Closed Bug 273864 Opened 20 years ago Closed 18 years ago

Bad examples of SSL_ForceHandshake in our commands

Categories

(NSS :: Tools, defect)

Product:
NSS
Component:
Tools
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: nelson, Assigned: nelson)

References

(Depends on 1 open bug)

Details

As it is presently implemenmted, SSL_ForceHandshake discards any previously
received appliation data each time it is called.  Consequently, the right
way to use it is to call SSL_DataPending on the socket prior to each call
to SSL_ForceHandshake.  Selfserv uses SSL_ForceHandshake, but does not 
use SSL_DataPending along with it, and thus sets a very poor example.

It's been OK because selfserv discards all the http request's POST data 
anyway, so selfserv isn't hurt if ForceHandshake discards some of it 
earlier than it otherwise would be.  But in the interest of exemplary 
test programs, selfserv (and any other programs that use ForceHandshake)
should do it right.
QA Contact: bishakhabanerjee → jason.m.reid
QA Contact: jason.m.reid → tools
I think the right thing to do is to fix Bug 273861 instead.
That is, fix SSL_ForceHandshake to not discard received data first.
So, no change to the users of SSL_ForceHandshake will be needed.
Status: NEW → RESOLVED
Closed: 18 years ago
Depends on: 273861
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.