Closed
Bug 421378
Opened 16 years ago
Closed 6 months ago
Early initialization of server session ID cache keys
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
RESOLVED
INACTIVE
People
(Reporter: wtc, Unassigned)
References
Details
Right now we do early initialization of server locks, but we can't do early initialization of server keys (one for wrapping the master secrets in the session ID cache, and two new ones for TLS session tickets) because SSL_ConfigServerSessionIDCache is typically called before NSS is initialized and therefore can't use the PK11 functions to create keys. A possible solution is to add a new SSL server-side init function, to be called immediately after NSS is initialized, that performs the early initialization of these keys. Right now these keys are created lazily in these functions: http://lxr.mozilla.org/security/ident?i=getWrappingKey http://lxr.mozilla.org/security/ident?i=ssl3_GetSessionTicketKeysPKCS11 http://lxr.mozilla.org/security/ident?i=ssl3_GetSessionTicketKeys
Reporter | ||
Updated•16 years ago
|
Assignee: nobody → wtc
Updated•2 years ago
|
Severity: normal → S3
Comment 1•2 years ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Assignee: wtc → nobody
Updated•6 months ago
|
Severity: S3 → S4
Status: NEW → RESOLVED
Closed: 6 months ago
Priority: -- → P5
Resolution: --- → INACTIVE
You need to log in
before you can comment on or make changes to this bug.
Description
•