relyea%netscape.com
24adc2754c
close hole in trust lookups.
2002-08-27 23:38:29 +00:00
relyea%netscape.com
675de20876
Roll the version number forward
2002-08-27 23:32:31 +00:00
relyea%netscape.com
6abad730cc
Roll the version number forward.
2002-08-27 23:29:36 +00:00
glen.beasley%sun.com
70ab9c67cb
163762 verify cert test example
2002-08-27 21:50:44 +00:00
glen.beasley%sun.com
cb0a78f863
163762 make OCSP responder configurable at runtime
2002-08-27 21:46:13 +00:00
relyea%netscape.com
2b952c4a99
use correct issuer/SN for beTRUSTed -- Entrust
2002-08-27 20:57:48 +00:00
relyea%netscape.com
286095b7a0
beTRUSTed, RSA, GeoTrust, UTN-USER, and AOL Roots also need issuer/SN
2002-08-27 20:41:20 +00:00
relyea%netscape.com
032b21fe1a
Trust objects need Issuer and Serial number.
2002-08-27 20:17:09 +00:00
relyea%netscape.com
3dce5c6a40
Trust attributes need issuer & serial number
2002-08-27 20:15:58 +00:00
kaie%netscape.com
43a34d7ec4
b=107034 OE requires special attribute in incoming signed messages to support dual key certificates. Add new function
...
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs.
r=relyea
2002-08-27 13:14:42 +00:00
kaie%netscape.com
21b34fa931
Backing myself out, since it didn't compile on Win32, and I would like to discuss the correct fix.
2002-08-27 00:05:11 +00:00
relyea%netscape.com
7a5ee3f753
Remove warning for unreferenced variable.
2002-08-26 21:39:49 +00:00
kaie%netscape.com
d478be6ac5
b=107034 OE requires special attribute in incoming signed messages to support dual key certificates. Add new function
...
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs.
r=relyea
2002-08-26 21:34:31 +00:00
relyea%netscape.com
7ec5b51352
Bug 164690. Fix missing break;
2002-08-26 21:16:07 +00:00
kaie%netscape.com
6b4a5557af
b=122869 Need better message when import a cert with wrong password.
...
r=javi sr=jag
2002-08-26 20:31:03 +00:00
kaie%netscape.com
8e6b891cc2
b=161915 Combine verified and purposes column in certificate manager
...
r=javi sr=jag
2002-08-26 20:16:25 +00:00
nicolson%netscape.com
65faa05435
comment.
2002-08-26 17:37:41 +00:00
nicolson%netscape.com
300bf20ee2
remove obsolete samples.
2002-08-26 17:34:15 +00:00
nicolson%netscape.com
89ffcc51af
remove old SSLClient and SSLServer sample programs. They are not up-to-date.
2002-08-26 17:31:20 +00:00
nicolson%netscape.com
2377d2f3f6
syntax error wasn't caught because of bug in build script.
2002-08-26 17:22:02 +00:00
relyea%netscape.com
5d6a14c82b
Fix URL check. we should check crl->url for null, not the uninitialized variable url.
2002-08-26 16:27:49 +00:00
jpierre%netscape.com
dc99c08db3
Fix for 164471 - Hide passwords in NSS command-line tools on OS/2
2002-08-25 03:00:34 +00:00
jpierre%netscape.com
95bad7466f
Correctly identify tty on OS/2 - fix for 164420
2002-08-24 13:46:50 +00:00
jpierre%netscape.com
cdaf8705fe
Fix for 164403 - make console input work in NSS tools on OS/2
2002-08-24 11:51:42 +00:00
jpierre%netscape.com
463500a5ab
Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea
2002-08-24 00:52:47 +00:00
nicolson%netscape.com
d2296480fd
A FilterInputStream to decode base64-encoded data.
2002-08-23 23:17:00 +00:00
wtc%netscape.com
77296171f1
Removed CERT_VerifyCertChain from the export list. Use
...
CERT_VerifyCACertForUsage instead.
2002-08-23 18:58:52 +00:00
rangansen%netscape.com
23625d6f94
Removing c++ style comment
2002-08-23 18:31:22 +00:00
rangansen%netscape.com
5fcabb2b51
Making sure VerifyCACertForUsage checks CRL if usage is statusResponder. Changes reviewed by Bob Relyea
2002-08-23 18:02:10 +00:00
kaie%netscape.com
4b9a8a51c9
b=157927 Fix memory leaks in nsNSSCertificate.cpp, fix some compiler warnings, do some cleanup.
...
r=javi sr=jag
2002-08-23 10:40:27 +00:00
kaie%netscape.com
0eab7806a1
b=124624 [RFE]Wording change for SSL, Privacy Pref
...
r=cotter sr=jag
2002-08-23 10:28:07 +00:00
kaie%netscape.com
e888f7645f
b=100129 UI: extra space in "Security Error: Domain Name Mismatch" title
...
r=kaie sr=jag
2002-08-23 10:13:47 +00:00
kaie%netscape.com
a6e10ab759
b=142147 Viewing signed message crashes Mozilla, if I did not log-in into the FIPS module
...
r=javi sr=bryner
2002-08-23 10:10:17 +00:00
kaie%netscape.com
07bda86df6
b=106587 FIPS enabled mode fails when Master PWD is not set.
...
r=javi/cotter sr=shaver
2002-08-23 10:07:47 +00:00
relyea%netscape.com
4116e5ba07
Fix mixing different free calls. PR_smprintf requires PR_smprintf_free()
2002-08-23 02:12:05 +00:00
relyea%netscape.com
a1ac38f4be
handle attribute types more intellegently. Don't fetch the object for invalid attributes if we don't have to.
2002-08-23 02:11:03 +00:00
wtc%netscape.com
18625bdcab
Added coreconf config file for Solaris 10 Intel.
2002-08-23 00:33:48 +00:00
wtc%netscape.com
2190605135
Bug 164035: checked in a small code optimization suggested by
...
J�rg Brunsmann <joerg_brunsmann@yahoo.de>. Use the local variable that
has the same value.
2002-08-22 18:05:32 +00:00
relyea%netscape.com
f5603c8844
Add pubwrap with flags
2002-08-22 00:41:41 +00:00
wtc%netscape.com
401d42ef18
Bug 163863: removed duplicate PORT_Memset calls in CERT_KeyFromDERCert.
...
Thanks to J�rg Brunsmann <joerg_brunsmann@yahoo.de> for the fix.
2002-08-21 18:05:20 +00:00
relyea%netscape.com
943dd39f49
1) fix crl memory.
...
2) remove several memory copies in the crl.
2002-08-21 00:09:23 +00:00
kaie%netscape.com
2e5cb525e8
b=140302 hang when collapsing some ssl-security details
...
r=javi sr=bryner
2002-08-20 12:51:55 +00:00
relyea%netscape.com
78007eba43
Bug 142172
...
1) look up the private key much earlier in the process so we know what slot it is on.
2) if a slot isn't specified, you the private key's slot.
3) if the specified slot and the private key slot don't match & the private key slot can do the PBE, then use the private key slot to do the PBE so we don't have to move the key.
4) if we have generated the PBE key in a different slot from the private key,
2002-08-19 18:24:58 +00:00
relyea%netscape.com
bb6cf23f23
use error code in secutil.
...
Clean up the output.
Print out cert chain parsing issues more completely.
2002-08-16 23:09:02 +00:00
relyea%netscape.com
cf0278de93
Quick and dirty utility to pink SSL servers to see if they are configured
...
correctly.
NOTES: This program is a (very slightly) modified version of the
SSLSample/client.c program. As such it used the sample program support, which is
a duplication of much of secutil. Future enhancements would be 1) link with
secutil.lib. 2) When handling BadCert requests, run the Full VerifyCert and dump
the results. Make connections to the servers testing SSL2, SSL3 and TLS.
Changes were basically 1) Set the program to run without a security database
(this means no token support, or client auth). 2) Explicitly load the builtins
module so that we can test against the standard trust.
2002-08-16 16:29:18 +00:00
jpierre%netscape.com
e5ec791fa2
Correctly count the number of items in a SEQUENCE OF or SET OF in quickder decoder. Bug found by one of Terry's tests.
2002-08-16 00:05:55 +00:00
nicolson%netscape.com
62f1239586
Fix 162761: PK11_GetKeyGen should work if you pass in a keygen alg.
...
Make PK11_GetKeyGen an identity function for keygen algs.
2002-08-14 23:57:45 +00:00
kaie%netscape.com
9190a3d74e
Patch from bug 87902 to fix SSL/TLS logic.
...
- make TLS intolerant server detection over proxies work
(this bug 87902)
- on connection failure, only retry without TLS when it is really
likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
(see removed comments in patch)
- avoid to confuse programmers reading code,
by renaming TLSStepUp (which means something else)
to the correct term STARTTLS (what the code is actually doing).
(As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
a warning is shown. If the user decides to cancel,
network activity should stop immediately.
(we currently warn multiple times) (bug 87209)
r=javi/darin/ducarroz/dmose sr=alecf
2002-08-14 23:43:28 +00:00
nicolson%netscape.com
aab844b223
Remove try/catch block when loading libjss. This allows any UnsatisfiedLinkError
...
to get thrown to the application, where it can print it out with all its
information. Also stop checking for jssjava.
2002-08-14 23:00:45 +00:00
nicolson%netscape.com
0668349aad
fine-tune javadoc commands.
2002-08-14 22:55:47 +00:00