1) 3.4 needs to bump the version numbers up by one on secmod.db from NSS 3.3
2) Need to add escapes to the configdirectory. (should add them to other parameters as well.
3) put exported files back into the correct headers.
4) Add _BEGIN/_END protos where appropriate.
git-svn-id: svn://10.0.0.236/trunk@108481 18797224-902f-48f8-a5cc-f745e15eee43
from lib/util to lib/freebl, move the RNG header file there, too.
Eliminate secrngt.h, which has been empty (except for the license
boilerplate) for many releases.
git-svn-id: svn://10.0.0.236/trunk@108144 18797224-902f-48f8-a5cc-f745e15eee43
1) Make pkcs12 pbe function.
2) add code to allow setting and getting of the key nickname attribute.
git-svn-id: svn://10.0.0.236/trunk@107656 18797224-902f-48f8-a5cc-f745e15eee43
remove lots of depricated files.
move some files to appropriate directories (pcertdb *_rand
associated headers to soft token, for instance)
rename several stan files which had the same name as other nss files.
remove depricated functions.
git-svn-id: svn://10.0.0.236/trunk@107628 18797224-902f-48f8-a5cc-f745e15eee43
from one token to another will no longer crash. Instead, it will fail
with the new error code SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY. Bug 97887.
In addition, DHE key pairs are now generated with CKA_SENSITIVE false.
git-svn-id: svn://10.0.0.236/trunk@102373 18797224-902f-48f8-a5cc-f745e15eee43
This fixes a problem with encoding optional octet strings. The code
previously took a NULL SECItem that was not streaming and interpreted
that data.
XXX This may cause trouble when we try to encode large
S/MIME messages that may require streaming.
git-svn-id: svn://10.0.0.236/trunk@100120 18797224-902f-48f8-a5cc-f745e15eee43
The new PORTArenaPool struct, an extended PLAreanaPool, is used in place
of PLArenaPools.
git-svn-id: svn://10.0.0.236/trunk@90286 18797224-902f-48f8-a5cc-f745e15eee43
predefined macro __linux as __linux is not defined by some compilers.
Thanks to jsmith@penguinppc.org for the bug report and a suggested fix.
git-svn-id: svn://10.0.0.236/trunk@85697 18797224-902f-48f8-a5cc-f745e15eee43
environment. NSS has no control over which of these environments will
be inherited by any child processes, so when NSS modifies or adds an
environment variable, it needs to do so to both environments.
This fixes bugzilla bug 66615. Reviewed by wtc.
git-svn-id: svn://10.0.0.236/trunk@85551 18797224-902f-48f8-a5cc-f745e15eee43
The same values that the compiler would assign are assigned, with only
one exception (cmmfNoPKIStatus in cmmft.h). This is patch id=22555,
reviewed by Nelson Bolyard.
git-svn-id: svn://10.0.0.236/trunk@85087 18797224-902f-48f8-a5cc-f745e15eee43
address of an external variable that comes from another DLL.
This is a fundamental difference between WIN32 DLLs and Unix DSOs.
So, for every SEC_ASN1Template inside of libnss3 that is referenced by
other templates outside of libnss3, a new "chooser" function was created
that returns the address of that template. For WIN32, the templates
outside of libnss3 access libnss3's templates by the chooser function
rather than by direct reference. Some simple macros allow Unix to
continue to use direct references, avoiding the extra function calls.
With these changes, all.sh (qa script) passes all tests on NT with DLLs.
Modified Files:
cmd/checkcert/checkcert.c cmd/lib/secutil.c lib/asn1/asn1t.h
lib/certdb/certdb.c lib/certdb/certt.h lib/certdb/crl.c
lib/certhigh/certreq.c lib/crmf/asn1cmn.c lib/crmf/crmfcont.c
lib/crmf/crmftmpl.c lib/cryptohi/secsign.c lib/nss/nss.def
lib/pkcs12/p12local.c lib/pkcs12/p12tmpl.c
lib/pkcs7/certread.c lib/pkcs7/p7decode.c lib/pkcs7/p7local.c
lib/smime/cmsasn1.c lib/smime/cmsattr.c lib/smime/cmspubkey.c
lib/smime/cmssigdata.c lib/smime/smimeutil.c
lib/softoken/keydb.c lib/softoken/keydbt.h lib/util/secalgid.c
lib/util/secasn1.h lib/util/secasn1d.c lib/util/secasn1t.h
lib/util/secasn1u.c lib/util/secdig.c lib/util/secdig.h
lib/util/secoid.h
git-svn-id: svn://10.0.0.236/trunk@84523 18797224-902f-48f8-a5cc-f745e15eee43
duplicate the functions in lib/util/pqgutil.c. Also, the functions in
pqgutil correctly handle the case where the Params or Verify was
constructed without an arena (a fact which is now more obvious when
reading the code there).
git-svn-id: svn://10.0.0.236/trunk@78320 18797224-902f-48f8-a5cc-f745e15eee43
the root OID in RFC1274 - so the one we had was WRONG.
I don't know where it came from.
git-svn-id: svn://10.0.0.236/trunk@72664 18797224-902f-48f8-a5cc-f745e15eee43
When encoding indefinitely & encountering an optional field at the end of
a sequence, right after an IMPLICIT or POINTER template, the decoder
was not propagating the optionalness and the end-of-contents condition
correctly as it hits the end-of-contents octets instead of the optional
field. This is because IMPLICIT and POINTER push TWO states to look
for the next tag, not just one.
(The first state is "afterImplicit" or "afterPointer", the second one
starts with "beforeIdentifier" as usual).
This finally makes decoding envelopedData messages in cmsutil work.
git-svn-id: svn://10.0.0.236/trunk@72653 18797224-902f-48f8-a5cc-f745e15eee43
