Closed Bug 1224467 Opened 9 years ago Closed 8 years ago

Add a preference to select OneCRL update mechanism

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla45
Tracking Status
firefox45 --- fixed

People

(Reporter: mgoodwin, Assigned: mgoodwin)

References

Details

Attachments

(1 file)

Currently, OneCRL makes use of the AMO blocklist mechanism. This will soon change. We need a way to make this change turn-off-and-on-able
Bug1224467 - Add a preference for controlling whether oneCRL blocklists are
updated via AMO. Also add a test. r?keeler,mossop
Attachment #8687130 - Flags: review?(dtownsend)
Attachment #8687130 - Flags: review?(dkeeler)
Blocks: 1197707
Needless to say, mossop, you don't need to look at the /security/manager bits if you don't want to; keeler can cover those.
Flags: needinfo?(dtownsend)
Attachment #8687130 - Flags: review?(dkeeler) → review+
Comment on attachment 8687130 [details]
MozReview Request: Bug1224467 - Add a preference for controlling whether oneCRL blocklists are

https://reviewboard.mozilla.org/r/25113/#review22701

LGTM.

::: security/manager/ssl/tests/unit/test_cert_blocklist.js:134
(Diff revision 1)
> -    response.write(blocklist_contents);
> +  dump("Serving for path "+request.path+"\n");

I think do_print is preferred over dump in xpcshell tests. Also, spaces before/after '+'.

::: security/manager/ssl/tests/unit/test_cert_blocklist.js:192
(Diff revision 1)
> +    let certblockObserver = {

nit: two spaces for the initial indentation in this function

::: security/manager/ssl/tests/unit/test_cert_blocklist.js:353
(Diff revision 1)
> +    Services.prefs.setBoolPref("security.onecrl.via.amo", false);

Might be good to test the temporary "not using amo means the blocklist is never fresh" functionality.

::: security/manager/ssl/tests/unit/test_cert_blocklist.js:363
(Diff revision 1)
>    // we need to start the async portions of the test

nit: update/remove comment
Comment on attachment 8687130 [details]
MozReview Request: Bug1224467 - Add a preference for controlling whether oneCRL blocklists are

https://reviewboard.mozilla.org/r/25113/#review22855

Looks ok. The preference name sounds a bit wierd but since I haven't managed to think of anything better I guess we just go with it.
Attachment #8687130 - Flags: review?(dtownsend) → review+
Flags: needinfo?(dtownsend)
https://hg.mozilla.org/integration/mozilla-inbound/rev/9207e17e5e38be9bdadaeb4eb016a599f61dca30
Bug 1224467 - Add a preference for controlling whether oneCRL blocklists are updated via AMO. Also add a test. r=keeler,mossop
https://hg.mozilla.org/mozilla-central/rev/9207e17e5e38
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla45
See Also: → 1359428
You need to log in before you can comment on or make changes to this bug.