wtc%netscape.com
4747c98947
Whitespace change.
2002-04-30 00:11:19 +00:00
relyea%netscape.com
cec43732fb
Use NewTempCert and AddTempCert when importing because the cert may already exist
...
in the cache.
2002-04-29 23:54:07 +00:00
wtc%netscape.com
35e9736426
Added pkibase.c to the project.
2002-04-26 23:29:19 +00:00
wtc%netscape.com
787be44323
Needed a (char *) cast for slotInfo.manufacturerID because it is an array
...
of "unsigned" chars. Mac's compiler complains about that.
2002-04-26 23:05:40 +00:00
wtc%netscape.com
4841e2949f
Removed devobject.c from the project. That file was removed.
2002-04-26 22:52:07 +00:00
wtc%netscape.com
2762eaebca
Need to define SHLIB_SUFFIX for lib/softoken/dbinit.c.
2002-04-26 22:42:15 +00:00
relyea%netscape.com
3d3a200209
return error when incomplete shutdown has been detected.
2002-04-26 22:36:07 +00:00
ian.mcgreer%sun.com
cdae9ed5a1
When doing cert traversals, create the certs in full as they are found. This avoids thrashing the softoken's object cache when the database has a large number of certs.
2002-04-26 14:34:05 +00:00
ian.mcgreer%sun.com
74b86448f7
fix broken HPUX builds
2002-04-26 12:59:06 +00:00
relyea%netscape.com
600cb240a3
Add code to update nickname and 'CKA_ID' from set attribute calls. This allows
...
us to add a nickname to a cert after we import it from pkcs #12 .
2002-04-26 01:44:33 +00:00
relyea%netscape.com
fbb0134208
Write the nickname entry as well when adding a nickname to a bug.
2002-04-26 01:09:21 +00:00
relyea%netscape.com
2cd6213ca5
Detect Active Card presents and disable PROTECTED_PIN_PATH login when found.
2002-04-25 21:24:47 +00:00
wtc%netscape.com
d3e14fdce2
Deleted code that was made obsolete by the previous revision.
2002-04-25 21:10:09 +00:00
relyea%netscape.com
1abdbba5a8
Don't let activeCards set the Protect_Auth bit because they weren't intending to
...
to begin with.
2002-04-25 20:57:06 +00:00
ian.mcgreer%sun.com
44d76f3678
if a cert already exists, use C_SetAttributeValue to change its mutable attributes during import (instead of trying to recreate it)
2002-04-25 20:49:49 +00:00
ian.mcgreer%sun.com
05bc7f4136
bug 138626, remove deleted cert from cache even if references still exist
2002-04-25 19:37:30 +00:00
ian.mcgreer%sun.com
2e14215952
reorganize token cache so that cache entries for imported objects are created from the token, not from the user-supplied template
2002-04-25 19:33:47 +00:00
relyea%netscape.com
b02d968215
NSS 3.4 has branch, that makes the tip at least NSS 3.5
2002-04-25 18:51:45 +00:00
relyea%netscape.com
0008ea5125
Don't set the Token value before fetching CRL attributes. This code is fetching
...
attributes from a known CRL, not looking up new attributes (I'm pretty sure that
CVS apropos would show I checked in the previously wrong code).
bob
2002-04-25 18:33:45 +00:00
sonja.mirtitsch%sun.com
adb8e67a58
trying a version that can test tip as default for tinderbox and 341
...
as default for nightly QA
2002-04-25 01:04:10 +00:00
relyea%netscape.com
8747bf72ad
Don't crash if our cache entry is not found.
2002-04-25 00:45:42 +00:00
relyea%netscape.com
35695b7987
Turn off caching for non-hardware tokens for now until we fix some of our
...
tokens which can be updated out-of-band to use the proper 'removable token'
semantics.
2002-04-25 00:25:58 +00:00
relyea%netscape.com
df120eb43d
Don't crash if we don't find the profile (and thus don't have a slot to free).
2002-04-24 22:23:37 +00:00
ian.mcgreer%sun.com
217231840b
This is a real corner case. If a search is done by issuer/serial, and the returned cert was in the cache, need to see if the cert's slot was removed. If so, destroy the cert and retry the search on the present tokens.
2002-04-24 19:39:41 +00:00
relyea%netscape.com
23724ed2c8
Don't crash when getting a single user cert, but old certs are in the database
...
with the same subject, but no keys.
2002-04-24 18:29:04 +00:00
relyea%netscape.com
ac5aeb9932
Look up both DER encoded serial numbers (PKCS #11 spec), and decode serial
...
numbers (Old NSS) when looking up certs by issuer and SN.
2002-04-24 18:27:17 +00:00
relyea%netscape.com
71e35b07b7
Authenticate to tokens before looking up user certs.
2002-04-24 18:25:48 +00:00
thayes%netscape.com
df2c867541
Reserved Netscape extension (NETSCAPE 1 18)
2002-04-23 23:48:20 +00:00
ian.mcgreer%sun.com
9221a5bd63
fix shutdown leaks
2002-04-23 17:22:13 +00:00
ian.mcgreer%sun.com
caad76ef9c
avoid use of iterator
2002-04-22 20:44:07 +00:00
ian.mcgreer%sun.com
f9f60b9735
NewTemp has to be matched with AddTempCertToPerm
2002-04-22 20:27:52 +00:00
relyea%netscape.com
ce09346d8c
Token and cert processing fixes:
...
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).
2002-04-22 19:09:01 +00:00
ian.mcgreer%sun.com
9596c39faa
file is no longer part of build (functionality in devtoken.c)
2002-04-22 18:28:30 +00:00
ian.mcgreer%sun.com
a4591dfe82
overwrite old entry during import, so that changing trust works correctly
2002-04-22 15:21:06 +00:00
ian.mcgreer%sun.com
abac680269
fix bugs in cert import with smart card cache
2002-04-22 14:14:44 +00:00
ian.mcgreer%sun.com
a7ab27bc63
re-sync the trust domain cache with token insertion/removal
2002-04-19 23:06:44 +00:00
ian.mcgreer%sun.com
36e1d960b7
* make sure the token cache returns failure in overflow case
...
* change internal module trust order again, builtins uses 100, and internal module must come first
2002-04-19 19:30:12 +00:00
ian.mcgreer%sun.com
3a62ba7fdd
try again, the default is 50 so the internal module must be higher
2002-04-19 19:19:33 +00:00
ian.mcgreer%sun.com
7061750a28
make sure the internal module defaults to trust order > 50
2002-04-19 19:01:45 +00:00
ian.mcgreer%sun.com
7c6de6462d
improve synchronization between the token state and token cache operations
2002-04-19 17:32:22 +00:00
ian.mcgreer%sun.com
a4d9b8b514
Only fall back to email search if the "nickname" has an @ character. This is because email searches will not go through the cache, so should be avoided if possible.
2002-04-19 16:22:31 +00:00
ian.mcgreer%sun.com
5377ca2a6c
Fixes for smart card cache. Don't do cache searches by email address, since GetAttributeValue does not set that field. Handle removal correctly for item at tail of list. Don't search token after a successful cache search that returned zero hits.
2002-04-19 16:14:13 +00:00
jpierre%netscape.com
2d21c59ccc
Fix for 138084 - free slot list if NSC_Initialize fails
2002-04-18 20:54:22 +00:00
ian.mcgreer%sun.com
ee8ba26ef6
catch non-present tokens before searching them
2002-04-18 19:37:12 +00:00
ian.mcgreer%sun.com
f618a840b0
two fixes for certs with multiple instances
2002-04-18 19:26:17 +00:00
relyea%netscape.com
8964d7d12e
Don't crash if we try to get the name of a non-existant token.
2002-04-18 17:54:30 +00:00
relyea%netscape.com
77950da5b1
Remember the nickname in the cache entry so that we can always free it when the cert goes away, even if the nickname has changes.
...
Also, initialize subjectList to NULL at the beginning, so we don't try to add nickname when we aren't supposed to.
2002-04-18 17:52:55 +00:00
relyea%netscape.com
a9286881d6
We need to make sure we always return a trust object, even if that object says
...
there is no trust.
2002-04-18 17:50:40 +00:00
ian.mcgreer%sun.com
5dbec9a12d
landing new smart card cache, bug 135429
2002-04-18 17:30:05 +00:00
wtc%netscape.com
f971211696
Bugzilla bug 126087: removed symKey->refLock because we are using atomic
...
routines on symKey->refCount now. Declare symKey->refCount as PRInt32 to
match the prototype of PR_AtomicIncrement/Decrement.
Modified files: pk11skey.c secmodti.h
2002-04-17 01:03:23 +00:00