Commit Graph

3006 Commits

Author SHA1 Message Date
relyea%netscape.com
6e767fb4eb Make database access to the key db thread safe. 2003-12-19 23:24:48 +00:00
relyea%netscape.com
8ec4937462 Add keydb lock type. keydb should be locked like the certdb. 2003-12-19 23:24:00 +00:00
wchang0222%aol.com
5014045f8c Backed out the previous checkin, which broke our S/MIME QA tests. 2003-12-19 22:54:20 +00:00
wchang0222%aol.com
fac46295ff Bugzilla bug 228624: we need to call STAN_ForceCERTCertificateUpdate if
the cert's instances changed.  r=relyea.
2003-12-19 22:33:12 +00:00
wchang0222%aol.com
64276531dd Bugscape bug 54627: made the fix for NSS_CMSSignedData_Encode_BeforeData
the same as the code in NSS_CMSSignedData_Decode_BeforeData.  r=nelsonb.
2003-12-19 22:08:12 +00:00
wchang0222%aol.com
deb29c8f1f Import NSPR 4.4.1. 2003-12-19 17:02:57 +00:00
wchang0222%aol.com
4a54a29151 Bugzilla bug 221133: fixed unused variable warning on some platforms.
The patch is contributed by timeless@bemail.org.  r=wtc.
2003-12-19 16:35:14 +00:00
nelsonb%netscape.com
70470925e0 Don't overwrite pointers to existing message digests if they've been
precomputed.  Bugscape bug 54627.  r=wtc, jpierre.
2003-12-19 03:58:28 +00:00
wchang0222%aol.com
8bfb2f97fd Set NSS version to 3.9 Beta 4. 2003-12-18 21:45:34 +00:00
wchang0222%aol.com
991ddf2ba6 Bugzilla bug 228624: made PK11_ListCertsInSlot reach into the Stan layer
to obtain the correct nicknames of the cert instances (pk11cert.c).  Fixed
the bug that if a cert we want to add the the cache is already in the
cache, we should merge the instances of the cert before destroying the
duplicate cert (tdcache.c).  r=jpierre,relyea.
2003-12-18 18:23:17 +00:00
wchang0222%aol.com
ec4dda5d19 Bugzilla bug 219982: removed an unused local variable. (The function call
is needed for its side effect.)  Thanks to timeless@bemail.org and
Serge GAUTHERIE <gautheri@noos.fr> for the patch.  r=wtc.
2003-12-17 22:43:25 +00:00
nelsonb%netscape.com
634bb98533 Allow NSS_CMSDigestContext objects to be created, even when there are
no valid digest algorithm OIDs.  This allows "certs only" messages to
be decoded.  Bugzilla bug 228707. r=jpierre, wtc.
2003-12-17 03:49:10 +00:00
wchang0222%aol.com
e3cda94421 Bugzilla bug 228618: fixed an incorrect use of realloc. Fixed an unused
variable compiler warning.  r=jpierre.
2003-12-16 04:24:57 +00:00
nelsonb%netscape.com
b41986df1b Fix S/MIME bugs that caused parallel arrays of digest OIDs and digest
values to become out of sync.  Bugscape bug 54256. r=relyea.
Modified Files:	cmd/smimetools/cmsutil.c lib/smime/cmsdigest.c
2003-12-12 23:55:06 +00:00
jpierre%netscape.com
3331d24ed7 Fix for 54061 . Return SEC_ERROR_INVALID_ARGS and remove assertions . r=wtc,misterssl 2003-12-12 21:42:02 +00:00
nelsonb%netscape.com
fff428a34a CERT_ImportCerts now returns SECFailure when NONE of the certs was succesfully imported. r=wtc. Bugscape bug 54311. 2003-12-06 06:52:53 +00:00
nelsonb%netscape.com
7ed9720eb2 __CERT_AddTempCertToPerm will now set error SEC_ERROR_ADDING_CERT
when attempting to make a cert perm that is already permanent.
Bugzilla bug 227559. r=wtc
2003-12-06 06:46:27 +00:00
nelsonb%netscape.com
87f5c7ded0 NSC_Finalize will now destroy 3 softoken free lists and one more
global pointer.  Plugs some memory leaks.  Bugscape bug 54301. r=wtc
2003-12-06 06:41:51 +00:00
nelsonb%netscape.com
2b4825491c Add new -k option to NSS QA test program cmsutil. By default, cmsutil
will no longer add any decoded certs to the cert db file, which is
useful for reproducibility of results in QA scripts.
Bugscape bug 54293. r=relyea,jpierre,wtc
2003-12-06 06:31:08 +00:00
wchang0222%aol.com
2483a508a7 Bugzilla bug 227296: fixed the bug that NSS_CMSAttribute_AddValue adds the
address of a stack variable to the attr->values array.  Added a new
function SECITEM_ArenaDupItem.  r=nelsonb.
Modified Files:
	nss/nss.def util/secitem.c util/secitem.h smime/cmsarray.c
	smime/cmsattr.c
2003-12-06 01:16:50 +00:00
nelsonb%netscape.com
265f6a9b37 Further simplification and improvement of the parsing of UTCTime
and GeneralizedTime to avoid UMRs.  Bugscape bug 54198. r=wtc
2003-12-05 04:53:28 +00:00
nelsonb%netscape.com
b87fc256c1 NSS_CMSContentInfo_Destroy()
- The patch destroys the digest context member of the CMSContentInfo.
  It calls the previously unused function NSS_CMSDigestContext_Cancel
  to destroy the digest context.  Eliminates an object reference leak.
Bugscape bug 54208, r=relyea
2003-12-04 00:39:24 +00:00
nelsonb%netscape.com
697b57f151 In functions NSS_CMSSignedData_Encode_AfterData and
NSS_CMSSignedData_Decode_AfterData
  - These functions call NSS_CMSDigestContext_FinishMultiple, which
    always destroys the digest context, regardless of whether it returns
    SECSUccess or SECFailure.  So, change these functions to always NULL
    out the context pointer regardless of the returned value.
NSS_CMSSignedData_VerifySignerInfo()
  - Always call NSS_CMSSignerInfo_Verify() to set the verification status
    in the signerinfo object, even if some of the other arguments are NULL,
    or other failures have occurred, but avoid NULL pointer dereferences
    along the way.  Notice that this change is dependent on changes to
    NSS_CMSSignerInfo_Verify() (see below.)
NSS_CMSSignedData_SetDigests() - skip over missing digests.  Don't fail
    the function, and don't crash, if digest pointers are NULL.
Bugscape bug 54208, r=relyea
2003-12-04 00:36:47 +00:00
nelsonb%netscape.com
8a0ca297e4 Functions NSS_CMSDigestedData_Encode_AfterData and
NSS_CMSDigestedData_Decode_AfterData
- Since NSS_CMSDigestContext_FinishSingle always destroys the context,
  regardless of whether it returns SECSuccess or SECFailure, these
  functions have been changed to always NULL out the context pointer
  after calling NSS_CMSDigestContext_FinishSingle, regardless of the
  outcome.
Bugscape bug 54208, r=relyea
2003-12-04 00:35:02 +00:00
nelsonb%netscape.com
d0960c05d3 There is a lot of "cleanup" in this file, wrapping source at 80 columns.
The relevant fixes for this bug include:
NSS_CMSDigestContext_StartMultiple()
   - make sure that cmsdigcx->digcxs and cmsdigcx->digobjs are initialized.
   - at the "loser" label, be sure to free the digest context itself.
NSS_CMSDigestContext_Cancel()
   - after destroying all the objects, free the arrays of pointers to the
     objects, and the digest context itself.  Previously these items were
     leaked by this function.
NSS_CMSDigestContext_FinishMultiple()
   - ensure that this function ALWAYS destroys all the NSS digest objects,
     and doesn't stop destroying them if it encounters an error.  Note that
     this is a newer revision of an older patch for that problem.
   - always Free the arrays of pointers used in this object.
NSS_CMSDigestContext_FinishSingle()
   - simplify this code.
Bugscape bug 54208, r=relyea
2003-12-04 00:32:18 +00:00
nelsonb%netscape.com
f6f1a0d2e4 NSS_CMSSignerInfo_Verify()
- This function is changed to explicitly allow some of its input arguments
  to be NULL.  It will set the verification status in the CMSSignerInfo
  object accordingly.  Since this is the ONLY function that ever sets the
  verification status, it must be able to do so even when problems have
  occurred.
- lots of cleanup of this source code.
Bugscape bug 54208, r=relyea
2003-12-04 00:29:31 +00:00
nelsonb%netscape.com
874fa3a93d Add null pointer checks to nss_cms_after_end and NSS_CMSEnvelopedData_Decode_AfterData. Bugscape bug 54061. r=wtc,relyea
Lots of code "cleanup" (reformatting for 80 columns) in cmsdecode.c
2003-12-04 00:14:24 +00:00
nelsonb%netscape.com
e4d53231f8 Avoid UMRs in dertime.c. Bugscape bug 54198. r=wtc. 2003-12-03 04:03:40 +00:00
jpierre%netscape.com
e6c9ba62d7 Fix for 54061 - null pointer check . r=nelsonb 2003-12-03 02:42:08 +00:00
wchang0222%aol.com
80462e9cb1 Bugscape bug 54021: in CERT_FindSubjectKeyIDExtension, if PORT_NewArena
fails we should return SECFailure.  Document that the return values of
CERT_GetCommonName and NSS_CMSSignerInfo_GetSignerCommonName must be freed
with PORT_Free.  r=nelsonb.
Modified Files:
	certdb/alg1485.c certdb/cert.h certdb/certv3.c smime/cms.h
	smime/cmssiginfo.c
2003-12-03 00:09:05 +00:00
jpierre%netscape.com
e5c708bb65 Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb 2003-12-02 05:46:27 +00:00
jpierre%netscape.com
7eef555978 Fix for 54088 . Don't try to encode attributes with no value. r=wtc 2003-12-02 05:05:30 +00:00
nelsonb%netscape.com
02198fd686 Bound stan error stack at 16 error codes to limit growth.
Bugscape bug 54021. r=wtc.
2003-12-02 02:05:47 +00:00
wchang0222%aol.com
cb7164249f Reverted to NSPR 4.3 until Sun has NSPR 4.4.1 binary distributions. 2003-11-28 05:41:42 +00:00
nelsonb%netscape.com
785b886515 Detect invalid input buffer lengths, and return error instead of UMR>
Bugscape bug 54021.  r=wchang0222
2003-11-27 05:08:20 +00:00
nelsonb%netscape.com
13f3e6fa94 Fix leak in CERT_FindSubjectKeyIDExtension, and use the Quick DER
decoder.  Bugscape bug 54021.  r=jpierre
2003-11-27 05:06:20 +00:00
wchang0222%aol.com
1731be9206 Upgraded to NSPR 4.4.1. 2003-11-27 01:43:15 +00:00
nelsonb%netscape.com
931071736c Clean up some arithmetic used for UCS4. Detect when UCS2 and UCS4
buffers have invalid lengths.  Bugscape bug 54021. r=whang0222, relyea
2003-11-27 01:08:59 +00:00
wchang0222%aol.com
dcc1fa5880 Bugzilla bug 226861: removed NSS_CMSSignedData_GetDigestByAlgTag, which is
a duplicate of NSS_CMSSignedData_GetDigestValue.  r=nelsonb.
Modified Files: cms.h cmssigdata.c
2003-11-26 23:50:02 +00:00
nelsonb%netscape.com
1c7b6a8ea4 In NSS_CMSSignedData_VerifySignerInfo(), test all returned pointers
for NULL before attempting to dereference them.
Bugscape bug 54057. r=wchang0222
2003-11-26 22:02:38 +00:00
nelsonb%netscape.com
36fc65a627 Performance enhancement. Detect absurdly large modulae in public keys,
and don't waste time on them.  Bugscape bug 54019. r=relyea.
2003-11-26 06:26:31 +00:00
nelsonb%netscape.com
d596531040 Remove an unnecessary and incorrect assert call.
Bugscape bug 54018. r=jpierre
2003-11-26 06:16:01 +00:00
nelsonb%netscape.com
8cc8dfcdf3 This patch reduces the scope of many variables in cmsutil's decode function. It frees the signer's CN string after use.
Bugscape bug 54021.  r=jpierre
2003-11-25 23:26:39 +00:00
nelsonb%netscape.com
20abf0c0aa Don't invoke PKCS11 with an invalid handle. Bug 226285.
r=relyea sr=wchang0222
2003-11-21 22:10:56 +00:00
nelsonb%netscape.com
d3382c6ffe Remove an overreaching constraing on modulus length. Bug 226285.
r=relyea  sr=wchang0222
2003-11-21 22:09:27 +00:00
nelsonb%netscape.com
0fa7d0adc8 Implement new "batch mode" (see the -b option). Plug some leaks.
Facilitates memory leak testing of the SMIME library.
This revision combines the patches for Bugzilla bug 225513 and
Bugscape bug 53775.  r = relyea and wchang0222
2003-11-20 02:33:18 +00:00
nelsonb%netscape.com
52dffd46a8 Don't accept ASN.1 items whose length is 2GB or more.
Bugscape bug 53875.  r=wchang0222 and r=relyea.
2003-11-20 02:08:34 +00:00
nelsonb%netscape.com
67d78ccfb9 Dont attempt to allocate 2GB or more from an arenapool.
Bugscape bug 53875. r=relyea.
2003-11-20 02:06:16 +00:00
nelsonb%netscape.com
511a262edc Remove as assertion that is triggered by bad data input, but does not
indicate a code flaw.  Bugscape bug 53875. r=relyea
2003-11-20 02:04:07 +00:00
nelsonb%netscape.com
75ca774270 Be sure not to ask NSS to use an invalid PKCS11 mechanism.
Bugscape bug 53875.  r=relyea.
2003-11-20 02:00:04 +00:00