Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 09:05:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
109,351 Commits 615 Branches 98 Tags 5.9 GiB
ec39c6ef5f
Commit Graph

103 Commits

Author SHA1 Message Date
wtc%netscape.com
ec39c6ef5f Bug 169790: renamed CERT_DecodeDERCrlEx to CERT_DecodeDERCrlWithFlags. 
Modified files: certdb/cert.h certdb/crl.c nss/nss.def pk11wrap/pk11cert.c
 2002-09-23 21:31:47 +00:00
jpierre%netscape.com
870b616b11 Fix indentation 2002-09-17 21:31:28 +00:00
jpierre%netscape.com
b6bb993d1b Fix UMC in Purify 2002-09-16 23:25:04 +00:00
jpierre%netscape.com
39e52ee09a Add assertion to help debugging CRL crash 2002-09-14 05:41:42 +00:00
wtc%netscape.com
ccb57e7a19 Bug 127886: added the new function PK11_ImportDERCert. 
Modified files: nss/nss.def pk11wrap/pk11cert.c pk11wrap/pk11func.h
 2002-09-07 04:48:57 +00:00
relyea%netscape.com
dcf684fc77 Bug 166893: copy the DER cert when importing the certificate 2002-09-06 18:48:37 +00:00
wtc%netscape.com
a897ae16a9 Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux. 
The patch for this checkin is attached to bug 166785.
 2002-09-06 00:27:52 +00:00
relyea%netscape.com
724f0590f9 Check the cert validity only if we actually found a cert. 2002-08-30 20:37:58 +00:00
relyea%netscape.com
8c67c1f99d When looking for a recipient match, reject non-user certs. 2002-08-29 22:19:46 +00:00
relyea%netscape.com
7ec5b51352 Bug 164690. Fix missing break; 2002-08-26 21:16:07 +00:00
relyea%netscape.com
0fb6e546c6 bug 161552: Make the recipient list traversal functions call the internal 
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.
 2002-08-14 20:42:40 +00:00
relyea%netscape.com
fee201085d Don't crash if we try to read a nickname that has an invalid cert with it. 2002-08-01 22:28:11 +00:00
bishakhabanerjee%netscape.com
65f7eca2f9 Checking in riceman+bmo@mail.rit.edu's patch for bug 133702 2002-07-30 20:57:44 +00:00
relyea%netscape.com
2cf20e0041 return certs in sorted order. 2002-07-23 00:34:20 +00:00
jpierre%netscape.com
a82b9f46ba 158005 - add new CRL decode and import functions . Benefits are : 
- ability to import to any slot
- ability to specify decode options, such as "don't copy DER"
- ability to specify import options, such as "don't do CRL checks"
This patch also maps the existing functions SEC_NewCrl and CERT_ImportCRL
to this new function, eliminating the code duplication that existed
 2002-07-19 00:59:34 +00:00
wtc%netscape.com
56c3c291e5 Bug 157750: handle the possibility that some certs do not have a label. 2002-07-16 21:13:40 +00:00
relyea%netscape.com
a035ec8c53 Don't crash if a pkcs #11 device gives us an invalid CRL (or even a valid CRL that we don't know how to parse). 2002-07-10 01:31:01 +00:00
relyea%netscape.com
006e3925e9 1) fix return type warning in pk11ListCertsCallback. 
2) treat lastTime==0 as always outside the delay time. (removes spurious
prompts in FIPS mode on some platforms.)
 2002-07-09 04:39:35 +00:00
relyea%netscape.com
6880c87a8d More performance improvements in listing certs: 
1) reduce more short term memory allocate/frees.
	2) remove sha1 hash calculations from critical paths.
	3) when listing user certs, skip decoding of non-user certs.
 2002-07-02 15:11:29 +00:00
relyea%netscape.com
7caefab6ed Don't decode or extract trust for certs if we are just getting the nicknames -- particularly for user certs. 2002-06-24 22:36:59 +00:00
relyea%netscape.com
3839be90f6 Update cert handle on token insertion/removal. 2002-06-13 21:43:30 +00:00
ian.mcgreer%sun.com
dc613b61ee bug 144309, return value of STAN_GetCERTCertificate not checked 
r=wtc
 2002-05-20 18:05:11 +00:00
wtc%netscape.com
43f8939e7c Bugzilla bug 135058: free nickCopy on error returns in 
PK11_FindCertsFromNickname.  r=mcgreer.
 2002-05-09 20:01:18 +00:00
relyea%netscape.com
56f8e3b5e8 Automatically create a NULL email profile for certs with email addresses which 
are imported into the internal token.
 2002-05-07 20:38:59 +00:00
ian.mcgreer%sun.com
f0d29104b1 bug 141355, CERT_DecodeDERCertificate is not a safe function for some uses, must be replaced with CERT_NewTempCertificate. 2002-05-02 19:00:13 +00:00
ian.mcgreer%sun.com
217231840b This is a real corner case. If a search is done by issuer/serial, and the returned cert was in the cache, need to see if the cert's slot was removed. If so, destroy the cert and retry the search on the present tokens. 2002-04-24 19:39:41 +00:00
relyea%netscape.com
71e35b07b7 Authenticate to tokens before looking up user certs. 2002-04-24 18:25:48 +00:00
relyea%netscape.com
ce09346d8c Token and cert processing fixes: 
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
   2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
   3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
   4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
   5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).
 2002-04-22 19:09:01 +00:00
ian.mcgreer%sun.com
abac680269 fix bugs in cert import with smart card cache 2002-04-22 14:14:44 +00:00
ian.mcgreer%sun.com
a4d9b8b514 Only fall back to email search if the "nickname" has an @ character. This is because email searches will not go through the cache, so should be avoided if possible. 2002-04-19 16:22:31 +00:00
ian.mcgreer%sun.com
ee8ba26ef6 catch non-present tokens before searching them 2002-04-18 19:37:12 +00:00
ian.mcgreer%sun.com
5dbec9a12d landing new smart card cache, bug 135429 2002-04-18 17:30:05 +00:00
wtc%netscape.com
8236aafeec Bugzilla bug 133584: PK11_SaveSMimeProfile also needs to free free_slot if 
it returns on error.
 2002-04-16 22:40:07 +00:00
ian.mcgreer%sun.com
a7256cf9ec bug 135521, change cert lookups on tokens to be actual finds instead of traversals 2002-04-15 15:22:11 +00:00
relyea%netscape.com
7aa8e229f4 Bug 133584: Fix reference leaks which prevent shutdown in NSS and in the tests. 
Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which
will cause an assert if shutdown is called but not all the modules are freed (which
means a slot, key, or cert reference has been leaked).
 2002-04-12 19:05:21 +00:00
relyea%netscape.com
7df2fc6877 Don't include the public key on a list if it doesn't exist. 2002-04-04 18:07:19 +00:00
relyea%netscape.com
fd92279500 Cache whether there are no CRL's and Trust objects on removable HW tokens 2002-03-07 23:21:39 +00:00
ian.mcgreer%sun.com
ab7d7da30f bug 129298, handle different nicknames across tokens 
r=relyea/a=wtc
 2002-03-07 22:08:00 +00:00
relyea%netscape.com
578a4b59ae bug 125808 : 
Reset the token name on token removal.
Check for token presence to reset the session handle.
Consolidate the NSS3 style TokenInit with the stan init so everything is in sync.
r=ddrinan
 2002-03-06 01:44:50 +00:00
relyea%netscape.com
dfe3ee8685 Don't go searching for the matching certs if they weren't on the token the 
private key lived on.
 2002-03-01 02:15:00 +00:00
ian.mcgreer%sun.com
3e984aecf0 bug 125808, refresh trust and slot pointers of cert after token removal/insertion 2002-02-28 22:55:30 +00:00
ian.mcgreer%sun.com
0900842e0a bug 125808, smart card cache fixes 2002-02-27 22:41:56 +00:00
relyea%netscape.com
dc5064178b Don't crash on when adding certs with null url's . 2002-02-27 16:59:33 +00:00
ian.mcgreer%sun.com
0d658ba4f8 bug 125796, make sure all CERTCertificates are destroyed as such, and that cache collisions when traversing are handled correctly (by destroying extra reference) 2002-02-26 16:21:48 +00:00
relyea%netscape.com
226cb8ac42 CRL issues: 1) return url when finding and importing CRL's. 
2) fix CERT_ImportCRL so it actually works.

NOTE: Calls of SEC_NewCrl() should verify the signature on the CRL before
importing!.
 2002-02-26 02:02:53 +00:00
javi%netscape.com
045149cbac Fix crash when looking up cert by nickname when the token on which 
the cert is located is not plugged in.

Bug 125611
 2002-02-15 01:50:28 +00:00
ian.mcgreer%sun.com
cf2e1cd363 bug 124309, fix various issues with the cache/temp store and thread safety. Is one line different than the patch on the bug, the one line seemed to fix the reported crash. 2002-02-08 02:51:41 +00:00
relyea%netscape.com
31218c1ff3 Bug 117978: accessor functions to all JCE keystore API to be implemented. 2002-02-03 03:37:26 +00:00
javi%netscape.com
9054da7961 Fix Mac bustage. 2002-02-02 01:20:54 +00:00
ian.mcgreer%sun.com
c124ec770d bug 121628, persistent cache of hardware token certs 2002-02-01 17:25:15 +00:00