Closed
Bug 84078
Opened 23 years ago
Closed 23 years ago
wrong version number in SSL3 client hello record
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.3
People
(Reporter: nelson, Assigned: nelson)
References
()
Details
When TLS is enabled and we restart an SSL3 session with an SSL3-only server, the version number in the first record sent by the client does not match the protocol version number in the client hello message. This prevents SSL3 session restart from working with some "TLS intolerant" servers.
Assignee | ||
Comment 1•23 years ago
|
||
Fixed in ssl3con.c in version 1.20 on trunk, and version 1.16.2.1 on the NSS_3_2_BRANCH. Note that this is not a general fix for the entire problem of "TLS intolerant servers". It only fixes _restart_ of a succesfully established SSL 3.0 session. It doesn't address the problems with establishing the SSL 3.0 session in the first place.
Blocks: 59321
Status: NEW → RESOLVED
Closed: 23 years ago
Priority: -- → P1
Resolution: --- → FIXED
Target Milestone: --- → 3.2.2
Comment 2•23 years ago
|
||
This fix is not in 3.2.2 but is in 3.3 and the 3.2 branch. Since we are not planning to make any new 3.2.x releases, I am setting the target milestone to 3.3.
Target Milestone: 3.2.2 → 3.3
You need to log in
before you can comment on or make changes to this bug.
Description
•