Closed Bug 972922 Opened 11 years ago Closed 7 years ago

Allow adding certificate overrides and signon entries using mozprofile

Categories

(Testing :: Mozbase, defect)

Product:
Testing
Component:
Mozbase
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: Fallen, Assigned: Fallen)

References

Details

Attachments

(1 obsolete file)

Attached patch Fix - v1 (obsolete) β€” β€” Splinter Review
It should be possible to create certificate overrides and login manager entries using mozprofile. I've solved this with the patch thats coming right up. The cert_override.txt part was a little tricky, I had some issues calculating the right dbKey. I think I have it working correctly now, at least it works for the mozilla.org certificate (which uses a very high serial number) and a self-signed certificate I was previously using (which uses serial number 1). The signons part relies on some legacy code I hope we are not getting rid of any time soon. By now Firefox uses a signons.sqlite which contains the signon entries and uses cert8/key3 to encrypt the username/password. While this is nice for security, reimplementing NSS in python is a pain and using ctypes to call it didn't really work out the way I wanted it to. What I did instead is create the legacy signons3.txt and use the ~ character as a prefix to denote that the username/password is just base64 encoded. Firefox will happily migrate that file to signons.sqlite and apply correct encryption. The only downside is that the clean() function won't remove the signons.sqlite entries. I'm putting this up for review, but I expect there will probably be a few comments on how things are done differently for mozbase. Let me know what needs fixing!
Attachment #8376345 - Flags: review?(hskupin)
Comment on attachment 8376345 [details] [diff] [review] Fix - v1 Review of attachment 8376345 [details] [diff] [review]: ----------------------------------------------------------------- Philipp, you mentioned problems to me with this patch given some latest changes for how security data is stored on disk. As what I got this patch wouldn't work anymore, right?
Comment on attachment 8376345 [details] [diff] [review] Fix - v1 Yes, sorry. I did find an alternative though, I'll need to dig it up and get it into a patch form.
Attachment #8376345 - Attachment is obsolete: true
Attachment #8376345 - Flags: review?(hskupin)
I'm going to close this bug for now and either re-open or file a new one if I have time to work on this. I haven't been working with mozprofile lately and I don't quite remember what kind of alternative I've come up with. For personal reference, I suspect this is something I did at Linagora.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: