Closed Bug 815557 Opened 12 years ago Closed 1 year ago

SSL_ForceHandshake succeeds without performing handshake

Categories

(NSS :: Libraries, defect, P3)

3.13.6
x86_64
Linux

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: fweimer, Unassigned)

Details

Attachments

(1 file)

Attached file TLS-Client-NSS.c
A call to SSL_ForceHandshake without a preceding call to SSL_ResetHandshake returns SECSuccess, and subsequent data is sent in the clear. The attached test case illustrates this; the plaintext data is visible using Wireshark or strace.
Thanks Florian. bob
Severity: normal → S3
Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Priority: -- → P3
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: