mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]

VERIFIED FIXED in psm2.0

Status

Core Graveyard
Security: UI
P1
critical
VERIFIED FIXED
17 years ago
a year ago

People

(Reporter: Peter Lockhart, Assigned: Ian McGreer)

Tracking

({crash, topcrash})

1.0 Branch
psm2.0
crash, topcrash

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

Attachments

(3 attachments)

(Reporter)

Description

17 years ago
I'm sure this would have been reported already, but can't find any bugs.

I have signed my own certificates for a secure admin site I have.

On first-time visit to an https site, moz correctly warns me that the
certificate presented is not signed by a CA known to it. There is a button to
'Examine the certificate".
Clicking on this crashes mozilla.

You can, of course, bypass this by accepting the certificate and continuing, but
most people will want to examine the certificate.

A crash can also be reproduced by trying to view the certificate under
Preferences->Privacy/Security->Manage Certificates->Web page certificates.

This has been happening ever since PSM 2 landed.

I'm not able to see if this happens with certificates signed by known CAs since
the lock symbol doesnt respond to double-clicks as it did before. Known CA sites
certificates arent added to the 'Manage certificates' section under preferences,
so you cant get to them that way either.

Comment 1

17 years ago
Reporter do you have the talkback id from the crash? and/or a stacktrace? Thanks
in advance.
Severity: normal → critical
Keywords: crash

Comment 2

17 years ago
I'm seeing this crash "A crash can also be reproduced by trying to view the 
certificate under Preferences-> Privacy/Security-> Manage Certificates-> Web 
page certificates."

I'm not seeing this crash - 'Examine the certificate". 

Could your self-signed cert be missing the Organization name as documented in 
Bug 76035 - "Crashes if server cert is missing Organization"

If the above is true, I would like to mark this bug a dupe of Bug 77567.
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 3

17 years ago
There are a series of fixes along these lines which should get checked in no
later than 5/3/2001 (I hope).

Please try again after this date and report your progress.
Target Milestone: --- → 2.0
(Reporter)

Comment 4

17 years ago
Keyser: I will get a stacktrace to you shortly. Just getting a talkback build to
make your life easier.

Junruh: There is an organization in my self-signed cert:

[pluto:ssl.crt]# openssl  x509 -noout -text -in server.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Certificate
Authority, CN=admin.key.co.za/Email=peter@key.co.za
        Validity
            Not Before: Jul 20 03:14:19 2000 GMT
            Not After : Jul 20 03:14:19 2001 GMT
        Subject: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Security,
CN=admin.key.co.za/Email=peter@key.co.za
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
 <--snip snip-->

IE 5 reports the details as follows:

E = peter@key.co.za
CN = admin.key.co.za
OU = Certificate Authority
O = Key Web Hosting
L = JHB
S = Gauteng
C = ZA
(Reporter)

Comment 5

17 years ago
Btw, the url is https://admin.key.co.za
(Reporter)

Comment 6

17 years ago
Keyser: talkback ID TB2976984M
(Reporter)

Comment 7

17 years ago
That talkback ID was generated after crash caused by clicking on "Examine the
certificate" on the initial Unknown CA prompting.

Comment 8

17 years ago
That talkback id doesnt exist can you crash it again for us and generate another
one? :) thanks in advance.

Comment 9

17 years ago
*** Bug 78169 has been marked as a duplicate of this bug. ***
(Reporter)

Comment 10

17 years ago
keyser: sorry, typo. it's talkback ID: TB29769847M

(Reporter)

Comment 11

17 years ago
Another talkback ID generated: TB29856017Y

Comment 12

17 years ago
Note: This certificate contains a comment - "mod_ssl generated custom server 
certificate"

Updated

17 years ago
Priority: -- → P1

Comment 13

17 years ago
Is this the same bug as #76316?

Comment 14

17 years ago
*** Bug 76316 has been marked as a duplicate of this bug. ***

Comment 15

17 years ago
*** Bug 79367 has been marked as a duplicate of this bug. ***

Comment 16

17 years ago
*** Bug 79038 has been marked as a duplicate of this bug. ***

Comment 17

17 years ago
*** Bug 79514 has been marked as a duplicate of this bug. ***

Comment 18

17 years ago
Created attachment 33564 [details]
the Broken Dialog has to be fixed, too

Comment 19

17 years ago
In the crash I'm seing, I strongly think that my CommunigatePro server
has no certificate at all.

Comment 20

17 years ago
*** Bug 77567 has been marked as a duplicate of this bug. ***

Comment 21

17 years ago
*** Bug 77933 has been marked as a duplicate of this bug. ***

Comment 22

17 years ago
*** Bug 78671 has been marked as a duplicate of this bug. ***

Comment 23

17 years ago
Adding beta stopper keyword.
Keywords: mozilla0.9.1
OS: Windows 2000 → All
Hardware: PC → All
(Assignee)

Comment 24

17 years ago
this is an NSS bug that PSM will have to work around for now.
Assignee: ddrinan → mcgreer

Comment 25

17 years ago
This bug is a topcrasher for M09, added topcrash keyword.  
Added [@ SECITEM_CompareItem() ] for tracking.  

Here are some URLs & Comments that might help repro this crash:

     (30145079) URL: http://www.hotmail.com
     (30143180) URL: https://mail.centrum.cz/
     (30143180) Comments: immidiate fall-down on https certificate
     (30140803) Comments: Yup
     (30140785) Comments: Connecting to an apache 1.3.19 server with mod_ssl 
2.8.2
     (30140369) Comments: After requesting the site http://www.epost.de/
     (30140164) Comments: Mozilla asks me to examine a site certificate. when i 
clicked ok the browsercrashed
     (30133533) URL: http://hive.lycaeum.org
     (30133533) Comments: site has a security certificate which is self-signed. 
a warning box pops up; attempting to
dismiss the box causes it to reappear.clicking the "examine certificate" button 
causes mozilla to die.this problem
was not observed with 0.8.1.
     (30130273) Comments: Tried to view a certificate that was reported to not 
match the site (personal server so no
URL for you).  The certificate did not match the URL.  Clicking on the examine 
button dumps browser with no error
reported.
     (30129790) URL: http://www.austinlug.org/mailman
     (30129790) Comments: SSL key is in the future - bombed when I clicked 
"Examine Certificate"

Here is a recent stack trace:

Incident ID 30145079 
SECITEM_CompareItem() 
CERT_GetCertChainFromCert() 
nsNSSCertificate::GetChain() 
XPTC_InvokeByIndex() 
nsXPCWrappedNativeClass::CallWrappedMethod() 
WrappedNative_CallMethod() 
js_Invoke() 
js_Interpret() 
js_Invoke() 
js_InternalInvoke() 
JS_CallFunctionValue() 
nsJSContext::CallEventHandler() 
nsJSEventListener::HandleEvent() 
nsEventListenerManager::HandleEventSubType() 
nsEventListenerManager::HandleEvent() 
GlobalWindowImpl::HandleDOMEvent() 
DocumentViewerImpl::LoadComplete() 
nsDocShell::EndPageLoad() 
nsWebShell::EndPageLoad() 
nsDocShell::OnStateChange() 
nsWebShell::OnStateChange() 
nsDocLoaderImpl::FireOnStateChange() 
nsDocLoaderImpl::doStopDocumentLoad() 
nsDocLoaderImpl::DocLoaderIsEmpty() 
nsDocLoaderImpl::OnStopRequest() 
nsLoadGroup::RemoveRequest() 
nsJARChannel::OnStopRequest() 
nsOnStopRequestEvent::HandleEvent() 
nsARequestObserverEvent::HandlePLEvent() 
PL_HandleEvent() 
PL_ProcessPendingEvents() 
nsEventQueueImpl::ProcessPendingEvents() 
event_processor_callback() 
our_gdk_io_invoke() 
libglib-1.2.so.0 + 0xf340 (0x40701340) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x112ca (0x407032ca) 
nsAppShell::DispatchNativeEvent() 
nsXULWindow::ShowModal() 
nsWebShellWindow::ShowModal() 
nsContentTreeOwner::ShowAsModal() 
nsWindowWatcher::OpenWindowJS() 
nsWindowWatcher::OpenWindow() 
nsNSSDialogHelper::openDialog() 
nsNSSDialogs::ViewCert() 
nsNSSCertificate::View() 
XPTC_InvokeByIndex() 
nsXPCWrappedNativeClass::CallWrappedMethod() 
WrappedNative_CallMethod() 
js_Invoke() 
js_Interpret() 
js_Invoke() 
js_InternalInvoke() 
JS_CallFunctionValue() 
nsJSContext::CallEventHandler() 
nsJSEventListener::HandleEvent() 
nsEventListenerManager::HandleEventSubType() 
nsEventListenerManager::HandleEvent() 
nsXULElement::HandleDOMEvent() 
PresShell::HandleEventInternal() 
PresShell::HandleEventWithTarget() 
nsEventStateManager::CheckForAndDispatchClick() 
nsEventStateManager::PostHandleEvent() 
PresShell::HandleEventInternal() 
PresShell::HandleEvent() 
nsView::HandleEvent() 
nsViewManager::DispatchEvent() 
HandleEvent() 
nsWidget::DispatchEvent() 
nsWidget::DispatchWindowEvent() 
nsWidget::DispatchMouseEvent() 
nsWidget::OnButtonReleaseSignal() 
nsWindow::HandleGDKEvent() 
dispatch_superwin_event() 
handle_gdk_event() 
libgdk-1.2.so.0 + 0x179c4 (0x406d19c4) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x112ca (0x407032ca) 
nsAppShell::DispatchNativeEvent() 
nsXULWindow::ShowModal() 
nsWebShellWindow::ShowModal() 
nsContentTreeOwner::ShowAsModal() 
nsWindowWatcher::OpenWindowJS() 
nsWindowWatcher::OpenWindow() 
nsNSSDialogHelper::openDialog() 
nsNSSDialogs::UnknownIssuer() 
XPTC_InvokeByIndex() 
EventHandler() 
PL_HandleEvent() 
PL_ProcessPendingEvents() 
nsEventQueueImpl::ProcessPendingEvents() 
event_processor_callback() 
our_gdk_io_invoke() 
libglib-1.2.so.0 + 0xf340 (0x40701340) 
libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) 
libglib-1.2.so.0 + 0x11203 (0x40703203) 
libglib-1.2.so.0 + 0x113cc (0x407033cc) 
libgtk-1.2.so.0 + 0x9300c (0x4061f00c) 
Keywords: topcrash
Summary: mozilla crash on Examining Unknown CA certificate → mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ]

Comment 26

17 years ago
*** Bug 79857 has been marked as a duplicate of this bug. ***

Comment 27

17 years ago
Adding Trunk to summary, as this is also showing up in the latest Trunk topcrash 
reports also.
Summary: mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ] → mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]
(Assignee)

Comment 28

17 years ago
Created attachment 34087 [details] [diff] [review]
patch to work around NSS bug

Comment 29

17 years ago
Since you've #ifdef'd the offending code out, I think you should have a
corresponding #else for the new code.  So that when the bug is fixed, it's just
a matter of adding a -D to the compile to test.

After that, r=javi
(Assignee)

Comment 30

17 years ago
Created attachment 34395 [details] [diff] [review]
rev 2, r=javi
sr=blizzard
(Assignee)

Comment 32

17 years ago
fix checked in.

john, can you verify in tomorrow's builds?

Comment 33

17 years ago
Fixed in the 5/16 WinNT Netscape 6 build.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED

Comment 34

17 years ago
Verified fixed.
Status: RESOLVED → VERIFIED

Comment 35

17 years ago
*** Bug 84288 has been marked as a duplicate of this bug. ***

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.0 → 1.0 Branch
Crash Signature: [@ SECITEM_CompareItem]
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.