We present the client authentication UI and wait for the user to dismiss it synchronously in our client auth data hook (nsNSS_SSLGetClientAuthData in nsNSSIOLayer.cpp). Instead, we should dispatch an event to launch the UI and then return SECWouldBlock. libssl will wait for us to restart the handshake after the user has chosen his/her certificate. This depends on one or more bugs in libssl being fixed.
You need to log in before you can comment on or make changes to this bug.