On 18.01.2011 12:29, Bernhard Thalmayr wrote: > I meant it might be a bug in Agent code to call 'NSS_NoDBInit' ... > however this code has been there for some years already.
One explanation I can think of is that it would only break with more recent versions of NSS, due to stricter application behavior being enforced? (https://bugzilla.mozilla.org/show_bug.cgi?id=331096 comes to mind, e.g. - but that's just a [very] wild guess). I'll defer to the real experts (Bob, Nelson, Wan-Teh) for authoritative answers on this, however. > I'm not 100% sure but it seems the error does only occur on SSL restarts > .. not on full handshakes. Perhaps it can do full handshakes even if it has been init'ed with NSS_NoDBInit, but no session resumptions? (Again, just guessing.) What you could also try is creating an empty DB (certutil -N -d somedir) and configure that for the agent. Would be interesting to see if it makes a difference. Kaspar -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
