Closed
Bug 658625
Opened 13 years ago
Closed 3 years ago
Signed JARs don't work under Electrolysis
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
Tracking | Status | |
---|---|---|
firefox5 | - | wontfix |
firefox6 | - | --- |
blocking2.0 | --- | ? |
status2.0 | --- | wanted |
status1.9.2 | --- | unaffected |
status1.9.1 | --- | unaffected |
People
(Reporter: mrbkap, Unassigned)
References
()
Details
(Keywords: regression)
+++ This bug was initially created as a clone of Bug #657267 +++ The test for bug 657267 passes everywhere but on Maemo QT (and possibly Android). I suspect this is a Maemo problem, but I don't have anything to back up my assertion other than that it passes everywhere else. I'm also not entirely sure how to test it. In the interests of my sanity, I've disabled the test only on Maemo. romaxa, can you help out?
Reporter | ||
Updated•13 years ago
|
Summary: Investigate why the test for bug fails on Maemo → Investigate why the test for bug 657267 fails on Maemo
Comment 1•13 years ago
|
||
Is this a content-process versus no-content-process problem?
Comment 2•13 years ago
|
||
I tested my original testcase for bug 657267 on Android, too, and it didn't work there. Neither does http://www.mozilla.org/projects/security/components/signed-script-example.html . It seems like on Android, calling enablePrivilege is only allowed if signed.applets.codebase_principal_support is true (but then it's allowed on every page, of course, and you don't need a sigend jar). I couldn't find out why, though.
Reporter | ||
Comment 3•13 years ago
|
||
I've now also disabled the test on Android. This is a content-process versus no-content-process problem: NSS is only allowed to be initialized in the chrome process. It appears that when we run into a signed jar, we attempt to initialize NSS on the content process in order to do the signature verification. NSS refuses to be initialized on the content process, and our fallback is to unzip the jar anyway and treat it as an unsigned jar, causing my test to fail.
Comment 4•13 years ago
|
||
I see this disabled for maemo: http://mxr.mozilla.org/mozilla-central/source/js/src/xpconnect/tests/mochitest/Makefile.in#96 it looks like this test is not run on Aurora tests (at least for Android), but for current mozilla-central on android. can we disable it for android as well? I think we just need a check for 'ANDROID': http://mxr.mozilla.org/mozilla-central/source/nsprpub/configure#888
Reporter | ||
Comment 5•13 years ago
|
||
I checked in that fix here: <http://hg.mozilla.org/tracemonkey/rev/259c61798455>. It's waiting on a merge to mozilla-central or a kind soul to merge it over sooner than that.
Updated•13 years ago
|
Whiteboard: [sg:nse] keep hidden until bug 657267 unhidden
Reporter | ||
Updated•13 years ago
|
Summary: Investigate why the test for bug 657267 fails on Maemo → Signed JARs don't work under Electrolysis
Updated•13 years ago
|
Updated•13 years ago
|
Updated•13 years ago
|
Updated•9 years ago
|
Comment 6•9 years ago
|
||
We currently allow content-process NSS for WebRTC (which wasn't around when comment #3 was written, I don't think), but we may not want that to be an example that anything else follows.
Comment 7•3 years ago
|
||
Jed, is this issue with the failing of the test on Maemo QT (and possibly Android) still happening? Can this report be closed?
Flags: needinfo?(jld)
Comment 8•3 years ago
|
||
The Maemo port no longer exists, and I believe the Android port referenced in comment #0 was removed in favor of a different approach to supporting Android. However, every platform now uses e10s, so if this were still an issue I assume we'd have reports about it.
Status: NEW → RESOLVED
Closed: 3 years ago
Flags: needinfo?(jld)
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•