attributes from a known CRL, not looking up new attributes (I'm pretty sure that
CVS apropos would show I checked in the previously wrong code).
bob
git-svn-id: svn://10.0.0.236/trunk@119832 18797224-902f-48f8-a5cc-f745e15eee43
1) use NewTempCert rather than DERDecode cert in all import cert cases.
When DERDecode cert is used, we may wind up with a cert that gets cleared
when we try to import it because it already in the cache. NewTempCert will
return the version that is in the cache.
2) If we are returning the CAList, only return certs that are CA's
(not usercerts).
3) Authenticate to all the tokens if necessary before we try to list
certs. (Stan code should eventually get automatic authentication calls in
the code itself).
4) When looking up user certs, don't return those certs with the same
subject, but do not have any key material associated with them (that is
don't crash if we have old certs in our database without nicknames, but
match user certs on our smart cards).
5) Save the nickname associated with our subject list in the temp
cache so we can correctly remove the entry even if the cert's nickname
changes (because of smart card insertions and removals, or because of
creation and deletions of our user cert).
git-svn-id: svn://10.0.0.236/trunk@119557 18797224-902f-48f8-a5cc-f745e15eee43
* change internal module trust order again, builtins uses 100, and internal module must come first
git-svn-id: svn://10.0.0.236/trunk@119415 18797224-902f-48f8-a5cc-f745e15eee43
Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which
will cause an assert if shutdown is called but not all the modules are freed (which
means a slot, key, or cert reference has been leaked).
git-svn-id: svn://10.0.0.236/trunk@118866 18797224-902f-48f8-a5cc-f745e15eee43
that these changes *do not* affect the current build, except for some minor edits.
git-svn-id: svn://10.0.0.236/trunk@118136 18797224-902f-48f8-a5cc-f745e15eee43
1) Preseve the position of NSS 3.3 elements in the data structures. Some
new fields replace some old deprecated fields where possible to preserve
the total size of the structure.
2) Stan headers are removed from public exports.
3) Some exported functions didn't have prototypes in the public headers.
4) One bug fix: dev3hack.c did not pass the second argument to
nssToken_DestroyCertList.
5) Include the necessary headers to fix undeclared function warnings.
git-svn-id: svn://10.0.0.236/trunk@116522 18797224-902f-48f8-a5cc-f745e15eee43
Reset the token name on token removal.
Check for token presence to reset the session handle.
Consolidate the NSS3 style TokenInit with the stan init so everything is in sync.
r=ddrinan
git-svn-id: svn://10.0.0.236/trunk@115905 18797224-902f-48f8-a5cc-f745e15eee43
1) don't have certs disappear because we have empty tokens.
2) Make sure the NSSToken structure has up-to-date nicknames.
git-svn-id: svn://10.0.0.236/trunk@115743 18797224-902f-48f8-a5cc-f745e15eee43
* clean up compatibilty issues with PKCS#11 serial numbers. Need to search both encoded and decoded values, while making sure stan code only deals with DER value
git-svn-id: svn://10.0.0.236/trunk@112584 18797224-902f-48f8-a5cc-f745e15eee43
- correct reference counting when combining certs taken from cache and obtained new
- cache keys need to be alloc'ed, for the case when one cert is used to create the cache entry, another (same subject/nick/email) is added, then the first is removed and freed
git-svn-id: svn://10.0.0.236/trunk@111728 18797224-902f-48f8-a5cc-f745e15eee43
* implement CERT_AddTempCertToPerm in 3.4
* update object instance lists when needed
* correctly check and allocate trust when changing it
git-svn-id: svn://10.0.0.236/trunk@111495 18797224-902f-48f8-a5cc-f745e15eee43
