On 02/03/16, Rob Crittenden wrote:
> Oliver Graute wrote:
> >>
> >> Just an educated guess but looks like it is failing in a call to
> >> ssl3_GetSessionTicketKeysPKCS11() which calls:
> >>
> >> if (PR_CallOnceWithArg(&generate_session_keys_once,
> >> ssl3_GenerateSessionTicketKeysPKCS11, ss) != PR_SUCCESS)
> >> return SECFailure;
> >>
> >> Unfortunately the symbols are still missing from your build so its hard
> >> to know why.
> >
> > Hello,
> >
> > after I disabled the stripping in my Yocto Environment I got finaly some
> > debug symbols in my gdb on the target.
> >
> > according to the gdb output (see below) the SegFault is located in:
> >
> > nss/lib/ssl/ssl3ext.c:166
> >
> > static PRStatus
> > ssl3_GenerateSessionTicketKeysPKCS11(void *data)
> > {
> > SECStatus rv;
> > sslSocket *ss = (sslSocket *)data;
> > SECKEYPrivateKey *svrPrivKey = ss->serverCerts[kt_rsa].SERVERKEY;
> > SECKEYPublicKey *svrPubKey =
> > ss->serverCerts[kt_rsa].serverKeyPair->pubKey;
> >
> >
> > it looks for me that the access to the array goes wrong here (kt_rsa)
> > I wonder why he tries to access a rsa cert here, instead of some ECC certs.
> >
> > Should I file a bug for this? if yes where is the right place?
> >
> > Probably a fix for me is to replace kt_rsa with kt_ecdh here. I'll try
> > it tomorrow.
>
> Yes, I'd suggest you file a bug on it. The NSS bug tracker is at
> https://bugzilla.mozilla.org/
I filed a bug for this issue here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1253175
Best regards,
Oliver
_______________________________________________
Mod_nss-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/mod_nss-list
