Closed
Bug 1389570
Opened 7 years ago
Closed 7 years ago
if NSS is initialized in no-DB mode (NSS_NoDB_Init), PK11_NeedUserInit returns true for the internal token
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.33
People
(Reporter: keeler, Assigned: franziskus)
References
Details
STR: NSS_NoDB_Init("."); PK11SlotInfo* slot = PK11_GetInternalKeySlot(); Actual results: PK11_NeedUserInit(slot) returns PR_TRUE Expected results: Arguably, it should return PR_FALSE since there's nothing to init (and, indeed, PK11_InitPin fails, because NSS is in no-DB mode).
Assignee | ||
Comment 1•7 years ago
|
||
https://nss-review.dev.mozaws.net/D406
Assignee: nobody → franziskuskiefer
Assignee | ||
Comment 2•7 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/984849c0a0f1e2e62cbe5654e679c90b7a5a8f94
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.33
Comment 3•7 years ago
|
||
This patch is wrong. PK11_NeedTokenInit must return true if and only if CKF_LOGIN_REQUIRED is true and CKF_USER_PIN_INIALIZED is flags (see https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Implement). I also disagree that it should return true for NO_DB_INIT. NO_DB_INIT creates a non-login access token which should have CKF_LOGIN_REQUIRED set to false and CKF_USER_PIN_INITIALIZED set to false. We need to back out this change and please explain why you need to initialize a non-token. If you want a password based thing, then either use a database or we need to create a new feature for that requirement. This patch broke regular non-login tokens.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 4•7 years ago
|
||
My bad. The code in question wasn't changed. PK11_NeedUserInit has always been jsut about the state of teh CKF_USER_PIN_INITIALIZED. A bug in a different patch used PK11_NeedUserInit() rather than PK11_NeedPWInitForSlot().
Comment 5•7 years ago
|
||
oops forgot to close the bug again,
Status: REOPENED → RESOLVED
Closed: 7 years ago → 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•