Closed
Bug 734441
Opened 12 years ago
Closed 12 years ago
Freebl bug causes openswan to drop connections
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 723740
People
(Reporter: elio.maldonado.batiz, Assigned: rrelyea)
References
Details
Attachments
(1 file)
802 bytes,
patch
|
Details | Diff | Splinter Review |
Previously, due to a bug in the freebl library, Openswan could generate a Key Exchange payload that was one byte shorter than what was required by the Diffie Hellman (DH) protocol. As a consequence, Openswan dropped connections during such payloads. With this update, the size of the payload is set to zero by default, and the Softoken module is queried for the size. Connections are no longer dropped by Openswan in the described scenario. The problem reported was addressed with a work around in nss so as not to touch freebl which is inside the crypto boundary and is currently under a minor FIPS 140 revalidation. A proper fix should be implemented in freebl itself.
Reporter | ||
Comment 1•12 years ago
|
||
Reporter | ||
Updated•12 years ago
|
Attachment #604470 -
Attachment description: The cuurent temporay workaround → current workaround
Reporter | ||
Updated•12 years ago
|
Assignee: nobody → rrelyea
Reporter | ||
Updated•12 years ago
|
Assignee | ||
Comment 2•12 years ago
|
||
The underlying bug is fixed in softoken on the tip now see Bug 723740
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•