Closed
Bug 1579023
Opened 6 years ago
Closed 6 years ago
Speculative connection check prompts PIN if there is non-removable HSM
Categories
(Core :: Networking, defect, P2)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla71
| Tracking | Status | |
|---|---|---|
| firefox71 | --- | fixed |
People
(Reporter: ueno, Assigned: ueno)
References
Details
(Whiteboard: [necko-triaged])
Attachments
(1 file)
Bug 910207 introduced an additional precondition for speculative connection, which checks (in this order):
- if there is any smartcards attached or
- if there is a private key (used for client auth) in the NSS database
However, for some HSM's (e.g., SoftHSM), (1) is not sufficient and that leads to a random PIN prompt appearing at (2).
The reason is that (1) only checks if there is any removable slot, but if there is an "unfriendly" token, NSS still tries to authenticate. I guess that a fix would be to tighten (1) with the check for unfriendly token. I'm attaching a patch along these lines.
For more details, see:
https://bugzilla.mozilla.org/show_bug.cgi?id=1577803#c0
|
Assignee | |
Comment 1•6 years ago
|
||
|
||
Updated•6 years ago
|
Assignee: nobody → dueno
Priority: -- → P2
Whiteboard: [necko-triaged]
|
|
Assignee | |
Updated•6 years ago
|
Keywords: checkin-needed
Pushed by csabou@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/742ff7d024e7
disable preconnect if there is an unfriendly token r=keeler
Keywords: checkin-needed
|
||
Comment 3•6 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla71
|
||
Updated•6 years ago
|
Flags: qe-verify+
You need to log in
before you can comment on or make changes to this bug.
Description
•