Closed
Bug 45878
Opened 24 years ago
Closed 24 years ago
Win-Linux-Cannot pickup cert from verisign
Categories
(Core Graveyard :: Security: UI, defect, P3)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: junruh, Assigned: javi)
References
()
Details
(Whiteboard: [nsbeta2+]ETA 7/28)
Attachments
(4 files)
1.68 KB,
patch
|
Details | Diff | Splinter Review | |
4.50 KB,
application/zip
|
Details | |
11.72 KB,
patch
|
Details | Diff | Splinter Review | |
14.88 KB,
patch
|
Details | Diff | Splinter Review |
1.) Important - With a new profile, open PSM, click on Certificates, and create
a password, or at least log into your DB if you already have a profile.
2.) Visit the above URL, click on Enroll now, and request a trial cert.
3.) Wait a few minutes for email from Verisign.
4.) Follow the cert pickup instructions, paste in your PIN, and click on Submit.
What happens: WinNT build 71910- crash in netscp6.exe.
Linux Build 71908- crash and Netscape disappears.
Not yet tested on Mac.
The Linux stack trace is available at http://cyclone/main/talkback.cfm
Click on FastFind, enter junruh@netscape.com, and look for 14470232.
Assignee | ||
Comment 1•24 years ago
|
||
This crashes downloading the cert. I'll need help from the networking group to
dig further into this.
dougt: any ideas on who may be able to help out on this?
Here's the assert that seems to hint at the problem:
D:\moz-client\mozilla\netwerk\streamconv\converters\nsMultiMixedConv.cpp:412
// if we hit this assert, it's likely that the data producer isn't sticking
// headers after a token to delineate a new part. This is required. If
// the server's not sending those headers, the server's broken.
NS_ASSERTION(mPartChannel, "our channel went away :-(");
Assignee | ||
Comment 2•24 years ago
|
||
I've tried getting a TracePlus output to see what's going on, but Mozilla hangs
right before I submit the form that gets the cert when TracePlus is enabled. If
I don't use TracePlus, then everything works fine. Any other clues on how to
get the desired info? Switching over to Linux would be quite painful for me.
Assignee | ||
Comment 3•24 years ago
|
||
I've been looking at this bug and really don't know how to proceed. Can someone
from the networking group look into this? All of our internal test with
certificate servers work, there's some weirdness with VeriSign's servers at the
network level that's causing this to crash.
Comment 4•24 years ago
|
||
traceplus worked for me. I'm attatching a patch which fixes the crash. The
problem is that the verisign server spits back a multi mixed boundary that is
wrapped in double quotes *and* contains whitespace inside the boundary. We
weren't handling this case (it's illegal), now we are. I'm attatching a patch,
someone (gagan) please review. I'm doing the string manipulation by hand becuase
I couldn't figure out CopressSpace() on our string lib (it takes a PRUnichar for
something and I couldn't figure out what).
This fixes the crash and we now download all the data. I didn't notice the cert
being installed though, that wouldn't be my area.
Comment 5•24 years ago
|
||
Assignee | ||
Comment 6•24 years ago
|
||
I applied valeski's patches and Mozilla no longer crashes. But now, I need some
coaching on how the stream listener stuff works. The cert downloader gets
called with the HTML of the page as the contents, so PSM then gets an HTML which
it tries to interpret as a cert package and fails. So the cert is never
successfully imported.
I need pointers on where to start looking in necko to debug this problem
further.
Comment 7•24 years ago
|
||
need code review for this patch, gagan?
also, did this feature ever work in SeaMonkey?
Assignee | ||
Comment 8•24 years ago
|
||
This feature works with CMS (Certificate Management System) 4.x
That's what I used to test when I wrote the code originally. QA has started
testing with outside CA's now and it's not working with their implementations.
I'm working on getting PSM to spit out what it's sending back to the client so I
can have a better idea of what's going on.
Will post anything else I find in this bug report.
Assignee | ||
Comment 9•24 years ago
|
||
Assignee | ||
Comment 10•24 years ago
|
||
Comparing what PSM gets sent as the cert blob to the returned responses, mozilla
sends the contents of rsa2.bits in the attachment.
Comment 11•24 years ago
|
||
updated patch. turns out there is indeed a string routine that does what I want.
Index: nsMultiMixedConv.cpp
===================================================================
RCS file: /cvsroot/mozilla/netwerk/streamconv/converters/nsMultiMixedConv.cpp,v
retrieving revision 1.39
diff -c -r1.39 nsMultiMixedConv.cpp
*** nsMultiMixedConv.cpp 2000/07/07 22:02:26 1.39
--- nsMultiMixedConv.cpp 2000/07/25 21:37:11
***************
*** 240,246 ****
nsCAutoString boundaryString(bndry);
if (attrib) *attrib = ';';
! boundaryString.StripWhitespace();
mToken = boundaryString.ToNewCString();
if (!mToken) return NS_ERROR_OUT_OF_MEMORY;
--- 240,247 ----
nsCAutoString boundaryString(bndry);
if (attrib) *attrib = ';';
!
! boundaryString.Trim(" \"");
mToken = boundaryString.ToNewCString();
if (!mToken) return NS_ERROR_OUT_OF_MEMORY;
Assignee | ||
Comment 12•24 years ago
|
||
Another question, valeski said I needed to have a nsIContentListener around.
dougt already implemented a CertDownLoader class that inherits from
nsIStreamListener. Are both necessary? Which one should stay?
Comment 14•24 years ago
|
||
patch is checked in.
Comment 15•24 years ago
|
||
marking Fixed...junruh, please verify ASAP.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Whiteboard: [nsbeta2+]
Assignee | ||
Comment 16•24 years ago
|
||
This is not fixed, valeski's patch is just a step along the way to getting this
work. I'm working on adding a content listener per valeski's and mscott's
suggestion.
Assignee | ||
Comment 17•24 years ago
|
||
Have code in my tree that fixes this (almost). One outstanding issue with
regards to properly registering/de-registering my content listener. Sending
e-mail to mscott for clarification.
Assignee | ||
Comment 18•24 years ago
|
||
Re-opening bug because this still doesn't work.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 19•24 years ago
|
||
Assignee | ||
Comment 20•24 years ago
|
||
valeski reviewed the changes. Is it too late for PR2? If not is there a branch
that I'd need to check into?
Assignee | ||
Comment 21•24 years ago
|
||
Comment 22•24 years ago
|
||
javi, please check in as soon as branch opens. THanks!
Whiteboard: [nsbeta2+] → [nsbeta2+]ETA 7/28
Assignee | ||
Comment 23•24 years ago
|
||
Checked in fix to the tip. Will check in fix to branch when it opens.
Assignee | ||
Comment 24•24 years ago
|
||
Fix checked into M17 branch and the tip.
Status: REOPENED → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 25•24 years ago
|
||
Reopening. Using WinNT 072904, Linux 073104. Everything seems to go smoothly,
and success looks assured. The problem is that when it is all over, I open
Security Advisor, click on certificates, and do not see the verisign cert. Mac
behaves differently, (does not go to page "step 2"), so I will open a separate
Mac bug. Removing crash keyword.
Status: RESOLVED → REOPENED
Keywords: crash
Resolution: FIXED → ---
Summary: Cannot pickup cert from verisign → Win-Linux-Cannot pickup cert from verisign
Assignee | ||
Comment 26•24 years ago
|
||
Are you sure this isn't because you're entering duplicate information and
VeriSign isn't letting you get another cert with the same information?
Reporter | ||
Comment 27•24 years ago
|
||
Fixed. That seems to be the case. I just used a new yahoo email address and fake
name, and now it worked. Verisign apparently doesn't warn you that they aren't
going to give the same email address another cert.
Status: REOPENED → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
Reporter | ||
Updated•24 years ago
|
Status: RESOLVED → VERIFIED
Reporter | ||
Comment 28•24 years ago
|
||
Verified.
Reporter | ||
Comment 29•23 years ago
|
||
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.1
Reporter | ||
Comment 30•23 years ago
|
||
Mass changing Security:Crypto to PSM
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•