Closed
Bug 362788
Opened 18 years ago
Closed 18 years ago
New Firefox versions result in a new pref entry for rc4 key
Categories
(Toolkit :: Safe Browsing, defect)
Toolkit
Safe Browsing
Tracking
()
RESOLVED
FIXED
People
(Reporter: tony, Assigned: tony)
Details
(Keywords: verified1.8.1.2)
Attachments
(2 files)
5.62 KB,
patch
|
mmc
:
review+
|
Details | Diff | Splinter Review |
2.60 KB,
patch
|
jay
:
approval1.8.1.2+
|
Details | Diff | Splinter Review |
Anti-phishing uses rc4 to encrypt urls in the "ask remote server" mode. For this to work, the client needs to first download the rc4 key. We only download the rc4 key once per day, but we use the key url (so each provider can have a separate key url) to determine if we've downloaded the key in the last 24 hours. Since the client id is in the key and the client id includes the firefox version number, we end up grabbing a new key (and creating a new pref value) for each firefox version. For example, I now have the following entries:
urlclassifier.keyupdatetime.https://sb-ssl.google.com/safebrowsing/getkey?client=Firefox2.0&
urlclassifier.keyupdatetime.https://sb-ssl.google.com/safebrowsing/getkey?client=Firefox2.0.0.1pre&
We should ignore query params to avoid this unnecessary duplication.
Assignee | ||
Comment 1•18 years ago
|
||
includes small test case
Attachment #248335 -
Flags: review?(mmchew)
Comment 2•18 years ago
|
||
Comment on attachment 248335 [details] [diff] [review]
only use getkey URL up until ?
Looks good to me.
Attachment #248335 -
Flags: review?(mmchew) → review+
Assignee | ||
Comment 3•18 years ago
|
||
on trunk.
Checking in testing/mochitest/tests/index.html;
/cvsroot/mozilla/testing/mochitest/tests/index.html,v <-- index.html
new revision: 1.52; previous revision: 1.51
done
RCS file: /cvsroot/mozilla/testing/mochitest/tests/test_bug362788.xhtml,v
done
Checking in testing/mochitest/tests/test_bug362788.xhtml;
/cvsroot/mozilla/testing/mochitest/tests/test_bug362788.xhtml,v <--
test_bug362788.xhtml
initial revision: 1.1
done
Checking in
toolkit/components/url-classifier/content/url-crypto-key-manager.js;
/cvsroot/mozilla/toolkit/components/url-classifier/content/url-crypto-key-manager.js,v
<-- url-crypto-key-manager.js
new revision: 1.10; previous revision: 1.9
done
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•18 years ago
|
Flags: blocking1.8.1.2?
Assignee | ||
Comment 4•18 years ago
|
||
exactly the same as the trunk patch without the unittests (no mochitest on branch)
Attachment #249317 -
Flags: approval1.8.1.2?
Updated•18 years ago
|
Flags: blocking1.8.1.2? → blocking1.8.1.2+
Comment 5•18 years ago
|
||
Comment on attachment 249317 [details] [diff] [review]
patch for branch
Approved for 1.8 branch, a=jay for drivers.
Attachment #249317 -
Flags: approval1.8.1.2? → approval1.8.1.2+
Assignee | ||
Comment 6•18 years ago
|
||
on branch
Checking in url-crypto-key-manager.js;
/cvsroot/mozilla/toolkit/components/url-classifier/content/url-crypto-key-manager.js,v <-- url-crypto-key-manager.js
new revision: 1.1.2.8; previous revision: 1.1.2.7
done
Keywords: fixed1.8.1.2
Comment 7•18 years ago
|
||
Flags: in-testsuite+
Comment 8•18 years ago
|
||
Tony or Monica: Is there an easy way to test this? If your team can verify this with the latest 2.0.0.2 RC builds, that will be great.
For future reference, I was wondering if the existing keys in the client can be removed? If so, I can try deleting th 5-6 entries I have currently and try running my profile with various builds/version to verify this myself. Thanks in advance.
Assignee | ||
Comment 9•18 years ago
|
||
Steps to test:
1) start ff and switch to remote lookup (key request is disabled for local list mode in bug 354199)
2) look at the pref value in urlclassifier.keyupdatetime.* It shouldn't contain a version number.
It's safe to remove the other prefs. The pref is only used to limit the request to once a day. Deleting the pref just causes an extra request.
This works for me using this build:
ftp://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-mozilla1.8/firefox-2.0.0.2pre.en-US.linux-i686.tar.gz
Status: RESOLVED → VERIFIED
Comment 10•18 years ago
|
||
Thanks Tony! FYI: Changing the bug status to VERIFIED should only be done for Trunk verifications. If you verify on a branch, please replace the fixed1.8.x.x keyword with verified1.8.x.x.
Replacing fixed1.8.1.2 keyword with verified1.8.1.2. Returning status to RESOLVED FIXED
Keywords: fixed1.8.1.2 → verified1.8.1.2
Updated•18 years ago
|
Status: VERIFIED → REOPENED
Resolution: FIXED → ---
Updated•18 years ago
|
Status: REOPENED → RESOLVED
Closed: 18 years ago → 18 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•