Closed Bug 842064 Opened 13 years ago Closed 13 years ago

Build bustage caused by expired certificates in test_signed_apps.js

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla21
Tracking Flags:
Tracking Status
firefox19 --- fixed
firefox20 --- fixed
firefox21 --- fixed
firefox-esr17 --- unaffected
b2g18 --- fixed
b2g18-v1.0.0 --- wontfix
b2g18-v1.0.1 --- fixed

People

(Reporter: briansmith, Assigned: briansmith)

Details

Attachments

(1 file)

Make test certs expire in 40 years
12.76 KB, patch
rrelyea
: review+
briansmith
: checkin+
Details | Diff | Splinter Review
No description provided.
I changed the script that generates the certs to make them valid for 40 years. We should all be retired by that point and then it will be somebody else's problem for sure. I am going to check this in before it is reviewed because xpcshell is broken in tbpl now because of this bug.
Attachment #714816 - Flags: review?(rrelyea)
Attachment #714816 - Flags: checkin+
(In reply to Brian Smith (:bsmith) from comment #1) > I changed the script that generates the certs to make them valid for 40 > years. We should all be retired by that point and then it will be somebody > else's problem for sure. Have you ever thought about running for Congress? :)
Comment on attachment 714816 [details] [diff] [review] Make test certs expire in 40 years Review of attachment 714816 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/manager/ssl/tests/unit/test_signed_apps/generate.sh @@ -75,5 @@ > sign_app_with_new_cert trusted $srcdir/unsigned.zip $srcdir/valid.zip > sign_app_with_new_cert untrusted $srcdir/unsigned.zip $srcdir/unknown_issuer.zip > certutil -d $tmpdir/trusted -f $passwordfile -L -n ca1 -r -o $srcdir/trusted_ca1.der > - > -rm -Rf $tmpdir Surely you didn't mean to check this part in?
https://hg.mozilla.org/integration/mozilla-inbound/rev/fd897af2dd47 https://hg.mozilla.org/mozilla-central/rev/ff193fc3dc7d https://hg.mozilla.org/releases/mozilla-aurora/rev/b9d8e56a0a96 https://hg.mozilla.org/releases/mozilla-beta/rev/eaebe0a84886 https://hg.mozilla.org/releases/mozilla-release/rev/e0075e80f2f6 https://hg.mozilla.org/releases/mozilla-b2g18/rev/1afaccd266ec https://hg.mozilla.org/releases/mozilla-b2g18_v1_0_1/rev/059a7e0badf7 Skipped b2g-1.0.0 since I was told on IRC it was closed. I pushed to mozilla-beta after getting confirmation that all was OK, but then philor told me right after I did that push that I shouldn't have done it. I saw the comment on mozilla-release that said that only merged should be done on that tree but not sure of what all is involved and I'd already got approval to land the patch there too. Feel free to point out what I should have done differently.
(In reply to Nathan Froyd (:froydnj) from comment #3) > Surely you didn't mean to check this part in? I didn't really intend to check that part in. But, no harm, no foul. I will fix that part on Tuesday.
Status: NEW → RESOLVED
Closed: 13 years ago
status-b2g18: --- → fixed
status-b2g18-v1.0.0: --- → wontfix
status-b2g18-v1.0.1: --- → fixed
status-firefox19: --- → fixed
status-firefox20: --- → fixed
status-firefox21: --- → fixed
status-firefox-esr17: --- → affected
Resolution: --- → FIXED
Comment on attachment 714816 [details] [diff] [review] Make test certs expire in 40 years r+ These are 2048 bit RSA with SHA256, there is no way they could be broken in 40 years:).... (he says facetiously about throw away test certs).
Attachment #714816 - Flags: review?(rrelyea) → review+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: