nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
216490 commits 1 branch 98 tags 6.4 GiB
Commit graph

60 commits

Author SHA1 Message Date
Kai Engert
1282088a1f Bug 527659, Update Mozilla-central to NSS 3.12.6 RTM (RC2) 
=== pushing final release, r=wtc
=== adding a directory with on-top-patches, r=wtc
=== also, update to NSPR 4.8.4 final, r=wtc
 2010-03-05 14:44:10 +01:00
Kai Engert
d6c30005d8 Bug 527659, Update mozilla-central to NSS 3.12.6 (beta) 
== NSS portion
== r=rrelyea/wtc for upgrading mozilla-central to cvs tag NSS_3_12_6_BETA1
== This includes reapplying the (merged) patch from bug 519550 on top of NSS.
== PSM portion
== Includes the patch to disable TLS compression, r=kaie
== Include the patch to disable zlib test programs, which don't work on maemo, r=kaie
 2010-02-07 12:54:28 +01:00
Kai Engert
a5de37788a Bug 487712, Pick up NSS_HEAD_20090409 to fix WINCE 
Got r=nelson and r=rrelyea in today's NSS conference call.
CLOSED TREE
 2009-04-10 02:00:56 +02:00
Kai Engert
004b63cc3f Bug 473837, land NSS_3_12_3_BETA2 
r=wtc
 2009-01-21 04:43:31 +01:00
Kai Engert
2093e3d883 Backout 6c571dc80a99, bug 473837 2009-01-16 20:15:28 +01:00
Kai Engert
e61b3c01be Bug 473837, Import NSS_3_12_3_BETA1 
r=wtc
 2009-01-16 20:01:34 +01:00
Benjamin Smedberg
381f8d9c63 Import NSS_3_12_RC4 2008-06-06 08:40:11 -04:00
hg@mozilla.com
05e5d33a57 Free the (distributed) Lizard! Automatic merge from CVS: Module mozilla: tag HG_REPO_INITIAL_IMPORT at 22 Mar 2007 10:30 PDT, 2007-03-22 10:30:00 -07:00
rrelyea%redhat.com
75c2698ee0 Add Camilla cipher suites TLS RFC4132 bug 361025 
code supplied by okazaki@kick.gr.jp
 2007-02-28 19:47:40 +00:00
nelson%bolyard.com
fe33cd4708 Bug 366803 - Improve SSL tracing, make it work in browsers, to help with 
debugging bug 356470.  r=neil.williams,alexei.volkov
 2007-01-31 04:20:26 +00:00
julien.pierre.bugs%sun.com
81bb832c8f Fix for bug 115951 . Separate BL_Cleanup and BL_Unload . r=wtchang,nelson 2006-10-02 21:15:46 +00:00
julien.pierre.bugs%sun.com
24aa200d7b Fix for bug 115951 . Unload freebl dynamic library . Also fix tiny one-time leak of library name . r=nelson,wtchang 2006-09-28 00:40:55 +00:00
nelson%bolyard.com
9dc19d4fe0 Correct the amount returned by ssl_Writev for short writes on non-blocking 
sockets.  Bug 338325. patch by Chris Newman <chris.newman@sun.com>
r=nelson
 2006-05-18 01:10:21 +00:00
rrelyea%redhat.com
f6290f423b From Bug 331279. 
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei
 2006-03-30 21:07:22 +00:00
wtchang%redhat.com
d27a2d48d9 Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and 
PR_EmulateSendFile added in NSPR 4.1.  r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c
 2006-01-18 23:06:57 +00:00
wtchang%redhat.com
fff23fc797 Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12 
plus upcoming revisions.  The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
	lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
	lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
	tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
	tests/ssl/ssl.sh
 2005-12-14 01:49:40 +00:00
nelsonb%netscape.com
719073fb14 Restore binary compatilibity for old Fortezza cipher suites. 
Bug 316640. r-glen.beasley
 2005-11-18 01:21:22 +00:00
nelsonb%netscape.com
abc6a22d68 Eliminate environment variable SSLNOLOCKS, add environment variable 
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.
 2005-09-23 01:04:32 +00:00
julien.pierre.bugs%sun.com
d42e92ad88 Fix hoarked build from previous checkin. Doh. 2005-09-16 21:28:20 +00:00
julien.pierre.bugs%sun.com
c56d3589f6 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 2005-09-16 20:33:09 +00:00
nelsonb%netscape.com
fdffe11308 Fix regression introduced in last checkin. If the caller disables the 
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack.  bug 305147. r=julien.pierre
 2005-09-10 01:18:40 +00:00
nelsonb%netscape.com
4b56704437 Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS. 
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c.  derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
    ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
    ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
    ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
 2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
d391504d03 Remove fortezza code from libSSL and from the SSL test programs. 
Stop building fortezza's special software token, and fortezza specific
test programs.   Bug 239960. r=rrelyea.
Modified Files:
    cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
    cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
    cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
    cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
    cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
    lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
    lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
    lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
    lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
    lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
    lib/ssl/sslt.h
 2005-08-16 03:42:26 +00:00
nelsonb%netscape.com
7d6edc424d Back out the preceeding fortezza removal patch, which was accidentally 
applied to the trunk, not to the intended branch.
 2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
17a1f014fd Remove fortezza support from libSSL and related commands. Bug 239960. 
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.
 2005-04-06 19:43:19 +00:00
nelsonb%netscape.com
095a0172f0 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre. 
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c
 2005-04-05 03:48:20 +00:00
jpierre%netscape.com
79af302c8e Fix for 242984 - crash with application having incomplete PRIOMethods. r=nelsonb,wtc 2004-05-11 03:48:25 +00:00
gerv%gerv.net
9bd361a285 Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines. 2004-04-27 23:04:40 +00:00
gerv%gerv.net
3634d4d94b Bug 236613: change to MPL/LGPL/GPL tri-license. 2004-04-25 15:03:26 +00:00
nelsonb%netscape.com
f87129ad87 Add support for Elliptic Curve Cryptography. Bug 195135. 
Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c
 2003-02-27 01:31:38 +00:00
nelsonb%netscape.com
644319e67f Support the TLS_RSA_WITH_NULL_SHA cipher suite. Bug 161529. 2002-08-09 21:53:17 +00:00
bishakhabanerjee%netscape.com
65f7eca2f9 Checking in riceman+bmo@mail.rit.edu's patch for bug 133702 2002-07-30 20:57:44 +00:00
nelsonb%netscape.com
f9e447b703 Make libSSL build for WinCE. 2002-04-04 00:14:12 +00:00
ian.mcgreer%sun.com
4ef12717ce bug 132889, sense of boolean 'blocking' is reversed within the HANDLE_ERR macro of ssl_WriteV 2002-03-22 22:48:02 +00:00
nelsonb%netscape.com
681ff24ca9 1. the sslSecurityInfo and sslGather structs are now part of the sslSocket 
rather than being pointed to by the sslSocket.  This reduces the number
of malloc/free calls, and greatly reduces pointer fetches, and null
pointer checks.  sslGather and sslSecurityInfo are separately initialized.
2. SSL_ResetHandshake no longer deallocates and reallocates the sslSecurityInfo and all its subcomponents.
3. Many places that formerly did not check for memory allocation failures
now do check, and do the right thing when allocation failed.
 2002-02-27 04:40:17 +00:00
nelsonb%netscape.com
4bfe43978d Change ssl_GetPeerInfo to no longer assume that an address is IPV6 if 
it's not IPv4.  Fixes a bug on systems that don't support IPV6, but
do support other address families.
 2002-02-26 00:28:15 +00:00
wtc%netscape.com
6c79ece2fe Bugzilla bug 70217: ported NSS to BeOS. The patch is contributed by 
Christopher Seawood <seawood@netscape.com>.
 2002-02-22 04:23:30 +00:00
relyea%netscape.com
75f3b7599d Clean up compilier warnings on Solaris and Linux, most particularly: 
1) Implicit declaration of function.
2) Possibly unitialized variables.

These warnings have indicated some real problems in the code, so many changes
are not just to silence the warnings, but to fix the problems. Others were
inocuous, but the warnings were silenced to reduce the noise.
 2001-12-07 01:36:25 +00:00
nelsonb%netscape.com
f941ac3116 Put better comments by the table of preconfigured policies. 2001-11-02 04:00:27 +00:00
nelsonb%netscape.com
a2bae99930 Add support to TLS for new 128-bit and 256-bit AES ciphersuites. 87021. 2001-09-21 03:07:35 +00:00
nelsonb%netscape.com
0e45538807 Implement new function SSL_GetChannelInfo(). Bugzilla bug 78959. 2001-09-18 01:59:21 +00:00
nelsonb%netscape.com
37217ae4f0 Change PR_Writev so it will drive the handshake when len == 0. 
Patch by John G Myers.  Bug 87359.
 2001-06-23 00:01:17 +00:00
nelsonb%netscape.com
6b57d89463 Add a workaround for bug 80092. If the last write returned WOULDBLOCK 
and data is now buffered for sending and the application calls PR_Poll
to poll on read, poll on write also.  This way, if the socket becomes
writable, the application's read attempt will send (more of) the buffered
write data.
 2001-05-18 20:44:35 +00:00
nelsonb%netscape.com
975e24163f Disable TCP Nagle delays on SSL sockets for NSS 3.3. Bug 67898. 
Modified Files:
	ssldef.c sslimpl.h sslsecur.c sslsock.c
 2001-05-08 23:12:34 +00:00
nelsonb%netscape.com
e49455a04c Eliminate cause of assertion failure that occurs when SSL is not the top 
protocol on the socket's stack.
 2001-04-26 21:53:11 +00:00
nelsonb%netscape.com
f8e2a2a948 Implementation of 5 DHE ciphersuites, client side only. 
Contributed by Dr Stephen Henson <stephen.henson@gemplus.com>
 2001-04-11 00:29:18 +00:00
nelsonb%netscape.com
46c15355d3 Reinterpret the READ and WRITE poll flags depending on the state of the 
socket and the SSL handshake.  Rename the badly named "connected" flag.
Bugzilla bugs 56924, 56926, 66706.
Modified Files:
    ssl3con.c sslauth.c sslcon.c ssldef.c sslgathr.c sslimpl.h
    sslsecur.c sslsock.c
 2001-03-16 23:26:06 +00:00
nelsonb%netscape.com
ecb09e90e8 Modify ssl_FindSocket() to set error PR_BAD_DESCRIPTOR_ERROR when it 
cannot find the SSL layer on the specified PRFileDesc. Ensure all
callers detect when ssl_FindSocket returns NULL and handle it properly.
Bug 68241. Reviewed by jgmyers and relyea.
Modified Files:
 	prelib.c sslauth.c sslsecur.c sslsock.c
 2001-02-09 02:11:31 +00:00
nelsonb%netscape.com
7dcf6f9722 Make SSL API consistent in using SECStatus as return value for functions 
that return only values in that enumeration.  Bug 68097. R&A = relyea.
Modified Files:
 	lib/ssl/ssl.h lib/ssl/sslauth.c lib/ssl/sslsecur.c
 	lib/ssl/sslsnce.c lib/ssl/sslsock.c cmd/selfserv/selfserv.c
 	cmd/strsclnt/strsclnt.c
 2001-02-09 00:32:14 +00:00
nelsonb%netscape.com
720374d8c3 When half-duplex applications (e.g. one thread per socket, doing alternate 
reading and writing) call PR_Send and PR_Recv with a non-infinite timeout
value, use that value for both underlying read and write operations.
Fixes bug 67402.  Reviewed by Wan-Teh.
 2001-02-07 02:06:05 +00:00