1. 08 Nov, 2018 1 commit
  2. 14 Feb, 2019 3 commits
  3. 12 Feb, 2019 1 commit
  4. 08 Feb, 2019 4 commits
  5. 07 Feb, 2019 3 commits
  6. 06 Feb, 2019 1 commit
    • Fraser Tweedale's avatar
      Bug 1523484 - do not treat CN as DNS name for non-server certs, r=ueno · 54d34e31
      Fraser Tweedale authored
      libpkix, when validating a leaf certificate against the CAs' name
      constraints, treats the Subject DN CN attribute as a DNS name.  This
      may be reasonable behaviour for server certificates, but does not
      make sense for other kinds of certificates (e.g. user certificates,
      OCSP signing certificates, etc.)
      
      Update the libpkix name constraints checker to only treat the CN as
      a DNS name for server certificates (i.e. when id-kp-serverAuth is
      asserted in the Extended Key Usage extension).  For compatibility,
      the behaviour is unchanged (i.e. CN is still treated as a DNS name)
      when the certificate does not have an Extended Key Usage extension.
      
      --HG--
      extra : amend_source : c2bbd69eec528ce9be7c89d3d1aa7742c9eb4c49
      54d34e31
  7. 05 Feb, 2019 1 commit
  8. 04 Feb, 2019 1 commit
  9. 03 Feb, 2019 1 commit
  10. 10 Jan, 2019 2 commits
  11. 09 Jan, 2019 1 commit
    • Edênis Freindorfer Azevedo's avatar
      Bug 818686 - XDG Base Directory Specification support with fallback, r=mt · 24dd1413
      Edênis Freindorfer Azevedo authored
      Summary:
      We check if $HOME/.pki and $HOME/.pki/nssdb exist; if they do, then we use
      this path. Otherwise, use ${XDG_DATA_HOME:-$HOME/.local/share}/pki/nssdb
      
      Test Plan:
      Create dummy empty dir and set HOME to it. Then, check if getUserDb returns:
      1. $HOME/.pki/nssdb when this path exists;
      2. $HOME/.local/share/pki/nssdb when $HOME/.pki/nssdb does not and XDG_DATA_HOME is not defined;
      3. $XDG_DATA_HOME/pki/nssdb when $HOME/.pki/nssdb does not exist and XDG_DATA_HOME is defined.
      
      Reviewers: mt
      
      Reviewed By: mt
      
      Bug #: 818686
      
      Differential Revision: https://phabricator.services.mozilla.com/D14007
      
      --HG--
      extra : rebase_source : 846de94c6fc309e56bfc9d1247f13a1b15894fbf
      24dd1413
  12. 28 Jan, 2019 1 commit
  13. 27 Jan, 2019 3 commits
  14. 24 Jan, 2019 1 commit
  15. 22 Jan, 2019 1 commit
  16. 24 Jan, 2019 2 commits
  17. 12 Jan, 2019 1 commit
  18. 14 Jan, 2019 1 commit
  19. 09 Jan, 2019 1 commit
    • Edênis Freindorfer Azevedo's avatar
      Bug 818686 - XDG Base Directory Specification support with fallback, r=mt · 7f21d4f4
      Edênis Freindorfer Azevedo authored
      Summary:
      We check if $HOME/.pki and $HOME/.pki/nssdb exist; if they do, then we use
      this path. Otherwise, use ${XDG_DATA_HOME:-$HOME/.local/share}/pki/nssdb
      
      Test Plan:
      Create dummy empty dir and set HOME to it. Then, check if getUserDb returns:
      1. $HOME/.pki/nssdb when this path exists;
      2. $HOME/.local/share/pki/nssdb when $HOME/.pki/nssdb does not and XDG_DATA_HOME is not defined;
      3. $XDG_DATA_HOME/pki/nssdb when $HOME/.pki/nssdb does not exist and XDG_DATA_HOME is defined.
      
      Reviewers: mt
      
      Reviewed By: mt
      
      Bug #: 818686
      
      Differential Revision: https://phabricator.services.mozilla.com/D14007
      
      --HG--
      extra : source : 45f82855824be40a6a2b74632dda5e9e6f89a5d0
      7f21d4f4
  20. 16 Jan, 2019 1 commit
  21. 02 Jan, 2019 2 commits
  22. 24 Dec, 2018 1 commit
    • Martin Thomson's avatar
      Bug 1513913 - Rename symbols with __ names in dbm, r=jcj · b9dad25d
      Martin Thomson authored
      These have been shown to collice.  This also renames two types: `struct __db`
      and `__default_hash`.  A global, `__sigtemp` is also renamed (though removed
      might be better, I don't want to do too much here).
      
      I considered also renaming __DBINTERFACE_PRIVATE, but that is part of the
      external interface.
      
      --HG--
      extra : source : dafd3408e5aa8fe1c9d127982a6d5e88bca7e00d
      extra : amend_source : f282f42591ef9cf01aae8399b60534620b2f463d
      b9dad25d
  23. 19 Dec, 2018 1 commit
    • Jonas Allmann's avatar
      Bug 1514999 - Add wycheproof Curve25519 testcases to nss, r=franziskus · 69203eee
      Jonas Allmann authored
      Differential Revision: https://phabricator.services.mozilla.com/D14843
      
      --HG--
      rename : gtests/common/chachapoly-vectors.h => gtests/common/testvectors/chachapoly-vectors.h
      rename : gtests/common/gcm-vectors.h => gtests/common/testvectors/gcm-vectors.h
      rename : gtests/common/wycheproof/header_bases/chachapoly-vectors.h => gtests/common/testvectors_base/chachapoly-vectors_base.h
      rename : gtests/common/wycheproof/header_bases/gcm-vectors.h => gtests/common/testvectors_base/gcm-vectors_base.h
      rename : gtests/common/wycheproof/testvectors/aes_gcm_test.json => gtests/common/wycheproof/source_vectors/aes_gcm_test.json
      rename : gtests/common/wycheproof/testvectors/chacha20_poly1305_test.json => gtests/common/wycheproof/source_vectors/chacha20_poly1305_test.json
      extra : amend_source : c6a4e9bc385e669347b13bbe1703eed65e385d6c
      69203eee
  24. 13 Dec, 2018 1 commit
  25. 10 Dec, 2018 1 commit
    • Zheng Ruoqin's avatar
      Bug 1512923 - Fix SHA_HTONL bug for arm 32be r=jcj · c059dbfb
      Zheng Ruoqin authored
      Rpm use nss as digest crypto library and which will cause an error on
      arm 32be platform as follows:
      
      error: test-manual-1.2.3-20181012.noarch.rpm: Header SHA1 digest: BAD
      (Expected
      f1deb7dc4a10742d88ccd1e967dbc62ae45095a5
      !=4ad9d7dad6d70d6086eefec62612ad5d77f2fe81)  => this value is wrong
      error: test-manual-1.2.3-20181012.noarch.rpm: not an rpm package (or
      package manifest)
      
      The error is caused by SHA_HTONL in nss, for there is no need to reverse
      the host value for arm 32be as it is originally big endian, so fix it.
      Signed-off-by: default avatarZheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
      
      --HG--
      extra : rebase_source : f42990c833b0d5c8d4ba08e20d13f96b2708de33
      extra : amend_source : 2781c572e071400f6c9da1cee87f49d4e0890ea9
      c059dbfb
  26. 11 Dec, 2018 1 commit
  27. 04 Dec, 2018 1 commit
  28. 30 Nov, 2018 1 commit