This bug was reported to me on 5/12/2000 by relyea. This bug is derived from bugsplat bug 395308. In nss 2.8 and later, in ssl3con.c in ssl3_GenerateSessionKeys() if the first two attempts to derive the master secret (the second of which is a faux attempt) both fail, the params SECItem used in the third attempt points to a structure that is no longer in scope. This is incorrect, although it seems to work OK (has passed the QA tests). Fix is known.
Status: NEW → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → FIXED
Fixed in rev 1.4 of ssl3con.c.
Verified per nelsonb's comments.
Status: RESOLVED → VERIFIED
QA Contact: lord → junruh
You need to log in before you can comment on or make changes to this bug.