Pier Angelo Vendrame pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: af856ef0 by Pier Angelo Vendrame at 2024-09-02T10:11:08+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42747: Discard unsupported updates earlier. Firefox's updater has a function to select updates, which checks mainly the version number. Therefore, a more recent update that is unsupported will be chosen over a compatible one. We patch this to be able to provide an alternative update path to Windows 7. - - - - - aa6ba139 by Pier Angelo Vendrame at 2024-09-02T10:11:12+02:00 fixup! Bug 19121: reinstate the update.xml hash check Bug 42737: Drop the hash check on updates. Updates are already signed, the hash check is redundant. Revert "Bug 19121: reinstate the update.xml hash check" This reverts commit 14ac8e5c0aff14dda4b15e435db58bea80960389. - - - - - 3 changed files: - toolkit/mozapps/update/UpdateService.sys.mjs - toolkit/mozapps/update/UpdateTelemetry.sys.mjs - toolkit/mozapps/update/nsIUpdateService.idl Changes: ===================================== toolkit/mozapps/update/UpdateService.sys.mjs ===================================== @@ -2110,8 +2110,6 @@ class UpdatePatch { // over writing nsIUpdatePatch attributes. _attrNames = [ "errorCode", - "hashFunction", - "hashValue", "finalURL", "selected", "size", @@ -2164,8 +2162,6 @@ class UpdatePatch { } break; case "finalURL": - case "hashFunction": - case "hashValue": case "state": case "type": case "URL": @@ -2186,8 +2182,6 @@ class UpdatePatch { */ serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); - patch.setAttribute("hashFunction", this.hashFunction); - patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -3757,18 +3751,20 @@ export class UpdateService { switch (update.type) { case "major": - if (!majorUpdate) { + if (!majorUpdate || majorUpdate.unsupported) { majorUpdate = update; } else if ( + !update.unsupported && vc.compare(majorUpdate.appVersion, update.appVersion) <= 0 ) { majorUpdate = update; } break; case "minor": - if (!minorUpdate) { + if (!minorUpdate || minorUpdate.unsupported) { minorUpdate = update; } else if ( + !update.unsupported && vc.compare(minorUpdate.appVersion, update.appVersion) <= 0 ) { minorUpdate = update; @@ -5876,56 +5872,7 @@ class Downloader { } LOG("Downloader:_verifyDownload downloaded size == expected size."); - let fileStream = Cc[ - "@mozilla.org/network/file-input-stream;1" - ].createInstance(Ci.nsIFileInputStream); - fileStream.init( - destination, - FileUtils.MODE_RDONLY, - FileUtils.PERMS_FILE, - 0 - ); - - let digest; - try { - let hash = Cc["@mozilla.org/security/hash;1"].createInstance( - Ci.nsICryptoHash - ); - var hashFunction = - Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; - if (hashFunction == undefined) { - throw Components.Exception("", Cr.NS_ERROR_UNEXPECTED); - } - hash.init(hashFunction); - hash.updateFromStream(fileStream, -1); - // NOTE: For now, we assume that the format of _patch.hashValue is hex - // encoded binary (such as what is typically output by programs like - // sha1sum). In the future, this may change to base64 depending on how - // we choose to compute these hashes. - hash = hash.finish(false); - digest = Array.from(hash, (c, i) => - hash.charCodeAt(i).toString(16).padStart(2, "0") - ).join(""); - } catch (e) { - LOG( - "Downloader:_verifyDownload - failed to compute hash of the downloaded update archive" - ); - digest = ""; - } - - fileStream.close(); - - if (digest == this._patch.hashValue.toLowerCase()) { - LOG("Downloader:_verifyDownload hashes match."); - return true; - } - - LOG("Downloader:_verifyDownload hashes do not match. "); - AUSTLMY.pingDownloadCode( - this.isCompleteUpdate, - AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH - ); - return false; + return true; } /** @@ -6565,9 +6512,6 @@ class Downloader { " is higher than patch size: " + this._patch.size ); - // It's important that we use a different code than - // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference - // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_LARGER @@ -6586,9 +6530,6 @@ class Downloader { " is not equal to expected patch size: " + this._patch.size ); - // It's important that we use a different code than - // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference - // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_NOT_EQUAL ===================================== toolkit/mozapps/update/UpdateTelemetry.sys.mjs ===================================== @@ -190,7 +190,6 @@ export var AUSTLMY = { DWNLD_ERR_VERIFY_NO_REQUEST: 13, DWNLD_ERR_VERIFY_PATCH_SIZE_NOT_EQUAL: 14, DWNLD_ERR_WRITE_FAILURE: 15, - DWNLD_ERR_VERIFY_NO_HASH_MATCH: 16, // Temporary failure code to see if there are failures without an update phase DWNLD_UNKNOWN_PHASE_ERR_WRITE_FAILURE: 40, ===================================== toolkit/mozapps/update/nsIUpdateService.idl ===================================== @@ -39,17 +39,6 @@ interface nsIUpdatePatch : nsISupports */ attribute AString finalURL; - /** - * The hash function to use when determining this file's integrity - */ - attribute AString hashFunction; - - /** - * The value of the hash function named above that should be computed if - * this file is not corrupt. - */ - attribute AString hashValue; - /** * The size of this file, in bytes. */ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a6ebf61... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a6ebf61... You're receiving this email because of your account on gitlab.torproject.org.