3e803b9a08c8820f035cfe9189409c101144f8a9: Bug 1287711 - Implement SSLKEYLOGFILE for TLS 1.3, r=mt NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Sat, 30 Sep 2017 19:55:22 +1000 - rev 13614
Push 2395 by martin.thomson@gmail.com at Sat, 30 Sep 2017 09:57:39 +0000
Bug 1287711 - Implement SSLKEYLOGFILE for TLS 1.3, r=mt Extend the previous keylogging functionality with TLS 1.3 support. The keys are identical and decrypt successfully in Wireshark. selfserv rejected early data for some reason though and did not log the early traffic secret as a result. Differential Revision: https://phabricator.services.mozilla.com/D82
2564805e0d532454eef99fa52403fccc35163fd9: Bug 1403488 - Add virtual destructor to DummyPrSocket in fuzz/tls_socket.h r=franziskus
Tim Taubert <ttaubert@mozilla.com> - Wed, 27 Sep 2017 11:46:56 +0200 - rev 13613
Push 2394 by ttaubert@mozilla.com at Wed, 27 Sep 2017 09:48:16 +0000
Bug 1403488 - Add virtual destructor to DummyPrSocket in fuzz/tls_socket.h r=franziskus Summary: See also: https://github.com/google/oss-fuzz/issues/858 Bug #: 1403488 Differential Revision: https://phabricator.services.mozilla.com/D83
fbabb246745de23dd2efef996a70a2b10c969fb8: Bug 1403416 - Set NSS_USE_64=1 for mips64 in GYP r=ttaubert
qiaopengcheng-hf@loongson.cn - Wed, 27 Sep 2017 10:59:24 +0200 - rev 13612
Push 2393 by ttaubert@mozilla.com at Wed, 27 Sep 2017 09:00:57 +0000
Bug 1403416 - Set NSS_USE_64=1 for mips64 in GYP r=ttaubert
fe8b221d3bded99b2b21e2e62fb27cc8c659ec2f: Bug 1382278, add test to confirm implicit init with certutil -A is working, r=rrelyea
Kai Engert <kaie@kuix.de> - Tue, 26 Sep 2017 21:09:22 +0200 - rev 13611
Push 2392 by kaie@kuix.de at Tue, 26 Sep 2017 19:09:04 +0000
Bug 1382278, add test to confirm implicit init with certutil -A is working, r=rrelyea
7039fffea93782512241df32268edf6aa20438ba: Bug 1396487 - Use variables in place of all hard-coded values, r=me NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Tue, 26 Sep 2017 16:37:09 +1000 - rev 13610
Push 2391 by martin.thomson@gmail.com at Tue, 26 Sep 2017 06:37:32 +0000
Bug 1396487 - Use variables in place of all hard-coded values, r=me
27bfdd0ee644c33d3445a844d17d9042e0210035: Bug 1396487 - Refactor 1/n-1 record splitting code, r=ekr NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Tue, 15 Aug 2017 22:37:23 +1000 - rev 13609
Push 2390 by martin.thomson@gmail.com at Tue, 26 Sep 2017 06:20:53 +0000
Bug 1396487 - Refactor 1/n-1 record splitting code, r=ekr It turns out that something changed a while back and we started splitting far more than is needed. The original design split into 1/n-1/n/n/n, but now we split 1/n-1/1/n-1/1/n-1 for large writes. That's inefficient and the code is unnecessarily complex in order to support it. This splits just once for each write, but it splits 1/n/n/n/n/remainder, unlike the original design, which you can see here: https://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=97269&r2=97268&pathrev=97269 Also, because ssl3_SendApplicationData is the only place that needs to care about this, and it was preventing tests from actually testing this, I moved the splitting there instead.
3efb83875558adc1674dfa2ddba0a47f85979ed5: Bug 1394956 - key_share after HelloRetryRequest can have multiple shares, r=ekr NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Wed, 30 Aug 2017 10:43:24 +1000 - rev 13608
Push 2389 by martin.thomson@gmail.com at Mon, 25 Sep 2017 04:22:23 +0000
Bug 1394956 - key_share after HelloRetryRequest can have multiple shares, r=ekr
3ace64039e117f508f6f2951f269b5abc6d80509: Bug 1397990 - Move the semi-colons, a=bustage NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Mon, 25 Sep 2017 11:36:36 +1000 - rev 13607
Push 2388 by martin.thomson@gmail.com at Mon, 25 Sep 2017 01:36:57 +0000
Bug 1397990 - Move the semi-colons, a=bustage
9f0d109d125bb1302c37a4d0f77c6499f3ffbb54: Bug 1397990 - Run clang-format 4.0, r=me NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Fri, 08 Sep 2017 10:26:21 +1000 - rev 13606
Push 2387 by martin.thomson@gmail.com at Mon, 25 Sep 2017 01:09:40 +0000
Bug 1397990 - Run clang-format 4.0, r=me These files were being reformatted by clang-format 4.0. If you make this change, then both 3.9 (in CI) and 4.0 are happy with the result. I don't plan to do this often, but it is a huge help. Note that the PK11 ECDSA tests are an odd duck, I have more on that coming.
7b73101f31b7d8f89061df28034f5942464bebae: Bug 1398643 - Prohibit version changes during renegotiation, r=ttaubert NSS_TLS13_DRAFT19_BRANCH
Martin Thomson <martin.thomson@gmail.com> - Mon, 11 Sep 2017 10:43:02 +1000 - rev 13605
Push 2386 by martin.thomson@gmail.com at Mon, 25 Sep 2017 00:58:13 +0000
Bug 1398643 - Prohibit version changes during renegotiation, r=ttaubert
96a835be15192281d67a8b1046b7f159ff6deb12: Bug 1211722 - Remove signed/unsigned comparison in pl_base64_decode_buffer, r=kaie
Martin Thomson <martin.thomson@gmail.com> - Mon, 25 Sep 2017 10:36:52 +1000 - rev 13604
Push 2385 by martin.thomson@gmail.com at Mon, 25 Sep 2017 00:38:05 +0000
Bug 1211722 - Remove signed/unsigned comparison in pl_base64_decode_buffer, r=kaie
e84403331d99bb1fcad4a879f42749332861e8e1: Bug 1400603 - freebl: Reorganize AES-GCM source code based on hw/sw implementation, r=franziskus
Daiki Ueno <dueno@redhat.com> - Fri, 22 Sep 2017 11:27:34 +0200 - rev 13603
Push 2384 by franziskuskiefer@gmail.com at Fri, 22 Sep 2017 09:29:42 +0000
Bug 1400603 - freebl: Reorganize AES-GCM source code based on hw/sw implementation, r=franziskus Reviewers: franziskus Reviewed By: franziskus Bug #: 1400603 Differential Revision: https://phabricator.services.mozilla.com/D65
16eb0e48e4381bd8aa4128d75006d22215f6006f: Bug 1399867, pk12util: Make -C try different password encoding if failed, r=rrelyea
Daiki Ueno <dueno@redhat.com> - Thu, 14 Sep 2017 15:14:45 +0200 - rev 13602
Push 2383 by kaie@kuix.de at Wed, 20 Sep 2017 10:06:29 +0000
Bug 1399867, pk12util: Make -C try different password encoding if failed, r=rrelyea
3c7359ad3ce609ca7c4189c05cc05cf0fdac0db3: Bug 1399867, pk12util: Make -c try different password encoding if failed, r=rrelyea, r=kaie
Daiki Ueno <dueno@redhat.com> - Thu, 14 Sep 2017 15:10:14 +0200 - rev 13601
Push 2383 by kaie@kuix.de at Wed, 20 Sep 2017 10:06:29 +0000
Bug 1399867, pk12util: Make -c try different password encoding if failed, r=rrelyea, r=kaie
835f791a0918bea762acdb606fff8b50c9aadac7: Bug 1399867, tests: Add test for reading PKCS #12 files created with old NSS, r=rrelyea
Daiki Ueno <dueno@redhat.com> - Thu, 14 Sep 2017 16:12:33 +0200 - rev 13600
Push 2383 by kaie@kuix.de at Wed, 20 Sep 2017 10:06:29 +0000
Bug 1399867, tests: Add test for reading PKCS #12 files created with old NSS, r=rrelyea
222ed4d2deb63f5977aef6da3e37d8a24bff35b4: Bug 1399867, pkcs12: Add a compat option for password encoding, r=rrelyea
Daiki Ueno <dueno@redhat.com> - Thu, 14 Sep 2017 14:42:48 +0200 - rev 13599
Push 2383 by kaie@kuix.de at Wed, 20 Sep 2017 10:06:29 +0000
Bug 1399867, pkcs12: Add a compat option for password encoding, r=rrelyea
90466c1d10ccab654543ba26958e12c15d987db5: Bug 1309507 - take OSX out of tier 3, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Wed, 20 Sep 2017 10:23:13 +0200 - rev 13598
Push 2382 by franziskuskiefer@gmail.com at Wed, 20 Sep 2017 08:30:47 +0000
Bug 1309507 - take OSX out of tier 3, r=ttaubert Differential Revision: https://phabricator.services.mozilla.com/D71
f5318b13fab02338e261c2b4f14e59dc34eed134: Added tag NSS_3_33_RTM for changeset 9a62b3c2891e NSS_3_33_BRANCH
Franziskus Kiefer <franziskuskiefer@gmail.com> - Wed, 20 Sep 2017 08:47:48 +0200 - rev 13597
Push 2381 by franziskuskiefer@gmail.com at Wed, 20 Sep 2017 06:59:34 +0000
Added tag NSS_3_33_RTM for changeset 9a62b3c2891e
9a62b3c2891e77fc7190234a2759f218a7995764: Set version numbers to 3.33 final NSS_3_33_BRANCH NSS_3_33_RTM
Franziskus Kiefer <franziskuskiefer@gmail.com> - Wed, 20 Sep 2017 08:47:27 +0200 - rev 13596
Push 2381 by franziskuskiefer@gmail.com at Wed, 20 Sep 2017 06:59:34 +0000
Set version numbers to 3.33 final
18edd4ad8389d50d4231cc1a545a468dbb11185c: Bug 1382278, certutil -A creates uninitialised database, r=kaie
Bob Relyea <rrelyea@redhat.com> - Mon, 18 Sep 2017 20:02:58 +0200 - rev 13595
Push 2380 by kaie@kuix.de at Mon, 18 Sep 2017 18:02:45 +0000
Bug 1382278, certutil -A creates uninitialised database, r=kaie
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 tip