Closed
Bug 129067
Opened 22 years ago
Closed 22 years ago
Deleted certs still appear in Cert Manager M1RC2 [@ nsNSSCertificate::GetCert]
Categories
(Core Graveyard :: Security: UI, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.3
People
(Reporter: junruh, Assigned: KaiE)
References
()
Details
(Keywords: crash, topcrash, Whiteboard: [adt2 RTM] [Needs a=])
Crash Data
Attachments
(1 file, 3 obsolete files)
12.74 KB,
patch
|
KaiE
:
review+
KaiE
:
superreview+
jud
:
approval+
|
Details | Diff | Splinter Review |
3/4 Linux, Mac and Win32 trunk builds. 1.) Get a cert from the above URL or Verisign. 2.) Open the Cert Manager and delete the cert. What happens: The cert still appears in the Cert Manager.
Comment 1•22 years ago
|
||
Hopefully this is solved by the latest fixes in NSS3.4. cc relyea and wtc. Let's try today and/or tomorrow's builds.
Reporter | ||
Comment 2•22 years ago
|
||
*** Bug 130689 has been marked as a duplicate of this bug. ***
Comment 4•22 years ago
|
||
if you attempt to delete the cert twice the browser crashes. I believe this is NSS related. nsbeta-, because there's a workaround: delete the cert, then do nothing. Restarting the browser shows that the cert is gone.
Reporter | ||
Comment 6•22 years ago
|
||
*** Bug 135752 has been marked as a duplicate of this bug. ***
Reporter | ||
Comment 7•22 years ago
|
||
*** Bug 135606 has been marked as a duplicate of this bug. ***
Reporter | ||
Comment 8•22 years ago
|
||
Relnote - Certificates deleted from the Certificate Manager will still appear, until you restart the browser.
Reporter | ||
Comment 9•22 years ago
|
||
This is a pretty common crash. How about nsbeta1+ ? http://climate.netscape.com/reports/VeryFastSearchStackSigNEW.cfm?stacksig=nsNSS Certificate
Target Milestone: 2.2 → 2.3
Version: 2.2 → 2.3
Assignee | ||
Updated•22 years ago
|
Comment 10•22 years ago
|
||
Addition to comment #4: If you really want to crash Mozilla, you only have to work with certificate manager. In my opinion this part of Mozilla is the most instable. I always have a bad feeling if I use the cert manager. (Not a bug report, only a personal comment)
Assignee | ||
Comment 11•22 years ago
|
||
I tried to find a fix for this bug, but I did not yet succeed. I saw, the PSM memory object, which contains the reference to the CERT_Certificate, which is being destroyed, is leaked in certificate manager. Therefore, this memory objects does not get destroyed, and CERT_DestroyCertificate does not get called. Of course, I don't know whether that is even required, after the certificate has been destroyed. At least I was able to find some leaks in cert manager, and I was able to reach the state, where the memory object does get deleted. But that did not help, even after closing the cert manager, the deleted cert is still found. It looks like PK11_ListCerts(PK11CertListUser) does still deliver the deleted cert, although it had been deleted using PK11_DeleteTokenCertAndKey. The interesting thing is, using the cert's db key to lookup the deleted cert, does no longer succeed (used by the cert manager UI). Because the certificate is no longer delivered after an application restart, I would expect that PK11_ListCerts should immediately stop delivering the cert after it has been deleted.
Assignee | ||
Comment 12•22 years ago
|
||
- uses ugly slow workaround for unexpected NSS behaviour - fixes the display - avoids crash - fixes a memory leak, which will help for bug 125561
Comment 14•22 years ago
|
||
Bob Relyea can you review as well?
Assignee | ||
Comment 15•22 years ago
|
||
Note to help reviewing: The difficult part of that patch is where I try to check whether a cert is still findable in the cert db. But this part was put together by using logic from two existent methods, nsNSSCertificate::GetDbKey and nsNSSCertificateDB::GetCertByDBKey. Note that I filed NSS bug 138626, which I believe is the real cause of our problem.
Comment 16•22 years ago
|
||
Comment on attachment 80057 [details] [diff] [review] Suggested Fix argh. I reviewed this last week, but somehow my commit didn't go through. :( Everything looks good. If there is a function provided by NSS for creatint the db Key from a cert I think we should use it. Don't want a future change to NSS to hurt us too much. r=javi
Updated•22 years ago
|
Attachment #80057 -
Flags: review+
Assignee | ||
Comment 17•22 years ago
|
||
Right, it would be better to use a NSS internal key. I don't know if there is one. But even if I knew, I would have to test whether that key still helps for the workaround. NOTE TO SELF: Before I check this in, I will add a comment before the workaround block, that indicates the block as being a workaround around bug 138626.
Updated•22 years ago
|
Whiteboard: [adt2]
Assignee | ||
Comment 18•22 years ago
|
||
relyea said, the patch looks ok. Alec, can you please sr= ?
Assignee | ||
Comment 19•22 years ago
|
||
Alec, can you please review?
Assignee | ||
Comment 20•22 years ago
|
||
This patch has one added comment, and I removed one hunk from the patch, that is unrelated to this bug, and I moved it over to the separate bug 139349.
Attachment #80057 -
Attachment is obsolete: true
Comment 21•22 years ago
|
||
Comment on attachment 80509 [details] [diff] [review] Slightly corrected patch sr=alecf, assuming javi is still ok with this
Attachment #80509 -
Flags: superreview+
Updated•22 years ago
|
Attachment #80509 -
Flags: approval+
Comment 22•22 years ago
|
||
Comment on attachment 80509 [details] [diff] [review] Slightly corrected patch a=rjesup@wgate.com
Assignee | ||
Comment 23•22 years ago
|
||
Checked in to trunk, fixed.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Comment 25•22 years ago
|
||
adding adt1.0.0+. Please check this in to the branch as soon as possible and add the fixed1.0.0 keyword.
Assignee | ||
Updated•22 years ago
|
Attachment #80509 -
Flags: needs-work+
Assignee | ||
Comment 26•22 years ago
|
||
Comment on attachment 80509 [details] [diff] [review] Slightly corrected patch After doing more testing I'm sorry, but I can not check this patch in. I saw this patch works stable in debug mode. It does work *sometimes* in optimized mode, but most of the time it works not. Detailed explanation follows. I would like to request permission to back out this patch from the trunk.
Assignee | ||
Comment 27•22 years ago
|
||
More explanation why the previous patch is bad. The class nsNSSCertificate is using delayed deletion of the underlying NSS cert. As long as this class is still refcounted, no deletion happens. Because of the JS implementation of the cert manager, some references to the deleted object stay around as long as the window is up. Surprisingly, my code addition from the previous patch worked in debug mode. It seems, my instructions, that assigned null to variables caused the references go away. But this did not work in optimized mode all the time, the order of deletion seems to be random, and that influences whether the certs go away or not. Because I don't have an influence on the order of deletion by Garbage Collection from JS, I need to use a completely different approach to solve this bug. Explanation of new approach follows.
Assignee | ||
Comment 28•22 years ago
|
||
With my next patch, I'll be using the following apporach, which seems to be working very well. I did a lot of testing. Instead of reloading the cert manager contents each time the user deletes a cert, I'll now simply remove that cert from the list already in memory. This makes it unnecessary to query the NSS cert database again as long as the cert manager stays open. Because when the cert manager gets closed, all objects will be freed, the delayed deletion will happen at that time (this has always been that way). With my new patch, the next time the cert manager gets opened, the deleted certs do no longer appear in the list, i.e. the workaround for PK11_ListCerts from the previous patch is not necessary. Note that the new patch has a new method RemoveCert, which looks complicated. But the logic were cloned from an already existing function (GetCertAtIndex) in the same class. In addition, another fix was necessary, that made the behaviour of certificate deletion really bad. For deleting a certificate, write access to the certificate storage is required. If the user did not yet enter the master certificate in the session, he will have to enter it before deletion can work. When I did my additional testing with the previous patch, I randomly saw that I got prompted after a random delay. Sometimes I was not prompted before closing the cert manager dialog. In order to add correctness, this patch calls the required NSS function, that will ensure that the user already logged in, and will prompt the user immediately before deletion is being attempted. The approach to do that was explained to me on IRC by Ian, and in fact, I can see that this approach is already used in different locations in the existing code. I tested the patch with all types of certificates in certificate manager.
Status: VERIFIED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 29•22 years ago
|
||
New patch as explained in previous comments.
Comment 30•22 years ago
|
||
Removing adt1.0.0+, until the new patch is r/sr=, and verified by QA.
Keywords: adt1.0.0+
Comment 31•22 years ago
|
||
Comment on attachment 81109 [details] [diff] [review] Correct patch, replacing previous attempt looks good to me. r=javi
Attachment #81109 -
Flags: review+
Assignee | ||
Comment 32•22 years ago
|
||
Alec, could you please sr= the new patch?
Updated•22 years ago
|
Attachment #81109 -
Flags: superreview+
Comment 33•22 years ago
|
||
Comment on attachment 81109 [details] [diff] [review] Correct patch, replacing previous attempt I'm not a huge fan of making "params" a global variable, but if you're going to do that, you need to name it "gParams" to indicate that is global. other than that, this looks fine. sr=alecf with that change.
Comment 35•22 years ago
|
||
How often are users deleting certs?
Assignee | ||
Comment 36•22 years ago
|
||
Good question, I don't know how often users would try to delete them.
Comment 37•22 years ago
|
||
Adding Dave, to give us the marketing analysis for how often users delet certs?
Keywords: approval
Whiteboard: [adt2] → [adt2] [Needs a= & ADT approval]
Comment 38•22 years ago
|
||
I don't have a good sense for how often people delete certs - my feeling is not very often. I've never done this myself... will try to gather more data.
Assignee | ||
Comment 39•22 years ago
|
||
A quick summary where we are: ============================= 1.) The first patch from this bug is on the trunk already. It works unreliably, as explained before. I will back it out from the trunk at the time I check in the new patch to the trunk. 2.) I'm attaching an updated version of the better patch. It is identical to the previous patch, it only has one variable renamed, as suggested by alecf. 3.) Note that this bug is still blocked by 138626. The new patch does not work without having the patch from bug 138626 applied. 4.) We are free to check this in to the branch if we want to, as long as we check in both 5.) Before we land on the trunk, we need to wait a little - we are currently working on updating the NSS version used by Mozilla trunk to include all the latest fixes to NSS.
Attachment #80509 -
Attachment is obsolete: true
Comment 40•22 years ago
|
||
Removing adt1.0.0, as there is new patch without reviews.
Keywords: adt1.0.0
Whiteboard: [adt2] [Needs a= & ADT approval] → [adt2]
Assignee | ||
Comment 41•22 years ago
|
||
Comment on attachment 82106 [details] [diff] [review] Updated patch This patch is the same as the patch before, and has one change as requested by the superreviewer. It still has r=javi and sr=alecf.
Attachment #82106 -
Flags: superreview+
Attachment #82106 -
Flags: review+
Assignee | ||
Comment 42•22 years ago
|
||
I'm undoing Jaime's changes to keywords and whiteboard. I should have marked the new patch as having reviews earlier. Sorry for the confusion.
Keywords: adt1.0.0
Whiteboard: [adt2] → [adt2] [Needs a= & ADT approval]
Assignee | ||
Updated•22 years ago
|
Attachment #81109 -
Attachment is obsolete: true
Comment 43•22 years ago
|
||
Let's review this one in the RTM timeframe. adt1.0.0- [adt2 RTM] because deleting certs does not appear something most users will do.
Comment 44•22 years ago
|
||
*** Bug 144198 has been marked as a duplicate of this bug. ***
Comment 45•22 years ago
|
||
Marking as topcrash - the early M1RC2 talkback returns show this crash (deleting certs) in the top 20 crashes.
Keywords: topcrash
Summary: Deleted certs still appear in Cert Manager → Deleted certs still appear in Cert Manager M1RC2 [@ nsNSSCertificate::GetCert]
Comment 46•22 years ago
|
||
adding back adt1.0.0 nomination for rtm. Since we can't land this on the trunk, could you make a test build that QA can try out, or can others apply the patch and the patch for 138626 and verify that this is fixed?
Assignee | ||
Comment 47•22 years ago
|
||
As requested, I have created test builds, based on this morning's 1.0.0 branch, having applied the patches from 138626 and 129067 (this one). I have uploaded Windows and Linux builds to my home directory /u/kaie, file names mozilla-win32-1.0.0-branch-138626-129067.zip mozilla-linux-1.0.0-branch-138626-129067.tar.gz John, can you please test whether the problem is fixed with the build?
Reporter | ||
Comment 48•22 years ago
|
||
It looks good on Win32 and Linux. I have no problem deleting any kind of cert.
Assignee | ||
Comment 49•22 years ago
|
||
Previous unreliable patch backed out from trunk. New patch checked in to trunk. Marking fixed.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago → 22 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 50•22 years ago
|
||
Verified on the 5/16 Win32 trunk.
Comment 51•22 years ago
|
||
Kai, I just wanted to confirm that your patch for this bug requires the fix for NSS bug 138626.
Assignee | ||
Comment 52•22 years ago
|
||
Wan-Teh: Yes, 138626 is required for 129067.
Comment 53•22 years ago
|
||
Can we move some of these fixes into the branch? QA is supposed to be testing the branch, but so far, I've been using trunk since branch hasn't changed since beta. Thanks - marked verified on trunk. Add fixed1.0.0 once in the branch
Status: RESOLVED → VERIFIED
Updated•22 years ago
|
Whiteboard: [adt2 RTM] → [adt2 RTM] [Needs a=]
Comment 54•22 years ago
|
||
adt1.0.0+ (on ADT's behalf) for approval to checkin to the 1.0 branch, pending Driver's approval. After, checking in, please add the fixed1.0 keyword.
Comment 55•22 years ago
|
||
changing to adt1.0.1+ for checkin to the 1.0 branch. Please get drivers approval before checking in.
Assignee | ||
Updated•22 years ago
|
Keywords: mozilla1.0.1
Assignee | ||
Comment 56•22 years ago
|
||
Update: I was about to request approval from drivers, but realized we are still blocked by 145836 (which includes the fix for 138626 for landing on the branch).
Depends on: 145836
Assignee | ||
Comment 57•22 years ago
|
||
(dummy change, because I interrupted the bugmail when doing the previous change).
Comment 58•22 years ago
|
||
please checkin to the 1.0.1 branch. once there, remove the "mozilla1.0.1+" keyword and add the "fixed1.0.1" keyword.
Keywords: mozilla1.0.1 → mozilla1.0.1+
Updated•22 years ago
|
Attachment #82106 -
Flags: approval+
Comment 61•22 years ago
|
||
*** Bug 149621 has been marked as a duplicate of this bug. ***
Comment 62•22 years ago
|
||
This bug exists in Mozilla 1.1b.
Assignee | ||
Comment 63•22 years ago
|
||
Drew: Is it possible that what you see is bug 154040 instead?
Updated•13 years ago
|
Crash Signature: [@ nsNSSCertificate::GetCert]
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•