Closed Bug 240988 Opened 21 years ago Closed 21 years ago

Third party PKCS#11 module crashes during SSL/TLS handshake.

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: markus.heintel, Assigned: KaiE)

Details

(Keywords: crash)

Attachments

(1 file)

Stack dump
27.93 KB, text/plain
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7b) Gecko/20040316 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7b) Gecko/20040316 We are in the development of a PKCS#11 library module for Siemens CardOS(R) smart cards. The following tests with Mozilla 1.7 on Mac OS X worked without any problem: - Load PKCS#11 module. - Log on to smart card. - Import PKCS#12 file onto smart card. - S/Mime Decryption/Encryption. - S/Mime Signature/Verification. Unfortunately we weren't that lucky with SSL/TLS Client Authentication. Pointing the browser to a location that requires SSL/TLS client authentication crashes Mozilla with the first call to the PKCS#11 library (either a C_Login() or a C_FindObjectsInit() depending on whether I logged onto the token before). The crash occurs somewhere within our library. So I don't want to blame you for our bugs. However I've got really no idea what the problem could be. All works fine (and really stable) in the scenarious listed above. I also tried Mozilla version 1.6 - same results. A test application that sends the same calls to the PKCS#11 library than Mozilla runs OK. Is it possible that the Mozilla crypto engine messes something up with either stack or memory during SSL/TLS? Everything works OK on Linux (SuSE 9.0, PCSCLite 1.2) as well as on Windows boxes. It would be great if I could get any hints from you. Don't hesitate to contact me in case any information is missing. Thanks a lot, Markus Reproducible: Always Steps to Reproduce: 1. Start Mozilla 2. Load third party PKCS#11 library module 3. Point to a location that requires client authentication Actual Results: Mozilla crashes
Markus, even if the crash is your lib's fault, it still might be useful to attach the stack trace generated by the crash to this bug.
Severity: major → critical
Keywords: crash, stackwanted
Attached file Stack dump
Stack dump as generated by the Apple Crash Report wizard.
Keywords: stackwanted
Markus, you might also try posting a message referencing this bug to <news://news.mozilla.org:119/netscape.public.mozilla.crypto>.
After reconfiguring and relinking the library in a different automake/autoconf environment (created on another Linux box) the problem is no longer reproducable. I suspect that there's been some misconfiguration in our build environment.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → WORKSFORME
Product: PSM → Core
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: