Ubuntu
firefox-3.5 package

SSL Certificate verification uses incorrect certificate when going through a proxy

Bug #515178 reported by Mike on 2010-01-31

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	firefox-3.5 (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: firefox-3.5

I do network security testing using the Webscarab http request interceptor, and I found a difference in behavior between the Ubuntu 9.10 version and Windows version of Firefox 3.5.x. Under Windows, when connecting to an SSL site, firefox correctly notes an invalid certificate (generated by Webscarab). Clicking details and then permanently accept certificate allows the browser to continue. On Ubuntu, the same sequence appears to bypass the Proxy-generated certificate and check directly to the site. The result is even though I'm in the invalid certificate screen, it thinks the certificate is valid and will not allow the exception to be accepted.

Going to Preferences-Advanced-Encryption and selecting the Validation tab, then disabling the OSCP check allows me to continue. Again under Windows the certificate process works fine, this workaround is only required on Ubuntu.

Ubuntu Release: 9.10
Ubuntu uname -a output: "Linux field1 2.6.31-16-generic #53-Ubuntu SMP Tue Dec 8 04:01:29 UTC 2009 i686 GNU/Linux"

apt-cache policy firefox output:
firefox:
  Installed: 3.5.7+nobinonly-0ubuntu0.9.10.1
  Candidate: 3.5.7+nobinonly-0ubuntu0.9.10.1
  Version table:
*** 3.5.7+nobinonly-0ubuntu0.9.10.1 0
        500 http://us.archive.ubuntu.com karmic-updates/main Packages
        500 http://security.ubuntu.com karmic-security/main Packages
        100 /var/lib/dpkg/status
     3.5.3+build1+nobinonly-0ubuntu6 0
        500 http://us.archive.ubuntu.com karmic/main Packages

ProblemType: Bug
Architecture: i386
Date: Sun Jan 31 11:06:12 2010
DistroRelease: Ubuntu 9.10
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
Package: firefox-3.5 3.5.7+nobinonly-0ubuntu0.9.10.1
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-16.53-generic
SourcePackage: firefox-3.5
Uname: Linux 2.6.31-16-generic i686
XsessionErrors:
(gnome-settings-daemon:1893): GLib-CRITICAL **: g_propagate_error: assertion `src != NULL' failed
(polkit-gnome-authentication-agent-1:1963): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed
(nautilus:1952): Eel-CRITICAL **: eel_preferences_get_boolean: assertion `preferences_is_initialized ()' failed
(gnome-panel:1951): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate widget with width -3 and height 24
(firefox:2078): GLib-WARNING **: g_set_prgname() called multiple times

Tags:

Revision history for this message

Mike (mike-piscopo) wrote on 2010-01-31:

Dependencies.txt Edit (3.4 KiB, text/plain; charset="utf-8")
ExtensionSummary.txt Edit (2.2 KiB, text/plain; charset="utf-8")
profile_default_pluginreg.dat.txt Edit (4.8 KiB, text/plain; charset="utf-8")
profiles.ini.txt Edit (94 bytes, text/plain; charset="utf-8")

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufirefox-3.5 package