Closed Bug 357010 Opened 16 years ago Closed 16 years ago

Certificate import broke in nsNSSCertificateDB.cpp 1.23

Categories

(Core :: Security: PSM, defect)

1.8 Branch
x86
Linux
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 360528

People

(Reporter: martin, Assigned: KaiE)

Details

(Keywords: regression)

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.7) Gecko/20060830 Firefox/1.5.0.7 (Debian-1.5.dfsg+1.5.0.7-2)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.7) Gecko/20060830 Firefox/1.5.0.7 (Debian-1.5.dfsg+1.5.0.7-2)

Trying to import an email certificate now  gives an error message that the import failed because the verification failed. This message is bogus due to a bug in the code; I can't see how it could work at all since r1.23 of nsNSSCertificateDB.cpp.

Reproducible: Always

Steps to Reproduce:
1.Try importing a certificate
2.
3.

Actual Results:  
The certificate should get imported.

Expected Results:  
An error message is displayed

The problem is that the block

    if (!alert_and_skip) {
      CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
      if (!certChain) {
        alert_and_skip = true;
      }
    }

doesn't attempt to set certChain, so it's no surprise it stays at null.
I'll attach a patch
Assignee: nobody → kengert
Status: UNCONFIRMED → NEW
Component: Security → Security: PSM
Ever confirmed: true
Product: Firefox → Core
QA Contact: firefox
Version: unspecified → 1.8 Branch
Keywords: regression
Comment on attachment 242543 [details] [diff] [review]
Patch to re-enable import

someone should tell sunbird that their branch point is unfortunate :).
Attachment #242543 - Flags: review?(kengert)
This was fixed with when bug 360528 was resolved (with exactly the same patch...), so somebody who has the power to do so should resolve this one here, too.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 360528
Attachment #242543 - Flags: review?(kengert)
You need to log in before you can comment on or make changes to this bug.