Commit Graph

221 Commits

Author SHA1 Message Date
Wan-Teh Chang
22cf5dc5c0 Bug 479393: Call CERT_SetUsePKIXForValidation(PR_TRUE) after
initializing NSS to make the old NSS cert validation APIs use the
new libpkix cert validation engine internally.  r=kaie.
2009-02-25 17:51:31 -08:00
Serge Gautherie
265574ee2c Bug 400822 - Cert Viewer crashes when encountering improperly encoded GeneralNames (in AIA or CDP extensions) [@ ProcessGeneralName]; (Cv1) Use NS_ENSURE_ARG_POINTER(); r=kaie 2009-02-21 03:09:16 +01:00
Honza Bambas
af00f26ff5 Backout bug 456705 2009-02-18 15:38:51 +01:00
Honza Bambas
bf083a3640 Bug 456705 - Firefox 2.0.0.17 crashes when opening a https-site or on shutdown with FoxyProxy 2.8.5 [@ nsSSLThread::Run], r=kaie 2009-02-18 14:31:31 +01:00
bjarne@runitsoft.com
244d9431fc Bug 466080 - Make more things honor the LOAD_ANONYMOUS flag r=sicking,MisterSSL, sr=sicking 2009-02-17 14:06:52 -08:00
Peter Van der Beken
691b82b80e Fix for bug 391448 (Force layout/dom/content code to use classinfo macros that don't use the service manager.). r/sr=jst. 2009-02-17 15:08:08 +01:00
Honza Bambas
b52fe48b3b Bug 459657: nsNSSBadCertHandler leaks nsIBadCertListener2 proxy. r=kaie 2009-02-12 12:13:48 +00:00
Dave Townsend
4b59b521c9 Bug 475702: nsICertOverrideService.rememberValidityOverride leaks an nsStringBuffer for each call. r=kaie 2009-02-11 18:14:39 +00:00
Phil Ringnalda
4fcec9e509 Backed out changeset c8d43645a578 (bug 320954) for burning leak tests 2009-02-07 14:38:26 -08:00
timeless@mozdev.org
e3adbc4d64 Bug 320954 - PSM no profile handling code is broken, leading to pr_asserts, r=kaie 2009-02-07 13:50:21 -08:00
Fred Jendrzejewski
7d5761cdfa Bug 461047 - Replace nsStringArray with nsTArray<nsString>. r+sr=roc 2009-01-18 21:14:14 +01:00
Robert O'Callahan
1a9b00de4e Backed out changeset 8019a959aade 2009-01-16 22:20:33 +13:00
Fred Jendrzejewski
b79ad6fa55 Bug 461047. Replace nsStringArray with nsTArray<nsString>. r+sr=roc
--HG--
extra : rebase_source : 7a20af24c97867efbb28dafa6a70ea1b4cf00e58
2009-01-16 20:51:04 +13:00
timeless@mozdev.org
ec4d20eb2d Bug 368130 Bogus "SSL is disabled" error when SSL3 is disabled, r=kaie 2009-01-15 20:02:20 -08:00
Neil Rashbrook
0d40d66f37 Bug 486404 Various XPCOM allocator mismatches in PSM r=mayhemer 2009-04-15 17:04:24 +01:00
Jonas Sicking
2fe71d8086 Backed out changeset 03bc3379822a 2009-01-14 00:59:52 -08:00
bjarne@runitsoft.com
bd9db67c3e Bug 466080 - Make more things honor the LOAD_ANONYMOUS flag r=sicking,MisterSSL, sr=sicking 2009-01-13 23:06:39 -08:00
Ben Newman
e8f0d0a9f1 Remove seemingly unused crypto.alert() API in favor of window.alert() that we all know and love. r+sr=jst@mozilla.org 2009-01-06 15:55:06 -08:00
timeless@mozdev.org
c0e84d173f Bug 431776 - sdr doesn't handle oom, r=kaie 2009-01-01 22:12:22 -08:00
Kaspar Brand
95d8ec75c4 Bug 400822 - Cert Viewer crashes when encountering improperly encoded GeneralNames (in AIA or CDP extensions) [@ ProcessGeneralName]; r=kaie 2008-12-21 18:23:19 +01:00
Phil Ringnalda
bbe7e1d08a Bug 461888 - Remove unused PACKAGE_FILE and PACKAGE_VARS and .pkg files, mozilla-central part, r=bsmedberg 2008-11-03 19:46:28 -08:00
Jesper Kristensen
b5c0e51f77 Bug 401292 - application and addon updates fail when Danish Government browser extension is installed; r=(dveditz + kaie) 2008-10-29 05:39:28 +01:00
Kai Engert
02d663be6d Bug 460829, Temporary SSL server exceptions must not use permanent cert import
r=rrelyea
2008-10-23 04:16:06 +02:00
Kai Engert
533a2e2d3f Bug 450429, Enable COMODO ECC Certificate Authority for EV in PSM
r=nelson
2008-10-22 04:29:51 +02:00
Kai Engert
bc172bc08d Bug 439062 - Wording in SSL error dialogs contain inappropriate HTML tags; r=rrelyea 2008-10-16 03:14:03 +02:00
Kai Engert
86201c8a3c Bug 456945 - EV failure, off by one error; r=rrelyea 2008-10-16 03:06:44 +02:00
Taras Glek
2c733370d0 Bug 456099: outparamdel nsIPrivateDOMEvent r+sr=jst 2008-10-09 16:23:07 -07:00
Reed Loden
eb4c72542a Try again to really back out everything from bug 431819 in order to fix bug 454406. 2008-10-01 01:58:56 -05:00
Reed Loden
c49f1280fa Re-add two files added by bug 431819 that didn't need to be backed out for fixing bug 454406. 2008-10-01 01:36:49 -05:00
Reed Loden
2e4f64de6e Merge backout changeset for bug 454406 2008-10-01 01:03:35 -05:00
Reed Loden
93534d0ac8 Bug 454406 - "SSL handshakes fail after asking PSM to remember user's choice of client auth cert" (backed out changeset 6615b044bcd8 from bug 431819) 2008-10-01 01:01:39 -05:00
Taras Glek
1c1ad46be7 bug 454419: fix prbool stuff. r=kaie 2008-09-25 15:34:22 -07:00
Jason Orendorff
b94820fbeb Bug 451571 - Delete SetExceptionWasThrown (r=dbradley, sr=jst) 2008-08-30 18:58:36 -05:00
Kai Engert
63859a32d1 Bug 439722, Make the "bad cert error dialog" more helpful
r=rrelyea, sr=dveditz
2008-08-26 00:26:08 +02:00
Serge Gautherie
ddc26372f4 Bug 228448 - Remove '=='/'!=' 'PR_FALSE'/'PR_TRUE'
(Dv1a) </security/manager/ssl/src/ns*.cpp>
r=kaie
2008-08-20 00:18:58 -05:00
Serge Gautherie
a19034ed31 Bug 148194 - "Remove session-logout code from security module" ((Av1-19T) <nsNSSComponent.cpp>) [r=kaie] 2008-08-20 00:17:20 -05:00
Kai Engert
12321d9d10 bug 449892, Enable additional EV roots for FF 3.0.2
r=rrelyea
2008-08-20 03:57:23 +02:00
Serge Gautherie
1b5b96dc12 Bug 450187 – "nsNTLMAuthModule.cpp(827) : warning C4390: ';' : empty controlled statement found; is this the intent?"
(Av1) <nsNTLMAuthModule.cpp>
2008-08-12 01:41:37 +02:00
Benjamin Smedberg
86fc9bf82f Bug 445570 - heap autostring in PSM, r=kaie 2008-08-18 12:45:38 -04:00
Kai Engert
ea6862a090 Bug 443284, crash on login to ActivIdentity/ActivClient smartcard using acpkcs211.dll
Patches contributed by timeless and Dani Church
r=kaie, r=rrelyea
2008-08-14 18:42:40 +02:00
Kai Engert
d39c2d2778 Bug 307319 - Certificate details show incorrect public key information
r=rrelyea
2008-07-17 13:14:54 -04:00
Kai Engert
c91389877e Bug 442561, enable Entrust Root Certification Authority for EV
r=rrelyea
2008-07-08 23:27:13 +02:00
Kai Engert
3c85060846 Bug 429794, Lk (trace malloc leaks) test results have become very unstable
r=nelson
2008-07-08 22:42:51 +02:00
Kai Engert
a46e4f3f66 Bug 431819, SSL client auth, repeated prompts for client certificate
r=rrelyea, r=dveditz
2008-06-18 21:36:29 +02:00
Kai Engert
4ca4582de2 Bug 436870, FF3 RC1 loses SSL certificate exceptions
Patch contributed by Honza Bambas
r=kaie
2008-06-18 21:20:16 +02:00
Kai Engert
521a51d53f Bug 426830, remove unused nick_template_with_num
r=rrelyea
2008-06-11 20:20:24 +02:00
Kai Engert
d929cd8588 Bug 426555, nsClientAuthRememberService must be refcounted and implement nsISupportsWeakReference
r+sr=mrbkap
2008-06-27 16:28:08 +02:00
kaie@kuix.de
c0caa44ac4 Bug 431384, Enable Network Solutions Certificate Authority for EV r=rrelyea, a1.9=beltzner 2008-05-03 18:36:46 -07:00
kaie@kuix.de
c80da42e1f Bug 406954, Unable to add exception for server certificates with empty subject names r=rrelyea, a1.9=shaver 2008-04-23 19:05:37 -07:00
kaie@kuix.de
1035e5cf99 Bug 429110, Random crashing ( [@ PR_AtomicIncrement] ?) ( [@ nsIOService::NewURI] ?) r=rrelyea, a1.9=shaver 2008-04-22 15:46:44 -07:00
gavin@gavinsharp.com
1f832dc92d Bug 413909: nsCertOverrideService IDN handling is broken, and its port handling is also quite cumbersome, patch by Honza Bambas <honzab@allpeers.com>, r=kaie, a=shaver 2008-04-22 13:03:20 -07:00
kaie@kuix.de
f5086a376e Single patch for 3 overlapping fixes. Bug 420187, hang in nsNSSHttpRequestSession::internal_send_receive_attempt r=rrelyea Bug 383369, fixing a regression from 335801 r=rrelyea Bug 358438, fix proposed by and portions contributed by Honza Bambas r=honzab, r=rrelyea approval1.9 for combined patch = beltzner 2008-04-11 21:47:22 -07:00
kaie@kuix.de
8e1be3a7dd Bug 423002, Incorrect error message with certificates which contain subjectAltName r=rrelyea, a1.9=beltzner 2008-04-10 18:28:09 -07:00
kaie@kuix.de
913a248f1e Bug 428415, Don't pass uninitialized values to NSS CERT_PKIXVerifyCert r=rrelyea, a1.9=dsicore 2008-04-10 18:26:19 -07:00
kaie@kuix.de
f9e142e884 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios second landing attempt, earlier EV verification, patch 9 r=rrelyea also landing a regression fix, which applies to debug mode compilation code, only r=rrelyea blocking1.9=dsicore 2008-04-08 18:48:02 -07:00
kaie@kuix.de
ed10ad9a44 Bug 425518, Enable multiple roots for EV (and remove 1): Geotrust, Thawte, Verisign, Trustwave, Comodo r=rrelyea, r=nelson, blocking1.9=dsicore 2008-04-08 17:28:48 -07:00
kaie@kuix.de
37eb9c3367 Backing out the "early ev verification" patch from bug 406755, as an attempt to fix a tinderbox test failure (crash). 2008-04-07 19:22:26 -07:00
kaie@kuix.de
17b2f73120 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios Additional patch for Earlier EV verification, v8 r=wtc, r=nelson, blocking1.9=dsicore 2008-04-07 17:10:41 -07:00
kaie@kuix.de
a608dfde44 Bug 427081, Allow to override SEC_ERROR_INADEQUATE_KEY_USAGE r=nelson, a1.9=dsicore 2008-04-04 17:02:31 -07:00
kaie@kuix.de
ffc31711d1 Bug 420187. Backing out all 3 patches from today, because of regressions. a=shaver 2008-03-25 20:06:52 -07:00
kaie@kuix.de
755c32e75f Bug 420187, hang in nsNSSHttpRequestSession::internal_send_receive_attempt Follow up patch to fix leak tinderbox bustage, r=rrelyea 2008-03-25 14:49:35 -07:00
kaie@kuix.de
d9ea85f3b9 Attempt to fix red tinderbox, trivial mismatch between NS_IMETHODIMP and nsresult. Follow up to my fix for bug 420187. 2008-03-25 13:09:18 -07:00
kaie@kuix.de
5e5bffbd65 bug 420187, hang in nsNSSHttpRequestSession::internal_send_receive_attempt r=rrelyea, pending more comments blocking1.9=shaver approval1.9b5=beltzner 2008-03-25 12:34:48 -07:00
reed@reedloden.com
ffb0913b45 Bug 419794 - "work out key API for nsICryptoHMAC" (API use nsIKeyObject + fix nsKeyModule + nsICryptoHMAC usage fix) [p=honzab@allpeers.com (Honza Bambas [mayhemer]) r=rrelyea sr=dveditz a=blocking1.9+] 2008-03-18 12:45:40 -07:00
kaie@kuix.de
e92c6abaf6 Bug 423475, Paypal crashes loading main site r=rrelyea, blocking1.9=beltzner 2008-03-17 11:42:04 -07:00
johnath@mozilla.com
08a8c58978 Show certificate error pages (instead of dialogs) in frames. b=423247, p=kengert, r=rrelyea, r=bzbarsky, a=blocking-1.9 (ted) 2008-03-17 11:13:37 -07:00
kaie@kuix.de
f44acb4d74 Bug 406755, EV certs not recognized as EV with some cross-certification scenarios r=rrelyea, blocking1.9=dsicore 2008-03-16 06:42:32 -07:00
kaie@kuix.de
4a2ac6e90c bug 374336, add knowledge of Extended Validation / EV Certificates to PSM Follow up fix contributed by Neil that fixes allocator mismatch. r=kengert, approval1.9=dsicore 2008-03-14 08:22:50 -07:00
kaie@kuix.de
e6d6571817 Bug 400085, nsNSSCertificate::hasValidEVOidTag compare DER, not strings Patch contributed by Honza Bambas, r=rrelyea, r=kengert, approval1.9=beltzner 2008-03-06 22:14:33 -08:00
reed@reedloden.com
67836dd7e3 Bug 351580 - "Possible null pointer dereferences in |nsCrypto::GenerateCRMFRequest|" (Fixed !NULL checks + GC rooting) [p=honzab@allpeers.com (Honza Bambas [mayhemer]) r=mrbkap a=blocking1.9+] 2008-03-04 03:25:44 -08:00
kaie@kuix.de
1c416620df Bug 418958, Enable Go Daddy root CA certificates for EV use r=rrelyea, a1.9b4=beltzner 2008-02-28 10:00:57 -08:00
dcamp@mozilla.com
44b567a446 Bug 415799: Interface and implementation for HMAC support. p=honzab@allpeers.com (Jan Bambas), r=kaie, r=rrelyea, sr=dveditz, blocking1.9=sayrer 2008-02-26 22:31:13 -08:00
wtc@google.com
c3c311e84b Bug 415033: added a hidden preference (in about:config) for enabling or disabling the TLS session ticket extension. The patch is contributed by Nagendra Modadugu <ngm+mozilla@google.com>. r=wtc,rrelyea,kengert a1.9+=damons Modified Files: netwerk/base/public/security-prefs.js security/manager/ssl/src/nsNSSComponent.cpp 2008-02-26 15:09:39 -08:00
kaie@kuix.de
af82e17ee3 Bug 416827, Enable Digicert root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:54:42 -08:00
kaie@kuix.de
80a24d43b5 Bug 418701, Enable Quo Vadis root CA certificate for EV use r=rrelyea, approval1.9=beltzner 2008-02-22 00:51:59 -08:00
kaie@kuix.de
d8c6f29dcc Bug 416850, Deleting a security exception and then re-adding it causes cert exception to remain valid r=rrelyea, approval1.9=beltzner 2008-02-22 00:50:11 -08:00
kaie@kuix.de
fa2db966c4 Bug 372876, Read from SSL socket leaks memory r=rrelyea, blocking1.9=sayrer 2008-02-21 17:07:16 -08:00
dcamp@mozilla.com
52dfbcb3ee Bug 350873: nsStreamLoader code accessed on secondary thread [ASSERTION: nsStreamLoader not thread-safe]. r=kengert, sr=dveditz, b1.9=sayrer 2008-02-21 17:05:17 -08:00
kaie@kuix.de
6ce364ef47 Bug 415213, uninitialized variables in PSM r=rrelyea, a1.9=dsicore 2008-02-13 08:14:25 -08:00
kaie@kuix.de
2a5945649a Bug 413627, nsCertOverrideService can't register observers (NS_ERROR_UNEXPECTED) intended to fix blocking1.9+ Bug 414808 Patch contributed by Ehsan Akhgari, timeless and some trivial tweaks by myself Thanks to Tomcat for help with testing r=me, a=mtschrep, blocking1.9-on-414808=beltzner 2008-01-31 22:04:56 -08:00
kaie@kuix.de
48937de428 Bug 409091, SSL Client Auth prompt should indicate port number r=rrelyea, a1.9=mtschrep 2008-01-22 15:47:55 -08:00
kaie@kuix.de
aeabf2b45f Bug 405139, EV certs should be treated as providing less certainty of identity if OCSP is disabled. r=rrelyea, a1.9=mtschrep 2008-01-22 15:46:49 -08:00
kaie@kuix.de
a51dd553e9 Bug 412786, uninitialized variable r=rrelyea, a1.9=mtschrep 2008-01-22 15:44:29 -08:00
kaie@kuix.de
66c76f5083 Bug 412455, Regression, EV UI no longer shows up r=rrelyea, a1.9=mtschrep 2008-01-22 15:43:12 -08:00
kaie@kuix.de
6dee00122d Bug 399590, Update Mozilla trunk to use NSS tag NSS_3_12_BETA1 r=rrelyea, a1.9=mtschrep 2008-01-18 02:40:58 -08:00
kaie@kuix.de
8b4324d92b Bug 409280, nsIProtectedAuthThread is not embedding friendly Patch contributed by Christian Persch (GNOME) r=kengert, blocking1.9=mtschrep 2008-01-15 14:41:52 -08:00
kaie@kuix.de
be637af89e Bug 407523, Error page should not allow adding an exception for inadequate key usage r=rrelyea, a=mtschrep 2008-01-15 13:41:06 -08:00
benjamin@smedbergs.us
dfc4cee45d Bug 411327 - nsIXPCNativeCallContext should not inherit from nsISupports, r=mrbkap, a=schrep 2008-01-15 07:50:57 -08:00
dtownsend@oxymoronical.com
eef047b68f Bug 404726: Addon compatibility check gives many alerts (toolkit and security portions). r=gavin.sharp, r=kengert 2008-01-15 07:06:34 -08:00
kaie@kuix.de
d2c25c96f2 Bug 408432, Add Exception fails for certs with no DNS names (no CN, no SAN) r=rrelyea, blocking1.9=dsicore 2008-01-14 08:04:00 -08:00
kaie@kuix.de
e277586d41 bug 406999, Enhance EV performance; Never combine EV with Cert Overrides r=rrelyea, blocking1.9=mtschrep 2008-01-14 07:45:07 -08:00
kaie@kuix.de
ee2aa492e9 fixes bug 406290 r=wtc, a=beltzner 2007-12-14 09:39:30 -08:00
kaie@kuix.de
fb49368dc5 Bug 403691, unable to display decoded policies extension in certs from https://www.digicert.com r=kengert, a=beltzner 2007-12-14 08:11:57 -08:00
kaie@kuix.de
18434f216a bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:34:55 -08:00
kaie@kuix.de
34143f5ff6 bug 119500, PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported Patch contributed by Petr Kostka r=rrelyea, sr=kengert, a=dsicore Addon Patch to provide dummy implementations for gtk-embedding and camino. r=mark, sr=jst 2007-12-04 23:31:43 -08:00
kaie@kuix.de
e64d67a61b Bug 378241, Changes from bug 107491 lead to tons of thread-safety asserts r=rrelyea, r=wtc, sr=benjamin, blocking1.9=benjamin 2007-12-04 10:53:14 -08:00
kaie@kuix.de
ca5d681e30 Bug 404059, connection to t-mobile hotspot startup page takes very long Landing workaround patch (shorten timeout) r=rrelyea, blocking1.9=mtschrep 2007-12-03 14:58:06 -08:00
Olli.Pettay@helsinki.fi
74b6bb3346 Bug 401906, nsCertTreeDispInfo leaks, r=kengert, a=dsicore 2007-11-30 11:55:31 -08:00
cbiesinger@gmx.at
1e54b36be6 bug 262116 make disk cache serialize/deserialize the security info, if present also make nsNSSSocketInfo serializable PSM part: r=kaie sr=darin rest: r+sr=darin 2007-11-30 10:05:54 -08:00
cbiesinger@gmx.at
e8bba4b7e8 bug 405481 add nsISerializable and nsIClassInfo to nsNSSCertificate's QI impl r+sr=bz a=beltzner 2007-11-28 14:22:13 -08:00