1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
correctly.
NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.
Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
- make TLS intolerant server detection over proxies work
(this bug 87902)
- on connection failure, only retry without TLS when it is really
likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
(see removed comments in patch)
- avoid to confuse programmers reading code,
by renaming TLSStepUp (which means something else)
to the correct term STARTTLS (what the code is actually doing).
(As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
a warning is shown. If the user decides to cancel,
network activity should stop immediately.
(we currently warn multiple times) (bug 87209)
r=javi/darin/ducarroz/dmose sr=alecf
Fixes from Terry's review :
- remove quick allocator
- always allocate entry array even if there is 0 entry
- rename DecodeConstructed to DecodeExplicit and use a better test for that case
- other misc small fixes
Also move SEC_QuickDERDecodeItem to secasn1.h
Description: replace the hardcode of "@mozilla.org/embedcomp/window-watcher;1" with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
Description: replace the hardcode of "@mozilla.org/embedcomp/window-watcher;1" with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
