Bug 987131
| Summary: | Pick up various upstream GCM code fixes applied since nss-3.14.3 was released | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Elio Maldonado Batiz <emaldona> | ||||||||||||
| Component: | nss | Assignee: | Elio Maldonado Batiz <emaldona> | ||||||||||||
| Status: | CLOSED ERRATA | QA Contact: | Alicja Kario <hkario> | ||||||||||||
| Severity: | high | Docs Contact: | |||||||||||||
| Priority: | high | ||||||||||||||
| Version: | 5.10 | CC: | amarecek, emaldona, eparis, hkario, kengert, ksrot, omoris, rrelyea | ||||||||||||
| Target Milestone: | rc | ||||||||||||||
| Target Release: | --- | ||||||||||||||
| Hardware: | Unspecified | ||||||||||||||
| OS: | Unspecified | ||||||||||||||
| Whiteboard: | |||||||||||||||
| Fixed In Version: | nss-3.14.3-17.el5 | Doc Type: | Bug Fix | ||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||
| Clone Of: | 976572 | Environment: | |||||||||||||
| Last Closed: | 2013-09-30 22:44:06 UTC | Type: | Bug | ||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||
| Documentation: | --- | CRM: | |||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||
| Embargoed: | |||||||||||||||
| Bug Depends On: | 976572, 988072, 988083 | ||||||||||||||
| Bug Blocks: | 968473, 983766 | ||||||||||||||
| Attachments: |
|
||||||||||||||
|
Comment 2
RHEL Program Management
2013-07-23 10:39:04 UTC
Aftee a carefull inspection and comparisons of the nss-3.15 against the ones downstream Bob Relyea identified several files within freebl and softoken that need to be synched up further with upstream to pick fixes. I will submit next the changes split into tree patches: for util, freebl, and softoekn as this way they are easier to apply either on rhel-5.10 or rhel-6.5. Created attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest
new TLS 1.2 mechanisms. This is one of the pkcs11 nss internal headers.
Created attachment 777843 [details]
change to lib/freebl/gcm.c
Created attachment 777845 [details]
changes to files within lib/softoken
Comment on attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest
r+ rrelyea
Comment on attachment 777843 [details]
change to lib/freebl/gcm.c
r+ rrelyea
Comment on attachment 777845 [details]
changes to files within lib/softoken
r+ rrelyea
Created attachment 778908 [details]
Display CPUINFO before the test start, already applied
Already checked it so it's for the record.
Created attachment 778910 [details]
Disable HW GCM if builtime environment variable DISABLE_HW_GCM=1
This is Bob Relyea's patch which is inside the crypto boundary. Therefore with it be applied here and also to nss-softokn for RHEL-6.5 as the code must be the same. Disabling of hawraware GM requres that 'export DISABLE_HW_GCM=1' be set on nss.spec. For RHEL-6.5 nss-softokn.spec we don't set it.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1318.html |