Open Bug 1560974 Opened 6 years ago Updated 2 years ago

[mozproxy] Indicate in logging that the SEC_ERROR_BAD_DATABASE error is expected the first time mozproxy checks for the nss ca db

Categories

(Testing :: Mozbase, defect, P3)

Product:
Testing
Component:
Mozbase
Version:
Version 3
Type:
defect

Tracking

(Not tracked)

People

(Reporter: rwood, Unassigned)

References

(Blocks 1 open bug)

Details

When Mozproxy on Android first checks to see if the nss ca cert db already exists on the device, there is an expected SEC_ERROR_BAD_DATABASE error returned (as it doesn't yet exist). This check is necessary at that point - then if it doesn't exist as expected then it is created.

The issue is that we should indicate in the logging that at that point the SEC_ERROR_BAD_DATABASE is actually expected. Several people have spotted that error and believe it is a legit error indicating a failure. The certutil tool itself dumps out the error. Here's an example of the logging that shows the error but is expected:

10:35:26 INFO - mozproxy checking if the nss cert db already exists in the android browser profile
10:35:26 INFO - certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.
10:35:26 INFO - mozproxy nss cert db doesn't exist yet
10:35:36 INFO - mozproxy creating nss cert database using command: /builds/task_1561372441/workspace/testing/mozproxy/host-utils-68.0a1.en-US.linux-x86_64/certutil -N -v -d sql:/tmp/tmpBhzhtE.mozrunner/ --empty-password

And this is where in mozproxy the first nss ca cert db check is made:

https://searchfox.org/mozilla-central/rev/0b7007a23bc16c857f894140e12f307bfeef2fdd/testing/mozbase/mozproxy/mozproxy/backends/mitm.py#475

Priority: -- → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.