commit c33495014e6ce59c3b49225ad4beb1f72cb8fe96 Author: Georg Koppen gk@torproject.org Date: Thu Mar 30 10:38:06 2017 +0000
Bug 14970: Don't block our unsigned extensions
Mozilla introduced extension signing as a way to make it harder for an attacker to get a malicious add-on running in a user's browser. See: https://blog.mozilla.org/addons/2015/02/10/extension-signing-safer-experienc... and https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/ for some background information.
Since ESR45 this feature is enabled by default and we exempt EFF's HTTPS-Everywhere from this requirement. --- browser/components/BrowserGlue.jsm | 6 +++++- toolkit/mozapps/extensions/content/aboutaddonsCommon.js | 6 ++++++ toolkit/mozapps/extensions/internal/XPIDatabase.jsm | 5 +++++ toolkit/mozapps/extensions/internal/XPIInstall.jsm | 1 + 4 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index ed66ac8e3ac1..7ee2efc9f437 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2242,7 +2242,11 @@ BrowserGlue.prototype = { ); AddonManager.getAddonsByIDs(disabledAddons).then(addons => { for (let addon of addons) { - if (addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) { + // We don't need a false notification that our extensions are + // disabled. Even if they lack Mozilla's blessing they are enabled + // nevertheless. + if ((addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) && + (addon.id !== "https-everywhere-eff@eff.org")) { this._notifyUnsignedAddonsDisabled(); break; } diff --git a/toolkit/mozapps/extensions/content/aboutaddonsCommon.js b/toolkit/mozapps/extensions/content/aboutaddonsCommon.js index 9b218c3dae2c..a566979bc8c8 100644 --- a/toolkit/mozapps/extensions/content/aboutaddonsCommon.js +++ b/toolkit/mozapps/extensions/content/aboutaddonsCommon.js @@ -214,9 +214,15 @@ var gBrowser = { }, };
+// This function is the central check point to decide whether to show a warning +// about unsigned extensions or not. We want those warnings but only for +// extensions we don't distribute. function isCorrectlySigned(addon) { // Add-ons without an "isCorrectlySigned" property are correctly signed as // they aren't the correct type for signing. + if (addon.id == "https-everywhere-eff@eff.org") { + return true; + } return addon.isCorrectlySigned !== false; }
diff --git a/toolkit/mozapps/extensions/internal/XPIDatabase.jsm b/toolkit/mozapps/extensions/internal/XPIDatabase.jsm index 0b9bfa34b138..c8407541c2df 100644 --- a/toolkit/mozapps/extensions/internal/XPIDatabase.jsm +++ b/toolkit/mozapps/extensions/internal/XPIDatabase.jsm @@ -2211,6 +2211,11 @@ this.XPIDatabase = { * True if the add-on should not be appDisabled */ isUsableAddon(aAddon) { + // Ensure that we allow https-everywhere + if (aAddon.id == "https-everywhere-eff@eff.org") { + return true; + } + if (this.mustSign(aAddon.type) && !aAddon.isCorrectlySigned) { logger.warn(`Add-on ${aAddon.id} is not correctly signed.`); if (Services.prefs.getBoolPref(PREF_XPI_SIGNATURES_DEV_ROOT, false)) { diff --git a/toolkit/mozapps/extensions/internal/XPIInstall.jsm b/toolkit/mozapps/extensions/internal/XPIInstall.jsm index a7801077531f..4e16f7e7b2da 100644 --- a/toolkit/mozapps/extensions/internal/XPIInstall.jsm +++ b/toolkit/mozapps/extensions/internal/XPIInstall.jsm @@ -3917,6 +3917,7 @@ var XPIInstall = {
if ( XPIDatabase.mustSign(addon.type) && + addon.id !== "https-everywhere-eff@eff.org" && addon.signedState <= AddonManager.SIGNEDSTATE_MISSING ) { throw new Error(
tbb-commits@lists.torproject.org