On Thu, Jan 13, 2011 at 2:53 AM, Bernhard Thalmayr
wrote:
>
> It might be helpfull if SSLTRACE and PKCS#11 could log a timestamp to help
> in correlation.
You can add 'timestamp' to the NSPR_LOG_MODULES environment variable. See
http://www.mozilla.org/projects/nspr/reference/html/prlog.html#2530
On Wed, Jan 12, 2011 at 2:38 PM, Robert Relyea wrote:
> On 01/12/2011 01:26 PM, Bernhard Thalmayr wrote:
>> 331569088[1bd1610]: C_UnwrapKey
>> 331569088[1bd1610]: hSession = 0x6
>> 331569088[1bd1610]: pMechanism = 0x7fffcd592ea0
>> 331569088[1bd1610]: hUnwrappingKey = 0x8
>> 331569088[1bd161
On 01/13/2011 10:46 AM, Bernhard Thalmayr wrote:
> Hi again,
>
> today I a built a debug version of NSS 3.12.8 (as I haven't found
> 3.12.9 yet)
I wouldn't expect 3.12.9 to fix the problem, as you seem to be running
into a unique issue.
>
> The issue is still there, but occours much later then with
Hi again,
today I a built a debug version of NSS 3.12.8 (as I haven't found 3.12.9
yet)
The issue is still there, but occours much later then with 3.12.5.
Server (with lib using NSS) ran about 1.5 hours before the issue
occoured. During this time 911 SSL connections have been done. The last
> If your module locks the DB while in R/W
> mode, that would explain it. Even that is bad, but it's not as bad a
> user experience when you have the friendly flag set.
NSS will access opensc driver following pkcs11.txt configuration which is the
same for Chromium, Firefox and the certutil tool
On 2011-01-13 03:58 PDT, Irune Prado Alberdi wrote:
> I've tried the same test with Chromium and it worked correctly as
> Wan-Teh said. The database does not get locked.
[snip]
> I had to activate the FRIENDLY flag in order Chrome to correctly obtain
> the smartcard's certificate. I'm new to Chr
Hiya,
I've tried the same test with Chromium and it worked correctly as Wan-Teh said.
The database does not get locked.
My Firefox profile NSS files are soft links to the shared ones, as explained in
the NSS Shared Howto document
https://wiki.mozilla.org/NSS_Shared_DB_Howto
Could it be a matte
Thanks a lot for the detailed explanation Robert - much appreciated.
Please see my comments in line, some stuff deleted for brevity.
On 01/12/2011 11:38 PM, Robert Relyea wrote:
--- snip ---
331569088[1bd1610]: C_UnwrapKey 331569088[1bd1610]: hSession =
0x6 331569088[1bd1610]: pMechanism =
It's a fact that the 'izenpe' token is the one that's causing Firefox to lock
the NSS files.
It is a pkcs#11 module based on opensc drivers.
I've tested shareable NSS with a JSS-based program, watching the opensc logs,
and the pkcs#11 module gets the smartcard locked and unlocked atomically for
9 matches
Mail list logo