921477 - Certificate usage on Firefox Android 24 and newer

Status: VERIFIED FIXED

(Firefox for Android Graveyard :: General, defect)

Description

[info]

User Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0 (Beta/Release)
Build ID: 20130618035212

Steps to reproduce:

On Firefox 23 i use add-on for import Certificates
Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB2)
&& for user certificate
Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);

This add-in works with Firefox 23 and newer(Test with Aurora 26 && Fennec 27)
(Imports OK)





Actual results:

With firefox 23, when i load secure URL,  i select my user certificate (from the firefox Keystore) and i 'm connect with success

With firefox 24 and newer, i doesn't show prompt dialog for select user certificate and result is =ssl_error_handshake_failure_alert

Log (with Aurora >>> same bug with firefox 24 and fennec 27.)

09-27 15:48:17.253: E/GeckoConsole(22691): [JavaScript Error: "this.getPrompt(...).addLabel(...).addMenuList is not a function" {file: "jar:jar:file:///data/app/org.mozilla.fennec_aurora-1.apk!/assets/omni.ja!/components/NSSDialogService.js" line: 188}]
09-27 15:48:17.388: E/GeckoConsole(22691): An error occurred during a connection to secret.server.com.
09-27 15:48:17.388: E/GeckoConsole(22691): SSL peer was unable to negotiate an acceptable set of security parameters.
09-27 15:48:17.388: E/GeckoConsole(22691): (Error code: ssl_error_handshake_failure_alert)

Comment 1

[Aaron Train [:aaronmt]]

Please don't set severity.

Comment 2

[info]

(In reply to Aaron Train [:aaronmt] from comment #1)
> Please don't set severity.

Ok ;(
It's a  regression ?

Comment 3

[Aaron Train [:aaronmt]]

Can you paste how you're calling the prompt dialog? I think this is due to changes on mozilla-24 from bug 878848. I've CC'ed Wes and Kats as they touched NSSDialogService.js

Comment 4

[Wesley Johnston (:wesj)]

This is just a typo (and I this code is hard to test). The method should be addMenulist()

Comment 5

[Aaron Train [:aaronmt]]

If you can confirm that info@cc2i.org, we can close this out as invalid.

Comment 6

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

(In reply to Aaron Train [:aaronmt] from comment #5)
> If you can confirm that info@cc2i.org, we can close this out as invalid.

The bug is in our code; at http://mxr.mozilla.org/mozilla-central/source/mobile/android/components/NSSDialogService.js#185

Comment 7

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Fixed with wesj's rubberstamp r+ on IRC:

https://hg.mozilla.org/integration/fx-team/rev/d39711d1bc60

Comment 8

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Attachment: Patch

[Approval Request Comment]
Bug caused by (feature/regressing bug #): 878848
User impact if declined: adding certificates (via addons) might fail
Testing completed (on m-c, etc.): none, but hopefully the reporter will verify on the nightly build that has the fix
Risk to taking this patch (and alternatives if risky): low risk, typo fix
String or IDL/UUID changes made by this patch: none

Comment 9

[Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)]

https://hg.mozilla.org/mozilla-central/rev/d39711d1bc60

Comment 10

[info]

Thank you all for the response!

Comment 11

[info]

I tested it at the next nithly build.

Comment 12

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/releases/mozilla-aurora/rev/e0353f4ef662
https://hg.mozilla.org/releases/mozilla-beta/rev/24a45f7dd8f0

Comment 13

[info]

Nice !
I post a addon for importing User Certificate (Firefox Android) :

https://addons.mozilla.org/en-US/firefox/addon/addcertificate/

Thank you !!