987131 – Pick up various upstream GCM code fixes applied since nss-3.14.3 was released

Bug 987131 - Pick up various upstream GCM code fixes applied since nss-3.14.3 was released

Summary: Pick up various upstream GCM code fixes applied since nss-3.14.3 was released

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	nss
Sub Component:
Version:	5.10
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Elio Maldonado Batiz
QA Contact:	Alicja Kario
Docs Contact:
URL:
Whiteboard:
Depends On:	976572 988072 988083
Blocks:	RHEL65FIPS140 983766
TreeView+	depends on / blocked

Reported:	2013-07-22 18:49 UTC by Elio Maldonado Batiz
Modified:	2013-09-30 22:44 UTC (History)
CC List:	8 users (show)
Fixed In Version:	nss-3.14.3-17.el5
Doc Type:	Bug Fix
Doc Text:
Clone Of:	976572
Environment:
Last Closed:	2013-09-30 22:44:06 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
adds to util/pkcs11n.h with new #defines needed for the rest (818 bytes, patch) 2013-07-24 15:32 UTC, Elio Maldonado Batiz	rrelyea: review+	Details \| Diff
change to lib/freebl/gcm.c (600 bytes, patch) 2013-07-24 15:34 UTC, Elio Maldonado Batiz	rrelyea: review+	Details \| Diff
changes to files within lib/softoken (7.75 KB, patch) 2013-07-24 15:38 UTC, Elio Maldonado Batiz	rrelyea: review+	Details \| Diff
Display CPUINFO before the test start, already applied (930 bytes, patch) 2013-07-26 23:19 UTC, Elio Maldonado Batiz	no flags	Details \| Diff
Disable HW GCM if builtime environment variable DISABLE_HW_GCM=1 (2.21 KB, patch) 2013-07-26 23:31 UTC, Elio Maldonado Batiz	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:1318	0	normal	SHIPPED_LIVE	nss bug fix and enhancement update	2013-09-30 21:13:17 UTC

Comment 2 RHEL Program Management 2013-07-23 10:39:04 UTC

This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.

Comment 4 Elio Maldonado Batiz 2013-07-24 15:25:49 UTC

Aftee a carefull inspection and comparisons of the nss-3.15 against the ones downstream Bob Relyea identified several files within freebl and softoken that need to be synched up further with upstream to pick fixes. I will submit next the changes split into tree patches: for util, freebl, and softoekn as this way they are easier to apply either on rhel-5.10 or rhel-6.5.

Comment 5 Elio Maldonado Batiz 2013-07-24 15:32:00 UTC

Created attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest

new TLS 1.2 mechanisms. This is one of the pkcs11 nss internal headers.

Comment 6 Elio Maldonado Batiz 2013-07-24 15:34:12 UTC

Created attachment 777843 [details]
change to lib/freebl/gcm.c

Comment 7 Elio Maldonado Batiz 2013-07-24 15:38:02 UTC

Created attachment 777845 [details]
changes to files within lib/softoken

Comment 8 Bob Relyea 2013-07-24 18:42:25 UTC

Comment on attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest

r+ rrelyea

Comment 9 Bob Relyea 2013-07-24 18:43:09 UTC

Comment on attachment 777843 [details]
change to lib/freebl/gcm.c

r+ rrelyea

Comment 10 Bob Relyea 2013-07-24 18:44:14 UTC

Comment on attachment 777845 [details]
changes to files within lib/softoken

r+ rrelyea

Comment 11 Elio Maldonado Batiz 2013-07-26 23:19:24 UTC

Created attachment 778908 [details]
Display CPUINFO before the test start, already applied

Already checked it so it's for the record.

Comment 12 Elio Maldonado Batiz 2013-07-26 23:31:03 UTC

Created attachment 778910 [details]
Disable HW GCM if builtime environment variable DISABLE_HW_GCM=1

This is Bob Relyea's patch which is inside the crypto boundary. Therefore with it be applied here and also to nss-softokn for RHEL-6.5 as the code must be the same. Disabling of hawraware GM requres that 'export DISABLE_HW_GCM=1' be set on nss.spec. For RHEL-6.5 nss-softokn.spec we don't set it.

Comment 17 errata-xmlrpc 2013-09-30 22:44:06 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1318.html

Note You need to log in before you can comment on or make changes to this bug.