Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
147,320 Commits 3,986 Branches 0 Tags
Commit Graph

186 Commits

Author SHA1 Message Date
wtchang%redhat.com
78e668b9ca Bugzilla Bug 288647: enable building NSS with an NSPR binary distribution. 
Introduced NSPR_INCLUDE_DIR and NSPR_LIB_DIR make variables. Portions of
the patch were contributed by Chris Seawood <cls@seawood.org>. r=relyea.
Modified Files:
	coreconf/OS2.mk coreconf/OpenVMS.mk coreconf/location.mk
	nss/cmd/platlibs.mk nss/cmd/shlibsign/Makefile
	nss/cmd/shlibsign/sign.cmd nss/cmd/shlibsign/sign.sh
	nss/lib/ckfw/builtins/Makefile
	nss/lib/fortcrypt/swfort/pkcs11/Makefile nss/lib/nss/config.mk
	nss/lib/smime/config.mk nss/lib/softoken/config.mk
	nss/lib/ssl/config.mk


git-svn-id: svn://10.0.0.236/trunk@176418 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-21 23:48:30 +00:00
wtchang%redhat.com
12e08cdf73 Bugzilla Bug 298953: fixed a memory leak in sslBuffer_Grow if PORT_Realloc 
fails. r=nelsonb.


git-svn-id: svn://10.0.0.236/trunk@175233 18797224-902f-48f8-a5cc-f745e15eee43
 2005-06-28 17:48:26 +00:00
nelsonb%netscape.com
663db84c36 Back out the preceeding fortezza removal patch, which was accidentally 
applied to the trunk, not to the intended branch.


git-svn-id: svn://10.0.0.236/trunk@171823 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
b62572db42 Remove fortezza support from libSSL and related commands. Bug 239960. 
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@171820 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 19:43:19 +00:00
nelsonb%netscape.com
0137ccc6f8 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre. 
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@171630 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-05 03:48:20 +00:00
nelsonb%netscape.com
07cab5177e Do not crash if Server SID cache is uninitialized. Bug 237724 r=Julien 
Instead, if SSL_NO_CACHE is not set, return an error code.


git-svn-id: svn://10.0.0.236/trunk@170428 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-09 05:20:44 +00:00
julien.pierre.bugs%sun.com
3ee7fc35b6 Fix for 269581 - cache the value of CKA_PRIVATE on private keys to avoid unnecessary C_GetAttributeValue . Also fix i 
ncorrect logic in attribute tests. r=rrelyea,wtchang


git-svn-id: svn://10.0.0.236/trunk@169706 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-24 00:38:23 +00:00
wtchang%redhat.com
a5e1388150 Bug 236613: fixed the fallout from the change to MPL/LGPL/GPL tri-license. 
Our script for processing the *.def on the Mac cannot handle blank lines.
Modified Files: nssckbi.def nss.def smime.def softokn.def ssl.def


git-svn-id: svn://10.0.0.236/trunk@169661 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-23 19:25:39 +00:00
gerv%gerv.net
a2d903c9f2 Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@168726 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-02 22:28:27 +00:00
julien.pierre.bugs%sun.com
7098fa8db9 Fix for 273993 . SSL client cache grows with non-restartable sessions . r=saul,nelson 
git-svn-id: svn://10.0.0.236/trunk@166798 18797224-902f-48f8-a5cc-f745e15eee43
 2004-12-17 02:01:35 +00:00
nelsonb%netscape.com
9fe96f18ad Follow the SSL2 specification more closely in accepting and rejecting 
SSL messages.  Previously NSS would reject some it should accept
and vice versa.  Bugscape bug 57121. r=wtc,julien


git-svn-id: svn://10.0.0.236/trunk@158397 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-24 02:06:41 +00:00
jpierre%netscape.com
8385c4f9e2 Fix for 237934 - nss_InitLock not atomic. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@158176 18797224-902f-48f8-a5cc-f745e15eee43
 2004-06-19 03:21:39 +00:00
jpierre%netscape.com
cca7512c06 Fix for 244095 - link NSS libraries with -R $ORIGIN on Solaris 
git-svn-id: svn://10.0.0.236/trunk@156892 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-25 00:13:12 +00:00
wchang0222%aol.com
d8ea205bcc Bugscape bug 57081: If the make variable NISCC_TEST is defined at build 
time, add -DNISCC_TEST to the compile command line.  The NISCC_TEST macro
enables special code that's conditionally compiled for NISCC testing.
Modified Files:
	cmd/smimetools/Makefile cmd/smimetools/cmsutil.c
	lib/ssl/config.mk lib/ssl/manifest.mn


git-svn-id: svn://10.0.0.236/trunk@156332 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-13 01:29:15 +00:00
jpierre%netscape.com
bc5774d577 Fix for 242984 - crash with application having incomplete PRIOMethods. r=nelsonb,wtc 
git-svn-id: svn://10.0.0.236/trunk@156222 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-11 03:48:25 +00:00
gerv%gerv.net
62b0f34e77 Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines. 
git-svn-id: svn://10.0.0.236/trunk@155606 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-27 23:04:40 +00:00
gerv%gerv.net
43cb9e1492 Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@155484 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-25 15:03:26 +00:00
nelsonb%netscape.com
6f48d14853 Add conditionally compiled code for NISCC testing of NSS's SSL library. 
patch by Ian McGreer.  Bugscape bug 53322.


git-svn-id: svn://10.0.0.236/trunk@153596 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-05 23:28:57 +00:00
jpierre%netscape.com
cabec54b89 Fix for 235874 - crash in PK11_DigestKey . r=wtc, nelsonb 
git-svn-id: svn://10.0.0.236/trunk@153448 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-03 03:18:56 +00:00
nelsonb%netscape.com
aa8a0fe260 Overload the error code SSL_ERROR_RX_RECORD_TOO_LONG to report SSL2 
records that are too short.  Bugscape bug 54814


git-svn-id: svn://10.0.0.236/trunk@151018 18797224-902f-48f8-a5cc-f745e15eee43
 2004-01-08 06:52:00 +00:00
jpierre%netscape.com
9af88d0f5a Rename PK11_PubDeriveExtended to PK11_PubDeriveWithKDF 
git-svn-id: svn://10.0.0.236/trunk@151008 18797224-902f-48f8-a5cc-f745e15eee43
 2004-01-08 01:37:46 +00:00
wchang0222%aol.com
0fd2842063 Made wincx the last argument of PK11_PubDeriveExtended. r=relyea. 
Modified Files: pk11func.h pk11skey.c ssl3con.c


git-svn-id: svn://10.0.0.236/trunk@150552 18797224-902f-48f8-a5cc-f745e15eee43
 2003-12-19 23:54:29 +00:00
nelsonb%netscape.com
478d713628 Grow handshake message buffer once per message, not once per each message 
segment received.  Bugscape bug 53418.


git-svn-id: svn://10.0.0.236/trunk@148858 18797224-902f-48f8-a5cc-f745e15eee43
 2003-11-05 06:22:57 +00:00
nelsonb%netscape.com
517ef7b660 Remove one unnecessary transition from the SSL3 state machine. 
Reduce the number of reallocations of the SSL3 handshake message buffer.
Bugscape bugs 53287 and 53337


git-svn-id: svn://10.0.0.236/trunk@148646 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-31 07:01:05 +00:00
wchang0222%aol.com
2aff98abf2 Bugzilla bug 222065: fixed a bug (inside #ifdef WINNT) introduced in the 
previous checkin.


git-svn-id: svn://10.0.0.236/trunk@148244 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-22 01:00:10 +00:00
nelsonb%netscape.com
68ca5e8448 When the SSL_NO_CACHE option is set on an SSL server socket, don't touch 
the server session cache AT ALL.  Bug 222726


git-svn-id: svn://10.0.0.236/trunk@148119 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-19 01:55:50 +00:00
nelsonb%netscape.com
3e437a3d4d Declare SSL_NO_STEP_DOWN option. Partial fix to bug 148452. 
git-svn-id: svn://10.0.0.236/trunk@148118 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-19 01:31:41 +00:00
nelsonb%netscape.com
701f341286 SSL_ShutdownServerSessionIDCache no longer leaks the cache memory. 
Bug 222065. r=wchang0222


git-svn-id: svn://10.0.0.236/trunk@148117 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-19 01:25:10 +00:00
ian.mcgreer%sun.com
decc84df49 ECC code landing. 
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs


git-svn-id: svn://10.0.0.236/trunk@148060 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-17 13:45:42 +00:00
nelsonb%netscape.com
9911b56b4d Eliminate unnecessary copying of CA names in HandleCertRequest. 
Bug 204686.


git-svn-id: svn://10.0.0.236/trunk@147660 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-07 02:24:01 +00:00
nelsonb%netscape.com
d544fa46d4 Detect Zero length certs and zero length CA names. Bug 204686. 
Also, eliminate unnecessary copying of incoming certs.


git-svn-id: svn://10.0.0.236/trunk@147524 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-03 02:01:18 +00:00
wtc%netscape.com
a684605285 Bugzilla bug 214674: made the Linux implementation of sslMutex really work. 
They were no-ops in multiprocess mode before.  The patch is Nelson
Bolyard's.  r=wtc.


git-svn-id: svn://10.0.0.236/trunk@146426 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-28 22:23:59 +00:00
nelsonb%netscape.com
e14edef9e3 Eliminate TCP connection reset errors that occur when server requires 
client auth and SSL3 client doesn't authenticate.  The fix is to coalesce
the SSL3 no_certificate alert record with the following records (e.g.
client_key_exchange handshake, change_cipher_spec and finished handshake).
Fix bugs 207313 and 118668.


git-svn-id: svn://10.0.0.236/trunk@143124 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-30 23:22:39 +00:00
wtc%netscape.com
c8c128b326 Bug 134113: make NSS build on Win32 using GCC (MinGW). The patch 
(attachment 121068) is contributed by Chris Seawood (cls@seawood.org).


git-svn-id: svn://10.0.0.236/trunk@141471 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-20 04:23:37 +00:00
jpierre%netscape.com
5f94baad22 Fix for 202348 - check cert & key pointers returned by client auth application callback, to fix crash . r=nelsonb 
git-svn-id: svn://10.0.0.236/trunk@141286 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-17 02:04:24 +00:00
jpierre%netscape.com
baac831b29 Fix for 201259 . Make the default client auth callback NSS_GetClientAuthData work with dual-key certs. r=nelsonb, sr=wtc 
git-svn-id: svn://10.0.0.236/trunk@140939 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-09 22:23:10 +00:00
nelsonb%netscape.com
faa5b981f5 Changes to enable ECC over characteristic 2^m fields. 
Contribution from Vipul Gupta <Vipul.Gupta@Sun.COM>
Modified Files:
 nss/cmd/strsclnt/strsclnt.c nss/lib/cryptohi/seckey.c
 nss/lib/freebl/blapit.h nss/lib/freebl/ec.c
 nss/lib/freebl/manifest.mn nss/lib/freebl/mpi/Makefile
 nss/lib/softoken/ecdecode.c nss/lib/softoken/pkcs11.c
 nss/lib/ssl/ssl3con.c nss/lib/util/secoid.c
 nss/lib/util/secoidt.h


git-svn-id: svn://10.0.0.236/trunk@140430 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-29 00:18:30 +00:00
nelsonb%netscape.com
06d3adf3af Add missing return statement. 
git-svn-id: svn://10.0.0.236/trunk@140378 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-27 03:07:47 +00:00
wtc%netscape.com
ede99124e6 Bug 199082: checked in Nelson's patch, which 
a) changes selfserv to test the return value from NSS_Shutdown.
b) changes SECMOD_Shutdown to set the error code SEC_ERROR_BUSY before
   returning SECFailure.
c) Adds a new function SSL_ShutdownServerSessionIDCache to ssl.h.
d) Changes selfserv to call SSL_ShutdownServerSessionIDCache before calling
NSS_Shutdown.
Modified Files:
	cmd/selfserv/selfserv.c lib/pk11wrap/pk11util.c
	lib/ssl/ssl.def lib/ssl/ssl.h lib/ssl/ssl3con.c
	lib/ssl/sslimpl.h lib/ssl/sslsnce.c


git-svn-id: svn://10.0.0.236/trunk@140305 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-26 00:31:13 +00:00
relyea%netscape.com
f06f3410eb Make indention style consistant with SSL's usage, not softoken/pk11 usage. 
git-svn-id: svn://10.0.0.236/trunk@139387 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-13 16:36:43 +00:00
relyea%netscape.com
baad4775cd Allow for tokens that don't require login. bug 197082 
git-svn-id: svn://10.0.0.236/trunk@139334 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-12 19:22:32 +00:00
nelsonb%netscape.com
db2f1140de Add support for Elliptic Curve Cryptography. Bug 195135. 
Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c


git-svn-id: svn://10.0.0.236/trunk@138574 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-27 01:31:38 +00:00
nelsonb%netscape.com
3c19bbc924 Fix bug 160207. Make TLS implementation resistant to timing attacks on 
CBC block mode cipher suites in TLS.  See bug for details.


git-svn-id: svn://10.0.0.236/trunk@138124 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-21 23:00:16 +00:00
relyea%netscape.com
39cd897ff6 Bug 167756. Address Nelson's review comments. remove socket specific latency 
in favor of a slot specific latency test (already done by pk11wrap code).


git-svn-id: svn://10.0.0.236/trunk@137837 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-15 01:21:25 +00:00
relyea%netscape.com
09be8d3cd2 Bug 167756. Clean up previous patch: add lastState field, and set the SSL Error on failure. 
git-svn-id: svn://10.0.0.236/trunk@136911 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-23 22:02:37 +00:00
relyea%netscape.com
00bc37d763 Check for token removal before continuing SSL sessions which have client auth 
with certs associated with that token. bug 167756.


git-svn-id: svn://10.0.0.236/trunk@136893 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-23 17:27:34 +00:00
jpierre%netscape.com
22bf9f8cc7 Fix for bug #126930 - make SSL_ConfigServreSessionIDCache work on OS/2 by not using shared memory in single process mode. r=nelsonb 
git-svn-id: svn://10.0.0.236/trunk@136858 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-23 00:15:08 +00:00
nelsonb%netscape.com
bca9f97d3a Don't reject a cert request with an empty list of CA cert names. 
Don't crash with an empty CA name list.


git-svn-id: svn://10.0.0.236/trunk@133943 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-16 03:19:48 +00:00
nelsonb%netscape.com
827c334f1c Fix missing strings that cause crash in SSL_SecurityStatus(). Bug 178342. 
git-svn-id: svn://10.0.0.236/trunk@132968 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-05 00:25:20 +00:00
wtc%netscape.com
cbc1167df3 Bug 127740: added a comment to explain the thread yield in 
ssl3_SendApplicationData.


git-svn-id: svn://10.0.0.236/trunk@130809 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-30 20:51:05 +00:00