cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
prelib.c sslauth.c sslsecur.c sslsock.c
reading and writing) call PR_Send and PR_Recv with a non-infinite timeout
value, use that value for both underlying read and write operations.
Fixes bug 67402. Reviewed by Wan-Teh.
record of application data into a single write, when possible, to avoid
TCP's "Nagle" delays. Fixes bug 67898. r&a: wtc. Modified Files:
ssl3con.c sslimpl.h sslsecur.c sslsock.c
Define the NSS version macros and add NSS_VersionCheck in nss.h.
Add linker option to record internal name of shared libraries.
Add Windows resource files. Add rcs and sccs id strings that can be
retrieved with 'ident' and 'what'.
Modified Files:
coreconf/HP-UX.mk coreconf/OSF1.mk coreconf/SunOS5.mk
coreconf/WIN954.0.mk coreconf/WINNT4.0.mk coreconf/WINNT5.0.mk
coreconf/rules.mk nss/lib/nss/config.mk
nss/lib/nss/manifest.mn nss/lib/nss/nss.h
nss/lib/nss/nssinit.c nss/lib/smime/config.mk
nss/lib/smime/manifest.mn nss/lib/ssl/config.mk
nss/lib/ssl/manifest.mn
Added Files:
nss/lib/nss/nss.rc nss/lib/nss/nssver.c nss/lib/smime/smime.rc
nss/lib/smime/smimever.c nss/lib/ssl/ssl.rc
nss/lib/ssl/sslver.c
The same values that the compiler would assign are assigned, with only
one exception (cmmfNoPKIStatus in cmmft.h). This is patch id=22555,
reviewed by Nelson Bolyard.
SECHashObjects[] is no longer exported.
New function HASH_GetHashObject returns pointer to selected const object.
SSL statistics are now in a structure whose address is obtained via a
call to SSL_GetStatistics().
On NT, the new symbol NSS_USE_STATIC_LIBS must be declared in programs
that use the static SSL library.
Also, propagate "const" declaration for SECHashObjects.
cryptohi.h, pk11func.h, secpkcs7.h, and cms.h. Some files now need to
include <errno.h>. They were including <errno.h> indirectly through
mcom_db.h.
Modified Files:
cmd/atob/atob.c cmd/btoa/btoa.c cmd/derdump/derdump.c
lib/cryptohi/cryptohi.h lib/pk11wrap/pk11func.h
lib/pkcs7/secpkcs7.h lib/smime/cms.h lib/ssl/sslsnce.c
the object files needed to resolve referenced symbols, so we will need to
link with the objects directly as we do on Unix. As a result, nss3.dll
needs to export more (PKCS7) symbols, needed by the new PKCS12 objects
that are linked into smime3.dll.
Modified Files:
coreconf/rules.mk nss/lib/nss/config.mk
nss/lib/smime/config.mk nss/lib/ssl/config.mk
not want the "32" in the DLL names that coreconf adds by default. We
use module-definition (.DEF) files to control the exported symbols.
Made pkcs7 part of nss3.dll to temporarily work around circular dependency
between nss3.dll and smime3.dll (certread.c depends on some PKCS7 symbols).
Modified files: lib/nss/config.mk, lib/smime/config.mk, lib/ssl/config.mk
Three directories pull the NSS libraries together into a three shared libaries:
nss, ssl, and smime. Symbols need to be exported by the DLL from the imported
libraries are defined in XXX/XXXsym.c Library linkage is controlled by
XXX/config.mk
GS_HEADER state. It should be correct in all states.
In ssl_DestroyGather, prior to freeing the buffers, the code zeroed out
the ciphertext buffer. It now zeros out the plaintext buffer instead.
CERT_CertChainFromCert in ssl_DupSocket(). This is MUCH faster. This is
the first approximation of the right fix. The next step is to consider
doing ref counting instead of actual duplication. Fixes bug 51425 .
rolling back from TLS (SSL 3.1) to SSL 3.0. Provide a new SSL socket
option to disable roll-back detection in servers, since certain TLS
clients are doing it incorrectly.
