Bug 987131 - Pick up various upstream GCM code fixes applied since nss-3.14.3 was released
Pick up various upstream GCM code fixes applied since nss-3.14.3 was released
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: nss (Show other bugs)
5.10
Unspecified Unspecified
high Severity high
: rc
: ---
Assigned To: Elio Maldonado Batiz
Hubert Kario
:
Depends On: 976572 988072 988083
Blocks: RHEL65FIPS140 983766
  Show dependency treegraph
 
Reported: 2013-07-22 14:49 EDT by Elio Maldonado Batiz
Modified: 2013-09-30 18:44 EDT (History)
8 users (show)

See Also:
Fixed In Version: nss-3.14.3-17.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 976572
Environment:
Last Closed: 2013-09-30 18:44:06 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
adds to util/pkcs11n.h with new #defines needed for the rest (818 bytes, patch)
2013-07-24 11:32 EDT, Elio Maldonado Batiz
rrelyea: review+
Details | Diff
change to lib/freebl/gcm.c (600 bytes, patch)
2013-07-24 11:34 EDT, Elio Maldonado Batiz
rrelyea: review+
Details | Diff
changes to files within lib/softoken (7.75 KB, patch)
2013-07-24 11:38 EDT, Elio Maldonado Batiz
rrelyea: review+
Details | Diff
Display CPUINFO before the test start, already applied (930 bytes, patch)
2013-07-26 19:19 EDT, Elio Maldonado Batiz
no flags Details | Diff
Disable HW GCM if builtime environment variable DISABLE_HW_GCM=1 (2.21 KB, patch)
2013-07-26 19:31 EDT, Elio Maldonado Batiz
no flags Details | Diff

  None (edit)
Comment 2 RHEL Product and Program Management 2013-07-23 06:39:04 EDT
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 4 Elio Maldonado Batiz 2013-07-24 11:25:49 EDT
Aftee a carefull inspection and comparisons of the nss-3.15 against the ones downstream Bob Relyea identified several files within freebl and softoken that need to be synched up further with upstream to pick fixes. I will submit next the changes split into tree patches: for util, freebl, and softoekn as this way they are easier to apply either on rhel-5.10 or rhel-6.5.
Comment 5 Elio Maldonado Batiz 2013-07-24 11:32:00 EDT
Created attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest

new TLS 1.2 mechanisms. This is one of the pkcs11 nss internal headers.
Comment 6 Elio Maldonado Batiz 2013-07-24 11:34:12 EDT
Created attachment 777843 [details]
change to lib/freebl/gcm.c
Comment 7 Elio Maldonado Batiz 2013-07-24 11:38:02 EDT
Created attachment 777845 [details]
changes to files within lib/softoken
Comment 8 Bob Relyea 2013-07-24 14:42:25 EDT
Comment on attachment 777840 [details]
adds to util/pkcs11n.h with new #defines needed for the rest

r+ rrelyea
Comment 9 Bob Relyea 2013-07-24 14:43:09 EDT
Comment on attachment 777843 [details]
change to lib/freebl/gcm.c

r+ rrelyea
Comment 10 Bob Relyea 2013-07-24 14:44:14 EDT
Comment on attachment 777845 [details]
changes to files within lib/softoken

r+ rrelyea
Comment 11 Elio Maldonado Batiz 2013-07-26 19:19:24 EDT
Created attachment 778908 [details]
Display CPUINFO before the test start, already applied

Already checked it so it's for the record.
Comment 12 Elio Maldonado Batiz 2013-07-26 19:31:03 EDT
Created attachment 778910 [details]
Disable HW GCM if builtime environment variable DISABLE_HW_GCM=1

This is Bob Relyea's patch which is inside the crypto boundary. Therefore with it be applied here and also to nss-softokn for RHEL-6.5 as the code must be the same. Disabling of hawraware GM requres that 'export DISABLE_HW_GCM=1' be set on nss.spec. For RHEL-6.5 nss-softokn.spec we don't set it.
Comment 17 errata-xmlrpc 2013-09-30 18:44:06 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1318.html

Note You need to log in before you can comment on or make changes to this bug.