Closed Bug 77701 Opened 23 years ago Closed 23 years ago

mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]

Categories

(Core Graveyard :: Security: UI, defect, P1)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.0

People

(Reporter: pml, Assigned: bugz)

References

(
URL
)

Details

(Keywords: crash, topcrash)

Crash Data

Attachments

(3 files)

the Broken Dialog has to be fixed, too
19.29 KB, image/jpeg
Details
patch to work around NSS bug
1.81 KB, patch
Details | Diff | Splinter Review
rev 2, r=javi
1.76 KB, patch
Details | Diff | Splinter Review 
I'm sure this would have been reported already, but can't find any bugs.

I have signed my own certificates for a secure admin site I have.

On first-time visit to an https site, moz correctly warns me that the
certificate presented is not signed by a CA known to it. There is a button to
'Examine the certificate".
Clicking on this crashes mozilla.

You can, of course, bypass this by accepting the certificate and continuing, but
most people will want to examine the certificate.

A crash can also be reproduced by trying to view the certificate under
Preferences->Privacy/Security->Manage Certificates->Web page certificates.

This has been happening ever since PSM 2 landed.

I'm not able to see if this happens with certificates signed by known CAs since
the lock symbol doesnt respond to double-clicks as it did before. Known CA sites
certificates arent added to the 'Manage certificates' section under preferences,
so you cant get to them that way either.
Reporter do you have the talkback id from the crash? and/or a stacktrace? Thanks
in advance.
Severity: normal → critical
Keywords: crash
I'm seeing this crash "A crash can also be reproduced by trying to view the 
certificate under Preferences-> Privacy/Security-> Manage Certificates-> Web 
page certificates."

I'm not seeing this crash - 'Examine the certificate". 

Could your self-signed cert be missing the Organization name as documented in 
Bug 76035 - "Crashes if server cert is missing Organization"

If the above is true, I would like to mark this bug a dupe of Bug 77567.
Status: UNCONFIRMED → NEW
Ever confirmed: true
There are a series of fixes along these lines which should get checked in no
later than 5/3/2001 (I hope).

Please try again after this date and report your progress.
Target Milestone: --- → 2.0
Keyser: I will get a stacktrace to you shortly. Just getting a talkback build to
make your life easier.

Junruh: There is an organization in my self-signed cert:

[pluto:ssl.crt]# openssl  x509 -noout -text -in server.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Certificate
Authority, CN=admin.key.co.za/Email=peter@key.co.za
        Validity
            Not Before: Jul 20 03:14:19 2000 GMT
            Not After : Jul 20 03:14:19 2001 GMT
        Subject: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Security,
CN=admin.key.co.za/Email=peter@key.co.za
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
 <--snip snip-->

IE 5 reports the details as follows:

E = peter@key.co.za
CN = admin.key.co.za
OU = Certificate Authority
O = Key Web Hosting
L = JHB
S = Gauteng
C = ZA

Btw, the url is https://admin.key.co.za
Keyser: talkback ID TB2976984M
That talkback ID was generated after crash caused by clicking on "Examine the
certificate" on the initial Unknown CA prompting.
That talkback id doesnt exist can you crash it again for us and generate another
one? :) thanks in advance.
*** Bug 78169 has been marked as a duplicate of this bug. ***
keyser: sorry, typo. it's talkback ID: TB29769847M


Another talkback ID generated: TB29856017Y
Note: This certificate contains a comment - "mod_ssl generated custom server 
certificate"
URL: https://admin.key.co.za
Priority: -- → P1
Is this the same bug as #76316?
*** Bug 76316 has been marked as a duplicate of this bug. ***
*** Bug 79367 has been marked as a duplicate of this bug. ***
*** Bug 79038 has been marked as a duplicate of this bug. ***
*** Bug 79514 has been marked as a duplicate of this bug. ***
In the crash I'm seing, I strongly think that my CommunigatePro server
has no certificate at all.
*** Bug 77567 has been marked as a duplicate of this bug. ***
*** Bug 77933 has been marked as a duplicate of this bug. ***
*** Bug 78671 has been marked as a duplicate of this bug. ***
Adding beta stopper keyword.
Keywords: mozilla0.9.1
OS: Windows 2000 → All
Hardware: PC → All
this is an NSS bug that PSM will have to work around for now.
Assignee: ddrinan → mcgreer
This bug is a topcrasher for M09, added topcrash keyword.  
Added [@ SECITEM_CompareItem() ] for tracking.  

Here are some URLs & Comments that might help repro this crash:

     (30145079) URL: http://www.hotmail.com
     (30143180) URL: https://mail.centrum.cz/
     (30143180) Comments: immidiate fall-down on https certificate
     (30140803) Comments: Yup
     (30140785) Comments: Connecting to an apache 1.3.19 server with mod_ssl 
2.8.2
     (30140369) Comments: After requesting the site http://www.epost.de/
     (30140164) Comments: Mozilla asks me to examine a site certificate. when i 
clicked ok the browsercrashed
     (30133533) URL: http://hive.lycaeum.org
     (30133533) Comments: site has a security certificate which is self-signed. 
a warning box pops up; attempting to
dismiss the box causes it to reappear.clicking the "examine certificate" button 
causes mozilla to die.this problem
was not observed with 0.8.1.
     (30130273) Comments: Tried to view a certificate that was reported to not 
match the site (personal server so no
URL for you).  The certificate did not match the URL.  Clicking on the examine 
button dumps browser with no error
reported.
     (30129790) URL: http://www.austinlug.org/mailman
     (30129790) Comments: SSL key is in the future - bombed when I clicked 
"Examine Certificate"

Here is a recent stack trace:

Incident ID 30145079 
SECITEM_CompareItem() 
CERT_GetCertChainFromCert() 
nsNSSCertificate::GetChain() 
XPTC_InvokeByIndex() 
nsXPCWrappedNativeClass::CallWrappedMethod() 
WrappedNative_CallMethod() 
js_Invoke() 
js_Interpret() 
js_Invoke() 
js_InternalInvoke() 
JS_CallFunctionValue() 
nsJSContext::CallEventHandler() 
nsJSEventListener::HandleEvent() 
nsEventListenerManager::HandleEventSubType() 
nsEventListenerManager::HandleEvent() 
GlobalWindowImpl::HandleDOMEvent() 
DocumentViewerImpl::LoadComplete() 
nsDocShell::EndPageLoad() 
nsWebShell::EndPageLoad() 
nsDocShell::OnStateChange() 
nsWebShell::OnStateChange() 
nsDocLoaderImpl::FireOnStateChange() 
nsDocLoaderImpl::doStopDocumentLoad() 
nsDocLoaderImpl::DocLoaderIsEmpty() 
nsDocLoaderImpl::OnStopRequest() 
nsLoadGroup::RemoveRequest() 
nsJARChannel::OnStopRequest() 
nsOnStopRequestEvent::HandleEvent() 
nsARequestObserverEvent::HandlePLEvent() 
PL_HandleEvent() 
PL_ProcessPendingEvents() 
nsEventQueueImpl::ProcessPendingEvents() 
event_processor_callback() 
our_gdk_io_invoke() 
libglib-1.2.so.0 + 0xf340 (0x40701340) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x112ca (0x407032ca) 
nsAppShell::DispatchNativeEvent() 
nsXULWindow::ShowModal() 
nsWebShellWindow::ShowModal() 
nsContentTreeOwner::ShowAsModal() 
nsWindowWatcher::OpenWindowJS() 
nsWindowWatcher::OpenWindow() 
nsNSSDialogHelper::openDialog() 
nsNSSDialogs::ViewCert() 
nsNSSCertificate::View() 
XPTC_InvokeByIndex() 
nsXPCWrappedNativeClass::CallWrappedMethod() 
WrappedNative_CallMethod() 
js_Invoke() 
js_Interpret() 
js_Invoke() 
js_InternalInvoke() 
JS_CallFunctionValue() 
nsJSContext::CallEventHandler() 
nsJSEventListener::HandleEvent() 
nsEventListenerManager::HandleEventSubType() 
nsEventListenerManager::HandleEvent() 
nsXULElement::HandleDOMEvent() 
PresShell::HandleEventInternal() 
PresShell::HandleEventWithTarget() 
nsEventStateManager::CheckForAndDispatchClick() 
nsEventStateManager::PostHandleEvent() 
PresShell::HandleEventInternal() 
PresShell::HandleEvent() 
nsView::HandleEvent() 
nsViewManager::DispatchEvent() 
HandleEvent() 
nsWidget::DispatchEvent() 
nsWidget::DispatchWindowEvent() 
nsWidget::DispatchMouseEvent() 
nsWidget::OnButtonReleaseSignal() 
nsWindow::HandleGDKEvent() 
dispatch_superwin_event() 
handle_gdk_event() 
libgdk-1.2.so.0 + 0x179c4 (0x406d19c4) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x112ca (0x407032ca) 
nsAppShell::DispatchNativeEvent() 
nsXULWindow::ShowModal() 
nsWebShellWindow::ShowModal() 
nsContentTreeOwner::ShowAsModal() 
nsWindowWatcher::OpenWindowJS() 
nsWindowWatcher::OpenWindow() 
nsNSSDialogHelper::openDialog() 
nsNSSDialogs::UnknownIssuer() 
XPTC_InvokeByIndex() 
EventHandler() 
PL_HandleEvent() 
PL_ProcessPendingEvents() 
nsEventQueueImpl::ProcessPendingEvents() 
event_processor_callback() 
our_gdk_io_invoke() 
libglib-1.2.so.0 + 0xf340 (0x40701340) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x113cc (0x407033cc) 
libgtk-1.2.so.0 + 0x9300c (0x4061f00c)
Keywords: topcrash
Summary: mozilla crash on Examining Unknown CA certificate → mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ]
*** Bug 79857 has been marked as a duplicate of this bug. ***
Adding Trunk to summary, as this is also showing up in the latest Trunk topcrash 
reports also.
Summary: mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ] → mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]

    
    

    
  
Since you've #ifdef'd the offending code out, I think you should have a
corresponding #else for the new code.  So that when the bug is fixed, it's just
a matter of adding a -D to the compile to test.

After that, r=javi

    
    

    
  

      
      
      
      

        Attached patch
          
          
        rev 2, r=javiSplinter Review
      

    


  

    
    

    
  
sr=blizzard

    
    

    
  
fix checked in.

john, can you verify in tomorrow's builds?

    
    

    
  
Fixed in the 5/16 WinNT Netscape 6 build.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
Verified fixed.
Status: RESOLVED → VERIFIED

    
    

    
  
*** Bug 84288 has been marked as a duplicate of this bug. ***

    
  
Product: PSM → Core

    
  
Version: psm2.0 → 1.0 Branch
Crash Signature: [@ SECITEM_CompareItem]
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: