The main concern now is with the logic in nsNSSBadCertHandler, namely the hitting of the following assertion:
NS_NOTREACHED("why did NSS call our bad cert handler if all looks good? Let's cancel the connection");
and the fact that nsHandleSSLError and cancel_and_failure() are not called before returning SECFailure. Kai and I are discussing it on IRC.
The main concern now is with the logic in nsNSSBadCertHan dler, namely the hitting of the following assertion:
NS_NOTREACHED("why did NSS call our bad cert handler if all looks good? Let's cancel the connection");
and the fact that nsHandleSSLError and cancel_ and_failure( ) are not called before returning SECFailure. Kai and I are discussing it on IRC.