Inside ssl3_SendECDHClientKeyExchange, the call to SECKEY_CreateECPrivateKey shouldn't use NULL, but the password context argument (pinarg).
Created attachment 596682 [details] [diff] [review] Patch v1 Obvious fix.
Assignee: nobody → kaie
Given that this bug is responsible for orange tinderbox, I've checked this obvious one line fix. This way we can easily test if the fix really helps. I will backout if there's no review by tomorrow.
Checking in ssl3ecc.c; /cvsroot/mozilla/security/nss/lib/ssl/ssl3ecc.c,v <-- ssl3ecc.c new revision: 1.26; previous revision: 1.25 done
Comment on attachment 596682 [details] [diff] [review] Patch v1 r+ whether or not this fixes the underlying problem, the patch is definitely correct. We should be passing the ssl pin arg here. bob
Attachment #596682 - Flags: superreview+
.. and the patch indeed fixed the Linux orange. Thanks for the r+ Already checked in, marking fixed.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
I filed bug 726698 about fixing the other several other instances of this problem in libssl.
You need to log in before you can comment on or make changes to this bug.