Open
Bug 597028
Opened 14 years ago
Updated 2 years ago
SSL_ImportFD does not copy all information from model
Categories
(NSS :: Libraries, defect, P2)
NSS
Libraries
Tracking
(Not tracked)
NEW
People
(Reporter: wolter.eldering, Unassigned)
Details
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-us) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5 Build Identifier: 3.6.12 According to documentation: SSL_ImportFD imports an existing NSPR file descriptor into SSL and returns a new SSL socket file descriptor. If the model parameter is not NULL, the configuration of the new file descriptor is copied from the model. If the model parameter is NULL, then the default SSL configuration is used. It seems that the ca_list is not copied from the model. The SSL_ReconfigFD however is including the ca_list. /* copy trust anchor names */ if (sm->ssl3.ca_list) { if (ss->ssl3.ca_list) { CERT_FreeDistNames(ss->ssl3.ca_list); } ss->ssl3.ca_list = CERT_DupDistNames(sm->ssl3.ca_list); if (!ss->ssl3.ca_list) { goto loser; } } Reproducible: Always Steps to Reproduce: 1. SSL_SetTrustAnchors(model, calist) 2. ssl = SSL_ImportFD(model, ssl); 3. Actual Results: all config except the ca_list seems to be copied, this results in all CA's in the certdb accepted Expected Results: only the CA's in calists will be accepted
Updated•14 years ago
|
Assignee: nobody → alexei.volkov.bugs
Priority: -- → P2
Summary: SSL_ImportFD not copies all information like SSL_ReconfigFD from model → SSL_ImportFD does not copy all information from model
Comment 1•8 years ago
|
||
It also doesn't copy nextProtoCallback and nextProtoArg which means you can't set an ALPN callback on a model.
Updated•5 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Comment 2•2 years ago
|
||
The bug assignee didn't login in Bugzilla in the last months and this bug has priority 'P2'.
:beurdouche, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee: alvolkov.bgs → nobody
Status: ASSIGNED → NEW
Flags: needinfo?(bbeurdouche)
Updated•2 years ago
|
Severity: normal → S3
Comment 3•2 years ago
|
||
We have modified the bot to only consider P1 as high priority, so I'm cancelling the needinfo here.
Flags: needinfo?(bbeurdouche)
You need to log in
before you can comment on or make changes to this bug.
Description
•