jpierre%netscape.com
45c8746dd4
Add -r support to crlutil for multiple iterations
2002-09-17 00:28:42 +00:00
jpierre%netscape.com
411c8c7d0e
Purify crlutil
...
Add -E option to erase all CRLs from the certificate database even if the issuer certificate is not present
Add -T option to invoke custom test code
2002-09-17 00:22:09 +00:00
jpierre%netscape.com
b6bb993d1b
Fix UMC in Purify
2002-09-16 23:25:04 +00:00
nicolson%netscape.com
b3fdb4c8db
Fix 157513: SignerInfo.java does not verify what it have signed.
2002-09-16 19:42:13 +00:00
jpierre%netscape.com
3558a42662
Undo check-in that broke QA
2002-09-16 09:32:09 +00:00
jpierre%netscape.com
041a42e886
Fix compiler warnings
2002-09-14 06:42:39 +00:00
jpierre%netscape.com
39e52ee09a
Add assertion to help debugging CRL crash
2002-09-14 05:41:42 +00:00
wtc%netscape.com
dd0f92656f
Removed the SIGTERM signal handler, which was added to debug bug 119340.
2002-09-13 05:10:59 +00:00
wtc%netscape.com
f4c7a3fb0f
Bug 168384: need to initialize the nss3lookingForCA field of nssUsage.
2002-09-13 02:07:34 +00:00
wtc%netscape.com
89cbb2e3ff
Bug 168368: fixed an uninitialized memory read in CERT_CreateRDN. It
...
should not call va_arg if 'ava0' is NULL (which means 'ava0' is the last
argument).
2002-09-13 00:28:55 +00:00
sonja.mirtitsch%sun.com
d7ae78b606
if USE_64 is set use option -d64 to java
...
write to stderr like the programs do so output is in order and logfiles
are clean
fixed path so script works on NT
tarted to put in markers strings so a status report script will be
able to find the things
clean fix for the NATIVE_FLAG problem
more output for the ENVIRONMENT section
2002-09-13 00:24:34 +00:00
wtc%netscape.com
ce39e47a35
Bug 168360: Add support for the MOZ_PROFILE build option.
2002-09-12 23:32:58 +00:00
wtc%netscape.com
089cef75ad
The blob db shim code (bug 162023) introduced a crash (bug 167615) so
...
disable it for NSS 3.6 Beta1.
2002-09-12 23:17:35 +00:00
jpierre%netscape.com
117e6ec849
Fix for 167856 - memory leaks in CRL cache
2002-09-11 01:08:06 +00:00
jpierre%netscape.com
5df90591e2
Fix for 167849 - copy DER subject before adding an issuer to the hash table in CRL cache
2002-09-11 00:28:22 +00:00
ian.mcgreer%sun.com
31db0bf1e7
bug 166741, fixing bug in previous patches
...
r=wtc
2002-09-10 20:30:53 +00:00
wtc%netscape.com
7b2b64b1e8
Bug 167532: fixed a regression introduced by the previous checkin.
2002-09-10 05:10:53 +00:00
jpierre%netscape.com
524901374d
Fix for 167649 - invalidate CRL cache when new CRL object is imported into a token
2002-09-10 04:49:09 +00:00
wtc%netscape.com
391dd889e2
Import NSPR 4.2.2 RC1.
2002-09-10 02:17:46 +00:00
nicolson%netscape.com
7c36a5ea49
Fix 160020: KeyFactory.translateKey uses bad format names.
2002-09-09 23:21:45 +00:00
nicolson%netscape.com
214014721b
Fix 158009: enable compression of xpclass*.jar.
2002-09-09 21:54:07 +00:00
nicolson%netscape.com
24ac9ef616
Initialize variable to null. Indicated by bug 160076: Crashes when the
...
PasswordCallback returns an invalid password.
2002-09-09 21:24:48 +00:00
wtc%netscape.com
50a10a145b
Backed out the previous checkin, which broke 64-bit platforms.
2002-09-09 03:56:25 +00:00
ian.mcgreer%sun.com
19b8f21eb7
fix compiler warnings
2002-09-08 16:47:58 +00:00
wtc%netscape.com
b560bf3371
Bug 160805: fixed a leak and a double free of the arena introduced in the
...
previous checkin.
2002-09-08 03:25:30 +00:00
dougt%netscape.com
68faeb5241
166917. Clean up xpcom SDK includes. r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com
2002-09-07 17:13:19 +00:00
wtc%netscape.com
ca133cf458
Bug 129701: removed the sleep command for Linux in kill_selfserv().
...
Instead, we try to bind to the port in a loop until the port has been
freed. Added the -b (bindOnly) option to selfserv for this purpose.
Modified files: cmd/selfserv/selfserv.c tests/common/init.sh tests/ssl/ssl.sh
2002-09-07 13:41:21 +00:00
wtc%netscape.com
faf23b0d36
Bug 123753: removed the vestige of the "for Clients" string in softoken's
...
sccs and rcs version id strings.
2002-09-07 05:45:40 +00:00
dougt%netscape.com
fae89c4077
Fixes up the timer interface. b157136, r=rpotts@netscape.com, sr=alecf@netscape.com, a=rjesup@wgate.com
2002-09-07 05:38:16 +00:00
wtc%netscape.com
8b8c57650a
Bug 123753: the softoken is now compiled the same way for servers and
...
clients, so removed the "for Clients" string in the version info.
Modified files: config.mk softokn.rc
2002-09-07 05:35:46 +00:00
wtc%netscape.com
ccb57e7a19
Bug 127886: added the new function PK11_ImportDERCert.
...
Modified files: nss/nss.def pk11wrap/pk11cert.c pk11wrap/pk11func.h
2002-09-07 04:48:57 +00:00
wtc%netscape.com
d982fc5cee
Bug 136209: added the -P dbprefix option. The original -P (partial CRL
...
decode) option was renamed -p.
2002-09-07 04:43:04 +00:00
jpierre%netscape.com
ae6ab3c029
Roll back change
2002-09-07 03:19:56 +00:00
jpierre%netscape.com
595f01c3fd
Roll back checkin to fix QA tests
2002-09-07 02:59:04 +00:00
jpierre%netscape.com
58167f8fae
Fix NT build
2002-09-07 02:48:45 +00:00
jpierre%netscape.com
78ade1e7f9
Fix compiler warnings
2002-09-07 01:48:46 +00:00
jpierre%netscape.com
e2b8be5319
Fix compiler warnings
2002-09-07 01:24:27 +00:00
leaf%mozilla.org
70941124cb
update localeVersion to 1.2a, a=asa
2002-09-07 01:01:49 +00:00
jpierre%netscape.com
486fd19230
Fix compiler warnings
2002-09-07 01:00:04 +00:00
jpierre%netscape.com
c7dffa49c0
Fix compiler warnings
2002-09-07 00:35:00 +00:00
jpierre%netscape.com
f78a02f328
Fix compiler warnings
2002-09-07 00:25:49 +00:00
jpierre%netscape.com
3a6569e478
Fix compiler warning
2002-09-07 00:22:50 +00:00
jpierre%netscape.com
434867f871
Fix compiler warning under windows
2002-09-07 00:14:14 +00:00
relyea%netscape.com
3ca346f840
Believe both entry types (old and new) when looking for the key.
2002-09-06 23:16:42 +00:00
relyea%netscape.com
869f213889
Initialize len before we use it.
2002-09-06 23:15:35 +00:00
nicolson%netscape.com
dc5b2ded44
Fix 164126: makefile build error.
...
NSS module has been renamed from "security" to "nss". We will leave the
old "security" include paths until the NSS_CLIENT_TAG gets moved forward:
see bug 167133 for that.
r=kaie@netscape.com , r=wtc@netscape.com , a=rjesup@wgate.com
2002-09-06 21:14:42 +00:00
wtc%netscape.com
6d4ccd8d26
Bug 166933: fixed build breakage on the Mac.
...
Modified files: certdb/crl.c certhigh/certhigh.c softoken/dbmshim.c
2002-09-06 20:17:42 +00:00
relyea%netscape.com
dcf684fc77
Bug 166893: copy the DER cert when importing the certificate
2002-09-06 18:48:37 +00:00
nicolson%netscape.com
e179fe8904
Fix 164126: makefile build error.
...
Change the NSS module name from "security" to "nss".
2002-09-06 16:38:56 +00:00
nicolson%netscape.com
13520fed74
deal with new exceptions.
2002-09-06 16:23:48 +00:00
ian.mcgreer%sun.com
1871593ad6
additional patch for bug 166768
2002-09-06 14:10:14 +00:00
jpierre%netscape.com
c16a17bc7a
Fix for 162983 - consider all certs revoked if there is a bad CRL in the cache
2002-09-06 06:53:03 +00:00
wtc%netscape.com
5a3d303bc9
Bug 136804: initialize inFile to PR_STDIN instead of NULL so that we don't
...
crash if the -i option is not specified. Added two assertions to avoid
closing PR_STDIN due to internal errors.
2002-09-06 03:52:49 +00:00
relyea%netscape.com
4f3a923668
UnwrapPubKeyWithFlags is supposed to be public!!
2002-09-06 00:43:25 +00:00
wtc%netscape.com
a897ae16a9
Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux.
...
The patch for this checkin is attached to bug 166785.
2002-09-06 00:27:52 +00:00
relyea%netscape.com
a017e8a053
Remove key.db from the using the blob db code. The blob db code uses the cert7.db record format to
...
record blobs in the database, which is incompatible with the key3.db format. (key3 does not have
any record types).
2002-09-06 00:18:24 +00:00
ian.mcgreer%sun.com
019a972928
bug 166741, unitialized variables
...
r=wtc
2002-09-05 22:28:30 +00:00
wtc%netscape.com
7d800864d1
Bug 166933: added quickder.c.
2002-09-05 21:47:24 +00:00
wtc%netscape.com
4f310f7f76
Bug 166933: added dbmshim.c.
2002-09-05 21:46:26 +00:00
ian.mcgreer%sun.com
d681129497
make dsa_SignDigest static (mentioned in bug 166722)
2002-09-05 20:44:09 +00:00
ian.mcgreer%sun.com
935b91935c
bugs 166722 and 166768, compiler warnings in blapitest
...
r=wtc
2002-09-05 20:37:44 +00:00
wtc%netscape.com
a1d5df2a05
Fixed unresolved symbol DPCache_Refresh, which I believe is a misspelling
...
of DP_RefreshCache.
2002-09-05 16:34:27 +00:00
jpierre%netscape.com
3a78c9b53c
Fix for 166714 - make SEC_FindCrlByName use the CRL cache
2002-09-05 06:12:33 +00:00
nicolson%netscape.com
5d2a8fb52b
fix 166711: SSLSocket.setCipherPreference does the wrong thing.
2002-09-05 01:33:40 +00:00
nicolson%netscape.com
a53bc3d664
Fix 166721: shared library rule does not handle dependencies correctly.
2002-09-05 01:21:35 +00:00
nicolson%netscape.com
ab02daa4a8
Fix 166711: SSLSocket.setCipherPreference does the wrong thing.
2002-09-05 01:17:00 +00:00
nicolson%netscape.com
b3a2ea855b
"assert" is now a keyword, so remove this method.
2002-09-05 01:06:26 +00:00
jpierre%netscape.com
c285793b55
Fix for 166719 - crash in large object file mapping emulation code . r=wtc
2002-09-05 00:25:29 +00:00
nelsonb%netscape.com
b324789645
Treat empty SubjectAltName extensions as if they were non-existant.
...
Bugs 162979 166454.
2002-09-04 00:42:01 +00:00
ian.mcgreer%sun.com
4f529f9bd7
bug 165863, free token on error paths
2002-09-03 19:42:13 +00:00
timeless%mac.com
06e0bc6933
Bug 132209 Many XUL documents are invalid XML (<!DOCTYPE window ...>)
...
patch by riceman+bmo@mail.rit.edu r=timeless rs=jag
2002-09-02 20:23:29 +00:00
kaie%netscape.com
5852d51b51
b=149694 After importing cert, CA does not appear until restart of CM
...
r=javi sr=bryner
2002-09-02 14:44:40 +00:00
wtc%netscape.com
f254659354
Bug 165859: fixed the problem that 'collection' was destroyed twice on
...
error in nssTrustDomain_FindCertificateByIssuerAndSerialNumber.
2002-08-31 04:52:46 +00:00
jpierre%netscape.com
5e5a705cb7
Fix for 160805 . Make a copy of items into the arena before calling SEC_QuickDERDecodeItem where needed
2002-08-31 00:37:52 +00:00
wtc%netscape.com
70f99e8394
Checked in an equivalent but simpler fix for Bug 165639
...
(NSSRWLock_UnlockWrite failed to wake up waiting readers).
2002-08-30 23:55:51 +00:00
jpierre%netscape.com
29333f104f
Implement the CRL cache . Bug 149854
2002-08-30 22:57:03 +00:00
jpierre%netscape.com
bcec4b1c38
Fix for 165639 - NSSRWLock_UnlockWrite causes deadlock when using recursivity of locoks. Fix by Wan-Teh
2002-08-30 22:46:45 +00:00
jpierre%netscape.com
62d1f75a0e
Fix comment
2002-08-30 22:45:46 +00:00
relyea%netscape.com
724f0590f9
Check the cert validity only if we actually found a cert.
2002-08-30 20:37:58 +00:00
relyea%netscape.com
e8f4d6e455
Bring SSL strength up to NSS 3.x level.
2002-08-30 17:56:05 +00:00
relyea%netscape.com
8c67c1f99d
When looking for a recipient match, reject non-user certs.
2002-08-29 22:19:46 +00:00
relyea%netscape.com
7dfc67b46e
Export ModInfo call.
2002-08-29 22:11:53 +00:00
relyea%netscape.com
048dddbfac
Filter on keyID, then run through the best cert check.
2002-08-29 22:11:06 +00:00
kaie%netscape.com
ac2c08e63b
b=164702 File restore only opens *.p12, but not *.pfx
...
r=javi sr=bryner
2002-08-29 21:27:54 +00:00
nicolson%netscape.com
5f68a9a11b
Take out the NSS_USE_STATIC_LIBS flag. I have no idea why we needed it before.
2002-08-29 18:07:42 +00:00
relyea%netscape.com
9b7f272663
Fix Version spelling, remove rcsid.
2002-08-29 17:45:12 +00:00
jpierre%netscape.com
ff1060bae7
Fix memory corruption
2002-08-29 01:28:53 +00:00
relyea%netscape.com
105a2411db
File with version number for applications
2002-08-28 22:13:19 +00:00
relyea%netscape.com
0ea332961f
Put version number in an external header so applications can check if they
...
are using an up-to-date builtins module.
2002-08-28 22:12:58 +00:00
relyea%netscape.com
3d603dad91
handle dbm blobs withouth stressing libdbm.
2002-08-28 21:51:10 +00:00
nicolson%netscape.com
d784f5eac1
Fix 143163: Add public constructors for some CRMF classes.
2002-08-28 18:20:24 +00:00
nicolson%netscape.com
778302c1c6
merge premature JSS_3_2_BRANCH back to the trunk.
2002-08-28 18:05:40 +00:00
nicolson%netscape.com
dfc82c5cca
fix call to CryptoManager.initialize.
2002-08-28 17:59:04 +00:00
nicolson%netscape.com
506b620d77
clean up comments
2002-08-28 17:57:48 +00:00
nicolson%netscape.com
a84510a250
useful getAlgorithm method.
2002-08-28 17:57:20 +00:00
nicolson%netscape.com
4c9a4cc39d
remove alg-dependent code.
2002-08-28 17:56:48 +00:00
nicolson%netscape.com
e1813e1cc3
fix bugs in keygen, particularly that break AES.
2002-08-28 17:56:15 +00:00
nicolson%netscape.com
b3bd80646e
no more -b symbolic
2002-08-28 17:54:12 +00:00
kaie%netscape.com
64b2bc2d07
b=121906 Other People's certs not sorted
...
r=javi sr=jag
2002-08-28 13:49:52 +00:00
ian.mcgreer%sun.com
387eab1238
fix broken builds
2002-08-28 13:27:32 +00:00
relyea%netscape.com
24adc2754c
close hole in trust lookups.
2002-08-27 23:38:29 +00:00
relyea%netscape.com
675de20876
Roll the version number forward
2002-08-27 23:32:31 +00:00
relyea%netscape.com
6abad730cc
Roll the version number forward.
2002-08-27 23:29:36 +00:00
glen.beasley%sun.com
70ab9c67cb
163762 verify cert test example
2002-08-27 21:50:44 +00:00
glen.beasley%sun.com
cb0a78f863
163762 make OCSP responder configurable at runtime
2002-08-27 21:46:13 +00:00
relyea%netscape.com
2b952c4a99
use correct issuer/SN for beTRUSTed -- Entrust
2002-08-27 20:57:48 +00:00
relyea%netscape.com
286095b7a0
beTRUSTed, RSA, GeoTrust, UTN-USER, and AOL Roots also need issuer/SN
2002-08-27 20:41:20 +00:00
relyea%netscape.com
032b21fe1a
Trust objects need Issuer and Serial number.
2002-08-27 20:17:09 +00:00
relyea%netscape.com
3dce5c6a40
Trust attributes need issuer & serial number
2002-08-27 20:15:58 +00:00
kaie%netscape.com
43a34d7ec4
b=107034 OE requires special attribute in incoming signed messages to support dual key certificates. Add new function
...
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs.
r=relyea
2002-08-27 13:14:42 +00:00
kaie%netscape.com
21b34fa931
Backing myself out, since it didn't compile on Win32, and I would like to discuss the correct fix.
2002-08-27 00:05:11 +00:00
relyea%netscape.com
7a5ee3f753
Remove warning for unreferenced variable.
2002-08-26 21:39:49 +00:00
kaie%netscape.com
d478be6ac5
b=107034 OE requires special attribute in incoming signed messages to support dual key certificates. Add new function
...
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs.
r=relyea
2002-08-26 21:34:31 +00:00
relyea%netscape.com
7ec5b51352
Bug 164690. Fix missing break;
2002-08-26 21:16:07 +00:00
kaie%netscape.com
6b4a5557af
b=122869 Need better message when import a cert with wrong password.
...
r=javi sr=jag
2002-08-26 20:31:03 +00:00
kaie%netscape.com
8e6b891cc2
b=161915 Combine verified and purposes column in certificate manager
...
r=javi sr=jag
2002-08-26 20:16:25 +00:00
nicolson%netscape.com
65faa05435
comment.
2002-08-26 17:37:41 +00:00
nicolson%netscape.com
300bf20ee2
remove obsolete samples.
2002-08-26 17:34:15 +00:00
nicolson%netscape.com
89ffcc51af
remove old SSLClient and SSLServer sample programs. They are not up-to-date.
2002-08-26 17:31:20 +00:00
nicolson%netscape.com
2377d2f3f6
syntax error wasn't caught because of bug in build script.
2002-08-26 17:22:02 +00:00
relyea%netscape.com
5d6a14c82b
Fix URL check. we should check crl->url for null, not the uninitialized variable url.
2002-08-26 16:27:49 +00:00
jpierre%netscape.com
dc99c08db3
Fix for 164471 - Hide passwords in NSS command-line tools on OS/2
2002-08-25 03:00:34 +00:00
jpierre%netscape.com
95bad7466f
Correctly identify tty on OS/2 - fix for 164420
2002-08-24 13:46:50 +00:00
jpierre%netscape.com
cdaf8705fe
Fix for 164403 - make console input work in NSS tools on OS/2
2002-08-24 11:51:42 +00:00
jpierre%netscape.com
463500a5ab
Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea
2002-08-24 00:52:47 +00:00
nicolson%netscape.com
d2296480fd
A FilterInputStream to decode base64-encoded data.
2002-08-23 23:17:00 +00:00
wtc%netscape.com
77296171f1
Removed CERT_VerifyCertChain from the export list. Use
...
CERT_VerifyCACertForUsage instead.
2002-08-23 18:58:52 +00:00
rangansen%netscape.com
23625d6f94
Removing c++ style comment
2002-08-23 18:31:22 +00:00
rangansen%netscape.com
5fcabb2b51
Making sure VerifyCACertForUsage checks CRL if usage is statusResponder. Changes reviewed by Bob Relyea
2002-08-23 18:02:10 +00:00
kaie%netscape.com
4b9a8a51c9
b=157927 Fix memory leaks in nsNSSCertificate.cpp, fix some compiler warnings, do some cleanup.
...
r=javi sr=jag
2002-08-23 10:40:27 +00:00
kaie%netscape.com
0eab7806a1
b=124624 [RFE]Wording change for SSL, Privacy Pref
...
r=cotter sr=jag
2002-08-23 10:28:07 +00:00
kaie%netscape.com
e888f7645f
b=100129 UI: extra space in "Security Error: Domain Name Mismatch" title
...
r=kaie sr=jag
2002-08-23 10:13:47 +00:00
kaie%netscape.com
a6e10ab759
b=142147 Viewing signed message crashes Mozilla, if I did not log-in into the FIPS module
...
r=javi sr=bryner
2002-08-23 10:10:17 +00:00
kaie%netscape.com
07bda86df6
b=106587 FIPS enabled mode fails when Master PWD is not set.
...
r=javi/cotter sr=shaver
2002-08-23 10:07:47 +00:00
relyea%netscape.com
4116e5ba07
Fix mixing different free calls. PR_smprintf requires PR_smprintf_free()
2002-08-23 02:12:05 +00:00
relyea%netscape.com
a1ac38f4be
handle attribute types more intellegently. Don't fetch the object for invalid attributes if we don't have to.
2002-08-23 02:11:03 +00:00
wtc%netscape.com
18625bdcab
Added coreconf config file for Solaris 10 Intel.
2002-08-23 00:33:48 +00:00
wtc%netscape.com
2190605135
Bug 164035: checked in a small code optimization suggested by
...
J�rg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
2002-08-22 18:05:32 +00:00
relyea%netscape.com
f5603c8844
Add pubwrap with flags
2002-08-22 00:41:41 +00:00
wtc%netscape.com
401d42ef18
Bug 163863: removed duplicate PORT_Memset calls in CERT_KeyFromDERCert.
...
Thanks to J�rg Brunsmann <joerg_brunsmann@yahoo.de> for the fix.
2002-08-21 18:05:20 +00:00
relyea%netscape.com
943dd39f49
1) fix crl memory.
...
2) remove several memory copies in the crl.
2002-08-21 00:09:23 +00:00
kaie%netscape.com
2e5cb525e8
b=140302 hang when collapsing some ssl-security details
...
r=javi sr=bryner
2002-08-20 12:51:55 +00:00
relyea%netscape.com
78007eba43
Bug 142172
...
1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
2002-08-19 18:24:58 +00:00
relyea%netscape.com
bb6cf23f23
use error code in secutil.
...
Clean up the output.
Print out cert chain parsing issues more completely.
2002-08-16 23:09:02 +00:00
relyea%netscape.com
cf0278de93
Quick and dirty utility to pink SSL servers to see if they are configured
...
correctly.
NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.
Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
2002-08-16 16:29:18 +00:00
jpierre%netscape.com
e5ec791fa2
Correctly count the number of items in a SEQUENCE OF or SET OF in quickder decoder. Bug found by one of Terry's tests.
2002-08-16 00:05:55 +00:00
nicolson%netscape.com
62f1239586
Fix 162761: PK11_GetKeyGen should work if you pass in a keygen alg.
...
Make PK11_GetKeyGen an identity function for keygen algs.
2002-08-14 23:57:45 +00:00
kaie%netscape.com
9190a3d74e
Patch from bug 87902 to fix SSL/TLS logic.
...
- make TLS intolerant server detection over proxies work
(this bug 87902)
- on connection failure, only retry without TLS when it is really
likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
(see removed comments in patch)
- avoid to confuse programmers reading code,
by renaming TLSStepUp (which means something else)
to the correct term STARTTLS (what the code is actually doing).
(As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
a warning is shown. If the user decides to cancel,
network activity should stop immediately.
(we currently warn multiple times) (bug 87209)
r=javi/darin/ducarroz/dmose sr=alecf
2002-08-14 23:43:28 +00:00
nicolson%netscape.com
aab844b223
Remove try/catch block when loading libjss. This allows any UnsatisfiedLinkError
...
to get thrown to the application, where it can print it out with all its
information. Also stop checking for jssjava.
2002-08-14 23:00:45 +00:00
nicolson%netscape.com
0668349aad
fine-tune javadoc commands.
2002-08-14 22:55:47 +00:00
relyea%netscape.com
0fb6e546c6
bug 161552: Make the recipient list traversal functions call the internal
...
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
2002-08-14 20:42:40 +00:00
antonio.xu%sun.com
d9f555d2f5
replace the hardcode of "@mozilla.org/embedcomp/dialogparam;1" with NS_DIALOGPARAMBLOCK_CONTRACTID
...
Bug 158608 r=Henry sr=alecf
2002-08-14 12:39:03 +00:00
blakeross%telocity.com
0c9ee3ddca
Making security dialogs default to off after one viewing *in Phoenix only*. Not part of normal build.
2002-08-13 05:25:34 +00:00
kaie%netscape.com
aed4350fca
b=154040 Deleting cert does nothing when key DB has no password
...
r=relyea sr=alecf
2002-08-13 01:15:05 +00:00
relyea%netscape.com
721712b0a2
Mozilla bug 145228. Clear out buffer to protect agains lazy PKCS #11 modules.
2002-08-13 00:13:48 +00:00
seawood%netscape.com
322da773fb
Removing old nmake build makefiles. Bug #158528 r=pavlov
2002-08-10 07:55:43 +00:00
nelsonb%netscape.com
c957d262ac
Test the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Also, order
...
tests so all SSL3 tests are done before all TLS tests.
2002-08-09 22:09:18 +00:00
nelsonb%netscape.com
eeff02773b
Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. Fix Usage.
2002-08-09 22:06:12 +00:00
nelsonb%netscape.com
e90c165157
Add support for SSL_RSA_WITH_NULL_SHA. Bug 161529. Fix usage message.
2002-08-09 21:58:28 +00:00
nelsonb%netscape.com
644319e67f
Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529.
2002-08-09 21:53:17 +00:00
relyea%netscape.com
cbd308d951
Handle the switch from the static buffer to the realloc buffer.
2002-08-09 18:48:31 +00:00
relyea%netscape.com
c57a14afb4
remove unreferenced Variable.
2002-08-09 18:05:24 +00:00
jpierre%netscape.com
e6ee1f4c60
Add comment about partial CRLs
2002-08-09 07:09:25 +00:00
wtc%netscape.com
f0a85f101a
Bug 148220: removed the unused field 'isFIPS'.
2002-08-08 22:52:14 +00:00
relyea%netscape.com
667aff1517
Bug 607834. save the correct name on so we can reset the database.
2002-08-08 18:02:34 +00:00
kaie%netscape.com
141c541484
b=161394 Fix crash in debug builds
...
r=javi sr=alecf
2002-08-08 14:10:42 +00:00
jpierre%netscape.com
6eeafa0a3a
Stop referencing deleted quickder.h header
2002-08-08 01:55:34 +00:00
jpierre%netscape.com
81744b6f54
Updates to quick DER decoder, bug # 161215
...
Fixes from Terry's review :
- remove quick allocator
- always allocate entry array even if there is 0 entry
- rename DecodeConstructed to DecodeExplicit and use a better test for that case
- other misc small fixes
Also move SEC_QuickDERDecodeItem to secasn1.h
2002-08-08 01:54:38 +00:00
wtc%netscape.com
dd0afb2cee
Bug 148220: implements FIPS 198 conformance. r=relyea.
...
Modified Files: alghmac.c alghmac.h lowpbe.c pkcs11c.c
2002-08-07 23:27:58 +00:00
nicolson%netscape.com
c397f25253
Don't link to libhpi.so.
2002-08-07 22:53:01 +00:00
nelsonb%netscape.com
3843ef99c0
Fix bug 160207 by changing the error alerts we send for failed decryption.
2002-08-07 20:01:51 +00:00
kaie%netscape.com
5802ed6d9c
b=161379 Fix JavaScript warnings in security code
...
r=ssaux sr=mscott
2002-08-07 14:24:04 +00:00
kaie%netscape.com
21f0d86067
b=123917 Remove non-NSS_3_4 codepaths
...
r=wtc sr=alecf
2002-08-07 13:39:57 +00:00
jpierre%netscape.com
9b074c9def
Fix for 157649 - allow crlutil to do partial decoding so it can be used as a test program
2002-08-07 03:53:07 +00:00
jpierre%netscape.com
b4ea41c359
Additional error reporting
2002-08-07 03:47:23 +00:00
jpierre%netscape.com
1e8c079b69
Implement partial CRL decoding. Fix for 149816. r=wtc . Uses new quick DER decoder
2002-08-07 03:44:12 +00:00
jpierre%netscape.com
7759ca21de
Reorder functions to avoid forward declaration of DecodePointer
2002-08-07 03:40:47 +00:00
jpierre%netscape.com
4607bbf866
Be consistent in memory allocations - use QuickZAlloc
2002-08-07 03:36:46 +00:00
jpierre%netscape.com
42d8685ccc
Add new quick DER decoder. r=wtc
2002-08-07 03:25:47 +00:00
wtc%netscape.com
fdc41cd064
Bug 161316: make pk11pqg.h C++ safe.
2002-08-06 18:31:35 +00:00
glen.beasley%sun.com
178cd7c22b
commented debug statement
2002-08-06 16:41:43 +00:00
kaie%netscape.com
346ebd7510
b=124037 Decrease cert manager loading time.
...
r=rangansen/jkeiser sr=alecf
2002-08-06 13:25:23 +00:00
kaie%netscape.com
69ea18b8f3
b=136819 Returned value from getPSMContentType is compared to wrong enum
...
Patch from t8m@centrum.cz
r=kaie sr=alecf
2002-08-06 13:21:32 +00:00
kaie%netscape.com
e0682e5b27
b=144435 Allow to edit trust for other people's certificate
...
r=javi sr=alecf
2002-08-06 13:18:12 +00:00
kaie%netscape.com
02d9df0cf7
b=74339 Support import of SSL, S/MIME, and CA certs
...
r=javi sr=alecf
2002-08-06 13:11:15 +00:00
kaie%netscape.com
098841f1b3
b=159053 Memory leak in nsSecureBrowserUIImpl
...
r=jkeiser sr=alecf
2002-08-06 13:06:21 +00:00
kaie%netscape.com
f1bf4f4474
b=135546 Fix internal slot reference leak in cryptojs_generateOneKeyPair()
...
r=wtc sr=alecf
2002-08-06 12:54:39 +00:00
kaie%netscape.com
d47a8b3a35
b=132589 Fix incorrect verification status when viewing email-signing-only certificates.
...
r=javi sr=alecf
2002-08-06 12:51:43 +00:00
henry.jia%sun.com
eed9ab0bdd
3rd patch for bug 158080
...
Description: replace the hardcode of "@mozilla.org/embedcomp/window-watcher;1" with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 05:37:58 +00:00
henry.jia%sun.com
17a5f04f77
2nd patch for bug 158080
...
Description: replace the hardcode of "@mozilla.org/embedcomp/window-watcher;1" with NS_WINDOWWATCHER_CONTRACTID
Patch by Henry.Jia@sun.com
r=anto, sr=alecf
2002-08-06 05:11:23 +00:00
jpierre%netscape.com
55bbc1b2b7
Fix for 158141 - add 5 minute slop time for OCSP
2002-08-04 02:50:40 +00:00
relyea%netscape.com
1b5946f3a0
Turn on reset functionality for multiaccessdb clients.
2002-08-02 21:41:01 +00:00
relyea%netscape.com
c0dd962ed9
1) factor out fortezzav1 from the chain processing code to make the code easier
...
to read.
2) only extract keys if we are using fortezzav1 cert (should speed up cert verify
a bit).
3) Add function to verify a specific CA cert to verify a userCert Usage.
2002-08-02 17:51:20 +00:00
relyea%netscape.com
ff0e1ac35e
Merge back 3.5 changes to the tip
2002-08-02 17:43:36 +00:00
jpierre%netscape.com
8fa534cac0
Fix compiler warnings on NT
2002-08-02 00:53:15 +00:00
jpierre%netscape.com
9ee98f355e
Fix incorrect macro usage
2002-08-02 00:28:23 +00:00
nelsonb%netscape.com
8e038c1211
Correct the test of IP addresses in Subject Alternative Name extensions.
...
bug 103752.
2002-08-01 22:51:56 +00:00
relyea%netscape.com
fee201085d
Don't crash if we try to read a nickname that has an invalid cert with it.
2002-08-01 22:28:11 +00:00
ian.mcgreer%sun.com
67ce0992b6
this was obviously backwards
2002-08-01 14:23:49 +00:00
wtc%netscape.com
79910e8ffd
Bug 157730: minor tweak suggested by brendan.
2002-08-01 05:17:49 +00:00