1342745 – nss regression

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1342745 - nss regression

Summary: nss regression

Keywords:
Status:	CLOSED DUPLICATE of bug 1342158
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	nss
Sub Component:
Version:	23
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Elio Maldonado Batiz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-06-04 15:32 UTC by Thomas Köller
Modified:	2016-07-11 20:49 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-07-11 20:49:30 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Thomas Köller 2016-06-04 15:32:43 UTC

Description of problem:
Updating nss from nss-3.23.0-1.0.fc23.x86_64 to 3.24.0-1.1.fc23.x86_64 left my system in a state where I was unable to log in. User information  on my system is kept in a LDAP data base against which login requests are checked. After the update, LDAP clients could no longer connect to slapd using TLS. The journal contained lines like this:

Jun 04 14:08:05 sarkovy sssd[be[koeller.dyndns.org]][1251]: Could not start TLS encryption. unknown error

After downgrading nss to 3.23.0-1.0.fc23, the problem disappeared.

Version-Release number of selected component (if applicable):
3.24.0-1.1.fc23.x86_64

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:
see above

Expected results:


Additional info:

Comment 1 Thomas Köller 2016-06-04 15:37:02 UTC

Additional information:
Should have mentioned that slapd on my system does not actually use nss for SSL/TLS services, instead, it is using openssl.

Comment 2 Elio Maldonado Batiz 2016-06-04 17:44:35 UTC

(In reply to Thomas Köller from comment #1)
This looks like Bug 1342158 for which a Bodhi update under testing is available at https://bodhi.fedoraproject.org/updates/FEDORA-2016-db48cd10e9

Comment 3 Kai Engert (:kaie) (inactive account) 2016-06-14 17:09:38 UTC

Thomas, could you please give feedback, if the mentioned package update fixes the issue for you?

Comment 4 Thomas Köller 2016-07-11 20:12:59 UTC

Yes, it does.

Comment 5 Elio Maldonado Batiz 2016-07-11 20:49:30 UTC

Thank you Thomas for the feedback, I can now close it a duplicate.

*** This bug has been marked as a duplicate of bug 1342158 ***

Note You need to log in before you can comment on or make changes to this bug.