Closed
Bug 1083360
Opened 10 years ago
Closed 10 years ago
support TLS_FALLBACK_SCSV in tstclnt and ssltap
Categories
(NSS :: Tools, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.17.3
People
(Reporter: KaiE, Assigned: KaiE)
Details
Attachments
(2 files)
4.45 KB,
patch
|
mt
:
review+
|
Details | Diff | Splinter Review |
1.93 KB,
patch
|
mt
:
review+
|
Details | Diff | Splinter Review |
For testing purposes, I've been asked to add a preference to tstclnt, which can be used to force sending of the TLS_FALLBACK_SCSV. Attached patch implements that. In addition it includes a change for ssltap, which allows it to print it as text when seen.
Assignee | ||
Updated•10 years ago
|
Target Milestone: --- → 3.17.3
Assignee | ||
Comment 1•10 years ago
|
||
Assignee: nobody → kaie
Attachment #8505638 -
Flags: review?(martin.thomson)
Updated•10 years ago
|
Attachment #8505638 -
Flags: review?(martin.thomson) → review+
Comment 2•10 years ago
|
||
I should point out that the SCSV will be forced as a result of this; it's not going to be selectively on. That means that it will appear for a TLS 1.2 handshake. I think that's exactly the right thing here.
Comment 3•10 years ago
|
||
@Martin: Yes, we need to be able to force it with any version, to test if a server turns out to be intolerant to some future version of TLS, it will handle correctly a TLS1.2 with this SCSV. @Kai: The patch is missing an update to the -help message
Assignee | ||
Comment 4•10 years ago
|
||
Attachment #8506355 -
Flags: review?(martin.thomson)
Assignee | ||
Comment 5•10 years ago
|
||
Comment on attachment 8506355 [details] [diff] [review] Help message Patch (In reply to Hubert Kario from comment #3) > @Kai: The patch is missing an update to the -help message This additional patch adds it.
Updated•10 years ago
|
Attachment #8506355 -
Flags: review?(martin.thomson) → review+
Assignee | ||
Comment 6•10 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/34baf87d485d
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•10 years ago
|
Target Milestone: 3.17.3 → 3.18
Assignee | ||
Updated•10 years ago
|
Target Milestone: 3.18 → 3.17.3
You need to log in
before you can comment on or make changes to this bug.
Description
•