If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Firefox 3.5 hangs when use client authentication with certificate in smartcard in Vista

RESOLVED INCOMPLETE

Status

()

Core
Security: PSM
--
critical
RESOLVED INCOMPLETE
8 years ago
a year ago

People

(Reporter: Jose Amador, Unassigned, NeedInfo)

Tracking

(Blocks: 1 bug, {hang})

1.9.1 Branch
x86
Windows Vista
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [psm-fatal][psm-auth], URL)

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; es-ES; rv:1.9.1) Gecko/20090624 Firefox/3.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; es-ES; rv:1.9.1) Gecko/20090624 Firefox/3.5

	
In any page that uses client authentication with certificate in smartcard in firefox 3.5 hangs after asking for the PIN, even if you press cancel. I tried 8 different pages, and several models of cards (Siemens, G & D). In firefox 3.0.11 was working properly. The certificate selection was in always ask

Reproducible: Always

Steps to Reproduce:
1. Go to any page with client authentication 
2. When it asks the smartcard PIN, write it and press OK
3.
Actual Results:  
Firefox hangs

Expected Results:  
Show certificate selection window

The OS is Windows Vista
Can you try in Safe Mode?
Version: unspecified → 3.5 Branch

Updated

8 years ago
Severity: critical → major
Keywords: hang
(Reporter)

Comment 2

8 years ago
Yes. The same result.
could be related to bug 495284
Assignee: nobody → kaie
Component: Security → Security: PSM
Product: Firefox → Core
QA Contact: firefox → psm
Version: 3.5 Branch → 1.9.1 Branch

Comment 4

8 years ago
Can not confirm. Maybe tries to validate with OCSP or CRL and can't?
(Reporter)

Comment 5

8 years ago
I tried it without validating OCSP. Furthermore, with the 3.0.11 and the same setup works.

Comment 6

8 years ago
No change in behavior when disabling OCSP? That's odd, I guess more details are needed in order to reproduce this alleged problem.
(Reporter)

Comment 7

8 years ago
No problem. What else do you need?

I find it odd too but I tested with two different computers and several cards.

Comment 8

8 years ago
Did you try on other systems than Vista? I hope Kai can help you with debugging.
(Reporter)

Comment 9

8 years ago
I tried with update 3.5.1 and the same result. The bug still remains.
When the program is frozen does not generate crash reports. I don't know if I can send you other useful information.

Someone was able to replicate it?

Comment 10

8 years ago
Which PKCS#11 provider do you use?
(Reporter)

Comment 11

8 years ago
I use G&D A.E.T. (aetpkss1.dll) and Siemens CardOS API 3.2 (siecap11.dll).

Updated

8 years ago
Blocks: 159274

Comment 12

8 years ago
I think the amount of testing performed justifies to set this to confirmed.
So we have a regression with smartcards in Firefox 3.5?

I don't remember a lot of new features in firefox 3.5 related to smartcards, so maybe this has to do with the NSS version used internally by Firefox?
Status: UNCONFIRMED → NEW
Ever confirmed: true
I've seen this behavior with a dirty smart card on Linux too. Cleaning the card solved the problem.
(Reporter)

Comment 14

8 years ago
I tried with ten cards so i donĀ“t think  that cleaning cards resolve the issue. With the 3.5.2 the problema persist when there are defined several hardware cryptographic devices.
(In reply to comment #14)
> With the 3.5.2 the problema persist when there are defined several hardware
> cryptographic devices.

Can you provide some more information, about which combination of devices you have, how many configured in Firefox etc.? I think you mentioned something important at the previous post.
(Reporter)

Comment 16

8 years ago
Yes. In #11 commented that "I use G&D A.E.T. (aetpkss1.dll) and Siemens CardOS API 3.2 (siecap11.dll)". I also tested with the provider of the Spanish ID card (UsrPKCS11.dll).
I meant, do you use multiple devices? Do you have many devices configured in Firefox? You mentioned several devices in comment 14.
(Reporter)

Comment 18

8 years ago
I use multiple cryptographic providers for multiple smartcards. What I mean is that I have configured multiple pkcs11 in security devices.
Thanks. Did you try with a clean profile and only the problematic device? 
@Kai, is there a way to debug it from the command line?
Severity: major → critical

Updated

7 years ago
Assignee: kaie → nobody
Whiteboard: [psm-fatal][psm-auth]

Comment 20

7 years ago
I see only one approach to debugging this:

- get help from a developer locally
- install a development environment on a machine that is set up 
  to use your particular smartcard hardware
- produce a debug build of Firefox
- run Firefox and reproduce the hang
- when Firefox hangs, use the developer tools to "break" into the application
- inspect the "caller stack" and report it here
Is this still an issue?
Flags: needinfo?(jamador)
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.