Nelson, I am absolutely not saying that the problem is in NSS. I posted the first problem to opensc's maillist when I did it here for the first time. I was actually suspecting that problems could exist in opensc's pkcs11 module because before the latest version (0.7.0), I had, for example, problems when having Mozillas master password set to "only first time needed". Desafortunately, I haven't got any answer from the opensc guys.
You know my first post was about problems getting right cert when inserting/removing smart cards (issue 1). The second one was calling PK11_ListCerts, signing and calling again (issue 2). Ok, I will concentrate in this last issue. I downloaded and built Mozilla 1.0 from source. Actually I did not need to debug anything as issue 2 is not an issue in 1.0. I get no problems. It is working well. Then I got nightly source (Mozilla 1.3a - Mozilla/5.0 (X11; U; >> Linux i686; en-US; rv:1.3a) Gecko/20021119) and built as well. The goal was to debug and provide you with stack trace. I have tried and tried but I can't get it work. My first idea was to set a breakpoint like " b _dl_open" to see when either nss3 or my plug-in was loaded. Knowing that nss is loaded (info shar), I could then do " b PK11_ListCerts" and after that step to see where the crash happens. But I get problems with a simpler thing like: $ gdb ./mozilla -g (gdb) b main Breakpoint 1 at 0x805f734: file nsAppRunner.cpp, line 1796. (gdb) r Starting program: /home/rago/software/mozilla/dist/bin/./mozilla-bin [New Thread 1024 (LWP 26816)] [Switching to Thread 1024 (LWP 26816)] Breakpoint 1, main (argc=1, argv=0xbffff2b4) at nsAppRunner.cpp:1796 1796 InstallUnixSignalHandlers(argv[0]); Current language: auto; currently c++ (gdb) c as I get: --------- Continuing. Assertion failure: 0.5 <= maxAlpha && maxAlpha < 1 && 0 <= minAlpha, at pldhash.c:227 Program received signal SIGABRT, Aborted. 0x406b2861 in kill () from /lib/libc.so.6 I don't know what's going on. I tried to mask the assertion via gdb handle SIGABRT (not passing to program and not stopping), but finally after one more assertion warning, I got a segmentation fault. Hmm, so far, the only thing that it is a bit clear for me is that Mozilla 1.0 is working better with opensc-0.7.0 than Mozilla 1.3.a (also than 11b, the only ones I tried). I am very interested in finding where the problem is. I would like to provide you with a good stack trace, but I need some help/hints about how to avoid the problem above with gdb. Best regards, /R Nelson B. Bolyard wrote: > raffe wrote: > >> I have tried with latest nightly [Mozilla 1.3a - Mozilla/5.0 (X11; U; >> Linux i686; en-US; rv:1.3a) Gecko/20021119]. >> >> Sorry, but even worse! I call PK11_ListCerts, I sign with a cert in smart >> card, I call PK11_ListCerts again and I get a crash ! This is worse than >> what made me write to you guys (removing/re-inserting cards). >> >> I can call PK11_ListCerts so many times I want without problems if I do >> not sign anything. Both soft & hard certs are correctly got. But, as soon >> as I sign with one of the certs (no matter if soft or hard), then, next >> time I call PK11_ListCerts, I get a big crash. >> >> Another annoying thing is that the first time Mozilla crashed, my soft >> certs dissappeard from the database. > > Right. But we don't yet know whether the crashes are occurring in NSS or > in the OpenSC module. Until we have at least a stack trace of the crash, > I wouldn't assume the problem is in NSS. > > If the problem is worse in newer builds, that only means the code is > tickling the bug sooner, but still doesn't tell us whether it's in NSS or > the PKCS11 module. > > -- > Nelson Bolyard > Disclaimer: I speak for myself, not for Netscape
