Closed
Bug 1152102
Opened 10 years ago
Closed 10 years ago
Rename the .rsa files when we sign add-ons
Categories
(addons.mozilla.org Graveyard :: Add-on Validation, defect, P1)
addons.mozilla.org Graveyard
Add-on Validation
Tracking
(Not tracked)
VERIFIED
FIXED
2015-05
People
(Reporter: clouserw, Assigned: magopian)
References
Details
One concern that was raised is that every time we run magopian's sign-everything script it will re-sign and re-increment the add-on version. This means if we have to kill the script halfway through, or it crashes, or whatever when we re-run we could end up with $VERSION.1.1[etc]. Instead of blindly re-signing we're going to check inside the .zip first and see if we've signed it before and if so log and skip it (see bug 1152101). Ryan says trunion can already support this if we include it in the POST. If that's not the case we need to file a bug for that and let him know as soon as possible to get that cleared out. It's been suggested the name of the file we use is fligtar.rsa.
|
Assignee | |
Comment 1•10 years ago
|
||
The aim is to change the signature files names from: - META-INF/manifest.mf: stays unchanged - META-INF/zigbert.rsa: META-INF/fligtar.rsa - META-INF/zigbert.sf: META-INF/fligtar.sf From what I can see, this isn't supported by the "signing_client" lib for the moment, as the filenames are harcoded (see code starting https://github.com/mozilla/signing-clients/blob/master/signing_clients/apps.py#L309). I've created bug 1152209
|
|
Assignee | |
Comment 2•10 years ago
|
||
PR: https://github.com/mozilla/olympia/pull/500 (don't merge until the signing_clients library got updated)
Target Milestone: --- → 2015-04
|
|
Assignee | |
Comment 4•10 years ago
|
||
Fixed in https://github.com/mozilla/olympia/commit/1cb3febd93de4e8686d0b7e1451657a9c33cb132 STR: 1/ submit a new addon (or version) 2/ have it signed by reviewing it 3/ download it, unzip it, and check the filenames in the META-INF folder: they should be named manifest.mf, mozilla.sf and mozilla.rsa
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Updated•10 years ago
|
Target Milestone: 2015-04 → 2015-05
|
||
Comment 5•10 years ago
|
||
Verified as fixed in FF37(Win7) in addons-dev.allizom.org Postfix screencast: http://screencast.com/t/uPsbxZVdpEm Closing bug.
Status: RESOLVED → VERIFIED
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•