ssl3_SendECDHClientKeyExchange should forward the password context argument (pinarg)

RESOLVED FIXED in 3.13.2

Status

NSS
Libraries
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: kaie, Assigned: kaie)

Tracking

(Blocks: 1 bug)

3.13.2
3.13.2
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Assignee)

Description

6 years ago
Inside ssl3_SendECDHClientKeyExchange, the call to SECKEY_CreateECPrivateKey shouldn't use NULL, but the password context argument (pinarg).
(Assignee)

Comment 1

6 years ago
Created attachment 596682 [details] [diff] [review]
Patch v1

Obvious fix.
Assignee: nobody → kaie
Attachment #596682 - Flags: review?(bsmith)
(Assignee)

Comment 2

6 years ago
Given that this bug is responsible for orange tinderbox, I've checked this obvious one line fix. This way we can easily test if the fix really helps.

I will backout if there's no review by tomorrow.
(Assignee)

Comment 3

6 years ago
Checking in ssl3ecc.c;
/cvsroot/mozilla/security/nss/lib/ssl/ssl3ecc.c,v  <--  ssl3ecc.c
new revision: 1.26; previous revision: 1.25
done

Comment 4

6 years ago
Comment on attachment 596682 [details] [diff] [review]
Patch v1

r+ whether or not this fixes the underlying problem, the patch is definitely correct. We should be passing the ssl pin arg here.

bob
Attachment #596682 - Flags: superreview+
(Assignee)

Comment 5

6 years ago
.. and the patch indeed fixed the Linux orange.

Thanks for the r+
Already checked in, marking fixed.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
(Assignee)

Updated

6 years ago
Attachment #596682 - Flags: review?(bsmith)
I filed bug 726698 about fixing the other several other instances of this problem in libssl.
You need to log in before you can comment on or make changes to this bug.