984522987a1a351a414c66a3c4f74a2192ace8f9: Bug 1548398 - Add freebl_gtest to nss.gyp, fix freebl_gtest cross-compilation and gcc-4.8 support. r=jcj NSS_3_44_BETA1
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 03 May 2019 20:44:52 +0000 - rev 15099
Push 3340 by jjones@mozilla.com at Fri, 03 May 2019 21:20:31 +0000
Bug 1548398 - Add freebl_gtest to nss.gyp, fix freebl_gtest cross-compilation and gcc-4.8 support. r=jcj Updated gyp files to add -msse2 GCC option, iff the compiler is gcc and target is x64 or ia32. Root cause for the 4.8 failure is a gcc bug where the "#pragma GCC target("sse2")" option used in gcm.h doesn't work when compiling C++ code, as the gtests do. Differential Revision: https://phabricator.services.mozilla.com/D29886
0c339d00e35c7dc30b46c4bdef35f4497b3bde9e: Bug 1540652 - softoken/sdb.c: Logically dead code, r=keeler
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 03 May 2019 12:40:53 +1000 - rev 15098
Push 3339 by martin.thomson@gmail.com at Fri, 03 May 2019 03:00:25 +0000
Bug 1540652 - softoken/sdb.c: Logically dead code, r=keeler Test Plan: https://treeherder.mozilla.org/#/jobs?repo=nss-try&revision=b7bd9acb3ca38a1db10c35c295b9bfcae44a5074 Reviewers: keeler Reviewed By: keeler Subscribers: mt Bug #: 1540652 Differential Revision: https://phabricator.services.mozilla.com/D27191
cde36bed1cc453d4b4c18a5f4baf7bbff5da251b: Bug 1548722 - Tranche of coverity fixes, r=jcj
Martin Thomson <mt@lowentropy.net> - Thu, 02 May 2019 13:32:49 +1000 - rev 15097
Push 3338 by martin.thomson@gmail.com at Fri, 03 May 2019 00:24:20 +0000
Bug 1548722 - Tranche of coverity fixes, r=jcj Summary: CID 1444897, 1444896, 1444894, 1444892, 1444891, 1444888, 1444885, 1444881 Not sure how to manage the creation of bugs for these. Reviewers: jcj Tags: #secure-revision Differential Revision: https://phabricator.services.mozilla.com/D29611
b58dacc4dbcc723a2916835c4f070e22d5324884: Backed out changeset 5059d47bd423 (bug 1548398) for GCC 4.8 failures in gcm.h
J.C. Jones <jjones@mozilla.com> - Thu, 02 May 2019 16:47:01 -0700 - rev 15096
Push 3337 by jjones@mozilla.com at Fri, 03 May 2019 00:00:03 +0000
Backed out changeset 5059d47bd423 (bug 1548398) for GCC 4.8 failures in gcm.h
5059d47bd423e4b7e4dd18af7cbc8c47f218f4ad: Bug 1548398 - Add freebl_gtest to nss.gyp, fix freebl_gtest cross-compilation. r=jcj
Kevin Jacobs <kjacobs@mozilla.com> - Thu, 02 May 2019 18:29:05 +0000 - rev 15095
Push 3336 by jjones@mozilla.com at Thu, 02 May 2019 20:30:32 +0000
Bug 1548398 - Add freebl_gtest to nss.gyp, fix freebl_gtest cross-compilation. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D29581
085cf1773a6c6122995c9b2b0eb0a4dae40a8285: Bug 1487597 - Used sized pointer, fix name shadowing, a=bustage
Martin Thomson <mt@lowentropy.net> - Thu, 02 May 2019 14:11:49 +1000 - rev 15094
Push 3335 by martin.thomson@gmail.com at Thu, 02 May 2019 05:03:34 +0000
Bug 1487597 - Used sized pointer, fix name shadowing, a=bustage
b56a298b42752de328f18a8514a1db80069b2b16: Bug 1487597 - Improve 0-RTT data delivery, r=ekr
Martin Thomson <martin.thomson@gmail.com> - Mon, 10 Sep 2018 11:47:55 +1000 - rev 15093
Push 3334 by martin.thomson@gmail.com at Thu, 02 May 2019 04:01:33 +0000
Bug 1487597 - Improve 0-RTT data delivery, r=ekr Summary: This improves the code that delivers 0-RTT. When the caller provided a read buffer to small to hold an entire record, the previous code reported errors. Those errors might cause the connection to be dropped by the caller, but the socket was still usable. If the socket was used again, there would be a gap in the stream. This fixes that bug and adds a bunch of tests around 0-RTT delivery. More tests check the order of operations. For instance, in TLS, we strictly maintain ordering between 0-RTT data delivery and handshake completion. That is not the case for DTLS, where this allows 0-RTT records that arrive before the handshake completes to be read afterwards. We do drop keys as soon as we see EndOfEarlyData (this is going away for DTLS, so I assume Certificate/Finished will be the trigger eventually). The tests added here confirm that late arrival causes 0-RTT to be dropped. Another test confirms that any early arrival that is only read late will be delivered. Reviewers: ekr Subscribers: mt, ekr Tags: #secure-revision, PHID-PROJ-ffhf7tdvqze7zrdn6dh3 Bug #: 1487597 Differential Revision: https://phabricator.services.mozilla.com/D4736
4e4eb31ce20086a4bb17215926999e14c169d020: Bug 1543545 - Don't statically link freebl and util for pk11_gtest, a=bustage
Martin Thomson <mt@lowentropy.net> - Wed, 01 May 2019 11:51:51 +1000 - rev 15092
Push 3333 by martin.thomson@gmail.com at Wed, 01 May 2019 02:38:26 +0000
Bug 1543545 - Don't statically link freebl and util for pk11_gtest, a=bustage
8a4cad364cf3eadda09035beb73d9d21c1b61b86: Bug 1543545 - Option to produce static libraries, r=kevinjacobs
Martin Thomson <mt@lowentropy.net> - Mon, 29 Apr 2019 15:27:25 +1000 - rev 15091
Push 3332 by martin.thomson@gmail.com at Wed, 01 May 2019 01:27:56 +0000
Bug 1543545 - Option to produce static libraries, r=kevinjacobs Summary: The fine folks in application services would like to use NSS, but would greatly prefer static linking. Part of that is driven by iOS constraints on performance and a possible rejection from the store for dynamic linking (NSS dynamically loads softoken). This provides a build option that produces a fully statically linked set of libraries. Reviewers: KevinJacobs Tags: #secure-revision Bug #: 1543545 Differential Revision: https://phabricator.services.mozilla.com/D29303
c4aed23253ca4e30fa9650bed02a00d1053a79ea: Bug 1418944 - Quote CC/CXX variables passed to nspr r=franziskus
Hanno Boeck <hanno@hboeck.de> - Mon, 20 Nov 2017 11:02:37 +0100 - rev 15090
Push 3331 by jjones@mozilla.com at Tue, 30 Apr 2019 18:04:25 +0000
Bug 1418944 - Quote CC/CXX variables passed to nspr r=franziskus The Makefile doesn't put quotes around the assignment of CC variables when calling the nspr configure (if building with nss_build_all). This breaks e.g. if someone tries to pass flags in the CC (hacky, but sometimes makes things easier) or if there are spaces in the path to the compiler. In any case, quoting makes things cleaner and shouldn't have any downsides.
56826bedabba43e8deaab70eb66924fb222af477: Bug 1534468 - Fixup for C99, a=bustage
Martin Thomson <mt@lowentropy.net> - Fri, 26 Apr 2019 18:46:41 +1000 - rev 15089
Push 3330 by martin.thomson@gmail.com at Fri, 26 Apr 2019 12:49:14 +0000
Bug 1534468 - Fixup for C99, a=bustage
a329c2bac413d34f01619a45a7bde1773e45a7c3: Bug 1534468 - Fixup for 32-bit build, a=bustage
Martin Thomson <mt@lowentropy.net> - Fri, 26 Apr 2019 16:57:28 +1000 - rev 15088
Push 3329 by martin.thomson@gmail.com at Fri, 26 Apr 2019 07:15:58 +0000
Bug 1534468 - Fixup for 32-bit build, a=bustage
893fff17234f9fb28b692166109122e04d685e98: Bug 1534468 - Expose ChaCha20 primitive through PKCS#11, r=ekr
Martin Thomson <mt@lowentropy.net> - Tue, 12 Mar 2019 10:37:17 +1100 - rev 15087
Push 3328 by martin.thomson@gmail.com at Fri, 26 Apr 2019 07:00:42 +0000
Bug 1534468 - Expose ChaCha20 primitive through PKCS#11, r=ekr Summary: This adds a "CTR" mode for ChaCha20. This takes a composite 16 octet "IV", which is internally decomposed into a nonce and counter. This operates like a CTR mode cipher on arbitrary input, up to the ChaCha20 limit of 2^32 x 64 octet blocks. The counter provided is a starting counter and it is incremented if more than 64 octets of input is provided. Reviewers: ekr Tags: #secure-revision Bug #: 1534468 Differential Revision: https://phabricator.services.mozilla.com/D23060
5af4bfb553dc8054ec487d483f9c33884e27f006: Bug 1531244 - Don't define swap8b unless needed, a=bustage
Martin Thomson <mt@lowentropy.net> - Fri, 26 Apr 2019 09:59:14 +1000 - rev 15086
Push 3327 by martin.thomson@gmail.com at Fri, 26 Apr 2019 00:17:33 +0000
Bug 1531244 - Don't define swap8b unless needed, a=bustage
c26bd889775cd57abed5e747a02fd495d52e1cd5: Bug 1531244 - Use __buildint_bswap64 in GCC 4.3+, r=m_kato
Martin Thomson <mt@lowentropy.net> - Fri, 26 Apr 2019 09:48:46 +1000 - rev 15085
Push 3326 by martin.thomson@gmail.com at Fri, 26 Apr 2019 00:07:05 +0000
Bug 1531244 - Use __buildint_bswap64 in GCC 4.3+, r=m_kato
3895acc65f37ed3c18ad9b23837aa4999d62c150: Bug 1546925 - allow arbitrary leading text before try syntax,r=mt
Peter Moore <pmoore@mozilla.com> - Thu, 25 Apr 2019 14:01:05 +0200 - rev 15084
Push 3325 by martin.thomson@gmail.com at Thu, 25 Apr 2019 23:55:42 +0000
Bug 1546925 - allow arbitrary leading text before try syntax,r=mt
02ea5f29ac3c1f1c6e6eb4b655afd9b4fc075a9e: Bug 1542741, certutil: fix error output when -F is specified, r=rrelyea
Daiki Ueno <dueno@redhat.com> - Mon, 08 Apr 2019 16:39:15 +0200 - rev 15083
Push 3324 by dueno@redhat.com at Wed, 24 Apr 2019 08:42:54 +0000
Bug 1542741, certutil: fix error output when -F is specified, r=rrelyea
2d6adc7d8bfcc8bc9f6c55d9dcae66c01c5b24f1: Bug 1533616, update get attributes fix to preserve C_GetAttribute semantics
Robert Relyea <rrelyea@redhat.com> - Tue, 16 Apr 2019 15:21:53 -0700 - rev 15082
Push 3323 by rrelyea@redhat.com at Tue, 16 Apr 2019 22:25:55 +0000
Bug 1533616, update get attributes fix to preserve C_GetAttribute semantics
ef0974cfd1defe7512c8978095edd81e86e8b1d8: Bug 1532312, avoid reading from closed descriptor on Windows, a=bustage
Daiki Ueno <dueno@redhat.com> - Mon, 08 Apr 2019 18:12:05 +0200 - rev 15081
Push 3322 by dueno@redhat.com at Mon, 08 Apr 2019 17:01:10 +0000
Bug 1532312, avoid reading from closed descriptor on Windows, a=bustage
15905cd1cab9c8460b245f19134043b5217e0e8b: Bug 1532312, recognize certificate_required alert, r=mt
Daiki Ueno <dueno@redhat.com> - Mon, 08 Apr 2019 17:31:29 +0200 - rev 15080
Push 3321 by dueno@redhat.com at Mon, 08 Apr 2019 15:32:54 +0000
Bug 1532312, recognize certificate_required alert, r=mt Summary: Some servers send a certificate_required alert when the client returns no certificate while it is required. For server, it is not mandatory to send this alert, but it could make it easier for the client to distinguish bad_certificate and the declined cases. Reviewers: mt Reviewed By: mt Bug #: 1532312 Differential Revision: https://phabricator.services.mozilla.com/D22083
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 tip