a6bb8ed73bc124fc5f25bc4178d9e4e7339d2084: set version numbers to 3.36.1 release NSS_3_36_BRANCH NSS_3_36_1_RTM
Kai Engert <kaie@kuix.de> - Mon, 09 Apr 2018 17:38:16 +0200 - rev 14312
Push 3047 by kaie@kuix.de at Mon, 09 Apr 2018 15:37:32 +0000
set version numbers to 3.36.1 release DONTBUILD
1587b1c1d09cf3af3c8a3f6dff4254521d91f1f3: Bug 1452564 - fix domain resolution on taskcluster, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Mon, 09 Apr 2018 09:32:26 +0200 - rev 14311
Push 3046 by franziskuskiefer@gmail.com at Mon, 09 Apr 2018 09:25:23 +0000
Bug 1452564 - fix domain resolution on taskcluster, r=ttaubert Differential Revision: https://phabricator.services.mozilla.com/D882
1dd6b420d13691ef45033cafe647977393306c9d: Backed out changeset f5444a2e1f68
Martin Thomson <martin.thomson@gmail.com> - Mon, 09 Apr 2018 14:14:29 +1000 - rev 14310
Push 3045 by martin.thomson@gmail.com at Mon, 09 Apr 2018 04:14:53 +0000
Backed out changeset f5444a2e1f68
f5444a2e1f68de9ddc2df65b7b348e9cca6f205d: Bug 1423043 - Enable half-close, r?ttaubert
Martin Thomson <martin.thomson@gmail.com> - Fri, 06 Apr 2018 09:11:29 +1000 - rev 14309
Push 3045 by martin.thomson@gmail.com at Mon, 09 Apr 2018 04:14:53 +0000
Bug 1423043 - Enable half-close, r?ttaubert Summary: TLS 1.3 explicitly changed to allow close_notify on one half of the connection. Since SSL, an endpoint was required to send close_notify if it received close_notify. The general agreement was that this was a silly requirement and that we would remove it and allow one side of the connection to be closed. This is critical for some protocols that are being moved to use TLS. NSS was almost perfect here. The only problem was that it suppressed the second close_notify. I've added a test for that. Reviewers: ttaubert Bug #: 1423043 Differential Revision: https://phabricator.services.mozilla.com/D797
92ec52c839cb3ae890d7a9f228e3c12dc72b6f38: Bug 1451955 - python3 compatibility fix for reading, r=ttaubert
Martin Thomson <martin.thomson@gmail.com> - Fri, 06 Apr 2018 09:36:53 +1000 - rev 14308
Push 3044 by martin.thomson@gmail.com at Mon, 09 Apr 2018 02:24:29 +0000
Bug 1451955 - python3 compatibility fix for reading, r=ttaubert
0b0eb03449450c5af1e2bb4c32a3259923ca2542: Bug 1451395 - update hacl* version to fix image build, r=ttaubert
Franziskus Kiefer <franziskuskiefer@gmail.com> - Wed, 04 Apr 2018 10:35:35 +0200 - rev 14307
Push 3043 by franziskuskiefer@gmail.com at Thu, 05 Apr 2018 10:05:13 +0000
Bug 1451395 - update hacl* version to fix image build, r=ttaubert This version of HACL* has an incomplete proof and has to be update soon. This is to fix the image build til taskcluster is fixed. Differential Revision: https://phabricator.services.mozilla.com/D842
954032211d2d303bcee85f448f4db24bb8ec9a0c: Bug 1448748 Disable a bunch of optimized stuff to fix the MinGW x64 Build, r=franziskus
Tom Ritter <tom@mozilla.com> - Fri, 30 Mar 2018 19:51:26 -0500 - rev 14306
Push 3042 by franziskuskiefer@gmail.com at Tue, 03 Apr 2018 08:43:53 +0000
Bug 1448748 Disable a bunch of optimized stuff to fix the MinGW x64 Build, r=franziskus
9136f23ee9cff231008037b15cf74a6b897c9966: Bug 1449160 - Test for HelloRetryRequest random values, r=franziskus
Martin Thomson <martin.thomson@gmail.com> - Wed, 28 Mar 2018 15:22:59 +1100 - rev 14305
Push 3041 by martin.thomson@gmail.com at Tue, 03 Apr 2018 07:00:08 +0000
Bug 1449160 - Test for HelloRetryRequest random values, r=franziskus
f2742644d86831f9b87e599a0c0e47aa4a442351: Added tag NSS_3_36_1_BETA1 for changeset fa159fd618ea NSS_3_36_BRANCH
Kai Engert <kaie@kuix.de> - Tue, 27 Mar 2018 10:08:16 +0200 - rev 14304
Push 3040 by kaie@kuix.de at Tue, 27 Mar 2018 08:07:08 +0000
Added tag NSS_3_36_1_BETA1 for changeset fa159fd618ea DONTBUILD
fa159fd618ea5541f8de61fbf7a64cab8f4c8ded: Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea NSS_3_36_BRANCH NSS_3_36_1_BETA1
Daiki Ueno <dueno@redhat.com> - Thu, 22 Mar 2018 16:08:16 +0100 - rev 14303
Push 3039 by kaie@kuix.de at Tue, 27 Mar 2018 07:59:08 +0000
Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea
6ae3ab8a1e7b4161f3f8eee90db7a745acced408: Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea
Daiki Ueno <dueno@redhat.com> - Thu, 22 Mar 2018 16:08:16 +0100 - rev 14302
Push 3038 by dueno@redhat.com at Mon, 26 Mar 2018 16:37:45 +0000
Bug 1447628, devslot: avoid deadlock when re-inserting a token, r=rrelyea
ba3f1cc8a8e644ee6f8a763624d97e987816304d: Bug 1278071 - Limit iterations for PKCS #12 export for Windows r=kaie NSS_3_36_BRANCH
J.C. Jones <jjones@mozilla.com> - Fri, 23 Mar 2018 09:58:32 -0700 - rev 14301
Push 3037 by kaie@kuix.de at Mon, 26 Mar 2018 14:26:32 +0000
Bug 1278071 - Limit iterations for PKCS #12 export for Windows r=kaie Per Bug 1436873, Windows is limited on importing PKCS12 files of 600k rounds or less. So for compatibility's sake, let's limit there, too.
2355c9e3bba477c947a09a2fe8b1ed8971fab1cb: set version to 3.36.1 beta NSS_3_36_BRANCH
Kai Engert <kaie@kuix.de> - Mon, 26 Mar 2018 16:25:51 +0200 - rev 14300
Push 3036 by kaie@kuix.de at Mon, 26 Mar 2018 14:24:45 +0000
set version to 3.36.1 beta DONTBUILD
286c245ea50b6e901fbebe26c7cd4cf9587a5f07: Bug 1443400 - Don't use getauxval() when not available, r=franziskus NSS_3_36_BRANCH
Jan Beich <jbeich@FreeBSD.org> - Fri, 09 Mar 2018 11:52:00 +0100 - rev 14299
Push 3035 by franziskuskiefer@gmail.com at Mon, 26 Mar 2018 08:26:28 +0000
Bug 1443400 - Don't use getauxval() when not available, r=franziskus
dedf5290c679153e5b3555ba9c711fe62323c156: Bug 1278071 - Limit iterations for PKCS #12 export for Windows r?kaie
J.C. Jones <jjones@mozilla.com> - Fri, 23 Mar 2018 09:58:32 -0700 - rev 14298
Push 3034 by jjones@mozilla.com at Fri, 23 Mar 2018 17:21:47 +0000
Bug 1278071 - Limit iterations for PKCS #12 export for Windows r?kaie Per Bug 1436873, Windows is limited on importing PKCS12 files of 600k rounds or less. So for compatibility's sake, let's limit there, too.
1bde21f90bd1edaf52bc24e12593eba7b218452d: Bug 1447816 - Fix assignment where a comparison intended r=mt
J.C. Jones <jjones@mozilla.com> - Thu, 22 Mar 2018 07:13:05 -0700 - rev 14297
Push 3033 by jjones@mozilla.com at Thu, 22 Mar 2018 14:16:02 +0000
Bug 1447816 - Fix assignment where a comparison intended r=mt Summary: Coverity found an unintended assignment in dtls_GatherData in a PORT_Assert, which is only evaluated in debug builds. Reviewers: mt Reviewed By: mt Bug #: 1447816 Differential Revision: https://phabricator.services.mozilla.com/D787
da99ed4c1eb08981632b1f8f1503685eb2910008: Bug 1447825 - Check sslBuffer_Append in ssl_CallCustomExtensionSenders r=mt
J.C. Jones <jjones@mozilla.com> - Wed, 21 Mar 2018 15:07:11 -0700 - rev 14296
Push 3032 by jjones@mozilla.com at Thu, 22 Mar 2018 14:00:37 +0000
Bug 1447825 - Check sslBuffer_Append in ssl_CallCustomExtensionSenders r=mt Coverity caught that one use of sslBuffer_Append doesn't check the return, which is abnormal. Since cleanup is the same either way, it's a matter for OOM propagation. This adds the check in a minimal way.
c5dffd6269ea5f0796ad82950075a939c41cfaba: Bug 1446643 - Update to TLS 1.3 draft-26. r=mt
EKR <ekr@rtfm.com> - Thu, 15 Mar 2018 12:01:09 +0000 - rev 14295
Push 3031 by ekr@mozilla.com at Sat, 17 Mar 2018 15:34:21 +0000
Bug 1446643 - Update to TLS 1.3 draft-26. r=mt - Update version number - Forbid negotiating < TLS 1.3 with supported_versions - Change to version number 0303 after HRR. Plus test - Update AAD. https://phabricator.services.mozilla.com/D753
5bbce52d2929a82d14a3ba44ed54ef064d92730d: Bug 1427675 - Short header for DTLS 1.3, r=ekr
Martin Thomson <martin.thomson@gmail.com> - Fri, 16 Mar 2018 10:54:00 +0000 - rev 14294
Push 3030 by martin.thomson@gmail.com at Fri, 16 Mar 2018 11:40:55 +0000
Bug 1427675 - Short header for DTLS 1.3, r=ekr Summary: The code changes here are relatively straightforward, though there are a few changes of note: * To make read and write more consistent, I changed `seqNum` on ssl3CipherSpec `nextSeqNum`. The write side didn't change, but the read side previously saved the last sequence number in that slot. This makes the sequence number recovery simpler and makes the code easier to reason able as a whole. * SSL3Ciphertext now it holds the raw header and no longer has a type field. Passing the raw header through allows ssl3_HandleRecord and the functions that it calls to recover the sequence number. I considered doing the recovery in the gather functions, which used to recover the sequence number, but they don't have access to the cipher spec. * Record construction now works in order: the header is written out first, with the length filled in after encryption. This uses sslBuffer in a way more consistent with other functions. * The hack where a cText of NULL was passed to ssl3_HandleRecord in order to have it handle the outstanding handshake message from the receive buffer was removed. In addition to teaching TlsRecordFilter about the agent that it is operating with (in a separate CL), there are several changes to tests: * We previously relied on the epoch and sequence number being properly encoded for DTLS records, so the sequence number reconstruction (used when we decrypt and re-encrypt) was invalid. I restored the epoch to this field when doing DTLS. * TlsRecordHeader no longer stores the wire format of the version, it includes a variant and non-wire version. * TlsRecordHeader needs to know whether it is parsing DTLS 1.3, so TlsRecordFilter passes that info to it after asking the agent. * TlsRecordHeader writes out DTLS 1.3 records in the 7 octet form always. It can read the 2 octet header, using logic similar to that used by the main code, but it won't ever write that form. * TlsAgentTestBase::MakeRecord also writes the 7 octet header. * I parameterized the record drop tests so that I could test out of order delivery and various patterns with the short header. This revealed some issues, including one good one. I had a neat underflow bug that can happen near zero, which leads to ridiculously large sequence numbers being incorrectly assumed by a receiver. This includes fuzzing-specific changes to account for the fact that fuzzing operates at the record layer, which is inconvenient for this change. Ideally, we should change the fuzzing code so that only the core cipher parts are changed (that is, ssl3CipherSpec->cipher and ssl3CipherSpec->aead). That will have to wait for another day. Reviewers: ekr Reviewed By: ekr Bug #: 1427675 Differential Revision: https://phabricator.services.mozilla.com/D554
3008d1dbd8fc55ff06d985a1b062ee101c9036b7: Bug 1445989, Don't skip ECC tests in ssl.sh, r=kaie
Daiki Ueno <dueno@redhat.com> - Thu, 15 Mar 2018 14:32:34 +0100 - rev 14293
Push 3029 by dueno@redhat.com at Fri, 16 Mar 2018 07:58:48 +0000
Bug 1445989, Don't skip ECC tests in ssl.sh, r=kaie
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 tip