[Bug 515178] [NEW] SSL Certificate verification uses incorrect certificate when going through a proxy

Sun, 31 Jan 2010 08:30:37 -0800 

Public bug reported:

Binary package hint: firefox-3.5
I do network security testing using the Webscarab http request
interceptor, and I found a difference in behavior between the Ubuntu
9.10 version and Windows version of Firefox 3.5.x.  Under Windows, when
connecting to an SSL site, firefox correctly notes an invalid
certificate (generated by Webscarab).  Clicking details and then
permanently accept certificate allows the browser to continue.  On
Ubuntu, the same sequence appears to bypass the Proxy-generated
certificate and check directly to the site.  The result is even though
I'm in the invalid certificate screen, it thinks the certificate is
valid and will not allow the exception to be accepted.

Going to Preferences-Advanced-Encryption and selecting the Validation
tab, then disabling the OSCP check allows me to continue.  Again under
Windows the certificate process works fine, this workaround is only
required on Ubuntu.

Ubuntu Release: 9.10
Ubuntu uname -a output: "Linux field1 2.6.31-16-generic #53-Ubuntu SMP Tue Dec 
8 04:01:29 UTC 2009 i686 GNU/Linux"

apt-cache policy firefox output:
firefox:
  Installed: 3.5.7+nobinonly-0ubuntu0.9.10.1
  Candidate: 3.5.7+nobinonly-0ubuntu0.9.10.1
  Version table:
 *** 3.5.7+nobinonly-0ubuntu0.9.10.1 0
        500 http://us.archive.ubuntu.com karmic-updates/main Packages
        500 http://security.ubuntu.com karmic-security/main Packages
        100 /var/lib/dpkg/status
     3.5.3+build1+nobinonly-0ubuntu6 0
        500 http://us.archive.ubuntu.com karmic/main Packages

ProblemType: Bug
Architecture: i386
Date: Sun Jan 31 11:06:12 2010
DistroRelease: Ubuntu 9.10
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
Package: firefox-3.5 3.5.7+nobinonly-0ubuntu0.9.10.1
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-16.53-generic
SourcePackage: firefox-3.5
Uname: Linux 2.6.31-16-generic i686
XsessionErrors:
 (gnome-settings-daemon:1893): GLib-CRITICAL **: g_propagate_error: assertion 
`src != NULL' failed
 (polkit-gnome-authentication-agent-1:1963): GLib-CRITICAL **: 
g_once_init_leave: assertion `initialization_value != 0' failed
 (nautilus:1952): Eel-CRITICAL **: eel_preferences_get_boolean: assertion 
`preferences_is_initialized ()' failed
 (gnome-panel:1951): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to 
allocate widget with width -3 and height 24
 (firefox:2078): GLib-WARNING **: g_set_prgname() called multiple times

** Affects: firefox-3.5 (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: apport-bug i386

-- 
SSL Certificate verification uses incorrect certificate when going through a 
proxy
https://bugs.launchpad.net/bugs/515178
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to