Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
216,607 Commits 3,986 Branches 0 Tags
Commit Graph

82 Commits

Author SHA1 Message Date
kaie%kuix.de
6c980c7018 Bug 726315, followup from bug 542832, Patch contributed by Brian Smith, r=kaie 
git-svn-id: svn://10.0.0.236/trunk@263415 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-15 21:52:08 +00:00
kaie%kuix.de
24031fa098 Bug 542832 - SSL_RestartHandshakeAfterServerCert is broken, patch by Brian Smith, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263387 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-11 13:20:53 +00:00
bsmith%mozilla.com
24363aa2e6 Bug 651523: Remove step-up code, v4, removing EXPORT_VERSION build option, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263080 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-17 00:20:22 +00:00
kaie%kuix.de
51ddd562f1 Fix Tinderbox bustage, backout all patches from 2011-11-11 
git-svn-id: svn://10.0.0.236/trunk@263077 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-16 19:12:36 +00:00
bsmith%mozilla.com
7a0edbfd6a Bug 651523 - Remove SSL step-up code from libssl and remove step-up extended key usage support, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263066 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-11 18:47:20 +00:00
bsmith%mozilla.com
c73410f580 Bug 547312: Next protocol negotiation support (minor fixes), r=agl 
git-svn-id: svn://10.0.0.236/trunk@263063 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-08 22:12:05 +00:00
bsmith%mozilla.com
0601ca68ad Bug 547312: Implement client-side support for NPN; original patch by agl r=wtc; changes by bsmith r=agl 
git-svn-id: svn://10.0.0.236/trunk@263024 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-29 00:29:11 +00:00
emaldona%redhat.com
f364be9f97 Bug 691997 Code cleanup for Bug 172051 - All localizable error messages for NSS error codes, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@263003 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-22 16:45:40 +00:00
wtc%google.com
eeafd4b2de Bug 593080: change the default of the SSL_ENABLE_SSL2 and 
SSL_V2_COMPATIBLE_HELLO options to PR_FALSE.  r=rrelyea.
Modified Files:
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h
	lib/ssl/sslsock.c


git-svn-id: svn://10.0.0.236/trunk@262964 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-06 22:42:34 +00:00
bsmith%mozilla.com
2e2793892a Bug 665814: Prevent chosen plaintext attacks on SSL 3.0 and TLS 1.0 connections, r=wtc, sr=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@262945 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-01 03:59:54 +00:00
emaldona%redhat.com
44f2e32775 Fix Bug 6172051 - Add localizable error messages for NSS error codes, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@262711 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-17 14:41:48 +00:00
wtc%google.com
dac9adf2e2 Bug 668001: Make SSL_OptionSetDefault and SSL_OptionGetDefault inspect 
environment.  The patch is written by Brian Smith <bsmith@mozilla.com>.
r=nelson,wtc.


git-svn-id: svn://10.0.0.236/trunk@262534 18797224-902f-48f8-a5cc-f745e15eee43
 2011-07-26 14:37:55 +00:00
alexei.volkov.bugs%sun.com
53b2f21efc 631986 - SSL_ReconfigFD tries to access elements of a null pointer. r=alexei, rrelyea. The patch provided by Meena Vyas 
git-svn-id: svn://10.0.0.236/trunk@262036 18797224-902f-48f8-a5cc-f745e15eee43
 2011-03-11 17:48:28 +00:00
nelson%bolyard.com
82ffdf2e33 Bug 606209 ssl_PushIOLayer does not handle failure from PR_CallOnce 
Patch contributed by timeless@mozdev.org, r=nelson


git-svn-id: svn://10.0.0.236/trunk@261757 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-15 19:58:41 +00:00
wtc%google.com
1e99b8cb20 Bug 525092: Support TLS false start. The patch is contributed by Adam 
Langley of Google <agl@chromium.org>.  r=wtc.
Modified Files:
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h
	lib/ssl/ssl3con.c lib/ssl/ssl3gthr.c lib/ssl/sslimpl.h
	lib/ssl/sslsecur.c lib/ssl/sslsock.c tests/ssl/sslstress.txt


git-svn-id: svn://10.0.0.236/trunk@260919 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-30 03:00:17 +00:00
nelson%bolyard.com
25cae7d289 Bug 506041: Correct misspellings in source code comments 
Patch contributed by Michael Kohler <michaelkohler@live.com>, r=nelson


git-svn-id: svn://10.0.0.236/trunk@260229 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-25 23:37:40 +00:00
alexei.volkov.bugs%sun.com
9ac9e59801 537356 - Implement new safe SSL3 & TLS renegotiation. Change renegotiation default to be SSL_RENEGOTIATE_REQUIRES_XTN. r=wtc. 
git-svn-id: svn://10.0.0.236/trunk@259821 18797224-902f-48f8-a5cc-f745e15eee43
 2010-02-26 20:44:54 +00:00
wtc%google.com
88282f31d8 Bug 537356: Redefine SSL_RENEGOTIATE_CLIENT_ONLY as 
SSL_RENEGOTIATE_TRANSITIONAL, changing its meaning for server sockets,  and
make it the default.  r=rrelyea.
Modified Files:
	ssl.h ssl3con.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@259722 18797224-902f-48f8-a5cc-f745e15eee43
 2010-02-17 02:29:08 +00:00
nelson%bolyard.com
0bc55de11a Bug 537356: Implement new safe SSL3 & TLS renegotiation, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@259500 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-28 06:19:13 +00:00
wtc%google.com
66dfd7adba Bug 536474: Add support for logging pre-master secrets. The patch is 
contributed by Adam Langley <agl@chromium.org>.  r=nelson,wtc.
Modified Files:
	ssl3con.c sslimpl.h sslsock.c


git-svn-id: svn://10.0.0.236/trunk@259455 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-22 03:47:42 +00:00
alexei.volkov.bugs%sun.com
9cbdff6813 additional fix for bug 360421 - Implement TLS Server Name Indication for servers. 
git-svn-id: svn://10.0.0.236/trunk@259404 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-15 01:49:34 +00:00
alexei.volkov.bugs%sun.com
d26b36b737 360421 - Implement TLS Server Name Indication for servers. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@259396 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-14 22:15:26 +00:00
wtc%google.com
d73ba345fb Bug 530907: The peerID argument to SSL_SetSockPeerID should be declared 
const.  Removed an unnecessary PR_CALLBACK qualifier.  r=nelson.


git-svn-id: svn://10.0.0.236/trunk@259084 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-25 05:24:25 +00:00
nelson%bolyard.com
089608da06 Bug 526689: (CVE-2009-3555) SSL3 & TLS Renegotiation Vulnerability 
Disable SSL 3.x renegotiation by default.  Add new options to re-enable.
r=wtc,rrelyea


git-svn-id: svn://10.0.0.236/trunk@258888 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-06 20:11:29 +00:00
wtc%google.com
7904b372b3 Bug 275744: Implement TLS compression RFC 3749. Add the SSL_ENABLE_DEFLATE 
SSL option and the -z command-line option for tstclnt, strsclnt, and
selfserv for enabling the DEFLATE compression method.  The patch is
contributed by Adam Langley <agl@chromium.org> of Google.  r=nelson.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c lib/ssl/Makefile lib/ssl/ssl.h
	lib/ssl/ssl3con.c lib/ssl/ssl3prot.h lib/ssl/sslerr.h
	lib/ssl/sslimpl.h lib/ssl/sslsock.c


git-svn-id: svn://10.0.0.236/trunk@258862 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-04 17:19:25 +00:00
nelson%bolyard.com
18113d7a39 Bug 486999: Calling SSL_SetSockPeerID a second time leaks the previous value 
r=rrelyea


git-svn-id: svn://10.0.0.236/trunk@256861 18797224-902f-48f8-a5cc-f745e15eee43
 2009-04-09 01:46:22 +00:00
nelson%bolyard.com
3bf81e175c Bug 453234: Support for SEED Cipher Suites to TLS RFC 4010 
patch by Yeonjung Kang <kang.yeonjung@gmail.com>, r=nelson


git-svn-id: svn://10.0.0.236/trunk@255547 18797224-902f-48f8-a5cc-f745e15eee43
 2008-12-17 06:09:22 +00:00
wtc%google.com
6289ace530 Bug 403563: implement the TLS session ticket extension (rfc4507bis). The 
patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>.  A
small portion (PKCS #11 code and tests) was written by Wan-Teh Chang
<wtc@google.com>.  r=nelson,wtc
Modified Files:
	cmd/lib/SSLerrs.h cmd/selfserv/selfserv.c
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
	lib/ssl/manifest.mn lib/ssl/ssl.h lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslerr.h
	lib/ssl/sslimpl.h lib/ssl/sslnonce.c lib/ssl/sslsnce.c
	lib/ssl/sslsock.c lib/ssl/sslt.h tests/ssl/sslstress.txt
Added Files:
	lib/ssl/ssl3ext.c


git-svn-id: svn://10.0.0.236/trunk@247232 18797224-902f-48f8-a5cc-f745e15eee43
 2008-03-06 20:16:24 +00:00
nelson%bolyard.com
31b2141cf5 Bug 394271 - two public SSL functions require PRFD* to point to SSL layer 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233531 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:53:52 +00:00
nelson%bolyard.com
641a71d017 Bug 394202 - ssl_GetPrivate can corrupt non-SSL private structures 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233530 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:49:47 +00:00
rrelyea%redhat.com
5e97cf8097 Add Camilla cipher suites TLS RFC4132 bug 361025 
code supplied by okazaki@kick.gr.jp


git-svn-id: svn://10.0.0.236/trunk@221086 18797224-902f-48f8-a5cc-f745e15eee43
 2007-02-28 19:47:40 +00:00
nelson%bolyard.com
5b3a170bba Bug 366803 - Improve SSL tracing, make it work in browsers, to help with 
debugging bug 356470.  r=neil.williams,alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@219222 18797224-902f-48f8-a5cc-f745e15eee43
 2007-01-31 04:20:26 +00:00
julien.pierre.bugs%sun.com
a030f3283d Fix for bug 115951 . Separate BL_Cleanup and BL_Unload . r=wtchang,nelson 
git-svn-id: svn://10.0.0.236/trunk@213017 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-02 21:17:59 +00:00
julien.pierre.bugs%sun.com
50720ed113 Fix for bug 115951 . Unload freebl dynamic library . Also fix tiny one-time leak of library name . r=nelson,wtchang 
git-svn-id: svn://10.0.0.236/trunk@212769 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-28 00:40:55 +00:00
nelson%bolyard.com
d201e5eca4 Correct the amount returned by ssl_Writev for short writes on non-blocking 
sockets.  Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson


git-svn-id: svn://10.0.0.236/trunk@197897 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-18 01:10:21 +00:00
rrelyea%redhat.com
3df0eb0674 From Bug 331279. 
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei


git-svn-id: svn://10.0.0.236/trunk@193280 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-30 21:07:22 +00:00
wtchang%redhat.com
9a9352d0f2 Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and 
PR_EmulateSendFile added in NSPR 4.1.  r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c


git-svn-id: svn://10.0.0.236/trunk@187784 18797224-902f-48f8-a5cc-f745e15eee43
 2006-01-18 23:06:57 +00:00
wtchang%redhat.com
67e2b4967d Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12 
plus upcoming revisions.  The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
	lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
	lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
	tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
	tests/ssl/ssl.sh


git-svn-id: svn://10.0.0.236/trunk@186032 18797224-902f-48f8-a5cc-f745e15eee43
 2005-12-14 01:49:40 +00:00
nelsonb%netscape.com
27841c7a9e Restore binary compatilibity for old Fortezza cipher suites. 
Bug 316640. r-glen.beasley


git-svn-id: svn://10.0.0.236/trunk@184876 18797224-902f-48f8-a5cc-f745e15eee43
 2005-11-18 01:21:22 +00:00
nelsonb%netscape.com
e5258a5137 Eliminate environment variable SSLNOLOCKS, add environment variable 
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@180840 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-23 01:04:32 +00:00
julien.pierre.bugs%sun.com
b35f511ca1 Fix hoarked build from previous checkin. Doh. 
git-svn-id: svn://10.0.0.236/trunk@180439 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-16 21:28:20 +00:00
julien.pierre.bugs%sun.com
219677d209 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 
git-svn-id: svn://10.0.0.236/trunk@180433 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-16 20:33:09 +00:00
nelsonb%netscape.com
3a10973679 Fix regression introduced in last checkin. If the caller disables the 
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack.  bug 305147. r=julien.pierre


git-svn-id: svn://10.0.0.236/trunk@179937 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-10 01:18:40 +00:00
nelsonb%netscape.com
66cf75f421 Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS. 
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c.  derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
    ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
    ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
    ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c


git-svn-id: svn://10.0.0.236/trunk@179892 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
00749853c3 Remove fortezza code from libSSL and from the SSL test programs. 
Stop building fortezza's special software token, and fortezza specific
test programs.   Bug 239960. r=rrelyea.
Modified Files:
    cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
    cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
    cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
    cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
    cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
    lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
    lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
    lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
    lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
    lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
    lib/ssl/sslt.h


git-svn-id: svn://10.0.0.236/trunk@177810 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-16 03:42:26 +00:00
nelsonb%netscape.com
663db84c36 Back out the preceeding fortezza removal patch, which was accidentally 
applied to the trunk, not to the intended branch.


git-svn-id: svn://10.0.0.236/trunk@171823 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
b62572db42 Remove fortezza support from libSSL and related commands. Bug 239960. 
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@171820 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-06 19:43:19 +00:00
nelsonb%netscape.com
0137ccc6f8 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre. 
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@171630 18797224-902f-48f8-a5cc-f745e15eee43
 2005-04-05 03:48:20 +00:00
jpierre%netscape.com
bc5774d577 Fix for 242984 - crash with application having incomplete PRIOMethods. r=nelsonb,wtc 
git-svn-id: svn://10.0.0.236/trunk@156222 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-11 03:48:25 +00:00
gerv%gerv.net
62b0f34e77 Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines. 
git-svn-id: svn://10.0.0.236/trunk@155606 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-27 23:04:40 +00:00