Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 17:16:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
123,305 Commits 615 Branches 98 Tags 5.9 GiB
525a14b3ed
Commit Graph

1899 Commits

Author SHA1 Message Date
nelsonb%netscape.com
63cbaffd59 Remove unreferenced local variables from functions. 2003-02-07 05:08:01 +00:00
wtc%netscape.com
5cc66223d8 Backed out the previous checkin because it doesn't work on Windows. 2003-02-06 05:33:33 +00:00
wtc%netscape.com
025206b16f Bug 177387: include the *.chk files in the mdbinary.jar files generated by 
the release makefile target.
Modified Files: lib/freebl/manifest.mn lib/softoken/manifest.mn
 2003-02-06 03:52:37 +00:00
relyea%netscape.com
90be81e5ad The NSPR get shared lib interface requires the library name only, 
not a partial path to the library. This affects AIX.
 2003-02-06 00:49:09 +00:00
relyea%netscape.com
f419ac9454 Try to load the new module before we've unloaded the old one. This now 
works in NSS, and it allows us to back out if the new one didn't load (because
FIPS could not verify the shared module for instance).
 2003-02-05 00:35:53 +00:00
relyea%netscape.com
447f0c56f9 Check bug 188856 into the tip. 
1)return proper error code in more cases. 2) Fix bug in DH KeyPair Generation.

the essential part of this fix in pkcs11c.c where we add the CKA_NETSCAPE_DB
attribute on Diffie-Hellman key gen. I don't know why the code would have even
thought of working without this (unless we were testing with pregenerated
keys).

The rest of the fix is to surface more of the PKCS #11 error back up. There is
a separate bug to continue tracking the issue of lost PKCS #11 errors.
 2003-01-31 23:39:34 +00:00
nelsonb%netscape.com
3f08900d2f Fix an uninitialized variable. Bug 191396. 2003-01-31 22:26:56 +00:00
nelsonb%netscape.com
340366e2ff Fix crash in CERT_CheckKeyUsage caused by dereferencing a returned pointer 
without checkin it for NULL.
 2003-01-31 02:49:13 +00:00
nelsonb%netscape.com
9b5a756ce6 Fix bug 191396. Don't generate SEC_ERROR_LIBRARY_FAILURE unnecessarily 
while doing dsa signatures.
 2003-01-31 02:39:36 +00:00
relyea%netscape.com
e7212afe42 FIPS library verifier. 2003-01-30 23:38:07 +00:00
relyea%netscape.com
691d3e25e1 FIPS library verifier 2003-01-30 23:36:37 +00:00
wtc%netscape.com
060a90105f Bug 177387: temporarily added freebl_GetLibraryFilePathname to libfreebl.a. 
This function has the same semantics as the NSPR 4.3 function
PR_GetLibraryFilePathname. This patch should be backed out when NSPR 4.3 is
released.
Modified Files: config.mk manifest.mn
Added Files: libpath.c
 2003-01-30 07:00:32 +00:00
jpierre%netscape.com
7f77163102 Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute. r=wtc 2003-01-30 05:12:10 +00:00
jpierre%netscape.com
da30938629 Fix for 190424 - don't query CKA_NETSCAPE_EMAIL attribute . r=wtc 2003-01-30 03:02:55 +00:00
jpierre%netscape.com
455618e1a1 Patch for memory leak . Bug 189976 . r=wtc 2003-01-30 02:59:35 +00:00
relyea%netscape.com
99d710be9c New header file to dump defines for managing signed FIPs libraries. 2003-01-28 18:50:02 +00:00
relyea%netscape.com
6be85505ba Export functions needed for modutil to be compiled dynamically. 2003-01-28 16:41:46 +00:00
relyea%netscape.com
d58c1ec22c Remove dead code and symbols from lib jar so that modutil can compile when 
linked with it.
 2003-01-28 16:39:32 +00:00
relyea%netscape.com
368b83f17c Sign 3 sets of changes are here: 
1) Provide accessor functions for the PK11_DefaultArray so that modutil
does not have to link statically to access it.

2) Try setting the attribute on an object before we go to the work of copying
it (Function Only used in Java).

3) Optimize searching for the more common types of attributes.
 2003-01-28 16:38:04 +00:00
wtc%netscape.com
228b3e52ed Bug 190396. 
Don't fail the search if the token returned an error that indicates that it
legitimately couldn't find a CRL
 2003-01-24 06:37:03 +00:00
relyea%netscape.com
998b101109 Bug 167756. Clean up previous patch: add lastState field, and set the SSL Error on failure. 2003-01-23 22:02:37 +00:00
relyea%netscape.com
17117c5e23 Write changes back to the database when we correct incorrect user bit settings. 2003-01-23 19:38:53 +00:00
relyea%netscape.com
f83c287af6 Set the size value when extracting a key 19011. 2003-01-23 17:30:15 +00:00
relyea%netscape.com
7d03017158 Check for token removal before continuing SSL sessions which have client auth 
with certs associated with that token. bug 167756.
 2003-01-23 17:27:34 +00:00
relyea%netscape.com
61a6011027 Fix bug 180824 Version 3.4 string hard coded in default token name. 2003-01-23 17:16:50 +00:00
jpierre%netscape.com
f593a5bac0 Fix for bug #126930 - make SSL_ConfigServreSessionIDCache work on OS/2 by not using shared memory in single process mode. r=nelsonb 2003-01-23 00:15:08 +00:00
wtc%netscape.com
8518277691 Bug 190112: PK11_ReadAttribute needs to call PK11_ExitSlotMonitor before 
we return because of allocation failure.
 2003-01-22 17:44:36 +00:00
wtc%netscape.com
0a514a798c Bug 189546: updated the comments to reflect what the new code does. 2003-01-22 06:24:53 +00:00
nelsonb%netscape.com
8a025005e9 Add OIDs for AES Key Wrap mechanism. 2003-01-22 04:35:54 +00:00
wtc%netscape.com
b4f31cb711 Bug 189546: moved the switch statement for known key lengths to the 
beginning of PK11_GetKeyLength to work around a deadlock in nCipher
module if PK11_ExtractKeyValue is called.
 2003-01-22 03:55:21 +00:00
nelsonb%netscape.com
65a0422f22 Implement new AES Key Wrap mechanisms. Bug 167818. 2003-01-22 03:13:04 +00:00
wtc%netscape.com
fdf8f4dc25 Bug 189345: we incorrectly assumed that a C_XxxFinal call to determine the 
length of the buffer would also terminate the active operation if the
buffer length is 0.  PKCS#11 says it doesn't, so we need to make the
additional C_XxxFinal call even if the buffer length is 0.  Allocate a
buffer from the heap if the stack buffer is too small and free the
heap-allocated buffer before we return from pk11_Finalize.  We can use the
stack buffer if count is equal to its size.
 2003-01-21 19:33:24 +00:00
relyea%netscape.com
65a9359e6e Bug 198364. Tokens keys do not own their handles. Don't let the key 
get destroyed when freed.
 2003-01-18 01:49:33 +00:00
nelsonb%netscape.com
b39068212e When wrapping secret keys with an unpadded block cipher, null padd the keys 
as necessary, per the PKCS 11 spec.  Also, implement padding and unpadding
for single-part only ciphers.
 2003-01-17 05:50:08 +00:00
wtc%netscape.com
3cfd1da0cc Bug 145029: fixed compiler warnings (mostly "xxx might be used 
uninitialized").
 2003-01-17 02:49:11 +00:00
nelsonb%netscape.com
66dbe61852 One more fix for HPUX and Solaris. 2003-01-16 01:44:43 +00:00
jpierre%netscape.com
bd1c6e2d6f Fix incorrect usage of QuickDER . See bug 160805 comment 16 2003-01-16 00:56:10 +00:00
nelsonb%netscape.com
52c0e7f513 Fix compilation error. This file is only compiled on 2 platforms. 2003-01-16 00:55:53 +00:00
nelsonb%netscape.com
191e2830e1 Switch from the old vendor-defined mechanism numbers to the new official 
PKCS 11 mechanism numbers.  These numbers will appear in v2.20.
 2003-01-16 00:43:58 +00:00
nelsonb%netscape.com
48e7307212 Enforce that softoken's mechanisms are used only with the PKCS 11 
functions that they're defined to work with.
 2003-01-16 00:28:05 +00:00
nelsonb%netscape.com
b4debe71ef Complete the addition of AES Key Wrap to blapi in freebl. 2003-01-16 00:15:21 +00:00
nelsonb%netscape.com
f8ffa9b2df Remove the implementation of CKM_KEY_WRAP_LYNKS from softoken. 2003-01-16 00:14:07 +00:00
nelsonb%netscape.com
c74e098433 aeskeywrap.c - implement AES Key Wrap algorithm from RFC 3394 2003-01-14 22:16:04 +00:00
relyea%netscape.com
6418dccb57 Check for Empty CRL list as well. 
Bug 164501.
 2003-01-10 19:09:46 +00:00
relyea%netscape.com
536df41f30 Declare PK11_TokenRefresh() 2003-01-10 17:53:01 +00:00
relyea%netscape.com
5c9c0d249b Remember to include the global: tag 2003-01-09 18:44:26 +00:00
relyea%netscape.com
e99b341301 backport NSS 3.7 fixes to the tip. 2003-01-09 18:15:11 +00:00
wtc%netscape.com
22b938bb47 Bug 186201: should handle a null 'environ' pointer, which can happen on 
Solaris if NSS is loaded with dlopen() by an executable linked with the
RTLD_GROUP flag.
 2003-01-09 04:34:31 +00:00
wtc%netscape.com
ec08fd394a Bug 187629: do not refresh a CERTCertificate if the same instance of a 
cached cert is added to the collection.
 2003-01-09 04:29:01 +00:00
wtc%netscape.com
39a4a9cc69 Bug 186586: If at NSS shutdown there are still certs in the cert caches, 
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later.  New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
 2003-01-08 21:58:29 +00:00
wtc%netscape.com
cd80470fa2 Bug 186586: If at NSS shutdown there are still certs in the cert caches, 
cause NSS shutdown and the next NSS initialization to fail but do not
destroy the cert caches (and the crypto context and trust domain containing
them) to avoid a crash if the NSS client destroys the certs later.  New
error codes needed to be added to indicate the failure of NSS shutdown and
NSS initialization due to this cause.
Modified Files:
	base/errorval.c nss/nssinit.c pki/pki3hack.c pki/pki3hack.h
	pki/pkistore.c pki/pkistore.h pki/tdcache.c pki/trustdomain.c
	util/secerr.h
 2003-01-08 21:48:47 +00:00
wtc%netscape.com
6eb33bd89e Bug 183612: added some comments. 2002-12-24 02:25:36 +00:00
wtc%netscape.com
158222292b Bug 183612: SECMOD_InitCallOnce() and SECMOD_CleanupCallOnce() should be 
declared and defined with an argument list of "(void)" instead of "()".
Modified Files: pk11cert.c secmodi.h
 2002-12-19 07:03:39 +00:00
wtc%netscape.com
b5e025dea3 Bug 183612: renamed some new functions to be consistent with existing 
function names containing SubjectKey and PublicKey.  Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
 2002-12-19 00:26:34 +00:00
relyea%netscape.com
04963b62bb Bug 186058 2002-12-18 23:55:53 +00:00
wtc%netscape.com
ee51cff828 Bug 183612: fixed the bug that 'extra' may be used uninitialized. r=javi. 2002-12-18 02:06:01 +00:00
wtc%netscape.com
8c5bcf00c1 Set NSS version to 3.8 Beta on the trunk. 2002-12-17 23:04:46 +00:00
wtc%netscape.com
a67a4928f3 Export CERT_DestroyOCSPResponse in 3.7. Moved HASH_GetHashObjectByOidTag, 
HASH_GetHashTypeByOidTag, and SECITEM_ItemsAreEqual from 3.7 to 3.8.
 2002-12-17 23:02:53 +00:00
relyea%netscape.com
2602912c3d Make sure the session is protected over PKCS #11 calls. 2002-12-17 18:22:38 +00:00
wtc%netscape.com
1c4cebd09f Need to test for null pointers before destroying the lock and condition 
variable.  If NSS initialization fails, this lock and condition variable
may not get created.
 2002-12-17 02:47:46 +00:00
wtc%netscape.com
5a045514c6 I made a mistake in the previous checkin. certdb.h doesn't need to be 
included because the new function CERT_FindCertBySubjKeyID is declared in
cert.h.
 2002-12-17 02:08:51 +00:00
wtc%netscape.com
12860a5501 Bug 183612: added support for looking up a cert by subject key ID and 
creating a CMS recipient info from a subject key ID.  The patch was
contributed by Javi Delgadillo <javi@netscape.com>. r=relyea, wtc.
Modified Files:
	certdb/cert.h certdb/certdb.c certdb/certdb.h certdb/certv3.c
	certdb/stanpcertdb.c nss/nss.def nss/nssinit.c
	pk11wrap/pk11cert.c pk11wrap/pk11func.h pk11wrap/secmod.h
	pki/pki3hack.c smime/cms.h smime/cmslocal.h smime/cmspubkey.c
	smime/cmsrecinfo.c smime/cmssiginfo.c smime/cmst.h
	smime/smime.def
 2002-12-17 01:39:46 +00:00
relyea%netscape.com
3e6d515d45 Increment the tmpbuf pointer to the correct index point 2002-12-13 19:02:13 +00:00
relyea%netscape.com
88da4209b7 Use correct sense of the timeout value. 2002-12-13 00:25:21 +00:00
nelsonb%netscape.com
a4ffefd8be Support SHA256, SHA384, and SHA512 hashes in NSS. 2002-12-12 06:05:45 +00:00
relyea%netscape.com
15ce24e7da Don't break solaris or linux (add the ';') 2002-12-11 17:56:49 +00:00
relyea%netscape.com
986ee61360 Export new command to pull for token change events. 2002-12-11 17:53:20 +00:00
relyea%netscape.com
b3956b6cb3 Add token removal blocking function. 2002-12-11 17:43:24 +00:00
relyea%netscape.com
5a83c35578 Make SubjectAltEncode a public function. Fixes build breakage in Linux 2002-12-10 17:41:16 +00:00
relyea%netscape.com
fa12d2382e Export the AltSubjectEncode function so our test programs can build certs 
with multiple email addresses.
 2002-12-10 17:15:15 +00:00
relyea%netscape.com
962c8ddfb3 Create profiles for all the email addresses in a certificate. 2002-12-10 17:14:17 +00:00
relyea%netscape.com
603a1de75c Fix padding value. 2002-12-06 19:11:57 +00:00
nelsonb%netscape.com
62b8516bb9 Don't compile the .c files in lib/pki1 on the trunk. These files are used 
only in Stan.
 2002-12-05 22:15:36 +00:00
wtc%netscape.com
5fa50f792d Bug 39494: added a check to prevent buffer overflow. r=mcgreer,nelsonb. 2002-12-04 23:41:49 +00:00
wtc%netscape.com
89bb676522 Fixed the build breakage of const unsigned char[] and unsigned char * 
mismatch on the Mac (compiler warnings on other platforms) by adding
(unsigned char *) typecasts.  r=relyea.  (Bug 183350)
 2002-12-04 00:28:56 +00:00
wtc%netscape.com
0def6ffdbe Bug 181878: fixed two more bugs in the new code to support multiple email 
addresses per certificate.  r=nelsonb.
 2002-11-27 01:28:03 +00:00
relyea%netscape.com
c40360b6a9 More review changes, 
Fix incorrect return in pcertdb.c
 2002-11-26 22:14:56 +00:00
relyea%netscape.com
25a292272c Incorporate some of Nelson's review changes. 
Collapse all the profile data into an array for easier processing when printing out.
 2002-11-26 21:03:18 +00:00
wtc%netscape.com
fd00621e5c Bug 180228: moved CERT_CRLCacheRefreshIssuer from the NSS_3.6.1 section to 
the NSS_3.7 section.
 2002-11-26 19:21:55 +00:00
relyea%netscape.com
c296a3a69f Incorporate Terry's and Nelson's reviews. 2002-11-26 18:27:25 +00:00
nelsonb%netscape.com
4bdff07d6f Back out my last change. 2002-11-26 07:07:20 +00:00
nelsonb%netscape.com
c4ae2fc1f4 Eliminate bug due to uninitialized variable index. Eliminate leak. 
Remove lots of warnings about signed/unsigned and assigning int to uchar.
 2002-11-26 05:58:51 +00:00
relyea%netscape.com
58543311f7 Bug 181878 allow multiple email addresses to point to a single subject record. 2002-11-26 00:13:54 +00:00
nelsonb%netscape.com
b415060cf8 Put the nss 3.7 section after the nss 3.6.1 section. 2002-11-21 23:22:52 +00:00
ian.mcgreer%sun.com
72edde5172 bug 172247, don't allow import of duplicate issuer/serial certs 2002-11-21 20:43:15 +00:00
nelsonb%netscape.com
924b265d37 Use the 32-bit code on Solaris x86 platforms, too. 2002-11-21 02:54:04 +00:00
nelsonb%netscape.com
c9be494de9 Back out revision 1.2, which was a workaround for a c preprocessor bug 
in a certain version of the c compiler for Dec/Compaq Alpha OSF1.
The file now requires one of these compilers on that platform:
Compaq C V6.3-132  or Compaq C V6.4-214 (dtk)
 2002-11-20 05:25:58 +00:00
nelsonb%netscape.com
6986b980f7 Optimization: change macros to do only 32-bit arithmetic on platforms 
with only 32-bit registers.
 2002-11-20 00:48:09 +00:00
jpierre%netscape.com
e965a244ec Fix for bug 180894 - don't assert in ShutdownCRLCache() 2002-11-19 21:37:50 +00:00
nelsonb%netscape.com
0391c3a0ab Change all functions that create contexts for encryption to treat their 
input buffers as const.  Warning reduction.
 2002-11-16 06:09:58 +00:00
jpierre%netscape.com
071bcc8ef0 Fix again? 2002-11-16 05:05:17 +00:00
jpierre%netscape.com
2854b0f273 Fix build again ! 2002-11-16 04:27:39 +00:00
nelsonb%netscape.com
c69f246d7a Recognize new SHAxxx OIDs. 2002-11-16 03:34:53 +00:00
jpierre%netscape.com
a46a21ce98 Fix build 2002-11-16 03:32:40 +00:00
nelsonb%netscape.com
d2a0920045 Correct softoken routines to work with new larger SHAxxx hashes. 2002-11-16 03:32:39 +00:00
nelsonb%netscape.com
5556b4b77f Correct HMAC code to work with new larger SHAxxx hashes. 2002-11-16 03:30:37 +00:00
nelsonb%netscape.com
dd4c5651b8 Add new SHAxxx hash algorithms to tables of SECHashObjects. 2002-11-16 03:29:32 +00:00
nelsonb%netscape.com
0575c4bc91 Declare new vendor-defined mechanisms for SHA256, SHA384 and SHA512. 2002-11-16 03:25:01 +00:00
nelsonb%netscape.com
eeb4bc7c50 Now that we have hashes larger than SHA1, 
#define HASH_LENGTH_MAX         SHA512_LENGTH
 2002-11-16 03:21:53 +00:00
nelsonb%netscape.com
6b4fae5a4a Don't reject a cert request with an empty list of CA cert names. 
Don't crash with an empty CA name list.
 2002-11-16 03:19:48 +00:00
nelsonb%netscape.com
9ee53c1fde Add "const" modifier to all fixed arrays used for keys or known text. 2002-11-16 01:00:44 +00:00
jpierre%netscape.com
d654882327 Patch for 180228 - export CRL cache flush API . r=wtc 2002-11-15 05:04:05 +00:00
ian.mcgreer%sun.com
476282ab25 bug 39494, handle non-standard AVAs properly 
r=nelsonb
 2002-11-14 17:04:43 +00:00
relyea%netscape.com
de6635b1b4 Adjust the time values so we have correct and consistant displays. 2002-11-11 22:01:57 +00:00
relyea%netscape.com
c89a0a7444 Multi-access database race condition patches. These changes are already checked 
into NSS 3.6.1.
 2002-11-11 22:00:03 +00:00
jpierre%netscape.com
cc471dc4ee Assert if the QuickDER decoder does not consume all the input 2002-11-09 01:56:01 +00:00
relyea%netscape.com
df7578f751 Bug 176667: kaie authored the patch, ian/relyea reviewed it. 2002-11-08 19:10:54 +00:00
jpierre%netscape.com
3fe1f54335 Fix for 177798 . Improve handling of initialization / shutdown of the CRL cache using a static status variable 2002-11-07 00:02:31 +00:00
ian.mcgreer%sun.com
9ec0046baa bug 177366, clean up refcounting 
r=relyea
 2002-11-06 18:53:55 +00:00
nelsonb%netscape.com
e1484b41c3 Workaround a c preprocessor bug on a certain 64-bit platform. Bug 178314. 2002-11-05 01:52:49 +00:00
nelsonb%netscape.com
6710514e32 Fix missing strings that cause crash in SSL_SecurityStatus(). Bug 178342. 2002-11-05 00:25:20 +00:00
relyea%netscape.com
9452f46ac8 db8 code part 1: 
1) Create new dbs with 32 k buffers.
   2) New dbs never store a single entry greater than 30 k (those are stored
using the blob code).
   3) NSS can run with either new or old dbs read only.
   4) If possible a new db is upgraded from and old db.
 2002-11-04 19:31:59 +00:00
nelsonb%netscape.com
c2ff4f68a2 Add some processor and compiler dependent optimizations to SHA1. 2002-11-02 01:53:01 +00:00
nelsonb%netscape.com
2ff4c01664 Add SHA256 SHA512 and SHA384 hashes to freebl. 2002-11-02 01:51:44 +00:00
jpierre%netscape.com
edd979ec33 Fix for bug 177798 - NULL pointers in ShutdownCRLCache to allow shutdown/restart 
of NSS.
 2002-11-02 00:07:48 +00:00
jpierre%netscape.com
9c6ca52dde Remove call to PL_ArenaFinish . This effectively shut down NSPR arenas and created problems when restarting NSS . r=relyea 2002-10-31 22:02:10 +00:00
jpierre%netscape.com
f3907a7439 Fix for 177208 - unmark arena when DER decoding is successful 2002-10-31 01:54:13 +00:00
jpierre%netscape.com
8083074fbc Fix for bug 175115 . Remove incorrect check for CA cert expiration. Also fix CRL signature verification and clean up internal functions . r=mcgreer,relyea,nelsonb,wtc 2002-10-30 23:31:38 +00:00
relyea%netscape.com
5d8b5a40ce Fix build breakage. Some platforms do not like to assign unsigned char * to 
char * without a cast.
 2002-10-30 19:01:21 +00:00
relyea%netscape.com
c301258ee1 Check in new certdata file generated from certdata.txt 2002-10-30 17:20:59 +00:00
relyea%netscape.com
014936248b Allow the builtin's to accept old style serial numbers as well the the correct 
PKCS #11 serial numbers.
 2002-10-30 17:18:14 +00:00
relyea%netscape.com
a8cddf9408 Make the Serial Numbers DER Wrapped rather than raw serial numbers. 
This is required by PKCS #11 and was causing some bugs in NSS 3.6.
 2002-10-30 17:09:28 +00:00
wtc%netscape.com
182f81490a Bug 177201: declare NSS_CMSEncoder_Cancel. 2002-10-30 01:31:01 +00:00
jpierre%netscape.com
c4e2aa9127 Fix for bug 95311 - copy the DER input key to the arena, and free the arena upon decoding failure. 2002-10-29 23:47:31 +00:00
jpierre%netscape.com
31ce9957ca Use QuickDER to decode DER public key. Bug #95311 2002-10-29 22:52:31 +00:00
nelsonb%netscape.com
b1090ac99f Plug cert leak in NSS_SMIMESignerInfo_SaveSMIMEProfile. Bug 176799. 
Patch contributed by Kai Engert.
 2002-10-25 22:46:48 +00:00
nelsonb%netscape.com
4554b52c1c Add new function CERT_VerifySignedDataWithPublicKey containing common code 
factored from existing functions CERT_VerifySignedDataWithPubKeyInfo and
CERT_VerifySignedData.  Bug 174193.
 2002-10-25 03:21:24 +00:00
jpierre%netscape.com
f759ddb2eb Fix for 169038 - bump builtins library version to 1.20 on the tip 2002-10-25 00:17:37 +00:00
jpierre%netscape.com
85f14ab5f0 Fix comment formatting style 2002-10-23 23:41:02 +00:00
jpierre%netscape.com
55df3cd350 Fix for bug 95311 - replace assertion with comments 2002-10-23 23:18:17 +00:00
relyea%netscape.com
940043e883 Make sure the array is big enough to handle all the cases. 2002-10-23 22:51:10 +00:00
nelsonb%netscape.com
25d4b3dd39 Include certi.h to resolve invocation of undeclared function. 2002-10-23 22:00:48 +00:00
nelsonb%netscape.com
b0c5f20ec4 Add 2 new functions to NSS, so an application can get a list of all 
email addresses in a cert.  Bug 152986.
Modified Files: lib/nss/nss.def lib/certdb/alg1485.c lib/certdb/cert.h
                lib/certdb/certdb.c lib/certdb/certi.h
 2002-10-23 20:50:51 +00:00
wtc%netscape.com
1521c67903 The version of the builtin root certs module is now specified in nssckbi.h. 2002-10-23 19:04:22 +00:00
jpierre%netscape.com
50bc3486f0 Up library number for TC roots - bug #169038 2002-10-23 01:38:57 +00:00
ian.mcgreer%sun.com
b9d29eefdc bug 174634, fix handling of authorityCertIssuer in chain construction 2002-10-22 14:43:08 +00:00
jpierre%netscape.com
8797b2c565 Fix for bug 175167 - SEC_QuickDERDecodeItem should fre memory upon failure. r=wtc 2002-10-18 22:32:34 +00:00
nelsonb%netscape.com
dc79671232 Verify the self-signed signature on PKCS 10 cert requests before honoring 
them.  Bug 174193.
 2002-10-18 21:58:24 +00:00
nelsonb%netscape.com
f1d2ae9c89 Fix DER_GetInteger. Bug 174644. 2002-10-16 01:36:10 +00:00
jpierre%netscape.com
1dfb9604b6 Fix for 169038 - correct entries for TC TrustCenter roots 2002-10-12 01:05:47 +00:00
jpierre%netscape.com
634583edc6 Fix for 169038 - correct entries for TC TrustCenter roots 2002-10-12 01:04:53 +00:00
relyea%netscape.com
e00f4b4887 Fix memory leaks in the startup of the builtins. 2002-10-10 22:39:23 +00:00
relyea%netscape.com
936e0f80f3 Fix optimized build failures 2002-10-10 21:17:39 +00:00
relyea%netscape.com
5fd94ca1a9 Bug 164501. Return a proper error code from PK11_FindCrlByName() so the CRL 
code can decide if there is a hw or system failure preventing the reading of a
CRL or if the CRL is just not there.
 2002-10-10 20:30:19 +00:00
relyea%netscape.com
e352244c4b Unix and Mac platforms need to load librdb.* not rdb.*. 2002-10-10 20:11:09 +00:00
relyea%netscape.com
006424c6d4 Fix minor memory leak on init. 2002-10-10 20:09:30 +00:00
jpierre%netscape.com
fa9b7e0590 Bump softoken version to 3.7 on tip 2002-10-08 04:07:22 +00:00
jpierre%netscape.com
2495acd6a6 Fix for 172732. r=relyea 2002-10-08 01:23:09 +00:00
wtc%netscape.com
51729f2108 Set NSS version to 3.7 Beta on the tip. 2002-10-07 20:47:18 +00:00
jpierre%netscape.com
d1ffbcafb9 Fix for 172678 - move internal functions InitCRLCache and ShutdownCRLCache to private header certi.h 2002-10-05 02:24:25 +00:00
wtc%netscape.com
83c6850bf0 Sorted NSS 3.6 symbols in alphabetical order. 2002-10-04 22:11:34 +00:00
wtc%netscape.com
63fb76c996 Bug 164744: fixed the comment block style. 2002-10-03 04:01:34 +00:00
wtc%netscape.com
22c42f1c08 Bug 149832: renamed highestUsage as certificateUsageHighest. 
Modified files: certdb/certt.h certhigh/certvfy.c
 2002-10-03 03:48:55 +00:00
jpierre%netscape.com
b0fe3718ae Fix for 164744 - implement new functions for pk12util . r=wtc 2002-10-03 03:35:32 +00:00
jpierre%netscape.com
2e48c1c8a4 Fix for 164744 - fix for pk12util to export multiple certs 2002-10-02 04:32:17 +00:00
ian.mcgreer%sun.com
6199159d80 bug 171224, changes to path construction 
r=nelsonb
 2002-10-01 14:32:15 +00:00
relyea%netscape.com
b6295815f9 Bug 16296: fix race in sdr code. 2002-10-01 00:46:20 +00:00
relyea%netscape.com
487a7f5f6a Fix SDR race condition with a coarse lock. Does not address multiaccess DB 
races. Bug 169296.
 2002-10-01 00:23:46 +00:00
ian.mcgreer%sun.com
cc2b80a48a bug 166793, uninitialized variables 
r=wtc
 2002-09-30 21:15:07 +00:00
wtc%netscape.com
886e30e17b Bug 154689: removed the "with Shared Database" string. NSS is always built 
that way now.
 2002-09-30 21:00:43 +00:00
wtc%netscape.com
d7b153e145 Bug 127740: added a comment to explain the thread yield in 
ssl3_SendApplicationData.
 2002-09-30 20:51:05 +00:00
wtc%netscape.com
ca4da40f13 Use the enumeration constant 'siBuffer' instead of 0. 2002-09-30 20:36:54 +00:00
wtc%netscape.com
22503c53a1 Bug 171422: removed unused (and incorrect) code. r=mcgreer. 2002-09-30 20:33:44 +00:00
wtc%netscape.com
2e33cb369f Bug 153258: fixed a misspelling in pk11_getDefTokName. 2002-09-28 14:14:18 +00:00
nicolson%netscape.com
0654510b0b Fix 128172: function to convert a session key to a token key. 2002-09-28 00:48:32 +00:00
jpierre%netscape.com
6ce325d896 Fix for 167615 - fix for crash with bad CRLs from token. Also fix error handling 2002-09-28 00:05:34 +00:00
ian.mcgreer%sun.com
e128398d1a bug 171198, leak moving temp cert to perm; add force parameter 
r=wtc,relyea
 2002-09-27 21:23:00 +00:00
relyea%netscape.com
34f3c0635f Bug 167861: PK11_GetModInfo needs to set the error code. 2002-09-27 17:50:59 +00:00
relyea%netscape.com
20b909f88a bug 130966: fix problems in searching and storing fixed keys. 
bug 170423: Turn on block symetric and Mac'ing functions in the DB token so we can use the fixed keys there without moving them around.

Fix memory leak on shutdown (leaking the sessions).
 2002-09-27 17:46:36 +00:00
relyea%netscape.com
9c8a68e08d Bug 166894: Handle changing Trust when cert is in the token. 2002-09-27 15:55:01 +00:00
nelsonb%netscape.com
8bdfd22acf Add targets for HPUX Itanium family processors. 2002-09-27 01:23:28 +00:00
nicolson%netscape.com
5fe2828356 Fix 169798: Failed to install ca signing certificate with NS3.6beta. 
r=wtc
 2002-09-27 00:01:53 +00:00
jpierre%netscape.com
8885d6de5f Fix for 167615 - don't crash if a token returns a NULL CRL object 2002-09-26 01:38:45 +00:00
jpierre%netscape.com
7150fbd4e4 Fix for 167615 - don't crash if the CRL isn't found due to a database error 2002-09-26 01:37:41 +00:00
wtc%netscape.com
fda8e75512 Bug 170379: fix the stack overflow crash by not allocating the 32K "sieve" 
array on the stack.
 2002-09-26 00:04:25 +00:00
wtc%netscape.com
1f1b0dc528 Bug 166894: destroy nssTrust before returning from STAN_ChangeCertTrust. 2002-09-24 18:47:33 +00:00
wtc%netscape.com
c07287ed58 Bug 169944: declare PK11_TokenKeyGen in pk11func.h and export it from the 
nss3 shared library.
Modified Files: nss/nss.def pk11wrap/pk11func.h
 2002-09-24 18:40:29 +00:00
wtc%netscape.com
cf907092d8 Bug 169785: CERT_AddOCSPAcceptableResponses should have a second argument 
of type SECOidTag, followed by the optional arguments ..., because it needs
at least one argument of type SECOidTag.  r=nelsonb.
 2002-09-23 23:47:49 +00:00
nelsonb%netscape.com
b155ff5183 Change coding style used in nss/lib/pki to one that works with ctags. 
Bug 169999.   Modified Files:
  asymmkey.c certdecode.c certificate.c cryptocontext.c pki3hack.c
  pkibase.c pkistore.c symmkey.c tdcache.c trustdomain.c
 2002-09-23 21:32:35 +00:00
wtc%netscape.com
ec39c6ef5f Bug 169790: renamed CERT_DecodeDERCrlEx to CERT_DecodeDERCrlWithFlags. 
Modified files: certdb/cert.h certdb/crl.c nss/nss.def pk11wrap/pk11cert.c
 2002-09-23 21:31:47 +00:00
nicolson%netscape.com
667a8762e8 Fix 169578: PK11_ImportAndReturnPrivateKey sets wrong key type. 2002-09-20 21:48:32 +00:00
relyea%netscape.com
13eecfd21f Fix corrupt listing of nicknames on keys. 
Bug 166995.
 2002-09-20 20:36:44 +00:00
relyea%netscape.com
62fa6c9bf9 Fix memory leak mozbug 165655, r=wtc 2002-09-20 20:36:10 +00:00
wtc%netscape.com
f43706f998 Removed the duplicate NSS_3.6 section in the previous checkin. 2002-09-20 18:02:13 +00:00
jpierre%netscape.com
a56da94693 Fix for 145785 - Need to create signer infos using Subject Key ID. r=relyea 2002-09-20 04:41:47 +00:00
jpierre%netscape.com
1d3fed81c0 Update TC TrustCenter CAs in NSS 3.6 (tip). Fix for 169038 2002-09-20 04:26:55 +00:00
jpierre%netscape.com
74f7bf27a2 Fix for bug 156042 - crash when CA not issued by a valid CA 2002-09-20 01:53:33 +00:00
wtc%netscape.com
9690a2abd2 Bug 169581: the last two arguments to pk11_mkSlotString should have the 
type PRBool, not unsigned char.  As a byproduct this change works around
what seems to be a gnupro gcc compiler optimization bug.  r=relyea.
Modified Files: pk11db.c pk11pars.h
 2002-09-19 03:23:26 +00:00
nicolson%netscape.com
fcbdfadf85 Fix 169577: SGN_End crashes if DSA signature fails. 2002-09-19 01:07:43 +00:00
wtc%netscape.com
3f0df98640 Bug 91224: Make sure that we use Solaris ld, not GNU ld, to build NSS. 
Modified Files:
	coreconf/SunOS5.mk nss/Makefile nss/cmd/platlibs.mk
	nss/lib/freebl/Makefile
 2002-09-18 23:25:29 +00:00
wtc%netscape.com
0051b0f950 Bug 153380: document the default values for the SSL options. 2002-09-18 22:32:19 +00:00
wtc%netscape.com
4e3b16354f Bug 157827: declare the exported PBE_ functions. Fixed the include-once 
ifdef.
 2002-09-18 22:12:16 +00:00
jpierre%netscape.com
c294a70322 Fix memory leak in CRL cache 2002-09-18 00:34:32 +00:00
jpierre%netscape.com
870b616b11 Fix indentation 2002-09-17 21:31:28 +00:00
wtc%netscape.com
31d3d63a0b Bug 168722: fix compiler warnings. 
Modified Files: rijndael.c rijndael.h
 2002-09-17 04:24:11 +00:00
jpierre%netscape.com
b6bb993d1b Fix UMC in Purify 2002-09-16 23:25:04 +00:00
jpierre%netscape.com
3558a42662 Undo check-in that broke QA 2002-09-16 09:32:09 +00:00
jpierre%netscape.com
041a42e886 Fix compiler warnings 2002-09-14 06:42:39 +00:00
jpierre%netscape.com
39e52ee09a Add assertion to help debugging CRL crash 2002-09-14 05:41:42 +00:00
wtc%netscape.com
f4c7a3fb0f Bug 168384: need to initialize the nss3lookingForCA field of nssUsage. 2002-09-13 02:07:34 +00:00
wtc%netscape.com
89cbb2e3ff Bug 168368: fixed an uninitialized memory read in CERT_CreateRDN. It 
should not call va_arg if 'ava0' is NULL (which means 'ava0' is the last
argument).
 2002-09-13 00:28:55 +00:00
wtc%netscape.com
089cef75ad The blob db shim code (bug 162023) introduced a crash (bug 167615) so 
disable it for NSS 3.6 Beta1.
 2002-09-12 23:17:35 +00:00
jpierre%netscape.com
117e6ec849 Fix for 167856 - memory leaks in CRL cache 2002-09-11 01:08:06 +00:00
jpierre%netscape.com
5df90591e2 Fix for 167849 - copy DER subject before adding an issuer to the hash table in CRL cache 2002-09-11 00:28:22 +00:00
ian.mcgreer%sun.com
31db0bf1e7 bug 166741, fixing bug in previous patches 
r=wtc
 2002-09-10 20:30:53 +00:00
wtc%netscape.com
7b2b64b1e8 Bug 167532: fixed a regression introduced by the previous checkin. 2002-09-10 05:10:53 +00:00
jpierre%netscape.com
524901374d Fix for 167649 - invalidate CRL cache when new CRL object is imported into a token 2002-09-10 04:49:09 +00:00
wtc%netscape.com
50a10a145b Backed out the previous checkin, which broke 64-bit platforms. 2002-09-09 03:56:25 +00:00
ian.mcgreer%sun.com
19b8f21eb7 fix compiler warnings 2002-09-08 16:47:58 +00:00
wtc%netscape.com
b560bf3371 Bug 160805: fixed a leak and a double free of the arena introduced in the 
previous checkin.
 2002-09-08 03:25:30 +00:00
wtc%netscape.com
faf23b0d36 Bug 123753: removed the vestige of the "for Clients" string in softoken's 
sccs and rcs version id strings.
 2002-09-07 05:45:40 +00:00
wtc%netscape.com
8b8c57650a Bug 123753: the softoken is now compiled the same way for servers and 
clients, so removed the "for Clients" string in the version info.
Modified files: config.mk softokn.rc
 2002-09-07 05:35:46 +00:00
wtc%netscape.com
ccb57e7a19 Bug 127886: added the new function PK11_ImportDERCert. 
Modified files: nss/nss.def pk11wrap/pk11cert.c pk11wrap/pk11func.h
 2002-09-07 04:48:57 +00:00
jpierre%netscape.com
ae6ab3c029 Roll back change 2002-09-07 03:19:56 +00:00
jpierre%netscape.com
595f01c3fd Roll back checkin to fix QA tests 2002-09-07 02:59:04 +00:00
jpierre%netscape.com
58167f8fae Fix NT build 2002-09-07 02:48:45 +00:00
jpierre%netscape.com
78ade1e7f9 Fix compiler warnings 2002-09-07 01:48:46 +00:00
jpierre%netscape.com
e2b8be5319 Fix compiler warnings 2002-09-07 01:24:27 +00:00
jpierre%netscape.com
486fd19230 Fix compiler warnings 2002-09-07 01:00:04 +00:00
jpierre%netscape.com
c7dffa49c0 Fix compiler warnings 2002-09-07 00:35:00 +00:00
jpierre%netscape.com
f78a02f328 Fix compiler warnings 2002-09-07 00:25:49 +00:00
jpierre%netscape.com
3a6569e478 Fix compiler warning 2002-09-07 00:22:50 +00:00
jpierre%netscape.com
434867f871 Fix compiler warning under windows 2002-09-07 00:14:14 +00:00
relyea%netscape.com
3ca346f840 Believe both entry types (old and new) when looking for the key. 2002-09-06 23:16:42 +00:00
relyea%netscape.com
869f213889 Initialize len before we use it. 2002-09-06 23:15:35 +00:00
wtc%netscape.com
6d4ccd8d26 Bug 166933: fixed build breakage on the Mac. 
Modified files: certdb/crl.c certhigh/certhigh.c softoken/dbmshim.c
 2002-09-06 20:17:42 +00:00
relyea%netscape.com
dcf684fc77 Bug 166893: copy the DER cert when importing the certificate 2002-09-06 18:48:37 +00:00
nicolson%netscape.com
e179fe8904 Fix 164126: makefile build error. 
Change the NSS module name from "security" to "nss".
 2002-09-06 16:38:56 +00:00
jpierre%netscape.com
c16a17bc7a Fix for 162983 - consider all certs revoked if there is a bad CRL in the cache 2002-09-06 06:53:03 +00:00
relyea%netscape.com
4f3a923668 UnwrapPubKeyWithFlags is supposed to be public!! 2002-09-06 00:43:25 +00:00
wtc%netscape.com
a897ae16a9 Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux. 
The patch for this checkin is attached to bug 166785.
 2002-09-06 00:27:52 +00:00
relyea%netscape.com
a017e8a053 Remove key.db from the using the blob db code. The blob db code uses the cert7.db record format to 
record blobs in the database, which is incompatible with the key3.db format. (key3 does not have
any record types).
 2002-09-06 00:18:24 +00:00
ian.mcgreer%sun.com
019a972928 bug 166741, unitialized variables 
r=wtc
 2002-09-05 22:28:30 +00:00
ian.mcgreer%sun.com
d681129497 make dsa_SignDigest static (mentioned in bug 166722) 2002-09-05 20:44:09 +00:00
wtc%netscape.com
a1d5df2a05 Fixed unresolved symbol DPCache_Refresh, which I believe is a misspelling 
of DP_RefreshCache.
 2002-09-05 16:34:27 +00:00
jpierre%netscape.com
3a78c9b53c Fix for 166714 - make SEC_FindCrlByName use the CRL cache 2002-09-05 06:12:33 +00:00
jpierre%netscape.com
c285793b55 Fix for 166719 - crash in large object file mapping emulation code . r=wtc 2002-09-05 00:25:29 +00:00
nelsonb%netscape.com
b324789645 Treat empty SubjectAltName extensions as if they were non-existant. 
Bugs 162979 166454.
 2002-09-04 00:42:01 +00:00
ian.mcgreer%sun.com
4f529f9bd7 bug 165863, free token on error paths 2002-09-03 19:42:13 +00:00
wtc%netscape.com
f254659354 Bug 165859: fixed the problem that 'collection' was destroyed twice on 
error in nssTrustDomain_FindCertificateByIssuerAndSerialNumber.
 2002-08-31 04:52:46 +00:00
jpierre%netscape.com
5e5a705cb7 Fix for 160805 . Make a copy of items into the arena before calling SEC_QuickDERDecodeItem where needed 2002-08-31 00:37:52 +00:00
wtc%netscape.com
70f99e8394 Checked in an equivalent but simpler fix for Bug 165639 
(NSSRWLock_UnlockWrite failed to wake up waiting readers).
 2002-08-30 23:55:51 +00:00
jpierre%netscape.com
29333f104f Implement the CRL cache . Bug 149854 2002-08-30 22:57:03 +00:00
jpierre%netscape.com
bcec4b1c38 Fix for 165639 - NSSRWLock_UnlockWrite causes deadlock when using recursivity of locoks. Fix by Wan-Teh 2002-08-30 22:46:45 +00:00
jpierre%netscape.com
62d1f75a0e Fix comment 2002-08-30 22:45:46 +00:00
relyea%netscape.com
724f0590f9 Check the cert validity only if we actually found a cert. 2002-08-30 20:37:58 +00:00
relyea%netscape.com
8c67c1f99d When looking for a recipient match, reject non-user certs. 2002-08-29 22:19:46 +00:00
relyea%netscape.com
7dfc67b46e Export ModInfo call. 2002-08-29 22:11:53 +00:00
relyea%netscape.com
048dddbfac Filter on keyID, then run through the best cert check. 2002-08-29 22:11:06 +00:00
relyea%netscape.com
9b7f272663 Fix Version spelling, remove rcsid. 2002-08-29 17:45:12 +00:00