Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
195,391 Commits 3,986 Branches 0 Tags
Commit Graph

273 Commits

Author SHA1 Message Date
glen.beasley%sun.com
b1a98e0caa 400711 SSL_CanBypass r=julien,sr=nelson 
git-svn-id: svn://10.0.0.236/trunk@238351 18797224-902f-48f8-a5cc-f745e15eee43
 2007-10-30 21:42:18 +00:00
julien.pierre.boogz%sun.com
a8626f2c53 Fix for bug 286642 . Move utility functions to new libnssutil shared library. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@237631 18797224-902f-48f8-a5cc-f745e15eee43
 2007-10-12 01:44:51 +00:00
julien.pierre.boogz%sun.com
2f0d933156 Fix for bug 330721 . Remove OS/2 VACPP compiler support from NSS . Patch contributed by Peter Weilbacher . r=julien.pierre 
git-svn-id: svn://10.0.0.236/trunk@235515 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-11 22:40:40 +00:00
nelson%bolyard.com
37e15a431c Add #include "prinit.h". On Windows, this gets implicitly included. (?) 
git-svn-id: svn://10.0.0.236/trunk@235485 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-11 00:48:09 +00:00
nelson%bolyard.com
7dac23bbec Bug 366553: libSSL leaks global array of trusted client auth CA names, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@235483 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-11 00:21:09 +00:00
neil.williams%sun.com
c06c8a1cc4 Bug 324744, add policy extension options to certutil 
r=julien


git-svn-id: svn://10.0.0.236/trunk@235392 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-07 23:08:22 +00:00
neil.williams%sun.com
d23a220b27 Bug 324744, add gen of policy extns to certutil, second of 3 patches 
r=julien


git-svn-id: svn://10.0.0.236/trunk@235372 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-07 18:45:53 +00:00
nelson%bolyard.com
31b2141cf5 Bug 394271 - two public SSL functions require PRFD* to point to SSL layer 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233531 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:53:52 +00:00
nelson%bolyard.com
641a71d017 Bug 394202 - ssl_GetPrivate can corrupt non-SSL private structures 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233530 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:49:47 +00:00
nelson%bolyard.com
a5e1d31471 Bug 392846 - Do not send hello extensions when using SSL v3.0, r=kengert 
git-svn-id: svn://10.0.0.236/trunk@232832 18797224-902f-48f8-a5cc-f745e15eee43
 2007-08-22 06:12:02 +00:00
christophe.ravel.bugs%sun.com
01014185ad Bug 389781 NSS should be built size-optimized on Linux, Windows, and Mac 
r=julien.pierre.boogz


git-svn-id: svn://10.0.0.236/trunk@232117 18797224-902f-48f8-a5cc-f745e15eee43
 2007-08-15 15:30:08 +00:00
neil.williams%sun.com
2f31c2efc1 Bug 389248, Actually a duplicate of a problem with bug 325672. 
r=wtc


git-svn-id: svn://10.0.0.236/trunk@230813 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-24 22:24:51 +00:00
neil.williams%sun.com
f4f094b47f Bug 325672, Create CanBypass function 
r=Nelson


git-svn-id: svn://10.0.0.236/trunk@230235 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-18 21:38:55 +00:00
julien.pierre.bugs%sun.com
e788d02661 Fix for bug 228190 . Remove unnecessary NSS_ENABLE_ECC declarations . r=nelson 
git-svn-id: svn://10.0.0.236/trunk@229789 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-12 04:39:19 +00:00
julien.pierre.bugs%sun.com
efa0597919 Fix for bug 257860 . Correct doc for SSL_SecurityStatus . r=nelson 
git-svn-id: svn://10.0.0.236/trunk@229660 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-11 03:09:14 +00:00
julien.pierre.bugs%sun.com
17ea357834 Fix for bug 90426 . Stop using obsolete int32 and uint32 typedefs . r=nelson 
git-svn-id: svn://10.0.0.236/trunk@229406 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-06 03:16:56 +00:00
glen.beasley%sun.com
79dbc46d9c 369444 sidCacheEntry size forced to 192 bytes r=Nelson,sr=wan-teh 
git-svn-id: svn://10.0.0.236/trunk@225547 18797224-902f-48f8-a5cc-f745e15eee43
 2007-05-03 21:16:35 +00:00
nelson%bolyard.com
7069ddec51 Bug 373276 – Enhance SSL's Bypass feature to withstand failures. r=neil,alexei 
git-svn-id: svn://10.0.0.236/trunk@225321 18797224-902f-48f8-a5cc-f745e15eee43
 2007-05-01 03:54:58 +00:00
rrelyea%redhat.com
5e97cf8097 Add Camilla cipher suites TLS RFC4132 bug 361025 
code supplied by okazaki@kick.gr.jp


git-svn-id: svn://10.0.0.236/trunk@221086 18797224-902f-48f8-a5cc-f745e15eee43
 2007-02-28 19:47:40 +00:00
nelson%bolyard.com
5b3a170bba Bug 366803 - Improve SSL tracing, make it work in browsers, to help with 
debugging bug 356470.  r=neil.williams,alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@219222 18797224-902f-48f8-a5cc-f745e15eee43
 2007-01-31 04:20:26 +00:00
nelson%bolyard.com
e14af33a7a Improve checking of received SSL2 records. 
Bug 364319, bug 364323. r=rrelyea, wtchang


git-svn-id: svn://10.0.0.236/trunk@217670 18797224-902f-48f8-a5cc-f745e15eee43
 2007-01-03 05:32:33 +00:00
wtchang%redhat.com
1cb5d3ccbb Bugzilla Bug 363073: verify that the peer's ephemeral public key is the 
type we expect before using it.  r=nelsonb
Modified Files: ssl3con.c ssl3ecc.c


git-svn-id: svn://10.0.0.236/trunk@216773 18797224-902f-48f8-a5cc-f745e15eee43
 2006-12-08 22:37:29 +00:00
wtchang%redhat.com
cb167e11ec Bug 332350: fixed a typo in the comment. 
git-svn-id: svn://10.0.0.236/trunk@216614 18797224-902f-48f8-a5cc-f745e15eee43
 2006-12-06 23:00:17 +00:00
wtchang%redhat.com
a26a68193b Bugzilla Bug 342795: the call-once functions need to store the error code 
on failure so that the error code can be retrieved later. r=nelsonb and
alexei.volkov.


git-svn-id: svn://10.0.0.236/trunk@216601 18797224-902f-48f8-a5cc-f745e15eee43
 2006-12-06 21:50:40 +00:00
wtchang%redhat.com
ed4b8e9aeb Bugzilla Bug 358248: SSL_ShutdownServerSessionIDCache should stop the 
LockPoller thread.  r=nelsonb,relyea


git-svn-id: svn://10.0.0.236/trunk@216528 18797224-902f-48f8-a5cc-f745e15eee43
 2006-12-06 01:36:08 +00:00
nelson%bolyard.com
13a3479910 Export two new functions that were added in NSS 3.11: 
SSL_ForceHandshakeWithTimeout and SSL_ReHandshakeWithTimeout
Bug 127960. r=alexei.volkov,wtchang


git-svn-id: svn://10.0.0.236/trunk@215300 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-15 00:18:02 +00:00
wtchang%redhat.com
8f2df656bf Bugzilla Bug 359484: made the fix for bug 341707 work for the SSL2 client 
hello case. r=nelsonb,alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@215245 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-14 01:09:54 +00:00
alexei.volkov.bugs%sun.com
5f7cf266e5 353888: klockwork IDs for ssl3con.c. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@213367 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-09 22:26:44 +00:00
julien.pierre.bugs%sun.com
a030f3283d Fix for bug 115951 . Separate BL_Cleanup and BL_Unload . r=wtchang,nelson 
git-svn-id: svn://10.0.0.236/trunk@213017 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-02 21:17:59 +00:00
julien.pierre.bugs%sun.com
50720ed113 Fix for bug 115951 . Unload freebl dynamic library . Also fix tiny one-time leak of library name . r=nelson,wtchang 
git-svn-id: svn://10.0.0.236/trunk@212769 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-28 00:40:55 +00:00
nelson%bolyard.com
bf090012bf Also trace the DH(E) PMS. bug 349966. r=julien.pierre, wtchang 
git-svn-id: svn://10.0.0.236/trunk@209074 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-02 18:53:54 +00:00
nelson%bolyard.com
5bc47a3fed re-enable SSLTRACE for keys and (pre)master secrets. Bug 349966. r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@208358 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-24 22:10:03 +00:00
nelson%bolyard.com
3c8ae7422c Correct ifdefs so that non-ECC builds will continue to build correctly. 
r=wtchang  bug 341707.


git-svn-id: svn://10.0.0.236/trunk@203201 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-20 00:17:23 +00:00
nelson%bolyard.com
505b7efaff Curve-limited clients must not negotiate ECC ciphersuites unless they send the supported curve extension. This means that when they are nogotiating SSL 3.0 
and not TLS, they should not negotiate ECC ciphersuites at all.
Bug 341707.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@203068 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-19 01:42:58 +00:00
alexei.volkov.bugs%sun.com
5761fab072 334459: Variable "(cache)->sharedCache" tracked as NULL was passed to a function that dereferences it. [@ CloseCache - InitCache]. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@202258 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-17 22:15:10 +00:00
alexei.volkov.bugs%sun.com
b1e4bcb35a 341291: Coverity 689 - potential NULL ptr crash in ssl3_SendCertificate. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@202256 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-17 22:08:03 +00:00
julien.pierre.bugs%sun.com
e5e8902b02 Fix for bug 341708 . Have client send alert if it detects an invalid server key exchange. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@201142 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-28 21:15:04 +00:00
wtchang%redhat.com
e82461ec07 Bugzilla Bug 338798: in C89, local struct variables can only be initialized 
by constant expressions.  HP C compiler version B.11.11.08 generates
incorrect code silently if the initializers are non-constant expressions.
r=alexei.volkov,julien.pierre.
Modified files: cmd/crmftest/testcrmf.c lib/ssl/ssl3con.c


git-svn-id: svn://10.0.0.236/trunk@200976 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-26 23:32:19 +00:00
rrelyea%redhat.com
6d69aa1d29 bug 335748 ECC support for Mozilla. r=wtc 
git-svn-id: svn://10.0.0.236/trunk@200694 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-23 17:01:38 +00:00
nelson%bolyard.com
343dadeb70 Remove dead code. Coverity 506. r=nelson,wtchang. Bug 337027. 
Patch by Jon Smirl <jonsmirl@yahoo.com>


git-svn-id: svn://10.0.0.236/trunk@199434 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-07 18:40:57 +00:00
nelson%bolyard.com
3eda74cd5d Fix bug 337104 and bug 337105. Don't crash if we run out of memory 
in ssl2_ConstructCipherSpecs().  r=Alexei.Volkov  Coverity 442 & 443.


git-svn-id: svn://10.0.0.236/trunk@199429 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-07 17:53:19 +00:00
wtchang%redhat.com
9d60721908 Bugzilla bug 338599: added new function SECKEY_SignatureLen and use it 
instead of SECKEY_PublicKeyStrength to get ECDSA signature lengths.
Removed the 'type' member from the VFYContextStr structure because that
info is in the 'key->keyType' field.  Set error codes when functions
fail (return 0). r=nelsonb.
Modified Files:
	cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secvfy.c
	nss/nss.def ssl/ssl3con.c


git-svn-id: svn://10.0.0.236/trunk@198781 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-31 23:54:52 +00:00
nelson%bolyard.com
862dbdbc05 Promote the use of curve secp192r1 for client auth, since it is faster 
than most.  Bug 332350.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@197974 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-19 04:01:30 +00:00
nelson%bolyard.com
d41e92d455 Fix several Coverity bugs. Bug 336982. NULL ptr check after ptr deref'ed. 
Bug 337080.  Dead code.  r=alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@197950 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-18 20:41:21 +00:00
nelson%bolyard.com
d201e5eca4 Correct the amount returned by ssl_Writev for short writes on non-blocking 
sockets.  Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson


git-svn-id: svn://10.0.0.236/trunk@197897 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-18 01:10:21 +00:00
wtchang%redhat.com
2beeda3cec Bug 305835: Remove NSS_ENABLE_ECC ifdefs in libssl. r=wtc,nelsonb 
git-svn-id: svn://10.0.0.236/trunk@196622 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-16 01:14:43 +00:00
alexei.volkov.bugs%sun.com
ea68cbd9e6 Patch contributed by jonsmirl@yahoo.com 
[Bug 336932] Coverity 163, dead code in mozilla/security/nss/lib/ssl/ssl3con.c. r=nelson


git-svn-id: svn://10.0.0.236/trunk@196440 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-13 00:15:43 +00:00
nelson%bolyard.com
0cfc8e8fb2 Bug 323350. sr=rrelyea. This patch makes 3 changes: 
1) it adds a new ifdef which enables SSL to limit itself to the 3 Suite B
   curves.
2) it corrects the creation and parsing of the Supported Curve extension to
   conform with the lastest definition, by using 2 bytes to encode the list
   length,
3) it changes the algorithm that picks the curve for ECDHE to choose a curve
   that is at least as strong as the "weakest link", is mutually supported
   by client and server, and is the fastest for its size.


git-svn-id: svn://10.0.0.236/trunk@195173 18797224-902f-48f8-a5cc-f745e15eee43
 2006-04-23 00:17:18 +00:00
wtchang%redhat.com
acc744e9ea Bugzilla Bug 236245: Use a stack buffer for ec_params.data in 
ssl3_SendECDHServerKeyExchange. r=nelson.


git-svn-id: svn://10.0.0.236/trunk@195065 18797224-902f-48f8-a5cc-f745e15eee43
 2006-04-21 16:19:48 +00:00
nelson%bolyard.com
c74c0d6ec1 Bug 80092: SSL write indicates all data sent when some is buffered. 
SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket.  On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will  keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered.  r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c


git-svn-id: svn://10.0.0.236/trunk@194962 18797224-902f-48f8-a5cc-f745e15eee43
 2006-04-20 08:46:34 +00:00