Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Bug 642129, March 2011 batch of NSS root changes, r=rrelyea | kaie%kuix.de | 2011-04-06 | 3 | -5/+1963 |
| | |||||
* | Bug 645460: Default to 32-bit NSS builds on OS X 10.6 (Snow Leopard) and | wtc%google.com | 2011-04-06 | 1 | -0/+2 |
| | | | | | | later, too. The patch is contributed by Kaspar Brand <mozbugzilla@velox.ch>. r=rrelyea,wtc. Tag: NSS_3_12_BRANCH | ||||
* | Bug 647746, expired PayPal testing cert, affects testing only | kaie%kuix.de | 2011-04-04 | 1 | -0/+0 |
| | |||||
* | Bug 646610: Remove an obsolete comment for a #else. The patch is | wtc%google.com | 2011-03-30 | 1 | -1/+1 |
| | | | | | contributed by Mark Mentovai <mark@moxienet.com>. r=wtc. Tag: NSS_3_12_BRANCH | ||||
* | Bug 599831 - scalability limited on 4-socket Westmere by hot lock for RSA ↵ | rrelyea%redhat.com | 2011-03-30 | 3 | -105/+281 |
| | | | | | | | blinding params list patch by aleksey.v.ignatenko of intel and nelsonb r= rrelyea | ||||
* | Bug 588698 and Bug 638821: Fix locking order in ssl2_BeginClientHandshake. | wtc%google.com | 2011-03-30 | 1 | -2/+2 |
| | | | | | Backported from the trunk, rev. 1.41. r=jseward. Tag: NSS_3_12_BRANCH | ||||
* | Bug 596842: pkix_pl_InfoAccess_ParseLocation should replace "%" hex hex | wtc%google.com | 2011-03-30 | 1 | -20/+41 |
| | | | | | | escape sequences before calling pkix_pl_InfoAccess_ParseTokens. r=emaldona,alexei.volkov Tag: NSS_3_12_BRANCH | ||||
* | Bug 625675 - trust flags are not being deleted when we delete the associated ↵ | emaldona%redhat.com | 2011-03-26 | 3 | -0/+110 |
| | | | | certificate, r=rrelyea | ||||
* | Bug 630589, Improve certutil help output, introduce overview and help ↵ | kaie%kuix.de | 2011-03-25 | 1 | -165/+379 |
| | | | | sections, r=nelson | ||||
* | Possible minor memory leak in SNI code. r=alexei, bob. Patch is provided by ↵ | alexei.volkov.bugs%sun.com | 2011-03-24 | 2 | -4/+10 |
| | | | | Meena Vyas. | ||||
* | 640125 - SSL_CanBypass has minor memory leaks. r=bob, alexei. Patch is ↵ | alexei.volkov.bugs%sun.com | 2011-03-24 | 70 | -408/+1385 |
|\ | | | | | | | provided by Meena Vyas. | ||||
* \ | fixup commit for tag 'NSS_3_12_9_WITH_CKBI_1_82_RTM'NSS_3_12_9_WITH_CKBI_1_82_RTM | cvs2hg | 2011-03-23 | 2078 | -0/+876577 |
|\ \ | |||||
* | | | fixup commit for tag 'NSSCKBI_1_82_RTM'NSSCKBI_1_82_RTM | cvs2hg | 2011-03-23 | 2079 | -877523/+0 |
| |/ |/| | |||||
* | | Bug 642815, Deal with bogus certs issued by Comodo partner - NSS level fix, ↵ | kaie%kuix.de | 2011-03-23 | 4 | -5/+3510 |
| | | | | | | | | patch by rrelyea, r=kaie | ||||
* | | 631986 - SSL_ReconfigFD tries to access elements of a null pointer. ↵ | alexei.volkov.bugs%sun.com | 2011-03-16 | 1 | -3/+5 |
| | | | | | | | | r=alexei, rrelyea. The patch was provided by Meena Vyas. | ||||
* | | 635778 - Need an API to pass user defined cert chain when SSL socket is set ↵ | alexei.volkov.bugs%sun.com | 2011-03-16 | 6 | -5/+28 |
| | | | | | | | | up.r=rrelyea,nelson | ||||
* | | 629299 - core dump when tls session tickets are enabled and session cache is ↵ | alexei.volkov.bugs%sun.com | 2011-03-16 | 3 | -30/+98 |
| | | | | | | | | disabled. r=wtc,rrelyea. | ||||
* | | Bug 640992 - nss_cms_before_data loses the child's content pointer on ↵ | emaldona%redhat.com | 2011-03-15 | 1 | -0/+3 |
| | | | | | | | | recursive decoding, r=rrelyea | ||||
* | | Updated instructions to generate the OCSP server certificates. | christophe.ravel.bugs%sun.com | 2011-03-08 | 1 | -11/+13 |
| | | |||||
* | | Update the OCSP certs with the new domain name for the OCSP server. | christophe.ravel.bugs%sun.com | 2011-03-08 | 19 | -0/+0 |
| | | |||||
* | | Bug 633002 - SECKEY_ImportDERPublicKey causes memory leaks, r=wtc, sr=rrleyea | emaldona%redhat.com | 2011-03-07 | 1 | -10/+14 |
| | | |||||
* | | Bug 632439 - cms headers cmst.h and cms.h use C++ reserved identifiers ↵ | emaldona%redhat.com | 2011-02-11 | 1 | -1/+1 |
| | | | | | | | | 'private' and 'template' | ||||
* | | Bug 632439 - cms headers cmst.h and cms.h use C++ reserved identifiers ↵ | emaldona%redhat.com | 2011-02-11 | 10 | -76/+76 |
| | | | | | | | | 'private' and 'template', r=caillon | ||||
* | | Fix tinderbox breakage due to patch for: | rrelyea%redhat.com | 2011-02-09 | 5 | -0/+40 |
| | | | | | | | | | | | | | | | | | | Bug 595988 - NSS trusts CAs it shouldn't (trusts system db over user db) patch by rrelyea r=emaldona We need to reset the explicit token if we switch to FIPS mode. | ||||
* | | Bug 491918 - Infinite recursion when encoding a NSS enveloped/digested data | rrelyea%redhat.com | 2011-02-01 | 1 | -27/+57 |
| | | | | | | | | | | patch by nalin r=rrelyea | ||||
* | | Bug 584224 - CMS does not allow content types other than S/MIME | rrelyea%redhat.com | 2011-02-01 | 7 | -41/+91 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | patch by nalin r=rrelyea * expose an NSSCMSGenericWrapperDataTemplate that includes the ContentInfo * properly return plain data from NSS_CMSContentInfo_GetContent * fix what appear to be some copy/paste errors * get pointers to pointers to functions out of the interface, to match the rest of the CMS API * correctly add new types to the type hash * don't return CMS contents from NULL CMS messages | ||||
* | | Bug 628378: remove the unnecessary [] around the expressions in .size | wtc%google.com | 2011-01-30 | 2 | -4/+4 |
| | | | | | | | | | | | | | | | | directives. The patch is contributed by Rafael ????vila de Esp??????ndola <respindola@mozilla.com>. r=wtc. Modified Files: Tag: NSS_3_12_BRANCH mpi_amd64_gas.s mpi_amd64_sun.s | ||||
* | | Bug 629839: use the GCC -dumpversion option to support clang. The patch is | wtc%google.com | 2011-01-29 | 1 | -1/+1 |
| | | | | | | | | | | | | contributed by Rafael ????vila de Esp??????ndola <respindola@mozilla.com>. r=wtc. Tag: NSS_3_12_BRANCH | ||||
* | | CMS does not allow content types other than S/MIME | rrelyea%redhat.com | 2011-01-29 | 1 | -0/+480 |
| | | | | | | | | | | Patch by rrelyea r=emaldona | ||||
* | | Bug 584224 - CMS does not allow content types other than S/MIME | rrelyea%redhat.com | 2011-01-28 | 15 | -230/+412 |
| | | | | | | | | | | | | Part 1 Patch by rrelyea r=emaldona | ||||
* | | Bug 584224 - CMS does not allow content types other than S/MIME | rrelyea%redhat.com | 2011-01-28 | 1 | -0/+9 |
| | | | | | | | | | | | | Patch by Nalin r=rrelyea r=emaldona | ||||
* | | Bug 597624: pp -t certificate should identify and ident the | wtc%google.com | 2011-01-28 | 2 | -10/+13 |
| | | | | | | | | | | | | | | | | DistributionPoints in the CRL distribution points extension. Add 'const' to the char* msg arguments to three functions. r=nelson. Modified Files: Tag: NSS_3_12_BRANCH secutil.c secutil.h | ||||
* | | Bug 595988 - NSS trusts CAs it shouldn't (trusts system db over user db) | rrelyea%redhat.com | 2011-01-27 | 3 | -6/+6 |
| | | | | | | | | Incorporate wtc's review comments. | ||||
* | | Fix elio's nits. | rrelyea%redhat.com | 2011-01-26 | 2 | -4/+4 |
| | | |||||
* | | fix regression in nsssysinit introduced by the contextinit patch. | rrelyea%redhat.com | 2011-01-25 | 4 | -32/+34 |
| | | | | | | | | r=emaldona | ||||
* | | Bug 616757: in ssl3_SendCertificateVerify, we must destroy | wtc%google.com | 2011-01-25 | 1 | -21/+19 |
| | | | | | | | | | | | | | | | | | | | | ss->ssl3.clientPrivateKey for all key exchange algorithms, otherwise we will send a Certificate message in renegotiation even if the renegotiation doesn't request client auth. Move the cleanup of clientCertChain and clientPrivateKey from ssl3_HandleCertificateRequest to ssl3_HandleServerHello as a second defense. The patch is contributed by Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc. Tag: NSS_3_12_BRANCH | ||||
* | | Bug 595134: let sftk_searchTokenList skip sftk_searchDatabase where the | wtc%google.com | 2011-01-22 | 1 | -10/+35 |
| | | | | | | | | | | | | | | object won't be found. Declare the ulCount variables as CK_ULONG instead of CK_LONG. Fix a bug where the failure of the sftk_emailhack call in sftk_searchTokenList was ignored. r=rrelyea. Tag: NSS_3_12_BRANCH | ||||
* | | Bug 625491: Make pk11load.o depend on debug_module.c. r=rrelyea. | wtc%google.com | 2011-01-22 | 1 | -0/+2 |
| | | | | | | | | Tag: NSS_3_12_BRANCH | ||||
* | | Bug 589288 - FIPS isn't enabled if /proc/sys/crypto/fips_enabled is missing, ↵ | emaldona%redhat.com | 2011-01-20 | 1 | -1/+1 |
| | | | | | | | | r=rrelyea | ||||
* | | Bug 625491: print CK_ULONG attributes as an integer. Change | wtc%google.com | 2011-01-19 | 1 | -2/+25 |
| | | | | | | | | | | | | CKA_SUB_PRIME_BITS to CKA_SUBPRIME_BITS. Fix an incorrect fall-through in the cases CKA_ISSUER/CKA_SUBJECT. r=rrelyea,nelson. Tag: NSS_3_12_BRANCH | ||||
* | | Bug 572289: SEC_ASN1EncodeInteger cannot correctly encode some positive | wtc%google.com | 2011-01-13 | 1 | -3/+3 |
| | | | | | | | | | | integer values. r=nelson. Tag: NSS_3_12_BRANCH | ||||
* | | Change NSS version to 3.12.10.0 Beta. | christophe.ravel.bugs%sun.com | 2011-01-12 | 3 | -9/+9 |
|/ | |||||
* | Bug 609068: Implement J-PAKE in FreeBL, additional check that s != 0, r=rrelyea | bsmith%mozilla.com | 2011-01-07 | 1 | -1/+2 |
| | |||||
* | Bug 620908: the sdb_Reset function pointer in the SDB structure should be | wtc%google.com | 2011-01-06 | 2 | -1/+7 |
| | | | | | | | | set. Initialize the version and app_private fields. The patch is contributed by Meena Vyas <meena.vyas@sun.com>. r=nelson,wtc. Modified Files: Tag: NSS_3_12_BRANCH sdb.c legacydb/lginit.c | ||||
* | Bug 596798: ensure that the output buffer of _snwprintf is null-terminated. | wtc%google.com | 2011-01-06 | 1 | -0/+2 |
| | | | | | Patch by Nelson Bolyard <nelson@bolyard.me>. r=wtc. Tag: NSS_3_12_BRANCH | ||||
* | Prepare NSS 3.12.9 RC0. | christophe.ravel.bugs%sun.com | 2011-01-06 | 3 | -6/+6 |
| | |||||
* | Bug 607058, crash [@ nss_cms_decoder_work_data], Patch contributed by ↵ | kaie%kuix.de | 2010-12-23 | 2 | -0/+22 |
| | | | | timeless, r=kaie, r=nelson | ||||
* | Bug 619268: fix memory leaks in CERT_ChangeCertTrust and | wtc%google.com | 2010-12-17 | 1 | -2/+10 |
| | | | | | | CERT_SaveSMimeProfile. The patch is contributed by Ryan Sleevi <ryan.sleevi@gmail.com>. r=wtc. Tag: NSS_3_12_BRANCH | ||||
* | Bug 617492, Add PK11_KeyGenWithTemplate function to pk11wrap (for Firefox Sync)NSS_3_12_9_BETA2 | kaie%kuix.de | 2010-12-09 | 3 | -69/+124 |
| | | | | Patch contributed by Brian Smith, r=rrelyea, r=wtc | ||||
* | Bug 614076 - Implement HKDF in SoftokenNSS_3_12_9_BETA1 | rrelyea%redhat.com | 2010-12-04 | 1 | -0/+4 |
| | | | | | | | | | fix 1. hashLen is uninitialized. 2. the derive sensitivity check is missing. patch by bsmith r=rrelyea |