to genname.h, and eliminate declarations from cert.h that were also
in genname.h. If we ever decide to make any of these functions public,
we can move their declarations back to cert.h.
Rewrite CERT_CompareAVA to compare the type OIDs first, and then if
the values are not of the same encoding, convert them before comparing.
Also, do comparisons of printableString encoding properly. Bug 208649.
PA-RISC executable calls getcwd() in a network-mounted directory, it fails
with ENOENT. Since nsinstall calls getcwd(), this breaks our 64-bit HP-UX
nightly builds. We worked around this problem by building nsinstall as a
32-bit PA-RISC executable for 64-bit PA-RISC builds. This checkin added a
new make variable INTERNAL_TOOLS which can be set in makefiles whose target
is a tool used only during the build. Such a tool can be built differently
from NSS proper as long as the tool runs on the build machine.
Modified Files: HP-UXB.11.mk nsinstall/Makefile
1, It uses two new symbols SSOCK_FD and STDIN_FD instead of 0 and 1 to
reference members of the poll set array. I just could never remember whether
pollset[0] was the socket or was stdin. Now I don't have to remember.
This changes a lot of lines, but is very simple.
2. It implementa a new flag clientSpeaksFirst, set with the -f option.
The only effect of this flag is whether the value of
pollset[SSOCK_FD].in_flags is initially zero (if true) or PR_POLL_READ (if false). Note that pollset[SSOCK_FD].in_flags is set to PR_POLL_READ after
each succesful write to the socket.
unix_rand.c, and win_rand.c. 2. Make secrng.h and pqgutil.h private.
3. Public header pk11pqg.h can't include private header pqgutil.h.
4. Many files don't need to include secrng.h. A few don't need to include
pqgutil.h. 5. Remove duplicate declarations of PQG_DestroyParams and
PQG_DestroyVerify from blapi.h.
client auth and SSL3 client doesn't authenticate. The fix is to coalesce
the SSL3 no_certificate alert record with the following records (e.g.
client_key_exchange handshake, change_cipher_spec and finished handshake).
Fix bugs 207313 and 118668.
Both selfserv and strsclnt no longer OptimizeSpace. Moved SECMOD_DB
defines from nssinit.c to nss.h, make it availble for public use with
NSS_Initialize().
client does not supply it, so that the client actually will NOT supply
it. Previously, the client was supplying client auth in all these tests,
and the https requests were completing succesfully, when they should have
been failing. Bug 207398.
disabling SSL3 and TLS respectively. With this change, the QA stress
tests that say they're testing SSL3 or TLS can finally test what they
claim they are testing.
