If an TLS connection requires a certificate that the server doesn't have, this error should be handled gracefully. Currently we run into an assertion failure and crash in debug builds. Using the NSS test suite output, this can be reproduced using the server and client directories and running selfserv and tstclnt from those directories. selfserv -D -p 7443 -d dbm:server -w nss -e localhost.localdomain-ec -c :C013 -V ssl3:tls1.2 -v tstclnt -p 7443 -d dbm:client -h localhost.localdomain -w nss -c :C013 -V ssl3:tls1.2 -f -v < ../../../nss/tests/ssl/sslreq.dat :C013 is TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA selfserv crashes with: Assertion failure: numPresent > 0 || numEnabled == 0, at ssl3con.c:814
You need to log in before you can comment on or make changes to this bug.