Bug 3816 - [UPDATE REQUEST] [UPSTREAM UPDATE] nss
: [UPDATE REQUEST] [UPSTREAM UPDATE] nss
Status: RESOLVED FIXED
Product: Server Bugs
Classification: ROSA Server
Component: Main Packages
: unspecified
: All Linux
: Normal normal
: ---
Assigned To: Andrew Lukoshko
: ROSA Server Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-02-25 17:39 MSK by Andrew Lukoshko
Modified: 2014-03-10 19:38 MSK (History)
1 user (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
andrew.lukoshko: published_server+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Lukoshko 2014-02-25 17:39:06 MSK
* Previously, the curl utility failed to communicate with active FTP over SSL where both control and data connections were encrypted and authenticated by a client certificate with a password-protected private key. This was caused by the NSS PEM module that pretended token removal whenever a key from file was being loaded. Consequently, when the private key was loaded to authenticate the data connection, it caused the already authenticated control connection to fail with the following error code:

SSL_ERROR_TOKEN_INSERTION_REMOVAL. 

The underlying source code in the NSS PEM module has been modified, and loading a single key multiple times no longer causes an SSL connection to fail.
Comment 2 Vladimir Potapov 2014-02-27 14:31:33 MSK
nss-3.15.3-6.res6
http://abf-downloads.rosalinux.ru/rosa-server65/container/1658409/
http://abf-downloads.rosalinux.ru/rosa-server65/container/1658410/
**************************** RHEL Advisory ***********************
* Previously, the curl utility failed to communicate with active FTP over SSL where both control and data connections were encrypted and authenticated by a client certificate with a password-protected private key. This was caused by the NSS PEM module that pretended token removal whenever a key from file was being loaded. Consequently, when the private key was loaded to authenticate the data connection, it caused the already authenticated control connection to fail with the following error code:

SSL_ERROR_TOKEN_INSERTION_REMOVAL. 

The underlying source code in the NSS PEM module has been modified, and loading a single key multiple times no longer causes an SSL connection to fail.
******************************************************************
QA Verified