summaryrefslogtreecommitdiff
path: root/lib/certhigh
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1334054 - fix CERT_FormatName output buffer length calculation r=franziskusDavid Keeler2017-05-101-2/+23
| | | | | | | | | | | | | | Summary: Before this patch, CERT_FormatName attempted to account for the length of the additional formatting in its output buffer length, but added an insufficient amount (a fixed 128 bytes). This patch dynamically accounts for the additional space required by the formatting output (it can over-account in some cases, but this is unlikely to be a performance concern compared to the original implementation). Reviewers: franziskus Differential Revision: https://nss-review.dev.mozaws.net/D307
* Bug 1278965 - tsan race in CERTCertificate, r=wtc,ttaubertFranziskus Kiefer2017-02-081-4/+7
|
* Backed out changeset 545e059dbb17Franziskus Kiefer2017-03-201-7/+4
|
* Bug 1278965 - tsan race in CERTCertificate, r=wtc,ttaubertFranziskus Kiefer2017-02-081-4/+7
|
* Bug 1342061 - Fix some misuses of CERT_LIST* APIs r=franziskusTim Taubert2017-02-271-1/+1
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D231
* Bug 1323611 - Add some missing return value checks for SECITEM_CopyItem(). r=mt.Nicholas Nethercote2016-07-121-1/+4
|
* Bug 1311995, additional clang-format fixes, r=bustageKai Engert2016-12-131-3/+3
|
* Bug 1311995, follow-up fix, uint32_t type is unknown in NSS builds, use ↵Kai Engert2016-12-131-1/+1
| | | | PRUint32, r=bustage
* Bug 1311995, follow-up to fix clang-format, r=bustageKai Engert2016-12-131-61/+59
|
* Bug 1311995, NSS should implement the equivalent date-based distrust for ↵Kai Engert2016-12-131-0/+145
| | | | WoSign/StartCom roots, r=rrelyea
* Bug 1321301 - Disable pragma diagnostic with old GCC. r=mtJan Beich2016-12-011-2/+2
|
* bug 1316604 - Add variables for <(nss_dist_dir)/{public,private}. r=franziskusTed Mielczarek2016-11-101-2/+2
| | | | | Mozilla's build system currently puts NSS public headers directly in $(DIST)/include/nss, so we need a way to override the export directory.
* Bug 1311615 - Building with gyp should copy headers, libs, executables to ↵Tim Taubert2016-10-211-3/+3
| | | | | | the right directory r=franziskus Differential Revision: https://nss-dev.phacility.com/D104
* Bug 1208405 - coverity and infer fixes, r=ttaubertFranziskus Kiefer2016-10-201-39/+39
|
* Bug 1277228 - some scan-build fixes to enable it on base/certdb/certhigh, ↵Franziskus Kiefer2016-10-172-3/+5
| | | | | | r=ttaubert try: -t all
* bug 1237872 - Add gyp build system for NSS. r=fkieferTed Mielczarek2016-09-232-0/+64
|
* Bug 1302568 - [CID 1372890] API usage errors (VARARGS) r=franziskusTim Taubert2016-09-151-4/+4
|
* Bug 1302232 - Fix buildbot test failures complaining about #pragma inside a ↵Tim Taubert2016-09-131-7/+7
| | | | function r=bustage
* Bug 1302232 - Update Taskcluster to use clang-3.9 r=mtTim Taubert2016-09-121-4/+11
|
* Bug 1295115 - follow up to clang-format for CI, r= kaieFranziskus Kiefer2016-08-143-17/+10
|
* Bug 1227795 - Add NSS_DISABLE_LIBPKIX to allow compiling without libpkix, ↵Eugen Sawin2016-06-222-1/+66
| | | | r=franziskus,wtc
* Bug 1251185, NSS clang-format: else line-break fixes, r=ttaubertNSS_3_23_BETA7Franziskus Kiefer2016-02-256-272/+187
|
* Bug 1194680, Use PR_GetEnvSecure, r=jldNSS_3_23_BETA1Kai Engert2016-01-292-3/+3
|
* Bug 1229362 - clang format on lib/certhigh with minor manual corrections, r=kaieFranziskus Kiefer2015-12-1513-4799/+4817
|
* Bug 1118245. Apply uniform style across NSS [remove trailing commas in ↵Franziskus Kiefer2015-11-101-4/+4
| | | | initializers]. r=ekr
* Bug 1208440 - Fix NULL deref in CERT_CreateEncodedOCSPSuccessResponse, ↵Tim Taubert2015-10-211-1/+1
| | | | r=wtc,kaie,ekr,keeler
* Bug 1214806: Remove unnecessary #include "sslerr.h". r=mt,emaldona.Wan-Teh Chang2015-10-141-1/+0
|
* bug 1009429Robert Relyea2015-10-011-2/+96
| | | | | 0005-Check-for-acceptable-certificate-parameters-when-ver.patch (also 0004) Also update tests to use > 512 bit keys.
* Bug 1208503 - Variable assigned once to a constant guards dead code in ↵Tim Taubert2015-09-291-4/+0
| | | | cert_pkixSetParam, r=mt
* Bug 1182667 - Enable warnings as errors, r=rrelyeaMartin Thomson2015-08-174-16/+13
|
* Backed out changeset 4355f55afeb2 (Bug 1158489)Martin Thomson2015-08-123-13/+13
|
* Bug 1182667 - Removing warnings, enabling -Werror, r=rrelyeaMartin Thomson2015-08-073-13/+13
|
* Bug 1050107: Remove lib/certhigh/certvfypkixprint.c from NSSSachin Kumar Gupta2014-08-133-275/+2
| | | | compilation, to remove dead code. r=ryan.sleevi,wtc.
* Bug 979070, don't assert in CERT_DecodeOCSPResponse, return a better error codeDavid Keeler2014-03-211-2/+1
|
* Bug 743700: Enforce name constriants for root certificates, r=rsleeviNSS_3_16_BETA1Camilo Viecco2014-02-051-11/+12
|
* Bug 964493: Adding missing PORT_SetError to CERT_CheckOCSPStatus, r=briansmithDavid Keeler2014-02-031-0/+3
|
* Bug 950129: Make OCSP fetching for intermediate CA certificates consistent, ↵Brian Smith2014-02-032-14/+27
| | | | r=wtc, r=rrelyea
* Bug 950299: ocsp_CertIDsMatch should return PR_FALSE instead of SECFailureWan-Teh Chang2014-01-031-4/+3
| | | | on error. Remove the unused parameter |handle|. r=ryan.sleevi.
* Bug 952808: Make CERT_CacheOCSPResponseFromSideChannel replace error entries ↵NSS_3_15_4_BETA10Brian Smith2013-12-211-1/+5
| | | | when a better entry is passed in, r=wtc
* Bug 933109: Improve handling of cached Unknown and Revoked OCSP status, r=wtcBrian Smith2013-12-212-37/+89
|
* Bug 436414: Rename "mechanism" to "method" in function or variable/argumentNSS_3_15_4_BETA9Wan-Teh Chang2013-12-192-44/+48
| | | | | | names that refer to the HTTP GET and POST methods. Do not export CERT_GetEncodedOCSPResponseByMethod because it is not declared in ocsp.h. Rename CERT_GetSPKIDigest to CERT_GetSubjectPublicKeyDigest. r=briansmith.
* Bug 436414: Fix compiler warnings about the arguments to PL_Base64EncodeWan-Teh Chang2013-12-101-2/+3
| | | | in cert_GetOCSPResponse. r=kaie.
* Bug 928142, Part 1 (classic): Add option to control whether OCSP GET is ↵Brian Smith2013-10-312-2/+39
| | | | used, r=rrelyea
* Bug 932020 - CERT_CacheOCSPResponseFromSideChannel fails to set error code, ↵Kai Engert2013-10-311-2/+4
| | | | legacy fix third attempt (and backout earlier bustage fix), r=wtc
* Bug 932020, fix a legacy code path to set an error code on failure, bustage ↵Kai Engert2013-10-301-1/+2
| | | | fix, TBR=wtc
* Bug 932020 - CERT_CacheOCSPResponseFromSideChannel fails to set error code ↵Kai Engert2013-10-291-2/+3
| | | | in some cases when returning SECFailure, r=wtc
* Bug 436414, fix memory leak bustage, TBR=rrelyeaNSS_3_15_3_BETA1Kai Engert2013-10-161-1/+6
|
* Bug 910438: Have CERT_VerifyCert return the correct result when certificate ↵Brian Smith2013-10-111-2/+5
| | | | verification fails and a verifyLog is not used, r=briansmith, r=rrelyea
* Bug 436414, support OCSP via HTTP GET. Part 4, enhance libPKIX portion of ↵Kai Engert2013-10-082-16/+19
| | | | OCSP client code. r=rrelyea
* Bug 436414, support OCSP via HTTP GET. Part 3, enhance classic portion of ↵Kai Engert2013-10-082-133/+414
| | | | OCSP client code. r=rrelyea
View Lorry Controller Status