Closed Bug 1400288 Opened 8 years ago Closed 8 years ago

Kerberos authentication no longer works

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Version:
57 Branch
Platform:
All
Windows 7
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla57
Tracking Flags:
Tracking Status
firefox-esr52 --- unaffected
firefox55 --- unaffected
firefox56 --- unaffected
firefox57 --- fixed

People

(Reporter: will69, Assigned: kmag)

Details

(Keywords: regression)

Kerberos authentication fails every time. It worked perfectly before. STR: Set network.negotiate-auth.trusted-uris=YOURFQDN and connect to YOURFQDN, a kerberos protected host. mozregression yields bug #1398646 as the only culprit.
Has Regression Range: --- → yes
Has STR: --- → yes
Component: Untriaged → Networking
Keywords: regression
Product: Firefox → Core
Target Milestone: Firefox 57 → ---
It Seems that we make a sync call to resolve OMT here: http://searchfox.org/mozilla-central/rev/184f0c7888dd6abb32235377693b7d1fc0b75ac1/extensions/auth/nsAuthSSPI.cpp#123 Kris, can you backout bug #1398646? This actually seems to be the only use of ResolveNative - maybe we can change the call site and remove ResolveNative from the IDL completely.
Flags: needinfo?(kmaglione+bmo)
Yeah, there doesn't seem to be a simple way to make this code use async resolution. I'd rather add another function with a name like `SyncResolveMainThreadDoNotUseInNewCode` for the SASL code to use, and still have ResolveNative not work on the main thread, though.
Flags: needinfo?(kmaglione+bmo)
Fixed by backout in bug 1398646 comment 7
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Assignee: nobody → kmaglione+bmo
status-firefox57: affectedfixed
status-firefox-esr52: --- → unaffected
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.