mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 483437 - PSM doesn't properly escape AVA Values in Cert Viewer Details tab, r=nelson+benjamin
This commit is contained in:
Honza Bambas
parent
1486bf6f66
commit
58b33ea115
Binary file not shown.
Binary file not shown.
@ -156,3 +156,7 @@ https://sub.sectest1.example.org:443
|
||||
# Used while testing the url-classifier
|
||||
#
|
||||
http://malware.example.com:80
|
||||
|
||||
# Bug 483437, 484111
|
||||
https://www.bank1.com:443 privileged,cert=escapeattack1
|
||||
https://www.bank2.com:443 privileged,cert=escapeattack2
|
||||
|
||||
@ -885,7 +885,24 @@ ProcessRDN(CERTRDN* rdn, nsAString &finalString, nsINSSComponent *nssComponent)
|
||||
if(!decodeItem) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
avavalue = NS_ConvertUTF8toUTF16((char*)decodeItem->data, decodeItem->len);
|
||||
|
||||
// We know we can fit buffer of this length. CERT_RFC1485_EscapeAndQuote
|
||||
// will fail if we provide smaller buffer then the result can fit to.
|
||||
PRIntn escapedValueCapacity = decodeItem->len * 3 + 3;
|
||||
nsAutoArrayPtr<char> escapedValue;
|
||||
escapedValue = new char[escapedValueCapacity];
|
||||
if (!escapedValue)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
SECStatus status = CERT_RFC1485_EscapeAndQuote(
|
||||
escapedValue.get(),
|
||||
escapedValueCapacity,
|
||||
(char*)decodeItem->data,
|
||||
decodeItem->len);
|
||||
if (SECSuccess != status)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
avavalue = NS_ConvertUTF8toUTF16(escapedValue);
|
||||
|
||||
SECITEM_FreeItem(decodeItem, PR_TRUE);
|
||||
params[0] = type.get();
|
||||
|
||||
@ -40,14 +40,21 @@ DEPTH = ../../../../../..
|
||||
topsrcdir = @top_srcdir@
|
||||
srcdir = @srcdir@
|
||||
VPATH = @srcdir@
|
||||
relativesrcdir = security/ssl
|
||||
relativesrcdir = security/ssl/bugs
|
||||
|
||||
include $(DEPTH)/config/autoconf.mk
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
||||
_CHROME_FILES = \
|
||||
test_bug413909.html \
|
||||
$(NULL)
|
||||
_TEST_FILES = \
|
||||
test_bug480509.html \
|
||||
test_bug484111.html \
|
||||
$(NULL)
|
||||
|
||||
libs:: $(_CHROME_FILES)
|
||||
_CHROME_FILES = \
|
||||
test_bug413909.html \
|
||||
$(NULL)
|
||||
|
||||
libs:: $(_TEST_FILES)
|
||||
$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir)
|
||||
libs:: $(_CHROME_FILES)
|
||||
$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/chrome/$(relativesrcdir)
|
||||
|
||||
@ -0,0 +1,88 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test bug 483437 and bug 480509</title>
|
||||
<script type="text/javascript" src="chrome://mochikit/content/MochiKit/packed.js"></script>
|
||||
<script type="text/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body onload="onWindowLoad()">
|
||||
|
||||
<iframe src="https://www.bank1.com/" onload="onFrameLoad()"></iframe>
|
||||
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
function badCertListener()
|
||||
{
|
||||
}
|
||||
|
||||
badCertListener.prototype = {
|
||||
badCertCaught: false,
|
||||
|
||||
getInterface: function (aIID) {
|
||||
return this.QueryInterface(aIID);
|
||||
},
|
||||
|
||||
QueryInterface: function(aIID) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
|
||||
aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
|
||||
aIID.equals(Components.interfaces.nsISupports))
|
||||
return this;
|
||||
|
||||
throw Components.results.NS_ERROR_NO_INTERFACE;
|
||||
},
|
||||
|
||||
testCert: function(cert1, expected)
|
||||
{
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
var certDumpTree1 = Components.classes["@mozilla.org/security/nsASN1Tree;1"]
|
||||
.createInstance(Components.interfaces.nsIASN1Tree);
|
||||
certDumpTree1.loadASN1Structure(cert1.ASN1Structure);
|
||||
var value1 = certDumpTree1.getDisplayData(9);
|
||||
|
||||
is(value1, expected, "Incorrect subject recognized");
|
||||
},
|
||||
|
||||
notifyCertProblem: function(socketInfo, sslStatus, targetHost) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
var cert = sslStatus.QueryInterface(Components.interfaces.nsISSLStatus)
|
||||
.serverCert;
|
||||
this.testCert(cert, "CN = www.bank1.com\\00www.bad-guy.com\n");
|
||||
|
||||
this.badCertCaught = true;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
function onFrameLoad()
|
||||
{
|
||||
ok(false, "Attackers page failed to load");
|
||||
}
|
||||
|
||||
function onWindowLoad()
|
||||
{
|
||||
var req = new XMLHttpRequest();
|
||||
var certListener = new badCertListener();
|
||||
try
|
||||
{
|
||||
req.open("GET", "https://www.bank1.com/", false);
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
req.channel.notificationCallbacks = certListener;
|
||||
req.send(null);
|
||||
}
|
||||
catch(ex)
|
||||
{
|
||||
// ignore
|
||||
}
|
||||
|
||||
ok(certListener.badCertCaught, "We Caught the invalid certificate");
|
||||
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
@ -0,0 +1,72 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test bug 484111</title>
|
||||
<script type="text/javascript" src="chrome://mochikit/content/MochiKit/packed.js"></script>
|
||||
<script type="text/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body onload="onWindowLoad()">
|
||||
|
||||
<iframe src="https://www.bank2.com/" onload="onFrameLoad()"></iframe>
|
||||
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
function badCertListener()
|
||||
{
|
||||
}
|
||||
|
||||
badCertListener.prototype = {
|
||||
badCertCaught: false,
|
||||
|
||||
getInterface: function (aIID) {
|
||||
return this.QueryInterface(aIID);
|
||||
},
|
||||
|
||||
QueryInterface: function(aIID) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
|
||||
aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
|
||||
aIID.equals(Components.interfaces.nsISupports))
|
||||
return this;
|
||||
|
||||
throw Components.results.NS_ERROR_NO_INTERFACE;
|
||||
},
|
||||
|
||||
notifyCertProblem: function(socketInfo, sslStatus, targetHost) {
|
||||
this.badCertCaught = true;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
function onFrameLoad()
|
||||
{
|
||||
ok(false, "Attackers page failed to load");
|
||||
}
|
||||
|
||||
function onWindowLoad()
|
||||
{
|
||||
var req = new XMLHttpRequest();
|
||||
var certListener = new badCertListener();
|
||||
try
|
||||
{
|
||||
req.open("GET", "https://www.bank2.com/", false);
|
||||
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
|
||||
req.channel.notificationCallbacks = certListener;
|
||||
req.send(null);
|
||||
}
|
||||
catch(ex)
|
||||
{
|
||||
// ignore
|
||||
}
|
||||
|
||||
ok(certListener.badCertCaught, "We Caught the invalid certificate");
|
||||
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
Loading…
Reference in New Issue
Block a user