Closed Bug 1398643 Opened 7 years ago Closed 7 years ago

Strictly prohibit renegotiation to change version

Categories

(NSS :: Libraries, enhancement, P2)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
Future

People

(Reporter: mt, Assigned: mt)

References

Details

Attachments

(1 file)

Bug 1398643 - Prohibit version changes during renegotiation, r?ttaubert
44 bytes, text/x-phabricator-request
ttaubert
: review+
Details | Review 
We currently don't allow renegotiation to change versions.  But the protection isn't complete, and there are still residues of the code that allowed it.  For instance, we check the pwSpec version rather than ss->version in a few places.

I've some code that clamps down much harder on this.  There are a few more checks and tests.  I've also removed the code that looks at the pending cipher spec.  That will help with another planned change.
Assignee: nobody → martin.thomson
See Also: → 1294697
Attachment #8906424 - Flags: review+
Priority: -- → P2
https://hg.mozilla.org/projects/nss/rev/7b73101f31b7d8f89061df28034f5942464bebae
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → Future
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: