Commit Graph

3546 Commits

Author SHA1 Message Date
wtc%netscape.com
18625bdcab Added coreconf config file for Solaris 10 Intel. 2002-08-23 00:33:48 +00:00
wtc%netscape.com
2190605135 Bug 164035: checked in a small code optimization suggested by
J�rg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
2002-08-22 18:05:32 +00:00
relyea%netscape.com
f5603c8844 Add pubwrap with flags 2002-08-22 00:41:41 +00:00
wtc%netscape.com
401d42ef18 Bug 163863: removed duplicate PORT_Memset calls in CERT_KeyFromDERCert.
Thanks to J�rg Brunsmann <joerg_brunsmann@yahoo.de> for the fix.
2002-08-21 18:05:20 +00:00
relyea%netscape.com
943dd39f49 1) fix crl memory.
2) remove several memory copies in the crl.
2002-08-21 00:09:23 +00:00
kaie%netscape.com
2e5cb525e8 b=140302 hang when collapsing some ssl-security details
r=javi sr=bryner
2002-08-20 12:51:55 +00:00
relyea%netscape.com
78007eba43 Bug 142172
1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
2002-08-19 18:24:58 +00:00
relyea%netscape.com
bb6cf23f23 use error code in secutil.
Clean up the output.
Print out cert chain parsing issues more completely.
2002-08-16 23:09:02 +00:00
relyea%netscape.com
cf0278de93 Quick and dirty utility to pink SSL servers to see if they are configured
correctly.

NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.

Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
2002-08-16 16:29:18 +00:00
jpierre%netscape.com
e5ec791fa2 Correctly count the number of items in a SEQUENCE OF or SET OF in quickder decoder. Bug found by one of Terry's tests. 2002-08-16 00:05:55 +00:00
nicolson%netscape.com
62f1239586 Fix 162761: PK11_GetKeyGen should work if you pass in a keygen alg.
Make PK11_GetKeyGen an identity function for keygen algs.
2002-08-14 23:57:45 +00:00
kaie%netscape.com
9190a3d74e Patch from bug 87902 to fix SSL/TLS logic.
- make TLS intolerant server detection over proxies work
  (this bug 87902)
- on connection failure, only retry without TLS when it is really
  likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
  (see removed comments in patch)
- avoid to confuse programmers reading code,
  by renaming TLSStepUp (which means something else)
  to the correct term STARTTLS (what the code is actually doing).
  (As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
  a warning is shown. If the user decides to cancel,
  network activity should stop immediately.
  (we currently warn multiple times) (bug 87209)

r=javi/darin/ducarroz/dmose sr=alecf
2002-08-14 23:43:28 +00:00
nicolson%netscape.com
aab844b223 Remove try/catch block when loading libjss. This allows any UnsatisfiedLinkError
to get thrown to the application, where it can print it out with all its
information. Also stop checking for jssjava.
2002-08-14 23:00:45 +00:00
nicolson%netscape.com
0668349aad fine-tune javadoc commands. 2002-08-14 22:55:47 +00:00
relyea%netscape.com
0fb6e546c6 bug 161552: Make the recipient list traversal functions call the internal
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
2002-08-14 20:42:40 +00:00
antonio.xu%sun.com
d9f555d2f5 replace the hardcode of "@mozilla.org/embedcomp/dialogparam;1" with NS_DIALOGPARAMBLOCK_CONTRACTID
Bug 158608 r=Henry sr=alecf
2002-08-14 12:39:03 +00:00
blakeross%telocity.com
0c9ee3ddca Making security dialogs default to off after one viewing *in Phoenix only*. Not part of normal build. 2002-08-13 05:25:34 +00:00
kaie%netscape.com
aed4350fca b=154040 Deleting cert does nothing when key DB has no password
r=relyea sr=alecf
2002-08-13 01:15:05 +00:00
relyea%netscape.com
721712b0a2 Mozilla bug 145228. Clear out buffer to protect agains lazy PKCS #11 modules. 2002-08-13 00:13:48 +00:00
seawood%netscape.com
322da773fb Removing old nmake build makefiles. Bug #158528 r=pavlov 2002-08-10 07:55:43 +00:00
nelsonb%netscape.com
c957d262ac Test the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Also, order
tests so all SSL3 tests are done before all TLS tests.
2002-08-09 22:09:18 +00:00
nelsonb%netscape.com
eeff02773b Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Fix Usage. 2002-08-09 22:06:12 +00:00
nelsonb%netscape.com
e90c165157 Add support for SSL_RSA_WITH_NULL_SHA. Bug 161529. Fix usage message. 2002-08-09 21:58:28 +00:00
nelsonb%netscape.com
644319e67f Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. 2002-08-09 21:53:17 +00:00
relyea%netscape.com
cbd308d951 Handle the switch from the static buffer to the realloc buffer. 2002-08-09 18:48:31 +00:00
relyea%netscape.com
c57a14afb4 remove unreferenced Variable. 2002-08-09 18:05:24 +00:00
jpierre%netscape.com
e6ee1f4c60 Add comment about partial CRLs 2002-08-09 07:09:25 +00:00
wtc%netscape.com
f0a85f101a Bug 148220: removed the unused field 'isFIPS'. 2002-08-08 22:52:14 +00:00
relyea%netscape.com
667aff1517 Bug 607834. save the correct name on so we can reset the database. 2002-08-08 18:02:34 +00:00
kaie%netscape.com
141c541484 b=161394 Fix crash in debug builds
r=javi sr=alecf
2002-08-08 14:10:42 +00:00
jpierre%netscape.com
6eeafa0a3a Stop referencing deleted quickder.h header 2002-08-08 01:55:34 +00:00
jpierre%netscape.com
81744b6f54 Updates to quick DER decoder, bug # 161215
Fixes from Terry's review :
- remove quick allocator
- always allocate entry array even if there is 0 entry
- rename DecodeConstructed to DecodeExplicit and use a better test for that case
- other misc small fixes
Also move SEC_QuickDERDecodeItem to secasn1.h
2002-08-08 01:54:38 +00:00
wtc%netscape.com
dd0afb2cee Bug 148220: implements FIPS 198 conformance. r=relyea.
Modified Files: alghmac.c alghmac.h lowpbe.c pkcs11c.c
2002-08-07 23:27:58 +00:00
nicolson%netscape.com
c397f25253 Don't link to libhpi.so. 2002-08-07 22:53:01 +00:00
nelsonb%netscape.com
3843ef99c0 Fix bug 160207 by changing the error alerts we send for failed decryption. 2002-08-07 20:01:51 +00:00
kaie%netscape.com
5802ed6d9c b=161379 Fix JavaScript warnings in security code
r=ssaux sr=mscott
2002-08-07 14:24:04 +00:00
kaie%netscape.com
21f0d86067 b=123917 Remove non-NSS_3_4 codepaths
r=wtc sr=alecf
2002-08-07 13:39:57 +00:00
jpierre%netscape.com
9b074c9def Fix for 157649 - allow crlutil to do partial decoding so it can be used as a test program 2002-08-07 03:53:07 +00:00
jpierre%netscape.com
b4ea41c359 Additional error reporting 2002-08-07 03:47:23 +00:00
jpierre%netscape.com
1e8c079b69 Implement partial CRL decoding. Fix for 149816. r=wtc . Uses new quick DER decoder 2002-08-07 03:44:12 +00:00
jpierre%netscape.com
7759ca21de Reorder functions to avoid forward declaration of DecodePointer 2002-08-07 03:40:47 +00:00
jpierre%netscape.com
4607bbf866 Be consistent in memory allocations - use QuickZAlloc 2002-08-07 03:36:46 +00:00
jpierre%netscape.com
42d8685ccc Add new quick DER decoder. r=wtc 2002-08-07 03:25:47 +00:00
wtc%netscape.com
fdc41cd064 Bug 161316: make pk11pqg.h C++ safe. 2002-08-06 18:31:35 +00:00
glen.beasley%sun.com
178cd7c22b commented debug statement 2002-08-06 16:41:43 +00:00
kaie%netscape.com
346ebd7510 b=124037 Decrease cert manager loading time.
r=rangansen/jkeiser sr=alecf
2002-08-06 13:25:23 +00:00
kaie%netscape.com
69ea18b8f3 b=136819 Returned value from getPSMContentType is compared to wrong enum
Patch from t8m@centrum.cz
r=kaie sr=alecf
2002-08-06 13:21:32 +00:00
kaie%netscape.com
e0682e5b27 b=144435 Allow to edit trust for other people's certificate
r=javi sr=alecf
2002-08-06 13:18:12 +00:00
kaie%netscape.com
02d9df0cf7 b=74339 Support import of SSL, S/MIME, and CA certs
r=javi sr=alecf
2002-08-06 13:11:15 +00:00
kaie%netscape.com
098841f1b3 b=159053 Memory leak in nsSecureBrowserUIImpl
r=jkeiser sr=alecf
2002-08-06 13:06:21 +00:00