Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-13 05:15:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
102,149 Commits 615 Branches 98 Tags 5.8 GiB
c99d697275
Commit Graph

1957 Commits

Author SHA1 Message Date
relyea%netscape.com
600cb240a3 Add code to update nickname and 'CKA_ID' from set attribute calls. This allows 
us to add a nickname to a cert after we import it from pkcs #12.
 2002-04-26 01:44:33 +00:00
relyea%netscape.com
fbb0134208 Write the nickname entry as well when adding a nickname to a bug. 2002-04-26 01:09:21 +00:00
relyea%netscape.com
2cd6213ca5 Detect Active Card presents and disable PROTECTED_PIN_PATH login when found. 2002-04-25 21:24:47 +00:00
wtc%netscape.com
d3e14fdce2 Deleted code that was made obsolete by the previous revision. 2002-04-25 21:10:09 +00:00
relyea%netscape.com
1abdbba5a8 Don't let activeCards set the Protect_Auth bit because they weren't intending to 
to begin with.
 2002-04-25 20:57:06 +00:00
ian.mcgreer%sun.com
44d76f3678 if a cert already exists, use C_SetAttributeValue to change its mutable attributes during import (instead of trying to recreate it) 2002-04-25 20:49:49 +00:00
ian.mcgreer%sun.com
05bc7f4136 bug 138626, remove deleted cert from cache even if references still exist 2002-04-25 19:37:30 +00:00
ian.mcgreer%sun.com
2e14215952 reorganize token cache so that cache entries for imported objects are created from the token, not from the user-supplied template 2002-04-25 19:33:47 +00:00
relyea%netscape.com
b02d968215 NSS 3.4 has branch, that makes the tip at least NSS 3.5 2002-04-25 18:51:45 +00:00
relyea%netscape.com
0008ea5125 Don't set the Token value before fetching CRL attributes. This code is fetching 
attributes from a known CRL, not looking up new attributes (I'm pretty sure that
CVS apropos would show I checked in the previously wrong code).

bob
 2002-04-25 18:33:45 +00:00
sonja.mirtitsch%sun.com
adb8e67a58 trying a version that can test tip as default for tinderbox and 341 
as default for nightly QA
 2002-04-25 01:04:10 +00:00
relyea%netscape.com
8747bf72ad Don't crash if our cache entry is not found. 2002-04-25 00:45:42 +00:00
relyea%netscape.com
35695b7987 Turn off caching for non-hardware tokens for now until we fix some of our 
tokens which can be updated out-of-band to use the proper 'removable token'
semantics.
 2002-04-25 00:25:58 +00:00
relyea%netscape.com
df120eb43d Don't crash if we don't find the profile (and thus don't have a slot to free). 2002-04-24 22:23:37 +00:00
ian.mcgreer%sun.com
217231840b This is a real corner case. If a search is done by issuer/serial, and the returned cert was in the cache, need to see if the cert's slot was removed. If so, destroy the cert and retry the search on the present tokens. 2002-04-24 19:39:41 +00:00
relyea%netscape.com
23724ed2c8 Don't crash when getting a single user cert, but old certs are in the database 
with the same subject, but no keys.
 2002-04-24 18:29:04 +00:00
relyea%netscape.com
ac5aeb9932 Look up both DER encoded serial numbers (PKCS #11 spec), and decode serial 
numbers (Old NSS) when looking up certs by issuer and SN.
 2002-04-24 18:27:17 +00:00
relyea%netscape.com
71e35b07b7 Authenticate to tokens before looking up user certs. 2002-04-24 18:25:48 +00:00
thayes%netscape.com
df2c867541 Reserved Netscape extension (NETSCAPE 1 18) 2002-04-23 23:48:20 +00:00
ian.mcgreer%sun.com
9221a5bd63 fix shutdown leaks 2002-04-23 17:22:13 +00:00
ian.mcgreer%sun.com
caad76ef9c avoid use of iterator 2002-04-22 20:44:07 +00:00
ian.mcgreer%sun.com
f9f60b9735 NewTemp has to be matched with AddTempCertToPerm 2002-04-22 20:27:52 +00:00
relyea%netscape.com
ce09346d8c Token and cert processing fixes: 
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
   2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
   3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
   4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
   5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).
 2002-04-22 19:09:01 +00:00
ian.mcgreer%sun.com
9596c39faa file is no longer part of build (functionality in devtoken.c) 2002-04-22 18:28:30 +00:00
ian.mcgreer%sun.com
a4591dfe82 overwrite old entry during import, so that changing trust works correctly 2002-04-22 15:21:06 +00:00
ian.mcgreer%sun.com
abac680269 fix bugs in cert import with smart card cache 2002-04-22 14:14:44 +00:00
ian.mcgreer%sun.com
a7ab27bc63 re-sync the trust domain cache with token insertion/removal 2002-04-19 23:06:44 +00:00
ian.mcgreer%sun.com
36e1d960b7 * make sure the token cache returns failure in overflow case 
* change internal module trust order again, builtins uses 100, and internal module must come first
 2002-04-19 19:30:12 +00:00
ian.mcgreer%sun.com
3a62ba7fdd try again, the default is 50 so the internal module must be higher 2002-04-19 19:19:33 +00:00
ian.mcgreer%sun.com
7061750a28 make sure the internal module defaults to trust order > 50 2002-04-19 19:01:45 +00:00
ian.mcgreer%sun.com
7c6de6462d improve synchronization between the token state and token cache operations 2002-04-19 17:32:22 +00:00
ian.mcgreer%sun.com
a4d9b8b514 Only fall back to email search if the "nickname" has an @ character. This is because email searches will not go through the cache, so should be avoided if possible. 2002-04-19 16:22:31 +00:00
ian.mcgreer%sun.com
5377ca2a6c Fixes for smart card cache. Don't do cache searches by email address, since GetAttributeValue does not set that field. Handle removal correctly for item at tail of list. Don't search token after a successful cache search that returned zero hits. 2002-04-19 16:14:13 +00:00
jpierre%netscape.com
2d21c59ccc Fix for 138084 - free slot list if NSC_Initialize fails 2002-04-18 20:54:22 +00:00
ian.mcgreer%sun.com
ee8ba26ef6 catch non-present tokens before searching them 2002-04-18 19:37:12 +00:00
ian.mcgreer%sun.com
f618a840b0 two fixes for certs with multiple instances 2002-04-18 19:26:17 +00:00
relyea%netscape.com
8964d7d12e Don't crash if we try to get the name of a non-existant token. 2002-04-18 17:54:30 +00:00
relyea%netscape.com
77950da5b1 Remember the nickname in the cache entry so that we can always free it when the cert goes away, even if the nickname has changes. 
Also, initialize subjectList to NULL at the beginning, so we don't try to add nickname when we aren't supposed to.
 2002-04-18 17:52:55 +00:00
relyea%netscape.com
a9286881d6 We need to make sure we always return a trust object, even if that object says 
there is no trust.
 2002-04-18 17:50:40 +00:00
ian.mcgreer%sun.com
5dbec9a12d landing new smart card cache, bug 135429 2002-04-18 17:30:05 +00:00
wtc%netscape.com
f971211696 Bugzilla bug 126087: removed symKey->refLock because we are using atomic 
routines on symKey->refCount now.  Declare symKey->refCount as PRInt32 to
match the prototype of PR_AtomicIncrement/Decrement.
Modified files: pk11skey.c secmodti.h
 2002-04-17 01:03:23 +00:00
wtc%netscape.com
8236aafeec Bugzilla bug 133584: PK11_SaveSMimeProfile also needs to free free_slot if 
it returns on error.
 2002-04-16 22:40:07 +00:00
sonja.mirtitsch%sun.com
f091c5b444 changes for jdk 1.4; and mccrel move 2002-04-16 20:57:42 +00:00
relyea%netscape.com
117c6b4800 Don't free the temp secmod.db name until we are through using it. 2002-04-16 00:24:34 +00:00
ian.mcgreer%sun.com
b4146d9933 bug 63815, AIX compiler fails to build ckhelper.c in debug mode 2002-04-15 21:04:00 +00:00
ian.mcgreer%sun.com
54e6d33515 fix bbroken solaris x86 build 2002-04-15 16:20:39 +00:00
ian.mcgreer%sun.com
a7256cf9ec bug 135521, change cert lookups on tokens to be actual finds instead of traversals 2002-04-15 15:22:11 +00:00
ian.mcgreer%sun.com
a9ff4e3f4d fix a cert reference leak in strsclnt 2002-04-15 14:24:15 +00:00
kirk.erickson%sun.com
9cf5576b32 Resolves 126087. Backed out of slot->keyCount atomic instructions. 2002-04-14 14:07:12 +00:00
ian.mcgreer%sun.com
6d36e7eddc fix error statement 2002-04-12 19:17:48 +00:00