Closed
Bug 73708
Opened 24 years ago
Closed 24 years ago
Leak of certs in the temp cert DB
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.3
People
(Reporter: nelson, Assigned: nelson)
Details
Sonja ran a test using selfserv configured to request client
authentication and hundreds of strsclnts, each with a different
ssl client certificate. Each client did a few connections,
normally using SSL restart for all but the first.
When the test was over, all the client certs and ~38 root CA
certs were left in the temp cert DB.
I don't know if the root CA certs being there is by design
or in error.
The SSL client certs being there constitutes a leak, and must
be fixed ASAP.
|
Assignee | |
Comment 1•24 years ago
|
||
I'd like to get the fix into NSS 3.2.1 but I don't know if I can
find the leak that quickly.
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 3.3
|
|
Assignee | |
Comment 2•24 years ago
|
||
The major leak turned out to be in the cert authentication callback
function that is part of the test programs, not part of the NSS
libraries. The fixes to the callback functions in those test programs
have been checked in on the trunk and will be part of NSS 3.3.
There may also be a separate leak of root CA certs, but there is a
small finite number of such certs, so a leak there will not lead
to unbounded memory growth.
So, I am reducing the priority of this bug from P1 to P2.
Priority: P1 → P2
|
|
Assignee | |
Comment 3•24 years ago
|
||
Marking fixed because of the change to selfserv described above that
was checked in back in April.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•