Bugzilla

Return a failure from nsNSS_SSLGetClientAuthData doesn't obviously kill the connection.  I've added a mKill flag on nsNSSSocketInfo that is:
- set when a speculative https connection asks for client cert
- converted in PSMRecv and PSMSend to a failure

I don't know how else to SAFELY kill the connection from SSLGetClientAuthData, Dana if you do, please let me know.  I'm not happy with testing IsKilled() before and after each recv/send on the socket...


Note that is something weird happening with preconnected ssl sockets.  I was not able to locally confirm this patch works when doing a preconnect to a local server requiring a client cert (added few hacks to run this code path, at least).

That is probably a different bug, I'll file it after some more investigation not involving client certs and this patch.