You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Install ncp11 to Firefox via the Firefox GUI or via NSS DB's pkcs11.txt.
Restart Firefox.
Visit an HTTPS website.
Expected results
Website should load.
Observed results
SEC_ERROR_LIBRARY_FAILURE
Other notes
This is with Firefox 60.6.3 (Debian Buster package).
Happens with both the 35C3 workshop ncp11 binary and the current rbm-compiled ncp11 binary.
Installing ncp11 via replacing libnssckbi.so (the Mozilla one, not the p11-kit one) does not trigger this behavior.
I don't know if anything similar occurs when ncp11 is installed via p11-kit's module list.
I don't know if anything similar occurs when ncp11 is installed via replacing the p11-kit variant of libnssckbi.so.
I don't know if anything similar occurs when ncp11 is installed via a WebExtension.
I don't know if anything similar occurs when using Chromium (in GNU/Linux) instead of Firefox.
I don't know if this is an ncp11 bug in pkcs11 compliance, a Mozilla bug in pkcs11 compliance, or a quirk in Mozilla's vendor extensions to pkcs11 that ncp11 isn't properly following.
At this time I don't think this is blocking any NLnet milestones (ncp11 is mainly intended to target the Tor Browser NLnet milestone, and that milestone doesn't use the affected installation method), so it's lower priority to fix. But we still should look into it.
The text was updated successfully, but these errors were encountered:
Steps to reproduce
pkcs11.txt.Expected results
Website should load.
Observed results
SEC_ERROR_LIBRARY_FAILUREOther notes
libnssckbi.so(the Mozilla one, not the p11-kit one) does not trigger this behavior.libnssckbi.so.The text was updated successfully, but these errors were encountered: