Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
218,460 Commits 3,986 Branches 0 Tags
Commit Graph

6357 Commits

Author SHA1 Message Date
wtc%google.com
f7f5728a6a Bug 838769 (second attempt): Disable the ECC cipher suites if we cannot 
send extensions, even if we support all the currently specified curves
(NSS_ECC_MORE_THAN_SUITE_B is set). r=agl,rrelyea.
Modified Files:
	ssl3con.c sslcon.c


git-svn-id: svn://10.0.0.236/trunk@264767 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-19 16:16:22 +00:00
wtc%google.com
4cf83d6235 Bug 838769: Run strsclnt with SSL2 enabled only when testing the six SSL2 
cipher suites.  r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264759 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-18 23:25:11 +00:00
wtc%google.com
86e2ad1f64 Bug 841664: Remove a reference to the obsolete libfreebl_32int_3.so for 
32-bit Solaris SPARC. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264758 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-18 21:30:39 +00:00
wtc%google.com
e4d4cb3f24 Bug 838769: back out the previous checkin. tests/memleak/memleak.sh runs 
strsclnt with SSL2 enabled, so I need to fix that first.
Modified Files:
	ssl3con.c sslcon.c


git-svn-id: svn://10.0.0.236/trunk@264747 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-16 15:09:14 +00:00
kaie%kuix.de
e2c12581e7 Bug 360420, fix Windows deadlock bustage, add missing html request to tstclnt invocation, r=bustage 
git-svn-id: svn://10.0.0.236/trunk@264746 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-16 14:48:46 +00:00
kaie%kuix.de
75e5d00b38 Bug 841883 - manpages+html for tools: fix dependency tracking, integrate into build system 
git-svn-id: svn://10.0.0.236/trunk@264745 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-16 14:24:35 +00:00
wtc%google.com
a02af31053 Bug 838769: Disable the ECC cipher suites if we cannot send extensions, 
even if we support all the currently specified curves
(NSS_ECC_MORE_THAN_SUITE_B is set). r=agl,rrelyea.
Modified Files:
	ssl3con.c sslcon.c


git-svn-id: svn://10.0.0.236/trunk@264744 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 20:27:53 +00:00
wtc%google.com
0411015ffd Bug 838769: Run the ECC SSL tests with SSL2 disabled and with TLS enabled 
because ECC cipher suites need the Supported Elliptic Curves Extension.
r=kaie.
Modified Files:
	sslcov.txt sslstress.txt


git-svn-id: svn://10.0.0.236/trunk@264743 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 20:22:59 +00:00
wtc%google.com
90f4680a9f Bug 834795: Fix Visual C++ compiler warnings about unary minus operator 
applied to unsigned type, by changing -r8_d to 0-r8_d. r=agl,rrelyea.


git-svn-id: svn://10.0.0.236/trunk@264742 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 19:18:45 +00:00
wtc%google.com
b909a112ed Bug 835091: Don't need to include <stdlib.h>. Declare internal functions as 
static. Remove a block of commented out code. r=ryan.sleevi.


git-svn-id: svn://10.0.0.236/trunk@264741 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 19:15:04 +00:00
wtc%google.com
b9d53cbdb1 Bug 341127: Fix the invalid read and write in rc4_wordconv. Use 
rc4_wordconv for x86 on all operating systems. r=ryan.sleevi.


git-svn-id: svn://10.0.0.236/trunk@264740 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 19:10:20 +00:00
wtc%google.com
3c415ffb6e Bug 840393: Improve error reporting. Fix a Visual C++ compiler warning on 
signed/unsigned comparison in RC4_InitContext. r=ryan.sleevi.


git-svn-id: svn://10.0.0.236/trunk@264739 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 19:07:15 +00:00
wtc%google.com
fbd507eeb7 Bug 841664: Drop (32-bit) SPARC V8 processor support on Solaris. r=kaie. 
Modified Files:
	coreconf/SunOS5.mk nss/lib/freebl/Makefile
	nss/lib/freebl/loader.c
Removed Files:
	nss/lib/freebl/mpi/mpv_sparcv8x.s


git-svn-id: svn://10.0.0.236/trunk@264738 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 18:48:42 +00:00
kaie%kuix.de
fd3579fa78 Bug 811331 / Bug 360420, add selfsigned OCSP stapling to selfserv, stapling support for strsclnt, run self-contained stapling tests, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264737 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:57:01 +00:00
kaie%kuix.de
6fe835fb35 Bug 811331 / Bug 360420, OCSP Stapling, TLS server side implementation; add ability to produce invalid OCSP responses for testing purposes, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264736 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:56:19 +00:00
kaie%kuix.de
7d2a505113 Bug 360420, OCSP Stapling, allow multiple status items, in an attempt to be prepared for future multi-stapling implementation. Introducing SECItemArray. r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264735 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:55:42 +00:00
kaie%kuix.de
80289d8043 Bug 700701 (as part of Bug 360420), Enhance tstclnt and ssltap to support OCSP stapling, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264734 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:54:57 +00:00
kaie%kuix.de
a555bc1567 Overlapping fixes for Bug 554369 and Bug 360420. OCSP caching fixes by Adam Langley, r=kaie; Cache injection of OCSP stapling data inside default auth code, by me, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264733 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:53:24 +00:00
kaie%kuix.de
96ed6ee6a5 Bug 360420, OCSP Stapling, TLS client side implementation, based on work by Adam Langley, with tweaks from me and bsmith. r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@264732 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:52:45 +00:00
kaie%kuix.de
617b1e3ada set version to 3.14.4 Beta 
git-svn-id: svn://10.0.0.236/trunk@264731 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-15 17:41:55 +00:00
wtc%google.com
9db9c86c00 Bug 822365: Document the <Hash>_EndRaw functions. Fix a typo in the comment 
for SHA1_EndRaw (16 -> 20). r=agl.


git-svn-id: svn://10.0.0.236/trunk@264722 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-14 21:20:46 +00:00
kaie%kuix.de
eb41fcd030 prepare version numbers for 3.14.3 RTM 
git-svn-id: svn://10.0.0.236/trunk@264721 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-14 19:16:14 +00:00
emaldona%redhat.com
1c5e560d1c Bug 840714 - certutil -a does not produce ASCII output, r=bsmith 
git-svn-id: svn://10.0.0.236/trunk@264719 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-13 19:42:45 +00:00
wtc%google.com
a8242cf63e Bug 822365: Document the constant-time MAC mechanisms. The patch is 
contributed by Adam Langley <agl@chromium.org>. r=wtc.


git-svn-id: svn://10.0.0.236/trunk@264718 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-12 22:33:53 +00:00
wtc%google.com
85bfa8f006 Bug 822365: change the include guard macro to match the file name. 
git-svn-id: svn://10.0.0.236/trunk@264715 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-11 03:41:00 +00:00
kaie%kuix.de
2db34da325 Bug 839109 - Fix TLS version in NSS tests, patch by Wan-Teh Chang, r=kaie 
git-svn-id: svn://10.0.0.236/trunk@264707 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-07 16:47:44 +00:00
wtc%google.com
8a751853e5 Bug 822365: Rename the hashAlg field of CK_NSS_MAC_CONSTANT_TIME_PARAMS to 
macAlg because it is a PKCS #11 MAC mechanism. r=rrelyea.
Modified Files:
	lib/softoken/sftkhmac.c lib/ssl/ssl3con.c lib/util/pkcs11n.h


git-svn-id: svn://10.0.0.236/trunk@264704 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-07 01:29:19 +00:00
wtc%google.com
513b1dbdff Bug 822365: Remove a redundant null pointer check in the 
CKM_NSS_HMAC_CONSTANT_TIME case in NSC_SignInit. r=rrelyea.


git-svn-id: svn://10.0.0.236/trunk@264703 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-07 01:13:13 +00:00
wtc%google.com
746d3ccf9a Bug 822365: Fix a typo ("my" -> "may"). r=rrelyea. 
git-svn-id: svn://10.0.0.236/trunk@264702 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-07 01:11:00 +00:00
wtc%google.com
ab90f378a9 Bug 822365: PKCS #11 naming convention and NSS coding style fixes for the 
constant-time CBC decoding code. r=rrelyea.
Modified Files:
	lib/freebl/hmacct.c lib/freebl/loader.c lib/freebl/md5.c
	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
	lib/softoken/sftkhmac.c lib/ssl/ssl3con.c lib/util/pkcs11n.h


git-svn-id: svn://10.0.0.236/trunk@264701 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 22:20:23 +00:00
kaie%kuix.de
3d844d348b Bug 822365, Fix ppc64 endianness bug, patch by wtc, r=kaie 
git-svn-id: svn://10.0.0.236/trunk@264700 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 21:50:06 +00:00
kaie%kuix.de
ccbdbba908 Bug 822365, Fix compilation error on OSX PowerPC 32bit, TBR=wtc 
git-svn-id: svn://10.0.0.236/trunk@264699 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 11:38:05 +00:00
wtc%google.com
cbba4dc22e Bug 822365: do not shift an unsigned int for more than 32 bits. TBR=agl 
git-svn-id: svn://10.0.0.236/trunk@264698 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 04:00:05 +00:00
wtc%google.com
3b12df05a6 Bug 822365: the version for PK11_SignWithSymKey should be NSS_3.14.3. 
git-svn-id: svn://10.0.0.236/trunk@264697 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 02:05:10 +00:00
wtc%google.com
8d05987658 Bug 822365: Fix the constant-time versions of HMAC-MD5 and SSLv3 MD5 MAC. 
Remove the workaround from ssl3_ComputeRecordMACConstantTime. The patch is
contributed by Adam Langley <agl@chromium.org>. r=rrelyea,wtc.
Modified Files:
	lib/freebl/hmacct.c lib/softoken/sftkhmac.c lib/ssl/ssl3con.c


git-svn-id: svn://10.0.0.236/trunk@264696 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 02:02:38 +00:00
wtc%google.com
7eff1e6fbf Bug 822365: SHA512_EndRaw and SHA256_EndRaw need a local variable named t1 
for the BYTESWAP4 and BYTESWAP8 macros in certain build configurations.
TBR=kaie.


git-svn-id: svn://10.0.0.236/trunk@264695 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-06 00:41:13 +00:00
wtc%google.com
7aa47e4fd0 Bug 822365: the SHA_HTONL macro (used by the SHA_STORE_RESULT macro) needs 
a local variable named 'tmp' in some build configurations. Undefine 'tmp'
as 'lenB' at the end of SHA1_End. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264694 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-05 23:46:39 +00:00
wtc%google.com
3e09cf75c5 Bug 822365: declare variables at the beginning of a block to fix MSVC 
compilation errors. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264693 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-05 23:44:03 +00:00
wtc%google.com
f7ff05a366 Bug 822365: Make CBC decoding constant time. This patch makes the decoding 
of SSLv3 and TLS CBC records constant time. Without this, a timing side
channel can be used to build a padding oracle and mount Vaudenay's attack.
The patch is contributed by Adam Langley <agl@chromium.org>.
r=rrelyea,ryan.sleevi.
Modified Files:
	lib/freebl/blapi.h lib/freebl/ldvector.c lib/freebl/loader.c
	lib/freebl/loader.h lib/freebl/manifest.mn lib/freebl/md5.c
	lib/freebl/rawhash.c lib/freebl/sha512.c lib/freebl/sha_fast.c
	lib/freebl/sha_fast.h lib/nss/nss.def lib/pk11wrap/pk11obj.c
	lib/pk11wrap/pk11pub.h lib/softoken/manifest.mn
	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
	lib/softoken/pkcs11i.h lib/ssl/ssl3con.c lib/util/hasht.h
	lib/util/pkcs11n.h
Added Files:
	lib/freebl/hmacct.c lib/freebl/hmacct.h
	lib/softoken/sftkhmac.c


git-svn-id: svn://10.0.0.236/trunk@264692 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-05 18:10:46 +00:00
ryan.sleevi%gmail.com
15e5148cca Bug 158747: Add support for RSA-OAEP to softoken, but do not enable it yet, 
pending unit tests. r=wtc


git-svn-id: svn://10.0.0.236/trunk@264691 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-05 02:19:52 +00:00
kaie%kuix.de
a9707a9b4e Bug 837799 - Allow building of NSS against older sqlite, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@264690 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-04 19:58:20 +00:00
wtc%google.com
e4f6637724 Bug 836562: Use Horner's rule to calculate the elliptic curve polynomial in 
ec_GFp_validate_point. r=agl.


git-svn-id: svn://10.0.0.236/trunk@264686 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-01 03:42:09 +00:00
kaie%kuix.de
60c48788b9 Setting version to 3.14.3 Beta 
git-svn-id: svn://10.0.0.236/trunk@264685 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-31 22:59:44 +00:00
kaie%kuix.de
80e6de1147 Set version to NSS 3.14.2 RTM 
git-svn-id: svn://10.0.0.236/trunk@264683 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-31 22:47:09 +00:00
rrelyea%redhat.com
1d55f394aa Update/Add license headers. 
git-svn-id: svn://10.0.0.236/trunk@264682 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-31 19:30:42 +00:00
wtc%google.com
51ffd7cde5 Bug 835293: on Linux x86_64, don't use the assembler flag -march=opteron 
because some of the instructions in intel-gcm.s (such as vmovdqu, vpshufb,
vpclmulqdq, vpxor) are not supported on opteron. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264680 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-31 01:08:59 +00:00
kaie%kuix.de
23a1ce1bd1 Bug 835486, Provide documentation for NSS tools (both as HTML and Unix-style man-pages format). Documentation has been authored by Deon Lackey and Elio Maldonado. 
r=kaie for the code related to this checkin and for adding this work-in-progress documentation in general
r=emaldona for approving to get this added to NSS


git-svn-id: svn://10.0.0.236/trunk@264677 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-30 21:45:51 +00:00
wtc%google.com
b708cc55e6 Bug 805604: use target-specific variable values to add an extra compiler or 
assembler flag to just one source file. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264676 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-30 19:52:20 +00:00
wtc%google.com
5a717b19ac Bug 805604 and bug 835050: don't use Clang's integrated assembler because 
it cannot handle how intel-gcm.s uses the .set directive to refer to
registers by symbolic names. r=kaie.


git-svn-id: svn://10.0.0.236/trunk@264667 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-27 00:34:35 +00:00
rrelyea%redhat.com
e36074b00e Bug 373108 Test cases for CTS and GCM 
git-svn-id: svn://10.0.0.236/trunk@264666 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-25 18:10:55 +00:00