Add the DHE ciphersuites back when they work

VERIFIED FIXED in psm2.4

Status

Core Graveyard
Security: UI
P3
normal
VERIFIED FIXED
15 years ago
a year ago

People

(Reporter: Wan-Teh Chang, Assigned: kaie)

Tracking

1.0 Branch
psm2.4

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

15 years ago
When we fix the NSS bug (bug 188856) that broke the
DHE ciphersuites, the DHE ciphersuites should be
added back to PSM.  The patch would be the reverse
of the patch in bug 190640.
(Assignee)

Comment 1

15 years ago
In addition, fixing this bug would be an opportunity to add cipher
TLS_DHE_DSS_WITH_RC4_128_SHA, too.
(Reporter)

Comment 2

15 years ago
Created attachment 114781 [details] [diff] [review]
Proposed patch

This patch adds the DHE cipher suites back.  It is the
exact reverse of the patch (attachment 112741 [details] [diff] [review]) in bug
190640.

I don't know how to add the TLS_DHE_DSS_WITH_RC4_128_SHA
cipher as Kai suggested.  Please feel free to do that.
(Reporter)

Updated

15 years ago
Attachment #114781 - Flags: review?(kaie)
(Reporter)

Comment 3

15 years ago
Kai, do you know why TLS_DHE_DSS_WITH_RC4_128_SHA
was not added before?  Was it just an oversight?
(Reporter)

Comment 4

15 years ago
Created attachment 114783 [details] [diff] [review]
Alternate patch (with TLS_DHE_DSS_WITH_RC4_128_SHA)

This patch adds the TLS_DHE_DSS_WITH_RC4_128_SHA cipher suite
as well.  I add it to the position indicated by the original
comment "If this cipher gets included at a later time, it should
get added at this position".
(Reporter)

Comment 5

15 years ago
Comment on attachment 114783 [details] [diff] [review]
Alternate patch (with TLS_DHE_DSS_WITH_RC4_128_SHA)

Kai, I have both patches for your review.  Please pick
the one you want and mark the other one obsolete.

The key to reviewing this patch is the position of the
TLS_DHE_DSS_WITH_RC4_128_SHA cipher.

Thanks.
Attachment #114783 - Attachment description: Proposed patch v2 (with TLS_DHE_DSS_WITH_RC4_128_SHA) → Alternate patch (with TLS_DHE_DSS_WITH_RC4_128_SHA)
Attachment #114783 - Flags: review?(kaie)
(Assignee)

Comment 6

15 years ago
Comment on attachment 114781 [details] [diff] [review]
Proposed patch

r=kaie

I believe this patch makes most sense until the status of the other cipher is
cleared.
Attachment #114781 - Flags: review?(kaie) → review+
(Assignee)

Updated

15 years ago
Attachment #114783 - Attachment is obsolete: true
Attachment #114783 - Flags: review?(kaie)
(Assignee)

Updated

15 years ago
Attachment #114781 - Flags: superreview?(bryner)
Attachment #114781 - Flags: superreview?(bryner) → superreview+
(Reporter)

Comment 7

15 years ago
Comment on attachment 114781 [details] [diff] [review]
Proposed patch

These SSL ciphersuites were removed shortly before
mozilla 1.3beta because of a bug in NSS (bug 188856).
Now that the underlying NSS has been fixed, I'd like
to add these SSL ciphersuites back.
Attachment #114781 - Flags: approval1.3?

Comment 8

15 years ago
Comment on attachment 114781 [details] [diff] [review]
Proposed patch

a=asa (on behalf of drivers) for checkin to 1.3.
Attachment #114781 - Flags: approval1.3? → approval1.3+
(Reporter)

Comment 9

15 years ago
Patch checked in for mozilla 1.3.  Kai, I don't know
which PSM target milestone I should set it to.
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED

Comment 10

15 years ago
Verified.
Status: RESOLVED → VERIFIED
Priority: -- → P3
Target Milestone: --- → 2.4
Version: unspecified → 2.4

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

9 years ago
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.