summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* bump version to 3.29, r=meFranziskus Kiefer2016-11-153-6/+6
|
* bug 1316604 - Add variables for <(nss_dist_dir)/{public,private}. r=franziskusTed Mielczarek2016-11-1034-48/+48
| | | | | Mozilla's build system currently puts NSS public headers directly in $(DIST)/include/nss, so we need a way to override the export directory.
* bug 1316115 - Only build det_rng.c when fuzz==1. r=ttaubertTed Mielczarek2016-11-081-1/+3
|
* bug 1315231 - fix gyp build on windows. r=franziskusTed Mielczarek2016-11-091-42/+35
|
* Bug 1316974 - Clean up protect record functions r=mtTim Taubert2016-11-144-196/+103
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D54
* Bug 1310610 - Exporters for TLS 1.3, r=ekrMartin Thomson2016-11-127-6/+102
|
* Bug 1317017 - Improve logging of TLS 1.3 Finished calculation, r=ekrMartin Thomson2016-11-121-2/+3
|
* Bug 1252745 - Fix Signed Certificate Timestamps for TLS 1.3, r=ttaubertMartin Thomson2016-11-104-27/+23
|
* Bug 1315936 - Memory error introduced by bug 1287271, r=martin.thomsonKai Engert2016-11-091-1/+3
|
* Bug 1314604 - Extra checking when validating DH shares, r=rrelyeaMartin Thomson2016-11-081-0/+3
|
* Bug 1315735 - Static-ize phase variables. r=mtEKR2016-11-071-3/+3
|
* Bug 1315735 - TLS 1.3 draft 18 - clang-format. r=meEKR2016-11-077-45/+33
|
* Bug 1315735 - TLS 1.3 draft 18 - tests for psk binder. r=mtEKR2016-11-041-6/+12
| | | | | https://nss-review.dev.mozaws.net/D31
* Bug 1315735 - TLS 1.3 draft 18 - Update to draft-18 key schedule and code ↵EKR2016-11-034-54/+27
| | | | | | | | | | | point. r=mt Reviewers: mt Reviewed By: mt Differential Revision: https://nss-dev.phacility.com/D138
* Bug 1315735 - TLS 1.3 draft 17 - Update cipher suite/hash consistency ↵EKR2016-11-032-22/+49
| | | | | | | | | | | | | checks. r=mt Reviewers: mt Reviewed By: mt Subscribers: mt Differential Revision: https://nss-dev.phacility.com/D137
* Bug 1315735 - TLS 1.3 draft 17 - New Certificate structure. r=mtEKR2016-11-035-38/+288
| | | | | | | Subscribers: mt Differential Revision: https://nss-dev.phacility.com/D136
* Bug 1315735 - TLS 1.3 draft 17 - Simplified key derivation labels. r=mtEKR2016-11-031-16/+2
| | | | | | | | | Reviewers: mt Reviewed By: mt Differential Revision: https://nss-dev.phacility.com/D135
* Bug 1315735 - TLS 1.3 draft 17 - implement psk binders, remove resumption ↵EKR2016-11-038-419/+423
| | | | | | | | | | | PSK, and 0-RTT Finished. r=mt Subscribers: mt Differential Revision: https://nss-dev.phacility.com/D134
* Bug 1315735 - TLS 1.3 draft 17 - Restructure PSK negotiation. r=mtEKR2016-11-039-188/+150
| | | | | | | | | | - move ticket_age_add into NST - max_early_data_size as an extension. - Remove server signature algorithm sending NOTE: This version fails some of the tests because I did not update the canned server hello.
* Bug 1315735 - TLS 1.3 draft 17 - update draft number. r=mtEKR2016-11-031-1/+1
| | | | | | | | | | | Reviewers: mt Reviewed By: mt Subscribers: mt Differential Revision: https://nss-dev.phacility.com/D130
* Bug 1315735 - TLS 1.3 draft 17 - Replace key shares in response to HRR. r=mtEKR2016-11-031-0/+15
| | | | | | | Subscribers: mt Differential Revision: https://nss-dev.phacility.com/D129
* Bug 1315735 - TLS 1.3 draft 17 - Change ticket_early_data_info code point. r=mtEKR2016-11-031-4/+1
| | | | | | | | | Reviewers: mt Reviewed By: mt Differential Revision: https://nss-dev.phacility.com/D128
* Bug 1315455 - Constify sslSocket for extension processing. r=mt.EKR2016-11-0213-810/+969
| | | | | | | | | | | | | | | | | | | | Summary: Extension handlers now take a const sslSocket* and a non-const xtnData. Things aren't entirely clean yet. I had to do two things: - Write a series of ssl_Ext* thunks for things that have innocuous side effects in sslSocket like updating the transcript or encrypting stuff. - Add a CONST_CAST macro for the few cases where it's clear we're having real side effects but they weren't simple to unwind. them. The macro makes them easy to find. Test Plan: None Differential Revision: https://nss-review.dev.mozaws.net/D17
* Revert "Bug 1315455 - Constify sslSocket for extension processing. r=mt."EKR2016-11-0512-964/+808
| | | | | This reverts commit 6b37e9783638d6ac6689f5b50f6e60f41ea753cc.
* Revert "Clang-format. r=me"EKR2016-11-052-4/+4
| | | | | This reverts commit 7dd48050057108cce55bd8488899c24d953eb197.
* Clang-format. r=meEKR2016-11-052-4/+4
|
* Bug 1315455 - Constify sslSocket for extension processing. r=mt.EKR2016-11-0212-808/+964
| | | | | | | | | | | | | | | | | | | | Summary: Extension handlers now take a const sslSocket* and a non-const xtnData. Things aren't entirely clean yet. I had to do two things: - Write a series of ssl_Ext* thunks for things that have innocuous side effects in sslSocket like updating the transcript or encrypting stuff. - Add a CONST_CAST macro for the few cases where it's clear we're having real side effects but they weren't simple to unwind. them. The macro makes them easy to find. Test Plan: None Differential Revision: https://nss-review.dev.mozaws.net/D17
* Bug 1315193 - Fuzzing mode: ssl_Time() must return a constant value r=franziskusTim Taubert2016-11-042-0/+9
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D19
* Bug 1314705 - Remove spurious call to ssl3_SetupPendingCipherSpec(). ↵EKR2016-11-021-4/+8
| | | | | | | | | | | | | | | | | | | r=mt,ttaubert Summary: This has no impact on the cipher suite state because we call tls13_SetCipherSuite after the call to ssl3_SendServerHello, but it does leave kea_defs in a busted state re-setting it to kea_defs after we tweaked it during negotiation. Test Plan: Blah Reviewers: mt, ttaubert Reviewed By: mt, ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D14
* Bug 1311213 - Handle repeated NST messages correctly r=ekr,mtTim Taubert2016-11-022-15/+19
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D13
* Fix gypfile bustage. r=meEKR2016-11-021-1/+1
|
* Bug 1314676 - Refactor extension handler files. r=mtEKR2016-11-027-3533/+3592
| | | | | | | | | | | | | | | | | | This doesn't represent any new code or functionality. I just split things up into three files: Summary: - ssl3ext.c -- generic extension processing machinery - ssl3exthandle.c -- extension handlers for TLS < 1.3 - tls13exthandle.c -- extension handlers for TLS 1.3 Note that there are still extension handlers in ssl3ext.c. Reviewers: mt Reviewed By: mt Differential Revision: https://nss-dev.phacility.com/D141
* Bug 1311950 - Don't send PSS signature algorithms if we have no token that ↵Tim Taubert2016-11-021-1/+8
| | | | | | supports verifying them r=mt Differential Revision: https://nss-review.dev.mozaws.net/D15
* Bug 1311950 - Check for PSS token support when negotiating PSS signature ↵Tim Taubert2016-11-023-18/+44
| | | | | | schemes r=mt Differential Revision: https://nss-review.dev.mozaws.net/D11
* Bug 1313846 - Declare 'it = NULL' earlier. r=franziskuscatdesk2016-10-291-1/+1
|
* Backed out changeset d405c74dfab8 for bustageFranziskus Kiefer2016-10-313-7/+0
|
* Bug 1313430, ssl_CreateECDHEphemeralKeyPair needs database password, ↵Kai Engert2016-10-312-5/+15
| | | | r=martin.thomson
* Bug 1312141 - fix coverity issue CID1374320, r=rrelyeaFranziskus Kiefer2016-10-281-18/+15
|
* Bug 1312977 - Add read/write direction to logging, r=ekrMartin Thomson2016-10-291-2/+3
|
* Bug 1118245 - clang-format on lib/smime, r=ttaubertFranziskus Kiefer2016-10-2727-3859/+3868
|
* Bug 1313496 - Prevent PK11_FindSlotsByNames from double-refcounting the ↵David Keeler2016-10-281-1/+7
| | | | internal key module r=ttaubert
* Bug 1118245 - clang-format on lib/pki and lib/pkcs7, r=ttaubertFranziskus Kiefer2016-10-2729-10175/+8971
| | | | try: -b do -p none -t clang-format
* Bug 1312141, follow up fix, r=rrelyeaKai Engert2016-10-271-1/+1
|
* Bug 1263017, CKR_DEVICE_ERROR after fork() when NSS was initialized by ↵Robert Relyea2016-10-271-0/+15
| | | | someone else, r=kaie
* Bug 1311175 - Remove inline keyword from mpi.c functions as they are used ↵David Major2016-10-271-9/+5
| | | | outside this file. r=ttaubert
* Bug 1118245 - clang-format on lib/pkcs12, r=ttaubertFranziskus Kiefer2016-09-1013-5174/+5083
| | | | try: -b do -p none -t all
* Bug 1118245 - clang-format on lib/pk11wrap, r=ttaubertFranziskus Kiefer2016-10-2731-14300/+14761
|
* Bug 1312977 - clang-format, a=bustageMartin Thomson2016-10-271-1/+1
|
* Bug 1312977 - Improve tracing for TLS 1.3, r=ekrMartin Thomson2016-10-215-16/+48
|
* Bug 1312141 - SECMOD_OpenUserDB will allow multiple opens of the same database.Robert Relyea2016-10-263-9/+152
| | | | r=mt
View Lorry Controller Status