Closed Bug 214742 Opened 22 years ago Closed 9 years ago

Improve documentation for frozen interface nsIX509CertDB: findCertByNickname and findCertNicknames

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: robmv, Unassigned)

References

Details

(Whiteboard: [kerh-cuz])

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030701 Epiphany/0.8.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030701 Epiphany/0.8.0 The implementation of the method findCertNicknames returns an array of Strings that is generated by concatenating the certifacte nickname or the email address with the certificate db key. This compound string uses an delimiter ('\001') in order to separate its parts. http://lxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSCertificateDB.cpp#1041 When the component user is using the returned string in the method findCertByNickname, he or she will always receive an error and not the requested certificate because the method implementation uses the complete string to call the functions PK11_FindCertFromNickname and CERT_FindCertByNickname http://lxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSCertificateDB.cpp#109 A workaround to this problem is to parse the string returned by findCertNicknames in order to get the real nickname and the certificate dbkey. In my opinion this is a bug in the interface implementation. One way to solve it is to include the parsing code to the findCertByNickname or make getCertNicknames return the nicknames and not the compound string. Which one is better? Reproducible: Always Steps to Reproduce: This bug blocks an implementation (without the workaround) of a GTK based certificate manager for epiphany GNOME browser. This is the only FROZEN XPCOM interface that I found to manipulate the certificates
Kai, I don't have the history to be able to evaluate this. Is the implementation broken, or as designed?
Assignee: ssaux → kaie
Unfortunately I don't have any history information on this routine either, it was created before I started to work on PSM.
Product: PSM → Core
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
This bug has been automatically resolved after a period of inactivity (see above comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → EXPIRED
This is still the case, we need to perform evil hacks to perform the lookup in the CertDB after retreiving the cert using the FindCertNicknames call.
Status: RESOLVED → UNCONFIRMED
Resolution: EXPIRED → ---
I finally took the time to read this bug and look at the source. You complain about the fact, that the returned strings are not directly the nicknames, but are compound strings, that contain the nickname. This is a frozen interface. There might be embeddors who already use the strings in the given presentation. The only "bug" I can see at the moment is the documentation. The comment in the IDL should explain clearly what is being returned. If I understand correctly, you are able to parse the string, and use the parse result in order to achieve your required functionality. IMHO you should not understand this as a workaround, but as the required way to deal with data returned from the function. I propose we change this bug into a "request for better documentation of this function", and come up with a patch that will clarify the common on this frozen function. Is that acceptable to you?
as the reporter of this bug, I understand the frozen status of this interface, but I have not touched the original patch that I wrote for Epiphany since a long time (Crispin has updated it), and that documentation update is fine for me.
I am happy with improving the documentation too, I still maintain it is an evil API, but as it frozen, there isn't too much we can really do now :-(
Summary: nsIX509CertDB implementations findCertByNickname and findCertNicknames is Broken → Improve documentation for frozen interface nsIX509CertDB: findCertByNickname and findCertNicknames
Whiteboard: [kerh-cuz]
QA Contact: bmartin → ui
Mass change owner of unconfirmed "Core:Security UI/PSM/SMime" bugs to nobody. Search for kaie-20100607-unconfirmed-nobody
Assignee: kaie → nobody
Bug 1241650 removed findCertNicknames(), so there's nothing to document now.
Blocks: 1241650
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago9 years ago
Resolution: --- → INVALID
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.