Bug 738485 - crlutil cannot import CRLs non-interactively in FIPS mode
Summary: crlutil cannot import CRLs non-interactively in FIPS mode
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nss
Version: 6.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Elio Maldonado Batiz
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-14 23:28 UTC by jared jennings
Modified: 2013-02-19 11:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-02-19 11:11:36 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Mozilla Foundation 686761 None None None Never

Description jared jennings 2011-09-14 23:28:06 UTC 
Description of problem:
crlutil appears not to make proper use of a password file supplied with its -f switch when importing CRLs into an NSS database which is in FIPS mode.

Version-Release number of selected component (if applicable):
nss-3.12.9-12.el6_1.i686

For instructions to reproduce problem, actual and expected results, see the upstream bugzilla, https://bugzilla.mozilla.org/show_bug.cgi?id=686761
Comment 2 jared jennings 2011-09-15 15:38:46 UTC 
Proposed patch added to Mozilla bug.
Comment 3 Elio Maldonado Batiz 2011-09-16 17:07:47 UTC 
The proposed patch was accepted and committed upstream.
Comment 5 RHEL Product and Program Management 2011-10-07 16:01:34 UTC 
Since RHEL 6.2 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 6 jared jennings 2012-06-20 14:50:57 UTC 
The upstream patch appears to have made it into RHEL 6, thanks to Bug 799192. I've updated nss-util to 3.13.3-2.el6, according to RHSA-2012:0973-04, and gone through the steps to reproduce from https://bugzilla.mozilla.org/show_bug.cgi?id=686761. I found that crlutil now works as expected.
Note You need to log in before you can comment on or make changes to this bug.