Closed
Bug 335436
Opened 19 years ago
Closed 11 years ago
Upgrade to NetSign CAC 5.5 crashes FireFox
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: rex.peralta, Unassigned)
Details
(Keywords: crash)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2
After an upgrade from NetSign CAC 4.2 to NetSign CAC 5.5, FireFox crashes. I am using FireFox version 1.5.0.2. The error that comes up is:
firefox.exe - Application Error
The instruction at "0x00000100" referenced memory at "0x00000100". The memory could not be "read".
It looks like the latest version of the core32.dll does not agree with FireFox. After uninstalling, then reinstalling FireFox, it no longer crashes. Once NetSign is added as a PKCS#11 device, FireFox crashes. Functionality can be restored by reverting to a known good copy of the profile folder (%APPDATA%\Mozilla).
Reproducible: Always
Steps to Reproduce:
Upgrade from a working FireFox/NetSign CAC 4.2 install to NetSign CAC 5.5
or Add NetSign CAC 5.5 as a PKCS#11 device
1. Go to Tools->Options.
2. Go to Advanced->Security->Security Devices.
3. In the Device Manager window, click Load.
4. In Load PKCS#11 Device window, fill out the following fields:
Module Name: NetSign
Module filename: C:\Windows\System32\core32.dll
5. Click OK.
6. Click OK to Confirm adding the device.
Note: The above procedure works with no issues under FireFox (1.x - 1.5.0.2) and NetSign CAC 4.2.
Actual Results:
FireFox crashes with the following error:
firefox.exe - Application Error
The instruction at "0x00000100" referenced memory at
"0x00000100". The memory could not be "read".
Expected Results:
Device gets added successfully and I am able to log onto CAC-enabled websites.
NetSign CAC is the middleware used to enable use of the DoD CAC (Common Access Card) Smart Card for website logon, digital signatures, encryption, etc.
Updated•19 years ago
|
Assignee: nobody → kengert
Component: OS Integration → Security: PSM
Product: Firefox → Core
QA Contact: os.integration
Version: unspecified → Other Branch
Reporter | ||
Comment 1•19 years ago
|
||
I've successfully loaded the core32.dll under Netscape 8.1. I'm not sure what the underlying PSM version is.
Assignee: kengert → nobody
Component: Security: PSM → Libraries
Keywords: crash
Product: Core → NSS
QA Contact: libraries
Version: Other Branch → 3.11
Comment 2•19 years ago
|
||
It shounds like the crashing module is not NSS/Firefox, but the third party pkcs#11 provider.
Did Netsign verify their software works in your configuration?
Reporter | ||
Comment 3•19 years ago
|
||
(In reply to comment #2)
> It shounds like the crashing module is not NSS/Firefox, but the third party
> pkcs#11 provider.
>
> Did Netsign verify their software works in your configuration?
>
No, they did not. Netscape 7.2 is the latest non-IE browser listed on the compatibility list. I have filed a support request with them via their web site, but being a regular Army user, I'm not sure what support I'm entitled to.
Comment 4•19 years ago
|
||
Netsign CAC 5.5.129 is the latest. 4.2.128 (patch e), 5.5.71, 5.5.128 and 128 all worked with Firefox 1.08. I do not have 1.08 and would like to get to test, can't find anywhere on the sites. Where can I get.
A number of user where using 5.5.x with 1.08 and no issue's reported until updated to 1.5 and began to fail as described below.
Don't believe Core32.dll was changed in 4.2.128 (patch e - unofficial) 5.5.71 to support Cisco VPN but still met the PKCS#11 for DoD CAC middleware and still worked with Firefox 1.08 as reported.
Where can I download 1.08 and other versions so I can test. If the vendor decides to test, they will also need this.
Without a fix, our will be forced to use IE or go back to Netscape 7.2.
I may be able to get more detail about the core32 but what changed between 1.08 and 1.5?
We still have a maintance contract through sept.
this seems promising: http://www.mozilla.com/products/download.html?product=firefox-1.0.8&os=win&lang=en-US
note that i invented the url, so you should be able to change the bits or pieces if you want some other strange variant.
Comment 6•19 years ago
|
||
(In reply to comment #4)
> We still have a maintance contract through sept.
with whom?
Comment 7•19 years ago
|
||
So NetSign CAC 4.2 works, but NetSign CAC 5.5 does not? and only on FF 1.5.*
We should verify that CAC 5.5 either 1) exports a PKCS 2.01 interface (claims 2.01), or 2) that it correctly implements C_WaitForSlotEvent. The C_WaitForSlotEvent call is the major change in FF 1.5 that is likely to trip over this problem PKCS #11 modules prior to 2.02 did not have this inteface, but any pkcs #11 module which claims to implement pkcs #11 2.02 and above needs to at least have this interface defined (it's ok to return CKR_FUNCTION_NOT_SUPPORTED).
There was a in the FF 1.5 Beta where NSS was not checking the version number of the PKCS #11 module and calling the C_WaitForSlotEvent even on 2.01 modules. This produced the same sort of crash. Given the symptoms, my guess is 5.5 is now claiming to be a >2.01 module but did not add an implementatin for C_WaitForSlotEvent. Do we have a contact in SafLink I can talk to?
bob
Comment 8•11 years ago
|
||
(In reply to Kai Engert (:kaie) from comment #2)
> It shounds like the crashing module is not NSS/Firefox, but the third party
> pkcs#11 provider.
>
> Did Netsign verify their software works in your configuration?
rex's address is no longer valid.
=> Invalid based on comment 2
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•