Closed Bug 326963 Opened 19 years ago Closed 19 years ago

Interoperability test with apache/mod_ssl: tstclnt produces: assertion failure: secmod_PrivateModuleCount == 0

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.11
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.1

People

(Reporter: alvolkov.bgs, Assigned: alvolkov.bgs)

Details

Attachments

(4 files)

output of tstclnt with SSLTRACE
86.18 KB, text/plain
Details
ssltap output
18.66 KB, text/plain
Details
mod_ssl log
23.29 KB, text/plain
Details
bug fix
1.27 KB, patch
nelson
: review+
julien.pierre
: superreview+
Details | Diff | Splinter Review
Getting the assertion when configure server to request client auth for a directory access. Server global zone is configured to request client cert. See attached files for details. It looks like one reference is left to sid->localCert after SSL_ClearSessionCache() function call.
Attached file ssltap output
Attached file mod_ssl log
Attached patch bug fixSplinter Review
leaking cert and priv key in case when server sends request for renegotiation regardless the fact that it already has client cert. If such thing happen, ssl library on the client side should dispose not only cert chain but the user cert of the session and its private key that been left from previous session.
Attachment #211808 - Flags: review?(nelson)
Summary: Interoperability test with apache/mod_sll: tstclnt produces: assertion failure: secmod_PrivateModuleCount == 0 → Interoperability test with apache/mod_ssl: tstclnt produces: assertion failure: secmod_PrivateModuleCount == 0
Comment on attachment 211808 [details] [diff] [review] bug fix r=nelson. Good Job. I'm impressed with how quickly you found that leak. I'm asking Julien for SR so that this patch can go into 3.11.1
Attachment #211808 - Flags: superreview?(julien.pierre.bugs)
Attachment #211808 - Flags: review?(nelson)
Attachment #211808 - Flags: review+
Nominating for NSS 3.11.1
Priority: -- → P2
Target Milestone: --- → 3.11.1
Attachment #211808 - Flags: superreview?(julien.pierre.bugs) → superreview+
Checking in ssl3con.c: 1.77 -> 1.78 Checking in ssl3con.c NSS_3_11_BRANCH: 1.76.2.1 -> 1.76.2.2
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: