8f8270644c9e77b191a83748dff086cba370d3dd: Bug 822365: Fix the constant-time versions of HMAC-MD5 and SSLv3 MD5 MAC.
wtc%google.com - Wed, 06 Feb 2013 02:02:38 +0000 - rev 10605
Bug 822365: Fix the constant-time versions of HMAC-MD5 and SSLv3 MD5 MAC. Remove the workaround from ssl3_ComputeRecordMACConstantTime. The patch is contributed by Adam Langley <agl@chromium.org>. r=rrelyea,wtc. Modified Files: lib/freebl/hmacct.c lib/softoken/sftkhmac.c lib/ssl/ssl3con.c
03475e560e32d251a9ea207a07684cbeb5d8ee66: Bug 822365: SHA512_EndRaw and SHA256_EndRaw need a local variable named t1
wtc%google.com - Wed, 06 Feb 2013 00:41:13 +0000 - rev 10604
Bug 822365: SHA512_EndRaw and SHA256_EndRaw need a local variable named t1 for the BYTESWAP4 and BYTESWAP8 macros in certain build configurations. TBR=kaie.
7d87c0a3ba1ee2a4fe606b980430146eda0effec: Bug 822365: the SHA_HTONL macro (used by the SHA_STORE_RESULT macro) needs
wtc%google.com - Tue, 05 Feb 2013 23:46:39 +0000 - rev 10603
Bug 822365: the SHA_HTONL macro (used by the SHA_STORE_RESULT macro) needs a local variable named 'tmp' in some build configurations. Undefine 'tmp' as 'lenB' at the end of SHA1_End. r=kaie.
0ac6de0b8fe46f7b21a4ef79f966eebbfc699bb4: Bug 822365: declare variables at the beginning of a block to fix MSVC
wtc%google.com - Tue, 05 Feb 2013 23:44:03 +0000 - rev 10602
Bug 822365: declare variables at the beginning of a block to fix MSVC compilation errors. r=kaie.
76552fd3cc7d38c74192cc19ee63976cfc621634: Bug 822365: Make CBC decoding constant time. This patch makes the decoding
wtc%google.com - Tue, 05 Feb 2013 18:10:46 +0000 - rev 10601
Bug 822365: Make CBC decoding constant time. This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side channel can be used to build a padding oracle and mount Vaudenay's attack. The patch is contributed by Adam Langley <agl@chromium.org>. r=rrelyea,ryan.sleevi. Modified Files: lib/freebl/blapi.h lib/freebl/ldvector.c lib/freebl/loader.c lib/freebl/loader.h lib/freebl/manifest.mn lib/freebl/md5.c lib/freebl/rawhash.c lib/freebl/sha512.c lib/freebl/sha_fast.c lib/freebl/sha_fast.h lib/nss/nss.def lib/pk11wrap/pk11obj.c lib/pk11wrap/pk11pub.h lib/softoken/manifest.mn lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h lib/ssl/ssl3con.c lib/util/hasht.h lib/util/pkcs11n.h Added Files: lib/freebl/hmacct.c lib/freebl/hmacct.h lib/softoken/sftkhmac.c
7f5f39a8d010069a6bd5ce0756c88bee342b3228: Bug 158747: Add support for RSA-OAEP to softoken, but do not enable it yet,
ryan.sleevi%gmail.com - Tue, 05 Feb 2013 02:19:52 +0000 - rev 10600
Bug 158747: Add support for RSA-OAEP to softoken, but do not enable it yet, pending unit tests. r=wtc
2194fab2eae5d2c6c6c39cba7845779ed1e10cf4: Bug 837799 - Allow building of NSS against older sqlite, r=wtc
kaie%kuix.de - Mon, 04 Feb 2013 19:58:20 +0000 - rev 10599
Bug 837799 - Allow building of NSS against older sqlite, r=wtc
51f345262f956891e70b001cfd0f2a3362619338: Bug 836562: Use Horner's rule to calculate the elliptic curve polynomial in
wtc%google.com - Fri, 01 Feb 2013 03:42:09 +0000 - rev 10598
Bug 836562: Use Horner's rule to calculate the elliptic curve polynomial in ec_GFp_validate_point. r=agl.
f676e444e3160a93bcea4a651e2397cd737b4367: Setting version to 3.14.3 Beta
kaie%kuix.de - Thu, 31 Jan 2013 22:59:44 +0000 - rev 10597
Setting version to 3.14.3 Beta
554ea04f792693e0395b121b0cc19ea66e8be5c8: Set version to NSS 3.14.2 RTM NSS_3_14_2_RTM
kaie%kuix.de - Thu, 31 Jan 2013 22:47:09 +0000 - rev 10596
Set version to NSS 3.14.2 RTM
c7b00ab376aaac76df5b745dc0cfa1846ab5c78e: Update/Add license headers.
rrelyea%redhat.com - Thu, 31 Jan 2013 19:30:42 +0000 - rev 10595
Update/Add license headers.
b00251345b1ea4c78d063ec4bbe892ccde8bee6a: Bug 835293: on Linux x86_64, don't use the assembler flag -march=opteron
wtc%google.com - Thu, 31 Jan 2013 01:08:59 +0000 - rev 10594
Bug 835293: on Linux x86_64, don't use the assembler flag -march=opteron because some of the instructions in intel-gcm.s (such as vmovdqu, vpshufb, vpclmulqdq, vpxor) are not supported on opteron. r=kaie.
52da33cab0a722aa06e1131dbf69538553c8309a: Bug 835486, Provide documentation for NSS tools (both as HTML and Unix-style man-pages format). Documentation has been authored by Deon Lackey and Elio Maldonado.
kaie%kuix.de - Wed, 30 Jan 2013 21:45:51 +0000 - rev 10593
Bug 835486, Provide documentation for NSS tools (both as HTML and Unix-style man-pages format). Documentation has been authored by Deon Lackey and Elio Maldonado. r=kaie for the code related to this checkin and for adding this work-in-progress documentation in general r=emaldona for approving to get this added to NSS
406e6680dd3ad92f22c8f951ce4fc558dfb6b611: Bug 805604: use target-specific variable values to add an extra compiler or
wtc%google.com - Wed, 30 Jan 2013 19:52:20 +0000 - rev 10592
Bug 805604: use target-specific variable values to add an extra compiler or assembler flag to just one source file. r=kaie.
fbdde1effd1b21553860e20af2be438eace4a929: Bug 805604 and bug 835050: don't use Clang's integrated assembler because NSS_3_14_2_BETA3
wtc%google.com - Sun, 27 Jan 2013 00:34:35 +0000 - rev 10591
Bug 805604 and bug 835050: don't use Clang's integrated assembler because it cannot handle how intel-gcm.s uses the .set directive to refer to registers by symbolic names. r=kaie.
35fbef0c0a54bc6fc9f371f48ec80e283fdb7a9c: Bug 373108 Test cases for CTS and GCM
rrelyea%redhat.com - Fri, 25 Jan 2013 18:10:55 +0000 - rev 10590
Bug 373108 Test cases for CTS and GCM
c81e93ff204d7fa701d6276b412e25e3c5506e98: Bug 373108 Fix a double free on the error patch.
rrelyea%redhat.com - Fri, 25 Jan 2013 18:02:53 +0000 - rev 10589
Bug 373108 Fix a double free on the error patch. r=rsleevi
13dd24d52318fb952d51979e5fd5dfeed32c0122: Bug 833857, fix ocspclnt crash regression, r=wtc NSS_3_14_2_BETA2
kaie%kuix.de - Wed, 23 Jan 2013 23:05:51 +0000 - rev 10588
Bug 833857, fix ocspclnt crash regression, r=wtc
d171150c2fdbfc7d7ca9b8754519723131106fa8: Bug 833857: Revert the change to ocspResponse_other in rev. 1.9 because
wtc%google.com - Wed, 23 Jan 2013 22:08:32 +0000 - rev 10587
Bug 833857: Revert the change to ocspResponse_other in rev. 1.9 because some code in ocspclnt.c (the responseStatusNames array and an assertion) depends on the value of ocspResponse_other. r=kaie.
9771a86b4f31b44537f587ded97c949edbae6bb6: Bug 833052: Add three more SHA256 cipher suites to ssltap. r=emaldona.
wtc%google.com - Wed, 23 Jan 2013 20:53:58 +0000 - rev 10586
Bug 833052: Add three more SHA256 cipher suites to ssltap. r=emaldona.
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 +3000 tip