Closed Bug 880411 Opened 11 years ago Closed 11 years ago

Update JSS tests for new NSS cipher suites that only work in TLS 1.2

Categories

(JSS Graveyard :: Tests, defect, P1)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: wtc, Assigned: wtc)

References

Details

Attachments

(1 file)

Attached patch PatchSplinter Review
In this NSS checkin https://hg.mozilla.org/projects/nss/rev/67471ffe04fb
yesterday, I added seven cipher suites to NSS. In addition, these new
cipher suites only work in TLS 1.2.

The JSS tests started to fail after my NSS checkin. The attached patch
fixes both of the issues.

1. Update org/mozilla/jss/ssl/SSLSocket.java and
org/mozilla/jss/tests/Constants.java, which must be updated whenever
new cipher suites are added to NSS.

2. Change org/mozilla/jss/tests/JSS_SelfServClient.java to not test
the cipher suites that only work in TLS 1.2, because that JSS test
client does not enable TLS 1.2 right now. The change is similar to
Kai's change to org/mozilla/jss/tests/JSSE_SSLClient.java for
bug 776597.
Attachment #759367 - Flags: superreview?
Attachment #759367 - Flags: review?(kaie)
Comment on attachment 759367 [details] [diff] [review]
Patch

Review of attachment 759367 [details] [diff] [review]:
-----------------------------------------------------------------

::: org/mozilla/jss/tests/Constants.java
@@ +123,5 @@
> +/*58 */  new cipher(SSLSocket.SSL2_RC2_128_CBC_WITH_MD5, "SSL2_RC2_128_CBC_WITH_MD5"),
> +/*59 */  new cipher(SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5, "SSL2_DES_192_EDE3_CBC_WITH_MD5"),
> +/*60 */  new cipher(SSLSocket.SSL2_DES_64_CBC_WITH_MD5, "SSL2_DES_64_CBC_WITH_MD5"),
> +/*61 */  new cipher(SSLSocket.SSL2_RC4_128_EXPORT40_WITH_MD5, "SSL2_RC4_128_EXPORT40_WITH_MD5"),
> +/*62 */  new cipher(SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL2_RC2_128_CBC_EXPORT40_WITH_MD5")

There are no changes to these six lines for SSL2 cipher suites
except to update the array indexes in the comments.
Attachment #759367 - Flags: superreview? → superreview?(cfu)
Comment on attachment 759367 [details] [diff] [review]
Patch

thank you very much for this fix.
r=kaie
Attachment #759367 - Flags: review?(kaie) → review+
Comment on attachment 759367 [details] [diff] [review]
Patch

Kai, thank you for the review.

Checked in: https://hg.mozilla.org/projects/jss/rev/56c6d78c7cf8
Attachment #759367 - Flags: checked-in+
org/mozilla/jss/util/jssver.h says JSS_VERSION is 4.3.2
and JSS_BETA is PR_FALSE. So I assume the next version
should be 4.3.3, or perhaps 4.4 (to reflect the source
code directory layout change).
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 4.3.3
TLS 1.2 has been enabled by default.

The checkin of this bug added a comment with a TODO once TLS 1.2 has been enabled, I think a new bug should be filed to do that work.
Blocks: 1142724
I've filed bug 1142724.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: