Bug 501336 - ESC appears to hang when RE_ENROLL is set to NO and a user tries to re-enroll
ESC appears to hang when RE_ENROLL is set to NO and a user tries to re-enroll
Status: CLOSED ERRATA
Product: Dogtag Certificate System
Classification: Community
Component: ESC (Show other bugs)
unspecified
All Windows
high Severity medium
: ---
: ---
Assigned To: Jack Magne
Chandrasekar Kannan
:
Depends On:
Blocks: 443788
  Show dependency treegraph
 
Reported: 2009-05-18 11:51 EDT by Sean Veale
Modified: 2015-01-04 18:38 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-22 19:35:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
ESC hanging (56.63 KB, image/jpeg)
2009-05-18 11:51 EDT, Sean Veale
no flags Details
TPS Log for this process (79.42 KB, application/octet-stream)
2009-05-18 12:02 EDT, Sean Veale
no flags Details

  None (edit)
Description Sean Veale 2009-05-18 11:51:49 EDT
Created attachment 344464 [details]
ESC hanging

Description of problem:

ESC appears to  hang when RE_ENROLL is set to NO and a user tries to re-enroll
Version-Release number of selected component (if applicable):
CS 8.0 

How reproducible:
Always

Steps to Reproduce:
1.Config the TPS to set the default policies as RE_ENROLL=NO,RESET_PIN=NO
2.Enroll a formated token, -- This works as expected.
3.After the enroll process, I'd expect the enroll button to be disabled. Attempting to re-enroll causes the ESC to appear to hang. See the attached screen shot.
4. Same thing happens if you reset the pin.  

Actual results:

ESC looks like it is hanging


Expected results:

Greyed out enroll/pin reset buttons depending on state of enrollment. 


Additional info:
Comment 1 Sean Veale 2009-05-18 12:02:21 EDT
Created attachment 344466 [details]
TPS Log for this process
Comment 2 Jack Magne 2009-05-18 21:38:32 EDT
By any chance are you seeing this using a Gemalto 64K Gem PC Key USB style?

I'm now seeing this when trying to do 2 enrolls or pin resets in a row. This only seems to happen for this particular key for me. Something to do with losing connection to the token at the end of the pin reset.

I've not seen it with either Safenet or Gemalto 64K using the SCR reader.
Comment 3 Jack Magne 2009-06-06 19:59:30 EDT
This ended up being a string message glitch that shows up only with a failed re-enroll.

Patch to follow:

Index: setup.iss
===================================================================
RCS file: /cvs/dirsec/esc/win32/setup.iss,v
retrieving revision 1.11
diff -r1.11 setup.iss
64d63
< Source: BUILD\ESC\chrome\content\esc\CertInfo.js; DestDir: {app}\chrome\conten
t\esc

Index: esc/src/app/xul/esc/chrome/content/esc/ESC.js
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/ESC.js,v
retrieving revision 1.23
diff -r1.23 ESC.js
525c525,528
<     str = gStringBundle.getString(string_id);
---
>     try {
>         str = gStringBundle.getString(string_id);
>     } catch(e) {
>     }
Index: esc/src/app/xul/esc/chrome/content/esc/certManager.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/certManager.xul,v
retrieving revision 1.3
diff -r1.3 certManager.xul
62d61
<   <script type="application/x-javascript" src="escCertManager.js"/>
Index: esc/src/app/xul/esc/chrome/content/esc/password.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/password.xul,v
retrieving revision 1.4
diff -r1.4 password.xul
26d25
<     onunload="cleanup();"
cvs diff: Diffing esc/src/app/xul/esc/chrome/icons
cvs diff: Diffing esc/src/app/xul/esc/chrome/icons/default
cvs diff: Diffing esc/src/app/xul/esc/chrome/locale
cvs diff: Diffing esc/src/app/xul/esc/chrome/locale/en-US
Index: esc/src/app/xul/esc/chrome/locale/en-US/esc.properties
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/locale/en-US/esc.properties,v
retrieving revision 1.8
diff -r1.8 esc.properties
107,108c107
< errorTokenSuspended=You are not allowed to perform this operation with this sm

< art card.
---
> errorTokenSuspended=You are not allowed to perform this operation with this sm
art card.
Comment 4 Matthew Harmsen 2009-06-06 20:05:06 EDT
Comment #3 +mharmsen
Comment 5 Jack Magne 2009-06-06 20:13:11 EDT
cvs -d :ext:jmagne@cvs.fedora.redhat.com:/cvs/dirsec commit -m "Fix for #5013
36, esc hangs on error." setup.iss ./esc

Checking in setup.iss;
/cvs/dirsec/esc/win32/setup.iss,v  <--  setup.iss
new revision: 1.12; previous revision: 1.11
done
Running syncmail...
Mailing relnotes@fedoraproject.org...
...syncmail done.
Running syncmail...
Mailing cvsdirsec@fedoraproject.org...
...syncmail done.
Checking in ./esc/src/app/xul/esc/chrome/content/esc/ESC.js;
/cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/ESC.js,v  <--  ESC.js
new revision: 1.24; previous revision: 1.23
done
Checking in ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul;
/cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/certManager.xul,v  <-- 
certM
anager.xul
new revision: 1.4; previous revision: 1.3
done
Checking in ./esc/src/app/xul/esc/chrome/content/esc/password.xul;
/cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/password.xul,v  <-- 
password
.xul
new revision: 1.5; previous revision: 1.4
done
Running syncmail...
Mailing relnotes@fedoraproject.org...
...syncmail done.
Running syncmail...
Mailing cvsdirsec@fedoraproject.org...
...syncmail done.
Checking in ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties;
/cvs/dirsec/esc/src/app/xul/esc/chrome/locale/en-US/esc.properties,v  <-- 
esc.p
roperties
new revision: 1.9; previous revision: 1.8
done
Running syncmail...
Mailing relnotes@fedoraproject.org...
...syncmail done.
Running syncmail...
Mailing cvsdirsec@fedoraproject.org...
...syncmail done.
Comment 6 Jack Magne 2009-06-06 20:13:27 EDT
Fixed in next build.
Comment 7 Asha Akkiangady 2009-06-11 15:05:53 EDT
Verified.

When default policy is set to RE_ENROLL=NO, PIN_RESET=NO, trying to re enroll throws Error message, Smart card is disabled (Error 26) as expected.

Correction in STR #1: it should be PIN_RESET=NO, not RESET_PIN=NO.
Comment 8 Asha Akkiangady 2009-06-11 15:08:00 EDT
Used Gemalto 64 K token for verification.
Comment 9 Jack Magne 2009-06-11 15:38:20 EDT
It turns out that it didn't really matter what token was used. The problem was ESC failing to obtain the proper error message string.

Note You need to log in before you can comment on or make changes to this bug.