[tor-bugs] #2167 [EFF-HTTPS Everywhere]: Block during extension updating process
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Feb 24 16:46:22 UTC 2011
#2167: Block during extension updating process
------------------------------------+---------------------------------------
Reporter: zep | Owner: pde
Type: defect | Status: new
Priority: major | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: Block updating process | Parent:
Points: | Actualpoints:
------------------------------------+---------------------------------------
Comment(by zep):
OK things on my side are these:
1) I remove the file "cert_override.txt" & restart ff
It doesn't freeze anymore on add-ons/findupdate
2) I go on https://www.eff.org/https-everywhere
ff show the message"insecure connection":(error:
sec_error_unknown_issuer)
It's the same for !https://secure.comodo.net/CPS
2.1) If I try to acquire the certificate(eff.org) I have the
message:"Unknown identity".
2.2) I add a security exception I have this text in the file
'cert_override.txt':
# PSM Certificate Override Settings file
# This is a generated file! Do not edit.
!www.eff.org:443 OID.2.16.840.1.101.3.4.2.1
!7E:40:8A:6A:3B:2E:9C:3A:6D:21:57:9C:CD:5C:78:F3:00:88:18:78:AE:BD:02:52:97:41:60:CB:89:2B:D8:2D
U AAAAAAAAAAAAAAAQAAAAjE3TYMvPK/gH49GJRgQ+sHgwgYkxCzAJBgNVBAYTAkdC
MRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQx
GjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMS8wLQYDVQQDEyZDT01PRE8gSGln
aCBBc3N1cmFuY2UgU2VjdXJlIFNlcnZlciBDQQ==
2.3) Now I can go on [https://www.eff.org/https-everywhere
https://www.eff.org/https-everywhere ,], but I have the original error of
my ticket on updating process:request on the https-everywhere add-on.
Thank you very much!
Replying to [comment:6 doegox]:
> > Symptom: Firefox was freezing with 100% CPU every now & then since a
few days.
> > It was apparently happening every time https-everywhere extension was
looking for update.
> >
> >
>
> Actually I made a little error in the way I reproduced the problem: I
forgot to tell I've also imported my cert8.db.
> And the problem came from a corrupted CA certificate.
> After having deleted the "The USERTRUST Network / AddTrust External CA
Root" software security device, the problem disappeared definitively.
> See also the following bugreport, that's how I found the real root of
the problem: http://bugs.debian.org/589023
> But, same as for the guy having reported that bug, I've no clue from
where I got this corrupted certificate which made a loop in the CA chain.
>
> So an update request on the https-everywhere add-on was provoking a
freeze because of this strange certificate.
> Zep, could you check if your problem has the same origin?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2167#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list