Closed
Bug 815557
Opened 12 years ago
Closed 1 year ago
SSL_ForceHandshake succeeds without performing handshake
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: fweimer, Unassigned)
Details
Attachments
(1 file)
9.50 KB,
text/plain
|
Details |
A call to SSL_ForceHandshake without a preceding call to SSL_ResetHandshake returns SECSuccess, and subsequent data is sent in the clear. The attached test case illustrates this; the plaintext data is visible using Wireshark or strace.
Comment 1•12 years ago
|
||
Thanks Florian.
bob
Updated•2 years ago
|
Severity: normal → S3
Updated•1 year ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Priority: -- → P3
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•