Closed
Bug 1203787
Opened 9 years ago
Closed 9 years ago
Cope with hashed Add-on IDs in the CN field
Categories
(Toolkit :: Add-ons Manager, defect)
Toolkit
Add-ons Manager
Tracking
()
RESOLVED
FIXED
mozilla44
People
(Reporter: andy+bugzilla, Assigned: mossop)
References
Details
Attachments
(1 file)
(deleted),
patch
|
dveditz
:
review+
lizzard
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
As per bug 1201176, when the addon ID is longer than 64 chars it will be hashed in the CN field. Which means the signature will be invalid. When installing the addon and performing this check on the CN field Firefox will need to hash the ID and then compare the value. The hash is being done on AMO side in bug 1203365.
Reporter | ||
Comment 1•9 years ago
|
||
We don't have anyone yet to work on this, would you be able to work on this for 43?
Flags: needinfo?(dtownsend)
Assignee | ||
Comment 2•9 years ago
|
||
(In reply to Andy McKay [:andym] from comment #1) > We don't have anyone yet to work on this, would you be able to work on this > for 43? Yes this is pretty straightforward, I just need to figure out how to get a testcase
Assignee: nobody → dtownsend
Flags: needinfo?(dtownsend)
Assignee | ||
Comment 3•9 years ago
|
||
This hashes the add-on ID before comparing to the common name if the ID is longer than 64 characters. The test includes 5 add-ons: long_63_plain.xpi: ID is 63 characters long, the common name is the plain ID long_63_hash.xpi: ID is 63 characters long, the common name is the hashed ID long_64_plain.xpi: ID is 64 characters long, the common name is the plain ID long_64_hash.xpi: ID is 64 characters long, the common name is the hashed ID long_65_hash.xpi: ID is 65 characters long, the common name is the hashed ID
Attachment #8663080 -
Flags: review?(dveditz)
Comment 4•9 years ago
|
||
Comment on attachment 8663080 [details] [diff] [review] patch Review of attachment 8663080 [details] [diff] [review]: ----------------------------------------------------------------- r=dveditz
Attachment #8663080 -
Flags: review?(dveditz) → review+
Comment 6•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/201ca50802b2
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox44:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla44
Reporter | ||
Comment 7•9 years ago
|
||
Comment on attachment 8663080 [details] [diff] [review] patch Approval Request Comment [Feature/regressing bug #]: 1201176 [User impact if declined]: Multiple add-ons will fail on Firefox 43 when signing is turned on. [Describe test coverage new/current, TreeHerder]: [Risks and why]: Seems low risk. [String/UUID change made/needed]: none (I believe)
Attachment #8663080 -
Flags: approval-mozilla-aurora?
Comment on attachment 8663080 [details] [diff] [review] patch Approved for uplift to aurora. Good to do since we accept long GUIDs again.
Attachment #8663080 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in
before you can comment on or make changes to this bug.
Description
•