Closed
Bug 340917
Opened 18 years ago
Closed 18 years ago
crlutil should init NSS read-only for some options
Categories
(NSS :: Tools, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: julien.pierre, Assigned: julien.pierre)
Details
Attachments
(1 file)
1.96 KB,
patch
|
alvolkov.bgs
:
review+
|
Details | Diff | Splinter Review |
Some options, such as list, only require read-only access. But crlutil always opens NSS read/write. I think the list, generate, and modify CRL options only need read-only. Alexei, can you confirm this about the last two options ? I believe the CRLs are output to DER files outside the NSS DBs, so write access is not required.
Assignee | ||
Comment 1•18 years ago
|
||
Looks like read-only only worked for the list option.
Assignee: nobody → julien.pierre.bugs
Status: NEW → ASSIGNED
Attachment #224961 -
Flags: review?(alexei.volkov.bugs)
Comment 2•18 years ago
|
||
The patch will work for list option, but generation/modification of crl will fail if only modification from attachment 224961 [details] [diff] [review] are applied. crlutil.c:SignAndStoreCrl also needs to be changed to look for a "slot" only in case when crl will be imported into a db.
Comment 3•18 years ago
|
||
Comment on attachment 224961 [details] [diff] [review] only initialize NSS read-only for List, Generate and Modify commands will work for "list crl(s)" option only
Attachment #224961 -
Flags: review?(alexei.volkov.bugs) → review+
Assignee | ||
Comment 4•18 years ago
|
||
Thanks for the review, Alexei. I checked this in to the tip : Checking in crlutil.c; /cvsroot/mozilla/security/nss/cmd/crlutil/crlutil.c,v <-- crlutil.c new revision: 1.28; previous revision: 1.27 done
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.12
Version: unspecified → 3.11.1
You need to log in
before you can comment on or make changes to this bug.
Description
•