This bug is created as a clone of upstream ticket:
If the server is processing a start tls extop, and is sending back the "Start TLS request accepted.Server willing to negotiate SSL." response, and the ber_flush() call in flush_ber() returns non-zero, the server will deadlock.
One problem is that it is very difficult to get the server to return an error at this point. The customer is using an F5 load balancer and that seems to have something to do with it.
Is it possible to automate this ? If yes, could you please add verification steps ?
(In reply to Ján Rusnačko from comment #6)
> Is it possible to automate this ? If yes, could you please add verification
> steps ?
We do not know how to reproduce this, much less automate. The customer has verified that the patch works, so I think we will just have to mark the bug as verified by customer.
Verified sanity only on 389-ds-base-184.108.40.206-24.el6.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.