d4efd8b4f183c61bca37e481e599f745645bc12d: Added tag NSS_3_78_1_RTM for changeset 1892ac0bb68d NSS_3_78_BRANCH
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 08:37:11 +0100 - rev 16228
Push 4149 by djackson@mozilla.com at Tue, 31 May 2022 14:49:29 +0000
Added tag NSS_3_78_1_RTM for changeset 1892ac0bb68d
1892ac0bb68dffef661bcf8bd888f3a09421cc8d: Release notes for NSS 3.78.1 NSS_3_78_BRANCH NSS_3_78_1_RTM
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 08:33:02 +0100 - rev 16227
Push 4149 by djackson@mozilla.com at Tue, 31 May 2022 14:49:29 +0000
Release notes for NSS 3.78.1
f90a530a660699881d47af12066f6c8600c36ce9: Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=#nss-reviewers,kaie NSS_3_78_BRANCH
Dennis Jackson <djackson@mozilla.com> - Mon, 16 May 2022 13:08:03 +0000 - rev 16226
Push 4149 by djackson@mozilla.com at Tue, 31 May 2022 14:49:29 +0000
Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=#nss-reviewers,kaie As NSS_CMSDigestContext_FinishMultiple may leave its outparam unchanged when it returns SECSuccess, ensure that we set the value to NULL prior to invoking it. If this has happened because data was missing and hence the digest was never updated, the secasn1d parser will notice the missing child and raise a decodeError. Differential Revision: https://phabricator.services.mozilla.com/D145425
1c30ba79a5f8d386f8ef100e0bed3675457d3093: Bug 1766978 - improve error handling after nssCKFWInstance_CreateObjectHandle. r=djackson NSS_3_78_BRANCH
John M. Schanck <jschanck@mozilla.com> - Thu, 19 May 2022 16:55:11 +0000 - rev 16225
Push 4149 by djackson@mozilla.com at Tue, 31 May 2022 14:49:29 +0000
Bug 1766978 - improve error handling after nssCKFWInstance_CreateObjectHandle. r=djackson Differential Revision: https://phabricator.services.mozilla.com/D146765
0d9296f60e29a4720ce407a35df66713b79ea667: Set version numbers to 3.78.1 final NSS_3_78_BRANCH
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 08:21:20 +0100 - rev 16224
Push 4149 by djackson@mozilla.com at Tue, 31 May 2022 14:49:29 +0000
Set version numbers to 3.78.1 final
a842dc16c5a6986798341c4751e0486420ee83ef: Added tag NSS_3_79_RTM for changeset 3463596523be NSS_3_79_BRANCH
Dennis Jackson <djackson@mozilla.com> - Thu, 26 May 2022 10:54:48 +0100 - rev 16223
Push 4148 by djackson@mozilla.com at Thu, 26 May 2022 09:55:31 +0000
Added tag NSS_3_79_RTM for changeset 3463596523be
3463596523bee515266f572dc73e6724e68f6afd: Set version numbers to 3.79 final NSS_3_79_BRANCH NSS_3_79_RTM
Dennis Jackson <djackson@mozilla.com> - Thu, 26 May 2022 10:54:33 +0100 - rev 16222
Push 4148 by djackson@mozilla.com at Thu, 26 May 2022 09:55:31 +0000
Set version numbers to 3.79 final
21e7aaa1f7d94bca15d997e5b4c2329b32fad21a: Bug 1771273 - cpputil/databuffer.h: add missing <cstdint> include r=nss-reviewers,mt
Sergei Trofimovich <slyich@gmail.com> - Thu, 26 May 2022 08:08:39 +0000 - rev 16221
Push 4147 by mthomson@mozilla.com at Thu, 26 May 2022 08:10:48 +0000
Bug 1771273 - cpputil/databuffer.h: add missing <cstdint> include r=nss-reviewers,mt Without the change build fails on this week's gcc-13 snapshot as: ../../cpputil/databuffer.h:20:20: error: 'uint8_t' does not name a type 20 | DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) { | ^~~~~~~ ../../cpputil/databuffer.h:14:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'? 13 | #include <iostream> +++ |+#include <cstdint> 14 | Differential Revision: https://phabricator.services.mozilla.com/D147404
ad1046e9eee5f5dc17dac7c9343e2f7f0da44b4e: Bug 1769302 - NSS 3.79 should depend on NSPR 4.34. r=bbeurdouche
Kai Engert <kaie@kuix.de> - Wed, 25 May 2022 23:44:56 +0200 - rev 16220
Push 4146 by kaie@kuix.de at Wed, 25 May 2022 22:03:00 +0000
Bug 1769302 - NSS 3.79 should depend on NSPR 4.34. r=bbeurdouche Differential Revision: https://phabricator.services.mozilla.com/D147375
5498a0531d732fa3d5702ac68f6ab2c3a6a21751: Added tag NSS_3_79_BETA2 for changeset 82f9862369bd NSS_3_79_BRANCH
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 18:12:16 +0100 - rev 16219
Push 4145 by djackson@mozilla.com at Fri, 20 May 2022 17:13:27 +0000
Added tag NSS_3_79_BETA2 for changeset 82f9862369bd
82f9862369bd3f5864a2e16bb92cdabcab980c0c: Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=nss-reviewers,jschanck NSS_3_79_BRANCH NSS_3_79_BETA2
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 16:52:56 +0000 - rev 16218
Push 4145 by djackson@mozilla.com at Fri, 20 May 2022 17:13:27 +0000
Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=nss-reviewers,jschanck As NSS_CMSDigestContext_FinishMultiple may leave its outparam unchanged when it returns SECSuccess, ensure that we set the value to NULL prior to invoking it. If this has happened because data was missing and hence the digest was never updated, the secasn1d parser will notice the missing child and raise a decodeError. Differential Revision: https://phabricator.services.mozilla.com/D145425
8bb2f26245b91be5e51a0278cf446814d620e05b: Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=nss-reviewers,jschanck
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 16:52:56 +0000 - rev 16217
Push 4144 by djackson@mozilla.com at Fri, 20 May 2022 16:55:04 +0000
Bug 1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple r=nss-reviewers,jschanck As NSS_CMSDigestContext_FinishMultiple may leave its outparam unchanged when it returns SECSuccess, ensure that we set the value to NULL prior to invoking it. If this has happened because data was missing and hence the digest was never updated, the secasn1d parser will notice the missing child and raise a decodeError. Differential Revision: https://phabricator.services.mozilla.com/D145425
f6fc6da74f9641e0c48d0aa13065b07c7ef7bc07: Added tag NSS_3_79_BETA1 for changeset 2efccbd85918 NSS_3_79_BRANCH
Dennis Jackson <djackson@mozilla.com> - Fri, 20 May 2022 13:31:11 +0100 - rev 16216
Push 4143 by djackson@mozilla.com at Fri, 20 May 2022 12:38:03 +0000
Added tag NSS_3_79_BETA1 for changeset 2efccbd85918
2efccbd85918ac0a404340ece219b6f2824ff87a: Bug 1766978 - improve error handling after nssCKFWInstance_CreateObjectHandle. r=djackson NSS_3_79_BETA1
John M. Schanck <jschanck@mozilla.com> - Thu, 19 May 2022 16:55:11 +0000 - rev 16215
Push 4142 by jschanck@mozilla.com at Thu, 19 May 2022 16:57:19 +0000
Bug 1766978 - improve error handling after nssCKFWInstance_CreateObjectHandle. r=djackson Differential Revision: https://phabricator.services.mozilla.com/D146765
0f4664512bd0122c056f596180eeccfb144f16d8: Bug 1757075 NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
Robert Relyea <rrelyea@redhat.com> - Fri, 18 Mar 2022 15:27:06 -0700 - rev 16214
Push 4141 by rrelyea@redhat.com at Wed, 18 May 2022 17:18:57 +0000
Bug 1757075 NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding. Don't use NULL when encoding UTF8 with pkcs5v2. Fix a bug here when converting from UCS2 to UTF8 we would add a double NULL when adding a NULL. Differential Revision: https://phabricator.services.mozilla.com/D141538
99e32fcca1c78920f6c0d9dd84eb0ca291dc69b6: Remove nspr.patch mistakenly committed in e3ac914bc684
Dennis Jackson <djackson@mozilla.com> - Tue, 17 May 2022 11:47:07 +0100 - rev 16213
Push 4140 by djackson@mozilla.com at Tue, 17 May 2022 10:53:44 +0000
Remove nspr.patch mistakenly committed in e3ac914bc684
7f4b0af3a526e801a977831ef23f82e4e66d6b8a: Bug 1764788 - Correct invalid record inner and outter content type alerts. r=djackson
Leander Schwarz <lschwarz@mozilla.com> - Tue, 17 May 2022 10:44:16 +0000 - rev 16212
Push 4139 by djackson@mozilla.com at Tue, 17 May 2022 10:46:24 +0000
Bug 1764788 - Correct invalid record inner and outter content type alerts. r=djackson Added test cases for alerts during and pre handshake as well as TLS 1.3 only after handshake (application data) cases due to unsupported de- and encryption of lower TLS version records in gtest. Adjusted some test cases that expect failed connections to the updated alerts. Differential Revision: https://phabricator.services.mozilla.com/D144029
bc7bfba47e0aba6aab5849c58038c881610dab7f: Bug 1765753 - TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version. r=djackson
Leander Schwarz <lschwarz@mozilla.com> - Tue, 17 May 2022 10:42:35 +0000 - rev 16211
Push 4138 by djackson@mozilla.com at Tue, 17 May 2022 10:45:21 +0000
Bug 1765753 - TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version. r=djackson Differential Revision: https://phabricator.services.mozilla.com/D144279
d06a8831ec84b55ac7d4e4c208a573a1a3cff7bd: Bug 1765753 - Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts. r=djackson
Leander Schwarz <lschwarz@mozilla.com> - Tue, 17 May 2022 10:41:00 +0000 - rev 16210
Push 4137 by djackson@mozilla.com at Tue, 17 May 2022 10:43:05 +0000
Bug 1765753 - Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts. r=djackson Differential Revision: https://phabricator.services.mozilla.com/D144420
1811eec2499702da599293e49a8827bccda77ca4: Bug 1387919 - Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP. r=keeler,nss-reviewers,djackson
John M. Schanck <jschanck@mozilla.com> - Mon, 16 May 2022 20:48:14 +0000 - rev 16209
Push 4136 by jschanck@mozilla.com at Mon, 16 May 2022 20:50:21 +0000
Bug 1387919 - Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP. r=keeler,nss-reviewers,djackson In an iteration over elements of an indefinite-length encoded GROUP (sec_asn1d_next_in_group), the child of the current state is responsible for parsing the GROUP's end-of-contents octets---a call to sec_asn1d_parse_end_of_contents(state->child) sets the endofcontents flag for state->child and a later call to sec_asn1d_next_in_group checks state->child->endofcontents and terminates the iteration. In an iteration over elements of an indefinite-length encoded SEQUENCE (sec_asn1d_next_in_sequence), on the other hand, the current state, not its child, handles the end-of-contents octets. Prior to this commit, an error would occur when state pointed to an indefinite-length encoded GROUP and state->child pointed to an indefinite-length encoded SEQUENCE. In this case, state->child would be passed to sec_asn1d_parse_end_of_contents to parse the SEQUENCE's end-of-contents octets. This would set the endofcontents flag for state->child, and this would be misinterpreted as an end-of-iteration signal for the surrounding GROUP. Differential Revision: https://phabricator.services.mozilla.com/D142985
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 tip