7bb3677a2ed0ce56693ec7d575e905ebdfeec04d: Bug 1643557 - Make PK11_SetWrapKey explicitly handle being passed a negative wrap argument, to avoid a signed-unsigned comparison. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 21:33:12 +0000 - rev 15655
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Make PK11_SetWrapKey explicitly handle being passed a negative wrap argument, to avoid a signed-unsigned comparison. r=kjacobs Depends on D78453 Differential Revision: https://phabricator.services.mozilla.com/D78454
eaf223c2646ae60e0592cb6316dec742c41bfdc9: Bug 1643557 - Change the type of the size argument to pk11_FindObjectsByTemplate to be size_t, consistent with the type of some (small) numeric values passed to it after the previous revision. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 21:22:51 +0000 - rev 15654
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Change the type of the size argument to pk11_FindObjectsByTemplate to be size_t, consistent with the type of some (small) numeric values passed to it after the previous revision. r=kjacobs Depends on D78452 Differential Revision: https://phabricator.services.mozilla.com/D78453
465a7954ce0a874f8dc4d6a7086eedb741a3ef08: Bug 1643557 - Use size_t for various counts in pk11slot.c. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 21:19:39 +0000 - rev 15653
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Use size_t for various counts in pk11slot.c. r=kjacobs Depends on D78451 Differential Revision: https://phabricator.services.mozilla.com/D78452
fff8c883ef7de3026c20d3d547d5ea7d2af894da: Bug 1643557 - Make pk11_MatchString accept a size_t length rather than an int length (consistent with all callers), and reformulate its internals to avoid a signed-unsigned comparison. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 21:07:19 +0000 - rev 15652
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Make pk11_MatchString accept a size_t length rather than an int length (consistent with all callers), and reformulate its internals to avoid a signed-unsigned comparison. r=kjacobs Depends on D78450 Differential Revision: https://phabricator.services.mozilla.com/D78451
c0aa47eb2fdd811c8516f37dba578eb46cbe3398: Bug 1643557 - Add PORT_AssertNotReached and use it instead of PORT_Assert(!"str"), which may warn about vacuous string literal to boolean conversions. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 20:52:42 +0000 - rev 15651
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Add PORT_AssertNotReached and use it instead of PORT_Assert(!"str"), which may warn about vacuous string literal to boolean conversions. r=kjacobs Depends on D78449 Differential Revision: https://phabricator.services.mozilla.com/D78450
d7f1e9975e67c0ed81458b1b8cedafa336dc21f7: Bug 1643557 - Use SECOidTag as the type of a loop variable over all values of that type to avoid a signed-unsigned comparison warning. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 23:36:21 +0000 - rev 15650
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Use SECOidTag as the type of a loop variable over all values of that type to avoid a signed-unsigned comparison warning. r=kjacobs Depends on D78448 Differential Revision: https://phabricator.services.mozilla.com/D78449
5d7206908ca7722a7b78c06d3f059836da76fd4f: Bug 1643557 - Use size_t for a parameter-indexing variable to eliminate a signed-unsigned comparison warning. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 20:43:21 +0000 - rev 15649
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Use size_t for a parameter-indexing variable to eliminate a signed-unsigned comparison warning. r=kjacobs Depends on D78447 Differential Revision: https://phabricator.services.mozilla.com/D78448
ed9a1a41ca1e6658d1894e97cbb446194d3f5399: Bug 1643557 - Used unsigned int for two for-loops upper-bounded by unsigned ints in rsa_FormatOneBlock. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 23:43:20 +0000 - rev 15648
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Used unsigned int for two for-loops upper-bounded by unsigned ints in rsa_FormatOneBlock. r=kjacobs Depends on D78446 Differential Revision: https://phabricator.services.mozilla.com/D78447
7f89fa701ce3154dc3733cb1d87e1ebf9cddf854: Bug 1643557 - Use unsigned int for log level, consistent with PRLogModuleLevel. r=kjacobs
Jeff Walden <jwalden@mit.edu> - Fri, 05 Jun 2020 19:36:07 +0000 - rev 15647
Push 3767 by kjacobs@mozilla.com at Mon, 08 Jun 2020 14:58:09 +0000
Bug 1643557 - Use unsigned int for log level, consistent with PRLogModuleLevel. r=kjacobs Differential Revision: https://phabricator.services.mozilla.com/D78446
d211f3013abb7063ec17884b11fec960e59c6598: Bug 1643123 - Allow External PSKs to be used with Early Export r=mt
Kevin Jacobs <kjacobs@mozilla.com> - Thu, 04 Jun 2020 00:22:43 +0000 - rev 15646
Push 3766 by kjacobs@mozilla.com at Thu, 04 Jun 2020 16:11:37 +0000
Bug 1643123 - Allow External PSKs to be used with Early Export r=mt This patch adjusts `tls13_exporter` to pull the hash algorithm from the first PSK when a suite is not configured yet, which allows early export with external PSKs. Differential Revision: https://phabricator.services.mozilla.com/D78150
e9502f71b7fea982a59840dde30ea971d7b751f9: Bug 1642871 - Allow tickets and PHA after resumption, r=kjacobs
Martin Thomson <mt@lowentropy.net> - Wed, 03 Jun 2020 16:05:57 +1000 - rev 15645
Push 3765 by martin.thomson@gmail.com at Thu, 04 Jun 2020 00:18:11 +0000
Bug 1642871 - Allow tickets and PHA after resumption, r=kjacobs The first part of this is fairly simple: we accidentally disabled sending of session tickets after resumption. The second part is much less obvious, because the spec is unclear. This change takes the interpretation that it is OK to use post-handshake authentication if the handshake is resumed, but not OK if the handshake is based on a PSK. (This is based on a first-principles understanding of resumption being a continuation of a certificate-based connection rather than a reading of the spec, see the bug for why the spec appears to be unhelpful on this point.) This still prohibits the use of post-handshake authentication if an external PSK was used, but that is more an abundance of caution than anything principled. Differential Revision: https://phabricator.services.mozilla.com/D77993
e955ece90b050e9da67528f09648945156d2bcea: Bug 1642153 - Avoid infinite recursion when CHECKLOC is not set. r=jcj
Mike Hommey <mh@glandium.org> - Wed, 03 Jun 2020 03:04:49 +0000 - rev 15644
Push 3764 by jjones@mozilla.com at Wed, 03 Jun 2020 03:05:13 +0000
Bug 1642153 - Avoid infinite recursion when CHECKLOC is not set. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D77596
d0789cb32d8e651b097a496f0aea6ab9ce71b5ea: Bug 1642809 - Fix an assert (we need a comparison, not assignment) r=kjacobs
Sylvestre Ledru <sledru@mozilla.com> - Tue, 02 Jun 2020 22:46:24 +0000 - rev 15643
Push 3763 by kjacobs@mozilla.com at Tue, 02 Jun 2020 22:47:27 +0000
Bug 1642809 - Fix an assert (we need a comparison, not assignment) r=kjacobs Differential Revision: https://phabricator.services.mozilla.com/D77950
a2293e897889027856a26404ced424f09ecb2130: Bug 1603042 - TLS 1.3 out-of-band PSK support r=mt
Kevin Jacobs <kjacobs@mozilla.com> - Tue, 02 Jun 2020 15:12:15 +0000 - rev 15642
Push 3762 by kjacobs@mozilla.com at Tue, 02 Jun 2020 15:22:15 +0000
Bug 1603042 - TLS 1.3 out-of-band PSK support r=mt This patch adds support for External (out-of-band) PSKs in TLS 1.3. An External PSK (EPSK) can be set by calling `SSL_AddExternalPsk`, and removed with `SSL_RemoveExternalPsk`. `SSL_AddExternalPsk0Rtt` can be used to add a PSK while also specifying a suite and max_early_data_size for use with 0-RTT. As part of handling PSKs more generically, the patch also changes how resumption PSKs are handled internally, so as to rely on the same mechanisms where possible. A socket is currently limited to only one External PSK at a time. If the server doesn't find the same identity for the configured EPSK, it will fall back to certificate authentication. Differential Revision: https://phabricator.services.mozilla.com/D56687
61c83f79e90c4fdd159f0ee12d559f26c5f46f74: Bug 1528113 - Use ARM's crypto extension for SHA256 r=kjacobs
Makoto Kato <m_kato@ga2.so-net.ne.jp> - Mon, 01 Jun 2020 20:46:41 +0000 - rev 15641
Push 3761 by kjacobs@mozilla.com at Mon, 01 Jun 2020 20:47:02 +0000
Bug 1528113 - Use ARM's crypto extension for SHA256 r=kjacobs ARMv8 CPU has accelerated hardware instruction for SHA256 that supports GCC 4.9+. We should use it if available. Differential Revision: https://phabricator.services.mozilla.com/D38830
8dc4772bd678f101a38d547c3eddad1b2983d547: Set version numbers to 3.54 beta
J.C. Jones <jjones@mozilla.com> - Fri, 29 May 2020 13:35:53 -0700 - rev 15640
Push 3760 by jjones@mozilla.com at Fri, 29 May 2020 20:50:59 +0000
Set version numbers to 3.54 beta
5c1dff547a19533fdb4b0a98453cd2c784c0ece6: Added tag NSS_3_53_RTM for changeset 7e453a5afcb4 NSS_3_53_BRANCH
J.C. Jones <jjones@mozilla.com> - Fri, 29 May 2020 13:34:52 -0700 - rev 15639
Push 3759 by jjones@mozilla.com at Fri, 29 May 2020 20:50:43 +0000
Added tag NSS_3_53_RTM for changeset 7e453a5afcb4
7e453a5afcb45713708c313465742563ce6e6591: Set version numbers to 3.53 final NSS_3_53_BRANCH NSS_3_53_RTM
J.C. Jones <jjones@mozilla.com> - Fri, 29 May 2020 13:34:42 -0700 - rev 15638
Push 3758 by jjones@mozilla.com at Fri, 29 May 2020 20:50:06 +0000
Set version numbers to 3.53 final
90c954f62c9d35925be4f38faa8fc6d740902613: Added tag NSS_3_53_BETA2 for changeset 8fe22033a88e
Kevin Jacobs <kjacobs@mozilla.com> - Thu, 28 May 2020 16:16:49 -0700 - rev 15637
Push 3757 by kjacobs@mozilla.com at Thu, 28 May 2020 23:19:34 +0000
Added tag NSS_3_53_BETA2 for changeset 8fe22033a88e
8fe22033a88e7fb75d451455ca841017ce50f9c1: Bug 1640260 - Initialize PBE params r=jcj NSS_3_53_BETA2
Kevin Jacobs <kjacobs@mozilla.com> - Thu, 28 May 2020 22:34:52 +0000 - rev 15636
Push 3756 by kjacobs@mozilla.com at Thu, 28 May 2020 22:35:24 +0000
Bug 1640260 - Initialize PBE params r=jcj Differential Revision: https://phabricator.services.mozilla.com/D76544
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 tip