241374 - FIPS mode is broken in Mozilla 1.7 RC 1.

Status: VERIFIED FIXED

(SeaMonkey :: Build Config, defect)

Description

[Wan-Teh Chang]

The FIPS mode of the NSS software cryptograhic module
is broken in Mozilla 1.7 RC 1.

1) If FIPS mode was originally enabled, the browser can't
initialize its security component.

2) If FIPS mode was originally disabled, you can't enable
FIPS mode.

The steps to reproduce 2) are:

- Open Edit -> Preferences... -> Privacy & Security ->
  Certificates -> Manage Security Devices
- In the Device Manager window, select
  "NSS Internal PKCS #11 Module"
- Click on the "Enable FIPS" button.

Nothing happens.

Comment 1

[Wan-Teh Chang]

The cause of this failure is that softokn3.dll was
modified (most likely stripped of debug information)
without regenerating the softokn3.chk check file using
shlibsign.

Comment 2

[Benjamin Smedberg]

Leaf, we goofed in the build automation for talkback.

Comment 3

[Daniel (Leaf) Nunes]

I knew i forgot something.

Comment 4

[Daniel (Leaf) Nunes]

wan-teh, is this windows only, or windows and linux, or just linux?

Comment 5

[Wan-Teh Chang]

I've only tried Mozilla 1.7 RC 1 on Windows, so the status of Linux
or Mac OS X is unknown.

Comment 6

[Daniel (Leaf) Nunes]

I see the problem; the build system uses whatever "rebase" is first in the path.
currently, that's cygwin's version... which causes the build target after
rebasing (signing the nss lib) to never get reached.

Tomorrow's builds should be fixed.

Comment 7

[Wan-Teh Chang]

Verified fixed in this build:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040430