Closed Bug 81250 Opened 23 years ago Closed 23 years ago

No warning that CA cert already exists.

Categories

(Core Graveyard :: Security: UI, defect, P3)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.1

People

(Reporter: junruh, Assigned: rangansen)

References

(
URL
)

Details

(Whiteboard: possible regression/new bug)

Attachments

(7 files)

patch for bug# 81250
6.71 KB, patch
Details | Diff | Splinter Review
xul file
1.63 KB, text/plain
Details
java script file
870 bytes, text/plain
Details
updated patch - up tabs and replaced by spaces
6.73 KB, patch
Details | Diff | Splinter Review
patch
6.78 KB, patch
Details | Diff | Splinter Review
manager\pki\resources\content\cacertexists.js - WE SHOULD NOT MISS THIS WHEN APPLYING PATCH
869 bytes, text/plain
Details
security\manager\pki\resources\content\cacertexists.xul - WE SHOULD NOT MISS THIS WHEN APPLYING PATCH
1.63 KB, text/plain
Details 
1.) Visit the above URL (AOL access only)
2.) Import the CA chain.
3.) Click submit again.
What happens: I am shown the same dialog box as before.
What is expected: I should get a dialog box stating that the CA is already in 
the Cert Database.
URL changed to an external URL.
URL: https://junruh.mcom.com:444/GetCAChai...http://secure.globalsign.net/cacert/r...
Priority: -- → P3
Target Milestone --- -> 2.0.
Target Milestone: --- → 2.0
Mass reassigning target to 2.1
Target Milestone: 2.0 → 2.1
Keywords: nsenterprise
*** Bug 91392 has been marked as a duplicate of this bug. ***
->rangansen
Assignee: ddrinan → rangansen

    
    

    
  

      
      
      
      

        Attached file
          
        xul file
      

    


  

    
    

    
  

      
      
      
      

        Attached file
          
        java script file
      

    


  

    
    

    
  
Here is a suggested patch for the bug (attached above)
There are 2 new files :
mozilla\security\manager\pki\resources\content\cacertexists.xul
mozilla\security\manager\pki\resources\content\cacertexists.js

I have attached these separately from the patch.
David, Javier - please review.

    
  
Status: NEW → ASSIGNED

    
    

    
  
Moving all P3 and P4 bugs targetted to 2.1 to future.
Target Milestone: 2.1 → Future

    
    

    
  
removing nsenterprise keyword from PSM bugs with target milestone of future.
Keywords: nsenterprise

    
    

    
  
r=ddrinan.

    
    

    
  
sr=hewitt for the xul/js parts of the patch only.  You should have someone more
familiar with the psm c++ code sr that portion.

    
    

    
  
+      cert->GetRawDER((char **)&der.data, &der.len);

Is there any chance that this will fail and der will be used later uninitialized?

+
  //Added to check if cert exists
+
  if (tmpCert->isperm) 
+
  {
+         dialogs->CACertExists(ctx, &canceled);

There's still some funky tab and whitespace problems in there.

Other than that, sr=blizzard.

    
    

    
  
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer

    
    

    
  
Incorporating brizzard's suggestions. Also uploading the .js and the .xul files 
again, just to make sure that we do not miss them when we apply the patch ....

    
    

    
  

      
      
      
      

        Attached patch
          
          
        patchSplinter Review
      

    


  

    
  
Keywords: patch

    
    

    
  
Checked patch into cvs with Javi's help
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
I get the warning on:
 - MacOS91
 - MacOS_X
 - Win98SE
 - LinRH62

But when I remove the root.cacert from the Authorities db on Win98SE, and access
the url above again, I don't get the "There is a problem with the certificate"
dialogue, I get the "This Certificate already exists" dialogue.

Also, when I look for the GlobalSign root cacert, it doesn't exist in the Certs
db under the Authorities tab in the Certificate Manager.

    
  
Whiteboard: [ckritzer] possible regression/new bug

    
    

    
  
To me it looks like there is some problem with deleting these kind of
certificates. This might be another bug - though not directly related to this
one. Not very sure at this point - but shall look into this issue...

    
    

    
  
Possibly not a case of regression - looks like the trouble existed.
I checked this out with build of 08/02 - once I delete the GlobalSign Root CA
and try to import that again, it fails to do so - it does not show any warnings
[the warnings dialog was not added at that point of time] - but just does not
import the certificate. In fact, Globalsign Root CA is on of the special cases
where this happens...
I believe this is related to the way certificate deletion is handled ... I
suggest we open a separate bug on this issue

    
    

    
  
Change the target of bugs with state 'RESOLVED' and target 'Future' to target
'2.1' since they were fixed for the 2.1 release.
Target Milestone: Future → 2.1

    
    

    
  
Verified.
Status: RESOLVED → VERIFIED
QA Contact: ckritzer → junruh
Whiteboard: [ckritzer] possible regression/new bug → possible regression/new bug

    
  
Product: PSM → Core

    
  
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: