Closed Bug 76035 Opened 23 years ago Closed 23 years ago

Crashes if server cert is missing Organization Name.

Categories

(Core Graveyard :: Security: UI, defect, P2)

1.0 Branch
x86
Windows NT

Tracking

(Not tracked)

VERIFIED DUPLICATE of bug 84057
psm2.0

People

(Reporter: Biesinger, Assigned: javi)

Details

(Keywords: crash)

Attachments

(1 file)

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.8.1+)
Gecko/20010413
BuildID:    2001041320

When I try to connect to my server (apache-ssl from Debian/unstable; version 
1.3.19.1+1.42-1), Mozilla crashes trying to access memory at 0x0000004.

The server uses a self-signed certificate.

Unfortunately, I can't allow access to this server from the internet, as my ISP
forbids running servers.

Reproducible: Always
Steps to Reproduce:
1. Connect to my server

Actual Results:  Mozilla crashs

Expected Results:  Displayed the page.
Talkback ID #TB29094117Y
Confirming on windows Me 2001041309 (cvs)
crashes in pipnss.dll
Certificate:
Common Name (CN)          chello212186200128.wrn.surfer.at
Organization (O)          null
Organizational Unit (OU)  null
Subject Name              E=cbiesinger@web.de,
CN=chello212186200128.wrn.surfer.at, L=Wiener Neustadt, ST=Niederösterreich, C=AT
Issuer Name               E=cbiesinger@web.de,
CN=chello212186200128.wrn.surfer.at, L=Wiener Neustadt, ST=Niederösterreich, C=AT
Serial Number             00
RSA Public Modulus        not yet implemented
SHA1 Fingerprint         
43:6A:74:1D:95:CA:F0:B1:22:6A:6E:30:0C:1C:77:40:A5:D9:0A:E2
MD5 Fingerprint           0F:E6:50:91:66:4F:9D:6B:85:08:8F:FB:92:BF:6A:E7
The crash happens at CERT_GetNameElement. (security\nss\lib\certdb\alg1485.c 
line 790), because CERTName* name is NULL.
CERT_GetNameElement is called by CERT_GetOrgName, which is called by 
HandshakeCallback.

In HandshakeCallback, a call to CERT_AsciiToName(signer); returns a NULL 
Pointer, which is then given to CERT_GetOrgName. At no point the validity of 
this pointer is checked --> crash.

I guess the problem is the missing Organization Name.
Changing the summary. FYI: The iPlanet 4.2 web server will not let me request a 
cert from the CA unless I fill in the Organizationa name.
Severity: critical → major
Priority: -- → P2
Summary: Mozilla crashes when connecting to https URL → Crashes if server cert is missing Organization Name.
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0
junruh:
This certificate is _not_ requested from a CA.
It is a self-signed certificate.

I suppose most self-signed certificates don't include an organization, as
organizations usually request them from a CA.

Thus, PSM 2 efficiently prevents users from connecting to servers with
self-signed certificates.

Ok... maybe most certificates are not self-signed. Still, it would be nice if
Mozilla would not crash if it encountered such a certificate - why does it need
the organization, anyway?
Setting milestone to PSM 2.0. Reporter, I understand the bug, and Mozilla 
shouldn't crash if the Organization in a self-signed cert is null. I was just 
commenting that an iPlanet server cannot self-sign or request a cert from a CA 
without the Organization being specified. I am finding the same with a Redhat 
Apache Stronghold server and a Tinyssl server. 
Target Milestone: --- → 2.0
This works in Netscape 4
Keywords: 4xp
Assigning to javi.
Assignee: ddrinan → javi
Is there a URL I can connect to dbug this?  As junruh stated, this is
non-trivial for us to re-produce.
An URL for this may not be necessary if this is a dupe of bug 84057 or bug 
79414.
I've looked at the offending code and this is not a dup 85047 nor Bug 79414. 
This is a bug in the code that builds the string to display when the user mouses
over the lock icon and has nothing to do with viewing a cert in the cert viewer.

I've got a patch that I think will fix the bug, but need an URL to verify that
it works.
reporter: could you try the attached patch and let me know if it fixes the crash.
Upon further review, I believe this is a dup of a dup of Bug 84057 since the
dump of your cert has non ASCII characters.  Reporter, please try the patch
attached to Bug 84057 and let us know if it fixes the problem.
I'll have a look at the two patches you mentioned today or tomorrow.

Thanks for trying to fix this.
This seems like a dup since both have non-ASCII chars in issuer DN field.

If the patch to 84057 doesn't fix this bug, please re-open.

*** This bug has been marked as a duplicate of 84057 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Verified dupe.
Status: RESOLVED → VERIFIED
yes, this bug is fixed now in 2001061204
Product: PSM → Core
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: