Bug 825583 - Remove server tab cert trust editing. r=keeler
authorCykesiopka <cykesiopka.bmo@gmail.com>
Mon, 19 Aug 2013 08:48:08 -0400
changeset 143046 198caba447af5a34c72d831d808966b34b6742aa
parent 143045 b80cb943118494cdda9158959166395548f1cd41
child 143047 16c7519f1973ef0faa5a4d1de089f92fe80a33d3
push id2257
push userryanvm@gmail.com
push dateMon, 19 Aug 2013 12:50:00 +0000
treeherderfx-team@ebd79cd25bf5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs825583
milestone26.0a1
Bug 825583 - Remove server tab cert trust editing. r=keeler
security/manager/locales/en-US/chrome/pippki/certManager.dtd
security/manager/locales/en-US/chrome/pippki/pippki.properties
security/manager/pki/resources/content/WebSitesOverlay.xul
security/manager/pki/resources/content/certManager.js
security/manager/pki/resources/content/editcerts.js
security/manager/pki/resources/content/editsslcert.xul
security/manager/pki/resources/jar.mn
--- a/security/manager/locales/en-US/chrome/pippki/certManager.dtd
+++ b/security/manager/locales/en-US/chrome/pippki/certManager.dtd
@@ -34,24 +34,20 @@
 <!ENTITY certmgr.certdetail.o                 "Organization (O)">
 <!ENTITY certmgr.certdetail.ou                "Organizational Unit (OU)">
 <!ENTITY certmgr.certdetail.serialnumber      "Serial Number">
 <!ENTITY certmgr.certdetail.sha1fingerprint   "SHA1 Fingerprint">
 <!ENTITY certmgr.certdetail.md5fingerprint    "MD5 Fingerprint">
 
 <!ENTITY certmgr.editcert.title               "Edit Security Certificate Settings">
 <!ENTITY certmgr.editcacert.title             "Edit CA certificate trust settings">
-<!ENTITY certmgr.editsslcert.title            "Edit website certificate trust settings">
 <!ENTITY certmgr.editcert.edittrust           "Edit trust settings:">
 <!ENTITY certmgr.editcert.trustssl            "This certificate can identify websites.">
 <!ENTITY certmgr.editcert.trustemail          "This certificate can identify mail users.">
 <!ENTITY certmgr.editcert.trustobjsign        "This certificate can identify software makers.">
-<!ENTITY certmgr.editsslcert.edittrust        "Edit certificate trust settings:">
-<!ENTITY certmgr.editsslcert.dotrust          "Trust the authenticity of this certificate.">
-<!ENTITY certmgr.editsslcert.donttrust        "Do not trust the authenticity of this certificate.">
 <!ENTITY certmgr.editemailcert.title          "Edit email certificate trust settings">
 <!ENTITY certmgr.editemailcert.edittrust      "Edit certificate trust settings:">
 <!ENTITY certmgr.editemailcert.dotrust        "Trust the authenticity of this certificate.">
 <!ENTITY certmgr.editemailcert.donttrust      "Do not trust the authenticity of this certificate.">
 
 <!ENTITY certmgr.deletecert.title             "Delete Certificate">
 <!ENTITY certmgr.deletecert.beforename        "You have requested to delete this certificate:">
 <!ENTITY certmgr.deletecert.aftername         "Are you sure you want to delete this certificate?">
--- a/security/manager/locales/en-US/chrome/pippki/pippki.properties
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@@ -8,17 +8,16 @@ CertPassPrompt=Please enter the Personal
 #These are for dialogs
 #Download Cert dialog
 newCAMessage1=Do you want to trust "%S" for the following purposes?
 unnamedCA=Certificate Authority (unnamed)
 
 #For editing cert trust
 editTrustWindowTitle=Edit certificate trust
 editTrustCA=The certificate "%S" represents a Certificate Authority.
-editTrustSSL=The certificate "%S" was issued by:
 editTrustEmail=The certificate "%S" was issued by:
 issuerNotTrusted=Because you do not trust the certificate authority that issued this certificate, you do not trust the authenticity of this certificate unless otherwise indicated here.
 issuerTrusted=Because you trust the certificate authority that issued this certificate, you trust the authenticity of this certificate unless otherwise indicated here.
 issuerNotKnown=Because you do not know the certificate authority that issued this certificate, you do not trust the authenticity of this certificate unless otherwise indicated here.
 issuerCertNotFound=Certificate for this certificate authority was not found
 
 #For Deleting Certificates
 deleteSslCertConfirm3=Are you sure you want to delete these server exceptions?
--- a/security/manager/pki/resources/content/WebSitesOverlay.xul
+++ b/security/manager/pki/resources/content/WebSitesOverlay.xul
@@ -35,20 +35,16 @@
 
     <separator class="thin"/>
 
     <hbox>
       <button id="websites_viewButton"
               label="&certmgr.view2.label;"
               accesskey="&certmgr.view2.accesskey;"
               disabled="true" oncommand="viewCerts();"/>
-      <button id="websites_editButton"
-              label="&certmgr.edit3.label;"
-              accesskey="&certmgr.edit3.accesskey;"
-              disabled="true" oncommand="editCerts();"/>
       <button id="websites_addButton"
               label="&certmgr.restore2.label;"
               accesskey="&certmgr.restore2.accesskey;"
               oncommand="addWebSiteCert();"/>
       <button id="websites_exportButton"
               label="&certmgr.export.label;"
               accesskey="&certmgr.export.accesskey;"
               disabled="true" oncommand="exportCerts();"/>
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -243,17 +243,16 @@ function mine_enableButtons()
 
 function websites_enableButtons()
 {
   var items = serverTreeView.selection;
   var count_ranges = items.getRangeCount();
 
   var enable_delete = false;
   var enable_view = false;
-  var enable_edit = false;
 
   if (count_ranges > 0) {
     enable_delete = true;
   }
 
   if (count_ranges == 1) {
     var o1 = {};
     var o2 = {};
@@ -261,33 +260,25 @@ function websites_enableButtons()
     if (o1.value == o2.value) {
       // only a single item is selected
       try {
         var ti = serverTreeView.getTreeItem(o1.value);
         if (ti) {
           if (ti.cert) {
             enable_view = true;
           }
-          // Trust editing is not possible for override
-          // entries that are bound to host:port,
-          // where the cert is stored for convenince only.
-          if (!ti.hostPort.length) {
-            enable_edit = true;
-          }
         }
       }
       catch (e) {
       }
     }
   }
 
   var enableViewButton=document.getElementById('websites_viewButton');
   enableViewButton.setAttribute("disabled", !enable_view);
-  var enableEditButton=document.getElementById('websites_editButton');
-  enableEditButton.setAttribute("disabled", !enable_edit);
   var enableExportButton=document.getElementById('websites_exportButton');
   enableExportButton.setAttribute("disabled", !enable_view);
   var enableDeleteButton=document.getElementById('websites_deleteButton');
   enableDeleteButton.setAttribute("disabled", !enable_delete);
 }
 
 function email_enableButtons()
 {
@@ -359,23 +350,16 @@ function editCerts()
     var cert = selected_certs[t];
     var certkey = cert.dbKey;
     if (document.getElementById("ca_tab").selected) {
       window.openDialog('chrome://pippki/content/editcacert.xul', certkey,
                         'chrome,centerscreen,modal');
     } else if (document.getElementById("others_tab").selected) {
       window.openDialog('chrome://pippki/content/editemailcert.xul', certkey,
                         'chrome,centerscreen,modal');
-    } else if (!document.getElementById("websites_tab").selected
-               || !serverTreeView.isHostPortOverride(selected_index[t])) {
-      // If the web sites tab is select, trust editing is only allowed
-      // if the entry refers to a real cert, but not if it's
-      // a host:port override, where the cert is stored for convenince only.
-      window.openDialog('chrome://pippki/content/editsslcert.xul', certkey,
-                        'chrome,centerscreen,modal');
     }
   }
 }
 
 function restoreCerts()
 {
   var bundle = document.getElementById("pippki_bundle");
   var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
--- a/security/manager/pki/resources/content/editcerts.js
+++ b/security/manager/pki/resources/content/editcerts.js
@@ -68,69 +68,16 @@ function doOK()
   //
   //  Set the cert trust
   //
   certdb.setCertTrust(cert, nsIX509Cert.CA_CERT, 
                       trustssl | trustemail | trustobjsign);
   return true;
 }
 
-function doLoadForSSLCert()
-{
-  var dbkey = self.name;
-
-  //  Get the cert from the cert database
-  certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
-  cert = certdb.findCertByDBKey(dbkey, null);
-
-  var bundle = document.getElementById("pippki_bundle");
-  var windowReference = document.getElementById('editWebsiteCert');
-
-  var message1 = bundle.getFormattedString("editTrustSSL", [cert.commonName]);
-  setText("certmsg", message1);
-
-  setText("issuer", cert.issuerName);
-
-  var cacert = getCaCertForEntityCert(cert);
-  if(cacert == null)
-  {
-     setText("explanations", bundle.getString("issuerNotKnown"));
-  }
-  else if(certdb.isCertTrusted(cacert, nsIX509Cert.CA_CERT,
-                                                nsIX509CertDB.TRUSTED_SSL))
-  {
-     setText("explanations", bundle.getString("issuerTrusted"));
-  }
-  else
-  {
-     setText("explanations", bundle.getString("issuerNotTrusted"));
-  }
-/*
-  if(cacert == null)
-  {
-     var editButton = document.getElementById('editca-button');
-	 editButton.setAttribute("disabled","true");
-  }
-*/  
-  var sslTrust = document.getElementById("sslTrustGroup");
-  sslTrust.value = certdb.isCertTrusted(cert, nsIX509Cert.SERVER_CERT, 
-                                        nsIX509CertDB.TRUSTED_SSL);
-}
-
-function doSSLOK()
-{
-  var sslTrust = document.getElementById("sslTrustGroup");
-  var trustssl = sslTrust.value ? nsIX509CertDB.TRUSTED_SSL : 0;
-  //
-  //  Set the cert trust
-  //
-  certdb.setCertTrust(cert, nsIX509Cert.SERVER_CERT, trustssl);
-  return true;
-}
-
 function doLoadForEmailCert()
 {
   var dbkey = self.name;
 
   //  Get the cert from the cert database
   certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
   cert = certdb.findCertByDBKey(dbkey, null);
 
deleted file mode 100644
--- a/security/manager/pki/resources/content/editsslcert.xul
+++ /dev/null
@@ -1,38 +0,0 @@
-<?xml version="1.0"?>
-<!-- This Source Code Form is subject to the terms of the Mozilla Public
-   - License, v. 2.0. If a copy of the MPL was not distributed with this
-   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<dialog id="editWebsiteCert" 
-        title="&certmgr.editsslcert.title;"
-        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-        buttons="accept,cancel"
-        ondialogaccept="return doSSLOK();"
-        onload="doLoadForSSLCert();"
->
-
-  <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
-
-  <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
-  <script type="application/javascript" src="chrome://pippki/content/editcerts.js"/>
-
-  <description id="certmsg"/>
-  <description id="issuer"/>
-  <separator/>
-  <description id="explanations"/>
-  <separator />
-  <description>&certmgr.editsslcert.edittrust;</description>
-  <radiogroup id="sslTrustGroup">
-    <radio label="&certmgr.editsslcert.dotrust;" value="true"/>
-    <radio label="&certmgr.editsslcert.donttrust;" value="false"/>
-  </radiogroup>
-  <hbox>
-    <button id="editca-button" label="&certmgr.editca.label;"
-            oncommand="editCaTrust();"/> 
-  </hbox>
-
-</dialog>
--- a/security/manager/pki/resources/jar.mn
+++ b/security/manager/pki/resources/jar.mn
@@ -18,17 +18,16 @@ pippki.jar:
     content/pippki/CAOverlay.xul             (content/CAOverlay.xul)
     content/pippki/WebSitesOverlay.xul       (content/WebSitesOverlay.xul)
     content/pippki/OthersOverlay.xul         (content/OthersOverlay.xul)
     content/pippki/MineOverlay.xul           (content/MineOverlay.xul)
     content/pippki/OrphanOverlay.xul         (content/OrphanOverlay.xul)
     content/pippki/viewCertDetails.xul       (content/viewCertDetails.xul)
     content/pippki/editcacert.xul            (content/editcacert.xul)
     content/pippki/editemailcert.xul         (content/editemailcert.xul)
-    content/pippki/editsslcert.xul           (content/editsslcert.xul)
     content/pippki/editcerts.js              (content/editcerts.js)
 *   content/pippki/exceptionDialog.xul       (content/exceptionDialog.xul)
     content/pippki/exceptionDialog.js        (content/exceptionDialog.js)
     content/pippki/deletecert.xul            (content/deletecert.xul)
     content/pippki/deletecert.js             (content/deletecert.js)
     content/pippki/viewCertDetails.js        (content/viewCertDetails.js)
     content/pippki/getp12password.xul        (content/getp12password.xul)
     content/pippki/setp12password.xul        (content/setp12password.xul)