Closed Bug 543048 Opened 15 years ago Closed 15 years ago

NSS doesn't prevent renegotiation with an old client

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Version:
3.12.6
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 537356
Milestone:
3.12.6

People

(Reporter: KaiE, Unassigned)

References

Details

Use a browser that does not yet implement the new SSL extension for renegotiation info, e.g. Firefox 3.5.7 with NSS 3.12.4 or older. Connect to a location will trigger a renegotiation handshake in order to connect using a different cipher suite. Expected: Because you are using an "old" client, your browser should display some sort of error message. Actual behaviour: I can connect to the destination. This bug applies to the state of CVS as of 2010-01-29. I do have a test site and can provide a test URL, but right now it's running using an experimental fix (which hides the bug).
Blocks: 537356
Kai, thanks for filing the bug report. Since bug 537356 hasn't been marked as fixed yet, I prefer that you just report bugs in our secure renegotiation code in that bug.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.