Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
217,232 Commits 3,986 Branches 0 Tags
Commit Graph

94 Commits

Author SHA1 Message Date
wtc%google.com
e34d846f91 Bug 681065: Replace hardcoded ssl_variant_stream with ss->protocolVariant. 
r=ekr.
Modified Files:
	ssl3con.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@264231 18797224-902f-48f8-a5cc-f745e15eee43
 2012-09-21 00:24:53 +00:00
wtc%google.com
455441c0ab Bug 764649: Declare ssl_DupSocket as static because it is only used in 
sslsock.c.  r=emaldona.
Modified Files:
	sslimpl.h sslsock.c


git-svn-id: svn://10.0.0.236/trunk@263946 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-14 19:03:29 +00:00
wtc%google.com
59a2cacd1c Bug 762763: Update the SSL trace message and the comment in the SSL key log 
file. The patch is contributed by Adam Langley <agl@chromium.org>.  r=wtc.


git-svn-id: svn://10.0.0.236/trunk@263929 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-12 00:29:34 +00:00
emaldona%redhat.com
aec522fd6a Bug 745281 - Provide the option of disabling SSL PKCS #11 bypass at build time, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@263927 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-11 02:38:30 +00:00
wtc%google.com
e12e542966 Bug 762763: Export SSL key logging in normal builds. Move SSL key logging 
out from behind the TRACE and DEBUG defines and add a new CLIENT_RANDOM
format to support ECDHE-RSA key agreement (and others). The patch is
contributed by Adam Langley <agl@chromium.org>.  r=wtc.
Modified Files:
	ssl3con.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@263919 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-08 02:59:44 +00:00
wtc%google.com
678de9d175 Bug 737178: Implement RFC 5764 (DTLS-SRTP). Add the SSL_SetSRTPCiphers and 
SSL_GetSRTPCipher functions.  The patch is contributed by Eric Rescorla
<ekr@rtfm.com>.  r=wtc,rsleevi.
Modified Files:
	ssl.h ssl3ext.c sslimpl.h sslproto.h sslsock.c sslt.h


git-svn-id: svn://10.0.0.236/trunk@263911 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-07 02:06:19 +00:00
gerv%gerv.net
f465fa7d7e Bug 716563 - update license to MPL 2. r=rrelyea. 
git-svn-id: svn://10.0.0.236/trunk@263750 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-25 14:50:19 +00:00
wtc%google.com
39e8820abe Bug 681065: Implement DTLS (Datagram TLS) 1.0. The patch is contributed by 
Eric Rescorla <ekr@rtfm.com>.  r=wtc.
Modified Files:
	SSLerrs.h derive.c manifest.mn ssl.def ssl.h ssl3con.c
	ssl3gthr.c ssl3prot.h sslcon.c ssldef.c sslerr.h sslgathr.c
	sslimpl.h sslproto.h sslsecur.c sslsock.c sslt.h
Added Files:
	dtls1con.c


git-svn-id: svn://10.0.0.236/trunk@263637 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-04 03:37:07 +00:00
wtc%google.com
ca681fddad Bug 571722: merge with the "Implement SSL Version Range API [v5]" patch by 
Brian Smith <bsmith@mozilla.com>.  Comment changes only.  Export
SSL_VersionRangeGetDefault, SSL_VersionRangeGetSupported, and
SSL_VersionRangeSetDefault.  r=wtc.
Modified Files:
	ssl.def ssl.h ssl3con.c sslcon.c sslimpl.h sslsock.c


git-svn-id: svn://10.0.0.236/trunk@263579 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-18 00:31:20 +00:00
wtc%google.com
e32a1aeb5a Bug 571722: add the SSLProtocolVariant enum type to indicate the byte 
stream and datagram variants of SSL/TLS.  Add an SSLProtocolVariant
argument to the version range functions that don't take an fd.  The patch
is written by Brian Smith <bsmith@mozilla.com> and Eric Rescorla
<ekr@rtfm.com>.  r=wtc.
Modified Files:
	ssl.h ssl3con.c sslimpl.h sslsock.c sslt.h


git-svn-id: svn://10.0.0.236/trunk@263575 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-16 01:23:55 +00:00
wtc%google.com
bb548cd810 Bug 734534: Fix a buffer length bug and nits in the next protocol 
negotiation (NPN) functions.  r=agl.
Modified Files:
	ssl3ext.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@263560 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-12 19:14:12 +00:00
wtc%google.com
c40d150f71 Bug 571722: Implement SSL Version Range API. The patch is written by 
Brian Smith <bsmith@mozilla.com>.  r=wtc.
Modified Files:
	SSLerrs.h ssl.def ssl.h ssl3con.c sslcon.c sslerr.h sslgathr.c
	sslimpl.h sslproto.h sslsock.c sslt.h


git-svn-id: svn://10.0.0.236/trunk@263554 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-11 04:32:35 +00:00
kaie%kuix.de
6c980c7018 Bug 726315, followup from bug 542832, Patch contributed by Brian Smith, r=kaie 
git-svn-id: svn://10.0.0.236/trunk@263415 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-15 21:52:08 +00:00
kaie%kuix.de
24031fa098 Bug 542832 - SSL_RestartHandshakeAfterServerCert is broken, patch by Brian Smith, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263387 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-11 13:20:53 +00:00
bsmith%mozilla.com
24363aa2e6 Bug 651523: Remove step-up code, v4, removing EXPORT_VERSION build option, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263080 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-17 00:20:22 +00:00
kaie%kuix.de
51ddd562f1 Fix Tinderbox bustage, backout all patches from 2011-11-11 
git-svn-id: svn://10.0.0.236/trunk@263077 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-16 19:12:36 +00:00
bsmith%mozilla.com
7a0edbfd6a Bug 651523 - Remove SSL step-up code from libssl and remove step-up extended key usage support, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@263066 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-11 18:47:20 +00:00
bsmith%mozilla.com
c73410f580 Bug 547312: Next protocol negotiation support (minor fixes), r=agl 
git-svn-id: svn://10.0.0.236/trunk@263063 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-08 22:12:05 +00:00
bsmith%mozilla.com
0601ca68ad Bug 547312: Implement client-side support for NPN; original patch by agl r=wtc; changes by bsmith r=agl 
git-svn-id: svn://10.0.0.236/trunk@263024 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-29 00:29:11 +00:00
emaldona%redhat.com
f364be9f97 Bug 691997 Code cleanup for Bug 172051 - All localizable error messages for NSS error codes, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@263003 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-22 16:45:40 +00:00
wtc%google.com
eeafd4b2de Bug 593080: change the default of the SSL_ENABLE_SSL2 and 
SSL_V2_COMPATIBLE_HELLO options to PR_FALSE.  r=rrelyea.
Modified Files:
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h
	lib/ssl/sslsock.c


git-svn-id: svn://10.0.0.236/trunk@262964 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-06 22:42:34 +00:00
bsmith%mozilla.com
2e2793892a Bug 665814: Prevent chosen plaintext attacks on SSL 3.0 and TLS 1.0 connections, r=wtc, sr=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@262945 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-01 03:59:54 +00:00
emaldona%redhat.com
44f2e32775 Fix Bug 6172051 - Add localizable error messages for NSS error codes, r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@262711 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-17 14:41:48 +00:00
wtc%google.com
dac9adf2e2 Bug 668001: Make SSL_OptionSetDefault and SSL_OptionGetDefault inspect 
environment.  The patch is written by Brian Smith <bsmith@mozilla.com>.
r=nelson,wtc.


git-svn-id: svn://10.0.0.236/trunk@262534 18797224-902f-48f8-a5cc-f745e15eee43
 2011-07-26 14:37:55 +00:00
alexei.volkov.bugs%sun.com
53b2f21efc 631986 - SSL_ReconfigFD tries to access elements of a null pointer. r=alexei, rrelyea. The patch provided by Meena Vyas 
git-svn-id: svn://10.0.0.236/trunk@262036 18797224-902f-48f8-a5cc-f745e15eee43
 2011-03-11 17:48:28 +00:00
nelson%bolyard.com
82ffdf2e33 Bug 606209 ssl_PushIOLayer does not handle failure from PR_CallOnce 
Patch contributed by timeless@mozdev.org, r=nelson


git-svn-id: svn://10.0.0.236/trunk@261757 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-15 19:58:41 +00:00
wtc%google.com
1e99b8cb20 Bug 525092: Support TLS false start. The patch is contributed by Adam 
Langley of Google <agl@chromium.org>.  r=wtc.
Modified Files:
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h
	lib/ssl/ssl3con.c lib/ssl/ssl3gthr.c lib/ssl/sslimpl.h
	lib/ssl/sslsecur.c lib/ssl/sslsock.c tests/ssl/sslstress.txt


git-svn-id: svn://10.0.0.236/trunk@260919 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-30 03:00:17 +00:00
nelson%bolyard.com
25cae7d289 Bug 506041: Correct misspellings in source code comments 
Patch contributed by Michael Kohler <michaelkohler@live.com>, r=nelson


git-svn-id: svn://10.0.0.236/trunk@260229 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-25 23:37:40 +00:00
alexei.volkov.bugs%sun.com
9ac9e59801 537356 - Implement new safe SSL3 & TLS renegotiation. Change renegotiation default to be SSL_RENEGOTIATE_REQUIRES_XTN. r=wtc. 
git-svn-id: svn://10.0.0.236/trunk@259821 18797224-902f-48f8-a5cc-f745e15eee43
 2010-02-26 20:44:54 +00:00
wtc%google.com
88282f31d8 Bug 537356: Redefine SSL_RENEGOTIATE_CLIENT_ONLY as 
SSL_RENEGOTIATE_TRANSITIONAL, changing its meaning for server sockets,  and
make it the default.  r=rrelyea.
Modified Files:
	ssl.h ssl3con.c sslsock.c


git-svn-id: svn://10.0.0.236/trunk@259722 18797224-902f-48f8-a5cc-f745e15eee43
 2010-02-17 02:29:08 +00:00
nelson%bolyard.com
0bc55de11a Bug 537356: Implement new safe SSL3 & TLS renegotiation, r=wtc 
git-svn-id: svn://10.0.0.236/trunk@259500 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-28 06:19:13 +00:00
wtc%google.com
66dfd7adba Bug 536474: Add support for logging pre-master secrets. The patch is 
contributed by Adam Langley <agl@chromium.org>.  r=nelson,wtc.
Modified Files:
	ssl3con.c sslimpl.h sslsock.c


git-svn-id: svn://10.0.0.236/trunk@259455 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-22 03:47:42 +00:00
alexei.volkov.bugs%sun.com
9cbdff6813 additional fix for bug 360421 - Implement TLS Server Name Indication for servers. 
git-svn-id: svn://10.0.0.236/trunk@259404 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-15 01:49:34 +00:00
alexei.volkov.bugs%sun.com
d26b36b737 360421 - Implement TLS Server Name Indication for servers. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@259396 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-14 22:15:26 +00:00
wtc%google.com
d73ba345fb Bug 530907: The peerID argument to SSL_SetSockPeerID should be declared 
const.  Removed an unnecessary PR_CALLBACK qualifier.  r=nelson.


git-svn-id: svn://10.0.0.236/trunk@259084 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-25 05:24:25 +00:00
nelson%bolyard.com
089608da06 Bug 526689: (CVE-2009-3555) SSL3 & TLS Renegotiation Vulnerability 
Disable SSL 3.x renegotiation by default.  Add new options to re-enable.
r=wtc,rrelyea


git-svn-id: svn://10.0.0.236/trunk@258888 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-06 20:11:29 +00:00
wtc%google.com
7904b372b3 Bug 275744: Implement TLS compression RFC 3749. Add the SSL_ENABLE_DEFLATE 
SSL option and the -z command-line option for tstclnt, strsclnt, and
selfserv for enabling the DEFLATE compression method.  The patch is
contributed by Adam Langley <agl@chromium.org> of Google.  r=nelson.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c lib/ssl/Makefile lib/ssl/ssl.h
	lib/ssl/ssl3con.c lib/ssl/ssl3prot.h lib/ssl/sslerr.h
	lib/ssl/sslimpl.h lib/ssl/sslsock.c


git-svn-id: svn://10.0.0.236/trunk@258862 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-04 17:19:25 +00:00
nelson%bolyard.com
18113d7a39 Bug 486999: Calling SSL_SetSockPeerID a second time leaks the previous value 
r=rrelyea


git-svn-id: svn://10.0.0.236/trunk@256861 18797224-902f-48f8-a5cc-f745e15eee43
 2009-04-09 01:46:22 +00:00
nelson%bolyard.com
3bf81e175c Bug 453234: Support for SEED Cipher Suites to TLS RFC 4010 
patch by Yeonjung Kang <kang.yeonjung@gmail.com>, r=nelson


git-svn-id: svn://10.0.0.236/trunk@255547 18797224-902f-48f8-a5cc-f745e15eee43
 2008-12-17 06:09:22 +00:00
wtc%google.com
6289ace530 Bug 403563: implement the TLS session ticket extension (rfc4507bis). The 
patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>.  A
small portion (PKCS #11 code and tests) was written by Wan-Teh Chang
<wtc@google.com>.  r=nelson,wtc
Modified Files:
	cmd/lib/SSLerrs.h cmd/selfserv/selfserv.c
	cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
	lib/ssl/manifest.mn lib/ssl/ssl.h lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslerr.h
	lib/ssl/sslimpl.h lib/ssl/sslnonce.c lib/ssl/sslsnce.c
	lib/ssl/sslsock.c lib/ssl/sslt.h tests/ssl/sslstress.txt
Added Files:
	lib/ssl/ssl3ext.c


git-svn-id: svn://10.0.0.236/trunk@247232 18797224-902f-48f8-a5cc-f745e15eee43
 2008-03-06 20:16:24 +00:00
nelson%bolyard.com
31b2141cf5 Bug 394271 - two public SSL functions require PRFD* to point to SSL layer 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233531 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:53:52 +00:00
nelson%bolyard.com
641a71d017 Bug 394202 - ssl_GetPrivate can corrupt non-SSL private structures 
r=julien,wtc


git-svn-id: svn://10.0.0.236/trunk@233530 18797224-902f-48f8-a5cc-f745e15eee43
 2007-09-01 00:49:47 +00:00
rrelyea%redhat.com
5e97cf8097 Add Camilla cipher suites TLS RFC4132 bug 361025 
code supplied by okazaki@kick.gr.jp


git-svn-id: svn://10.0.0.236/trunk@221086 18797224-902f-48f8-a5cc-f745e15eee43
 2007-02-28 19:47:40 +00:00
nelson%bolyard.com
5b3a170bba Bug 366803 - Improve SSL tracing, make it work in browsers, to help with 
debugging bug 356470.  r=neil.williams,alexei.volkov


git-svn-id: svn://10.0.0.236/trunk@219222 18797224-902f-48f8-a5cc-f745e15eee43
 2007-01-31 04:20:26 +00:00
julien.pierre.bugs%sun.com
a030f3283d Fix for bug 115951 . Separate BL_Cleanup and BL_Unload . r=wtchang,nelson 
git-svn-id: svn://10.0.0.236/trunk@213017 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-02 21:17:59 +00:00
julien.pierre.bugs%sun.com
50720ed113 Fix for bug 115951 . Unload freebl dynamic library . Also fix tiny one-time leak of library name . r=nelson,wtchang 
git-svn-id: svn://10.0.0.236/trunk@212769 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-28 00:40:55 +00:00
nelson%bolyard.com
d201e5eca4 Correct the amount returned by ssl_Writev for short writes on non-blocking 
sockets.  Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson


git-svn-id: svn://10.0.0.236/trunk@197897 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-18 01:10:21 +00:00
rrelyea%redhat.com
3df0eb0674 From Bug 331279. 
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei


git-svn-id: svn://10.0.0.236/trunk@193280 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-30 21:07:22 +00:00
wtchang%redhat.com
9a9352d0f2 Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and 
PR_EmulateSendFile added in NSPR 4.1.  r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c


git-svn-id: svn://10.0.0.236/trunk@187784 18797224-902f-48f8-a5cc-f745e15eee43
 2006-01-18 23:06:57 +00:00
wtchang%redhat.com
67e2b4967d Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12 
plus upcoming revisions.  The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
	lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
	lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
	tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
	tests/ssl/ssl.sh


git-svn-id: svn://10.0.0.236/trunk@186032 18797224-902f-48f8-a5cc-f745e15eee43
 2005-12-14 01:49:40 +00:00