Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
216,595 Commits 3,986 Branches 0 Tags
Commit Graph

58 Commits

Author SHA1 Message Date
kaie%kuix.de
837ba973da Bug 727691, SSL_InvalidateSession crashes if session cache was disabled (edit), Patch contribute by Julien Pierre, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263508 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-01 18:36:35 +00:00
kaie%kuix.de
6c980c7018 Bug 726315, followup from bug 542832, Patch contributed by Brian Smith, r=kaie 
git-svn-id: svn://10.0.0.236/trunk@263415 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-15 21:52:08 +00:00
kaie%kuix.de
f1f6b33c41 Bug 542832 - SSL_RestartHandshakeAfterServerCert is broken, patch by Brian Smith, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263386 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-11 13:03:08 +00:00
kaie%kuix.de
1d479025ca Bug 542832 - SSL_RestartHandshakeAfterServerCert is broken, patch by Brian Smith, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263383 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-11 12:57:28 +00:00
wtc%google.com
10830da36d Bug 718554: SSL_ForceHandshake returns wrong positive results after sending 
pending data.  The patch is by Brian Smith <bsmith@mozilla.com>.  r=wtc.


git-svn-id: svn://10.0.0.236/trunk@263294 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-22 01:14:14 +00:00
bsmith%mozilla.com
9b720db9f7 Bug 700516: Remove SSL2 support for SSL_RestartHandshakeAfterServerCert and SSL_RestartHandshakeAfterCertReq, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263089 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-19 21:58:21 +00:00
kaie%kuix.de
51ddd562f1 Fix Tinderbox bustage, backout all patches from 2011-11-11 
git-svn-id: svn://10.0.0.236/trunk@263077 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-16 19:12:36 +00:00
bsmith%mozilla.com
4778bbc800 Bug 700516: Remove SSL2 support for SSL_RestartHandshakeAfterServerCert and SSL_RestartHandshakeAfterCertReq, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263067 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-11 19:06:52 +00:00
wtc%google.com
67190228d5 Bug 676729: SSL_ForceHandshake does not send the saved write data in 
ss->pendingBuf.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@263027 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-30 00:08:59 +00:00
wtc%google.com
daa3cd26f4 Bug 635778: Rename SSL_ConfigSecureServerWithChainOpt to 
SSL_ConfigSecureServerWithCertChain.  List the certChainOpt argument
immediately after the cert argument.  Improve comments.
Modified Files:
	ssl.def ssl.h sslsecur.c


git-svn-id: svn://10.0.0.236/trunk@262164 18797224-902f-48f8-a5cc-f745e15eee43
 2011-04-08 05:37:44 +00:00
alexei.volkov.bugs%sun.com
e3d68d7de7 635778 - Need an API to pass user defined cert chain when SSL socket is set up. r=nelson, rreleya 
git-svn-id: svn://10.0.0.236/trunk@262033 18797224-902f-48f8-a5cc-f745e15eee43
 2011-03-10 04:29:04 +00:00
wtc%google.com
2b958eb6a4 Bug 588698: wrap a long line, partly to cause this file to be recompiled 
after the change to sslimpl.h in rev. 1.80.  (NSS makefiles don't have
header dependencies.)


git-svn-id: svn://10.0.0.236/trunk@261136 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-28 21:28:48 +00:00
wtc%google.com
dc58ba1b0e Bug 588698: Add assertions to discover and enforce current locking order. 
Based on patch contributed by Adam Langley of Google <agl@chromium.org>.
r=agl,nelson.
Modified Files:
	notes.txt ssl3con.c sslcon.c sslimpl.h sslsecur.c


git-svn-id: svn://10.0.0.236/trunk@261113 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-28 00:56:10 +00:00
wtc%google.com
53532bd03f Bug 588698: SSL_DataPending only needs to get recvBufLock. r=nelson. 
git-svn-id: svn://10.0.0.236/trunk@261107 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-26 18:04:41 +00:00
wtc%google.com
1e99b8cb20 Bug 525092: Support TLS false start. The patch is contributed by Adam 
Langley of Google <agl@chromium.org>.  r=wtc.
Modified Files:
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h
	lib/ssl/ssl3con.c lib/ssl/ssl3gthr.c lib/ssl/sslimpl.h
	lib/ssl/sslsecur.c lib/ssl/sslsock.c tests/ssl/sslstress.txt


git-svn-id: svn://10.0.0.236/trunk@260919 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-30 03:00:17 +00:00
alexei.volkov.bugs%sun.com
d26b36b737 360421 - Implement TLS Server Name Indication for servers. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@259396 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-14 22:15:26 +00:00
wtc%google.com
58d4cc9297 Bug 456862: added a block comment to explain why we don't respond with a 
close_notify alert after we receive a close_notify alert.  Reordered the
tests in ssl_SecureClose and ssl_SecureShutdown to make it clear that the
tests in those two functions are almost the same.  r=nelson.


git-svn-id: svn://10.0.0.236/trunk@254526 18797224-902f-48f8-a5cc-f745e15eee43
 2008-10-03 19:20:20 +00:00
nelson%bolyard.com
37e15a431c Add #include "prinit.h". On Windows, this gets implicitly included. (?) 
git-svn-id: svn://10.0.0.236/trunk@235485 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-11 00:48:09 +00:00
nelson%bolyard.com
7dac23bbec Bug 366553: libSSL leaks global array of trusted client auth CA names, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@235483 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-11 00:21:09 +00:00
nelson%bolyard.com
31b2141cf5 Bug 394271 - two public SSL functions require PRFD* to point to SSL layer 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233531 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:53:52 +00:00
nelson%bolyard.com
7069ddec51 Bug 373276 – Enhance SSL's Bypass feature to withstand failures. r=neil,alexei 
git-svn-id: svn://10.0.0.236/trunk@225321 18797224-902f-48f8-a5cc-f745e15eee43
 2007-05-01 03:54:58 +00:00
nelson%bolyard.com
5b3a170bba Bug 366803 - Improve SSL tracing, make it work in browsers, to help with 
debugging bug 356470.  r=neil.williams,alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@219222 18797224-902f-48f8-a5cc-f745e15eee43
 2007-01-31 04:20:26 +00:00
nelson%bolyard.com
c74c0d6ec1 Bug 80092: SSL write indicates all data sent when some is buffered. 
SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket.  On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will  keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered.  r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c


git-svn-id: svn://10.0.0.236/trunk@194962 18797224-902f-48f8-a5cc-f745e15eee43
 2006-04-20 08:46:34 +00:00
rrelyea%redhat.com
99fa932ed0 Bugzilla Bug 326482 NSS ECC performance problems. 
Patch by Nelson, r=relyea.

Save the public key when we create the keypair so we can use it later.


git-svn-id: svn://10.0.0.236/trunk@189566 18797224-902f-48f8-a5cc-f745e15eee43
 2006-02-10 19:39:53 +00:00
julien.pierre.bugs%sun.com
b35f511ca1 Fix hoarked build from previous checkin. Doh. 
git-svn-id: svn://10.0.0.236/trunk@180439 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-16 21:28:20 +00:00
julien.pierre.bugs%sun.com
219677d209 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 
git-svn-id: svn://10.0.0.236/trunk@180433 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-16 20:33:09 +00:00
nelsonb%netscape.com
66cf75f421 Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS. 
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c.  derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
    ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
    ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
    ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c


git-svn-id: svn://10.0.0.236/trunk@179892 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
00749853c3 Remove fortezza code from libSSL and from the SSL test programs. 
Stop building fortezza's special software token, and fortezza specific
test programs.   Bug 239960. r=rrelyea.
Modified Files:
    cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
    cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
    cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
    cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
    cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
    lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
    lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
    lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
    lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
    lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
    lib/ssl/sslt.h


git-svn-id: svn://10.0.0.236/trunk@177810 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-16 03:42:26 +00:00
wtchang%redhat.com
12e08cdf73 Bugzilla Bug 298953: fixed a memory leak in sslBuffer_Grow if PORT_Realloc 
fails. r=nelsonb.


git-svn-id: svn://10.0.0.236/trunk@175233 18797224-902f-48f8-a5cc-f745e15eee43
 2005-06-28 17:48:26 +00:00
nelsonb%netscape.com
663db84c36 Back out the preceeding fortezza removal patch, which was accidentally 
applied to the trunk, not to the intended branch.


git-svn-id: svn://10.0.0.236/trunk@171823 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
b62572db42 Remove fortezza support from libSSL and related commands. Bug 239960. 
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@171820 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 19:43:19 +00:00
nelsonb%netscape.com
0137ccc6f8 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre. 
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@171630 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-05 03:48:20 +00:00
julien.pierre.bugs%sun.com
3ee7fc35b6 Fix for 269581 - cache the value of CKA_PRIVATE on private keys to avoid unnecessary C_GetAttributeValue . Also fix i 
ncorrect logic in attribute tests. r=rrelyea,wtchang


git-svn-id: svn://10.0.0.236/trunk@169706 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-24 00:38:23 +00:00
gerv%gerv.net
62b0f34e77 Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines. 
git-svn-id: svn://10.0.0.236/trunk@155606 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-27 23:04:40 +00:00
gerv%gerv.net
43cb9e1492 Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@155484 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-25 15:03:26 +00:00
ian.mcgreer%sun.com
decc84df49 ECC code landing. 
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs


git-svn-id: svn://10.0.0.236/trunk@148060 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-17 13:45:42 +00:00
nelsonb%netscape.com
db2f1140de Add support for Elliptic Curve Cryptography. Bug 195135. 
Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c


git-svn-id: svn://10.0.0.236/trunk@138574 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-27 01:31:38 +00:00
relyea%netscape.com
39cd897ff6 Bug 167756. Address Nelson's review comments. remove socket specific latency 
in favor of a slot specific latency test (already done by pk11wrap code).


git-svn-id: svn://10.0.0.236/trunk@137837 18797224-902f-48f8-a5cc-f745e15eee43
 2003-02-15 01:21:25 +00:00
relyea%netscape.com
09be8d3cd2 Bug 167756. Clean up previous patch: add lastState field, and set the SSL Error on failure. 
git-svn-id: svn://10.0.0.236/trunk@136911 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-23 22:02:37 +00:00
wtc%netscape.com
16ce983004 Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux. 
The patch for this checkin is attached to bug 166785.


git-svn-id: svn://10.0.0.236/trunk@128926 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-06 00:27:52 +00:00
wtc%netscape.com
85ec3def26 Bugzilla bug 127062: use PR_MSG_PEEK instead of MSG_PEEK. 
git-svn-id: svn://10.0.0.236/trunk@120370 18797224-902f-48f8-a5cc-f745e15eee43
 2002-05-01 00:21:50 +00:00
nelsonb%netscape.com
cb2ed793b0 If an error occurs when attempting to write previously buffered data on 
a socket, do not override the error code with PR_WOULD_BLOCK_ERROR.
bug 132899.


git-svn-id: svn://10.0.0.236/trunk@117264 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-23 01:06:08 +00:00
nelsonb%netscape.com
76f9a42d49 1. the sslSecurityInfo and sslGather structs are now part of the sslSocket 
rather than being pointed to by the sslSocket.  This reduces the number
of malloc/free calls, and greatly reduces pointer fetches, and null
pointer checks.  sslGather and sslSecurityInfo are separately initialized.
2. SSL_ResetHandshake no longer deallocates and reallocates the sslSecurityInfo and all its subcomponents.
3. Many places that formerly did not check for memory allocation failures
now do check, and do the right thing when allocation failed.


git-svn-id: svn://10.0.0.236/trunk@115407 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-27 04:40:17 +00:00
wtc%netscape.com
52f5bfd019 Bugzilla bug 70217: ported NSS to BeOS. The patch is contributed by 
Christopher Seawood <seawood@netscape.com>.


git-svn-id: svn://10.0.0.236/trunk@115206 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-22 04:23:30 +00:00
nelsonb%netscape.com
076553af57 Implement new function SSL_LocalCertificate(). Bug 78959. 
git-svn-id: svn://10.0.0.236/trunk@107638 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-08 02:15:38 +00:00
nelsonb%netscape.com
c38ee88985 Implement new function SSL_GetChannelInfo(). Bugzilla bug 78959. 
git-svn-id: svn://10.0.0.236/trunk@103057 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-18 01:59:21 +00:00
nelsonb%netscape.com
3959edfa77 3 Changes: 
1. New SSL server session cache implementation that uses finer grained
locking to reduce lock contention, and does 128-way associative caching.
2. rename symbol SSL_SESSIONID_BYTES to SSL2_SESSIONID_BYTES.
3. Work around compiler bug on Solaris i386.
Modified Files:
    manifest.mn sslcon.c sslimpl.h sslsecur.c sslsnce.c


git-svn-id: svn://10.0.0.236/trunk@96768 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-09 03:18:09 +00:00
nelsonb%netscape.com
fca8e0742a Disable TCP Nagle delays on SSL sockets for NSS 3.3. Bug 67898. 
Modified Files:
	ssldef.c sslimpl.h sslsecur.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@94297 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-08 23:12:34 +00:00
nelsonb%netscape.com
5b276cd67e Fix a couple of memory leaks that occur in rare error paths. 
git-svn-id: svn://10.0.0.236/trunk@90938 18797224-902f-48f8-a5cc-f745e15eee43
 2001-03-31 02:49:59 +00:00
nelsonb%netscape.com
ad03c5b0d0 Fix bug in SSL_ResetHandshake introduced in last checkin. 
git-svn-id: svn://10.0.0.236/trunk@89856 18797224-902f-48f8-a5cc-f745e15eee43
 2001-03-20 00:39:02 +00:00