Skip to content
  1. Apr 12, 2013
  2. Apr 11, 2013
  3. Apr 09, 2013
  4. Apr 08, 2013
  5. Apr 05, 2013
  6. Mar 31, 2013
  7. Mar 27, 2013
  8. Mar 23, 2013
  9. Mar 19, 2013
  10. Mar 12, 2013
  11. Mar 09, 2013
  12. Mar 08, 2013
  13. Mar 07, 2013
  14. Mar 06, 2013
  15. Feb 16, 2013
  16. Feb 10, 2013
  17. Feb 07, 2013
  18. Feb 06, 2013
  19. Feb 05, 2013
  20. Jan 28, 2013
  21. Jan 18, 2013
  22. Jan 17, 2013
  23. Jan 15, 2013
  24. Jan 11, 2013
    • Kamil Dudka's avatar
      nss: clear session cache if a client cert from file is used · b36f1d26
      Kamil Dudka authored
      This commit fixes a regression introduced in 052a08ff.
      
      NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
      and if we connect second time to the same server, the cached cert/key
      pair is used.  If we use multiple client certificates for different
      paths on the same server, we need to clear the session cache to force
      NSS to call the hook again.  The commit 052a08ff prevented the session
      cache from being cleared if a client certificate from file was used.
      
      The condition is now fixed to cover both cases: consssl->client_nickname
      is not NULL if a client certificate from the NSS database is used and
      connssl->obj_clicert is not NULL if a client certificate from file is
      used.
      
      Review by: Kai Engert
      b36f1d26
  25. Dec 27, 2012
  26. Dec 03, 2012
    • Kamil Dudka's avatar
      nss: prevent NSS from crashing on client auth hook failure · 68d2830e
      Kamil Dudka authored
      Although it is not explicitly stated in the documentation, NSS uses
      *pRetCert and *pRetKey even if the client authentication hook returns
      a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
      afterwards, NSS destroys the certificate once again, which causes a
      double free.
      
      Reported by: Bob Relyea
      68d2830e
  27. Nov 20, 2012
  28. Nov 19, 2012