Closed Bug 684668 Opened 13 years ago Closed 11 years ago

TestPilot verifies certificate chain on the main thread, thus blocking the main thread on IO

Tracking

(Not tracked)

Status:

RESOLVED WORKSFORME

People

(Reporter: briansmith, Unassigned)

References

Details

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Description

•

13 years ago

nsIX509Cert::verifyForUsage should never be called on the main thread, because it will block the calling thread until OCSP and/or CRL and/or AIA cert fetching is complete. I am planning to remove the scriptable verifyForUsage function for this reason. Also, AFAICT, the call to verifyForUsage should be unnecessary. If this code is trying to verify that the user didn't use a certificate error override, we can add the ablity to detect that to SSLStatus.

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Updated

•

13 years ago

Blocks: 685064

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Comment 1

•

11 years ago

Since Test Pilot was removed, this is no longer an issue.

Status: NEW → RESOLVED

Closed: 11 years ago

Depends on: 867445

Resolution: --- → WORKSFORME

Nobody; OK to take it and work on it

Assignee

Updated

•

9 years ago

Product: Mozilla Labs → Mozilla Labs Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

TestPilot verifies certificate chain on the main thread, thus blocking the main thread on IO

Categories

(Mozilla Labs Graveyard :: Test Pilot, defect)

Tracking

(Not tracked)

People

(Reporter: briansmith, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated