Closed
Bug 1137179
Opened 10 years ago
Closed 10 years ago
Add wildcard list to the static fallback list
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
FIXED
mozilla39
People
(Reporter: emk, Assigned: emk)
References
Details
Attachments
(2 files, 1 obsolete file)
24.98 KB,
patch
|
emk
:
review+
lsblakk
:
approval-mozilla-aurora+
lsblakk
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
24.98 KB,
patch
|
Details | Diff | Splinter Review |
This patch also contains a fallback list update because it is very likely to conflict with this. I also removed bookstore.cleary.edu and buy.liker.com.tw because they consistently fail with NS_ERROR_UNKNOWN_HOST for me (please double check).
Assignee | ||
Comment 1•10 years ago
|
||
Oops, forgot to attach the patch.
Attachment #8569846 -
Flags: review?(dkeeler)
Comment 2•10 years ago
|
||
Comment on attachment 8569846 [details] [diff] [review] patch Review of attachment 8569846 [details] [diff] [review]: ----------------------------------------------------------------- Looks good to me with comments addressed. (In reply to Masatoshi Kimura [:emk] from comment #0) > I also removed bookstore.cleary.edu and buy.liker.com.tw because they > consistently fail with NS_ERROR_UNKNOWN_HOST for me (please double check). I can't resolve those hosts either. ::: security/manager/ssl/src/IntolerantFallbackList.inc @@ -16,5 @@ > "actiononline.stpete.org", > "actu.reunion.fr", > "ad401k.sbisec.co.jp", > "adman.you.gr", > - "adsearch.kuronekoyamato.co.jp", // bug 1128366 Should this bug be resolved worksforme or something now? @@ -86,5 @@ > "click2gov.alpharetta.ga.us", > "click2gov.sanangelotexas.us", > "clientes.chilectra.cl", > "club.guosen.com.cn", > - "cmypage.kuronekoyamato.co.jp", // bug 1112110 Same @@ +290,5 @@ > "secureonline.dwp.gov.uk", > "sems.hrd.ccsd.net", > "service.autoc-one.jp", > "services.apvma.gov.au", > + "services.geotrust.com", We should definitely have a bug on this. ::: security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp @@ +586,5 @@ > NS_NAMED_LITERAL_CSTRING(fallback_test, "fallback.test"); > NS_NAMED_LITERAL_CSTRING(no_fallback_test, "no.fallback.test"); > + NS_NAMED_LITERAL_CSTRING(wildcard_test, "wildcard.test"); > + NS_NAMED_LITERAL_CSTRING(a_wildcard_test, "a.wildcard.test"); > + NS_NAMED_LITERAL_CSTRING(b_wildcard_test, "b.wildcard.test"); Let's do something longer like "long.example.wildcard.test" for this second one.
Attachment #8569846 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 3•10 years ago
|
||
(In reply to David Keeler [:keeler] (use needinfo?) from comment #2) > > I also removed bookstore.cleary.edu and buy.liker.com.tw because they > > consistently fail with NS_ERROR_UNKNOWN_HOST for me (please double check). > > I can't resolve those hosts either. Thanks you. > > - "adsearch.kuronekoyamato.co.jp", // bug 1128366 > > Should this bug be resolved worksforme or something now? It's just moved to the wildcard list. > > + "services.geotrust.com", > > We should definitely have a bug on this. Filed bug 1137677. https://treeherder.mozilla.org/#/jobs?repo=try&revision=e30008890f8f
Attachment #8569846 -
Attachment is obsolete: true
Attachment #8570767 -
Flags: review+
Assignee | ||
Comment 4•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/5801ebeeb3b6
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Flags: in-testsuite+
https://hg.mozilla.org/mozilla-central/rev/5801ebeeb3b6
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
status-firefox39:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla39
Assignee | ||
Comment 6•10 years ago
|
||
Comment on attachment 8570767 [details] [diff] [review] patch for checkin Approval Request Comment [Feature/regressing bug #]: 1124039 [User impact if declined]: Users can not connect some sites [Describe test coverage new/current, TreeHerder]: Basic gtest [Risks and why]: Low, minimal whitelist logic change only [String/UUID change made/needed]: no
Attachment #8570767 -
Flags: approval-mozilla-beta?
Attachment #8570767 -
Flags: approval-mozilla-aurora?
Comment 7•10 years ago
|
||
Comment on attachment 8570767 [details] [diff] [review] patch for checkin approving for uplift to give better user experience.
Attachment #8570767 -
Flags: approval-mozilla-beta?
Attachment #8570767 -
Flags: approval-mozilla-beta+
Attachment #8570767 -
Flags: approval-mozilla-aurora?
Attachment #8570767 -
Flags: approval-mozilla-aurora+
Updated•10 years ago
|
status-firefox37:
--- → affected
status-firefox38:
--- → affected
Assignee | ||
Comment 8•10 years ago
|
||
Rebase needed.
You need to log in
before you can comment on or make changes to this bug.
Description
•