Bug 825583 - Remove server tab cert trust editing. r=keeler
authorCykesiopka <cykesiopka.bmo@gmail.com>
Mon, 19 Aug 2013 08:48:08 -0400
changeset 143057 198caba447af5a34c72d831d808966b34b6742aa
parent 143056 b80cb943118494cdda9158959166395548f1cd41
child 143058 16c7519f1973ef0faa5a4d1de089f92fe80a33d3
push id25121
push userryanvm@gmail.com
push dateMon, 19 Aug 2013 21:02:23 +0000
treeherdermozilla-central@b7f636fada9f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs825583
milestone26.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 825583 - Remove server tab cert trust editing. r=keeler
security/manager/locales/en-US/chrome/pippki/certManager.dtd
security/manager/locales/en-US/chrome/pippki/pippki.properties
security/manager/pki/resources/content/WebSitesOverlay.xul
security/manager/pki/resources/content/certManager.js
security/manager/pki/resources/content/editcerts.js
security/manager/pki/resources/content/editsslcert.xul
security/manager/pki/resources/jar.mn
--- a/security/manager/locales/en-US/chrome/pippki/certManager.dtd
+++ b/security/manager/locales/en-US/chrome/pippki/certManager.dtd
@@ -34,24 +34,20 @@
 <!ENTITY certmgr.certdetail.o                 "Organization (O)">
 <!ENTITY certmgr.certdetail.ou                "Organizational Unit (OU)">
 <!ENTITY certmgr.certdetail.serialnumber      "Serial Number">
 <!ENTITY certmgr.certdetail.sha1fingerprint   "SHA1 Fingerprint">
 <!ENTITY certmgr.certdetail.md5fingerprint    "MD5 Fingerprint">
 
 <!ENTITY certmgr.editcert.title               "Edit Security Certificate Settings">
 <!ENTITY certmgr.editcacert.title             "Edit CA certificate trust settings">
-<!ENTITY certmgr.editsslcert.title            "Edit website certificate trust settings">
 <!ENTITY certmgr.editcert.edittrust           "Edit trust settings:">
 <!ENTITY certmgr.editcert.trustssl            "This certificate can identify websites.">
 <!ENTITY certmgr.editcert.trustemail          "This certificate can identify mail users.">
 <!ENTITY certmgr.editcert.trustobjsign        "This certificate can identify software makers.">
-<!ENTITY certmgr.editsslcert.edittrust        "Edit certificate trust settings:">
-<!ENTITY certmgr.editsslcert.dotrust          "Trust the authenticity of this certificate.">
-<!ENTITY certmgr.editsslcert.donttrust        "Do not trust the authenticity of this certificate.">
 <!ENTITY certmgr.editemailcert.title          "Edit email certificate trust settings">
 <!ENTITY certmgr.editemailcert.edittrust      "Edit certificate trust settings:">
 <!ENTITY certmgr.editemailcert.dotrust        "Trust the authenticity of this certificate.">
 <!ENTITY certmgr.editemailcert.donttrust      "Do not trust the authenticity of this certificate.">
 
 <!ENTITY certmgr.deletecert.title             "Delete Certificate">
 <!ENTITY certmgr.deletecert.beforename        "You have requested to delete this certificate:">
 <!ENTITY certmgr.deletecert.aftername         "Are you sure you want to delete this certificate?">
--- a/security/manager/locales/en-US/chrome/pippki/pippki.properties
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@@ -8,17 +8,16 @@ CertPassPrompt=Please enter the Personal
 #These are for dialogs
 #Download Cert dialog
 newCAMessage1=Do you want to trust "%S" for the following purposes?
 unnamedCA=Certificate Authority (unnamed)
 
 #For editing cert trust
 editTrustWindowTitle=Edit certificate trust
 editTrustCA=The certificate "%S" represents a Certificate Authority.
-editTrustSSL=The certificate "%S" was issued by:
 editTrustEmail=The certificate "%S" was issued by:
 issuerNotTrusted=Because you do not trust the certificate authority that issued this certificate, you do not trust the authenticity of this certificate unless otherwise indicated here.
 issuerTrusted=Because you trust the certificate authority that issued this certificate, you trust the authenticity of this certificate unless otherwise indicated here.
 issuerNotKnown=Because you do not know the certificate authority that issued this certificate, you do not trust the authenticity of this certificate unless otherwise indicated here.
 issuerCertNotFound=Certificate for this certificate authority was not found
 
 #For Deleting Certificates
 deleteSslCertConfirm3=Are you sure you want to delete these server exceptions?
--- a/security/manager/pki/resources/content/WebSitesOverlay.xul
+++ b/security/manager/pki/resources/content/WebSitesOverlay.xul
@@ -35,20 +35,16 @@
 
     <separator class="thin"/>
 
     <hbox>
       <button id="websites_viewButton"
               label="&certmgr.view2.label;"
               accesskey="&certmgr.view2.accesskey;"
               disabled="true" oncommand="viewCerts();"/>
-      <button id="websites_editButton"
-              label="&certmgr.edit3.label;"
-              accesskey="&certmgr.edit3.accesskey;"
-              disabled="true" oncommand="editCerts();"/>
       <button id="websites_addButton"
               label="&certmgr.restore2.label;"
               accesskey="&certmgr.restore2.accesskey;"
               oncommand="addWebSiteCert();"/>
       <button id="websites_exportButton"
               label="&certmgr.export.label;"
               accesskey="&certmgr.export.accesskey;"
               disabled="true" oncommand="exportCerts();"/>
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -243,17 +243,16 @@ function mine_enableButtons()
 
 function websites_enableButtons()
 {
   var items = serverTreeView.selection;
   var count_ranges = items.getRangeCount();
 
   var enable_delete = false;
   var enable_view = false;
-  var enable_edit = false;
 
   if (count_ranges > 0) {
     enable_delete = true;
   }
 
   if (count_ranges == 1) {
     var o1 = {};
     var o2 = {};
@@ -261,33 +260,25 @@ function websites_enableButtons()
     if (o1.value == o2.value) {
       // only a single item is selected
       try {
         var ti = serverTreeView.getTreeItem(o1.value);
         if (ti) {
           if (ti.cert) {
             enable_view = true;
           }
-          // Trust editing is not possible for override
-          // entries that are bound to host:port,
-          // where the cert is stored for convenince only.
-          if (!ti.hostPort.length) {
-            enable_edit = true;
-          }
         }
       }
       catch (e) {
       }
     }
   }
 
   var enableViewButton=document.getElementById('websites_viewButton');
   enableViewButton.setAttribute("disabled", !enable_view);
-  var enableEditButton=document.getElementById('websites_editButton');
-  enableEditButton.setAttribute("disabled", !enable_edit);
   var enableExportButton=document.getElementById('websites_exportButton');
   enableExportButton.setAttribute("disabled", !enable_view);
   var enableDeleteButton=document.getElementById('websites_deleteButton');
   enableDeleteButton.setAttribute("disabled", !enable_delete);
 }
 
 function email_enableButtons()
 {
@@ -359,23 +350,16 @@ function editCerts()
     var cert = selected_certs[t];
     var certkey = cert.dbKey;
     if (document.getElementById("ca_tab").selected) {
       window.openDialog('chrome://pippki/content/editcacert.xul', certkey,
                         'chrome,centerscreen,modal');
     } else if (document.getElementById("others_tab").selected) {
       window.openDialog('chrome://pippki/content/editemailcert.xul', certkey,
                         'chrome,centerscreen,modal');
-    } else if (!document.getElementById("websites_tab").selected
-               || !serverTreeView.isHostPortOverride(selected_index[t])) {
-      // If the web sites tab is select, trust editing is only allowed
-      // if the entry refers to a real cert, but not if it's
-      // a host:port override, where the cert is stored for convenince only.
-      window.openDialog('chrome://pippki/content/editsslcert.xul', certkey,
-                        'chrome,centerscreen,modal');
     }
   }
 }
 
 function restoreCerts()
 {
   var bundle = document.getElementById("pippki_bundle");
   var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
--- a/security/manager/pki/resources/content/editcerts.js
+++ b/security/manager/pki/resources/content/editcerts.js
@@ -68,69 +68,16 @@ function doOK()
   //
   //  Set the cert trust
   //
   certdb.setCertTrust(cert, nsIX509Cert.CA_CERT, 
                       trustssl | trustemail | trustobjsign);
   return true;
 }
 
-function doLoadForSSLCert()
-{
-  var dbkey = self.name;
-
-  //  Get the cert from the cert database
-  certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
-  cert = certdb.findCertByDBKey(dbkey, null);
-
-  var bundle = document.getElementById("pippki_bundle");
-  var windowReference = document.getElementById('editWebsiteCert');
-
-  var message1 = bundle.getFormattedString("editTrustSSL", [cert.commonName]);
-  setText("certmsg", message1);
-
-  setText("issuer", cert.issuerName);
-
-  var cacert = getCaCertForEntityCert(cert);
-  if(cacert == null)
-  {
-     setText("explanations", bundle.getString("issuerNotKnown"));
-  }
-  else if(certdb.isCertTrusted(cacert, nsIX509Cert.CA_CERT,
-                                                nsIX509CertDB.TRUSTED_SSL))
-  {
-     setText("explanations", bundle.getString("issuerTrusted"));
-  }
-  else
-  {
-     setText("explanations", bundle.getString("issuerNotTrusted"));
-  }
-/*
-  if(cacert == null)
-  {
-     var editButton = document.getElementById('editca-button');
-	 editButton.setAttribute("disabled","true");
-  }
-*/  
-  var sslTrust = document.getElementById("sslTrustGroup");
-  sslTrust.value = certdb.isCertTrusted(cert, nsIX509Cert.SERVER_CERT, 
-                                        nsIX509CertDB.TRUSTED_SSL);
-}
-
-function doSSLOK()
-{
-  var sslTrust = document.getElementById("sslTrustGroup");
-  var trustssl = sslTrust.value ? nsIX509CertDB.TRUSTED_SSL : 0;
-  //
-  //  Set the cert trust
-  //
-  certdb.setCertTrust(cert, nsIX509Cert.SERVER_CERT, trustssl);
-  return true;
-}
-
 function doLoadForEmailCert()
 {
   var dbkey = self.name;
 
   //  Get the cert from the cert database
   certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
   cert = certdb.findCertByDBKey(dbkey, null);
 
deleted file mode 100644
--- a/security/manager/pki/resources/content/editsslcert.xul
+++ /dev/null
@@ -1,38 +0,0 @@
-<?xml version="1.0"?>
-<!-- This Source Code Form is subject to the terms of the Mozilla Public
-   - License, v. 2.0. If a copy of the MPL was not distributed with this
-   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<dialog id="editWebsiteCert" 
-        title="&certmgr.editsslcert.title;"
-        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-        buttons="accept,cancel"
-        ondialogaccept="return doSSLOK();"
-        onload="doLoadForSSLCert();"
->
-
-  <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
-
-  <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
-  <script type="application/javascript" src="chrome://pippki/content/editcerts.js"/>
-
-  <description id="certmsg"/>
-  <description id="issuer"/>
-  <separator/>
-  <description id="explanations"/>
-  <separator />
-  <description>&certmgr.editsslcert.edittrust;</description>
-  <radiogroup id="sslTrustGroup">
-    <radio label="&certmgr.editsslcert.dotrust;" value="true"/>
-    <radio label="&certmgr.editsslcert.donttrust;" value="false"/>
-  </radiogroup>
-  <hbox>
-    <button id="editca-button" label="&certmgr.editca.label;"
-            oncommand="editCaTrust();"/> 
-  </hbox>
-
-</dialog>
--- a/security/manager/pki/resources/jar.mn
+++ b/security/manager/pki/resources/jar.mn
@@ -18,17 +18,16 @@ pippki.jar:
     content/pippki/CAOverlay.xul             (content/CAOverlay.xul)
     content/pippki/WebSitesOverlay.xul       (content/WebSitesOverlay.xul)
     content/pippki/OthersOverlay.xul         (content/OthersOverlay.xul)
     content/pippki/MineOverlay.xul           (content/MineOverlay.xul)
     content/pippki/OrphanOverlay.xul         (content/OrphanOverlay.xul)
     content/pippki/viewCertDetails.xul       (content/viewCertDetails.xul)
     content/pippki/editcacert.xul            (content/editcacert.xul)
     content/pippki/editemailcert.xul         (content/editemailcert.xul)
-    content/pippki/editsslcert.xul           (content/editsslcert.xul)
     content/pippki/editcerts.js              (content/editcerts.js)
 *   content/pippki/exceptionDialog.xul       (content/exceptionDialog.xul)
     content/pippki/exceptionDialog.js        (content/exceptionDialog.js)
     content/pippki/deletecert.xul            (content/deletecert.xul)
     content/pippki/deletecert.js             (content/deletecert.js)
     content/pippki/viewCertDetails.js        (content/viewCertDetails.js)
     content/pippki/getp12password.xul        (content/getp12password.xul)
     content/pippki/setp12password.xul        (content/setp12password.xul)