A write operation on an SSL FD is defined to complete any pending handshake before returning success. A PR_Writev() of 0 bytes of data to an SSL socket is incorrectly returning success before the handshake is complete.
This patch looks ok to me. Both the NSS_3_2_BRANCH and the trunk are now frozen I believe (for separate reasons, branch for mozilla, trunk for NSS 3.3). If you can get checkin approval from all the right people, (including Lord for the 3_2 branch, and wtc for branch or trunk, I think), it would be OK by me to check it in.
Nelson, you can check this in on the trunk. This fix is too late for mozilla0.9.2. We should be able to check it in on NSS_3_2_BRANCH after the Mozilla tree re-opens for mozilla0.9.3 checkins.
Since mozilla does not need this fix, we only need to check it in on the trunk.
Priority: -- → P2
Target Milestone: --- → 3.3
This problem was detected in a non-Mozilla project. I don't know of any need to get this into Mozilla proper. The caller in that other project already has code to trim 0-length iovecs, so can easily work around the problem by calling PR_Write() instead of PR_Writev() when the iovec count is 0.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED
Nelson checked in the fix before he went on sabbatical. This fix is in NSS 3.3. Marked the bug fixed.
You need to log in before you can comment on or make changes to this bug.