Closed
Bug 484466
Opened 15 years ago
Closed 15 years ago
sec_error_invalid_args with NSS_ENABLE_PKIX_VERIFY=1
Categories
(NSS :: Libraries, defect, P1)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.3
People
(Reporter: rob, Assigned: alvolkov.bgs)
Details
(Whiteboard: PKIX)
Attachments
(1 file)
813 bytes,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) Build Identifier: trunk As reported in bug #483168 comment #43, the current Firefox HEAD + NSS HEAD shows a sec_error_invalid_args error when attempting to navigate to various https sites. Affected sites include: https://www.verisign.com https://secure.comodo.com https://www.globalsign.com Unaffected sites include: https://www.entrust.net https://www.startssl.com This problem did not occur 1 month ago when I reported bug #479508 comment #2. Reproducible: Always
Comment 1•15 years ago
|
||
The crucial detail for this bug is that it only occurs when NSS_ENABLE_PKIX_VERIFY=1 is set. So, this bug will be "major" when that condition becomes the default, but not until then.
Assignee: nobody → alexei.volkov.bugs
Priority: -- → P1
Whiteboard: PKIX
Target Milestone: --- → 3.12.4
Assignee | ||
Comment 2•15 years ago
|
||
The problem was introduced in the patch for the bug 444404. It happens when pkix_VerifyNode_SetError function sets "unknown issuer" error into verifyNode - the variable that suppose to point to the validation error log. pkix_VerifyNode_SetError(verifyNode, verifyError, plContext), Only in this case it is incorrect to use verifyNode. state->verifyNode should have been used instead of it. pkix_VerifyNode_SetError returns "invalid argument" error since verifyNode is NULL in the context. (state->verifyNode, verifyError, plContext),
Assignee | ||
Comment 3•15 years ago
|
||
Attachment #368936 -
Flags: review?(nelson)
Comment 4•15 years ago
|
||
Comment on attachment 368936 [details] [diff] [review] Patch v1 - use correct pointer to pkix error log structure r=nelson
Attachment #368936 -
Flags: review?(nelson) → review+
Updated•15 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Version: unspecified → trunk
Assignee | ||
Comment 5•15 years ago
|
||
> (From update of attachment 368936 [details] [diff] [review])
committed.
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Updated•15 years ago
|
Target Milestone: 3.12.4 → 3.12.3
You need to log in
before you can comment on or make changes to this bug.
Description
•