Closed
Bug 1247662
Opened 8 years ago
Closed 8 years ago
TEST-UNEXPECTED-FAIL | services/common/tests/unit/test_kintoCertBlocklist.js | xpcshell return code: 0
Categories
(Thunderbird :: General, defect)
Thunderbird
General
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 47.0
People
(Reporter: aleth, Assigned: jorgk-bmo)
References
Details
(Keywords: intermittent-failure)
Attachments
(1 file)
1.52 KB,
patch
|
aleth
:
review+
|
Details | Diff | Splinter Review |
Unexpected exception NS_ERROR_UNEXPECTED: Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIPrefBranch.getCharPref] 07:31:06 INFO - CertBlocklistClient/this.maybeSync@resource://gre/modules/services-common/KintoCertificateBlocklist.js:51:18 07:31:06 INFO - test_something@/builds/slave/test/build/tests/xpcshell/tests/services/common/tests/unit/test_kintoCertBlocklist.js:74:22 07:31:06 INFO - _run_next_test@/builds/slave/test/build/tests/xpcshell/head.js:1540:9 07:31:06 INFO - do_execute_soon/<.run@/builds/slave/test/build/tests/xpcshell/head.js:692:9 07:31:06 INFO - _do_main@/builds/slave/test/build/tests/xpcshell/head.js:209:5 07:31:06 INFO - _execute_test@/builds/slave/test/build/tests/xpcshell/head.js:533:5 07:31:06 INFO - @-e:1:1 07:31:06 INFO - exiting test
Comment hidden (Intermittent Failures Robot) |
Assignee | ||
Comment 3•8 years ago
|
||
OK, if this came from bug 1227956. Let's see what they did: https://hg.mozilla.org/mozilla-central/rev/56e66f43d7ee Oh, they added preferences: +// Kinto blocklist preferences +pref("services.kinto.base", "https://firefox.settings.services.mozilla.com/v1"); +pref("services.kinto.bucket", "blocklists"); +pref("services.kinto.onecrl.collection", "certificates"); +pref("services.kinto.onecrl.checked", 0); Now let's read the error: (NS_ERROR_UNEXPECTED) [nsIPrefBranch.getCharPref] I'd bet a beer that we're missing some preferences.
Assignee | ||
Comment 4•8 years ago
|
||
Try run here: https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=9801beed78e0 (ignore the other changeset in the push, that's my ongoing work which won't interfere).
Reporter | ||
Comment 5•8 years ago
|
||
Does TB use the Kinto Certificate Blocklist?
Assignee | ||
Comment 6•8 years ago
|
||
My try came out green with this addition. // Kinto blocklist preferences pref("services.kinto.base", "https://firefox.settings.services.mozilla.com/v1"); pref("services.kinto.bucket", "blocklists"); pref("services.kinto.onecrl.collection", "certificates"); pref("services.kinto.onecrl.checked", 0); I have no idea whether the URL's actually mean anything. Let's ask: Mark and David, our xpcshell tests fail since test_kintoCertBlocklist.js fails. I've copied the four preferences above into out preferences script and like this, the test passes. Is this acceptable or is there a better fix? Does the URL https://firefox.settings.services.mozilla.com/v1 mean anything? Your help would be much appreciated.
Flags: needinfo?(mgoodwin)
Flags: needinfo?(dkeeler)
Reporter | ||
Comment 7•8 years ago
|
||
(In reply to Jorg K (GMT+1) from comment #6) > I have no idea whether the URL's actually mean anything. Let's ask: > > Mark and David, our xpcshell tests fail since test_kintoCertBlocklist.js > fails. > > I've copied the four preferences above into out preferences script and like > this, the test passes. > > Is this acceptable or is there a better fix? Does the URL > https://firefox.settings.services.mozilla.com/v1 mean anything? The issue here isn't just making the test pass, it's figuring out whether oneCRL cert revocation works in TB or not (and maybe whether it is important to have it work in TB).
Flags: needinfo?(dkeeler)
Assignee | ||
Comment 8•8 years ago
|
||
Sorry about the NI SPAM. NI for David was accidentally removed. Your help would be much appreciated.
Flags: needinfo?(dkeeler)
Comment 9•8 years ago
|
||
(In reply to aleth [:aleth] from comment #7) > > Is this acceptable or is there a better fix? Does the URL > > https://firefox.settings.services.mozilla.com/v1 mean anything? Yes, this is where the next version of OneCRL (and, eventually, some other security state things) will get its data from. > The issue here isn't just making the test pass, it's figuring out whether > oneCRL cert revocation works in TB or not (and maybe whether it is important > to have it work in TB). OneCRL is something TB probably wants; without this, there's no way (without chem-spill) of revoking roots. Also, if you have security.onecrl.maximum_staleness_in_seconds set to a non-zero value (I'm not sure if this is set in TB), you might be bypassing revocation checks that you otherwise should be performing. As to whether or not it *works* - I can help with testing, if that would be useful?
Flags: needinfo?(mgoodwin)
Assignee | ||
Comment 10•8 years ago
|
||
Thank you for your answer. I think we have enough information to proceed, so I'm clearing the other NI. Currently we don't have any preference security.onecrl.* defined or set. I suggest the following: Land this patch here to get the xpcshell tests going again. Then investigate the OneCRL function in another bug with Mark's help. Sounds fair?
Flags: needinfo?(dkeeler)
Assignee | ||
Updated•8 years ago
|
Attachment #8719509 -
Flags: review?(aleth)
Reporter | ||
Updated•8 years ago
|
Attachment #8719509 -
Flags: review?(aleth) → review+
Reporter | ||
Comment 11•8 years ago
|
||
(In reply to Jorg K (GMT+1) from comment #10) > Currently we don't have any preference security.onecrl.* defined or set. > > Then investigate the OneCRL function in another bug with Mark's help. Sounds > fair? Sounds like a good plan. This should be done asap as it seems oneCRL originally landed in 43 (without TB noticing), and so this security feature should be checked for 45 as well.
Reporter | ||
Comment 12•8 years ago
|
||
https://hg.mozilla.org/comm-central/rev/57ada76a9c40be3115d8e4dd3e665c2a1ba28837 Bug 1247662 - Added preferences for kinto. r=aleth
Reporter | ||
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 47.0
Assignee | ||
Comment 13•8 years ago
|
||
To be continued in bug 1248557.
You need to log in
before you can comment on or make changes to this bug.
Description
•