Closed Bug 1317981 Opened 3 years ago Closed 3 years ago

Fix a few places in certutil/crlutil/cmsutil that fail to use the provided password parameter

Categories

(NSS :: Tools, defect)

3.27
defect
Not set

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kaie, Assigned: kaie)

Details

Attachments

(1 file)

A few scenarios of certutil/crlutil/cmsutil don't pass on the password parameter, so the tools are unnecessarily stuck and prompt for a password.
Attachment #8811251 - Flags: review?(rrelyea)
It would be good to get this correctness fix into 3.28
Blocks: 1305970
Target Milestone: --- → 3.28
Flags: needinfo?(rrelyea)
No longer blocks: 1305970
Comment on attachment 8811251 [details] [diff] [review]
1317981-v1b.patch

Review of attachment 8811251 [details] [diff] [review]:
-----------------------------------------------------------------

::: cmd/smimetools/cmsutil.c
@@ +472,5 @@
>      if (cms_verbose) {
>          fprintf(stderr,
>                  "Created CMS message, added signed data w/ signerinfo\n");
>      }
> +    signerinfo->cmsg->pwfn_arg = pwcb_arg;

I think there may be a function that sets this, but this should be fine.

::: lib/smime/cmssigdata.c
@@ +726,5 @@
>              }
>          }
> +        if (sigd->cmsg) {
> +            pwarg = sigd->cmsg->pwfn_arg;
> +        }

I think there may be a function that gets this, but again, this is fine.
Attachment #8811251 - Flags: review?(rrelyea) → review+
I couldn't find smime functions that "return.*pfwn_arg".

I could find CMS message encoding functions that change the pwfn_arg of a message, but I couldn't find anything for the signer-info struct.
Flags: needinfo?(rrelyea)
Landed into NSS trunk:
https://hg.mozilla.org/projects/nss/rev/8e8ded73dca1

and also into NSS 3.28 branch:
https://hg.mozilla.org/projects/nss/rev/b09fe3c22b24
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.