This bug and its fix has two parts: 1) The patch to skip ssl2 and export suite suites tests had some shell syntax errors which caused too many tests to be skipped which should shouldn't have been skipped. As a result some failures weren't being detected. 2) The patch to disable support ssl2 and export cipher suites for libssl didn't account in its conditional checks for NULL cipher suites and disabled it as well which it wasn't supposed to do. The fix implemented is the one proposed by Kai on https://bugzilla.redhat.com/show_bug.cgi?id=1245627#c15
Created attachment 1073441 [details] disable ssl2 & export ciphers but allow the ..._RSA_WITH_NULL_... ones
Created attachment 1073442 [details] Fix checks for SSL2 and EXPORT cipher suites tests
Created attachment 1073443 [details] tstclnt ssl2 off by default
Comment on attachment 1073442 [details] Fix checks for SSL2 and EXPORT cipher suites tests The last chunk with diff --git a/tests/ssl/sslcov.noSSL2orExport.txt b/tests/ssl/sslcov.noSSL2orExport.txt goes away. Per Kai's suggestion the sslcov.txt and sslstress.txt modifications are now done on-the-fly at the end of %prep section of nss.spec. That way we don't have keep updating the patches when rebasing.
Created attachment 1073445 [details] disable ssl stress tests for ..._TLS_RC4_128_with_MD5 ciphers
nss-util-3.22.0-1.0.fc23 nss-softokn-3.22.0-1.0.fc23 nss-3.22.0-1.0.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-53890487b0
nspr-4.11.0-1.fc23, nss-3.22.0-1.0.fc23, nss-softokn-3.22.0-1.0.fc23, nss-util-3.22.0-1.0.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-53890487b0
nspr-4.11.0-1.fc23, nss-3.22.0-1.0.fc23, nss-softokn-3.22.0-1.0.fc23, nss-util-3.22.0-1.0.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
nspr-4.11.0-1.fc22, nss-3.22.0-1.0.fc22, nss-softokn-3.22.0-1.0.fc22, nss-util-3.22.0-1.0.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-2f0441bc7b
nspr-4.11.0-1.fc22, nss-3.22.0-1.0.fc22, nss-softokn-3.22.0-1.0.fc22, nss-util-3.22.0-1.0.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.