Bug 1731182
| Summary: | Interoperability test cases with session resumption sometimes fail to resume all sessions [rhel-8] | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Hubert Kario <hkario> | |
| Component: | nss | Assignee: | nss-nspr-maint <nss-nspr-maint> | |
| Status: | CLOSED DEFERRED | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | |
| Severity: | low | Docs Contact: | ||
| Priority: | low | |||
| Version: | 8.1 | CC: | asosedki, dueno, inikolch, omoris, rrelyea, szidek | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1766580 (view as bug list) | Environment: | ||
| Last Closed: | 2021-01-08 22:43:19 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1766580 | |||
Setting Release Target to 8.3, the next expect nss rebase assuming upstream has a patch. This issue is now tracked in Jira: https://issues.redhat.com/browse/CRYPTO-3166 |
Description of problem: strsclnt resumes fewer session than expected Version-Release number of selected component (if applicable): nss-3.44.0-7.el8_0 How reproducible: random, infrequent (around 1 in 500 connections) Steps to Reproduce: 1. run strsclnt against GnuTLS or OpenSSL server: /usr/lib64/nss/unsupported-tools/strsclnt -c 10 -P 20 -p 4433 -C :1303 -J rsa_pss_pss_sha256,rsa_pss_pss_sha384,rsa_pss_pss_sha512 -d sql:./ca-db/ -V tls1.3:tls1.3 localhost &> client.log Actual results: strsclnt: -- SSL: Server Certificate Validated. strsclnt: 0 cache hits; 0 cache misses, 0 cache not reusable 0 stateless resumes strsclnt: -- SSL: Server Certificate Validated. strsclnt: -- SSL: Server Certificate Validated. strsclnt: 7 cache hits; 0 cache misses, 0 cache not reusable 7 stateless resumes Expected results: strsclnt: -- SSL: Server Certificate Validated. strsclnt: 0 cache hits; 0 cache misses, 0 cache not reusable 0 stateless resumes strsclnt: -- SSL: Server Certificate Validated. strsclnt: -- SSL: Server Certificate Validated. strsclnt: 8 cache hits; 0 cache misses, 0 cache not reusable 8 stateless resumes Additional info: