Closed Bug 82264 Opened 23 years ago Closed 23 years ago

Certificate Manager fails to show all CA's

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: ssaux, Assigned: bugz)

Details

Attachments

(1 file)

patch to fix
1.82 KB, patch
Details | Diff | Splinter Review 
Many CA are missing from the display.
blizzard is going to hate me...

this is due to a set of poorly named functions for checking cert trust.  In the
function getCertType(), at

http://lxr.mozilla.org/mozilla/source/security/manager/ssl/src/nsNSSCertificate.cpp#2851

the functions HasUser() and HasPeer() are used to find out if a cert has either
user or peer trust.  However, due to the way I wrote the function signatures,
calling them without any arguments means: "If the cert does not have this trust
for any type (SSL, email, object signing), return FALSE."  However, here I want
to know if it *does* have that trust for any type.  In ever other place I use
the related trust functions, I meant the quoted definition, here I mean the
latter definition.  *sigh*  I managed to confuse myself.

I propose adding two functions, HasAnyUser() and HasAnyPeer(), which will do the
second definition.  I will attach a patch pronto.

Thanks for finding this ssaux.  I never noticed it because all of the certs I
was using had the same trust across the board (that is the default for roots
now).  Your AOL CA cert is only CA-trusted for Email, which is why this happened.
Attached patch patch to fixSplinter Review 

    
    

    
  
r=javi

    
    

    
  
sr=blizzard

tee hee!

    
    

    
  
Marking NEW.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: patch, 
          
            review

    
    

    
  
ksosez: this bug should be fixed as of 5/23 builds.  if you are seeing a 
problem, can you describe?

    
    

    
  
Using linux moz BuildId 2001052310 I still can't see
the Thawte America Online Inc CA cert.

    
    

    
  
My checkin was late that night...

I created a cert very much like your cert, same trust, etc.  It shows up in my
linux 2001052321 build, which would have been later.  It doesn't show up in my
build from the previous day, so I really have my fingers crossed that the bug is
fixed now.  Can you try again with a build from today?

    
    

    
  
Using Build ID 2001052406 I see the Intranet Certificate Authority CA.  However,
the display for the Certificate Manager "Authorities" pane has changed
significantly.  All the authorities in my cert db show up under a unique little
triangle widget, labelled "Unknown Issuer". Is this what's expected?


    
    

    
  
Actually, this was the behavior when mozilla was launched from the
mozilla-installer. When it's launched normally it's ok. So I've verified that
it's ok.  I don't think I'm authorized to changed the status to VERIFIED.

    
    

    
  
marking fixed
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
Is there an updated list of CA's somewhere so that I can verify this bug?

    
    

    
  
Verified.
Status: RESOLVED → VERIFIED

    
  
Product: PSM → Core

    
  
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: