197082 - SSL fails when doing client auth with a password-less token

Status: RESOLVED FIXED

(NSS :: Libraries, defect)

Description

[Robert Relyea]

If you try to make an SSL connection with a client certificate stored in a token
which does not require Authentication, SSL will not be able to connect.

Comment 1

[Robert Relyea]

Attachment: Check to see if we need to log into the token before we require login.

This is a long standing issue, but in the past it only caused excessive session
restarts rather than out and out failures.

Comment 2

[Robert Relyea]

Target 3.7.3 (no 3.7.3 target using 3.7.2).

Comment 3

[Robert Relyea]

Patch checked into branch and tip.

To test:
create at database without any password.
load a cert.
use that cert to authenticate using SSL.

Comment 4

[Wan-Teh Chang]

Comment on attachment 116985 [details] [diff] [review]
Check to see if we need to log into the token before we require login.

r=wtc.

Comment 5

[Nelson Bolyard (seldom reads bugmail)]

Comment on attachment 116985 [details] [diff] [review]
Check to see if we need to log into the token before we require login.

I think this patch is correct, but I'd prefer that it was indented the same as
the preceeding tests, not an extra 8 characters of indentation.

Comment 6

[Robert Relyea]

Opps sorry, my standard has been to line up the end of the last line of a
logical block with the end of the viewed line (close to column 80). This code,
however, is in SSL and should follow Nelson's preferred usage. I've changed it
in the tip as nelson suggested.

Comment 7

[Nelson Bolyard (seldom reads bugmail)]

Should this bug be mark3ed fixed now?

Comment 8

[Robert Relyea]

Fix checked in and tested on NSS 3.7.3