Signtool not picking up hidden (dot) files when performing signing

RESOLVED FIXED in 3.3.1

Status

NSS
Tools
P2
blocker
RESOLVED FIXED
16 years ago
16 years ago

People

(Reporter: Waikwan.Hui, Assigned: Jamie Nicolson)

Tracking

3.3.1
Sun
Solaris

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
The problem has  to do with signtool signing  a  directory with hidden
files (e.g. .emacs).   These  kind of files  do   not get signed   and
included into the final jar file.

It seems that the foreach  function in util.c  ignores any file with a
"." prefix. It should have only ignored files that have "." prefix AND
have filename size of 1.

Comment 1

16 years ago
verified that signtool does not put the hidden files in the jar archive.
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Assignee)

Comment 2

16 years ago
Currently signtool just skips files that start with "." or "#". It is very easy
to modify the code so it doesn't do this anymore (it will still skip "." and
"..", of course).

I don't know of any reason why signtool skips these files. It looks like the
original intent was to skip temporary vi and emacs files.

Comment 3

16 years ago
Assigned the bug to Jamie.
Assignee: wtc → nicolson
Priority: -- → P2
Target Milestone: --- → 3.4
(Reporter)

Comment 4

16 years ago
We would like to have the fix of this bug rolled into NSS3.3. This bug 
is significantly serious since it could render signtool unusable in
the situation where hidden files are involved. We found that this
situation is very common.

Comment 5

16 years ago
Unfortunately we have already frozen 3.3 and are pushing the candidate now.

bob

Comment 6

16 years ago
It is too late for 3.3, we already pushed the release candidate, and neither Wan
Teh, nor I (for QA) will be here most next week.
Since the fix is in a binary, maybe we could just make a one file patch? 
(Assignee)

Comment 7

16 years ago
Checked in the fix to the trunk, marking fixed.
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED

Comment 8

16 years ago
Jamie, could you please merge the fix of this bug
on the NSS_3_3_BRANCH so that it is included with
the upcoming NSS 3.3.1 release?  Thanks.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Target Milestone: 3.4 → 3.3.1
(Assignee)

Comment 9

16 years ago
Checked in the fix to the NSS_3_3_BRANCH.

/cvsroot/mozilla/security/nss/cmd/signtool/util.c,v  <--  util.c
new revision: 1.5.2.1; previous revision: 1.5
Status: REOPENED → RESOLVED
Last Resolved: 16 years ago16 years ago
Resolution: --- → FIXED

Comment 10

16 years ago
I am wondering if the old behavior (not picking up
hidden files) should be considered a feature or a bug.

Should we keep the old behavior for backward compatibility
and add a "-a" option (inspired by "ls -a" of Unix) to
pick up hidden files?  I think we don't need to worry
about this.  I just wanted to make sure that we considered
this issue.
You need to log in before you can comment on or make changes to this bug.