summaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Bug 642129, March 2011 batch of NSS root changes, r=rrelyeakaie%kuix.de2011-04-063-5/+1963
|
* Bug 645460: Default to 32-bit NSS builds on OS X 10.6 (Snow Leopard) andwtc%google.com2011-04-061-0/+2
| | | | | | later, too. The patch is contributed by Kaspar Brand <mozbugzilla@velox.ch>. r=rrelyea,wtc. Tag: NSS_3_12_BRANCH
* Bug 647746, expired PayPal testing cert, affects testing onlykaie%kuix.de2011-04-041-0/+0
|
* Bug 646610: Remove an obsolete comment for a #else. The patch iswtc%google.com2011-03-301-1/+1
| | | | | contributed by Mark Mentovai <mark@moxienet.com>. r=wtc. Tag: NSS_3_12_BRANCH
* Bug 599831 - scalability limited on 4-socket Westmere by hot lock for RSA ↵rrelyea%redhat.com2011-03-303-105/+281
| | | | | | | blinding params list patch by aleksey.v.ignatenko of intel and nelsonb r= rrelyea
* Bug 588698 and Bug 638821: Fix locking order in ssl2_BeginClientHandshake.wtc%google.com2011-03-301-2/+2
| | | | | Backported from the trunk, rev. 1.41. r=jseward. Tag: NSS_3_12_BRANCH
* Bug 596842: pkix_pl_InfoAccess_ParseLocation should replace "%" hex hexwtc%google.com2011-03-301-20/+41
| | | | | | escape sequences before calling pkix_pl_InfoAccess_ParseTokens. r=emaldona,alexei.volkov Tag: NSS_3_12_BRANCH
* Bug 625675 - trust flags are not being deleted when we delete the associated ↵emaldona%redhat.com2011-03-263-0/+110
| | | | certificate, r=rrelyea
* Bug 630589, Improve certutil help output, introduce overview and help ↵kaie%kuix.de2011-03-251-165/+379
| | | | sections, r=nelson
* Possible minor memory leak in SNI code. r=alexei, bob. Patch is provided by ↵alexei.volkov.bugs%sun.com2011-03-242-4/+10
| | | | Meena Vyas.
* 640125 - SSL_CanBypass has minor memory leaks. r=bob, alexei. Patch is ↵alexei.volkov.bugs%sun.com2011-03-2470-408/+1385
|\ | | | | | | provided by Meena Vyas.
* \ fixup commit for tag 'NSS_3_12_9_WITH_CKBI_1_82_RTM'NSS_3_12_9_WITH_CKBI_1_82_RTMcvs2hg2011-03-232078-0/+876577
|\ \
* | | fixup commit for tag 'NSSCKBI_1_82_RTM'NSSCKBI_1_82_RTMcvs2hg2011-03-232079-877523/+0
| |/ |/|
* | Bug 642815, Deal with bogus certs issued by Comodo partner - NSS level fix, ↵kaie%kuix.de2011-03-234-5/+3510
| | | | | | | | patch by rrelyea, r=kaie
* | 631986 - SSL_ReconfigFD tries to access elements of a null pointer. ↵alexei.volkov.bugs%sun.com2011-03-161-3/+5
| | | | | | | | r=alexei, rrelyea. The patch was provided by Meena Vyas.
* | 635778 - Need an API to pass user defined cert chain when SSL socket is set ↵alexei.volkov.bugs%sun.com2011-03-166-5/+28
| | | | | | | | up.r=rrelyea,nelson
* | 629299 - core dump when tls session tickets are enabled and session cache is ↵alexei.volkov.bugs%sun.com2011-03-163-30/+98
| | | | | | | | disabled. r=wtc,rrelyea.
* | Bug 640992 - nss_cms_before_data loses the child's content pointer on ↵emaldona%redhat.com2011-03-151-0/+3
| | | | | | | | recursive decoding, r=rrelyea
* | Updated instructions to generate the OCSP server certificates.christophe.ravel.bugs%sun.com2011-03-081-11/+13
| |
* | Update the OCSP certs with the new domain name for the OCSP server.christophe.ravel.bugs%sun.com2011-03-0819-0/+0
| |
* | Bug 633002 - SECKEY_ImportDERPublicKey causes memory leaks, r=wtc, sr=rrleyeaemaldona%redhat.com2011-03-071-10/+14
| |
* | Bug 632439 - cms headers cmst.h and cms.h use C++ reserved identifiers ↵emaldona%redhat.com2011-02-111-1/+1
| | | | | | | | 'private' and 'template'
* | Bug 632439 - cms headers cmst.h and cms.h use C++ reserved identifiers ↵emaldona%redhat.com2011-02-1110-76/+76
| | | | | | | | 'private' and 'template', r=caillon
* | Fix tinderbox breakage due to patch for:rrelyea%redhat.com2011-02-095-0/+40
| | | | | | | | | | | | | | | | | | Bug 595988 - NSS trusts CAs it shouldn't (trusts system db over user db) patch by rrelyea r=emaldona We need to reset the explicit token if we switch to FIPS mode.
* | Bug 491918 - Infinite recursion when encoding a NSS enveloped/digested datarrelyea%redhat.com2011-02-011-27/+57
| | | | | | | | | | patch by nalin r=rrelyea
* | Bug 584224 - CMS does not allow content types other than S/MIMErrelyea%redhat.com2011-02-017-41/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | patch by nalin r=rrelyea * expose an NSSCMSGenericWrapperDataTemplate that includes the ContentInfo * properly return plain data from NSS_CMSContentInfo_GetContent * fix what appear to be some copy/paste errors * get pointers to pointers to functions out of the interface, to match the rest of the CMS API * correctly add new types to the type hash * don't return CMS contents from NULL CMS messages
* | Bug 628378: remove the unnecessary [] around the expressions in .sizewtc%google.com2011-01-302-4/+4
| | | | | | | | | | | | | | | | directives. The patch is contributed by Rafael ????vila de Esp??????ndola <respindola@mozilla.com>. r=wtc. Modified Files: Tag: NSS_3_12_BRANCH mpi_amd64_gas.s mpi_amd64_sun.s
* | Bug 629839: use the GCC -dumpversion option to support clang. The patch iswtc%google.com2011-01-291-1/+1
| | | | | | | | | | | | contributed by Rafael ????vila de Esp??????ndola <respindola@mozilla.com>. r=wtc. Tag: NSS_3_12_BRANCH
* | CMS does not allow content types other than S/MIMErrelyea%redhat.com2011-01-291-0/+480
| | | | | | | | | | Patch by rrelyea r=emaldona
* | Bug 584224 - CMS does not allow content types other than S/MIMErrelyea%redhat.com2011-01-2815-230/+412
| | | | | | | | | | | | Part 1 Patch by rrelyea r=emaldona
* | Bug 584224 - CMS does not allow content types other than S/MIMErrelyea%redhat.com2011-01-281-0/+9
| | | | | | | | | | | | Patch by Nalin r=rrelyea r=emaldona
* | Bug 597624: pp -t certificate should identify and ident thewtc%google.com2011-01-282-10/+13
| | | | | | | | | | | | | | | | DistributionPoints in the CRL distribution points extension. Add 'const' to the char* msg arguments to three functions. r=nelson. Modified Files: Tag: NSS_3_12_BRANCH secutil.c secutil.h
* | Bug 595988 - NSS trusts CAs it shouldn't (trusts system db over user db)rrelyea%redhat.com2011-01-273-6/+6
| | | | | | | | Incorporate wtc's review comments.
* | Fix elio's nits.rrelyea%redhat.com2011-01-262-4/+4
| |
* | fix regression in nsssysinit introduced by the contextinit patch.rrelyea%redhat.com2011-01-254-32/+34
| | | | | | | | r=emaldona
* | Bug 616757: in ssl3_SendCertificateVerify, we must destroywtc%google.com2011-01-251-21/+19
| | | | | | | | | | | | | | | | | | | | ss->ssl3.clientPrivateKey for all key exchange algorithms, otherwise we will send a Certificate message in renegotiation even if the renegotiation doesn't request client auth. Move the cleanup of clientCertChain and clientPrivateKey from ssl3_HandleCertificateRequest to ssl3_HandleServerHello as a second defense. The patch is contributed by Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc. Tag: NSS_3_12_BRANCH
* | Bug 595134: let sftk_searchTokenList skip sftk_searchDatabase where thewtc%google.com2011-01-221-10/+35
| | | | | | | | | | | | | | object won't be found. Declare the ulCount variables as CK_ULONG instead of CK_LONG. Fix a bug where the failure of the sftk_emailhack call in sftk_searchTokenList was ignored. r=rrelyea. Tag: NSS_3_12_BRANCH
* | Bug 625491: Make pk11load.o depend on debug_module.c. r=rrelyea.wtc%google.com2011-01-221-0/+2
| | | | | | | | Tag: NSS_3_12_BRANCH
* | Bug 589288 - FIPS isn't enabled if /proc/sys/crypto/fips_enabled is missing, ↵emaldona%redhat.com2011-01-201-1/+1
| | | | | | | | r=rrelyea
* | Bug 625491: print CK_ULONG attributes as an integer. Changewtc%google.com2011-01-191-2/+25
| | | | | | | | | | | | CKA_SUB_PRIME_BITS to CKA_SUBPRIME_BITS. Fix an incorrect fall-through in the cases CKA_ISSUER/CKA_SUBJECT. r=rrelyea,nelson. Tag: NSS_3_12_BRANCH
* | Bug 572289: SEC_ASN1EncodeInteger cannot correctly encode some positivewtc%google.com2011-01-131-3/+3
| | | | | | | | | | integer values. r=nelson. Tag: NSS_3_12_BRANCH
* | Change NSS version to 3.12.10.0 Beta.christophe.ravel.bugs%sun.com2011-01-123-9/+9
|/
* Bug 609068: Implement J-PAKE in FreeBL, additional check that s != 0, r=rrelyeabsmith%mozilla.com2011-01-071-1/+2
|
* Bug 620908: the sdb_Reset function pointer in the SDB structure should bewtc%google.com2011-01-062-1/+7
| | | | | | | | set. Initialize the version and app_private fields. The patch is contributed by Meena Vyas <meena.vyas@sun.com>. r=nelson,wtc. Modified Files: Tag: NSS_3_12_BRANCH sdb.c legacydb/lginit.c
* Bug 596798: ensure that the output buffer of _snwprintf is null-terminated.wtc%google.com2011-01-061-0/+2
| | | | | Patch by Nelson Bolyard <nelson@bolyard.me>. r=wtc. Tag: NSS_3_12_BRANCH
* Prepare NSS 3.12.9 RC0.christophe.ravel.bugs%sun.com2011-01-063-6/+6
|
* Bug 607058, crash [@ nss_cms_decoder_work_data], Patch contributed by ↵kaie%kuix.de2010-12-232-0/+22
| | | | timeless, r=kaie, r=nelson
* Bug 619268: fix memory leaks in CERT_ChangeCertTrust andwtc%google.com2010-12-171-2/+10
| | | | | | CERT_SaveSMimeProfile. The patch is contributed by Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc. Tag: NSS_3_12_BRANCH
* Bug 617492, Add PK11_KeyGenWithTemplate function to pk11wrap (for Firefox Sync)NSS_3_12_9_BETA2kaie%kuix.de2010-12-093-69/+124
| | | | Patch contributed by Brian Smith, r=rrelyea, r=wtc
* Bug 614076 - Implement HKDF in SoftokenNSS_3_12_9_BETA1rrelyea%redhat.com2010-12-041-0/+4
| | | | | | | | | fix 1. hashLen is uninitialized. 2. the derive sensitivity check is missing. patch by bsmith r=rrelyea
View Lorry Controller Status