Commit Graph

161 Commits

Author SHA1 Message Date
kaie@kuix.de
e92c6abaf6 Bug 423475, Paypal crashes loading main site r=rrelyea, blocking1.9=beltzner 2008-03-17 11:42:04 -07:00
johnath@mozilla.com
08a8c58978 Show certificate error pages (instead of dialogs) in frames. b=423247, p=kengert, r=rrelyea, r=bzbarsky, a=blocking-1.9 (ted) 2008-03-17 11:13:37 -07:00
kaie@kuix.de
f44acb4d74 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios r=rrelyea, blocking1.9=dsicore 2008-03-16 06:42:32 -07:00
kaie@kuix.de
4a2ac6e90c bug 374336, add knowledge of Extended Validation / EV Certificates to PSM Follow up fix contributed by Neil that fixes allocator mismatch. r=kengert, approval1.9=dsicore 2008-03-14 08:22:50 -07:00
kaie@kuix.de
e6d6571817 Bug 400085, nsNSSCertificate::hasValidEVOidTag compare DER, not strings Patch contributed by Honza Bambas, r=rrelyea, r=kengert, approval1.9=beltzner 2008-03-06 22:14:33 -08:00
gavin@gavinsharp.com
01e48bc351 Bug 419111: unfrozen interfaces listed in SDK_XPIDLSRCS, r=kaie, sr=bzbarsky 2008-03-05 14:08:20 -08:00
reed@reedloden.com
67836dd7e3 Bug 351580 - "Possible null pointer dereferences in |nsCrypto::GenerateCRMFRequest|" (Fixed !NULL checks + GC rooting) [p=honzab@allpeers.com (Honza Bambas [mayhemer]) r=mrbkap a=blocking1.9+] 2008-03-04 03:25:44 -08:00
kaie@kuix.de
1c416620df Bug 418958, Enable Go Daddy root CA certificates for EV use r=rrelyea, a1.9b4=beltzner 2008-02-28 10:00:57 -08:00
dcamp@mozilla.com
44b567a446 Bug 415799: Interface and implementation for HMAC support. p=honzab@allpeers.com (Jan Bambas), r=kaie, r=rrelyea, sr=dveditz, blocking1.9=sayrer 2008-02-26 22:31:13 -08:00
wtc@google.com
c3c311e84b Bug 415033: added a hidden preference (in about:config) for enabling or disabling the TLS session ticket extension. The patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>. r=wtc,rrelyea,kengert a1.9+=damons Modified Files: netwerk/base/public/security-prefs.js security/manager/ssl/src/nsNSSComponent.cpp 2008-02-26 15:09:39 -08:00
kaie@kuix.de
af82e17ee3 Bug 416827, Enable Digicert root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:54:42 -08:00
kaie@kuix.de
80a24d43b5 Bug 418701, Enable Quo Vadis root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:51:59 -08:00
kaie@kuix.de
d8c6f29dcc Bug 416850, Deleting a security exception and then re-adding it causes cert exception to remain valid r=rrelyea, approval1.9=beltzner 2008-02-22 00:50:11 -08:00
kaie@kuix.de
fa2db966c4 Bug 372876, Read from SSL socket leaks memory r=rrelyea, blocking1.9=sayrer 2008-02-21 17:07:16 -08:00
dcamp@mozilla.com
52dfbcb3ee Bug 350873: nsStreamLoader code accessed on secondary thread [ASSERTION: nsStreamLoader not thread-safe]. r=kengert, sr=dveditz, b1.9=sayrer 2008-02-21 17:05:17 -08:00
kaie@kuix.de
6ce364ef47 Bug 415213, uninitialized variables in PSM r=rrelyea, a1.9=dsicore 2008-02-13 08:14:25 -08:00
kaie@kuix.de
2a5945649a Bug 413627, nsCertOverrideService can't register observers (NS_ERROR_UNEXPECTED) intended to fix blocking1.9+ Bug 414808 Patch contributed by Ehsan Akhgari, timeless and some trivial tweaks by myself Thanks to Tomcat for help with testing r=me, a=mtschrep, blocking1.9-on-414808=beltzner 2008-01-31 22:04:56 -08:00
kaie@kuix.de
48937de428 Bug 409091, SSL Client Auth prompt should indicate port number r=rrelyea, a1.9=mtschrep 2008-01-22 15:47:55 -08:00
kaie@kuix.de
aeabf2b45f Bug 405139, EV certs should be treated as providing less certainty of identity if OCSP is disabled. r=rrelyea, a1.9=mtschrep 2008-01-22 15:46:49 -08:00
kaie@kuix.de
a51dd553e9 Bug 412786, uninitialized variable r=rrelyea, a1.9=mtschrep 2008-01-22 15:44:29 -08:00
kaie@kuix.de
66c76f5083 Bug 412455, Regression, EV UI no longer shows up r=rrelyea, a1.9=mtschrep 2008-01-22 15:43:12 -08:00
kaie@kuix.de
6dee00122d Bug 399590, Update Mozilla trunk to use NSS tag NSS_3_12_BETA1 r=rrelyea, a1.9=mtschrep 2008-01-18 02:40:58 -08:00
kaie@kuix.de
8b4324d92b Bug 409280, nsIProtectedAuthThread is not embedding friendly Patch contributed by Christian Persch (GNOME) r=kengert, blocking1.9=mtschrep 2008-01-15 14:41:52 -08:00
kaie@kuix.de
be637af89e Bug 407523, Error page should not allow adding an exception for inadequate key usage r=rrelyea, a=mtschrep 2008-01-15 13:41:06 -08:00
benjamin@smedbergs.us
dfc4cee45d Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
dtownsend@oxymoronical.com
eef047b68f Bug 404726: Addon compatibility check gives many alerts (toolkit and security portions). r=gavin.sharp, r=kengert 2008-01-15 07:06:34 -08:00
kaie@kuix.de
d2c25c96f2 Bug 408432, Add Exception fails for certs with no DNS names (no CN, no SAN) r=rrelyea, blocking1.9=dsicore 2008-01-14 08:04:00 -08:00
kaie@kuix.de
e277586d41 bug 406999, Enhance EV performance; Never combine EV with Cert Overrides r=rrelyea, blocking1.9=mtschrep 2008-01-14 07:45:07 -08:00
jruderman@hmc.edu
eae9d39258 Add crashtest for keygen 2007-12-16 17:27:11 -08:00
kaie@kuix.de
ee2aa492e9 fixes bug 406290 r=wtc, a=beltzner 2007-12-14 09:39:30 -08:00
kaie@kuix.de
fb49368dc5 Bug 403691, unable to display decoded policies extension in certs from https://www.digicert.com r=kengert, a=beltzner 2007-12-14 08:11:57 -08:00
kaie@kuix.de
18434f216a bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:34:55 -08:00
kaie@kuix.de
34143f5ff6 bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:31:43 -08:00
kaie@kuix.de
e64d67a61b Bug 378241, Changes from bug 107491 lead to tons of thread-safety asserts r=rrelyea, r=wtc, sr=benjamin, blocking1.9=benjamin 2007-12-04 10:53:14 -08:00
kaie@kuix.de
ca5d681e30 Bug 404059, connection to t-mobile hotspot startup page takes very long Landing workaround patch (shorten timeout) r=rrelyea, blocking1.9=mtschrep 2007-12-03 14:58:06 -08:00
Olli.Pettay@helsinki.fi
74b6bb3346 Bug 401906, nsCertTreeDispInfo leaks, r=kengert, a=dsicore 2007-11-30 11:55:31 -08:00
cbiesinger@gmx.at
1e54b36be6 bug 262116 make disk cache serialize/deserialize the security info, if present also make nsNSSSocketInfo serializable PSM part: r=kaie sr=darin rest: r+sr=darin 2007-11-30 10:05:54 -08:00
cbiesinger@gmx.at
e8bba4b7e8 bug 405481 add nsISerializable and nsIClassInfo to nsNSSCertificate's QI impl r+sr=bz a=beltzner 2007-11-28 14:22:13 -08:00
rrelyea@redhat.com
9eb55b8d0e Enable real EV checking. Bug 289520. patch by kai engert. review rrelyea approval mtschrep. 2007-11-21 14:28:13 -08:00
kaie@kuix.de
a2fa7d276d Bug 402726, Allow to view cert on SSL protocol errors r=rrelyea, r=neil, r=gavin, a=dsicore 2007-11-20 09:59:33 -08:00
kaie@kuix.de
5199056941 Bug 401755, Cleanup nsNSSIOLayer.cpp->getErrorMessage Patch v3 to address regression r=rrelyea, a=mtschrep 2007-11-20 09:56:04 -08:00
bzbarsky@mit.edu
66f3331177 Remove some duplicated code. Bug 397651, r=kaie, sr=jst, a=schrep 2007-11-19 20:32:06 -08:00
kaie@kuix.de
9b4f890a7d Bug 404046, File nsIdentityChecking.cpp needs license header r=rrelyea, a=dsicore 2007-11-19 11:33:03 -08:00
kaie@kuix.de
e9b5f29921 bug 399589, PSM + tip of NSS, error ‘SECAlgorithmIDTemplate’ not declared r=rrelyea, a=mtschrep 2007-11-19 09:02:43 -08:00
kaie@kuix.de
5f02721e01 Bug 399696, allow temporary certificate exceptions r=rrelyeea, a=vladimir 2007-11-19 07:32:43 -08:00
kaie@kuix.de
dff5865241 Bug 401755, Cleanup nsNSSIOLayer.cpp->getErrorMessage r=rrelyea, a=mtschrep 2007-11-12 16:41:29 -08:00
kaie@kuix.de
e4dbc0eda1 Bug 399318, Fix 2 one time leaks in nsKeygenHandler r=rrelyea, a=mtschrep 2007-11-12 16:31:23 -08:00
kaie@kuix.de
43f6a70144 Bug 402602, https://paypal.com doesn't trigger the netError page that allows exceptions r=rrelyea, blocking-1.9=dsicore 2007-11-12 16:12:30 -08:00
kaie@kuix.de
d62432e6f3 Bug 401954, Include latest NSS error strings r=nelson, a=mtschrep 2007-11-12 16:11:54 -08:00
kaie@kuix.de
74f7737c46 Bug 400195, cert exception file has unix line endings on Windows r=nelson, a/blocking=sayrer 2007-11-09 07:12:34 -08:00
kaie@kuix.de
616326e439 Bug 399706, glibc detected: free(): invalid pointer attempting to select cert Landing better patch. r=rrelyea, a/blocking=beltzner 2007-11-09 07:09:58 -08:00
reed@reedloden.com
d013217fe4 Bug 401575 - "Support cert overriding from SSL error pages" [p=johnath r=kaie r=gavin r+sr=bzbarsky ui-r=beltzner a=blocking1.9+ for M9] 2007-11-03 11:49:47 -07:00
reed@reedloden.com
ce8e57d8c6 Bustage fix for bug 398718. 2007-10-30 13:59:26 -07:00
reed@reedloden.com
eeaeef5a63 Bug 398718 - "Better explanatory text for SSL error pages" [p=kaie/johnath r=rrelyea r=biesi a=blocking1.9+ for M9] 2007-10-30 13:26:25 -07:00
kaie@kuix.de
85baeb3584 Bug 399706, glibc detected: free(): invalid pointer attempting to select cert Regression fix for crash introduced by recent landing for bug 392790. Using minimal fix for M9 endgame. r=kengert, r=Kaspar Brand, a=beltzner 2007-10-24 15:30:34 -07:00
kaie@kuix.de
32728903ff Bug 374336, add knowledge of Extended Validation / EV Certificates to PSM r=rrelyea, a=mconnor/beltzner 2007-10-23 11:30:16 -07:00
kaie@kuix.de
415197f864 relanding Bug 399043, Workaround for Add-Certificate-Exception for (mail) ports blocked by Necko r=rrelyea, a=sayrer 2007-10-19 12:16:34 -07:00
kaie@kuix.de
2742761470 relanding Bug 399022, Leak-prone code in nsCertTree r=bzbarsky, a=sayrer 2007-10-19 12:12:07 -07:00
kaie@kuix.de
8eb14a67ee relanding: Bug 399045, PSM should remember valid intermediate CA certificates r=rrelyea, a=sayrer 2007-10-19 12:10:09 -07:00
reed@reedloden.com
72a8c276fd Bug 345665 - "nsKeygenHandler calls nsITokenDialogs ::ChooseToken with NULL context" [p=chpe r=kaie sr=dveditz a1.9=sayrer] 2007-10-18 23:10:39 -07:00
kaie@kuix.de
1af45527d6 backing out all my patches from yesterday, 399043 398549 399022 399045 345665 2007-10-16 17:18:55 -07:00
kaie@kuix.de
e654a1487f Bug 345665, nsKeygenHandler calls nsITokenDialogs ::ChooseToken with NULL context Patch contributed by Christian Persch r=kengert, sr=dveditz, a=sayrer 2007-10-15 17:38:58 -07:00
kaie@kuix.de
16ed6292d6 Bug 399045, PSM should remember valid intermediate CA certificates r=rrelyea, a=sayrer 2007-10-15 17:38:16 -07:00
kaie@kuix.de
d65e486f7e Bug 399022, Leak-prone code in nsCertTree r=bzbarsky, a=sayrer 2007-10-15 17:37:03 -07:00
kaie@kuix.de
e6cea55459 Bug 399043, Workaround for Add-Certificate-Exception for (mail) ports blocked by Necko r=rrelyea, a=sayrer 2007-10-15 17:33:01 -07:00
benjamin@smedbergs.us
2bd5a10828 Bug 398566 - Set MOZ_FIX_LINK_PATHS unconditionally, r=luser a=sayrer 2007-10-13 14:13:50 -07:00
reed@reedloden.com
ad48793e8d Bug 392790 - "In certificate selection dialogs, also show e-mail addresses from the subjectAltName extension" [p=mozbugzilla@velox.ch (Kaspar Brand) r=kaie sr=rrelyea a1.9=sayrer] 2007-10-13 00:46:11 -07:00
sdwilsh@shawnwilsher.com
723a99fa54 Bug 369428 - nsExternalAppHandler::SetUpTempFile uses a poor source of randomness, resulting in predictable filenames. r=kaie, sr=rrelyea, a=blocking1.9 2007-10-12 15:48:07 -07:00
sdwilsh@shawnwilsher.com
04d4d5267a Full backout of Bug 369428 2007-10-12 08:30:45 -07:00
sdwilsh@shawnwilsher.com
82e9ccc64f Bug 369428 - nsExternalAppHandler::SetUpTempFile uses a poor source of randomness, resulting in predictable filenames. r=kaie, sr=rrelyea, a=blocking1.9 2007-10-12 06:00:57 -07:00
kaie@kuix.de
883982ac02 Bug 397296, Firefox builds need to use the current NSS CVS tag r=mconnor, blocking-firefox3=benjamin 2007-10-11 12:03:05 -07:00
bzbarsky@mit.edu
55cdff892c Don't leak strings from <keygen>. Bug 398665, r=kaie, sr=jst, a=dbaron 2007-10-09 19:10:00 -07:00
kaie@kuix.de
c08bd97ba9 Bug 327181, Improve error reporting for invalid-certificate errors (error page for https, or combined dialog) Code in mozilla/security/manager: r=rrelyea Code elsewhere: r=mconnor, sr=dveditz blocking1.9=mconnor 2007-10-03 04:47:26 -07:00
kaie@kuix.de
9240a03852 Bug 327181, Improve error reporting for invalid-certificate errors (error page for https, or combined dialog) Code in mozilla/security/manager: r=rrelyea Code elsewhere: r=mconnor, sr=dveditz blocking1.9=mconnor 2007-10-03 04:43:54 -07:00
kaie@kuix.de
44248735f1 Bug 315871, In Certificate Viewer, allow to export cert or full chain Also covers Bug 161275, Support export of SSL, S/MIME, and CA certs Patch contributed by Kaspar Brand r=kengert, sr=rrelyea, a=dsicore 2007-10-01 09:38:21 -07:00
bent.mozilla@gmail.com
e974d54046 Bug 397319 - "Add JSAutoRequest to other users of GetArgvPtr". r+sr+a=jst. 2007-09-28 11:15:26 -07:00
dbaron@dbaron.org
e3a34a1b55 Fix leak of mPendingHTTPRequest in nsSSLThread::rememberPendingHTTPRequest by converting it to an nsCOMPtr. b=394528 r=kengert sr=bzbarsky a=bsmedberg 2007-09-17 17:31:37 -07:00
reed@reedloden.com
8f3887bc7b Bug 392780 - "nsNSSCertificateDB::FindCertByDBKey() crashes on invalid input" [p=mozbugzilla@velox.ch (Kaspar Brand) r=rrelyea sr=kaie a1.9=bzbarsky] 2007-09-17 13:46:27 -07:00
jag@tty.nl
9198e9c4b8 Bug 394139: Replace a bunch of NS_DEFINE_CIDs with CONTRACTIDs. r=/sr=/a=bsmedberg 2007-09-05 06:04:54 -07:00
jwalden@mit.edu
f114249dd9 Bug 348748 - Replace a cast that's commented out; I think my script ignored comment contents and thus missed this, but I haven't looked at the source recently enough to be sure. r=bsmedberg on the script, a=no-functionality-change 2007-09-05 00:13:46 -07:00
dtownsend@oxymoronical.com
087d6b2e28 Bug 390615: Add scriptable interface to verify digital signatures. r=kaie, a=blocking-1.9 2007-09-03 10:32:39 -07:00
kaie@kuix.de
0795b23edd bug 386654, Implement notification for EV certs r=rrelyea, sr=bzbarsky, a=bzbarsky 2007-08-23 14:28:15 -07:00
bzbarsky@mit.edu
db29a8ba1b Make it possible to fastload NSSCertificates. Bug 388128, r=kaie, sr=brendan, a=bzbarsky 2007-08-23 11:59:12 -07:00
kairo@kairo.at
36e1c02c3f bug 385458 - UI strings using "browser" when meaning "application", r=kaie 2007-08-05 04:53:59 -07:00
kaie@kuix.de
4e46839efd Bug 376329, Thunderbird fails on certificate path with circular references
r=nelson
2007-07-25 15:57:51 -07:00
kaie@kuix.de
931bb87869 Bug 382223, Add support for Camellia to PSM
Patch contributed by okazaki
r=kengert
2007-07-25 15:53:30 -07:00
rrelyea@redhat.com
ff84fbb60d Bug 388403 Land NSS 3.12 Alpha r=kai. 2007-07-23 12:02:59 -07:00
kaie@kuix.de
0f80d55c10 Bug 387011, Crash when importing certificate [@ nsNSSCertificateDB::ImportCertsFromFile]
r=rrelyea
2007-07-23 03:48:51 -07:00
kaie@kuix.de
5833a4177c Bug 387613, Crash [@ nsNSSCertificate::GetCert fb3ac2be] on click submit on chrome://pippki/content/editcacert.xul
r=rrelyea
2007-07-23 03:25:23 -07:00
kaie@kuix.de
7d430ddede Bug 380744, Thunderbird reports "unable to decrypt" on truncated decryptable messages
r=relyea, sr=mscott
2007-07-16 23:13:38 -07:00
jwalden@mit.edu
e3c4baccae Bug 348748 - Replace all instances of NS_STATIC_CAST and friends with C++ casts (and simultaneously bitrot nearly every patch in existence). r=bsmedberg on the script that did this. Tune in next time for Macro Wars: Episode II: Attack on the LL_* Macros. 2007-07-08 00:08:04 -07:00
kaie@kuix.de
7d2821fc1b Bug 176501, mozilla apps must manage NSS configuration for PKCS#11 shared libs, including nssckbi.dll
Incremental Patch v4, make sure we indeed look in all possible locations.
r=rrelyea
2007-06-27 06:15:02 -07:00
kaie@kuix.de
49f151e833 Bug 385904, Actually hook up the new NSS error strings
r=rrelyea
2007-06-27 06:12:03 -07:00
kaie@kuix.de
9839e48ee6 Bug 370875, "ASSERTION: nsSecureBrowserUIImpl not thread-safe" * 4 loading any https site
Patch contributed by Neil, r=kengert
2007-06-25 14:45:30 -07:00
kaie@kuix.de
b5f0e9e04c Bug 383390, follow up check in, adding a unit Test.
Patch contributed by Nils Maier, comments provided by Jeff Walden
r=kengert
2007-06-21 08:22:43 -07:00
rrelyea@redhat.com
c2c7340869 Backing previous patch because it broke the universal binary Mac build. 2007-06-19 01:41:28 -07:00
rrelyea@redhat.com
49efc9dc67 bug 217538 Check in NSS 3.12 into FF 3.0
r=kaie
2007-06-19 00:32:12 -07:00
kaie@kuix.de
8c8ef6d22c Bug 355643, Review PSM's error message overrides - are NSS errors better?Removing overrides, thereby enabling NSS messages.r=nelson 2007-06-12 19:48:41 -07:00
kaie@kuix.de
e3783d5ac1 Bug 375759, Cert manager showing date strings for "Your Certificates" namesFollow up checkin to improve memory use.r=kengert 2007-06-12 19:46:07 -07:00
kaie@kuix.de
54abf4c04f Bug 383390, nsICrypto Hash truncates to 32 byte; renders sha384 and sha512 corruptPatch contributed by Nils Maierr=kengert 2007-06-10 18:42:36 -07:00