julien.pierre.bugs%sun.com
b8d9f0ef9a
Fix for 293686. Check status from SECU_ParseCommandLine. r=nelson
2005-09-20 05:13:01 +00:00
julien.pierre.bugs%sun.com
48b2d654bd
Fix for 292390. NSS tools with missing command-line operands cause crash. r=nelson
2005-09-19 20:59:46 +00:00
julien.pierre.bugs%sun.com
7e8884e00e
Fix for 293686 . signver has command-line options with optional arguments. r=nelsonb
2005-09-19 20:52:11 +00:00
christophe.ravel.bugs%sun.com
41da874bf6
238319: Sun packages changes.
...
Change libfreebl name on Solaris x86 (following changes from Bugzilla 303508).
2005-09-19 19:12:24 +00:00
wtchang%redhat.com
13f41d4840
Bugzilla bug 303508: a more elegant way to decide when we need to prefix
...
LIBRARY_VERSION with '_'. r=nelsonb.
2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com
d42e92ad88
Fix hoarked build from previous checkin. Doh.
2005-09-16 21:28:20 +00:00
wtchang%redhat.com
b427dc6efe
Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and
...
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute. r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
2005-09-16 20:37:58 +00:00
julien.pierre.bugs%sun.com
c56d3589f6
Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson
2005-09-16 20:33:09 +00:00
wtchang%redhat.com
2e75eae9d5
Bugzilla Bug 288728: handle invalid values of recipient identifier type.
...
r=jpierre,relyea.
2005-09-16 17:54:31 +00:00
wtchang%redhat.com
019a13cbeb
Bugzilla Bug 288728: use a whitelist instead of a blacklist when checking
...
for invalid values of "type". r=jpierre,relyea.
2005-09-16 17:52:37 +00:00
wtchang%redhat.com
dcad184fa4
Bugzilla Bug 303508: removed the underscore from the name of the "single"
...
freebl shared library (freebl_3.dll -> freebl3.dll). Do the recursive
child builds without changing directories. This fixed the BUILD_TREE build
problem. r=nelsonb,saul.edwards.
Modified files: Makefile freebl.def manifest.mn
2005-09-16 17:17:45 +00:00
wtchang%redhat.com
65241f7ef4
Removed an unnecessary -L linker flag. r=nelsonb,saul.edwards.
2005-09-16 17:02:49 +00:00
wtchang%redhat.com
3eac80068d
Bugzilla Bug 303508: code cleanup. r=nelsonb,jpierre.
2005-09-16 16:59:22 +00:00
nelsonb%netscape.com
9499265f5c
Plug leaks in SSL bypass code. Add freeit argument to HMAC_Destroy function.
...
Change existing callers to pass this argument. Call HMAC_Destroy from SSL.
Bug 305147. r=Julien.Pierre
Modified Files: freebl/alghmac.c freebl/alghmac.h freebl/loader.c
freebl/loader.h freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
ssl/ssl3con.c
2005-09-14 04:12:50 +00:00
wtchang%redhat.com
f889a99cbb
Bugzilla Bug 301554: Clear the 'present' flag if slot fails to refresh.
...
relyea wrote the patch. r=wtc,nelsonb.
2005-09-14 01:35:02 +00:00
nelsonb%netscape.com
fdffe11308
Fix regression introduced in last checkin. If the caller disables the
...
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack. bug 305147. r=julien.pierre
2005-09-10 01:18:40 +00:00
saul.edwards%sun.com
d016e006b8
Bug 305147: add -B (bypass SSL) and -s (disable SSL locking) to server and client commands; add bypass testing to SSL test suite.
2005-09-09 04:50:07 +00:00
nelsonb%netscape.com
4b56704437
Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS.
...
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c. derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
1d31068271
Export function PK11_MapSignKeyType for use by libSSL. Bug 305147.
...
r=relyea.
Modified Files: nss/nss.def pk11wrap/pk11mech.c pk11wrap/pk11obj.c
pk11wrap/pk11pub.h pk11wrap/secmodi.h
2005-09-09 02:03:57 +00:00
christophe.ravel.bugs%sun.com
cba8f8955c
238319: Sun packages changes.
...
Install 64 bit libraries in lib64 on Linux.
2005-09-08 22:23:54 +00:00
saul.edwards%sun.com
80e0981d59
Packaging for bug 303508: new freebl library names for Solaris packages.
...
Note that Linux does not require these changes because the Makefile picks up
all .so and .chk files for Linux packages.
2005-09-08 02:25:49 +00:00
wtchang%redhat.com
4250ad5929
Bugzilla Bug 299197: define two bitflags for every PKCS #11 object
...
attribute with no exceptions. renamed PK11_ATTR_READONLY as
PK11_ATTR_UNMODIFIABLE. In pk11_OpFlagsToAttributes, backed out a change
I made before. Made pk11_AttrFlagsToAttributes table-driven. In
pk11_loadPrivKeyWithFlags, fixed the bug (always loading the public key as
a token object). Other code cleanups. r=relyea,nelsonb.
Modified files: pk11akey.c pk11obj.c pk11pub.h pk11skey.c secmodt.h
2005-09-07 18:23:35 +00:00
saul.edwards%sun.com
0194469cc5
Bug 303508: Add freebl shared libs that do 64-bit integer math. Bug 274984: softoken fails to load freebl in setuid programs. freebl becomes a shared library on all platforms. r=nelson
...
Modified Files:
coreconf/HP-UXB.11.mk coreconf/SunOS5.mk
nss/cmd/shlibsign/Makefile nss/cmd/shlibsign/manifest.mn
nss/lib/freebl/Makefile nss/lib/freebl/arcfour.c
nss/lib/freebl/blapi.h nss/lib/freebl/config.mk
nss/lib/freebl/ldvector.c nss/lib/freebl/loader.c
nss/lib/freebl/loader.h nss/lib/freebl/manifest.mn
Added Files:
nss/lib/freebl/freebl.def
2005-09-07 02:47:16 +00:00
glen.beasley%sun.com
8ebcacd943
305984 update FIPS values for cipher suites file=sslinfo.c r=bob,sr=wtc
2005-09-06 17:15:32 +00:00
julien.pierre.bugs%sun.com
132ddbe43e
Fix 306785 . Memory leaks in PQG_ParamGenSeedLen . r=nelson
2005-09-02 20:05:35 +00:00
wtchang%redhat.com
db235ef59a
Bugzilla Bug 299197: added PK11AttrFlags and PK11_GenerateKeyPairWithFlags.
...
Modified PK11_TokenKeyGenWithFlags to take a PK11AttrFlags parameter.
PK11AttrFlags controls the values of commonly used PKCS #11 object
attributes that have Boolean values. r=relyea,nelsonb.
Modified Files:
nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11obj.c
pk11wrap/pk11pub.h pk11wrap/pk11skey.c pk11wrap/secmodi.h
pk11wrap/secmodt.h
2005-09-02 18:25:04 +00:00
wtchang%redhat.com
184d7ab678
Bugzilla Bug 305835: removed NSS_ENABLE_ECC ifdefs under nss/lib except
...
nss/lib/{freebl,softoken,ssl}. r=nelsonb.
Modified Files:
cryptohi/keyhi.h cryptohi/manifest.mn cryptohi/seckey.c
cryptohi/secsign.c freebl/ec.c pk11wrap/manifest.mn
pk11wrap/pk11akey.c pk11wrap/pk11cert.c pk11wrap/pk11mech.c
pk11wrap/pk11obj.c pk11wrap/pk11skey.c pkcs12/manifest.mn
pkcs12/p12d.c pkcs7/config.mk pkcs7/p7decode.c
pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
smime/config.mk
2005-09-02 01:24:57 +00:00
wtchang%redhat.com
afccecc775
Bugzilla Bug 257693: code cleanup. 1. Change "X9.63" to "X9.62". 2. In
...
EC_ValidatePublicKey, set error codes and handle a NULL return from
ECGroup_fromName. 3. In the ECGroupStr structure, move the validate_point
field up. 4. In the test cases, if the tests that should fail, passed,
say so in the error messages. r=douglas@stebila.ca .
Modified Files:
blapi.h ec.c ecl/ecl-priv.h ecl/ecl.c ecl/ecl.h
ecl/tests/ec2_test.c ecl/tests/ecp_test.c
2005-08-27 01:09:22 +00:00
relyea%netscape.com
33f6464950
Bug 302416 NSS root cert module & fortezza should not be using NSPR static libraries
...
r=wtc
sr-julien
Side effects: Root cert module now works with CKF_OS_LOCKING_OK and not callbacks,
but does not work if CKF_OS_LOCKING_OK == 0 and callbacks are define.
2005-08-25 20:08:27 +00:00
wtchang%redhat.com
d624f9129a
Bugzilla Bug 296410: further simplify the code by always referencing the
...
buffer using the same union member. r=relyea.
VFYContextCVS: ----------------------------------------------------------------------
2005-08-24 23:05:39 +00:00
julien.pierre.bugs%sun.com
22ff330626
Fix AIX build problem
2005-08-18 23:37:31 +00:00
nelsonb%netscape.com
3c64b87604
Remove fortezza header files from package. Bug 239960. patch by
...
wtchang@redhat.com , r=nelson@bolyard.com Modified Files: prototype
2005-08-18 03:42:00 +00:00
julien.pierre.bugs%sun.com
6b5d842c09
Fix for bug 217024. add a function for comparing cert validity periods. r=wtchang
2005-08-17 02:04:12 +00:00
saul.edwards%sun.com
c3fa2091c5
Bug 303507: Add comba for MPI's multiply and square routines.
...
This code is currently for AMD 64 on both Linux and Solaris only.
2005-08-16 19:25:48 +00:00
nelsonb%netscape.com
d391504d03
Remove fortezza code from libSSL and from the SSL test programs.
...
Stop building fortezza's special software token, and fortezza specific
test programs. Bug 239960. r=rrelyea.
Modified Files:
cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
lib/ssl/sslt.h
2005-08-16 03:42:26 +00:00
wtchang%redhat.com
3e2e9c754f
Bugzilla bug 296410: checked in a better fix than the previous checkin.
...
Also removed the unused, unexported function SEC_VerifyFile. r=nelsonb.
2005-08-16 01:57:51 +00:00
wtchang%redhat.com
88fb7bee52
Bugzilla bug 296410: removed unused, unexported function SEC_SignFile.
...
r=nelsonb.
2005-08-16 01:52:17 +00:00
wtchang%redhat.com
af11fc1310
Bugzilla Bug 302670: enable NSS to use system zlib and do that on Linux.
...
r=nelsonb.
Modified Files:
coreconf/Linux.mk nss/cmd/Makefile nss/cmd/manifest.mn
nss/cmd/platlibs.mk
2005-08-16 01:08:59 +00:00
wtchang%redhat.com
e758a9999b
Bugzilla Bug 298612: make sure that the int argument that we pass to the
...
isspace, etc. macros is EOF or between 0 and 255. r=nelsonb.
2005-08-15 22:06:47 +00:00
wtchang%redhat.com
5e25df8763
Bugzilla Bug 298957: removed a comment. The code already does what the
...
comment asked for. r=relyea.
2005-08-15 21:34:42 +00:00
wtchang%redhat.com
55197b5cfd
Bugzilla Bug 289530: fixed signed/unsigned comparison compiler warnings.
...
Fixed compilation errors of new ECC code added in the previous checkin.
r=nelsonb.
2005-08-15 21:23:39 +00:00
relyea%netscape.com
29e52be20d
Remove ^M from the tree version of mpcpucache.c
2005-08-15 19:00:17 +00:00
saul.edwards%sun.com
95723d010a
Bug 285932: Faster SHA1 implementation for AMD64: sha-fast-amd64-sun.s is
...
currently only for Solaris AMD 64 when using Sun studio compilers.
2005-08-15 16:55:22 +00:00
wtchang%redhat.com
2577eb148c
Bugzilla bug 302286: fixed the bug that NSS misinterpreted the
...
CKA_PRIME_BITS attribute for DSA's p parameter. r=relyea.
Modified files: pk11wrap/pk11pqg.c softoken/pkcs11c.c
2005-08-13 00:09:26 +00:00
wtchang%redhat.com
12ebc20147
Bugzilla Bug 302286: PQG_PBITS_TO_INDEX should reject p bits that are
...
less than 512 or greater than 1024. r=relyea.
2005-08-13 00:07:18 +00:00
wtchang%redhat.com
0824c317a1
Bugzilla Bug 296410: enlarge the buffer size for message digest so that
...
we can generate and verify signatures that use SHA-512. r=relyea
Modified files: secsign.c secvfy.c
2005-08-12 23:50:19 +00:00
wtchang%redhat.com
3caf238827
Bugzilla bug 240554: Alice's cert doesn't need to be added to Bob's db.
...
r=relyea.
Modified files: cert.sh eccert.sh
2005-08-12 23:27:44 +00:00
wtchang%redhat.com
148653a358
Bugzilla bug 240554: we should pass the signature algorithm, not the
...
public key's algorithm, to VFY_VerifyData and VFY_VerifyDigest. Only
fixed this in cmssiginfo.c. In p7decode.c I just added comments saying
they should be fixed. r=relyea.
Modified files: lib/smime/cmssiginfo.c lib/pkcs7/p7decode.c
2005-08-12 23:26:38 +00:00
wtchang%redhat.com
1a568d0852
Bugzilla bug 240554: set (better) error codes and removed an unreachable
...
break statement. r=relyea.
2005-08-12 23:24:22 +00:00
wtchang%redhat.com
c0bd0e749a
Bugzilla bug 240554: fixed signed/unsigned comparison compiler warning.
...
r=relyea.
2005-08-12 23:22:28 +00:00