Closed
Bug 1319252
Opened 8 years ago
Closed 7 years ago
remove nsIX509Cert.getAllTokenNames
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla55
| Tracking | Status | |
|---|---|---|
| firefox55 | --- | fixed |
People
(Reporter: keeler, Assigned: Cykesiopka)
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
nsIX509Cert.getAllTokenNames is only used (improperly - it won't work correctly on e.g. redhat-based systems - see e.g. bug 1272858) to determine if a certificate is a built-in. There's an api for that, however: nsIX509Cert.isBuiltInRoot. Code should just use that directly.
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → cykesiopka.bmo
Status: NEW → ASSIGNED
Priority: P3 → P1
Whiteboard: [psm-cleanup] → [psm-assigned]
| Comment hidden (mozreview-request) |
|
|
Assignee | |
Comment 2•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8848854 [details] Bug 1319252 - Remove nsIX509Cert.getAllTokenNames(). https://reviewboard.mozilla.org/r/121732/#review123730 mossop: Please review (or delegate) the CertUtils.jsm change. keeler: Please review everything else. Thanks.
|
||
Comment 3•7 years ago
|
||
(In reply to David Keeler [:keeler] (use needinfo?) from comment #0) > nsIX509Cert.getAllTokenNames is only used (improperly - it won't work > correctly on e.g. redhat-based systems - see e.g. bug 1272858) to determine > if a certificate is a built-in. There's an api for that, however: > nsIX509Cert.isBuiltInRoot. Code should just use that directly. Does this mean add-on updates have been broken on redhat systems?
Flags: needinfo?(dkeeler)
|
|
||
Comment 4•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8848854 [details] Bug 1319252 - Remove nsIX509Cert.getAllTokenNames(). https://reviewboard.mozilla.org/r/121732/#review123966
Attachment #8848854 -
Flags: review?(dtownsend) → review+
|
|
Reporter | |
Comment 5•7 years ago
|
||
(In reply to Dave Townsend [:mossop] from comment #3) > (In reply to David Keeler [:keeler] (use needinfo?) from comment #0) > > nsIX509Cert.getAllTokenNames is only used (improperly - it won't work > > correctly on e.g. redhat-based systems - see e.g. bug 1272858) to determine > > if a certificate is a built-in. There's an api for that, however: > > nsIX509Cert.isBuiltInRoot. Code should just use that directly. > > Does this mean add-on updates have been broken on redhat systems? Probably, unless they also flipped "extensions.update.requireBuiltInCerts" or included a code change that had a similar effect.
Flags: needinfo?(dkeeler)
|
|
Reporter | |
Comment 6•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8848854 [details] Bug 1319252 - Remove nsIX509Cert.getAllTokenNames(). https://reviewboard.mozilla.org/r/121732/#review124016 Awesome - thanks.
Attachment #8848854 -
Flags: review?(dkeeler) → review+
|
|
Assignee | |
Comment 7•7 years ago
|
||
Thanks! https://treeherder.mozilla.org/#/jobs?repo=try&revision=cfea911f01786d2a3833f6578a2456b8099687fb
Keywords: checkin-needed
Pushed by cbook@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a584e589d7d1 Remove nsIX509Cert.getAllTokenNames(). r=keeler,mossop
Keywords: checkin-needed
|
||
Comment 9•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/a584e589d7d1
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-firefox55:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
|
||
Updated•7 years ago
|
status-firefox53:
affected → ---
You need to log in
before you can comment on or make changes to this bug.
Description
•