Closed
Bug 420644
Opened 16 years ago
Closed 16 years ago
Improve SSL tracing of key derivation
Categories
(NSS :: Libraries, enhancement, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.1
People
(Reporter: nelson, Assigned: nelson)
Details
Attachments
(1 file)
8.69 KB,
patch
|
julien.pierre
:
review+
|
Details | Diff | Splinter Review |
When we converted NSS to use PKCS#11 exclusively for crypto, a lot of the original tracing capability of NSS, done in the context of libSSL, was lost. It was no longer possible to trace key values, because they were not seen outside of the PKCS#11 token. When I implemented SSL Bypass, it became possible (again) to trace the derived key values. I put some SSL tracing back into the bypass functions that derive keys, in lib/ssl/derive.c, but I did a minimal job of it. Now, there's been a request to restore that tracing back to its former glory. The attached patch is a start in that direction. With this patch, I was able to trace an SSL handshake, including key derivation with the following set of shell commands: SSLDEBUGFILE=/tmp/sslTrace.txt SSLBYPASS=1 SSLTRACE=127 SSLDEBUG=127 tstclnt -vvv -2B -h www.microsoft.com -f -c depruvxy < stdin.txt Where stdin.txt is a two-line file containing these lines: ----- two lines are below ------ GET / HTTP/1.0 ---- the two lines are above this one ----
Attachment #306958 -
Flags: review?(wtc)
Assignee | ||
Comment 1•16 years ago
|
||
Comment on attachment 306958 [details] [diff] [review] enhance the labeling of SSL key derivation Julien, please review
Attachment #306958 -
Attachment description: enhance the labelling of SSL key derivation → enhance the labeling of SSL key derivation
Attachment #306958 -
Flags: review?(wtc) → review?(julien.pierre.boogz)
Assignee | ||
Updated•16 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P3
Updated•16 years ago
|
Attachment #306958 -
Flags: review?(julien.pierre.boogz) → review+
Assignee | ||
Comment 2•16 years ago
|
||
Thanks for the review. Checking in lib/ssl/derive.c; new revision: 1.10; previous revision: 1.9
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•16 years ago
|
Target Milestone: 3.12 → 3.12.1
You need to log in
before you can comment on or make changes to this bug.
Description
•