Closed
Bug 115683
Opened 23 years ago
Closed 23 years ago
NSS3.4 build. Expired web site cert crashes browser
Categories
(Core Graveyard :: Security: UI, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.2
People
(Reporter: junruh, Assigned: KaiE)
References
()
Details
1.) Visit the above site, and click OK on the Expired web site cert dialog box. What happens: Crash.
Comment 1•23 years ago
|
||
cc kai. correct summary -> NSS3.4
Summary: NSS4.3 build. Expired web site cert crashes browser → NSS3.4 build. Expired web site cert crashes browser
Comment 2•23 years ago
|
||
cc relyea
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → 2.2
Assignee | ||
Comment 3•23 years ago
|
||
Crashes on Linux, too. In nssTrustDomain_GetCertsForSubjectFromCache / file tdcache.c, there is this call: PZ_Lock(td->cache->lock); But td is NULL. Stack trace: #0 0x432a0795 in nssTrustDomain_GetCertsForSubjectFromCache (td=0x0, subject=0x87d8028, certListOpt=0x8808818) at tdcache.c:770 #1 0x4329f254 in NSSTrustDomain_FindCertificatesBySubject (td=0x0, subject=0x87d8028, rvOpt=0x0, maximumOpt=0, arenaOpt=0x0) at trustdomain.c:570 #2 0x4329cb24 in find_issuer_cert_for_identifier (c=0x87d7ff8, id=0x8805b60) at certificate.c:206 #3 0x4329cccd in NSSCertificate_BuildChain (c=0x87d7ff8, timeOpt=0x85fe038, usage=0x4103e0b4, policiesOpt=0x0, rvOpt=0x4103e0a8, rvLimit=2, arenaOpt=0x0, statusOpt=0x4103e0a4) at certificate.c:277 #4 0x432598b0 in CERT_FindCertIssuer (cert=0x87d89f8, validTime=1008959648195575, usage=certUsageSSLServer) at certvfy.c:419 #5 0x43259fe3 in CERT_VerifyCertChain (handle=0x87baa48, cert=0x87d89f8, checkSig=0, certUsage=certUsageSSLServer, t=1008959648195575, wincx=0x8776030, log=0x0) at certvfy.c:722 #6 0x4325aca9 in CERT_VerifyCert (handle=0x87baa48, cert=0x87d89f8, checkSig=0, certUsage=certUsageSSLServer, t=1008959648195575, wincx=0x8776030, log=0x0) at certvfy.c:1157 #7 0x4325ad8e in CERT_VerifyCertNow (handle=0x87baa48, cert=0x87d89f8, checkSig=0, certUsage=certUsageSSLServer, wincx=0x8776030) at certvfy.c:1198 #8 0x431676c8 in verifyCertAgain (cert=0x87d89f8, sslSocket=0x8776d88, infoObject=0x8776030) at ../../../../../mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp:1049 #9 0x43168c79 in nsNSSBadCertHandler (arg=0x8776030, sslSocket=0x8776d88) at ../../../../../mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp:1855 #10 0x43226a9f in ssl2_HandleServerHelloMessage (ss=0x8776128) at sslcon.c:2979 #11 0x4322acec in ssl_Do1stHandshake (ss=0x8776128) at sslsecur.c:156 #12 0x4322c9ae in ssl_SecureSend (ss=0x8776128, buf=0x85d4910 "GET /ciphers.html HTTP/1.1\r\nHost: bolohead.mcom.com:23168\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20011220\r\nAccept: text/xml, application/xml, application/xhtml+xml, text"..., len=459, flags=0) at sslsecur.c:1100 #13 0x4322cacf in ssl_SecureWrite (ss=0x8776128, buf=0x85d4910 "GET /ciphers.html HTTP/1.1\r\nHost: bolohead.mcom.com:23168\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20011220\r\nAccept: text/xml, application/xml, application/xhtml+xml, text"..., len=459) at sslsecur.c:1134 #14 0x432326d9 in ssl_Write (fd=0x8776d88, buf=0x85d4910, len=459) at sslsock.c:1252 #15 0x4316682a in nsSSLIOLayerWrite (fd=0x86f2608, buf=0x85d4910, amount=459) at ../../../../../mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp:709 #16 0x4030e837 in PR_Write (fd=0x86f2608, buf=0x85d4910, amount=459) at ../../../../../mozilla/nsprpub/pr/src/io/priometh.c:141 #17 0x409347b5 in nsSocketOS::Write (this=0x87a0230, aBuf=0x85d4910 "GET /ciphers.html HTTP/1.1\r\nHost: bolohead.mcom.com:23168\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20011220\r\nAccept: text/xml, application/xml, application/xhtml+xml, text"..., aCount=459, aBytesWritten=0x4103e938) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:2458 #18 0x4093470e in nsSocketOS::WriteFromSegments (input=0x85cf594, closure=0x87a0230, fromSegment=0x85d4910 "GET /ciphers.html HTTP/1.1\r\nHost: bolohead.mcom.com:23168\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20011220\r\nAccept: text/xml, application/xml, application/xhtml+xml, text"..., offset=0, count=459, countRead=0x4103e938) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:2438 #19 0x40294a39 in ConstCharImpl::ReadSegments (this=0x85cf590, writer=0x409346d8 <nsSocketOS::WriteFromSegments(nsIInputStream *, void *, char const *, unsigned int, unsigned int, unsigned int *)>, closure=0x87a0230, aCount=459, result=0x4103e938) at ../../../mozilla/xpcom/io/nsStringStream.cpp:359 #20 0x409348e7 in nsSocketOS::WriteFrom (this=0x87a0230, aIS=0x85cf594, aCount=16384, aBytesWritten=0x4103e938) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:2484 #21 0x40975022 in nsHttpTransaction::OnDataWritable (this=0x86ff4e0, os=0x87a0230) at ../../../../../mozilla/netwerk/protocol/http/src/nsHttpTransaction.cpp:213 #22 0x4097416d in nsHttpConnection::OnDataWritable (this=0x8678ed0, request=0x87ae058, context=0x8678ed4, outputStream=0x87a0230, offset=0, count=8192) at ../../../../../mozilla/netwerk/protocol/http/src/nsHttpConnection.cpp:669 #23 0x40935b0c in nsSocketWriteRequest::OnWrite (this=0x87ae058) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:2882 #24 0x40930820 in nsSocketTransport::doReadWrite (this=0x85d4c78, aSelectFlags=3) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:1081 #25 0x4092f0fd in nsSocketTransport::Process (this=0x85d4c78, aSelectFlags=3) at ../../../../mozilla/netwerk/base/src/nsSocketTransport.cpp:516 #26 0x40936e97 in nsSocketTransportService::Run (this=0x8146a38) at ../../../../mozilla/netwerk/base/src/nsSocketTransportService.cpp:516 #27 0x40239567 in nsThread::Main (arg=0x8154fa0) at ../../../mozilla/xpcom/threads/nsThread.cpp:120
OS: Windows 2000 → All
Hardware: PC → All
Assignee | ||
Comment 4•23 years ago
|
||
wtc: I provided some debugging results in above comments.
Comment 5•23 years ago
|
||
Thank you, Kai, for your help. Ian, could you take a look at the stack trace?
Comment 6•23 years ago
|
||
--> rev 1.15 of certdb/stanpcertdb.c I needed to make sure temp certs have a "home" in a trust domain. Is it the case that the root cert for the server cert is already in your db?
Assignee | ||
Comment 7•23 years ago
|
||
The cert was generated with John's private CA. I don't have that CA cert.
Assignee | ||
Comment 8•23 years ago
|
||
*** Bug 115684 has been marked as a duplicate of this bug. ***
Comment 10•23 years ago
|
||
I tested this today with selfserv and an expired cert and it worked.
Assignee | ||
Comment 11•23 years ago
|
||
I tested using todays build, it doesn't crash any more. John, I will provide you with todays windows build later today.
Assignee | ||
Comment 12•23 years ago
|
||
fixed
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 13•23 years ago
|
||
Verified with the 1/7 NSS build from /u/kaie.
Status: RESOLVED → VERIFIED
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•