Closed Bug 495357 Opened 15 years ago Closed 8 years ago

Update some documentation concerning SaveIntermediateCerts()

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla52
Tracking Flags:
Tracking Status
firefox52 --- fixed

People

(Reporter: wtc, Assigned: Cykesiopka)

Details

(Whiteboard: [psm-logic][psm-assigned])

Attachments

(1 file, 3 obsolete files)

bug495357_update-SaveIntermediateCerts()-docs_v3.patch
3.47 KB, patch
Cykesiopka
: review+
Details | Diff | Splinter Review 
The code in question was originally added in bug 100215 and
later modified in bug 399045.

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp&rev=1.73&mark=960-962,982-1019#953

There are three problems:

1. The patch in bug 399045 changed PSM to remember the intermediate
CA certs in the permanent db, but it didn't update the comments, so
we have some stale comments that still refer to the "temp db".

2. The code also remembers root CA certs even though the intention
(according the the comments) is to remember only the intermediate
CA certs.

3. With the patch in bug 399045, I believe nsNSSComponent::RememberCert
and the hashTableCerts hashtable are now dead code.

The attached patch fixes problems 1 and 2.  Please improve the comments
I wrote about why we want to remember the intermediate CA certs in the
permanent db.
Attachment #380314 - Flags: review?(kaie)
Assignee: kaie → nobody
Whiteboard: [psm-logic]
Attached patch merged patch (obsolete) — Splinter Review 

    
    

    
  
Comment on attachment 652024 [details] [diff] [review]
merged patch

Wan-Teh,

I'm OK with your patch (do not remember root certs), r=kaie

But I'm worried that Brian will probably argue that this patch should be rejected because it doesn't come with a test? :)

        Attachment #652024 -
        Flags: review+

    
    

    
  


  
Leaving reviewer undefined.
I'm just cleaning up my old review requests, I don't want to work on this further.

        Attachment #652025 -
        Flags: review?

    
  

        Attachment #380314 -
        Flags: review?(kaie)

        Attachment #652025 -
        Flags: review?
Whiteboard: [psm-logic] → [psm-logic][psm-cleanup]

    
    

    
  
Problem 3 was addressed in Bug 879135:
https://hg.mozilla.org/mozilla-central/rev/3c033a95ef26#l1.159

So we only need to care about updating the documentation now.
Assignee: nobody → cykesiopka.bmo
Status: NEW → ASSIGNED
Priority: -- → P1
Summary: The code in AuthCertificateCallback that remembers intermediate CA certs has some minor problems → Update some documentation concerning SaveIntermediateCerts()
Whiteboard: [psm-logic][psm-cleanup] → [psm-logic][psm-assigned]

    
    

    
  
Oops, forgot to mention Problem 2 was addressed in Bug 1277240.

    
    

    
  


  
This is an updated patch for problem 1.

        Attachment #380314 -
        Attachment is obsolete: true

        Attachment #652024 -
        Attachment is obsolete: true

        Attachment #652025 -
        Attachment is obsolete: true

        Attachment #8800039 -
        Flags: review+

    
    

    
  
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/5efc720972a9
Update some documentation concerning SaveIntermediateCerts(). r=kaie,me
Keywords: checkin-needed

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/5efc720972a9
Status: ASSIGNED → RESOLVED
Closed: 8 years ago

          status-firefox52:
          --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: