NSS doesn't work with PR_AF_INET6 (IPv6) sockets

RESOLVED FIXED in 3.1

Status

P3
normal
RESOLVED FIXED
18 years ago
18 years ago

People

(Reporter: jgmyers, Assigned: nelson)

Tracking

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

(Reporter)

Description

18 years ago
The session nonce cache is keyed by the IPv4 address, so attempting to use NSS 
with IPv6 sockets results in an assertion in ssl_GetPeerInfo().

The session cache needs to be changed to be keyed by PRIPv6Addr, with v4 
addresses being converted to v4-mapped v6 addresses using NSPR's 
PR_ConvertIPv4AddrToIPv6().
(Reporter)

Updated

18 years ago
Blocks: 47834
(Reporter)

Comment 1

18 years ago
Created attachment 12796 [details] [diff] [review]
Proposed fix (also fixes some warnings)
(Assignee)

Updated

18 years ago
Status: NEW → ASSIGNED
(Assignee)

Updated

18 years ago
Depends on: 51436
(Assignee)

Comment 2

18 years ago
John,  Although bug 51436 hasn't been marked as resolved/fixed yet,
the fix is checked in to the tip and working.  So, you should be
able to resume testing of your proposed changes.  Note, however,
that other changes to SSL code have been checked in, so you'll 
need to do another update to merge those changes into your sources
before testing.
(Reporter)

Comment 3

18 years ago
I still can't get selfserv to work.  With an unmodifed NSS checked out today, 
the handshake completes, but the next packet fails the MAC check.  From the 
trace info, it looks like it didn't decrypt properly.
(Assignee)

Comment 4

18 years ago
Seems to be working for me.  What platform are you testing on?
(Reporter)

Comment 5

18 years ago
I found my problem, it's bug 52192.  I'm back to testing.
(Reporter)

Comment 6

18 years ago
I've verified that the patch works with selfserv, though I wasted a fair amount 
of time due to the fact that header dependencies are broken in the build system.
(Reporter)

Comment 7

18 years ago
Created attachment 14501 [details] [diff] [review]
Updated fix
(Reporter)

Comment 8

18 years ago
Fix checked in
Status: ASSIGNED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
(Reporter)

Comment 9

18 years ago
Please consider back-merging this to NSS 3.0.1.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(Reporter)

Comment 10

18 years ago
Applying this patch to 3.0.1 will allow the patch for PSM to support IPv6 to go 
in before PSM switches to NSS 3.1.
(Assignee)

Comment 11

18 years ago
John,  I'm marking this fixed for NSS 3.1 (Again) so this won't 
hold up NSS 3.1.  
 
We're considering your request to carry it back to 3.0.1.  
If we decide to do it, you or I can open another bug with a 
different target fix release.
Status: REOPENED → RESOLVED
Last Resolved: 18 years ago18 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.1
You need to log in before you can comment on or make changes to this bug.