Closed Bug 310260 Opened 15 years ago Closed 15 years ago

JSS CipherSuite SSLServer talking to JSSE SSLClient test broken

Categories

(NSS :: Libraries, defect, P1)

3.11
Sun
Solaris
defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: glenbeasley, Assigned: glenbeasley)

Details

Attachments

(1 file)

The JSS CipherSuite SSLServer talking to JSSE SSLClient test was broken

============ Start JSS server tests
============= Start JSSE client tests
main: jss library loaded

Using java version 1.4.2_09

Testing TLS Cipher list ...
***FilePasswordCallback returns netscape
Testing SSLv3 Cipher list ...
#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
#  SIGSEGV (0xb) at pc=0xfbf9a77c, pid=6095, tid=1
#
# Java VM: Java HotSpot(TM) Client VM (1.4.2_09-b05 mixed mode)
# Problematic frame:
# C  [libssl3.so+0xa77c]
#
# An error report file with more information is saved as hs_err_pid6095.log
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#
The macro svrAuth->SERVERKEY is defined as
sslimpl.h:#define SERVERKEY serverKeyPair->privKey
so first check if svrAuth->serverKeyPair is not NULL.
Attachment #197654 - Flags: superreview?(nelson)
Comment on attachment 197654 [details] [diff] [review]
check to see if the sslServerCerts structure has been initialized

The crash occurs when the server socket has not been configured with a cert and
private key.  This patch will eliminate the crash, but the server still will
not work correctly until it has been fixed to properly configure the socket
with the server cert and private key.
Attachment #197654 - Flags: superreview?(nelson) → review+
Checking in ssl3con.c;  new revision: 1.75; previous revision: 1.74

Christophe, This bugfix is required for 3.11 Beta 1.
If the nightly builds started before the time of this checkin, 
they will have to be redone.  
Status: NEW → RESOLVED
Closed: 15 years ago
Priority: -- → P1
Resolution: --- → FIXED
Target Milestone: --- → 3.11
responding to comment 2 

The JSS server was configured with a cert and private key, the problem is the 
JSS server program tries to incorrectly enable the NSS client only DH and DHE
ciphers for the created server socket. 

I'll create a separate bug to fix the JSS test code. 




Priority: P1 → --
Target Milestone: 3.11 → ---
Priority: -- → P1
Target Milestone: --- → 3.11
I wrote: "The crash occurs when the server socket has not been configured 
with a cert and private key."  I should have added, "of the type required
by one one of the enabled cipher suites."  

So, if you enabled a DSA cipher suite, but haven't configured the SSL server 
socket with a DSA cert and DSA private key, then this crash will occur, even 
if you do have an RSA cert and RSA private key configured.  Hope that helps.
You need to log in before you can comment on or make changes to this bug.