Bug 445389

Summary: nss does not read slot specific flags into dynamically allocated slots.
Product: Red Hat Enterprise Linux 6 Reporter: Bob Relyea <rrelyea>
Component: nssAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 6.1CC: ckannan, dpal
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-22 23:54:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 229989    

Description Bob Relyea 2008-05-06 16:55:49 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Bob Relyea 2008-05-06 16:56:42 UTC
This bug is migrated from raidzilla.sfbay.redhat.com
Raidzilla Bug Id = 57788

#############################################

----Additional comments from srs on 2005-09-16 10:58 ----
From Bill Burns (AOL)

****
I'd like to be able to speficy "-mechanisms friendly" when adding the CoolKey
module to Mac FireFox profiles.

Doing this allows people to view the certs on the token before entering the PIN.
 Right now, the PIN prompt appears more frequently than necessary. 

****

----Additional comments from ckannan on 2006-08-12 16:38 ----
per bug council on 08/11/2006, re-assign to rrelyea

----Additional comments from ckannan on 2006-09-23 16:58 ----
per bug council on 09/22 , we believe the current is capable of viewing certs
without password. if not we can re-open this bug. resolving for now.

----Additional comments from ckannan on 2006-11-01 18:00 ----

I still need to enter password to view the certs with firefox.

re-opening

Comment 2 Bob Relyea 2008-05-06 16:57:04 UTC
pk11install has a way of marking the equivalent of 'friendly' already. The
problem is on linux (and mac), with the current coolkey, there is no way to mark
the token friendly because the slot does not exist at init time, it only exists
once the app has started. (It's not -mechanisms friendly, see
http://developer.mozilla.org/en/docs/PKCS11_Module_Specs )

NSS needs to pick up the configuration for slots that are initialized after a
token has been loaded.


Comment 3 Bob Relyea 2008-05-06 16:57:25 UTC
Upstream bug create:

https://bugzilla.mozilla.org/show_bug.cgi?id=432329

Comment 4 Bob Relyea 2008-05-06 16:58:53 UTC
*** Bug 224903 has been marked as a duplicate of this bug. ***

Comment 5 RHEL Program Management 2009-02-05 23:33:09 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 6 Elio Maldonado Batiz 2010-07-13 23:58:44 UTC
This will need to be picked up from upstream when the fix is in and we rebase. It looks like a 6.1 to me. Assigning to Bob to the devel_ack.

Comment 7 Bob Relyea 2010-07-14 18:09:47 UTC
reassigning back to elio. Obviously if it's not fixed upstream, we shouldn't try to make it into 6.0.

bob

Comment 11 Elio Maldonado Batiz 2010-11-22 23:19:21 UTC
Bob, I recommend a devel_ack- as there is no from upstream fix yet.

Comment 12 RHEL Program Management 2010-11-22 23:54:59 UTC
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.