Commit Graph

2110 Commits

Author SHA1 Message Date
relyea%netscape.com
eb96a2084d 1) When looking for a trust token, return tokens in the following priority order:
1) r/w token with trust.
2) r/o token with trust.
3) r/w token
4) r/o token

Also, don't crash if we try to change the trust on a cert in temp storage, just return an error.
2002-07-10 21:34:01 +00:00
wtc%netscape.com
a71935e132 Bug 155626: Handle the failure of ocsp_CreateCertID and use the new
CERT_GetOCSPResponseStatus function.
2002-07-10 15:16:10 +00:00
wtc%netscape.com
28c55e9bf1 Sorted the NSS 3.6 symbols in alphabetical order. 2002-07-10 15:04:23 +00:00
jpierre%netscape.com
9f541c35f5 Fix for 149832 :
do not check certUsageVerifyCA
clean-up comments
correctly check for signature after first try
2002-07-10 05:02:46 +00:00
jpierre%netscape.com
79e42fa05e Back out last change 2002-07-10 03:41:02 +00:00
jpierre%netscape.com
e7792d0931 Fix bug in new CERT_VerifyCertificate function - fix for 149832 2002-07-10 03:30:15 +00:00
relyea%netscape.com
30e66d1db6 Handle the case where the cert is in both the built-ins and the internal module. 2002-07-10 03:24:14 +00:00
relyea%netscape.com
a035ec8c53 Don't crash if a pkcs #11 device gives us an invalid CRL (or even a valid CRL that we don't know how to parse). 2002-07-10 01:31:01 +00:00
relyea%netscape.com
e42ef90c97 Don't delete the nickname entry until we go to delete the subject entry as well. 2002-07-10 01:04:10 +00:00
jpierre%netscape.com
9bfb36161f Fix for 154212 2002-07-10 00:56:16 +00:00
jpierre%netscape.com
c101367238 Fix for 154212 - update patch for CERT_SaveSMimeProfile based on Bob's comments 2002-07-10 00:07:39 +00:00
wtc%netscape.com
f1205a5879 Removed README.TXT, which is just README with Windows line endings (CRLF). 2002-07-09 17:11:25 +00:00
wtc%netscape.com
93a5154bf5 Added the README file, which explains how to add a root CA certificate to
the nssckbi loadable root certs module.
2002-07-09 17:00:30 +00:00
relyea%netscape.com
73bc75ae28 treat lastTime of 0 as never having checked (not within the interval). 2002-07-09 04:40:35 +00:00
relyea%netscape.com
006e3925e9 1) fix return type warning in pk11ListCertsCallback.
2) treat lastTime==0 as always outside the delay time. (removes spurious
prompts in FIPS mode on some platforms.)
2002-07-09 04:39:35 +00:00
jpierre%netscape.com
967d483ebe Add new CERT_VerifyCertificate function - fix for 149832 2002-07-04 03:09:49 +00:00
javi%netscape.com
6f5c3918c6 Go back to the lower case mechanism for the ocspResponse_* flags. 2002-07-03 20:22:27 +00:00
javi%netscape.com
218a44e67b Final patch for Bug 155626 which enables 3rd party apps to use the NSS
libraries to encode/decode OCSP responses/requests on their own.
2002-07-03 20:18:10 +00:00
javi%netscape.com
7c36eac5d2 Use the newly exported symbol names. 2002-07-03 00:13:25 +00:00
javi%netscape.com
1f078c5776 Break up OCSP so that 3rd party apps can send off an OCSP request and parse
it.
2002-07-03 00:02:39 +00:00
relyea%netscape.com
4f9e4c1700 Handle the case where we don't get the Token object from NewToken (It gets converted from a session object in handleobjects). 2002-07-02 19:58:49 +00:00
relyea%netscape.com
6880c87a8d More performance improvements in listing certs:
1) reduce more short term memory allocate/frees.
	2) remove sha1 hash calculations from critical paths.
	3) when listing user certs, skip decoding of non-user certs.
2002-07-02 15:11:29 +00:00
relyea%netscape.com
af924e2843 Initialize type fields to supress purify uninitialized reference warnings. 2002-06-28 03:00:10 +00:00
jpierre%netscape.com
6f31863e61 Add VISA root cert - bug 139874 2002-06-28 01:07:37 +00:00
wtc%netscape.com
c81143956b Bugzilla bug 154656: changed "softoken" to "softokn" to match the file
name.
2002-06-27 18:34:17 +00:00
jpierre%netscape.com
7ecdf837d4 Fix for 154212 - make CERT_SaveSMimeProfile copy the cert to the database if it comes from an external source 2002-06-27 00:18:35 +00:00
relyea%netscape.com
43480112f3 Initialize type field to clear off purify warnings. 2002-06-25 23:00:59 +00:00
relyea%netscape.com
c8d5ba28b5 Don't force the update if the cert doesn't already exist. 2002-06-25 22:58:13 +00:00
relyea%netscape.com
87a3188583 Collect the full names of the certs, not just the stan names. 2002-06-25 22:57:22 +00:00
relyea%netscape.com
6061b43df2 Add new function which returns the NSS 3.4 style nickname directly from a
NSSCertificate structure.
2002-06-25 22:33:37 +00:00
ian.mcgreer%sun.com
4091f82677 two more places to dump templates 2002-06-25 19:40:16 +00:00
ian.mcgreer%sun.com
bb3bfc1199 fix AIX builds, 64-bit compiler chokes on large switches in debug builds 2002-06-25 16:57:40 +00:00
relyea%netscape.com
5fc7efb515 Fix solaris compiler error/warning. Fix prototype to return correct value (PRBool not PRStatus). 2002-06-24 23:54:16 +00:00
relyea%netscape.com
7caefab6ed Don't decode or extract trust for certs if we are just getting the nicknames -- particularly for user certs. 2002-06-24 22:36:59 +00:00
ian.mcgreer%sun.com
2a67969b3c fix broken AIX builds 2002-06-24 22:29:12 +00:00
ian.mcgreer%sun.com
b73a1edc81 log more mechanisms and templates 2002-06-24 22:22:57 +00:00
relyea%netscape.com
cbeed1cfd5 Copy the type value as well as the rest. 2002-06-24 21:57:27 +00:00
relyea%netscape.com
7cc9843630 More performance improvements for PK11ListCerts/ CERT_GetUserCertByUsage(). 2002-06-24 21:54:41 +00:00
nelsonb%netscape.com
071fe9ae9c Fix bug 135261. Create symbolic names for the values 2 and 3 for the
SSL_REQUIRE_CERTIFICATE option.  Value 2 has always been the default.
New Value 3 is appropriate for servers that want to re-request, but
still not require, client-auth from a client with whom an SSL session
is already established.
2002-06-22 01:40:32 +00:00
relyea%netscape.com
3c89da1564 Need to preserve non-modifiable trustbits. 2002-06-21 22:28:03 +00:00
relyea%netscape.com
aa8dddaacb zero structure before we fill it in, not after 2002-06-21 20:25:49 +00:00
wtc%netscape.com
47b432c0f5 Bug 153380: TLS is enabled by default now. 2002-06-21 18:25:46 +00:00
javi%netscape.com
b81e7cc522 Make the file C++ friendly. 2002-06-20 22:32:38 +00:00
relyea%netscape.com
ffa0ecc514 Reduce the cost of decoding a certificate. 2002-06-20 18:53:16 +00:00
relyea%netscape.com
d7a32bbce6 reduce the calls to get the login state as these calls seem to be pretty expensive
for some tokens.
2002-06-20 18:49:45 +00:00
relyea%netscape.com
eb95452896 Patches to reduce the cost of getting attributes on certs or finding certs in lists. 2002-06-20 18:46:47 +00:00
ian.mcgreer%sun.com
48d6b949c1 bug 98926, PKCS#11 session logging 2002-06-19 18:32:57 +00:00
rangansen%netscape.com
bff8c533ce exporting CERT_VerifyCertChain. r=relyea 2002-06-19 15:58:51 +00:00
ian.mcgreer%sun.com
4cf84d39dd missed part of last patch (bug 145322) 2002-06-19 15:26:55 +00:00
ian.mcgreer%sun.com
e30639f9cd bug 145322, second patch, clean up pk11_saveContextHelper 2002-06-19 15:22:54 +00:00