Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 03:45:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
129,119 Commits 615 Branches 98 Tags 6 GiB
f4cdda904d
Commit Graph

4848 Commits

Author SHA1 Message Date
nelsonb%netscape.com
8a0ca297e4 Functions NSS_CMSDigestedData_Encode_AfterData and 
NSS_CMSDigestedData_Decode_AfterData
- Since NSS_CMSDigestContext_FinishSingle always destroys the context,
  regardless of whether it returns SECSuccess or SECFailure, these
  functions have been changed to always NULL out the context pointer
  after calling NSS_CMSDigestContext_FinishSingle, regardless of the
  outcome.
Bugscape bug 54208, r=relyea
 2003-12-04 00:35:02 +00:00
nelsonb%netscape.com
d0960c05d3 There is a lot of "cleanup" in this file, wrapping source at 80 columns. 
The relevant fixes for this bug include:
NSS_CMSDigestContext_StartMultiple()
   - make sure that cmsdigcx->digcxs and cmsdigcx->digobjs are initialized.
   - at the "loser" label, be sure to free the digest context itself.
NSS_CMSDigestContext_Cancel()
   - after destroying all the objects, free the arrays of pointers to the
     objects, and the digest context itself.  Previously these items were
     leaked by this function.
NSS_CMSDigestContext_FinishMultiple()
   - ensure that this function ALWAYS destroys all the NSS digest objects,
     and doesn't stop destroying them if it encounters an error.  Note that
     this is a newer revision of an older patch for that problem.
   - always Free the arrays of pointers used in this object.
NSS_CMSDigestContext_FinishSingle()
   - simplify this code.
Bugscape bug 54208, r=relyea
 2003-12-04 00:32:18 +00:00
nelsonb%netscape.com
f6f1a0d2e4 NSS_CMSSignerInfo_Verify() 
- This function is changed to explicitly allow some of its input arguments
  to be NULL.  It will set the verification status in the CMSSignerInfo
  object accordingly.  Since this is the ONLY function that ever sets the
  verification status, it must be able to do so even when problems have
  occurred.
- lots of cleanup of this source code.
Bugscape bug 54208, r=relyea
 2003-12-04 00:29:31 +00:00
nelsonb%netscape.com
874fa3a93d Add null pointer checks to nss_cms_after_end and NSS_CMSEnvelopedData_Decode_AfterData. Bugscape bug 54061. r=wtc,relyea 
Lots of code "cleanup" (reformatting for 80 columns) in cmsdecode.c
 2003-12-04 00:14:24 +00:00
nelsonb%netscape.com
e4d53231f8 Avoid UMRs in dertime.c. Bugscape bug 54198. r=wtc. 2003-12-03 04:03:40 +00:00
jpierre%netscape.com
e6c9ba62d7 Fix for 54061 - null pointer check . r=nelsonb 2003-12-03 02:42:08 +00:00
wchang0222%aol.com
80462e9cb1 Bugscape bug 54021: in CERT_FindSubjectKeyIDExtension, if PORT_NewArena 
fails we should return SECFailure.  Document that the return values of
CERT_GetCommonName and NSS_CMSSignerInfo_GetSignerCommonName must be freed
with PORT_Free.  r=nelsonb.
Modified Files:
	certdb/alg1485.c certdb/cert.h certdb/certv3.c smime/cms.h
	smime/cmssiginfo.c
 2003-12-03 00:09:05 +00:00
dbaron%dbaron.org
d5582721b7 Separate locale version from Mozilla version so we do not have to bump locale version for every release. b=226377 r=kairo, bsmedberg sr=ben a=asa 2003-12-02 23:22:11 +00:00
jpierre%netscape.com
e5c708bb65 Prevent SMIME crash in the opaque signature test. bugscape 54061. r=nelsonb 2003-12-02 05:46:27 +00:00
jpierre%netscape.com
7eef555978 Fix for 54088 . Don't try to encode attributes with no value. r=wtc 2003-12-02 05:05:30 +00:00
nelsonb%netscape.com
02198fd686 Bound stan error stack at 16 error codes to limit growth. 
Bugscape bug 54021. r=wtc.
 2003-12-02 02:05:47 +00:00
wchang0222%aol.com
cb7164249f Reverted to NSPR 4.3 until Sun has NSPR 4.4.1 binary distributions. 2003-11-28 05:41:42 +00:00
nelsonb%netscape.com
785b886515 Detect invalid input buffer lengths, and return error instead of UMR> 
Bugscape bug 54021.  r=wchang0222
 2003-11-27 05:08:20 +00:00
nelsonb%netscape.com
13f3e6fa94 Fix leak in CERT_FindSubjectKeyIDExtension, and use the Quick DER 
decoder.  Bugscape bug 54021.  r=jpierre
 2003-11-27 05:06:20 +00:00
wchang0222%aol.com
1731be9206 Upgraded to NSPR 4.4.1. 2003-11-27 01:43:15 +00:00
nelsonb%netscape.com
931071736c Clean up some arithmetic used for UCS4. Detect when UCS2 and UCS4 
buffers have invalid lengths.  Bugscape bug 54021. r=whang0222, relyea
 2003-11-27 01:08:59 +00:00
wchang0222%aol.com
dcc1fa5880 Bugzilla bug 226861: removed NSS_CMSSignedData_GetDigestByAlgTag, which is 
a duplicate of NSS_CMSSignedData_GetDigestValue.  r=nelsonb.
Modified Files: cms.h cmssigdata.c
 2003-11-26 23:50:02 +00:00
nelsonb%netscape.com
1c7b6a8ea4 In NSS_CMSSignedData_VerifySignerInfo(), test all returned pointers 
for NULL before attempting to dereference them.
Bugscape bug 54057. r=wchang0222
 2003-11-26 22:02:38 +00:00
nelsonb%netscape.com
36fc65a627 Performance enhancement. Detect absurdly large modulae in public keys, 
and don't waste time on them.  Bugscape bug 54019. r=relyea.
 2003-11-26 06:26:31 +00:00
nelsonb%netscape.com
d596531040 Remove an unnecessary and incorrect assert call. 
Bugscape bug 54018. r=jpierre
 2003-11-26 06:16:01 +00:00
nelsonb%netscape.com
8cc8dfcdf3 This patch reduces the scope of many variables in cmsutil's decode function. It frees the signer's CN string after use. 
Bugscape bug 54021.  r=jpierre
 2003-11-25 23:26:39 +00:00
darin%meer.net
2c0d2708f3 fixes bug 226639 "send NegotiateAlwaysSign in NTLM type 1 message to make NetApp/6.3.3 happy" r+sr=bryner a=dbaron 2003-11-25 02:12:41 +00:00
wchang0222%aol.com
86e2d2c45d Bugzilla bug 226470: removed -qarch=com, which is the default for the 
compiler.  r=pkw@us.ibm.com.
 2003-11-24 19:45:18 +00:00
wchang0222%aol.com
034bf93de9 Bugzilla bug 226470: use a C compiler rather than a C++ compiler to compile 
C code.  The patch is contributed by Philip K. Warren <pkw@us.ibm.com>.
 2003-11-22 06:45:50 +00:00
nelsonb%netscape.com
20abf0c0aa Don't invoke PKCS11 with an invalid handle. Bug 226285. 
r=relyea sr=wchang0222
 2003-11-21 22:10:56 +00:00
nelsonb%netscape.com
d3382c6ffe Remove an overreaching constraing on modulus length. Bug 226285. 
r=relyea  sr=wchang0222
 2003-11-21 22:09:27 +00:00
nelsonb%netscape.com
0fa7d0adc8 Implement new "batch mode" (see the -b option). Plug some leaks. 
Facilitates memory leak testing of the SMIME library.
This revision combines the patches for Bugzilla bug 225513 and
Bugscape bug 53775.  r = relyea and wchang0222
 2003-11-20 02:33:18 +00:00
nelsonb%netscape.com
52dffd46a8 Don't accept ASN.1 items whose length is 2GB or more. 
Bugscape bug 53875.  r=wchang0222 and r=relyea.
 2003-11-20 02:08:34 +00:00
nelsonb%netscape.com
67d78ccfb9 Dont attempt to allocate 2GB or more from an arenapool. 
Bugscape bug 53875. r=relyea.
 2003-11-20 02:06:16 +00:00
nelsonb%netscape.com
511a262edc Remove as assertion that is triggered by bad data input, but does not 
indicate a code flaw.  Bugscape bug 53875. r=relyea
 2003-11-20 02:04:07 +00:00
nelsonb%netscape.com
75ca774270 Be sure not to ask NSS to use an invalid PKCS11 mechanism. 
Bugscape bug 53875.  r=relyea.
 2003-11-20 02:00:04 +00:00
nelsonb%netscape.com
b79aed8a42 Plug a leak that occurs when code asks NSS to use an invalid PKCS11 
mechanism.  Bugscape bug 53875.  r=relyea
 2003-11-20 01:59:07 +00:00
darin%meer.net
d7ce33ed84 fix two "might be used uninitialized" warnings from NTLM patch, bug=224653. 2003-11-19 05:00:43 +00:00
nelsonb%netscape.com
eb21d36254 near total rewrite of PK11_ParamFromAlgid to eliminate leaks. 
Partial fix for Bugscape bug 53875.
 2003-11-19 03:23:41 +00:00
wchang0222%aol.com
c7610ca80e Bugzilla bug 222568: fixed a bug introduced in rev. 1.54. 2003-11-19 01:38:26 +00:00
wchang0222%aol.com
604c4a98c3 Turns out that we can use a space to separate directories in a vpath 
directive.  This works cross platform.
 2003-11-19 01:12:31 +00:00
nelsonb%netscape.com
069f394fa8 Fix bugs in the new implementation of URI name constraints. 
Bugzilla Bug 221616.
 2003-11-19 00:56:59 +00:00
wchang0222%aol.com
f2fe58e2e0 Removed the declaration and a comment about PK11_FreeSlotCerts, which was 
deleted in NSS 3.4.
Modified Files: pk11func.h pk11slot.c
 2003-11-19 00:14:04 +00:00
nelsonb%netscape.com
c4ce0736e8 Fix unnecessary assertion failures occuring in SMIME testing in 
debug builds only.  Partial fix for bugscape bug 53775. r=wchang0222
 2003-11-18 06:16:26 +00:00
darin%meer.net
cf0793aa0b revert part of last checkin. 2003-11-18 05:57:28 +00:00
darin%meer.net
a0dd5e04d1 attempting to fix IRIX bustage 2003-11-18 05:56:08 +00:00
wchang0222%aol.com
157dedc0c2 Most platforms use ':' as path separator, but OS/2 uses ';'. So we use 
vpath directivies that specify a single directory to avoid dealing with
path separator.
 2003-11-18 04:04:05 +00:00
darin%meer.net
f142a6ea88 fixes bug 224653 "provide cross-platform NTLM auth implementation" r=kaie sr=bryner 2003-11-18 02:20:34 +00:00
wchang0222%aol.com
c48834ab7e Set NSS version to 3.9 Beta 3. 2003-11-18 00:57:26 +00:00
wchang0222%aol.com
25f92109eb Bugzilla bug 224707: added Linux HPPA support. The patch came from the 
Debian Mozilla package (maintainer is Takuo KITAME <kitame@debian.org>).
 2003-11-16 00:10:16 +00:00
wchang0222%aol.com
9bc7ce19bb Removed an extraneous character (`) after #endif. 2003-11-15 16:16:33 +00:00
wchang0222%aol.com
3569f15993 Removed an extraneous comma (,) at the end of an enum type definition. 2003-11-15 16:15:01 +00:00
nelsonb%netscape.com
e9f81f8499 Detect empty emailAddr strings in CERTCertificate. Bugzilla bug 211540. 2003-11-15 00:15:28 +00:00
nelsonb%netscape.com
b904b47318 Detect empty emailAddr strings in CERTCertificates. Bugzilla bug 211540. 
Modified Files:
    cmd/dbck/dbck.c cmd/signtool/util.c lib/certdb/certdb.c
    lib/certdb/stanpcertdb.c lib/pkcs7/p7decode.c lib/pki/certificate.c
    lib/pki/pki3hack.c lib/smime/cmssiginfo.c lib/softoken/pkcs11u.c
 2003-11-15 00:10:01 +00:00
relyea%netscape.com
a157ed2b26 Fix windows breakage. 2003-11-14 18:06:50 +00:00
relyea%netscape.com
aa736fe5ed Add symkeyutil to the manifest file 2003-11-14 03:27:23 +00:00
relyea%netscape.com
4f0cd96574 New tool to manage fixed keys in the database. 2003-11-14 03:26:47 +00:00
relyea%netscape.com
12bf9a0f9f Changes for symkey support. 2003-11-14 03:25:52 +00:00
wchang0222%aol.com
750ff55aa5 Bugzilla bug 225619: fixed memory leaks. 2003-11-14 01:42:51 +00:00
wchang0222%aol.com
31e5ec1ebe Bugzilla bug 225626: need to allocate PORTArenaPool rather than PLArenaPool 
for the 'arena' member of CERTVerifyLog.  Fixed memory leaks on an error
path.
 2003-11-14 01:41:15 +00:00
wchang0222%aol.com
b1b3012d66 Set JSS version to 3.4.2 Beta 2. 
Modified Files: CryptoManager.java util/jssver.h
 2003-11-14 01:37:04 +00:00
wchang0222%aol.com
c90a594d65 Upgraded to NSS_3_7_9_RTM (from NSS_3_7_8_RTM). 
Modified Files: manifest.mn org/mozilla/jss/CryptoManager.java
 2003-11-13 23:39:46 +00:00
nicolson%netscape.com
c3e4461e42 Fix 225615: memory leak in SSLSocket.socketConnect. 2003-11-13 23:10:13 +00:00
nelsonb%netscape.com
aa085e7956 Fix bugzilla bug 225301. r=jpierre. This patch does the following: 
1. Fixes the Usage message to document the command line options.
2. Changes the "decode" function to
   a) report an error on bad signatures, only when decoding the input file,
      not when decoding an ancillary "enveloped file".
   b) only output the contents of the "detached content" file (-c option)
      when that file's content was actually used in the computation.
3. Sundry other cleanup and added comments.
 2003-11-13 23:03:12 +00:00
wchang0222%aol.com
a5782dcab7 Fixed a comment error. r=relyea. 2003-11-13 16:21:46 +00:00
wchang0222%aol.com
4868d7e8c2 Bugzilla bug 225373: the return value of CERT_NameToAscii must be freed 
with PORT_Free.
Modified Files:
	cmd/lib/secutil.c cmd/selfserv/selfserv.c
	cmd/signver/pk7print.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c lib/certdb/cert.h
 2003-11-13 16:10:45 +00:00
nelsonb%netscape.com
d1e962a746 Workaround race. Reduce leaks. Not a real fix. Bugzilla bug 225525. 2003-11-13 03:41:32 +00:00
wchang0222%aol.com
08e3f5e2fa Bugzilla bug 225259: link NSS dynamic shared libraries with the 
-headerpad_max_install_names option. r=ccarlen, sr=sfraser.
 2003-11-13 01:59:22 +00:00
wchang0222%aol.com
dd7a8790e8 Added a comment to note a question I had while reviewing the code. 2003-11-12 23:25:33 +00:00
nelsonb%netscape.com
1b6811ad2b Eliminate some leaks in Stan cert code. 
Partial fix to bugscape bug 53573.
 2003-11-11 21:46:53 +00:00
nelsonb%netscape.com
019719d8a8 Eliminate a cert leak. Patch is Bob Relyea's. 
Parial fix for Bugscape bug 53573.
 2003-11-11 21:45:48 +00:00
jpierre%netscape.com
c8ebc52544 Fix crash in certutil if usage is omitted 2003-11-11 00:01:32 +00:00
relyea%netscape.com
14c8c093a3 Repair error case for DH code in previous patch. 2003-11-07 16:21:40 +00:00
relyea%netscape.com
8cac9b6d61 Verify Parameters from the user before passing it on to freebl. r=nelson 2003-11-07 03:38:59 +00:00
relyea%netscape.com
4af3118d62 Add defines for DH and RSA key limits 2003-11-07 03:36:33 +00:00
nelsonb%netscape.com
314acd2bb7 Correct the validity checks on certain ASN.1 objects, allowing some that 
were previous disallowed, and vice versa.  Bug 53339.
 2003-11-07 01:41:22 +00:00
nelsonb%netscape.com
87e5cbd19a Fix some bugs in the code that formats OIDs for printing. 
Bugscape bug 53334.
 2003-11-06 02:02:32 +00:00
nelsonb%netscape.com
390b635832 Grow handshake message buffer once per message, not once per each message 
segment received.  Bugscape bug 53418.
 2003-11-05 06:22:57 +00:00
wchang0222%aol.com
d45bb29e40 Set NSS version to 3.9 Beta 2. 2003-11-04 05:52:51 +00:00
nelsonb%netscape.com
0feb5dfd5f Fix numerous errors (mostly off-by-1 errors) in the code that formats 
and prints certs and CRLs.  This code is common to certutil and pp.
Bug 222568  r=nicholson (for this portion).
 2003-11-04 02:16:42 +00:00
nelsonb%netscape.com
bc763436c5 Better cleanup. Plug leaks in pp. bug 222568. r=nicolson (this part). 2003-11-04 01:51:54 +00:00
nelsonb%netscape.com
374349f143 Rename get_oid_string to CERT_GetOidString and export it. Also, export 
CERT_DestroyOidSequence.  bug 222568.  r=jpierre (for this portion).
 2003-11-04 01:48:39 +00:00
brendan%mozilla.org
7809adca33 Fix missing cx param problem (223041, r=caillon, sr=dbaron). 2003-11-03 04:26:55 +00:00
peter%propagandism.org
f9f591a28f Fix for bug 224231 (Need AppendASCIItoUTF16). r=jst, sr=dbaron. 2003-11-01 10:57:41 +00:00
wchang0222%aol.com
1cd3ab9050 Bugzilla bug 223624: fixed the compiler warning that case ecKey is not 
handled in the switch statement.  r=nelsonb.
 2003-11-01 05:17:16 +00:00
nelsonb%netscape.com
afd97d4f96 Remove one unnecessary transition from the SSL3 state machine. 
Reduce the number of reallocations of the SSL3 handshake message buffer.
Bugscape bugs 53287 and 53337
 2003-10-31 07:01:05 +00:00
nelsonb%netscape.com
522e0fe2b8 Enable generation of DES2 keys with mechanism CKM_DES2_KEY_GEN. Bug 201521 2003-10-31 02:33:16 +00:00
nelsonb%netscape.com
a973e0dc48 Correct the code that detects DES2 keys based on their lengths. Bug 201521 2003-10-30 22:31:09 +00:00
jpierre%netscape.com
1a37e6c822 Fix for 223494 - cmsutil signing does not work with hardware tokens. r=wtc, relyea 2003-10-28 02:34:15 +00:00
wchang0222%aol.com
2316ca4f0e Bugzilla bug 223624: declare pk11_FindAttrInTemplate before it is used. 
r=nelsonb.
 2003-10-25 14:10:11 +00:00
wchang0222%aol.com
d5bd3135a1 Bugzilla bug 223624: use PR_MAX to avoid redefining MAX, a macro commonly 
defined in system headers. r=nelsonb.
 2003-10-25 14:08:31 +00:00
wchang0222%aol.com
76cb52bad5 Bugzilla bug 223624: removed an extraneous format string for fprintf. 
r=nelsonb.
 2003-10-25 14:05:08 +00:00
wchang0222%aol.com
8cfbd7293c Bugzilla bug 223624: node->error is a 'long', so it should match a %ld 
format.  r=nelsonb.
 2003-10-25 14:01:43 +00:00
jpierre%netscape.com
4d26e30240 Initialize crlHandle . r=wtc 2003-10-25 00:41:14 +00:00
nelsonb%netscape.com
1ce0f542ee Require DES, DES2 and DES3 keys to have correct length in all cases. 
Expand DES2 keys to be DES3 keys when used with DES3 mechanisms.
Bug 201521.
 2003-10-25 00:12:34 +00:00
wchang0222%aol.com
4bab03c0f6 Bugzilla bug 173715: fixed a crash in OCSP. We incorrectly assumed that 
'addr' was the last IP address of the host when PR_EnumerateHostEnt
returned 0 and attempted to connect to 'addr', resulting in an assertion
failure in PR_Connect. The fix is to not use 'addr' when
PR_EnumerateHostEnt returns 0.  r=relyea.
 2003-10-24 17:17:37 +00:00
wchang0222%aol.com
e4c6ee1dbb Removed the nonexistent directory 'rngtest' from DIRS. 2003-10-24 06:22:58 +00:00
wchang0222%aol.com
6dac9765c9 Removed nonexistent directory "crypto" from DIRS. 2003-10-24 05:29:08 +00:00
wchang0222%aol.com
ee1dc4bffd Bugzilla bug 223427: added a note section so that the linker knows we're 
not executing off the stack.  This patch is received from Christopher
Blizzard of Red Hat <blizzard@redhat.com>.
 2003-10-24 04:47:23 +00:00
nicolson%netscape.com
975c6d1b52 try forcing the bourne shell to execute the command line. 2003-10-23 22:01:55 +00:00
bryner%brianryner.com
605cc06382 deCOMtaminate nsIDocument by changing methods to use return value instead of out-params, eliminating unused nsresult return values, moving some members to nsIDocument and inlining the getters/setters. Bug 222134, r=bzbarsky, sr=jst. 2003-10-22 06:09:48 +00:00
nicolson%netscape.com
2d8d587276 more debugging info. 2003-10-22 04:08:17 +00:00
wchang0222%aol.com
4327068745 Bugzilla bug 222065: fixed a bug (inside #ifdef WINNT) introduced in the 
previous checkin.
 2003-10-22 01:00:10 +00:00
caillon%returnzero.com
66caced69a Re-land patch for bug 83536, merging principal objects. 
Also includes fixes from bug 216041.
r=bzbarsky
sr=jst
 2003-10-21 22:11:49 +00:00
bishakhabanerjee%netscape.com
b5a0a53d62 NIST PKITS tests:first checkin, without CRLS:bug 177398:six sections implemented 2003-10-21 21:35:04 +00:00
bienvenu%nventure.com
1227476783 fix 221329 add ability to add root certs from autoconfig js, r=misterSSL@aol.com, sr=sspitzer 2003-10-20 15:00:17 +00:00
nelsonb%netscape.com
b6e5abc24b Add new -N option, which completely suppresses the initialization and use 
of the SSL server session ID cache.  Used to test the fix for bug 222726.
 2003-10-19 05:18:11 +00:00
nelsonb%netscape.com
0aaf7a10b3 Put the NSS 3.9 block back in ASCII sorting order, AGAIN. 2003-10-19 04:41:20 +00:00
nelsonb%netscape.com
9413aae7aa When the SSL_NO_CACHE option is set on an SSL server socket, don't touch 
the server session cache AT ALL.  Bug 222726
 2003-10-19 01:55:50 +00:00
nelsonb%netscape.com
6436ed5ab3 Declare SSL_NO_STEP_DOWN option. Partial fix to bug 148452. 2003-10-19 01:31:41 +00:00
nelsonb%netscape.com
47dc9b03e8 SSL_ShutdownServerSessionIDCache no longer leaks the cache memory. 
Bug 222065. r=wchang0222
 2003-10-19 01:25:10 +00:00
kairo%kairo.at
7b21e2d4eb bug 154927 - automate localeVersion updates based on milestone.txt - we'll now create all those files during compile time from .in files, r=leaf, sr=bz 2003-10-18 17:54:07 +00:00
relyea%netscape.com
e07da99055 221067 NSS needs to be able to create token symkeys from unwrap and derive. 2003-10-18 00:38:04 +00:00
nelsonb%netscape.com
02bc947b35 Detect buffer overruns caused by flawed application-supplied callbacks, 
and avoid crashing due to them.  Bugscape bug 52528. r=wchang
 2003-10-17 21:12:13 +00:00
relyea%netscape.com
5eeaac60fc Incorporate WTC's review comments.. 2003-10-17 17:56:56 +00:00
ian.mcgreer%sun.com
a3fb7ce4e9 missed SSL ECC test files in last checkin 2003-10-17 14:10:18 +00:00
ian.mcgreer%sun.com
5c2c5888f9 ECC code landing. 
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
 2003-10-17 13:45:42 +00:00
nelsonb%netscape.com
525a14b3ed Put the NSS 3.9 block in ASCII sorting order. 2003-10-17 05:45:19 +00:00
relyea%netscape.com
952d217499 Bug 156770 When we do a file import and give a bad password we get wrong errors back 
When we fail to decode based on a bad password, don't continue.

So once we've tried failed to decode a ANS.1 stream, don't continue collecting
more data.

On microsoft.pfx files, we would wind up decoding to the end of the encrypted
stream, then fail in the padding in PKCS #7. This code bypasses this problem by
making sure we don't continue to try to decode data once we've hit a bad
password failure.
 2003-10-16 23:49:15 +00:00
nicolson%netscape.com
01b4508c5d More debugging information. 2003-10-16 22:17:00 +00:00
timeless%mozdev.org
e552a95d25 Bug 220106 @mozilla.org/security/nsCertTree;1 doesn't null check mTreeArray 
r=kaie sr=bz
 2003-10-16 15:33:56 +00:00
timeless%mozdev.org
b9a02f9962 Bug 220230 Change PSM preferences windows behaviour to be more consistent with the rest of the Preference windows 
patch by borggraefe@despammed.com r=kaie sr=bienvenu
 2003-10-16 15:26:28 +00:00
nicolson%netscape.com
03573a14f2 Try * instead of . to get zip to grab all the contents of a directory. 2003-10-16 03:28:19 +00:00
jpierre%netscape.com
8963533a51 Fix for bug 222180 . remove redundant code 2003-10-15 01:40:10 +00:00
jpierre%netscape.com
4efbc18260 Fix for bug 222180 . Change to quick decoder . r=wtc 2003-10-15 01:34:22 +00:00
nelsonb%netscape.com
5251bce355 Eliminate redundant function declarations. Bug 208854. r=wchang0222 2003-10-14 17:44:33 +00:00
relyea%netscape.com
be2e372c47 Fix tinderbox breakage 2003-10-12 22:55:09 +00:00
nicolson%netscape.com
510c723d9d Try to get zip working properly on the Windows build machines. 2003-10-12 20:21:04 +00:00
nelsonb%netscape.com
886718db18 Correctly handle a NULL moduleSpecList. Bug 220217. 2003-10-11 01:49:24 +00:00
nelsonb%netscape.com
159d38edba This file has been dead code since NSS 3.4 released, if not sooner. 2003-10-11 01:10:51 +00:00
jpierre%netscape.com
f2e03876cf Fix for bug 221743 - incorrect certificate usage macro 2003-10-10 23:22:31 +00:00
relyea%netscape.com
40c2250bfc Bug 191467 
Multipart signing and verifying broken for several mechanisms in softoken
Reporter:   	Andreas.Sterbenz@sun.com (Andreas Sterbenz)
sr=nelsonb
 2003-10-10 15:32:26 +00:00
relyea%netscape.com
df0d80f9a5 Bug 203866 
Make unloaded modules visible for administrative purposes.
sr=wtc r=nelson
 2003-10-10 15:29:43 +00:00
relyea%netscape.com
e64bfbce5e Bug 203866. Make unloaded modules visible for administrative purposes. 
sr=wtc r=nelson
 2003-10-10 15:26:23 +00:00
nicolson%netscape.com
d87d5b77b6 Change ';' to '&&' so the command fails if any of the subcommands fails. 
Print out the return value of the command.
This is to debug a problem where the zip file is not being created on windows.
 2003-10-09 22:39:54 +00:00
relyea%netscape.com
115f203647 fix bug 203450 
jarevil.c:345: warning: implicit declaration of function \
  `__CERT_AddTempCertToPerm'

Obviously missing a declaration somewhere.

r=jpierr, wtc
 2003-10-09 22:17:04 +00:00
jpierre%netscape.com
7f696b676c Fix for bug 55898 - print name of certificate causing failure in certutil . r=wtc 2003-10-08 01:00:37 +00:00
nelsonb%netscape.com
810ec798b2 Eliminate one of several redundant OID table lookups. Bug 207033. 2003-10-07 17:19:55 +00:00
nelsonb%netscape.com
8464dc0bb6 Eliminate unnecessary copying of CA names in HandleCertRequest. 
Bug 204686.
 2003-10-07 02:24:01 +00:00
nelsonb%netscape.com
655adbd496 The "valid CA" trust flag now overrides other CA cert checks. 
Works for SSL client as well as other usages.  Bug 200225
 2003-10-07 02:17:56 +00:00
nelsonb%netscape.com
0cd1f0b182 Export new function PK11_ExportEncryptedPrivKeyInfo. Bug 207033. 2003-10-07 01:29:32 +00:00
nelsonb%netscape.com
a1a6a4697c Create new function SECKEYEncryptedPrivateKeyInfo which is just like 
SECKEYEncryptedPrivateKeyInfo except that it identifies the private
key by a private key pointer, rather than by a certificate. Bug 207033.
 2003-10-07 01:26:38 +00:00
nelsonb%netscape.com
8dd13ab659 Make tstclnt work with IPv6 addresses. Bug 161610. 2003-10-06 23:50:11 +00:00
nelsonb%netscape.com
7fab02474b Check for presence of secmod.db file prior to acting on it, for all 
cases except "multiaccess:".  Bug 220217. r=relyea
 2003-10-06 23:33:03 +00:00
nelsonb%netscape.com
96f28b4691 Detect Zero length certs and zero length CA names. Bug 204686. 
Also, eliminate unnecessary copying of incoming certs.
 2003-10-03 02:01:18 +00:00
wtc%netscape.com
9bb8114b44 Bug 220963: need to handle the possibility that symKey may be NULL before 
dereferencing it.
 2003-10-01 23:01:46 +00:00
jpierre%netscape.com
60c78ee111 Fix for bug 141882 - convert email query keys to lowercase when searching . r=wtc 2003-09-30 02:33:40 +00:00
jpierre%netscape.com
347ed6b99f Fix for bug 94413 - OCSP needs more fine tuned error messages. r=wtc 2003-09-30 01:18:55 +00:00
bryner%brianryner.com
b74d8438f9 Updating my email address 2003-09-29 06:04:02 +00:00
nelsonb%netscape.com
4b6b1fdf59 Move a brace so vi will find the beginning of the function. 2003-09-27 01:45:35 +00:00
jpierre%netscape.com
79d90909dc Fix for bug 219539 - support GeneralizedTime in NSS tools 2003-09-27 00:01:45 +00:00
jpierre%netscape.com
e608b7e0f4 Fix for bug 219539 - support GeneralizedTime in NSS tools 2003-09-26 06:18:40 +00:00
nelsonb%netscape.com
3ec40f0ab7 Don't use windowed exponentiation for small public exponents. 
Speeds up public key operations.  Path contributed by
    Sheueling Chang Shantz <sheueling.chang@sun.com>,
    Stephen Fung <stephen.fung@sun.com>, and
    Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
 2003-09-26 02:15:12 +00:00
nelsonb%netscape.com
cff36272e2 Correct an inaccurate log message. 2003-09-25 21:40:02 +00:00
jpierre%netscape.com
ec42f9469e Fix typo 2003-09-25 00:25:06 +00:00
wtc%netscape.com
7124399198 Bugzilla bug 216117: added a TokenProxy member to the PK11Cert class to 
store the slot pointer for the certificate *instance*.  This slot pointer
is not necessarily cert->slot.  Try to get the correct slot pointer for a
cert instance where possible.  This patch helps us handle multiple
instances of the same cert better.
Modified Files:
	PK11Finder.c pkcs11/PK11Cert.c pkcs11/PK11Cert.java
	pkcs11/PK11InternalCert.java pkcs11/PK11InternalTokenCert.java
	pkcs11/PK11Store.c pkcs11/PK11Token.c
	pkcs11/PK11TokenCert.java pkcs11/pk11util.h
	provider/java/security/JSSKeyStoreSpi.c ssl/SSLServerSocket.c
	ssl/callbacks.c ssl/common.c ssl/jssl.h util/java_ids.h
 2003-09-24 22:20:15 +00:00
nelsonb%netscape.com
7bff061d97 Fix usage message to list all commands. Also, fix a few lines of 
code that did not follow the file's convention for indentation.
Bug 203870.
 2003-09-24 21:49:49 +00:00
wtc%netscape.com
9c91edd706 Bugzilla bug 220209: fixed a cert reference leak in 
JSSL_CallCertSelectionCallback if the PK11_FindKeyByAnyCert call fails.
 2003-09-24 21:07:17 +00:00
wtc%netscape.com
d4c0e6f2e4 Deleted unused code. 2003-09-23 22:56:46 +00:00
wtc%netscape.com
72601483e7 Set JSS version to 3.4.2 Beta 1. 
Modified Files: CryptoManager.java util/jssver.h
 2003-09-23 20:57:15 +00:00
nelsonb%netscape.com
b1d1bb21fa Fix bug 204549. Properly handle memory allocation failures. 2003-09-23 20:47:43 +00:00
wtc%netscape.com
3a76d91edd Bugzilla bug 204549: find_objects_by_template was not setting *statusOpt 
before one return statement.  r=nelsonb.
 2003-09-23 20:34:15 +00:00
nelsonb%netscape.com
aeaa70ccff Correctly compute certificate fingerprints. Bug 220016. 2003-09-23 02:05:47 +00:00
jpierre%netscape.com
945c4207d2 Fix for 215182 - certutil prints incorrect nickname. r=wtc 2003-09-23 00:10:54 +00:00
wtc%netscape.com
c1499f4a08 Bugzilla bug 219756: fixed a CERTCertificate reference leak. 2003-09-20 00:27:30 +00:00
wtc%netscape.com
95dc921cc9 Bugzilla bug 219713: fixed build bustage on all Unix platforms. We need 
to export CERT_TimeChoiceTemplate as data for Unix.
 2003-09-19 18:00:48 +00:00
jpierre%netscape.com
1b89629c4e Fix for 219082 - support GeneralizedTime in PKCS#7 signatures. r=nelsonb, sr=wtc 2003-09-19 04:16:19 +00:00
jpierre%netscape.com
a1dfac9b48 Fix for 219524 - support GeneralizedTime in S/MIME v3 signatures. r=wtc, sr=nelsonb 2003-09-19 04:14:50 +00:00
jpierre%netscape.com
7d744437c3 Fix for bug 143334 : add support for GeneralizedTime in certificates and CRLs. r=wtc,nelsonb 2003-09-19 04:08:51 +00:00
jpierre%netscape.com
ac38bd8aeb Fix for 215214 - make certutil show all instances of certs . r=wtc 2003-09-18 02:00:32 +00:00
wtc%netscape.com
b58d136a9c The isOnList function is now unused. 2003-09-18 01:28:52 +00:00
jpierre%netscape.com
81db50ddf4 Fix for bug 215186 - add missing options to PK11_ListCerts . r=wtc 2003-09-18 00:22:18 +00:00
wtc%netscape.com
faed1206fb Bugzilla bug 124958: added support for pthreads on OpenBSD. The patch is 
contributed by Mats Palmgren <mats.palmgren@bredband.net>. r=wtc.
 2003-09-16 20:50:50 +00:00
wtc%netscape.com
18f7cab3ff When calling windres, use a temp file to work around resource issues. 
Bugzilla bug #213281. The patch is contributed by cls@seawood.org. r=wtc
 2003-09-15 20:34:55 +00:00
jpierre%netscape.com
58f736296d Add comment in the header for PK11_FindSlotsByAliases 2003-09-12 22:11:31 +00:00
wtc%netscape.com
eb363f3753 Bugzilla bug 215152: removed redundant pointer tests. Use 
SEC_ERROR_LIBRARY_FAILURE for NSS internal errors.
 2003-09-12 20:01:56 +00:00
wtc%netscape.com
f56dde49b6 Bugzilla bug 217247: improved the memory leak fix for the appData nicknames 
returned by PK11_ListCerts.  Instead of allocating them from the heap first
and copying to the arena, allocate them from the arena directly.  r=jpierre
Modified Files: certhigh.c pk11cert.c pki3hack.h pki3hack.c
 2003-09-12 19:38:04 +00:00
wtc%netscape.com
ecf1666d78 Bugzilla bug 214535: fixed a recursive dead lock on cache->lock. We must 
not call nssSlot_IsTokenPresent while cache->lock is locked because
that function may call nssToken_Remove, which locks cache->lock.  r=mcgreer
 2003-09-12 19:17:15 +00:00
darin%meer.net
f4a8778d0b landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner 2003-09-11 20:32:33 +00:00
wtc%netscape.com
ce762d3244 Bugzilla bug 215581: build with GCC 3.2.2 for OS/2. The patch is 
contributed by Javier Pedemonte <pedemont@us.ibm.com>.  r=jpierre.
 2003-09-11 20:29:51 +00:00
wtc%netscape.com
01452fc2bd Bugzilla bug 214824: use -no-cpp-precomp instead of -traditional-cpp, which 
has changed to mean a different thing (the standard GCC meaning, rather
than Apple's earlier hacks).  The patch is contributed by Brian Ryner
<bryner@brianryner.com>.
 2003-09-11 18:41:22 +00:00
timeless%mozdev.org
7584920b89 Bug 211291 void nsCertTree::InitCompareHash doesn't check the return value of PL_DHashTableInit 
r=kaie sr=bz
 2003-09-11 01:59:21 +00:00
wtc%netscape.com
8b5794a66c Bugzilla bug 208971: remove obsolete Mac CFM build files from NSS. 2003-09-11 00:04:38 +00:00
wtc%netscape.com
ab28bc253c Bugzilla bug 208971: removed obsolete Mac CFM build files from NSS. 2003-09-11 00:01:07 +00:00
jpierre%netscape.com
763808f28e Fix for 215152 - better error handling 2003-09-10 01:33:25 +00:00
jpierre%netscape.com
568a561eeb Fix for bug 215152 . Improve error handling in PK11_FindSlotsByAliases 2003-09-10 01:31:54 +00:00
nelsonb%netscape.com
1eb6b9c682 Further enhance the verbose debugging command line option in tstclnt 
for the case where client auth is requested by the server.  It will
now report the name of the cert sent to the server, or "send no cert".
 2003-09-09 20:22:54 +00:00
jpierre%netscape.com
8af297a802 Prevent crash if certlist is NULL 2003-09-09 00:54:20 +00:00
jpierre%netscape.com
bebd4ca8a9 Fix bug 214307 - add certutil batch mode . r=wtc 2003-09-08 23:30:29 +00:00
jpierre%netscape.com
ff3aebe85f Add PORT_Strpbrk macro 2003-09-08 23:29:14 +00:00
bryner%brianryner.com
377bfd51dd Fix build on gcc 3.4 by removing extra semicolons (bug 218551). r/sr=dbaron, a=brendan. 2003-09-08 00:18:24 +00:00
jpierre%netscape.com
f886a5b696 Fix for bug 72291 . resolve memory leak on nicknames . r=relyea 2003-09-05 00:15:52 +00:00
jpierre%netscape.com
61d58e111a Remove erroneous assertions 2003-09-03 23:52:01 +00:00
jpierre%netscape.com
3bc888cc5f Fix for bug 215152 . Export PK11_FindSlotsByAliases. r=relyea 2003-09-03 22:55:10 +00:00
jpierre%netscape.com
509dede7ea Add PK11_FindSlotsByAliases function . r=relyea 2003-09-03 22:48:20 +00:00
jpierre%netscape.com
4ee83fcf13 Fix for 216701 - verify CRLs with cert verification date rather than CRL lastupdate date 2003-08-30 01:07:21 +00:00
wtc%netscape.com
4f4355b894 Bugzilla bug 214674: made the Linux implementation of sslMutex really work. 
They were no-ops in multiprocess mode before.  The patch is Nelson
Bolyard's.  r=wtc.
 2003-08-28 22:23:59 +00:00
wtc%netscape.com
ba1b555580 Bugzilla bug 217504: 1. Do not use -lsvld on recent AIX releases. 
2. Specify the standard AIX libpath, otherwise the directories we pass to
the -L linker flags get added to the libpath.  3. Support building on AIX
5.2.  The patch is contributed by Philip K. Warren <pkw@us.ibm.com>. r=wtc.
Modified Files: AIX.mk AIX4.2.mk AIX4.3.mk AIX5.1.mk
Added Files: AIX5.2.mk
 2003-08-28 00:15:43 +00:00
jpierre%netscape.com
9260c97765 Fix for 214201. remove unused variable 2003-08-27 01:47:57 +00:00
wtc%netscape.com
061f92769b Bugzilla bug 216693: use "." instead of "org" to specify the list for zip. 2003-08-27 01:13:06 +00:00
wtc%netscape.com
797bd4d0ea Import NSS_3_7_8_RTM. 2003-08-27 01:01:59 +00:00
nicolson%netscape.com
ec0fcca998 Update JSS to version 3.4.1. 2003-08-27 00:08:43 +00:00
wtc%netscape.com
b881a9a0c6 Bugzilla bug 72291: have PK11_ListCerts return all the cert instances on 
tokens.  The patch is Julien Pierre's, with changes by Wan-Teh Chang.
Modified Files: pk11wrap/pk11cert.c pki/pki3hack.c pki/pki3hack.h
 2003-08-25 19:18:02 +00:00
wtc%netscape.com
408be85418 Bugzilla bug 209827: disable optimization to work around what appears to 
be a VACPP optimizer bug.
 2003-08-22 22:34:07 +00:00
jpierre%netscape.com
ad699539d3 Fix for bug 216944 - CERT_VerifyCertificate optimizations issues . r= wtc 2003-08-22 18:47:07 +00:00
caillon%returnzero.com
f8e8aed8a7 Backing out the patch to bug 83536. 
I will reland this when 1.6a re-opens.
r+sr=jst@netscape.com
a=chofmann
 2003-08-22 03:06:53 +00:00
wtc%netscape.com
38be9d9331 Bugzilla bug 216693: running make in mozilla/security/jss should build the 
class jar file.
Modified Files: rules.mk build_java.pl
 2003-08-19 20:08:33 +00:00
cls%seawood.org
1b51ba858c Set MODULE in makefiles at the top of a heirarchy so that module-deps lists are more precise and builds will have the proper order if some subdirs contain other modules. 2003-08-16 00:42:35 +00:00
wtc%netscape.com
ca9de7e2fa Bugscape bug 50033: make the KeyType class public and force it to load 
during CryptoManager.initialize(), before we add JSS as a provider.  The
KeyType class was failing to load properly, because its static initializers
force the class load of KeyWrapAlgorithm, whose signature needed to be
verified, which invoked JSS's signature provider, which accessed KeyType.
Basically, installing JSS as the default signature provider before its
classes have loaded creates a possibility of circular dependencies in class
initialization.  The patch is due to Jamie Nicolson.  r=wtc.
Modified Files: CryptoManager.java pkcs11/KeyType.java
 2003-08-15 01:00:35 +00:00
wtc%netscape.com
4520771cc7 Fix from Ian to address Bugzilla bug 202179. 
The fix restores some old code that was removed as part of our
performance work (Bugzilla bug 145322).  Thus, there may be a
slight performance hit, but obviously, we need to have correct
code first.

This is a part of the code I really don't like.  To summarize,
there was a hack put in a long time ago to make sure that the
PKCS#11 session in which the SSL keys are generated was never
closed until the last key was deleted.  This only worked by chance,
and if any part of the code was changed (as was the case here), this
unstable equilibrium would be lost.  As with all hacks, it wasn't
really documented, so the problem escaped our notice.  As a result of
putting the hack back in, we're going back to the horribly wasteful
operation of opening 4 sessions and immediately closing them.  I intend
to have a proper solution in a later release.
 2003-08-12 18:21:55 +00:00
neil%parkwaycc.co.uk
268983f1b3 Bug 211695 Fix bugs in nsCertTree.cpp r=varga sr=alecf moa=kaie a=asa 2003-08-12 11:20:50 +00:00
kairo%kairo.at
5cbc82d1b5 bug 214207 - update localeVersion for 1.5b - rs=blizzard, a=asa 2003-08-11 11:31:24 +00:00
wtc%netscape.com
5d4cb72997 Deleted useless local variable 'arena' in cert_ImportCAChain. 2003-08-08 23:15:50 +00:00
wtc%netscape.com
1d0969818d Bugscape bug 49314: code cleanup. Throw InvalidKeyException directly 
instead of NoSuchAlgorithmException.
 2003-08-07 21:45:35 +00:00
glen.beasley%sun.com
f0a3999250 215190 delete CA created certs 2003-08-07 00:34:32 +00:00
brendan%mozilla.org
b7cdb7debb Add shared DHashTableOps for [const] char *key use-cases, clean up dhash API abusages (214839, r=dougt, sr=dbaron). 2003-08-05 20:09:21 +00:00
nicolson%netscape.com
75d97a0079 Convert public key to JSS public key. 2003-08-05 18:54:49 +00:00
wtc%netscape.com
f4184b8ca1 Bugzilla bug 214695: fixed incorrect use of PR_AtomicDecrement on reference 
counts.  The reference count should not be read "naked".  Instead, we
should simply use the return value of PR_AtomicDecrement for the result of
the decrement.
Modified Files: dev/devmod.c dev/devslot.c dev/devtoken.c pki/certificate.c
pki/pkibase.c
 2003-08-01 02:02:47 +00:00
nelsonb%netscape.com
e7297b0a76 Fix bug 213084. Detect when cert in signature cannot be imported. 
Detect NULL pointer, don't crash.
 2003-07-31 00:16:27 +00:00
bishakhabanerjee%netscape.com
670906f939 Bug 213903: removing unused variables 'delold', 'save', 'entry' 2003-07-28 22:55:16 +00:00
bishakhabanerjee%netscape.com
0a15715c3b Bug 213902 : removing unused variable "next" in "cert_DecodeNameConstraintSubTree" 2003-07-28 21:53:16 +00:00
bzbarsky%mit.edu
5fa37ec6f3 DeCOMify GetParent/GetBindingParent/GetDocument on nsIContent. Bug 213823, 
r+sr=jst
 2003-07-28 21:35:53 +00:00
glen.beasley%sun.com
6ded2b6eb3 remove no longer used include blapi.h 2003-07-24 23:01:08 +00:00
caillon%returnzero.com
91b7c60bee Bug 83536. 
Merge script principal implementations into one class.
Should reduce footprint, speed up calls to caps a little bit, and fixes several memory leaks.
Also fixes bugs 211174 and 211263
r=jst@netscape.com
sr=bzbarsky@mit.edu
moa=mstoltz@netscape.com (he looked at an earlier patch and said it looked fine, and will do a retroactive review when he returns from vacation as well)
 2003-07-24 05:15:20 +00:00
jpierre%netscape.com
ca7885b3d5 Allow freebl to build correctly under MS VC++ .net 2003 . sr=nelsonb 2003-07-22 02:04:57 +00:00
wtc%netscape.com
bf5f3a80fb Bugzilla bug 213192: take the first two components of $(OS_RELEASE) the 
right way.  The basename function that we were using only works when
$(OS_RELEASE) has exactly three components.  The patch is contributed by
Ed Catmur <ed@catmur.co.uk>.  r=wtc.
 2003-07-21 23:40:51 +00:00
wtc%netscape.com
9675ae3dea Bugzilla bug 211350: support IRIX Alpha releases, whose 'uname -r' output 
contains "-ALPHA...".
 2003-07-21 18:51:08 +00:00
jaggernaut%netscape.com
83c571e877 Bug 25886: Get rid of a bunch of unused NS_DEFINE_IID, NS_DEFINE_CID. r=caillon, sr=dbaron 2003-07-20 07:47:59 +00:00
wtc%netscape.com
59bef8e5ab Bugzilla bug 212797: added Linux2.6.mk so that we can build on Linux 2.6 
kernels.
 2003-07-19 21:21:50 +00:00
wtc%netscape.com
c5f5509f3f Bugzilla bug 213158: fixed the misspelling of "attach". The patch is 
contributed by Pierre Chanial <chanial@noos.fr>.
Modified Files: pk11slot.c secmodt.h
 2003-07-19 20:49:35 +00:00
jaggernaut%netscape.com
2d7ed90a69 Bug 73353: clean up MODULE/REQUIRES story. r=cls, sr=bryner 2003-07-13 22:29:00 +00:00
scott%scott-macgregor.org
20c4cde927 change the doctype from window to dialog. Thanks to Christian Biesinger for pointing that out. 
r/sr=mscott
 2003-07-12 03:31:16 +00:00
scott%scott-macgregor.org
2a9620c300 Bug #212459 --> Give the certificate manager a face lift. Add a 5 pixel border around the tabbox, 
add an ok button which can be used to dismiss the window, inherit the ok/help buttons from the dialog
overlay.

Add spacing between the tree control and the edit / delete buttons underneath the tree control.

r=kaie
sr=sspitzer
 2003-07-12 00:36:01 +00:00
wtc%netscape.com
40490b50de Backed out Bob Relyea's workaround for the deadlock in rev. 1.15. The 
correct fix is in rev. 1.36 of tdcache.c (see Bugzilla bug 212112).
 2003-07-11 21:52:04 +00:00
nicolson%netscape.com
9eaa5fbd47 Remove dependency on secrng.h. We don't need it. 2003-07-11 18:13:26 +00:00
nelsonb%netscape.com
20f4c61bd1 Restore sslreq.txt to text form, where it will have different line 
endings on unix, than on windows or on Mac.
 2003-07-11 04:14:24 +00:00
nelsonb%netscape.com
f23e6eb763 Test with the new file sslreq.dat rather than the old file sslreq.txt. 2003-07-11 04:05:12 +00:00
nelsonb%netscape.com
886c06287a This is sslreq.txt with a different file name, to clearly show that 
this file is to be treated as a binary file, not as text.
 2003-07-11 03:55:55 +00:00
wtc%netscape.com
788ad0837b Bug 212112: we don't need to lock td->cache->lock while calling 
STAN_ForceCERTCertificateUpdate.  This fixed a recursive deadlock.
r=mcgreer.
 2003-07-10 01:24:17 +00:00
nelsonb%netscape.com
0545cae9b8 Change cert_GetCertificateEmailAddresses to return NULL rather than 
a pointer to an empty string when a cert has no email addresses.
Partial fix for bug 211540.  Modified certdb/alg1485.c
 2003-07-09 04:14:23 +00:00
wtc%netscape.com
04e80d83ca Bug 212004: in CERT_IsUserCert we should test for a null cert->trust and 
treat it as no trust.  r=nelsonb.
 2003-07-09 04:12:16 +00:00
nelsonb%netscape.com
6228d8c075 Export SEC_DupCRL and declare it in certdb.h. Bug 208194. 
Modified Files:	nss/nss.def certdb/certdb.h
 2003-07-09 04:00:48 +00:00
wtc%netscape.com
485a88c60e Bug 211384: fixed the bug that importing a CRL that already exists in the 
DB causes NSS_Shutdown to fail.  Two files were changed.  1. crl.c: we
should not obtain a slot reference because PK11_FindCrlByName already
obtained a slot reference.  2. pk11cert.c: cleaned up code and fixed a slot
reference leak if the SECITEM_AllocItem call fails.  r=nelsonb.
 2003-07-08 18:41:28 +00:00
wtc%netscape.com
b290411a4b Re-enabled the fix for bug 208177. 2003-07-08 18:11:24 +00:00
kaie%netscape.com
26fcd4cf0b b=210948 Some file dialogs have harcoded filter description 
patch from Vincent B�ron
r=kaie sr=brendan
 2003-07-08 14:46:21 +00:00
kaie%netscape.com
e97cef79b0 b=195574 SSL extremely flaky if Ask for Master Password is 'Every time' 
r=darin sr=brendan
 2003-07-08 14:41:02 +00:00
bishakhabanerjee%netscape.com
6a76698c4e patch to correct false failure reporting - bug 167825 2003-07-03 17:50:18 +00:00
nelsonb%netscape.com
c93f000588 Add missing declaration of NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate 2003-07-03 07:04:30 +00:00
nelsonb%netscape.com
c636fad8e7 Fix bug 211049. Another issue with empty pointer lists from group 
decodings.  Patch by Wan-Teh Chang <wtc@netscape.com>.
 2003-07-01 01:16:57 +00:00
nelsonb%netscape.com
99c2efd227 Change the function definitions in dev so that the ctags program will 
produce valid tags from these sources.
 2003-07-01 00:32:22 +00:00
wtc%netscape.com
083003b9a2 Bug 210660: backed out the main change in the fix for bug 145322 because 
the adoption of session is not thread safe.  This eliminates most of the
saving of sessions, but we must be correct first, and then optimize.
r=nicolson,nelsonb.
Modified Files: pk11func.h pk11skey.c
 2003-06-27 22:28:50 +00:00
nelsonb%netscape.com
c27a303c8d Fix several bugs reported in bug 210707. 
Change loops over RDNs and AVAs to detect NULL pointers.
Change list of attribute type "keywords" to match RFCs and internet
drafts.
Quote attribute values strings that contain adjacent embedded blanks.
Don't quote hex string values.
Always use hex string values when type OID is unrecognized.
 2003-06-27 00:33:05 +00:00
nelsonb%netscape.com
7c5e03d5f4 Move the declaration for CERT_CompareNameSpace from cert.h to genname.h 
because it is a private function.  Change the interface for this
function so that it returns a SECStatus, unambiguously indicating the
success or failure of the name constraints test.  The function no
longer takes a list of cert subject names, instead, it takes a list
of cert pointers, and optionally outputs one of those pointers when
an error occurs.  This eliminates a cert reference leak.
 2003-06-26 01:56:34 +00:00
nelsonb%netscape.com
7665e37260 This patch extracts rfc822 names from a cert's distinguished name at the 
time when the list of cert names is being built and builds a GeneralName
out of it, just as if the rfc822 name had come from a subject alt name
extension. This way, no special handling is needed of either directory
names or rfc822 names in the name constraints code.  The special "phase 1"
loop in cert_CompareNameWithConstraints disappears compmletely.  And all
the cases in the (former phase 2) loop can now simply assert that the
name's type matches the constraint's type exactly.

This patch also factors out the code that creates new CERTGeneralNames and
that copies a single CERTGeneralName into new separate functions.  This
eliminates a lot of duplicated code whose correctness required lengthy
inspection.  Now these primitive operations are centralized.
 2003-06-26 01:25:10 +00:00
bishakhabanerjee%netscape.com
ef5d950b09 enabling log scraping in header instead 2003-06-25 21:57:21 +00:00