed in is almost certainly a signing cert). 2002-01-18 03:38:29 +00:00
relyea%netscape.com fdc3985b20 Fix the case where the subjectID is an issuer/SN. don't build a dbkey in 
this case, return the actual subject cert id after looking up the cert
directly
 2002-01-18 03:36:44 +00:00
relyea%netscape.com 05d176b9c4 Increment length on LABEL, not on CLASS to catch the added NULL case. 2002-01-18 03:35:18 +00:00
ian.mcgreer%sun.com e45f8c2b70 more backwards compatibility fixes 
* always send DER of serial number to PKCS#11 queries
* in softoken, construct key for certificate using decoded serial number with (possibly) a leading zero, for compatibility with version 7 db
* in softoken, decode serial number *without* removing leading zero for searches
 2002-01-17 00:20:53 +00:00
ian.mcgreer%sun.com 0b564fa522 fix build bustage 2002-01-16 21:36:33 +00:00
ian.mcgreer%sun.com 8c0b98c71b fix a crash seen in PSM by making sure a zero-length attribute zeroes the item inheriting it 2002-01-16 21:23:30 +00:00
ian.mcgreer%sun.com 5c022683fc fix for bug 115360, failure in pkcs12 backwards compatibility tests 2002-01-16 21:22:30 +00:00
ian.mcgreer%sun.com 0c10963511 unfortunately, the SDR key keeps the value of CK_KEY_TYPE in the coefficient field of an RSA key. This means some format is lost through the ASN.1 encoder/decoer. Trying again to account for that without affecting normal key type attributes. 2002-01-16 16:02:51 +00:00
wtc%netscape.com 00b5f915b1 Bugzilla bug 119340: added a debug printf statement. 2002-01-16 03:29:06 +00:00
ian.mcgreer%sun.com 3b9f6d3cf2 fix up problems in last change 2002-01-16 00:04:16 +00:00
sonja.mirtitsch%sun.com 2f9de56d30 Ians debug change to find out the state of the DB after multi recepient test 2002-01-15 22:29:47 +00:00
javi%netscape.com e940c52d34 Include NSS.Prefix in the optimized target instead of NSDebug.Prefix 2002-01-15 22:11:39 +00:00
ian.mcgreer%sun.com eb0cc3901f revert last change, and move conversion of attribute value to host long up to where the long variable actually appears. 2002-01-15 21:45:38 +00:00
ian.mcgreer%sun.com c8cedd97da fix SDR on big-endian platforms. The leading zeros in the RSA coefficient have been stripped, but PKCS#11 needs them back in order to form a CK_ULONG correctly. 2002-01-15 19:20:34 +00:00
ian.mcgreer%sun.com b987645c50 Fix for serial numbers which are negative when intrepreted as signed integers. Since the ASN.1 encoder now add/strips leading zeros to INTEGERs, the hand decoder written here will incorrectly decode serial numbers passed to it that have leading zeros. 2002-01-15 15:43:35 +00:00
ian.mcgreer%sun.com 9529b345f4 force generated serial #'s to always be positive 2002-01-15 01:53:11 +00:00
ian.mcgreer%sun.com 54ef08b60f fix for bug 115360, ASN.1 encoder/decoder should handle conversion of unsigned integers used in NSS to ASN.1 INTEGERs, and vice versa. 2002-01-14 23:20:43 +00:00
ian.mcgreer%sun.com f4bdbb65a9 PKCS#11 needs to receive the serial number DER-encoded 2002-01-14 23:19:17 +00:00
relyea%netscape.com 662daf01e1 Fix nickname check for filtering cert lists. 2002-01-12 16:43:29 +00:00
ian.mcgreer%sun.com 5437c6d3a0 *sigh* 
fixed backward compatibity tests, but broke current version.  will have to rework.
 2002-01-11 23:37:37 +00:00
ian.mcgreer%sun.com ae15ead0f5 temporary fix for bug 115360 2002-01-11 22:24:31 +00:00
jpierre%netscape.com 5bfd366791 Fix for 98068 - PR_CALLBACK OS/2 issues 2002-01-11 19:53:00 +00:00
relyea%netscape.com 63ca3827f8 Keep a copy of the DER Crl. 2002-01-11 17:31:09 +00:00
javi%netscape.com 43cd7b4006 Turns out there isn't a corresponding .def file for the Builtins module. 
So I still need this file.
 2002-01-11 02:19:41 +00:00
javi%netscape.com 1646f286a0 *.exp files (for symbol exporting) are now generated dynamically. 2002-01-11 02:13:49 +00:00
kirk.erickson%sun.com 16711e5b7a Fixed termination when using -L 30 (see bug 107777). 
This is a temporary solution, creating SYSTEM rather than USER loggerThread.
Later we should create a USER thread, Interrupt, and tell the thread to exit.
 2002-01-11 01:03:28 +00:00
ian.mcgreer%sun.com e8aac2fb9e fix crash seen in PSM 2002-01-11 00:41:26 +00:00
relyea%netscape.com 4a931009f5 Fix dual key generation crash. 2002-01-11 00:33:08 +00:00
sonja.mirtitsch%sun.com 2379cdc08e asleep of 3 seconds after killing of teh selfserv doesn't seem to be 
sufficient - either that or it takes a lot longe now to start up
 2002-01-10 22:47:12 +00:00
relyea%netscape.com 30582a6b8a Fix Crl import Crash. (use the template, not the attribute list). 2002-01-10 22:38:15 +00:00
ian.mcgreer%sun.com 566d2fe940 CERT_FindCertIssuer had a fallback to just grab any cert with the correct subject when all else fails. 2002-01-10 20:24:46 +00:00
javi%netscape.com 36679c9c98 Give the shared library fragment names. 2002-01-10 18:15:28 +00:00
ian.mcgreer%sun.com 770b9ae9da Fix chaining bug. Cert's trust needs to be set before call to matchUsage. 2002-01-10 18:10:43 +00:00
ian.mcgreer%sun.com 5a27b64fbe need to make sure trust is updated if it was already created 2002-01-10 15:30:06 +00:00
ian.mcgreer%sun.com 916a710117 bug 118051, make Stan pki1 headers private exports for 3.4 2002-01-10 15:11:04 +00:00
ian.mcgreer%sun.com b201a286ba Only release crypto context's reference if cert was removed. Should not have caused 3.4 bugs but was nonetheless incorrect. 2002-01-10 14:34:36 +00:00
ian.mcgreer%sun.com f07c5a9b11 back out previous change 
Unlike the other hash indexes, the issuer and serial is unique.  If the issuer and serial exists in the cache, the cert pointer must be valid (the cache is holding a reference).
 2002-01-10 14:28:53 +00:00
ian.mcgreer%sun.com 67018508fa add command to certutil for dumping the chain of a cert 2002-01-10 04:30:00 +00:00
nelsonb%netscape.com 28caa1df56 Add error strings for new NSPR error codes. Bug 118668. 2002-01-10 03:00:30 +00:00
relyea%netscape.com 8846befff7 Set the trust order for a newly installed built-ins to 100 2002-01-10 01:01:09 +00:00
relyea%netscape.com f6871cf96f Fix default trust and cipher orders. 2002-01-10 01:00:20 +00:00
relyea%netscape.com c68ce0e40d Set up default trust order correctly. 
Default trustorder is
   0 for the internal token
   100 for the builtins
   50 for everyone else

Default Cipher order is
   100 for the internal token
   0 for everyone else
 2002-01-10 00:59:26 +00:00
relyea%netscape.com 3a6e3f8b94 Initialize OCSP status variable 2002-01-10 00:45:27 +00:00
relyea%netscape.com 768f88afc8 Enable OCSP code. 2002-01-10 00:43:39 +00:00
javi%netscape.com 5ac7e78c94 Update existing NSS projects to support building NSS 3.4 as shared libraries on the Mac. 2002-01-09 23:30:00 +00:00
javi%netscape.com bdf7930c7b New xml projects and headers required to build NSS 3.4 as shared libraries on the Mac. 2002-01-09 23:29:08 +00:00
javi%netscape.com a4a475c75e Define NSS_3_4 so that we get the right code and not Stan code that isn't quite ready. 2002-01-09 23:23:43 +00:00
javi%netscape.com 19df650b6e Changes required to get the trunk of NSS building on the Mac. 2002-01-09 23:22:23 +00:00
javi%netscape.com 98921ccfde Move LoadableRoots.mcp.exp to _LoadableRoots.mcp.exp to match the new 
name of the project file that gets generated now that we use a new
build system, ie foo.xml gets improrted to _foo.mcp.  This ensures only
the symbols we want to export get exported.
 2002-01-09 21:49:19 +00:00
ian.mcgreer%sun.com 71972797d2 also allocate hash key entry for issuer/serial, by creating an "index" cert in the cache's arena 2002-01-09 21:35:42 +00:00
ian.mcgreer%sun.com e24f442c3f several memory-related fixes 
- correct reference counting when combining certs taken from cache and obtained new
- cache keys need to be alloc'ed, for the case when one cert is used to create the cache entry, another (same subject/nick/email) is added, then the first is removed and freed
 2002-01-09 21:09:21 +00:00
javi%netscape.com 383b138e4e We now use xml files to run the Mac builds. Deleting the mcp files that 
are no longer used as part of the build.
 2002-01-09 20:08:25 +00:00
ian.mcgreer%sun.com 4328cc77eb bug 118612, implement valid peer trust in softoken 2002-01-08 22:01:17 +00:00
ian.mcgreer%sun.com 7735dba520 another place where decoded cert was alloced in cert's arena 2002-01-08 19:38:56 +00:00
ian.mcgreer%sun.com 28cb1ce89d move free of CERTCertificate's arena below the NSSCertificate. needed for the case when an NSSCertificate is freed without ever releasing a CERTCertificate. 2002-01-08 18:51:18 +00:00
ian.mcgreer%sun.com f161d6d8f4 memory leak fixes 2002-01-08 15:37:42 +00:00
ian.mcgreer%sun.com 7428ae1215 fix pkcs12 bug where nicknames were disappearing 2002-01-07 19:53:47 +00:00
ian.mcgreer%sun.com 1167719990 once again, solaris x86 does not like PR_LOG 2002-01-07 19:14:40 +00:00
ian.mcgreer%sun.com 7c74d99884 PSM fixes 
* implement CERT_AddTempCertToPerm in 3.4
* update object instance lists when needed
* correctly check and allocate trust when changing it
 2002-01-07 16:45:26 +00:00
ian.mcgreer%sun.com 16a699c9fb obey the isperm flag as in nss 3.3 2002-01-06 21:49:48 +00:00
relyea%netscape.com dab318ec31 Startup problems on new profiles: 1) Windows does not initially open the DB R/W 
on startup. 2) All platforms do not see the built-ins token if you startup with
a new profile.

Fix: 1) Escape the initialization parameters.
     2) Rebuild the Token iterator when new tokens are added to the trust domain.
 2002-01-05 03:00:10 +00:00
sonja.mirtitsch%sun.com cca6d4542f taking out OSF 5 links 2002-01-04 21:41:23 +00:00
sonja.mirtitsch%sun.com 6526699908 increased the number of tests and changed the fix about too many cache misses 
seee bugs #114964 and 118031
 2002-01-04 21:39:36 +00:00
sonja.mirtitsch%sun.com 0ac5914658 to avoid client and server writes at the same time write output to a tmp 
file first, and then the tmp file to stdout
the writes had lead to garbled messages that were then interpreted as
errormessages by the scripts
 2002-01-04 21:31:39 +00:00
ian.mcgreer%sun.com fdb7517d3e implement trust ordering when merging trust 2002-01-04 19:21:54 +00:00
wtc%netscape.com 8b23552681 Bugzilla bug 110356: check in the generated files (oiddata.h and oiddata.c) 
to work around concurrent build failures on Unix and the generation of
these files on the Mac.
Modified files: Makefile manifest.mn
Added files: oiddata.c oiddata.h
 2002-01-04 05:22:07 +00:00
sonja.mirtitsch%sun.com 33c124632f fixed qa_stat following an enhancement, that causes unexpected messaegs in the output.log 2002-01-04 00:24:28 +00:00
sonja.mirtitsch%sun.com 93ca321d50 fix for enhancemet request 114964 2002-01-03 23:58:23 +00:00
ian.mcgreer%sun.com 19993e549d only free slot if funrction returns correctly 2002-01-03 22:49:02 +00:00
ian.mcgreer%sun.com 681dce3718 fix aix bustage 2002-01-03 20:19:55 +00:00
ian.mcgreer%sun.com 3cff4ec39c move handling of certificate reference counting into Stan. NSS 3.4 needs to maintain persistent references of both temp and perm certs in order to replicate the old temp database. 2002-01-03 20:09:30 +00:00
ian.mcgreer%sun.com 20804d889d temp certs live in a trust domain. allows the idiom of "if not temp, try perm" to work in 3.4. 2001-12-21 19:14:04 +00:00
sonja.mirtitsch%sun.com b023851d8d more info to results.html 2001-12-21 00:29:32 +00:00
sonja.mirtitsch%sun.com d87f64d68f checking in fix for the new requirements for bug 73098 2001-12-20 23:26:59 +00:00
ian.mcgreer%sun.com 7089d6ad0a some checks that were overlooked 2001-12-20 23:17:58 +00:00
kaie%netscape.com a03dd2ce28 Fix crash bug 115927 by incrementing the reference count of 
returned slot.
r=relyea
 2001-12-20 21:40:30 +00:00
ian.mcgreer%sun.com 1db2d4b283 remove unneeded hack, put in a couple of error checks 2001-12-20 16:50:22 +00:00
ian.mcgreer%sun.com b11512c0c2 set the CERTCertificate nickname to be "Token Name:Cert Name" for backwards compatibility 2001-12-20 16:20:16 +00:00
nicolson%netscape.com e944f0ccca Typo broke the build. 2001-12-19 21:37:30 +00:00
ian.mcgreer%sun.com 9dac6b9e8f fix for 115957, hash table overloads cause problem (certs were not being removed properly) 2001-12-19 20:27:21 +00:00
nicolson%netscape.com e6b9306d2d Fix 114469: PK11_ImportDERPrivateKeyInfo should return a SECKEYPrivateKey* 
r=relyea.
 2001-12-19 20:14:53 +00:00
nicolson%netscape.com 9f9d215a24 Fix 114979: SECKEY_EncryptedPrivateKeyInfoTemplate no longer in public 
header file.
r=relyea.
 2001-12-19 20:11:56 +00:00
nicolson%netscape.com 8cb78f3d66 Fix 112321: make public SECKEY_DecodeDERSubjectPublicKeyInfo. 
r=relyea.
 2001-12-19 20:10:07 +00:00
relyea%netscape.com 3a8fe503be Fix Bug 115657. 
1) advance the pointers in the initialization setup for p12 pbes (at the same
time fix the code to be much easier to read and understand).
2) Copy out the returned IV in pkcs11c.c.
 2001-12-19 18:06:29 +00:00
nelsonb%netscape.com 8734ee5736 Don't allocate sieve from stack on machines with very-limited stacks. 
Bug 115012.  Patch from Michael Kaply mkaply@us.ibm.com
 2001-12-18 21:49:49 +00:00
ian.mcgreer%sun.com d72962f867 this is why apps shouldn't be able to change cert values... 2001-12-18 21:11:41 +00:00
ian.mcgreer%sun.com c3089392a7 don't waste time setting trust bits if they aren't changing 2001-12-18 19:54:44 +00:00
ian.mcgreer%sun.com e52b690dae fix for 115719, user trust not being set 2001-12-18 16:04:52 +00:00
ian.mcgreer%sun.com 60458a49d5 test case for multiple recipients 2001-12-17 20:16:18 +00:00
ian.mcgreer%sun.com 4334518885 needed for traversal of keys 2001-12-17 13:43:34 +00:00
ian.mcgreer%sun.com 0be1bc0424 dbhandle needs to be set for subject list certs to work 2001-12-17 13:43:10 +00:00
wtc%netscape.com d5b74852a1 NSS 3.4 should use DBM 1.6. 2001-12-15 21:02:20 +00:00
ian.mcgreer%sun.com baf889251d the last step - restrict trust domain and PK11_ searches to token objects 
also, make sure trust is grabbed from crypto context
 2001-12-14 20:50:59 +00:00
sonja.mirtitsch%sun.com d707c144bc thought I needed to do this in ssl... chge the readonlydir to prevent 
mccrel from overflowing due to failing cleanup scripts...
 2001-12-14 20:10:46 +00:00
sonja.mirtitsch%sun.com 9aea87469a fix for bug 73098, need to make other checkins in ssl.sh and don't 
want to merge
Ian reviewed the patch
 2001-12-14 20:02:53 +00:00
ian.mcgreer%sun.com e94fd9fee5 missed as part of last checkin, hack needed when certs come out of crypto context or cache 2001-12-14 18:50:49 +00:00
ian.mcgreer%sun.com 0b1b123e86 fix AIX build 2001-12-14 18:31:14 +00:00
ian.mcgreer%sun.com 8ab68cde61 implement local store of objects for crypto context 2001-12-14 17:32:23 +00:00
jpierre%netscape.com d656102567 Fix 114787 - ssl_recv crashes in client. bogus assert. reviewed by nelson 2001-12-12 21:44:04 +00:00
ian.mcgreer%sun.com 276a29db57 detect hash collisions so that the caller can handle it 2001-12-12 20:23:07 +00:00
jpierre%netscape.com 0831c73a16 Fix for 105764 - compiler warnings 2001-12-12 04:14:48 +00:00
jpierre%netscape.com 6528454c9d Fix for 105764 - compiler warnings 2001-12-12 03:48:28 +00:00
sonja.mirtitsch%sun.com ff17c8ce02 enabling the tls stresstest 2001-12-12 03:15:01 +00:00
ian.mcgreer%sun.com b53f50dc35 original intent for concurrent list iteration, fixes bug 114727. a better long-term solution is needing for traversing the high-level token lists. 2001-12-12 00:07:25 +00:00
nelsonb%netscape.com 0089de2e12 Check some pointers for NULL before dereferencing them. 2001-12-11 23:47:18 +00:00
wtc%netscape.com 15ed793c09 Adding new XML Mac project files. 2001-12-11 22:09:17 +00:00
ian.mcgreer%sun.com c6851c9334 first step towards separating token and session object searches as performance enhancement. Searches are still over both types until local cert and trust stores for crypto contexts are implemented. 2001-12-11 20:28:38 +00:00
nicolson%netscape.com a07cd47d39 Fix 113301: SECKEY_ImportDERPublicKey should support all public key types. 
r=relyea.
 2001-12-10 21:11:14 +00:00
ian.mcgreer%sun.com 8e77799086 only do the replacement if a new cert was created 2001-12-10 20:08:15 +00:00
ian.mcgreer%sun.com 81c628bf9c wrong function name 2001-12-10 19:16:18 +00:00
ian.mcgreer%sun.com 7619d8f5ee check in error const 2001-12-10 19:14:32 +00:00
ian.mcgreer%sun.com a21966741b handle race condition where attempt is made to add cert to cache when it is already present (from being added by another thread). 2001-12-10 19:05:51 +00:00
ian.mcgreer%sun.com 800b155597 merge in 3.3 branch changes to tip 2001-12-10 18:14:23 +00:00
relyea%netscape.com 41822492fe nssren.h needs to be included first in the header file or AIX will fail. 2001-12-07 21:32:05 +00:00
relyea%netscape.com 0fab6afdcf restore NSS rename to those files that need it. 2001-12-07 21:13:08 +00:00
sonja.mirtitsch%sun.com 35b3a319cd fixed the comment 2001-12-07 03:18:23 +00:00
relyea%netscape.com 4fa90c24ba 1) NT need the err= defines, use macros to set it appropriately (or not). 
2) restore missing sec = function
 2001-12-07 02:30:53 +00:00
jpierre%netscape.com 962ae85f0b Code formatting patch to support legacy text editors 2001-12-07 02:09:45 +00:00
relyea%netscape.com 05517fc59e emulate does not include PORT_ functions, use PR_ASSERT 2001-12-07 02:04:24 +00:00
relyea%netscape.com 7bfd9c97ec Clean up compilier warnings on Solaris and Linux, most particularly: 
1) Implicit declaration of function.
2) Possibly unitialized variables.

These warnings have indicated some real problems in the code, so many changes
are not just to silence the warnings, but to fix the problems. Others were
inocuous, but the warnings were silenced to reduce the noise.
 2001-12-07 01:36:25 +00:00
ian.mcgreer%sun.com 08de45a2ba get modification of trust on builtins certs to work by storing the modified trust on the softoken. implement merging of multiple trust instances. 2001-12-06 23:43:14 +00:00
jpierre%netscape.com 64aeabc47e Fix for 108097 - allow cmsutil to work with dual-key certs for signing and encrypting 2001-12-06 23:19:41 +00:00
jpierre%netscape.com 151d643065 Patch for 107323 - fix compiler warnings 2001-12-06 21:25:32 +00:00
ian.mcgreer%sun.com 7e3deea6bd patches to get s/mime dual key certs working, bug 113741 2001-12-06 18:21:38 +00:00
jpierre%netscape.com bc8745f219 Improve error handling in cmsutil - don't proceed when error occurs, and display more information about failures using SECU_PrintError 2001-12-06 03:19:22 +00:00
sonja.mirtitsch%sun.com 99d330d038 misspelled dbtests 2001-12-06 01:46:09 +00:00
jpierre%netscape.com 1db48f3b50 Fix OS/2 build bustage - conflict with error.h from OS/2 toolkit . Put explicit include path to resolve it 2001-12-06 01:36:07 +00:00
sonja.mirtitsch%sun.com b6208c539b trying to hook in dbtest 2001-12-06 00:51:56 +00:00
sonja.mirtitsch%sun.com bc01a248a7 added dbtest 2001-12-05 23:35:55 +00:00
sonja.mirtitsch%sun.com f1e9946cf7 adderd redhat 7.2, changed tinderbox back to defaulting to the tip 2001-12-05 22:52:46 +00:00
sonja.mirtitsch%sun.com a56f81859f test for key and cert databases 2001-12-05 19:18:14 +00:00
sonja.mirtitsch%sun.com fb94e12c7a added 2 more tests 2001-12-05 18:34:09 +00:00
ian.mcgreer%sun.com fcf0d153a6 if no token name is provided to PK11_FindCertByNickname, default to internal token (as opposed to the entire trust domain) 2001-12-05 17:07:53 +00:00
sonja.mirtitsch%sun.com 7407ece054 added calls to new dbtest program 2001-12-05 04:25:31 +00:00
sonja.mirtitsch%sun.com 252c1a941a changed the evaluation of returncode 2001-12-04 21:01:47 +00:00
ddrinan%netscape.com 8e67a4a3e1 Removed extra close comment in MOZ_CLIENT comment section 2001-12-04 19:14:33 +00:00
wtc%netscape.com b29d99b6b3 Bugzilla bug 111574: standard header files should be included with 
#include <foo.h>, not #include "foo.h".  Thanks to Roland Mainz
<Roland.Mainz@informatik.med.uni-giessen.de> for the patch.  r=wtc.
Modified files: signtool.h jar.h
 2001-12-04 18:36:58 +00:00
wtc%netscape.com dcd1dbe6dc Bugzilla bug 111294: make NSS build on QNX6 (Neutrino). The patch was 
contributed by Dave Inglis <dinglis@qnx.com>. r=wtc.
Modified Files:
	coreconf/config.mk coreconf/nsinstall/nsinstall.c
	nss/lib/freebl/unix_rand.c nss/lib/ssl/unix_err.c
Added Files:
	coreconf/QNX.mk
 2001-12-04 18:20:57 +00:00