Closed
Bug 85773
Opened 23 years ago
Closed 22 years ago
smime testing dumps core in cmsutil.c
Categories
(NSS :: Tools, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.4
People
(Reporter: mbar, Assigned: kirk.erickson)
References
Details
OK, so I've built and run the tests against NSS 3.2.1. I'm getting some tests that pass on the optimized build, yet dump core in cmsutil on the debug build (appended to the end of this posting) I've looked at cmsutil and the core file with dbx and found what looks to be a bug in cmsutil.c, but perhaps one of you could look at it and say yea or nay. Following, I've included the bits of cmsutil.c and the dbx session. Please note that in main(), encryptOptions is passed to get_enc_params() and its .options element is eventually accessed, causing the SIGSEGV. In main(), it is decodeOptions.options that gets the address of main::options rather than encryptOptions.options. encryptOptions is the struct that eventually has its .options element accessed -- and which element contains a null pointer. Cheers, Matthew First, the bit of code under consideration: in main() switch (mode) { case DECODE: decodeOptions.options = &options; if (encryptOptions.envFile) { /* Decoding encrypted-data, so get the bulkkey from an * enveloped-data message. */ SECU_FileToItem(&envmsg, encryptOptions.envFile); decodeOptions.options = &options; encryptOptions.envmsg = decode(NULL, &dummy, &envmsg, decodeOptions); rv = get_enc_params(&encryptOptions); decodeOptions.dkcb = dkcb; decodeOptions.bulkkey = encryptOptions.bulkkey; } cmsg = decode(outFile, &output, &input, decodeOptions); if (!cmsg) { SECU_PrintError(progName, "problem decoding"); exitstatus = 1; } fwrite(output.data, output.len, 1, outFile); break; in get_enc_params() SECItem dummyOut = { 0, 0, 0 }; SECItem dummyIn = { 0, 0, 0 }; char str[] = "Hello!"; PLArenaPool *tmparena = PORT_NewArena(1024); dummyIn.data = str; dummyIn.len = strlen(str); envelopeOptions.options = encryptOptions->options; envelopeOptions.recipients = encryptOptions->recipients; env_cmsg = enveloped_data(envelopeOptions); NSS_CMSDEREncode(env_cmsg, &dummyIn, &dummyOut, tmparena); in enveloped_data() int cnt; dbhandle = envelopeOptions.options->certHandle; ** SEGV happens here ** /* count the recipients */ if ((cnt = nss_CMSArray_Count(envelopeOptions.recipients)) == 0) { Now the dbx session: # dbx ../cmd/smimetools/IRIX6.5_n32_PTH_DBG.OBJ/cmsutil ../../../tests_results/security/foo3.2/smime/core dbx version 7.3.1 68542_Oct26 MR Oct 26 2000 17:50:34 Core from signal SIGSEGV: Segmentation violation (dbx) where > 0 enveloped_data(envelopeOptions = (...)) ["/tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/cmd/smimetools/cmsutil.c":544, 0x10006218] 1 get_enc_params(encryptOptions = 0x7fff2d18) ["/tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/cmd/smimetools/cmsutil.c":665, 0x10006804] 2 main(argc = 12, argv = 0x7fff2e64) ["/tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/cmd/smimetools/cmsutil.c":1203, 0x10007f24] 3 __start() ["/xlv55/kudzu-apr12/work/irix/lib/libc/libc_n32_M3/csu/crt1text.s":177, 0x10004d18] (dbx) up get_enc_params: 665 env_cmsg = enveloped_data(envelopeOptions); (dbx) l 660 660 PLArenaPool *tmparena = PORT_NewArena(1024); 661 dummyIn.data = str; 662 dummyIn.len = strlen(str); 663 envelopeOptions.options = encryptOptions->options; 664 envelopeOptions.recipients = encryptOptions->recipients; * 665 env_cmsg = enveloped_data(envelopeOptions); 666 NSS_CMSDEREncode(env_cmsg, &dummyIn, &dummyOut, tmparena); 667 PR_Write(encryptOptions->envFile, dummyOut.data, dummyOut.len); 668 PORT_FreeArena(tmparena, PR_FALSE); 669 } (dbx) p encryptOptions 0x7fff2d18 (dbx) p encryptOptions->options (nil) (dbx) up main:1203 rv = get_enc_params(&encryptOptions); (dbx) p options struct optionsStr { password = 0x10075020 = "nss" certUsage = certUsageEmailSigner=4 certHandle = 0x100766a8 } (dbx) p encryptOptions struct encryptOptionsStr { options = (nil) recipients = (nil) envmsg = (nil) input = (nil) outfile = (nil) envFile = 0x10076668 bulkkey = (nil) bulkalgtag = SEC_OID_UNKNOWN=0 keysize = -1 } (dbx) My proposed fix: in main() switch (mode) { case DECODE: decodeOptions.options = &options; if (encryptOptions.envFile) { /* Decoding encrypted-data, so get the bulkkey from an * enveloped-data message. */ SECU_FileToItem(&envmsg, encryptOptions.envFile); decodeOptions.options = &options; encryptOptions.options = &options; /* ADDED THIS LINE */ encryptOptions.envmsg = decode(NULL, &dummy, &envmsg, decodeOptions); rv = get_enc_params(&encryptOptions); decodeOptions.dkcb = dkcb; decodeOptions.bulkkey = encryptOptions.bulkkey; } cmsg = decode(outFile, &output, &input, decodeOptions); if (!cmsg) { SECU_PrintError(progName, "problem decoding"); exitstatus = 1; } fwrite(output.data, output.len, 1, outFile); break; ================================================================== output.log follows ================================================================== init.sh init: Testing PATH /tinderbox5.0/components/nss/3.2.1/mozilla/dist/IRIX6.5_n32_PTH_DBG.OBJ/bin:/tinderbox5.0/components/nss/3.2.1/mozilla/dist/IRIX6.5_n32_PTH_DBG.OBJ/lib:/usr/local/bin:/usr/sbin:/usr/bsd:/sbin:/usr/bin:/bin:/etc:/usr/etc:/usr/bin/X11:/usr/java/bin:/usr/freeware/bin:/usr/etc/yp:/usr/Cadmin/bin:/usr/lib:/usr/lib/uucp:/lib:.:/u/mbarker/bin:/tools/ns/bin:/tools/ns/sbin against LIB /tinderbox5.0/components/nss/3.2.1/mozilla/dist/IRIX6.5_n32_PTH_DBG.OBJ/lib cert.sh: Certutil Tests =============================== cert.sh: Creating a CA Certificate ========================== cert.sh: Creating CA Cert DB -------------------------- certutil -N -d . -f ../tests.pw.182422 cert.sh: Certificate initialized ---------- cert.sh: Creating CA Cert -------------------------- certutil -s "CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US" -S -n TestCA -t CTu,CTu,CTu -v 60 -x -d . -1 -2 -5 -f ../tests.pw.182422 -z ../tests_noise.182422 Generating key. This may take a few moments... 0 - Digital Signature 1 - Non-repudiation 2 - Key encipherment 3 - Data encipherment 4 - Key agreement 5 - Cert signning key 6 - CRL signning key Other to finish 0 - Digital Signature 1 - Non-repudiation 2 - Key encipherment 3 - Data encipherment 4 - Key agreement 5 - Cert signning key 6 - CRL signning key Other to finish Is this a critical extension [y/n]? Is this a CA certificate [y/n]? Enter the path length constraint, enter to skip [<0 for unlimited path]: Is this a critical extension [y/n]? 0 - SSL Client 1 - SSL Server 2 - S/MIME 3 - Object Signing 4 - Reserved for futuer use 5 - SSL CA 6 - S/MIME CA 7 - Object Signing CA Other to finish 0 - SSL Client 1 - SSL Server 2 - S/MIME 3 - Object Signing 4 - Reserved for futuer use 5 - SSL CA 6 - S/MIME CA 7 - Object Signing CA Other to finish 0 - SSL Client 1 - SSL Server 2 - S/MIME 3 - Object Signing 4 - Reserved for futuer use 5 - SSL CA 6 - S/MIME CA 7 - Object Signing CA Other to finish 0 - SSL Client 1 - SSL Server 2 - S/MIME 3 - Object Signing 4 - Reserved for futuer use 5 - SSL CA 6 - S/MIME CA 7 - Object Signing CA Other to finish Is this a critical extension [y/n]? cert.sh: Exporting Root Cert -------------------------- certutil -L -n TestCA -r -d . -o root.cert cert.sh: Creating Client CA Issued Certificates =============== cert.sh: Initializing TestUser's Cert DB -------------------------- certutil -N -d . -f ../tests.pw.182422 cert.sh: Import Root CA for TestUser -------------------------- certutil -A -n TestCA -t TC,TC,TC -f ../tests.pw.182422 -d . -i ../CA/root.cert cert.sh: Generate Cert Request for TestUser -------------------------- certutil -s "CN=TestUser, E=TestUser@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" -R -d . -f ../tests.pw.182422 -z ../tests_noise.182422 -o req Generating key. This may take a few moments... cert.sh: Sign TestUser's Request -------------------------- certutil -C -c TestCA -m 6 -v 60 -d ../CA -i req -o TestUser.cert -f ../tests.pw.182422 cert.sh: Import TestUser's Cert -------------------------- certutil -A -n TestUser -t u,u,u -d . -f ../tests.pw.182422 -i TestUser.cert cert.sh: Creating Server CA Issued Certificate for \ foo3.red.iplanet.com ------------------------------------ cert.sh: Creating foo3.red.iplanet.com's Server Cert -------------------------- certutil -s "CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US" -S -n foo3.red.iplanet.com -c TestCA -t Pu,Pu,Pu -d . -f ../tests.pw.182422 -z ../tests_noise.182422 -v 60 Generating key. This may take a few moments... cert.sh: Creating Client CA Issued Certificates ============== cert.sh: Initializing Alice's Cert DB -------------------------- certutil -N -d . -f ../tests.pw.182422 cert.sh: Import Root CA for Alice -------------------------- certutil -A -n TestCA -t TC,TC,TC -f ../tests.pw.182422 -d . -i ../CA/root.cert cert.sh: Generate Cert Request for Alice -------------------------- certutil -s "CN=Alice, E=Alice@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" -R -d . -f ../tests.pw.182422 -z ../tests_noise.182422 -o req Generating key. This may take a few moments... cert.sh: Sign Alice's Request -------------------------- certutil -C -c TestCA -m 3 -v 60 -d ../CA -i req -o Alice.cert -f ../tests.pw.182422 cert.sh: Import Alice's Cert -------------------------- certutil -A -n Alice -t u,u,u -d . -f ../tests.pw.182422 -i Alice.cert cert.sh: Initializing Bob's Cert DB -------------------------- certutil -N -d . -f ../tests.pw.182422 cert.sh: Import Root CA for Bob -------------------------- certutil -A -n TestCA -t TC,TC,TC -f ../tests.pw.182422 -d . -i ../CA/root.cert cert.sh: Generate Cert Request for Bob -------------------------- certutil -s "CN=Bob, E=Bob@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" -R -d . -f ../tests.pw.182422 -z ../tests_noise.182422 -o req Generating key. This may take a few moments... cert.sh: Sign Bob's Request -------------------------- certutil -C -c TestCA -m 4 -v 60 -d ../CA -i req -o Bob.cert -f ../tests.pw.182422 cert.sh: Import Bob's Cert -------------------------- certutil -A -n Bob -t u,u,u -d . -f ../tests.pw.182422 -i Bob.cert cert.sh: Creating Dave's Certificate ------------------------- cert.sh: Creating Dave's Server Cert -------------------------- certutil -s "CN=Dave, E=Dave@bogus.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US" -S -n Dave -c TestCA -t u,u,u -m 5 -d . -f ../tests.pw.182422 -z ../tests_noise.182422 -v 60 Generating key. This may take a few moments... cert.sh: Export Dave's Cert -------------------------- certutil -L -n Dave -r -d . -o Dave.cert cert.sh: Importing Certificates ============================== cert.sh: Import Alices's cert into Bob's db -------------------------- certutil -E -t u,u,u -d ../bobdir -f ../tests.pw.182422 -i ../alicedir/Alice.cert cert.sh: Import Bob's cert into Alice's db -------------------------- certutil -E -t u,u,u -d ../alicedir -f ../tests.pw.182422 -i ../bobdir/Bob.cert cert.sh: Import Dave's cert into Alice's DB -------------------------- certutil -E -t u,u,u -d ../alicedir -f ../tests.pw.182422 -i ../dave/Dave.cert cert.sh: Import Dave's cert into Bob's DB -------------------------- certutil -E -t u,u,u -d ../bobdir -f ../tests.pw.182422 -i ../dave/Dave.cert ssl.sh: SSL tests =============================== ssl.sh: SSL Cipher Coverage =============================== selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -c ABCDEFabcdefghijklm -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:31 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt ssl.sh: running SSL2 RC4 128 WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c A -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL2 RC4 128 EXPORT40 WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c B \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4-Export, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL2 RC2 128 CBC WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c C \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC2-CBC, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL2 RC2 128 CBC EXPORT40 WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c D -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC2-CBC-Export, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL2 DES 64 CBC WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c E \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL2 DES 192 EDE3 CBC WITH MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c F -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-EDE3-CBC, 168 secret key bits, 168 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA WITH RC4 128 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c c -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA WITH 3DES EDE CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c d -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher 3DES-EDE-CBC, 168 secret key bits, 168 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA WITH DES CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c e -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA EXPORT WITH RC4 40 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c f -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4-40, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA EXPORT WITH RC2 CBC 40 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c g -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC2-CBC-40, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA FIPS WITH 3DES EDE CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c j -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher 3DES-EDE-CBC, 168 secret key bits, 168 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA FIPS WITH DES CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c k -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA EXPORT WITH DES CBC SHA (new) ---------------------------- tstclnt -p 8443 -h foo3 -c l -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA EXPORT WITH RC4 56 SHA (new) ---------------------------- tstclnt -p 8443 -h foo3 -c m -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4-56, 56 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA WITH RC4 128 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c c \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA WITH 3DES EDE CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c d \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher 3DES-EDE-CBC, 168 secret key bits, 168 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA WITH DES CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c e \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA EXPORT WITH RC4 40 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c f \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4-40, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA EXPORT WITH RC2 CBC 40 MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c g \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC2-CBC-40, 40 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA FIPS WITH 3DES EDE CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c j \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher 3DES-EDE-CBC, 168 secret key bits, 168 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA FIPS WITH DES CBC SHA ---------------------------- tstclnt -p 8443 -h foo3 -c k \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA EXPORT WITH DES CBC SHA (new) ---------------------------- tstclnt -p 8443 -h foo3 -c l \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher DES-CBC, 56 secret key bits, 56 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA EXPORT WITH RC4 56 SHA (new) ---------------------------- tstclnt -p 8443 -h foo3 -c m \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4-56, 56 secret key bits, 128 key bits, status: 2 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running TLS RSA WITH NULL MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c i \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher NULL, 0 secret key bits, 0 key bits, status: 0 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: running SSL3 RSA WITH NULL MD5 ---------------------------- tstclnt -p 8443 -h foo3 -c i -T \ -f -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher NULL, 0 secret key bits, 0 key bits, status: 0 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF kill_selfserv[99]: 182117 Terminated ssl.sh: SSL Client Authentication =============================== ssl.sh: TLS Request don't require client auth (client does not provide auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:44 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: TLS Request don't require client auth (client does not provide auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: TLS Request don't require client auth (bad password) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:46 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w bogus -n TestUser \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: TLS Request don't require client auth (bad password) produced a returncode of 0, expected is 0 PASSED ssl.sh: TLS Request don't require client auth (client auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:48 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w nss -n TestUser \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: TLS Request don't require client auth (client auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: TLS Require client auth (client does not provide auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:51 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: TLS Require client auth (client does not provide auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: TLS Require client auth (bad password) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:53 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w bogus -n TestUser \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: HDX PR_Read returned error -12285: Unable to find the certificate or key necessary for authentication. tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate. ssl.sh: TLS Require client auth (bad password) produced a returncode of 254, expected is 254 PASSED ssl.sh: TLS Require client auth (client auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:54 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -w nss -n TestUser \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: TLS Require client auth (client auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL3 Request don't require client auth (client does not provide auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:57 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: SSL3 Request don't require client auth (client does not provide auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL3 Request don't require client auth (bad password) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:56:59 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -n TestUser -w bogus \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: SSL3 Request don't require client auth (bad password) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL3 Request don't require client auth (client auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:01 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -n TestUser -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: SSL3 Request don't require client auth (client auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL3 Require client auth (client does not provide auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:03 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: SSL3 Require client auth (client does not provide auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL3 Require client auth (bad password) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:06 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -n TestUser -w bogus \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: HDX PR_Read returned error -12285: Unable to find the certificate or key necessary for authentication. tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate. ssl.sh: SSL3 Require client auth (bad password) produced a returncode of 254, expected is 254 PASSED ssl.sh: SSL3 Require client auth (client auth) ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -r -r -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:07 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h foo3 -f -d . -T -n TestUser -w nss \ < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: -- SSL3: Certificate Validated. bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 subject DN: CN=foo3.red.iplanet.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US issuer DN: CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US 0 cache hits; 0 cache misses, 0 cache not reusable HTTP/1.0 200 OK Server: Generic Web Server Date: Tue, 26 Aug 1997 22:10:05 GMT Content-type: text/plain Discarded 1 characters. GET / HTTP/1.0 EOF ssl.sh: SSL3 Require client auth (client auth) produced a returncode of 0, expected is 0 PASSED ssl.sh: SSL Stress Test =============================== ssl.sh: Stress SSL2 RC4 128 with MD5 ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:10 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt strsclnt -p 8443 -d . -w nss -c 1000 -C A \ foo3.red.iplanet.com strsclnt started at Fri Jun 01 18:57:11 PDT 2001 strsclnt: -- SSL: Server Certificate Validated. strsclnt: 1 server certificates tested. strsclnt completed at Fri Jun 01 18:57:28 PDT 2001 kill_selfserv[99]: 182807 Terminated ssl.sh: Stress SSL3 RC4 128 with MD5 ---- selfserv -p 8443 -d ../server -n foo3.red.iplanet.com \ -w nss -i ../tests_pid.182422 & selfserv started at Fri Jun 01 18:57:28 PDT 2001 tstclnt -p 8443 -h foo3 -q -d . < /tinderbox5.0/components/nss/3.2.1/mozilla/security/nss/tests/ssl/sslreq.txt strsclnt -p 8443 -d . -w nss -c 1000 -C c \ foo3.red.iplanet.com strsclnt started at Fri Jun 01 18:57:29 PDT 2001 strsclnt: -- SSL: Server Certificate Validated. strsclnt: 999 cache hits; 1 cache misses, 0 cache not reusable strsclnt completed at Fri Jun 01 18:58:02 PDT 2001 kill_selfserv[99]: 182878 Terminated sdr.sh: SDR Tests =============================== sdr.sh: Creating an SDR key/Encrypt sdrtest -d . -o /tinderbox5.0/components/nss/3.2.1/mozilla/tests_results/security/foo3.2/tests.v1.182422 -t Test1 sdr.sh: SDR Encrypt - Second Value sdrtest -d . -o /tinderbox5.0/components/nss/3.2.1/mozilla/tests_results/security/foo3.2/tests.v2.182422 -t 'The quick brown fox jumped over the lazy dog' sdr.sh: Decrypt - Value 1 sdrtest -d . -i /tinderbox5.0/components/nss/3.2.1/mozilla/tests_results/security/foo3.2/tests.v1.182422 -t Test1 sdr.sh: Decrypt - Value 2 sdrtest -d . -i /tinderbox5.0/components/nss/3.2.1/mozilla/tests_results/security/foo3.2/tests.v2.182422 -t The quick brown fox jumped over the lazy dog cipher.sh: Cipher Tests =============================== cipher.sh: DES ECB Encrypt -------------------------------- bltest -T -m des_ecb -E -d . Encryption self-test for des_ecb passed. cipher.sh: DES ECB Decrypt -------------------------------- bltest -T -m des_ecb -D -d . Decryption self-test for des_ecb passed. cipher.sh: DES CBC Encrypt -------------------------------- bltest -T -m des_cbc -E -d . Encryption self-test for des_cbc passed. cipher.sh: DES CBC Decrypt -------------------------------- bltest -T -m des_cbc -D -d . Decryption self-test for des_cbc passed. cipher.sh: DES3 ECB Encrypt -------------------------------- bltest -T -m des3_ecb -E -d . Encryption self-test for des3_ecb passed. cipher.sh: DES3 ECB Decrypt -------------------------------- bltest -T -m des3_ecb -D -d . Decryption self-test for des3_ecb passed. cipher.sh: DES3 CBC Encrypt -------------------------------- bltest -T -m des3_cbc -E -d . Encryption self-test for des3_cbc passed. cipher.sh: DES3 CBC Decrypt -------------------------------- bltest -T -m des3_cbc -D -d . Decryption self-test for des3_cbc passed. cipher.sh: RC2 ECB Encrypt -------------------------------- bltest -T -m rc2_ecb -E -d . Encryption self-test for rc2_ecb passed. cipher.sh: RC2 ECB Decrypt -------------------------------- bltest -T -m rc2_ecb -D -d . Decryption self-test for rc2_ecb passed. cipher.sh: RC2 CBC Encrypt -------------------------------- bltest -T -m rc2_cbc -E -d . Encryption self-test for rc2_cbc passed. cipher.sh: RC2 CBC Decrypt -------------------------------- bltest -T -m rc2_cbc -D -d . Decryption self-test for rc2_cbc passed. cipher.sh: RC4 Encrypt -------------------------------- bltest -T -m rc4 -E -d . Encryption self-test for rc4 passed. Encryption self-test for rc4 passed. cipher.sh: RC4 Decrypt -------------------------------- bltest -T -m rc4 -D -d . Decryption self-test for rc4 passed. Decryption self-test for rc4 passed. cipher.sh: RSA Encrypt -------------------------------- bltest -T -m rsa -E -d . Encryption self-test for rsa passed. cipher.sh: RSA Decrypt -------------------------------- bltest -T -m rsa -D -d . Decryption self-test for rsa passed. cipher.sh: DSA Sign -------------------------------- bltest -T -m dsa -S -d . Signature self-test for dsa passed. cipher.sh: DSA Verify -------------------------------- bltest -T -m dsa -V -d . Verification self-test for dsa passed. cipher.sh: MD2 Hash -------------------------------- bltest -T -m md2 -H -d . Hash self-test for md2 passed. cipher.sh: MD5 Hash -------------------------------- bltest -T -m md5 -H -d . Hash self-test for md5 passed. cipher.sh: SHA1 Hash -------------------------------- bltest -T -m sha1 -H -d . Hash self-test for sha1 passed. smime.sh: S/MIME Tests =============================== smime.sh: Signing Attached Message ------------------------------ cmsutil -S -N Alice -i alice.txt -d ../alicedir -p nss -o alice.sig starting program parsed command line received commands NSS has been initialized. Got default certdb Input to signed_data: password [nss] certUsage [4] certdb [10076668] nickname [Alice] Found certificate for Alice Created CMS message, added signed data w/ signerinfo imported certificate created signed-date message cmsg [1009ac68] arena [10097068] password [nss] input len [158] 44 61 74 65 3a 20 57 65 64 2c 20 32 30 20 53 65 70 20 32 30 30 30 20 30 30 3a 30 30 3a 30 31 20 2d 30 37 30 30 20 28 50 44 54 29 a 46 72 6f 6d 3a 20 61 6c 69 63 65 40 62 6f 67 75 73 2e 63 6f 6d a 53 75 62 6a 65 63 74 3a 20 6d 65 73 73 61 67 65 20 41 6c 69 63 65 20 2d 2d 3e 20 42 6f 62 a 54 6f 3a 20 62 6f 62 40 62 6f 67 75 73 2e 63 6f 6d a a 54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 6d 65 73 73 61 67 65 20 66 72 6f 6d 20 41 6c 69 63 65 20 74 6f 20 42 6f 62 2e a encoding passed wrote to file smime.sh: Create Signature Alice . PASSED cmsutil -D -i alice.sig -d ../bobdir -o alice.data1 starting program parsed command line received commands NSS has been initialized. Got default certdb smime.sh: Decode Alice's Signature . PASSED diff alice.txt alice.data1 smime.sh: Compare Decoded Signature and Original . PASSED smime.sh: Enveloped Data Tests ------------------------------ cmsutil -E -r bob@bogus.com -i alice.txt -d ../alicedir -p nss \ -o alice.env starting program parsed command line received commands NSS has been initialized. Got default certdb ERROR: cannot create CMS recipientInfo object. cmsutil: problem enveloping: Certificate extension not found. cmsg [0] arena [10097030] password [nss] smime_main[99]: 183023 Memory fault(coredump) smime.sh: Create Enveloped Data Alice . FAILED cmsutil -D -i alice.env -d ../bobdir -p nss -o alice.data1 starting program parsed command line received commands NSS has been initialized. Got default certdb cmsutil: failed to decode message. cmsutil: problem decoding: security library: improperly formatted DER-encoded message. smime.sh: Decode Enveloped Data Alice . FAILED diff alice.txt alice.data1 1,6d0 < Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT) < From: alice@bogus.com < Subject: message Alice --> Bob < To: bob@bogus.com < < This is a test message from Alice to Bob. smime.sh: Compare Decoded Enveloped Data and Original . FAILED smime.sh: Sending CERTS-ONLY Message ------------------------------ cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" \ -d ../alicedir > co.der starting program parsed command line received commands NSS has been initialized. Got default certdb cmsg [10099a70] arena [10096f88] password [NULL] input len [0] encoding passed wrote to file smime.sh: Create Certs-Only Alice . PASSED cmsutil -D -i co.der -d ../bobdir starting program parsed command line received commands NSS has been initialized. Got default certdb smime.sh: Verify Certs-Only by CA . PASSED smime.sh: Encrypted-Data Message --------------------------------- cmsutil -C -i alice.txt -e alicehello.env -d ../alicedir \ -r "bob@bogus.com" > alice.enc starting program parsed command line received commands NSS has been initialized. Got default certdb ERROR: cannot create CMS recipientInfo object. cmsutil: could not retrieve enveloped data.ERROR: cannot create CMS encryptedData object. cmsutil: problem encrypting: security library: invalid arguments. smime.sh: Create Encrypted-Data . FAILED cmsutil -D -i alice.enc -d ../bobdir -e alicehello.env -p nss \ -o alice.data2 starting program parsed command line received commands NSS has been initialized. Got default certdb cmsutil: failed to decode message. smime_main[99]: 183022 Memory fault(coredump) smime.sh: Decode Encrypted-Data . FAILED 1,6d0 < Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT) < From: alice@bogus.com < Subject: message Alice --> Bob < To: bob@bogus.com < < This is a test message from Alice to Bob. smime.sh: Compare Decoded and Original Data . FAILED RSAPERF: IRIX6.5_n32_PTH_DBG.OBJ 300 iterations in 18.430 s one operation every 61436 us tools.sh: Tools Tests =============================== tools.sh: Exporting Alice's email cert & key------------------ pk12util -o Alice.p12 -n "Alice" -d ../alicedir -k ../tests.pw.182422 \ -w ../tests.pw.182422 pk12util: PKCS12 EXPORT SUCCESSFUL tools.sh: Importing Alice's email cert & key ----------------- pk12util -i Alice.p12 -d ../tools/copydir -k ../tests.pw.182422 -w ../tests.pw.182422 tools.sh: Create objsign cert ------------------------------- signtool -G "objectsigner" -d ../alicedir -p "nss" using certificate directory: ../alicedir WARNING: Performing this operation while the browser is running could cause corruption of your security databases. If the browser is currently running, you should exit the browser before continuing this operation. Enter "y" to continue, or anything else to abort: Enter certificate information. All fields are optional. Acceptable characters are numbers, letters, spaces, and apostrophes. certificate common name: organization: organization unit: state or province: country (must be exactly 2 characters): username: email address: generated public/private key pair certificate request generated certificate has been signed certificate "objsigner" added to database Exported certificate to x509.raw and x509.cacert. tools.sh: Signing a set of files ---------------------------- signtool -Z nojs.jar -d ../alicedir -p "nss" -k objsigner \ ../tools/html using certificate directory: ../alicedir Generating ../tools/html/META-INF/manifest.mf file.. --> signjs.html adding ../tools/html/signjs.html to nojs.jar...(deflated 20%) --> sign.html adding ../tools/html/sign.html to nojs.jar...(deflated 9%) Generating zigbert.sf file.. adding ../tools/html/META-INF/manifest.mf to nojs.jar...(deflated 30%) adding ../tools/html/META-INF/zigbert.sf to nojs.jar...(deflated 36%) adding ../tools/html/META-INF/zigbert.rsa to nojs.jar...(deflated 32%) tree "../tools/html" signed successfully tools.sh: Listing signed files in jar ---------------------- signtool -w nojs.jar -d ../alicedir using certificate directory: ../alicedir Signer information: nickname: objsigner subject name: CN=TEST, O=MOZ, OU=NSS, ST=NY, C=US, UID=liz, E=liz@moz.org issuer name: CN=TEST, O=MOZ, OU=NSS, ST=NY, C=US, UID=liz, E=liz@moz.org tools.sh: Show who signed jar ------------------------------ signtool -w nojs.jar -d ../alicedir using certificate directory: ../alicedir Signer information: nickname: objsigner subject name: CN=TEST, O=MOZ, OU=NSS, ST=NY, C=US, UID=liz, E=liz@moz.org issuer name: CN=TEST, O=MOZ, OU=NSS, ST=NY, C=US, UID=liz, E=liz@moz.org
Reporter | ||
Comment 1•23 years ago
|
||
Added CC
Comment 2•23 years ago
|
||
Matthew, you reported this bug to show up on all platforms, all OS, but I have a feeling that is shows up on Irix only - would you please change the "Platform" and "OS" field to the appropriate value, or, if you tried on different systems note which ones in the bugcomments? I reassign the bug to Wan-Teh, because of our new bug guidlines, and add Ian to the CC list, who is most knowledgeable about cmsutil. Also, all of us are very busy with the early 3.3 release. I looked at the problem and the patch, it looks plausible to me, I am just wondering, why accessing an uninitialized pointer does not cause more troubles on other platforms as well.
Assignee: sonmi → wtc
Component: Test → Tools
Comment 3•23 years ago
|
||
Assigned the bug to Kirk.
Assignee: wtc → kirke
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P2
Hardware: All → SGI
Target Milestone: --- → 3.2.2
Comment 4•23 years ago
|
||
Matthew: do you dump core in cmsutil on the debug build every time or intermittently? Is this how you built NSS 3.2.1? % cvs co -r NSS_3_2_1_RTM mozilla/security/coreconf mozilla/security/nss % setenv USE_N32 1 % setenv USE_PTHREADS 1 % cd mozilla/security/coreconf % gmake % cd ../nss % gmake import % gmake The last five steps can be replaced by: % cd mozilla/security/nss % gmake nss_RelEng_bld Kirk: Have you reproduced the core dump in cmsutil? I haven't been able to do that. You can use foo3 or interzone.
OS: All → IRIX
Assignee | ||
Comment 5•23 years ago
|
||
> Kirk: Have you reproduced the core dump in cmsutil? I haven't
> been able to do that. You can use foo3 or interzone.
No. I believe there was evidence in the log that something failed
prior to the cmsutil run. Its not right to ever core dump, but I
think a failure prior to the segv sets IRIX apart.
Comment 6•23 years ago
|
||
Matthew: I ran our QA test 12 times on the debug build. All tests passed. Could you rebuild NSS 3.2.1 and try again?
Comment 7•23 years ago
|
||
Matthew and I spent some time looking at this bug. We found that the smime tests only dump core if we compile NSS with IRIX C compiler 7.3. The smime tests pass if we compile NSS with IRIX C compiler 7.1 or gcc 2.95.2. I was using IRIX C compiler 7.1, which is why I could not reproduce the core dump. Matthew finally tracked down cause of the core dump: the local variable 'rv' in NSS_CMSRecipientInfo_Create() is used uninitialized. I asked Matthew to open a separate bug for that (bug #86981). Applying the fix for that bug enables all NSS tests to pass when NSS is compiled with IRIX C compiler 7.3. Still, cmsutil should not dump core when something goes wrong, so we should still fix this bug. There were two coredumps in Matthew's test log. He and I looked at both of them and know *where* we need to fix. I'll need Ian's or Christian's help to decide *how* to fix them. In any case, now that we know what caused the coredumps the severity of this bug is lowered and it only needs to be fixed in NSS 3.4.
Severity: major → normal
Target Milestone: 3.2.2 → 3.4
Assignee | ||
Comment 8•22 years ago
|
||
I believe cmsutil became more robust between 3.2.1 and 3.4. options.certHandle is checked in main(), where the field is set, ensuring cmsutil will not proceed and use it.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•