Closed
Bug 489880
Opened 15 years ago
Closed 14 years ago
Firefox must be force quit when FIPS is enabled and exiting Private Browsing
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: marcia, Unassigned)
References
Details
Seen while running Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b4pre) Gecko/20090423 Shiretoko/3.5b4pre. Not sure if this is the correct component to file this bug STR: 1. Enable a Master Password 2. Enable FIPS 3. Enter Private Browsing mode. 4. While in PB mode, close the browser Result: You get a master password on dialog, and you must force quit Firefox to exit since it beachballs right after the dialog comes up.
Comment 1•15 years ago
|
||
Could this be because of bug 463256? Resetting the [on|off]line setting for ssl may require re-entering the password, which gets to this very strange situation...
Comment 2•15 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2a1pre) Gecko/20090423 Minefield/3.6a1pre Then again, I couldn't reproduce this on WIndows. I do get a new master password when I enter/exit pb mode if the session to be restored is one that requires it (i.e. my gmail page). When I shutdown firefox I don't get the master password dialog as the session is not restored until I restart firefox...
Reporter | ||
Comment 3•15 years ago
|
||
I tried reproducing this on the latest Win Vista nightly and I could not reproduce it either. The only other thing I forgot to add in Comment 0 was the fact I do have a certificate installed (Thawte).
Comment 4•15 years ago
|
||
Forgive my ignorance here, but would someone please explain what FIPS is? Google lead me to <http://en.wikipedia.org/wiki/Federal_Information_Processing_Standard> which I'm not sure is the correct explanation...
Comment 5•15 years ago
|
||
Try http://en.wikipedia.org/wiki/FIPS_140
Comment 6•15 years ago
|
||
Marcia, could you please try to reproduce this with the latest trunk nightly, now that bug 496335 has been fixed?
Comment 7•15 years ago
|
||
(In reply to comment #5) > Try http://en.wikipedia.org/wiki/FIPS_140 Thanks for the link. I followed it to <http://www.mozilla.org/projects/security/pki/nss/fips/> as well, but still I'm not sure what this exactly means in context of Mozilla/NSS? Do I need a special hardware component in order to enable FIPS? How would Mozilla behave differently with FIPS enabled?
Comment 8•15 years ago
|
||
Ehsan, Your comment 7 tells me that we need a findable resource (web page) that answers questions such as "what the heck is FIPS mode?". :) I would be willing to help provide content for such a page, but I honestly don't know where to put it (which site? where?) We may already have one, for all I know. I found some that explain how to enable/disable it, but none that really explain what it is or why you would use it. http://www.mozilla.org/projects/security/pki/psm/help_21/using_certs_help.html#using_certs_devices_fips http://support.mozilla.com/en-US/kb/Configuring+Firefox+for+FIPS+140-2
![]() |
||
Updated•15 years ago
|
blocking1.9.1: ? → ---
Comment 9•15 years ago
|
||
I created a new wiki web page about FIPS and FIPS Mode. https://developer.mozilla.org/FIPS_Mode_-_an_explanation Please post follow up discussion in mozilla.dev.tech.crypto Thanks
Comment 10•15 years ago
|
||
(In reply to comment #9) > I created a new wiki web page about FIPS and FIPS Mode. > https://developer.mozilla.org/FIPS_Mode_-_an_explanation > Please post follow up discussion in mozilla.dev.tech.crypto > Thanks Thanks for the content! Why not put it up on SUMO as well, since there's where most users would expect to find this info?
Comment 11•15 years ago
|
||
Putting stuff on sumo is far too painful for mere mortals. I learned that by doing the page http://support.mozilla.com/en-US/kb/Configuring+Firefox+for+FIPS+140-2 I can commit into any Mozilla source tree, but I can't update SUMO. :( If some full time SUMO staff wants to do it, be my guest.
Comment 12•15 years ago
|
||
Not sure how common this problem is on SUMO or how often it's being searched for. Cheng, any insights to share?
Comment 13•15 years ago
|
||
I have 1 forum thread since 2009-01-01 asking for FIPS and 11 with excess master password requests where FIPS is a possible cause. Nothing about Private Browsing hanging on exit, nothing about FIPS + Private Browsing.
Comment 14•15 years ago
|
||
Thanks Cheng. Doesn't sound like we need this in the KB then.
Comment 15•15 years ago
|
||
1390 searches in 2009 with the word fips (compare to 7,140,000 searches total). About 1/3rd of the searches are for some variant of the "please enter your FIPS master password" message. Again nothing in this list that suggests that hanging on exit is common. It sounds like an edge case that doesn't need to be in the KB.
Comment 16•15 years ago
|
||
Well, private browsing is a brand new feature in FF 3.5 right? So, one would not expect there to be messages about in in January of this year.
Comment 17•15 years ago
|
||
FIPS isn't new though. It's more of an indication of how many users are coming to SUMO needing help with FIPS.
Comment 18•15 years ago
|
||
I'm guessing that based on comment 1, this should be fixed now that bug 496335 is fixed. Marcia, could you please try to reproduce this again?
Keywords: qawanted
Comment 19•15 years ago
|
||
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 GTB6 I cannot reproduce with the above build. If someone can reproduce, please provide more detailed steps, including URLs visited, etc. I run in FIPS mode, so if the steps require a fresh profile, please post that info also.
Comment 20•14 years ago
|
||
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b8) Gecko/20100101 Firefox/4.0b8 Works for me on the above build. In any case, I think a bug like this warrants a testcase in Litmus. Resolving WORKSFORME. Testcase will be created shortly.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
Comment 21•14 years ago
|
||
Litmus testcase added: https://litmus.mozilla.org/show_test.cgi?id=15025
Flags: in-litmus+
Keywords: qawanted
You need to log in
before you can comment on or make changes to this bug.
Description
•