Open
Bug 1170481
Opened 9 years ago
Updated 5 months ago
assertion failure in ssl3_config_match_init if server lacks certificate of required type
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
NEW
People
(Reporter: KaiE, Unassigned, NeedInfo)
Details
If an TLS connection requires a certificate that the server doesn't have, this error should be handled gracefully. Currently we run into an assertion failure and crash in debug builds. Using the NSS test suite output, this can be reproduced using the server and client directories and running selfserv and tstclnt from those directories. selfserv -D -p 7443 -d dbm:server -w nss -e localhost.localdomain-ec -c :C013 -V ssl3:tls1.2 -v tstclnt -p 7443 -d dbm:client -h localhost.localdomain -w nss -c :C013 -V ssl3:tls1.2 -f -v < ../../../nss/tests/ssl/sslreq.dat :C013 is TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA selfserv crashes with: Assertion failure: numPresent > 0 || numEnabled == 0, at ssl3con.c:814
Updated•2 years ago
|
Severity: normal → S3
Comment 1•5 months ago
|
||
Dennis, can you please confirm the Priority and Severity on this bug ?
Severity: S3 → S4
Flags: needinfo?(djackson)
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•