Closed Bug 1303647 Opened 5 years ago Closed 5 years ago

Duplicate detection in SSL_ConfigNamedGroups is buggy

Categories

(NSS :: Libraries, defect)

3.27
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: mt, Assigned: mt)

References

Details

Attachments

(1 file)

Because the same loop is used for finding duplicates and looking up the table, if the entry in the table is found first, then the duplicate is recorded.

Discovered this when reordering the table to put P-256 earlier.
This uses existing functions, so it should be more reliable.
Assignee: nobody → martin.thomson
Attachment #8792367 - Flags: review?(franziskuskiefer)
Hmm, I just realized that this shouldn't use ssl_NamedGroupEnabled, since that will return false when policy disallows the group.  New version needed.
closing this as fixed by bug 1303648
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Attachment #8792367 - Flags: review?(franziskuskiefer)
You need to log in before you can comment on or make changes to this bug.