Commit Graph

121 Commits

Author SHA1 Message Date
kaie@kuix.de
f9e142e884 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios second landing attempt, earlier EV verification, patch 9 r=rrelyea also landing a regression fix, which applies to debug mode compilation code, only r=rrelyea blocking1.9=dsicore 2008-04-08 18:48:02 -07:00
kaie@kuix.de
ed10ad9a44 Bug 425518, Enable multiple roots for EV (and remove 1): Geotrust, Thawte, Verisign, Trustwave, Comodo r=rrelyea, r=nelson, blocking1.9=dsicore 2008-04-08 17:28:48 -07:00
kaie@kuix.de
37eb9c3367 Backing out the "early ev verification" patch from bug 406755, as an attempt to fix a tinderbox test failure (crash). 2008-04-07 19:22:26 -07:00
kaie@kuix.de
17b2f73120 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios Additional patch for Earlier EV verification, v8 r=wtc, r=nelson, blocking1.9=dsicore 2008-04-07 17:10:41 -07:00
kaie@kuix.de
a608dfde44 Bug 427081, Allow to override SEC_ERROR_INADEQUATE_KEY_USAGE r=nelson, a1.9=dsicore 2008-04-04 17:02:31 -07:00
kaie@kuix.de
ffc31711d1 Bug 420187. Backing out all 3 patches from today, because of regressions. a=shaver 2008-03-25 20:06:52 -07:00
kaie@kuix.de
755c32e75f Bug 420187, hang in nsNSSHttpRequestSession::internal_send_receive_attempt Follow up patch to fix leak tinderbox bustage, r=rrelyea 2008-03-25 14:49:35 -07:00
kaie@kuix.de
d9ea85f3b9 Attempt to fix red tinderbox, trivial mismatch between NS_IMETHODIMP and nsresult. Follow up to my fix for bug 420187. 2008-03-25 13:09:18 -07:00
kaie@kuix.de
5e5bffbd65 bug 420187, hang in nsNSSHttpRequestSession::internal_send_receive_attempt r=rrelyea, pending more comments blocking1.9=shaver approval1.9b5=beltzner 2008-03-25 12:34:48 -07:00
reed@reedloden.com
ffb0913b45 Bug 419794 - "work out key API for nsICryptoHMAC" (API use nsIKeyObject + fix nsKeyModule + nsICryptoHMAC usage fix) [p=honzab@allpeers.com (Honza Bambas [mayhemer]) r=rrelyea sr=dveditz a=blocking1.9+] 2008-03-18 12:45:40 -07:00
kaie@kuix.de
e92c6abaf6 Bug 423475, Paypal crashes loading main site r=rrelyea, blocking1.9=beltzner 2008-03-17 11:42:04 -07:00
johnath@mozilla.com
08a8c58978 Show certificate error pages (instead of dialogs) in frames. b=423247, p=kengert, r=rrelyea, r=bzbarsky, a=blocking-1.9 (ted) 2008-03-17 11:13:37 -07:00
kaie@kuix.de
f44acb4d74 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios r=rrelyea, blocking1.9=dsicore 2008-03-16 06:42:32 -07:00
kaie@kuix.de
4a2ac6e90c bug 374336, add knowledge of Extended Validation / EV Certificates to PSM Follow up fix contributed by Neil that fixes allocator mismatch. r=kengert, approval1.9=dsicore 2008-03-14 08:22:50 -07:00
kaie@kuix.de
e6d6571817 Bug 400085, nsNSSCertificate::hasValidEVOidTag compare DER, not strings Patch contributed by Honza Bambas, r=rrelyea, r=kengert, approval1.9=beltzner 2008-03-06 22:14:33 -08:00
gavin@gavinsharp.com
01e48bc351 Bug 419111: unfrozen interfaces listed in SDK_XPIDLSRCS, r=kaie, sr=bzbarsky 2008-03-05 14:08:20 -08:00
reed@reedloden.com
67836dd7e3 Bug 351580 - "Possible null pointer dereferences in |nsCrypto::GenerateCRMFRequest|" (Fixed !NULL checks + GC rooting) [p=honzab@allpeers.com (Honza Bambas [mayhemer]) r=mrbkap a=blocking1.9+] 2008-03-04 03:25:44 -08:00
kaie@kuix.de
1c416620df Bug 418958, Enable Go Daddy root CA certificates for EV use r=rrelyea, a1.9b4=beltzner 2008-02-28 10:00:57 -08:00
dcamp@mozilla.com
44b567a446 Bug 415799: Interface and implementation for HMAC support. p=honzab@allpeers.com (Jan Bambas), r=kaie, r=rrelyea, sr=dveditz, blocking1.9=sayrer 2008-02-26 22:31:13 -08:00
wtc@google.com
c3c311e84b Bug 415033: added a hidden preference (in about:config) for enabling or disabling the TLS session ticket extension. The patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>. r=wtc,rrelyea,kengert a1.9+=damons Modified Files: netwerk/base/public/security-prefs.js security/manager/ssl/src/nsNSSComponent.cpp 2008-02-26 15:09:39 -08:00
kaie@kuix.de
af82e17ee3 Bug 416827, Enable Digicert root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:54:42 -08:00
kaie@kuix.de
80a24d43b5 Bug 418701, Enable Quo Vadis root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:51:59 -08:00
kaie@kuix.de
d8c6f29dcc Bug 416850, Deleting a security exception and then re-adding it causes cert exception to remain valid r=rrelyea, approval1.9=beltzner 2008-02-22 00:50:11 -08:00
kaie@kuix.de
fa2db966c4 Bug 372876, Read from SSL socket leaks memory r=rrelyea, blocking1.9=sayrer 2008-02-21 17:07:16 -08:00
dcamp@mozilla.com
52dfbcb3ee Bug 350873: nsStreamLoader code accessed on secondary thread [ASSERTION: nsStreamLoader not thread-safe]. r=kengert, sr=dveditz, b1.9=sayrer 2008-02-21 17:05:17 -08:00
kaie@kuix.de
6ce364ef47 Bug 415213, uninitialized variables in PSM r=rrelyea, a1.9=dsicore 2008-02-13 08:14:25 -08:00
kaie@kuix.de
2a5945649a Bug 413627, nsCertOverrideService can't register observers (NS_ERROR_UNEXPECTED) intended to fix blocking1.9+ Bug 414808 Patch contributed by Ehsan Akhgari, timeless and some trivial tweaks by myself Thanks to Tomcat for help with testing r=me, a=mtschrep, blocking1.9-on-414808=beltzner 2008-01-31 22:04:56 -08:00
kaie@kuix.de
48937de428 Bug 409091, SSL Client Auth prompt should indicate port number r=rrelyea, a1.9=mtschrep 2008-01-22 15:47:55 -08:00
kaie@kuix.de
aeabf2b45f Bug 405139, EV certs should be treated as providing less certainty of identity if OCSP is disabled. r=rrelyea, a1.9=mtschrep 2008-01-22 15:46:49 -08:00
kaie@kuix.de
a51dd553e9 Bug 412786, uninitialized variable r=rrelyea, a1.9=mtschrep 2008-01-22 15:44:29 -08:00
kaie@kuix.de
66c76f5083 Bug 412455, Regression, EV UI no longer shows up r=rrelyea, a1.9=mtschrep 2008-01-22 15:43:12 -08:00
kaie@kuix.de
6dee00122d Bug 399590, Update Mozilla trunk to use NSS tag NSS_3_12_BETA1 r=rrelyea, a1.9=mtschrep 2008-01-18 02:40:58 -08:00
kaie@kuix.de
8b4324d92b Bug 409280, nsIProtectedAuthThread is not embedding friendly Patch contributed by Christian Persch (GNOME) r=kengert, blocking1.9=mtschrep 2008-01-15 14:41:52 -08:00
kaie@kuix.de
be637af89e Bug 407523, Error page should not allow adding an exception for inadequate key usage r=rrelyea, a=mtschrep 2008-01-15 13:41:06 -08:00
benjamin@smedbergs.us
dfc4cee45d Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
dtownsend@oxymoronical.com
eef047b68f Bug 404726: Addon compatibility check gives many alerts (toolkit and security portions). r=gavin.sharp, r=kengert 2008-01-15 07:06:34 -08:00
kaie@kuix.de
d2c25c96f2 Bug 408432, Add Exception fails for certs with no DNS names (no CN, no SAN) r=rrelyea, blocking1.9=dsicore 2008-01-14 08:04:00 -08:00
kaie@kuix.de
e277586d41 bug 406999, Enhance EV performance; Never combine EV with Cert Overrides r=rrelyea, blocking1.9=mtschrep 2008-01-14 07:45:07 -08:00
jruderman@hmc.edu
eae9d39258 Add crashtest for keygen 2007-12-16 17:27:11 -08:00
kaie@kuix.de
ee2aa492e9 fixes bug 406290 r=wtc, a=beltzner 2007-12-14 09:39:30 -08:00
kaie@kuix.de
fb49368dc5 Bug 403691, unable to display decoded policies extension in certs from https://www.digicert.com r=kengert, a=beltzner 2007-12-14 08:11:57 -08:00
kaie@kuix.de
18434f216a bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:34:55 -08:00
kaie@kuix.de
34143f5ff6 bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:31:43 -08:00
kaie@kuix.de
e64d67a61b Bug 378241, Changes from bug 107491 lead to tons of thread-safety asserts r=rrelyea, r=wtc, sr=benjamin, blocking1.9=benjamin 2007-12-04 10:53:14 -08:00
kaie@kuix.de
ca5d681e30 Bug 404059, connection to t-mobile hotspot startup page takes very long Landing workaround patch (shorten timeout) r=rrelyea, blocking1.9=mtschrep 2007-12-03 14:58:06 -08:00
Olli.Pettay@helsinki.fi
74b6bb3346 Bug 401906, nsCertTreeDispInfo leaks, r=kengert, a=dsicore 2007-11-30 11:55:31 -08:00
cbiesinger@gmx.at
1e54b36be6 bug 262116 make disk cache serialize/deserialize the security info, if present also make nsNSSSocketInfo serializable PSM part: r=kaie sr=darin rest: r+sr=darin 2007-11-30 10:05:54 -08:00
cbiesinger@gmx.at
e8bba4b7e8 bug 405481 add nsISerializable and nsIClassInfo to nsNSSCertificate's QI impl r+sr=bz a=beltzner 2007-11-28 14:22:13 -08:00
rrelyea@redhat.com
9eb55b8d0e Enable real EV checking. Bug 289520. patch by kai engert. review rrelyea approval mtschrep. 2007-11-21 14:28:13 -08:00
kaie@kuix.de
a2fa7d276d Bug 402726, Allow to view cert on SSL protocol errors r=rrelyea, r=neil, r=gavin, a=dsicore 2007-11-20 09:59:33 -08:00