Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 09:05:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
150,874 Commits 615 Branches 98 Tags 5.9 GiB
4b7f9f6804
Commit Graph

144 Commits

Author SHA1 Message Date
relyea%netscape.com
4b7f9f6804 Bug 129303 NSS needs to expose interfaces to deal with multiple token sources of certs 
r=kaie
 2005-11-23 23:54:15 +00:00
relyea%netscape.com
0223a07982 This change was not part of bug 272484 and has not been reviewed. 
Back it out.
 2005-10-03 21:58:24 +00:00
relyea%netscape.com
53f4189369 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)

This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.

r=wtc
 2005-10-03 21:55:29 +00:00
wtchang%redhat.com
184d7ab678 Bugzilla Bug 305835: removed NSS_ENABLE_ECC ifdefs under nss/lib except 
nss/lib/{freebl,softoken,ssl}. r=nelsonb.
Modified Files:
	cryptohi/keyhi.h cryptohi/manifest.mn cryptohi/seckey.c
	cryptohi/secsign.c freebl/ec.c pk11wrap/manifest.mn
	pk11wrap/pk11akey.c pk11wrap/pk11cert.c pk11wrap/pk11mech.c
	pk11wrap/pk11obj.c pk11wrap/pk11skey.c pkcs12/manifest.mn
	pkcs12/p12d.c pkcs7/config.mk pkcs7/p7decode.c
	pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
	smime/config.mk
 2005-09-02 01:24:57 +00:00
nelsonb%netscape.com
eeb454fae5 remove NSS_CLASSIC code from pk11cert.c and pk11nobj.c. 
bug 293847  r=rrelyea
 2005-08-02 01:34:38 +00:00
julien.pierre.bugs%sun.com
85f13422bc Remove unused variable 2005-04-02 05:17:27 +00:00
julien.pierre.bugs%sun.com
afed9f1c17 Fix for 283765. Fix for UMR in NSSUsage. r=julien 2005-03-04 04:32:04 +00:00
jpierre%netscape.com
d6e93928ed Fix for 254393 - r=nelsonb . PK11_FindKeyByAnyCert returned invalid key objects 2004-08-06 02:24:31 +00:00
relyea%netscape.com
7e82fd4194 Bug 250687 
NSS Crashes or leaks Cert references if bad certs are passed up by PKCS #11 modules.
r=nelson
sr=ian
 2004-07-21 18:18:05 +00:00
relyea%netscape.com
57260fe853 Backing out pk11cert.c changes (not ready for checkin yet). (revert to 1.133) 2004-07-20 23:04:31 +00:00
relyea%netscape.com
950ffdabc7 Fix optimized builds (make tinderbox go green). 2004-07-20 23:02:04 +00:00
relyea%netscape.com
d0af60d089 refactor pk11util, splitting large single files down to a managable size. 
bug 246130. The new factor is:

pk11akey.c - asymetric keys constructed from pk11cert.c and pk11skey.c
pk11auth.c - authentication/password management factored from pk11slot.c
pk11cert.c - cert code with private key, crls and trust factored out.
pk11ctx.c -- pkcs11 context code, factored out of pk11skey.c
new pk11func.h -- for backward compatibility.
pk11mech.c - mechanism mapping code, factored mostly from pk11slot.c
pk11nobj.c - netscape objects (crls and trust), factored mostly from pk11cert.c
pk11obj.c - generic object support, factored from pk11skey.c pk11slot.c and
pk11cert.c
pk11priv.h -- private functions factored from pk11func.h
pk11pub.h -- public functions factored from pk11func.h
pk11skey.c - now only symetric key ops; private, public key ops, generic ops
and crypto contexs have been factored out.
pk11slot.c - still slot operations. Authentication, generic object ops,
mechanism mapping has been factored out.

This patch should only have refactoring, no new functions or other changes.
 2004-07-19 22:12:38 +00:00
relyea%netscape.com
501db85dbc Bug 244914, 244907 r=nelsonb 
Add support for unprotected private keys without requiring authentication.
Add support to access application specific PKCS #11 objects through NSS.
 2004-06-21 23:01:53 +00:00
nelsonb%netscape.com
c89fea6d2e Fold function definition so editor can find it. 2004-06-09 02:22:38 +00:00
gerv%gerv.net
3634d4d94b Bug 236613: change to MPL/LGPL/GPL tri-license. 2004-04-25 15:03:26 +00:00
jpierre%netscape.com
8c43abd07c Fix for 231051 - crlutil asserts after importing CRL. r=nelsonb, wtc 2004-01-27 00:02:16 +00:00
wchang0222%aol.com
991ddf2ba6 Bugzilla bug 228624: made PK11_ListCertsInSlot reach into the Stan layer 
to obtain the correct nicknames of the cert instances (pk11cert.c).  Fixed
the bug that if a cert we want to add the the cache is already in the
cache, we should merge the instances of the cert before destroying the
duplicate cert (tdcache.c).  r=jpierre,relyea.
 2003-12-18 18:23:17 +00:00
nelsonb%netscape.com
e9f81f8499 Detect empty emailAddr strings in CERTCertificate. Bugzilla bug 211540. 2003-11-15 00:15:28 +00:00
wchang0222%aol.com
1cd3ab9050 Bugzilla bug 223624: fixed the compiler warning that case ecKey is not 
handled in the switch statement.  r=nelsonb.
 2003-11-01 05:17:16 +00:00
ian.mcgreer%sun.com
5c2c5888f9 ECC code landing. 
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
 2003-10-17 13:45:42 +00:00
jpierre%netscape.com
60c78ee111 Fix for bug 141882 - convert email query keys to lowercase when searching . r=wtc 2003-09-30 02:33:40 +00:00
nelsonb%netscape.com
4b6b1fdf59 Move a brace so vi will find the beginning of the function. 2003-09-27 01:45:35 +00:00
wtc%netscape.com
b58d136a9c The isOnList function is now unused. 2003-09-18 01:28:52 +00:00
jpierre%netscape.com
81db50ddf4 Fix for bug 215186 - add missing options to PK11_ListCerts . r=wtc 2003-09-18 00:22:18 +00:00
wtc%netscape.com
f56dde49b6 Bugzilla bug 217247: improved the memory leak fix for the appData nicknames 
returned by PK11_ListCerts.  Instead of allocating them from the heap first
and copying to the arena, allocate them from the arena directly.  r=jpierre
Modified Files: certhigh.c pk11cert.c pki3hack.h pki3hack.c
 2003-09-12 19:38:04 +00:00
jpierre%netscape.com
f886a5b696 Fix for bug 72291 . resolve memory leak on nicknames . r=relyea 2003-09-05 00:15:52 +00:00
wtc%netscape.com
b881a9a0c6 Bugzilla bug 72291: have PK11_ListCerts return all the cert instances on 
tokens.  The patch is Julien Pierre's, with changes by Wan-Teh Chang.
Modified Files: pk11wrap/pk11cert.c pki/pki3hack.c pki/pki3hack.h
 2003-08-25 19:18:02 +00:00
wtc%netscape.com
485a88c60e Bug 211384: fixed the bug that importing a CRL that already exists in the 
DB causes NSS_Shutdown to fail.  Two files were changed.  1. crl.c: we
should not obtain a slot reference because PK11_FindCrlByName already
obtained a slot reference.  2. pk11cert.c: cleaned up code and fixed a slot
reference leak if the SECITEM_AllocItem call fails.  r=nelsonb.
 2003-07-08 18:41:28 +00:00
wtc%netscape.com
0cf4cab50e Bug 194222: Removed SECMOD_CallOnce. It is replaced by the new NSPR 4.3 
function PR_CallOnceWithArg.
Modified files: nss/nssinit.c pk11wrap/pk11cert.c pk11wrap/secmodi.h
 2003-02-20 16:58:57 +00:00
wtc%netscape.com
3cfd1da0cc Bug 145029: fixed compiler warnings (mostly "xxx might be used 
uninitialized").
 2003-01-17 02:49:11 +00:00
relyea%netscape.com
6418dccb57 Check for Empty CRL list as well. 
Bug 164501.
 2003-01-10 19:09:46 +00:00
wtc%netscape.com
158222292b Bug 183612: SECMOD_InitCallOnce() and SECMOD_CleanupCallOnce() should be 
declared and defined with an argument list of "(void)" instead of "()".
Modified Files: pk11cert.c secmodi.h
 2002-12-19 07:03:39 +00:00
wtc%netscape.com
b5e025dea3 Bug 183612: renamed some new functions to be consistent with existing 
function names containing SubjectKey and PublicKey.  Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
 2002-12-19 00:26:34 +00:00
wtc%netscape.com
1c4cebd09f Need to test for null pointers before destroying the lock and condition 
variable.  If NSS initialization fails, this lock and condition variable
may not get created.
 2002-12-17 02:47:46 +00:00
wtc%netscape.com
12860a5501 Bug 183612: added support for looking up a cert by subject key ID and 
creating a CMS recipient info from a subject key ID.  The patch was
contributed by Javi Delgadillo <javi@netscape.com>. r=relyea, wtc.
Modified Files:
	certdb/cert.h certdb/certdb.c certdb/certdb.h certdb/certv3.c
	certdb/stanpcertdb.c nss/nss.def nss/nssinit.c
	pk11wrap/pk11cert.c pk11wrap/pk11func.h pk11wrap/secmod.h
	pki/pki3hack.c smime/cms.h smime/cmslocal.h smime/cmspubkey.c
	smime/cmsrecinfo.c smime/cmssiginfo.c smime/cmst.h
	smime/smime.def
 2002-12-17 01:39:46 +00:00
ian.mcgreer%sun.com
72edde5172 bug 172247, don't allow import of duplicate issuer/serial certs 2002-11-21 20:43:15 +00:00
ian.mcgreer%sun.com
9ec0046baa bug 177366, clean up refcounting 
r=relyea
 2002-11-06 18:53:55 +00:00
relyea%netscape.com
5fd94ca1a9 Bug 164501. Return a proper error code from PK11_FindCrlByName() so the CRL 
code can decide if there is a hw or system failure preventing the reading of a
CRL or if the CRL is just not there.
 2002-10-10 20:30:19 +00:00
jpierre%netscape.com
6ce325d896 Fix for 167615 - fix for crash with bad CRLs from token. Also fix error handling 2002-09-28 00:05:34 +00:00
ian.mcgreer%sun.com
e128398d1a bug 171198, leak moving temp cert to perm; add force parameter 
r=wtc,relyea
 2002-09-27 21:23:00 +00:00
jpierre%netscape.com
8885d6de5f Fix for 167615 - don't crash if a token returns a NULL CRL object 2002-09-26 01:38:45 +00:00
wtc%netscape.com
ec39c6ef5f Bug 169790: renamed CERT_DecodeDERCrlEx to CERT_DecodeDERCrlWithFlags. 
Modified files: certdb/cert.h certdb/crl.c nss/nss.def pk11wrap/pk11cert.c
 2002-09-23 21:31:47 +00:00
jpierre%netscape.com
870b616b11 Fix indentation 2002-09-17 21:31:28 +00:00
jpierre%netscape.com
b6bb993d1b Fix UMC in Purify 2002-09-16 23:25:04 +00:00
jpierre%netscape.com
39e52ee09a Add assertion to help debugging CRL crash 2002-09-14 05:41:42 +00:00
wtc%netscape.com
ccb57e7a19 Bug 127886: added the new function PK11_ImportDERCert. 
Modified files: nss/nss.def pk11wrap/pk11cert.c pk11wrap/pk11func.h
 2002-09-07 04:48:57 +00:00
relyea%netscape.com
dcf684fc77 Bug 166893: copy the DER cert when importing the certificate 2002-09-06 18:48:37 +00:00
wtc%netscape.com
a897ae16a9 Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux. 
The patch for this checkin is attached to bug 166785.
 2002-09-06 00:27:52 +00:00
relyea%netscape.com
724f0590f9 Check the cert validity only if we actually found a cert. 2002-08-30 20:37:58 +00:00
relyea%netscape.com
8c67c1f99d When looking for a recipient match, reject non-user certs. 2002-08-29 22:19:46 +00:00