Bug 770419
| Summary: | ssl https slowness login problems | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Frank Murphy <sysoutfran> | ||||
| Component: | nss | Assignee: | Elio Maldonado Batiz <emaldona> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | urgent | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 16 | CC: | caillon, emaldona, jhorak, kdudka, kengert, rrelyea | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | nss-softokn-3.13.1-15.fc16 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-01-11 06:18:41 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Frank Murphy
2011-12-26 12:18:35 UTC
Created attachment 549585 [details]
yum update c&p
libcurl does not work with nss-3.13, see bug 760060, pushing nss-3.13 to stable Fedora without having this major issue fixed was a big mistake. I would suggest to downgrade to nss-3.12 until a proper fix is available. Will downgrade + cc'd on #760060 Will check if the new curl in F17 changes things tomorrow. As of yet, there is no fix in curl. I tried curl from RHEL-6, F-15, F-16, and rawhide. All of them were broken when running on top of nss-3.13, but I have not had enough time to look further what exactly changed in nss. A big change in nss 3.13 is that the default value of SSL_ENABLE_SSL2 changed to FALSE. See https://bugzilla.mozilla.org/show_bug.cgi?id=593080 Could that have any bearing on this slowdown? Frank, please try this prior to running yum update: export NSS_SSL_CBC_RANDOM_IV=0 Does it make any difference? Will test in morning on after bootup. (In reply to comment #6) > Frank, please try this prior to running yum update: > > export NSS_SSL_CBC_RANDOM_IV=0 > > Does it make any difference? It appears to work, have been able to: sealert > bugzilla successfully. No (28,0) on yum update No snacks required for logging into gmail. Appreciate the extra mile. See the discussion in https://bugzilla.redhat.com/show_bug.cgi?id=770682 nss-softokn-3.13.1-15.fc16, nss-3.13.1-10.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/FEDORA-2012-0004/nss-3.13.1-10.fc16,nss-softokn-3.13.1-15.fc16 Package nss-softokn-3.13.1-15.fc16, nss-3.13.1-10.fc16: * should fix your issue, * was pushed to the Fedora 16 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing nss-softokn-3.13.1-15.fc16 nss-3.13.1-10.fc16' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-0004/nss-3.13.1-10.fc16,nss-softokn-3.13.1-15.fc16 then log in and leave karma (feedback). nss-softokn-3.13.1-15.fc16, nss-3.13.1-10.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. |