Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/5.0-rc2] hold ref to temp keychain on OSX to avoid premature cleanup #41882

Merged
merged 2 commits into from
Sep 5, 2020
Merged

[release/5.0-rc2] hold ref to temp keychain on OSX to avoid premature cleanup #41882

merged 2 commits into from
Sep 5, 2020
+56 −14

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Sep 4, 2020
edited by wfurt
Loading

Backport of #41787 to release/5.0-rc2

/cc @wfurt

Customer Impact

This is regression from 3.1. When people import certificate and key from a pfx file, that may not be able to use them.
The issue had repro case for adding the key to a certificate store but it can impact other scenarios as well.
This is macOS specific. Originally reported on Bug Sur 11.0 - but reproduced also on Catalina 10.15.

Testing

This bug caused relevant tests not to run and fail silently (as they check if write to a certificate store is possible before the run) I verified manually that the existing tests do run and pass as well as I verify that the repro code works on 10.15 and 11.0.

Risk

medium. The fix is not large but it creates new relation between X509Certificate and temporary storage when needed.

@danmoseley danmoseley added this to the 5.0.0 rc2 milestone Sep 4, 2020
@ghost
Copy link

ghost commented Sep 4, 2020

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

@wfurt wfurt requested a review from bartonjs September 4, 2020 22:27
@wfurt
Copy link
Member

wfurt commented Sep 4, 2020

cc: @jeffhandley

fixes #39603

@jeffhandley jeffhandley changed the title [release/5.0-rc2] hold ref to temp keychain on OSX to avoild premature cleanup [release/5.0-rc2] hold ref to temp keychain on OSX to avoid premature cleanup Sep 4, 2020
@jeffhandley jeffhandley added the Servicing-approved Approved for servicing release label Sep 4, 2020
@jeffhandley jeffhandley merged commit ff696ae into release/5.0-rc2 Sep 5, 2020
@jeffhandley jeffhandley deleted the backport/pr-41787-to-release/5.0-rc2 branch September 5, 2020 00:12
@jeffhandley jeffhandley mentioned this pull request Sep 5, 2020
Closed
@karelz karelz modified the milestones: 5.0.0 rc2, 5.0.0 Sep 9, 2020
@ghost ghost locked as resolved and limited conversation to collaborators Dec 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jeffhandley jeffhandley

@bartonjs bartonjs

Assignees
No one assigned
Labels
area-System.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
5.0.0
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@wfurt @jeffhandley @karelz @danmoseley @Dotnet-GitSync-Bot