Closed
Bug 1681071
Opened 3 years ago
Closed 3 years ago
Permafailing m-c periodic-file-update JavaScript error: /home/worker/scripts/genHPKPStaticPins.js, line 476: Error: ERROR: Can't find 'GeoTrust Global CA' in certNameToSKD
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
85 Branch
| Tracking | Status | |
|---|---|---|
| firefox-esr78 | --- | unaffected |
| firefox83 | --- | unaffected |
| firefox84 | --- | unaffected |
| firefox85 | --- | fixed |
People
(Reporter: malexandru, Assigned: kjacobs)
References
(Regression)
Details
(Keywords: regression)
Attachments
(1 file)
Failure log: https://treeherder.mozilla.org/logviewer?job_id=323749598&repo=mozilla-central&lineNumber=71217
Raw log: https://firefoxci.taskcluster-artifacts.net/JCWz9x0vSUa7yp16NAh3ZA/0/public/logs/live_backing.log
zanshinkankarate.com, 1
@@ -100471,6 +100560,7 @@
zmartagroup.se, 1
zmc.com.sa, 1
zmeya.tk, 1
+zmiguel.me, 1
zmk.fr, 0
zmy.im, 1
zmy666.com, 1
@@ -100688,7 +100778,6 @@
zumba.com, 1
zumberak.tk, 1
zumtaedanceschool.co.za, 1
-zumub.com, 1
zund-app.com, 1
zundapp.one, 1
zundapp529.nl, 1
+ '[' -s /home/worker/artifacts/nsSTSPreloadList.diff ']'
+ return 0
+ HSTS_UPDATED=true
+ '[' true == true ']'
+ compare_hpkp_files
+ cd /home/worker
++ basename /home/worker/data/PreloadedHPKPins.json
+ HPKP_PRELOAD_JSON_HG=https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/tools/PreloadedHPKPins.json
+ HPKP_PRELOAD_OUTPUT_HG=https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/ssl/StaticHPKPins.h
+ rm -f /home/worker/data/StaticHPKPins.h.out
+ wget -nv -O /home/worker/data/StaticHPKPins.h https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/ssl/StaticHPKPins.h
2020-12-07 14:18:04 URL:https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/ssl/StaticHPKPins.h [60234/60234] -> "/home/worker/data/StaticHPKPins.h" [1]
+ wget -nv -O /home/worker/data/PreloadedHPKPins.json https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/tools/PreloadedHPKPins.json
2020-12-07 14:18:05 URL:https://hg.mozilla.org/mozilla-central/raw-file/default/security/manager/tools/PreloadedHPKPins.json [13526/13526] -> "/home/worker/data/PreloadedHPKPins.json" [1]
+ echo 'INFO: Generating new HPKP preload list...'
INFO: Generating new HPKP preload list...
+ cd /home/worker/firefox
+ LD_LIBRARY_PATH=:.
+ ./xpcshell /home/worker/scripts/genHPKPStaticPins.js /home/worker/data/PreloadedHPKPins.json /home/worker/data/StaticHPKPins.h.out
JavaScript error: /home/worker/scripts/genHPKPStaticPins.js, line 476: Error: ERROR: Can't find 'GeoTrust Global CA' in certNameToSKD
###!!! [Child][RunMessage] Error: Channel closing: too late to send/recv, messages will be lost
+ echo 'INFO: Checking whether new HPKP preload list is valid...'
INFO: Checking whether new HPKP preload list is valid...
+ '[' '!' -s /home/worker/data/StaticHPKPins.h.out ']'
+ grep kPreloadPKPinsExpirationTime /home/worker/data/StaticHPKPins.h.out
+ echo '/home/worker/data/StaticHPKPins.h.out is missing an expiration time. Truncated?'
/home/worker/data/StaticHPKPins.h.out is missing an expiration time. Truncated?
+ exit 53
[taskcluster 2020-12-07 14:18:08.091Z] === Task Finished ===
[taskcluster 2020-12-07 14:18:08.151Z] Artifact "public/build/StaticHPKPins.h.diff" not found at "/home/worker/artifacts/StaticHPKPins.h.diff"
[taskcluster 2020-12-07 14:18:08.211Z] Artifact "public/build/remote-settings.diff" not found at "/home/worker/artifacts/remote-settings.diff"
[taskcluster 2020-12-07 14:18:08.884Z] Unsuccessful task run with exit code: 53 completed in 15237.6 seconds
Kevin, could this be caused by the changes in Bug 1677548?
Flags: needinfo?(kjacobs.bugzilla)
|
||
Updated•3 years ago
|
status-firefox83:
--- → unaffected
status-firefox84:
--- → unaffected
status-firefox85:
--- → affected
status-firefox-esr78:
--- → unaffected
Keywords: regression
Summary: Intermittent JavaScript error: /home/worker/scripts/genHPKPStaticPins.js, line 476: Error: ERROR: Can't find 'GeoTrust Global CA' in certNameToSKD → Permafailing m-c periodic-file-update JavaScript error: /home/worker/scripts/genHPKPStaticPins.js, line 476: Error: ERROR: Can't find 'GeoTrust Global CA' in certNameToSKD
|
Assignee | |
Comment 1•3 years ago
|
||
Kevin, could this be caused by the changes in Bug 1677548?
Yes, bug 1670769 removed this root certificate from NSS. I'll submit a patch shortly.
|
|
Assignee | |
Comment 2•3 years ago
|
||
|
||
Updated•3 years ago
|
Assignee: nobody → kjacobs.bugzilla
Status: NEW → ASSIGNED
Pushed by malexandru@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c300b7d24a28 Update PreloadedHPKPins.json after root certificate removal. r=keeler
|
|
Assignee | |
Updated•3 years ago
|
Flags: needinfo?(kjacobs.bugzilla)
|
||
Comment 4•3 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 85 Branch
| Comment hidden (Intermittent Failures Robot) |
|
||
Updated•3 years ago
|
Has Regression Range: --- → yes
You need to log in
before you can comment on or make changes to this bug.
Description
•