19b8f1384e9802167eea5b7bc3a3d5824406420c: Bug 1363932 - reduce locking overhead in sftk_searchObjectList r=franziskus
David Keeler <dkeeler@mozilla.com> - Thu, 11 May 2017 13:22:52 -0700 - rev 13344
Push 2186 by franziskuskiefer@gmail.com at Thu, 11 May 2017 20:24:31 +0000
Bug 1363932 - reduce locking overhead in sftk_searchObjectList r=franziskus Summary: Before this patch, sftk_searchObjectList would acquire and release the SFTKSlot's objectLock once per bucket in the SFTKSlot's sessObjHashTable. This patch reduces the locking overhead by acquiring the lock once and then iterating over the entire table. This patch also removes the unused PRBool tokenOnly in NSC_FindObjectsInit (the only caller of sftk_searchObjectList). (Changeset b8f289456399 removed the code that modified tokenOnly. Unfortunately there doesn't appear to be a bug associated with that changeset, so we can't easily determine if that was intended. In any case, it's been this way for a decade, so if anything was broken by this, no one has noticed yet.) Reviewers: franziskus Reviewed By: franziskus Differential Revision: https://nss-review.dev.mozaws.net/D316
6e9684c66d5a40413854dc29b47d01a73b07fb75: Bug 1363569 - improve SQL queries in sdb_FindObjects* r=franziskus
David Keeler <dkeeler@mozilla.com> - Wed, 10 May 2017 15:56:55 -0700 - rev 13343
Push 2185 by franziskuskiefer@gmail.com at Wed, 10 May 2017 22:59:52 +0000
Bug 1363569 - improve SQL queries in sdb_FindObjects* r=franziskus Summary: When sqlite prepares statements, it appears to have an algorithm which is O(n * m), where n is the number of columns in the table and m is the number of columns selected in the query. Since the certificate database has about 115 columns, when "SELECT * FROM ..." is used, it introduces significant overhead. Since sdb_FindObjects only uses the id column of the results of the query, the queries in sdb_FindObjectsInit can be changed to select only the id column rather than all of them. Reviewers: franziskus Reviewed By: franziskus Differential Revision: https://nss-review.dev.mozaws.net/D314
ae8f6db7fcc1cfaf168e09c1fb8a8b14d096f99f: Bug 1339464 - Fix DH_GenParam, r=franziskus
Mark Goodwin <mgoodwin@mozilla.com> - Wed, 10 May 2017 15:09:13 -0700 - rev 13342
Push 2184 by franziskuskiefer@gmail.com at Wed, 10 May 2017 22:10:57 +0000
Bug 1339464 - Fix DH_GenParam, r=franziskus Summary: Fix DH_GenParam by repeating mpp_make_prime calls on failure Differential Revision: https://nss-review.dev.mozaws.net/D308
44595eb0471ab460062b978bebf36144af8cb1ad: Bug 1351314 - Add length check for SSL context for TLS 1.2 or prior, r=mt
Kate McKinley <kmckinley@mozilla.com> - Wed, 10 May 2017 11:48:48 -0700 - rev 13341
Push 2183 by franziskuskiefer@gmail.com at Wed, 10 May 2017 18:50:03 +0000
Bug 1351314 - Add length check for SSL context for TLS 1.2 or prior, r=mt Summary: RFC 5705 requires that the context length passed to SSL_ExportKeyingMaterial be no longer than will fit in a 16-bit integer (uint16). Reviewers: franziskus, mt Reviewed By: mt Differential Revision: https://nss-review.dev.mozaws.net/D309
7c60f66743b60cd0f301b138fec7f798dd4cd7f4: Bug 1334054 - fix CERT_FormatName output buffer length calculation r=franziskus
David Keeler <dkeeler@mozilla.com> - Wed, 10 May 2017 06:47:34 -0700 - rev 13340
Push 2182 by franziskuskiefer@gmail.com at Wed, 10 May 2017 16:34:36 +0000
Bug 1334054 - fix CERT_FormatName output buffer length calculation r=franziskus Summary: Before this patch, CERT_FormatName attempted to account for the length of the additional formatting in its output buffer length, but added an insufficient amount (a fixed 128 bytes). This patch dynamically accounts for the additional space required by the formatting output (it can over-account in some cases, but this is unlikely to be a performance concern compared to the original implementation). Reviewers: franziskus Differential Revision: https://nss-review.dev.mozaws.net/D307
159f96115053bf495a13660ce43ec984e5ff826f: Bug 1118245 - clang-format CI follow-up, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Tue, 09 May 2017 15:46:38 -0700 - rev 13339
Push 2182 by franziskuskiefer@gmail.com at Wed, 10 May 2017 16:34:36 +0000
Bug 1118245 - clang-format CI follow-up, r=ttaubert
205898c824cdd4fa39bdb5d8d0a24f3ddc24ad5f: Bug 1118245 - use blacklist or clang-format instead of white list, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Tue, 09 May 2017 09:16:49 -0700 - rev 13338
Push 2181 by franziskuskiefer@gmail.com at Tue, 09 May 2017 21:22:43 +0000
Bug 1118245 - use blacklist or clang-format instead of white list, r=ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D312
63d25a2b60d223a110f00fcac9f74ef3febf46a4: Dummy change to trigger a build to test latest NSPR commit (bug 1358466)
Kai Engert <kaie@kuix.de> - Tue, 09 May 2017 13:40:21 +0200 - rev 13337
Push 2180 by kaie@kuix.de at Tue, 09 May 2017 11:40:05 +0000
Dummy change to trigger a build to test latest NSPR commit (bug 1358466)
36c91663522093cd14c4d97cfe3c397a676d28dc: Dummy change to trigger a build to test latest NSPR commit (bug 1310197)
Kai Engert <kaie@kuix.de> - Tue, 09 May 2017 13:36:47 +0200 - rev 13336
Push 2179 by kaie@kuix.de at Tue, 09 May 2017 11:36:31 +0000
Dummy change to trigger a build to test latest NSPR commit (bug 1310197)
d79b35dbcc2f62f062cbc907c9bd333eef3177f0: Dummy change to trigger a build to test latest NSPR commit.
Kai Engert <kaie@kuix.de> - Tue, 09 May 2017 13:01:20 +0200 - rev 13335
Push 2178 by kaie@kuix.de at Tue, 09 May 2017 11:01:04 +0000
Dummy change to trigger a build to test latest NSPR commit.
bc5a7994e468f829e79fc69fb1d2d480a89d4a05: Bug 1363213 - more, non-leaking mpi tests; run them on TC, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Mon, 08 May 2017 14:26:36 -0700 - rev 13334
Push 2177 by franziskuskiefer@gmail.com at Mon, 08 May 2017 22:07:15 +0000
Bug 1363213 - more, non-leaking mpi tests; run them on TC, r=ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D284
9c84db8ac24187f1ad6d2f8420e9eb7349e752f6: Bug 1363146 - tell people to install gyp if it's not installed, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Mon, 08 May 2017 09:14:48 -0700 - rev 13333
Push 2176 by franziskuskiefer@gmail.com at Mon, 08 May 2017 21:15:00 +0000
Bug 1363146 - tell people to install gyp if it's not installed, r=ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D306
236a06d9c3c4a842442f2901bdd71e1711810665: Bug 1362391 - Default to gyp builds on TC for Linux, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Wed, 03 May 2017 12:55:39 +0200 - rev 13332
Push 2175 by franziskuskiefer@gmail.com at Fri, 05 May 2017 13:40:59 +0000
Bug 1362391 - Default to gyp builds on TC for Linux, r=ttaubert Also add some tests for different hardware configurations. Differential Revision: https://nss-review.dev.mozaws.net/D305
4955a4c9b8b1bdbbe3f3477d997b7c5aa5c2048f: Bug 1328318, Allow configuration of SSL/TLS version ranges to silenty succeed if a reduced range is selected because of policies or limitations, test part, partial r=ekr, final r=martin.thomson
Kai Engert <kaie@kuix.de> - Thu, 04 May 2017 17:41:16 +0200 - rev 13331
Push 2174 by kaie@kuix.de at Thu, 04 May 2017 15:41:11 +0000
Bug 1328318, Allow configuration of SSL/TLS version ranges to silenty succeed if a reduced range is selected because of policies or limitations, test part, partial r=ekr, final r=martin.thomson
0aefc8ab1bbb73364226948f8904ed46e876acbd: Bug 1328318, Allow configuration of SSL/TLS version ranges to silenty succeed if a reduced range is selected because of policies or limitations, logic part, partial r=rrelyea, final r=martin.thomson
Kai Engert <kaie@kuix.de> - Thu, 04 May 2017 17:41:15 +0200 - rev 13330
Push 2174 by kaie@kuix.de at Thu, 04 May 2017 15:41:11 +0000
Bug 1328318, Allow configuration of SSL/TLS version ranges to silenty succeed if a reduced range is selected because of policies or limitations, logic part, partial r=rrelyea, final r=martin.thomson
9cb13ed4a678a7cbdb15da45822b0a06e2c22426: Bug 1354488 - RSA_CheckSign() doesn't set proper error values r=franziskus
Tim Taubert <ttaubert@mozilla.com> - Thu, 04 May 2017 10:43:22 +0200 - rev 13329
Push 2173 by ttaubert@mozilla.com at Thu, 04 May 2017 08:46:07 +0000
Bug 1354488 - RSA_CheckSign() doesn't set proper error values r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D302
823069a76a985a1be6bc4f9a79f5e8dbe615169d: Merging from main NSS branch NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Thu, 04 May 2017 13:15:24 +1000 - rev 13328
Push 2172 by martin.thomson@gmail.com at Thu, 04 May 2017 03:15:55 +0000
Merging from main NSS branch
1ea4c7ebd09bf5b1d5b9e2cb6368a6266a8940cb: Bug 1361413 - Docker image builder tasks fail due to missing locale-gen (real fix) r=bustage NSS_TLS13_DRAFT19_BRANCH
Tim Taubert <ttaubert@mozilla.com> - Wed, 03 May 2017 14:48:52 +0200 - rev 13327
Push 2171 by martin.thomson@gmail.com at Thu, 04 May 2017 01:27:17 +0000
Bug 1361413 - Docker image builder tasks fail due to missing locale-gen (real fix) r=bustage
5753a7d5563aa890eb1dd6e1203cceb918784960: Bug 1361413 - Fix Docker image_builder tasks r=franziskus NSS_TLS13_DRAFT19_BRANCH
Tim Taubert <ttaubert@mozilla.com> - Wed, 03 May 2017 12:34:46 +0200 - rev 13326
Push 2171 by martin.thomson@gmail.com at Thu, 04 May 2017 01:27:17 +0000
Bug 1361413 - Fix Docker image_builder tasks r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D303
fe9aa90fb7dd06c454fec87b2f836a4223ffe696: Bug 1350503 - TLS 1.3 draft-20 - set version to -20, r=ekr NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Tue, 25 Apr 2017 16:25:48 +1000 - rev 13325
Push 2170 by martin.thomson@gmail.com at Wed, 03 May 2017 22:55:27 +0000
Bug 1350503 - TLS 1.3 draft-20 - set version to -20, r=ekr
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 tip