Closed Bug 528758 Opened 10 years ago Closed 10 years ago
FIPS mode broken in RC1 on Windows
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2b3pre) Gecko/20091114 Namoroka/3.6b3pre Firefox/3.6 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:126.96.36.199) Gecko/20091112 Thunderbird/3.0 I think this is the same issue as Firefox bug 521878. FIPS mode does not work because nssdbm3.dll is digitally signed. Reproducible: Always Steps to Reproduce: 1. Set a Master Password in Tools -> Options -> Security -> Passwords 2. Go to Options -> Advanced -> Certificates -> Security Devices 3. Press the Enable FIPS button. Actual Results: Nothing happens visibly, and this error appears in the Error Console: Error: uncaught exception: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIPKCS11ModuleDB.toggleFIPSMode]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: chrome://pippki/content/device_manager.js :: toggleFIPS :: line 545" data: no] Expected Results: The Enable FIPS mode button becomes disabled to indicate you are now in FIPS mode.
I did not find a litmus test for FIPS
gozer, this feels a bit like bug 521878 - what version of the release tools did we use for build/signing (I couldn't see it on the wiki).
Assignee: nobody → gozer
(In reply to comment #1) > I did not find a litmus test for FIPS Just added https://litmus.mozilla.org/show_test.cgi?id=9705 to cover this bug. I'd need to read more docs to add more. THe bug is WFM on Mac os X
Flags: in-litmus? → in-litmus+
(In reply to comment #3) > THe bug is WFM on Mac os X But I can't disable FIPS after enabling it.
(In reply to comment #3) > > I did not find a litmus test for FIPS > > Just added https://litmus.mozilla.org/show_test.cgi?id=9705 to cover this bug. > I'd need to read more docs to add more. > > THe bug is WFM on Mac os X Marcia wanted to add some FIPS tests to Litmus when those things have been fixed.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 509319
Huh, sorry. That's Thunderbird. :/ Reopening.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
(In reply to comment #2) > gozer, this feels a bit like bug 521878 - what version of the release tools did > we use for build/signing (I couldn't see it on the wiki). Most certainly must be it. Looking at the signing logs, I can see clearly that nssdbm3.dll was authenticode signed. The version of the release tools used for signing was the same one as for beta 4. The signing automation updates a bunch of things, except for itself, that it has to be done manually. I failed to do that, so we are indeed missing http://hg.mozilla.org/build/tools/rev/115349b92de8. This only affects Win32 binaries, and they could easily be re-signed from the unsigned files.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Just to note on OS X current nightly builds will crash when you try to enable the FIPS mode. That crash is covered by bug 503418.
Flags: blocking-thunderbird3? → blocking-thunderbird3+
Tagged hg.mozilla.org/build/tools tip as THUNDERBIRD_3_0rc1_RELEASE for build2 signinig.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago → 10 years ago
Resolution: --- → FIXED
Whiteboard: [fixed RC1 build 2]
Whiteboard: [fixed RC1 build 2] → [fixed RC1 build 2][fixedtb301]
This is in litmus, not currently planning on doing a testsuite for it.
You need to log in before you can comment on or make changes to this bug.