Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
217,715 Commits 3,986 Branches 0 Tags
Commit Graph

57 Commits

Author SHA1 Message Date
gerv%gerv.net
f465fa7d7e Bug 716563 - update license to MPL 2. r=rrelyea. 
git-svn-id: svn://10.0.0.236/trunk@263750 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-25 14:50:19 +00:00
rrelyea%redhat.com
f0e520237e Bug 642503 - Generic blacklisting mechanism for bogus certs (NSS trust module) 
r=wtc.

This includes all the base changes to make distrust work, as well as allowing
us to have trust records that match certs by issuer/SN without requiring us to
match the exact cert if we are distrusting the cert.

Still to reviewed and check-in: libpkix changes
                                 tests cases.


git-svn-id: svn://10.0.0.236/trunk@262483 18797224-902f-48f8-a5cc-f745e15eee43
 2011-07-12 21:29:20 +00:00
rrelyea%redhat.com
b58e695147 Bug 642503 - Generic blacklisting mechanism for bogus certs 
Patch 1: rename (see comment 20).
r=emaldona


git-svn-id: svn://10.0.0.236/trunk@262180 18797224-902f-48f8-a5cc-f745e15eee43
 2011-04-13 00:10:27 +00:00
nelson%bolyard.com
c0b5e7332d Bug 415565: Use new NSPR atomic macros in NSS 
Patch contributed by Steve Snyder <swsnyder@snydernet.net>, r=wtc


git-svn-id: svn://10.0.0.236/trunk@260135 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-03 18:27:33 +00:00
wtc%google.com
b25f0b45e0 Bug 534945: lib/dev does not need to include headers from lib/ckfw. 
r=rrelyea.
Modified Files:
	ckhelper.c ckhelper.h dev.h devm.h devslot.c devt.h devtoken.c


git-svn-id: svn://10.0.0.236/trunk@259359 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-08 02:00:58 +00:00
nelson%bolyard.com
ef8be04775 Bug 524167: Don't crash if slot has null token pointer after entering 
FIPS mode.  r=rrelyea


git-svn-id: svn://10.0.0.236/trunk@259133 18797224-902f-48f8-a5cc-f745e15eee43
 2009-12-01 06:28:11 +00:00
nelson%bolyard.com
f46a3579b5 Stop assuming session pointers are non-NULL for bug 444974. r=rrelyea 
git-svn-id: svn://10.0.0.236/trunk@254475 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-30 04:09:04 +00:00
nelson%bolyard.com
9784be0a2e Bug 444850 – NSS misbehaves badly in the presence of a disabled PKCS#11 slot 
r=julien.pierre, rrelyea


git-svn-id: svn://10.0.0.236/trunk@253485 18797224-902f-48f8-a5cc-f745e15eee43
 2008-08-09 01:26:05 +00:00
nelson%bolyard.com
8b4a89dc0d Bug 444850. Don't ask the module to use an invalid session handle in 
find_objects.  r=alexei,julien sr=wtc.


git-svn-id: svn://10.0.0.236/trunk@253184 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-22 04:34:02 +00:00
kaie%kuix.de
4e2b64148d Bug 426886, Use "const" char* in PK11_ImportCertForKey 
r=wtc, r=julien.pierre


git-svn-id: svn://10.0.0.236/trunk@251939 18797224-902f-48f8-a5cc-f745e15eee43
 2008-05-29 17:24:23 +00:00
wtc%google.com
4ab3de3dc0 Bug 431929: Refactored duplicate code into common subroutines. 1. Replaced 
nssToken_Find{Certificates,TrustObjects,CRLs} by nssToken_FindObjects.
2. Replaced get_token_{certs,trust,crls}_for_cache by
get_token_objects_for_cache.  r=nelson.
Modified Files:
	dev/dev.h dev/devtoken.c dev/devutil.c pk11wrap/pk11cert.c


git-svn-id: svn://10.0.0.236/trunk@251680 18797224-902f-48f8-a5cc-f745e15eee43
 2008-05-17 00:13:39 +00:00
nelson%bolyard.com
c16758aa06 Bug 391903: nssSlot object for nssckbi leaked when loaded by PSM. 
r=rrelyea


git-svn-id: svn://10.0.0.236/trunk@250834 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-27 02:13:52 +00:00
rrelyea%redhat.com
9bb6a9986d Back out patch to bug 391903. 
Windows tinderboxen are failing.


git-svn-id: svn://10.0.0.236/trunk@250704 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-23 16:37:19 +00:00
rrelyea%redhat.com
b5cd881917 Bug 391903 r=nelson. 
leak objects from nssSlot_Create


git-svn-id: svn://10.0.0.236/trunk@250586 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-21 23:54:49 +00:00
julien.pierre.boogz%sun.com
7f43dce253 Fix for bug 410226 . Leak in create_object_from_handles. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@244914 18797224-902f-48f8-a5cc-f745e15eee43
 2008-02-05 03:22:38 +00:00
julien.pierre.boogz%sun.com
3b557e654d Fix for bug 353577 . Delete PURE_STAN code and code outside NSS_3_4_CODE . r=wtc,nelson 
git-svn-id: svn://10.0.0.236/trunk@239526 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-16 05:29:27 +00:00
rrelyea%redhat.com
557cb6151c Bug 391291 Implement Shared Database Integrity checks. 
r=nelson (plus review from kengert)


git-svn-id: svn://10.0.0.236/trunk@231760 18797224-902f-48f8-a5cc-f745e15eee43
 2007-08-09 22:36:20 +00:00
julien.pierre.bugs%sun.com
b5c661f69d Fix for bug 113323 . Constify some functions. r=nelson 
git-svn-id: svn://10.0.0.236/trunk@229672 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-11 04:47:42 +00:00
wtchang%redhat.com
68afcb2227 Bugzilla Bug 267158: removed the $Name$ RCS keyword from our source files. 
This keyword adds noise to the output of "ident libnss3.so | grep NSS"
on our debug build, and appears to cause spurious CVS conflicts. r=nelsonb.


git-svn-id: svn://10.0.0.236/trunk@168042 18797224-902f-48f8-a5cc-f745e15eee43
 2005-01-20 02:25:51 +00:00
ian.mcgreer%sun.com
f7fd7e85b4 bug 180268, reimplement ssl step-up for builtins 
git-svn-id: svn://10.0.0.236/trunk@156475 18797224-902f-48f8-a5cc-f745e15eee43
 2004-05-17 20:08:38 +00:00
gerv%gerv.net
43cb9e1492 Bug 236613: change to MPL/LGPL/GPL tri-license. 
git-svn-id: svn://10.0.0.236/trunk@155484 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-25 15:03:26 +00:00
wtc%netscape.com
e8dd7063dd Bugzilla bug 204549: find_objects_by_template was not setting *statusOpt 
before one return statement.  r=nelsonb.


git-svn-id: svn://10.0.0.236/trunk@147192 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-23 20:34:15 +00:00
wtc%netscape.com
1cbc8808cd Bugzilla bug 214695: fixed incorrect use of PR_AtomicDecrement on reference 
counts.  The reference count should not be read "naked".  Instead, we
should simply use the return value of PR_AtomicDecrement for the result of
the decrement.
Modified Files: dev/devmod.c dev/devslot.c dev/devtoken.c pki/certificate.c
pki/pkibase.c


git-svn-id: svn://10.0.0.236/trunk@145445 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-01 02:02:47 +00:00
nelsonb%netscape.com
aa6267105e Change the function definitions in dev so that the ctags program will 
produce valid tags from these sources.


git-svn-id: svn://10.0.0.236/trunk@144324 18797224-902f-48f8-a5cc-f745e15eee43
 2003-07-01 00:32:22 +00:00
wtc%netscape.com
4b6932465e Bug 190396. 
Don't fail the search if the token returned an error that indicates that it
legitimately couldn't find a CRL


git-svn-id: svn://10.0.0.236/trunk@136929 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-24 06:37:03 +00:00
ian.mcgreer%sun.com
4a6e624c98 bug 172247, don't allow import of duplicate issuer/serial certs 
git-svn-id: svn://10.0.0.236/trunk@134280 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-21 20:43:15 +00:00
relyea%netscape.com
f045aece62 Fix optimized build failures 
git-svn-id: svn://10.0.0.236/trunk@131718 18797224-902f-48f8-a5cc-f745e15eee43
 2002-10-10 21:17:39 +00:00
relyea%netscape.com
faa9e5505e Bug 164501. Return a proper error code from PK11_FindCrlByName() so the CRL 
code can decide if there is a hw or system failure preventing the reading of a
CRL or if the CRL is just not there.


git-svn-id: svn://10.0.0.236/trunk@131706 18797224-902f-48f8-a5cc-f745e15eee43
 2002-10-10 20:30:19 +00:00
ian.mcgreer%sun.com
599c379a2b bug 166793, uninitialized variables 
r=wtc


git-svn-id: svn://10.0.0.236/trunk@130814 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-30 21:15:07 +00:00
relyea%netscape.com
1364a51ba2 bug 161552: Make the recipient list traversal functions call the internal 
nsstoken_FindCertByIssuerAndSN() function to gain the benefit of the fixed
Searching code.


git-svn-id: svn://10.0.0.236/trunk@127272 18797224-902f-48f8-a5cc-f745e15eee43
 2002-08-14 20:42:40 +00:00
relyea%netscape.com
4cfc101a4c Handle the switch from the static buffer to the realloc buffer. 
git-svn-id: svn://10.0.0.236/trunk@126901 18797224-902f-48f8-a5cc-f745e15eee43
 2002-08-09 18:48:31 +00:00
relyea%netscape.com
ff3a4be02e More performance improvements in listing certs: 
1) reduce more short term memory allocate/frees.
	2) remove sha1 hash calculations from critical paths.
	3) when listing user certs, skip decoding of non-user certs.


git-svn-id: svn://10.0.0.236/trunk@124499 18797224-902f-48f8-a5cc-f745e15eee43
 2002-07-02 15:11:29 +00:00
relyea%netscape.com
db66460cc5 Fix solaris compiler error/warning. Fix prototype to return correct value (PRBool not PRStatus). 
git-svn-id: svn://10.0.0.236/trunk@123969 18797224-902f-48f8-a5cc-f745e15eee43
 2002-06-24 23:54:16 +00:00
relyea%netscape.com
b64d478e29 Don't decode or extract trust for certs if we are just getting the nicknames -- particularly for user certs. 
git-svn-id: svn://10.0.0.236/trunk@123959 18797224-902f-48f8-a5cc-f745e15eee43
 2002-06-24 22:36:59 +00:00
jpierre%netscape.com
3d920a25ee Fix for bug 137645 - cached certificate does not get its nickname updated after P12 import of matching user certificate 
git-svn-id: svn://10.0.0.236/trunk@121899 18797224-902f-48f8-a5cc-f745e15eee43
 2002-05-20 23:21:39 +00:00
relyea%netscape.com
394940b694 Automatically create a NULL email profile for certs with email addresses which 
are imported into the internal token.


git-svn-id: svn://10.0.0.236/trunk@120975 18797224-902f-48f8-a5cc-f745e15eee43
 2002-05-07 20:38:59 +00:00
ian.mcgreer%sun.com
2fd68a1c79 When doing cert traversals, create the certs in full as they are found. This avoids thrashing the softoken's object cache when the database has a large number of certs. 
git-svn-id: svn://10.0.0.236/trunk@119963 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-26 14:34:05 +00:00
ian.mcgreer%sun.com
240768dc76 if a cert already exists, use C_SetAttributeValue to change its mutable attributes during import (instead of trying to recreate it) 
git-svn-id: svn://10.0.0.236/trunk@119856 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-25 20:49:49 +00:00
relyea%netscape.com
3d3e22dba5 Look up both DER encoded serial numbers (PKCS #11 spec), and decode serial 
numbers (Old NSS) when looking up certs by issuer and SN.


git-svn-id: svn://10.0.0.236/trunk@119722 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-24 18:27:17 +00:00
ian.mcgreer%sun.com
57c0f959ce fix shutdown leaks 
git-svn-id: svn://10.0.0.236/trunk@119622 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-23 17:22:13 +00:00
relyea%netscape.com
034136c5db Token and cert processing fixes: 
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
   2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
   3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
   4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
   5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).


git-svn-id: svn://10.0.0.236/trunk@119557 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-22 19:09:01 +00:00
ian.mcgreer%sun.com
9d553c9294 fix bugs in cert import with smart card cache 
git-svn-id: svn://10.0.0.236/trunk@119546 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-22 14:14:44 +00:00
ian.mcgreer%sun.com
bafa34ec88 Fixes for smart card cache. Don't do cache searches by email address, since GetAttributeValue does not set that field. Handle removal correctly for item at tail of list. Don't search token after a successful cache search that returned zero hits. 
git-svn-id: svn://10.0.0.236/trunk@119405 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-19 16:14:13 +00:00
relyea%netscape.com
58bccc96dd Don't crash if we try to get the name of a non-existant token. 
git-svn-id: svn://10.0.0.236/trunk@119278 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-18 17:54:30 +00:00
ian.mcgreer%sun.com
2f83527b52 landing new smart card cache, bug 135429 
git-svn-id: svn://10.0.0.236/trunk@119274 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-18 17:30:05 +00:00
ian.mcgreer%sun.com
f87d824279 bug 135521, change cert lookups on tokens to be actual finds instead of traversals 
git-svn-id: svn://10.0.0.236/trunk@118986 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-15 15:22:11 +00:00
ian.mcgreer%sun.com
dbcf2c42b3 Land Stan changes to tip. Mostly header file / structure / API cleanup. Note 
that these changes *do not* affect the current build, except for some minor edits.


git-svn-id: svn://10.0.0.236/trunk@118136 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-04 20:00:28 +00:00
relyea%netscape.com
156fb9e6dc Cache whether there are no CRL's and Trust objects on removable HW tokens 
git-svn-id: svn://10.0.0.236/trunk@116101 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-07 23:21:39 +00:00
relyea%netscape.com
c42edc81c4 bug 125808 : 
Reset the token name on token removal.
Check for token presence to reset the session handle.
Consolidate the NSS3 style TokenInit with the stan init so everything is in sync.
r=ddrinan


git-svn-id: svn://10.0.0.236/trunk@115905 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-06 01:44:50 +00:00
relyea%netscape.com
b05500f1e0 Fix token/cert interactions: 
1) don't have certs disappear because we have empty tokens.
2) Make sure the NSSToken structure has up-to-date nicknames.


git-svn-id: svn://10.0.0.236/trunk@115743 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-04 22:39:28 +00:00