805640 – Enhance PSM's key generation strategy with tokens/escrow

Bug 805640 - Enhance PSM's key generation strategy with tokens/escrow

Summary: Enhance PSM's key generation strategy with tokens/escrow

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	xulrunner
Sub Component:
Version:	5.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Martin Stransky
QA Contact:	Desktop QE
Docs Contact:
URL:
Whiteboard:	OtherQA=cfu@redhat.com
Duplicates (1):	672316 (view as bug list)
Depends On:
Blocks:	805642 811205
TreeView+	depends on / blocked

Reported:	2012-03-21 17:50 UTC by Andrew Wnuk
Modified:	2014-03-17 01:33 UTC (History)
CC List:	11 users (show)
Fixed In Version:	RHSA-2012:0515
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	805642 (view as bug list)
Environment:
Last Closed:	2012-05-04 10:22:30 UTC
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)
Patch v4 from upstream (smaller context version) (14.94 KB, patch) 2012-03-22 15:11 UTC, Kai Engert (:kaie) (inactive account)	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Mozilla Foundation	681937	0	None	None	None	Never

Description Andrew Wnuk 2012-03-21 17:50:57 UTC

RHCS requires the following bug to be fixed in RHEL 5.8:
https://bugzilla.mozilla.org/show_bug.cgi?id=681937

This fix is critical for RHCS ECC functionality to work.

Comment 1 Kai Engert (:kaie) (inactive account) 2012-03-21 18:58:34 UTC

This bug requests that "patch v4" (r=rrelyea) from upstream bug
  https://bugzilla.mozilla.org/show_bug.cgi?id=681937

gets added to Firefox
(but I believe the relevant code lives in our xulrunner RPM package).

The full link to the patch is
https://bugzilla.mozilla.org/attachment.cgi?id=588982&action=edit

This patch applies fine on the latest Firefox 10.x branch.

Comment 2 Kai Engert (:kaie) (inactive account) 2012-03-21 22:46:48 UTC

We propose that this patch gets added together with the next scheduled FF update (10.0.4) (sharing a single errata).

Comment 3 Kai Engert (:kaie) (inactive account) 2012-03-22 15:11:03 UTC

Created attachment 572018 [details]
Patch v4 from upstream (smaller context version)

This is the same patch as upstream, however, with less context (5 lines, not 50 lines, shortens the patch, increases likelyhood that patch will continue to apply).

Comment 4 Kai Engert (:kaie) (inactive account) 2012-03-22 15:14:32 UTC

If you need a risk assessment:

The patch is limited to changing code related to certificate key pair generation (which is only called when a user visits a CA's web page to apply for a certificate).

Comment 22 Nathan Kinder 2012-04-09 18:05:51 UTC

*** Bug 672316 has been marked as a duplicate of this bug. ***

Comment 28 Martin Stransky 2012-05-04 10:22:30 UTC

Fixed in RHSA-2012:0515.

Note You need to log in before you can comment on or make changes to this bug.