Opened 5 years ago

Closed 5 years ago

#14387 closed defect (fixed)

improve TB MAR signing process when incorrect password entered

Reported by: mcs Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: TorBrowserTeam201506R, GeorgKoppen201506
Cc: brade, mcs, gk Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Currently, if an incorrect NSS password is entered during the MAR file signing process, no error is reported and the NSS "get password" function consumes all available CPU. I believe this happens because NSS continues to try to read a password (retry) even though stdin has been closed.

gk encountered this problem when generating some signed MAR files for testing. We should either fix the underlying bug or at the very least change to provide more feedback during the signing process (so the fact that no real progress is being made is obvious). gk said:

"Maybe adding some echo commands just saying something like "Starting the signing process..." and "Signed MAR file $COUNT." would already be enough?"

Child Tickets

Change History (3)

comment:1 Changed 5 years ago by gk

Keywords: TorBrowserTeam201506R GeorgKoppen201506 added
Status: newneeds_review

bug_14387 ( in my public repo has a patch which is working pretty well for me.

comment:2 in reply to:  1 Changed 5 years ago by mcs

Replying to gk:

bug_14387 ( in my public repo has a patch which is working pretty well for me.

Looks good to me. Kathy and I were hoping for a better solution (e.g., don't consume all available CPU inside the 'get password' function), but if this solves the problem for you let's go with it.

comment:3 Changed 5 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

I think it is fine (and solving the underlying problem would be a good example for the perfect-is-the-enemy-of-the-good-enough case IMO). This is commit c57e340382377ccc1f0e376b23b621a1d7eef1d6.

Note: See TracTickets for help on using tickets.