Robert Relyea schrieb: >> Hmm, now that you say that... >> It's not much about what I intend to do since I'm just trying to use >> Firefox ;-) >> But yeah, it might go wrong before that trace already? >> >> http://mxr.mozilla.org/mozilla/source/toolkit/components/passwordmgr/src/storage-Legacy.js#176 >> >> >> 176 var token = tokenDB.getInternalKeyToken(); >> 177 if (token.needsUserInit) { >> 178 this.log("Initializing key3.db with default blank >> password."); >> 179 token.initPassword(""); >> >> Is it expected that token.needsUserInit is true if there already is a >> NSS database without a master password? Probably not. I've just checked >> what happens if I remove the token.needsUserInit case and it now doesn't >> fail to load the login storage component anymore. But trying to save a >> password still doesn't work as Firefox "fails to encrypt string". >> >> Something must be broken in my NSS database :-( >> > It's true if there's an NSS database, but it hasn't been "Initialized" > yet. Usually we don't store anything in the database until it's > initialized. This coincides with your back trace above.... an > initialized database already has all of it's tables. > > One way you can get in this state is if you loose your key database (you > also get in this state when you first create the database). Typically > needsUserInit means there isn't a password record in your key database. > Without this you can not store any keys. The difference between 'not > initialized', 'doesn't have a master password', and 'has master a > password' is as follows: > > 1) 'not initialized' --- no password record. > 2) 'doesn't have a master password' --- has a password record, and the > password record is encrypted with a key derived from 'NULL' (\0). > 3) 'has a master password' - has a password record, and key isn't > derived from NULL. > > The NSS tools usually create new databases and initializes them at the > same time. I think mozilla creates new databases, and initializes them > later. > Question: is this an updated profile, or is this a new profile?
This was a new profile actually. And yes, the database which reveals this issue isn't complete it seems. I removed it and created a new empty one using "certutil -d sql:. -N" and now Firefox works correctly. What I've used to create the shared database is actually the same as in the thread "NSS DB migration problem" and something really seems to be broken with it. Thanks for the explanation, Wolfgang _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
