View Issue Details

IDProjectCategoryView StatusLast Update
0000773Main CAcert Websitecertificate issuingpublic2015-09-01 19:32
ReporterBas van den Dikkenberg Assigned ToBenBE  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version2009 Q3 
Target Version2014 Q2Fixed in Version2015 Q1 
Summary0000773: No confirmation of revocation of server certificate
DescriptionWhen i revoke a client certificate i get an e-mail from support saying certificate is revoked.

When i do same thing with a server certificate i don't get a mail de certificate is revoked.

I am missing to conformation of the revokecation
TagsNo tags attached.
Reviewed byTed, BenBE
Test Instructions

Relationships

related to 0000597 closedBenBE email notification for revoked certificates 
related to 0001026 needs workUli60 Server Certificate was revoked but not by the user 
child of 0001373 newINOPIAE Improve the revokation mail sent by the signer 

Activities

felixd

2014-06-15 11:57

updater   ~0004838

Reason: the sending script ("client.pl") hopes for a "memid" column in the table for the to-be-revoked certificate in order to look up the email address.
This column exists for "emailcerts" table, but is missing for "domaincerts" table.

This causes the mail lookup to fail and no mail is sent out.

felixd

2014-06-17 16:04

updater   ~0004846

Last edited: 2014-06-17 16:16

View 2 revisions

I pushed a patch that fixes the issue for server Certificates.
Emails for "Organisation-Certificates" are still not sent.

Patch is based on the testserver-merged patch for 0000597:

https://github.com/yellowant/cacert-devel/tree/bug-773

felixd

2014-06-17 17:37

updater   ~0004847

I updated the changeset, so that the email gets sent out to organisation-owns as well.

Same link as above.

BenBE

2014-06-17 21:06

updater   ~0004849

Most recent patchset pulled and merged to testserver.

INOPIAE

2014-06-17 21:57

updater   ~0004853

The revokation of the client, server, org client and org serv certificate
generates an email with the correct wording. => ok

see also bug 597

All mails for the org client and org server certificate were received by all org admins listed in the org account. => ok

=> ok

Eva

2014-08-05 21:01

updater   ~0004914

Last edited: 2014-08-05 21:15

View 2 revisions

Revoked a server certificate.
- got a short, meaningful email with correct wording and references
-> ok

Revoked an org server certificate.
- got a short, meaningful email with correct wording and references
-> ok

Revoked a client certificate.
- got a short, meaningful email with correct wording and references
-> ok

Revoked an org client certificate.
- got a short, meaningful email with correct wording and references
-> ok

Checked only one other org admin if they got the mails, as well, they did.
-> ok

=> ok
However I did not test this for all other org admins of the organisations, but there is no reason why they should not have got it.

INOPIAE

2014-08-05 21:15

updater   ~0004915

Please review as there are at least 2 successful test.

Ted

2015-02-09 21:06

administrator   ~0005316

Reviewed f2e2938666127a8636ac7770a1cfdb089124528b vs. b275df70541737f4bc1576db57e7236e105f101f

One minor issue, in line 1032 a variable named "@a" is used. It's good practice to use meaningful variable names, but since this variable is only used in two consecutive lines this is tolerable.

I made no functional tests.

The review is PASSED

BenBE

2015-02-11 08:27

updater   ~0005319

I checked the patches in the same range, and the only two minor issues I found were:
- In RevokeCerts the stringification of hash indices ($row{memid} vs. $row{'email'}) is not uniform. But since this was present before there should be no issue arising from it.
- In sendRevokeMail() there is no indication done on the number of arguments accepted. As this indication in Perl is mostly cosmetic I see no problem here.

Also, from a functional PoV I'd suggest including the Organisation/Organisation Unit into the mail sent as the CN alone might not suffice to distinguish certain certificates quickly (e.g. if I or an emploee has certificates for multiple organisations I manage).

Overall: PASSED

wytze

2015-02-13 14:20

developer   ~0005321

The fix has been installed on the production server on February 13, 2015. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2015-02/msg00009.html

Issue History

Date Modified Username Field Change
2009-09-05 10:14 Bas van den Dikkenberg New Issue
2009-09-05 10:26 Bas van den Dikkenberg Summary No comfrematgion of revokacation of sever certficate => No conformation of revokacation of sever certficate
2012-12-22 20:31 Werner Dworak Relationship added related to 0001026
2014-03-15 20:41 INOPIAE Relationship added related to 0000597
2014-06-15 11:57 felixd Note Added: 0004838
2014-06-15 16:46 BenBE Assigned To => BenBE
2014-06-15 16:46 BenBE Status new => needs work
2014-06-15 16:47 BenBE Product Version => 2009 Q3
2014-06-15 16:47 BenBE Target Version => 2014 Q2
2014-06-15 16:47 BenBE Summary No conformation of revokacation of sever certficate => No conformation of revokacation of server certficate
2014-06-15 23:35 felixd Summary No conformation of revokacation of server certficate => No conformation of revocation of server certficate
2014-06-15 23:36 felixd Summary No conformation of revocation of server certficate => No confirmation of revocation of server certificate
2014-06-17 16:04 felixd Note Added: 0004846
2014-06-17 16:16 felixd Note Edited: 0004846 View Revisions
2014-06-17 17:37 felixd Note Added: 0004847
2014-06-17 21:05 BenBE Source_changeset_attached => cacert-devel testserver-stable 7f332a32
2014-06-17 21:05 BenBE Source_changeset_attached => cacert-devel testserver-stable b275df70
2014-06-17 21:05 felixd Source_changeset_attached => cacert-devel testserver-stable 55251640
2014-06-17 21:05 felixd Source_changeset_attached => cacert-devel testserver-stable ddabc10c
2014-06-17 21:05 BenBE Status needs work => needs review & testing
2014-06-17 21:06 BenBE Note Added: 0004849
2014-06-17 21:57 INOPIAE Note Added: 0004853
2014-08-05 21:01 Eva Note Added: 0004914
2014-08-05 21:15 Eva Note Edited: 0004914 View Revisions
2014-08-05 21:15 INOPIAE Note Added: 0004915
2014-08-05 21:15 INOPIAE Status needs review & testing => needs review
2015-02-09 21:06 Ted Note Added: 0005316
2015-02-09 21:06 Ted Reviewed by => Ted
2015-02-11 08:27 BenBE Reviewed by Ted => Ted, BenBE
2015-02-11 08:27 BenBE Note Added: 0005319
2015-02-11 08:27 BenBE Status needs review => ready to deploy
2015-02-11 08:32 BenBE Relationship added child of 0001373
2015-02-13 14:20 wytze Note Added: 0005321
2015-02-13 14:20 wytze Status ready to deploy => solved?
2015-02-13 14:20 wytze Fixed in Version => 2015 Q1
2015-02-13 14:20 wytze Resolution open => fixed
2015-09-01 19:32 INOPIAE Status solved? => closed