Closed
Bug 77701
Opened 23 years ago
Closed 23 years ago
mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]
Categories
(Core Graveyard :: Security: UI, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.0
People
(Reporter: pml, Assigned: bugz)
References
()
Details
(Keywords: crash, topcrash)
Crash Data
Attachments
(3 files)
19.29 KB,
image/jpeg
|
Details | |
1.81 KB,
patch
|
Details | Diff | Splinter Review | |
1.76 KB,
patch
|
Details | Diff | Splinter Review |
I'm sure this would have been reported already, but can't find any bugs. I have signed my own certificates for a secure admin site I have. On first-time visit to an https site, moz correctly warns me that the certificate presented is not signed by a CA known to it. There is a button to 'Examine the certificate". Clicking on this crashes mozilla. You can, of course, bypass this by accepting the certificate and continuing, but most people will want to examine the certificate. A crash can also be reproduced by trying to view the certificate under Preferences->Privacy/Security->Manage Certificates->Web page certificates. This has been happening ever since PSM 2 landed. I'm not able to see if this happens with certificates signed by known CAs since the lock symbol doesnt respond to double-clicks as it did before. Known CA sites certificates arent added to the 'Manage certificates' section under preferences, so you cant get to them that way either.
Comment 1•23 years ago
|
||
Reporter do you have the talkback id from the crash? and/or a stacktrace? Thanks in advance.
Severity: normal → critical
Keywords: crash
Comment 2•23 years ago
|
||
I'm seeing this crash "A crash can also be reproduced by trying to view the certificate under Preferences-> Privacy/Security-> Manage Certificates-> Web page certificates." I'm not seeing this crash - 'Examine the certificate". Could your self-signed cert be missing the Organization name as documented in Bug 76035 - "Crashes if server cert is missing Organization" If the above is true, I would like to mark this bug a dupe of Bug 77567.
Status: UNCONFIRMED → NEW
Ever confirmed: true
There are a series of fixes along these lines which should get checked in no later than 5/3/2001 (I hope). Please try again after this date and report your progress.
Target Milestone: --- → 2.0
Reporter | ||
Comment 4•23 years ago
|
||
Keyser: I will get a stacktrace to you shortly. Just getting a talkback build to make your life easier. Junruh: There is an organization in my self-signed cert: [pluto:ssl.crt]# openssl x509 -noout -text -in server.crt Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Certificate Authority, CN=admin.key.co.za/Email=peter@key.co.za Validity Not Before: Jul 20 03:14:19 2000 GMT Not After : Jul 20 03:14:19 2001 GMT Subject: C=ZA, ST=Gauteng, L=JHB, O=Key Web Hosting, OU=Security, CN=admin.key.co.za/Email=peter@key.co.za Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): <--snip snip--> IE 5 reports the details as follows: E = peter@key.co.za CN = admin.key.co.za OU = Certificate Authority O = Key Web Hosting L = JHB S = Gauteng C = ZA
Reporter | ||
Comment 5•23 years ago
|
||
Btw, the url is https://admin.key.co.za
Reporter | ||
Comment 6•23 years ago
|
||
Keyser: talkback ID TB2976984M
Reporter | ||
Comment 7•23 years ago
|
||
That talkback ID was generated after crash caused by clicking on "Examine the certificate" on the initial Unknown CA prompting.
Comment 8•23 years ago
|
||
That talkback id doesnt exist can you crash it again for us and generate another one? :) thanks in advance.
Reporter | ||
Comment 10•23 years ago
|
||
keyser: sorry, typo. it's talkback ID: TB29769847M
Reporter | ||
Comment 11•23 years ago
|
||
Another talkback ID generated: TB29856017Y
Comment 12•23 years ago
|
||
Note: This certificate contains a comment - "mod_ssl generated custom server certificate"
Comment 13•23 years ago
|
||
Is this the same bug as #76316?
Comment 14•23 years ago
|
||
*** Bug 76316 has been marked as a duplicate of this bug. ***
Comment 15•23 years ago
|
||
*** Bug 79367 has been marked as a duplicate of this bug. ***
Comment 16•23 years ago
|
||
*** Bug 79038 has been marked as a duplicate of this bug. ***
Comment 17•23 years ago
|
||
*** Bug 79514 has been marked as a duplicate of this bug. ***
Comment 18•23 years ago
|
||
Comment 19•23 years ago
|
||
In the crash I'm seing, I strongly think that my CommunigatePro server has no certificate at all.
Comment 20•23 years ago
|
||
*** Bug 77567 has been marked as a duplicate of this bug. ***
Comment 21•23 years ago
|
||
*** Bug 77933 has been marked as a duplicate of this bug. ***
Comment 22•23 years ago
|
||
*** Bug 78671 has been marked as a duplicate of this bug. ***
Comment 23•23 years ago
|
||
Adding beta stopper keyword.
Assignee | ||
Comment 24•23 years ago
|
||
this is an NSS bug that PSM will have to work around for now.
Assignee: ddrinan → mcgreer
Comment 25•23 years ago
|
||
This bug is a topcrasher for M09, added topcrash keyword. Added [@ SECITEM_CompareItem() ] for tracking. Here are some URLs & Comments that might help repro this crash: (30145079) URL: http://www.hotmail.com (30143180) URL: https://mail.centrum.cz/ (30143180) Comments: immidiate fall-down on https certificate (30140803) Comments: Yup (30140785) Comments: Connecting to an apache 1.3.19 server with mod_ssl 2.8.2 (30140369) Comments: After requesting the site http://www.epost.de/ (30140164) Comments: Mozilla asks me to examine a site certificate. when i clicked ok the browsercrashed (30133533) URL: http://hive.lycaeum.org (30133533) Comments: site has a security certificate which is self-signed. a warning box pops up; attempting to dismiss the box causes it to reappear.clicking the "examine certificate" button causes mozilla to die.this problem was not observed with 0.8.1. (30130273) Comments: Tried to view a certificate that was reported to not match the site (personal server so no URL for you). The certificate did not match the URL. Clicking on the examine button dumps browser with no error reported. (30129790) URL: http://www.austinlug.org/mailman (30129790) Comments: SSL key is in the future - bombed when I clicked "Examine Certificate" Here is a recent stack trace: Incident ID 30145079 SECITEM_CompareItem() CERT_GetCertChainFromCert() nsNSSCertificate::GetChain() XPTC_InvokeByIndex() nsXPCWrappedNativeClass::CallWrappedMethod() WrappedNative_CallMethod() js_Invoke() js_Interpret() js_Invoke() js_InternalInvoke() JS_CallFunctionValue() nsJSContext::CallEventHandler() nsJSEventListener::HandleEvent() nsEventListenerManager::HandleEventSubType() nsEventListenerManager::HandleEvent() GlobalWindowImpl::HandleDOMEvent() DocumentViewerImpl::LoadComplete() nsDocShell::EndPageLoad() nsWebShell::EndPageLoad() nsDocShell::OnStateChange() nsWebShell::OnStateChange() nsDocLoaderImpl::FireOnStateChange() nsDocLoaderImpl::doStopDocumentLoad() nsDocLoaderImpl::DocLoaderIsEmpty() nsDocLoaderImpl::OnStopRequest() nsLoadGroup::RemoveRequest() nsJARChannel::OnStopRequest() nsOnStopRequestEvent::HandleEvent() nsARequestObserverEvent::HandlePLEvent() PL_HandleEvent() PL_ProcessPendingEvents() nsEventQueueImpl::ProcessPendingEvents() event_processor_callback() our_gdk_io_invoke() libglib-1.2.so.0 + 0xf340 (0x40701340) libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) libglib-1.2.so.0 + 0x11203 (0x40703203) libglib-1.2.so.0 + 0x112ca (0x407032ca) nsAppShell::DispatchNativeEvent() nsXULWindow::ShowModal() nsWebShellWindow::ShowModal() nsContentTreeOwner::ShowAsModal() nsWindowWatcher::OpenWindowJS() nsWindowWatcher::OpenWindow() nsNSSDialogHelper::openDialog() nsNSSDialogs::ViewCert() nsNSSCertificate::View() XPTC_InvokeByIndex() nsXPCWrappedNativeClass::CallWrappedMethod() WrappedNative_CallMethod() js_Invoke() js_Interpret() js_Invoke() js_InternalInvoke() JS_CallFunctionValue() nsJSContext::CallEventHandler() nsJSEventListener::HandleEvent() nsEventListenerManager::HandleEventSubType() nsEventListenerManager::HandleEvent() nsXULElement::HandleDOMEvent() PresShell::HandleEventInternal() PresShell::HandleEventWithTarget() nsEventStateManager::CheckForAndDispatchClick() nsEventStateManager::PostHandleEvent() PresShell::HandleEventInternal() PresShell::HandleEvent() nsView::HandleEvent() nsViewManager::DispatchEvent() HandleEvent() nsWidget::DispatchEvent() nsWidget::DispatchWindowEvent() nsWidget::DispatchMouseEvent() nsWidget::OnButtonReleaseSignal() nsWindow::HandleGDKEvent() dispatch_superwin_event() handle_gdk_event() libgdk-1.2.so.0 + 0x179c4 (0x406d19c4) libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) libglib-1.2.so.0 + 0x11203 (0x40703203) libglib-1.2.so.0 + 0x112ca (0x407032ca) nsAppShell::DispatchNativeEvent() nsXULWindow::ShowModal() nsWebShellWindow::ShowModal() nsContentTreeOwner::ShowAsModal() nsWindowWatcher::OpenWindowJS() nsWindowWatcher::OpenWindow() nsNSSDialogHelper::openDialog() nsNSSDialogs::UnknownIssuer() XPTC_InvokeByIndex() EventHandler() PL_HandleEvent() PL_ProcessPendingEvents() nsEventQueueImpl::ProcessPendingEvents() event_processor_callback() our_gdk_io_invoke() libglib-1.2.so.0 + 0xf340 (0x40701340) libglib-1.2.so.0 + 0x10bd6 (0x40702bd6) libglib-1.2.so.0 + 0x11203 (0x40703203) libglib-1.2.so.0 + 0x113cc (0x407033cc) libgtk-1.2.so.0 + 0x9300c (0x4061f00c)
Keywords: topcrash
Summary: mozilla crash on Examining Unknown CA certificate → mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ]
Comment 26•23 years ago
|
||
*** Bug 79857 has been marked as a duplicate of this bug. ***
Comment 27•23 years ago
|
||
Adding Trunk to summary, as this is also showing up in the latest Trunk topcrash reports also.
Summary: mozilla crash on Examining Unknown CA certificate M09 crash [@ SECITEM_CompareItem() ] → mozilla crash on Examining Unknown CA certificate - M09 & Trunk crash [@ SECITEM_CompareItem]
Assignee | ||
Comment 28•23 years ago
|
||
Comment 29•23 years ago
|
||
Since you've #ifdef'd the offending code out, I think you should have a corresponding #else for the new code. So that when the bug is fixed, it's just a matter of adding a -D to the compile to test. After that, r=javi
Assignee | ||
Comment 30•23 years ago
|
||
Comment 31•23 years ago
|
||
sr=blizzard
Assignee | ||
Comment 32•23 years ago
|
||
fix checked in. john, can you verify in tomorrow's builds?
Comment 33•23 years ago
|
||
Fixed in the 5/16 WinNT Netscape 6 build.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Comment 35•23 years ago
|
||
*** Bug 84288 has been marked as a duplicate of this bug. ***
Updated•13 years ago
|
Crash Signature: [@ SECITEM_CompareItem]
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•