Closed
Bug 1183395
Opened 10 years ago
Closed 10 years ago
Spurious branch in ssl3_HandleServerHello
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.21
People
(Reporter: ekr, Unassigned)
Details
Currently the code reads:
if (ss->ssl3.hs.kea_def->signKeyType != sign_null) {
/* All current cipher suites other than those with sign_null (i.e.,
* DH_anon_* suites) require a certificate, so use that signal. */
ss->ssl3.hs.ws = wait_server_cert;
} else if (ss->ssl3.hs.kea_def->ephemeral) {
/* Only ephemeral cipher suites use ServerKeyExchange. */
ss->ssl3.hs.ws = wait_server_key;
} else {
ss->ssl3.hs.ws = wait_cert_request;
}
But the last arm of this is bogus because the only negotiable suites
in NSS which have sign_null are (EC)DH_anon.
|
||
Comment 1•10 years ago
|
||
I see a commit for this bug:
https://hg.mozilla.org/projects/nss/rev/e41b7af9223f
It mentions the patch has r=mt, I guess this was done elsewhere.
Can this bug be marked resolved, target milestone 3.21 ?
|
|
||
Updated•10 years ago
|
Target Milestone: --- → 3.21
|
|
||
Updated•10 years ago
|
Flags: needinfo?(ekr)
|
Reporter | |
Comment 2•10 years ago
|
||
Yes, we reviewed it on Rietveld.
https://codereview.appspot.com/251170043/
Yes, we can mark it resolved.
Flags: needinfo?(ekr)
|
|
||
Updated•10 years ago
|
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•