Open
Bug 1201900
Opened 9 years ago
Updated 5 months ago
using the external array SSL_ImplementedCiphers[] directly should be deprecated
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
UNCONFIRMED
People
(Reporter: kdudka, Unassigned)
References
(Blocks 1 open bug)
Details
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Build ID: 20150827075926 Steps to reproduce: I have updated the documentation at: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/SSL_functions/sslfnc.html ... and fixed curl to access the array through the accessors: https://github.com/bagder/curl/commit/7380433d Actual results: Despite accessor functions were introduced in 2010 (see bug #496993), software using NSS continues to accessing the external array SSL_ImplementedCiphers[] directly. This causes dynamic linking issues at run-time after an update of NSS: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html Expected results: It should have been clarified in the ssl.h header file that using the array SSL_ImplementedCiphers[] directly is deprecated and it is recommended to access the array through the accessor functions.
Comment 1•9 years ago
|
||
Indeed, please add a compile-time deprecation warning and a link-time warning as well. Also, please reorder the cipher suites so that the disabled/never-to-be-used ones are at the end. If the array is used internally, please keep a complete copy, so that it is not truncated by the dynamic linker. glibc will hopefully provide a more helpful warning message in the future: https://sourceware.org/bugzilla/show_bug.cgi?id=18924
Comment 2•8 years ago
|
||
ping? anything on this?
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•