Last Comment Bug 90228 - Signtool not picking up hidden (dot) files when performing signing
: Signtool not picking up hidden (dot) files when performing signing
Product: NSS
Classification: Components
Component: Tools (show other bugs)
: 3.0
: Sun Solaris
P2 blocker (vote)
: 3.3.1
Assigned To: Jamie Nicolson
: Sonja Mirtitsch
Depends on:
  Show dependency treegraph
Reported: 2001-07-10 15:44 PDT by Waikwan.Hui
Modified: 2001-09-13 11:50 PDT (History)
5 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---


Description User image Waikwan.Hui 2001-07-10 15:44:47 PDT
The problem has  to do with signtool signing  a  directory with hidden
files (e.g. .emacs).   These  kind of files  do   not get signed   and
included into the final jar file.

It seems that the foreach  function in util.c  ignores any file with a
"." prefix. It should have only ignored files that have "." prefix AND
have filename size of 1.
Comment 1 User image Sonja Mirtitsch 2001-07-10 16:33:45 PDT
verified that signtool does not put the hidden files in the jar archive.
Comment 2 User image Jamie Nicolson 2001-07-10 17:03:50 PDT
Currently signtool just skips files that start with "." or "#". It is very easy
to modify the code so it doesn't do this anymore (it will still skip "." and
"..", of course).

I don't know of any reason why signtool skips these files. It looks like the
original intent was to skip temporary vi and emacs files.
Comment 3 User image Wan-Teh Chang 2001-07-10 17:43:03 PDT
Assigned the bug to Jamie.
Comment 4 User image Waikwan.Hui 2001-07-12 12:01:28 PDT
We would like to have the fix of this bug rolled into NSS3.3. This bug 
is significantly serious since it could render signtool unusable in
the situation where hidden files are involved. We found that this
situation is very common.
Comment 5 User image Robert Relyea 2001-07-12 13:00:41 PDT
Unfortunately we have already frozen 3.3 and are pushing the candidate now.

Comment 6 User image Sonja Mirtitsch 2001-07-12 14:50:43 PDT
It is too late for 3.3, we already pushed the release candidate, and neither Wan
Teh, nor I (for QA) will be here most next week.
Since the fix is in a binary, maybe we could just make a one file patch? 
Comment 7 User image Jamie Nicolson 2001-07-20 14:34:15 PDT
Checked in the fix to the trunk, marking fixed.
Comment 8 User image Wan-Teh Chang 2001-09-13 11:29:31 PDT
Jamie, could you please merge the fix of this bug
on the NSS_3_3_BRANCH so that it is included with
the upcoming NSS 3.3.1 release?  Thanks.
Comment 9 User image Jamie Nicolson 2001-09-13 11:43:14 PDT
Checked in the fix to the NSS_3_3_BRANCH.

/cvsroot/mozilla/security/nss/cmd/signtool/util.c,v  <--  util.c
new revision:; previous revision: 1.5
Comment 10 User image Wan-Teh Chang 2001-09-13 11:50:43 PDT
I am wondering if the old behavior (not picking up
hidden files) should be considered a feature or a bug.

Should we keep the old behavior for backward compatibility
and add a "-a" option (inspired by "ls -a" of Unix) to
pick up hidden files?  I think we don't need to worry
about this.  I just wanted to make sure that we considered
this issue.

Note You need to log in before you can comment on or make changes to this bug.