Closed
Bug 125263
Opened 23 years ago
Closed 23 years ago
"Peer's Certificate Issuer is not recognized" errors on solaris
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.4
People
(Reporter: bugz, Assigned: bugz)
Details
When stressing selfserv with required client auth on the first handshake, the error "Peer's certificate issuer is not recognized" appears about once per 10,000 connections. This would appear to be a timing issue in the temp store code, which would store all of the peer's cert chain but the root. After reviewing the temp store code, I found a likely suspect. Opening bug to track issue, but have fix in hand I will check in, as it is needed irregardless.
Assignee | ||
Comment 1•23 years ago
|
||
/cvsroot/mozilla/security/nss/lib/pki/pkistore.c,v <-- pkistore.c new revision: 1.10; previous revision: 1.9 As the log notes, the searches involved here were not capturing the state of the subject list within the store's lock, could cause problems as noted on this bug. Testing now.
Target Milestone: --- → 3.4
Assignee | ||
Comment 2•23 years ago
|
||
Did not fix bug, unless I messed up my build. I did 100,000 sessions and saw the error 6 times.
Updated•23 years ago
|
Priority: -- → P1
Assignee | ||
Comment 3•23 years ago
|
||
/cvsroot/mozilla/security/nss/lib/pki/pkistore.c,v <-- pkistore.c new revision: 1.11; previous revision: 1.10 This problem is rather intricate. It is a timing issue that shows up when destroying a temp cert. There is a lengthy description in the comment block above the fix. Unfortunately, my connection went dead as I was testing the fix. But I was able to use PR_Sleep to hasten the problem, to the point where it happened within 1000 connections reliably. The test was up to 15,000 with the fix. Will mark fixed after more testing.
Assignee | ||
Comment 4•23 years ago
|
||
More testing done. Marking fixed.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•