December 2014 - tor-commits - lists.torproject.org

[tor-messenger-build/master] Restructure directory layout (#13979)
by sukhbir＠torproject.org 18 Dec '14

18 Dec '14

commit 3aa414fb9c997ac17eb94222acefb11ee2a78190 Author: Sukhbir Singh <sukhbir(a)torproject.org> Date: Thu Dec 18 15:27:11 2014 +0530 Restructure directory layout (#13979) --- projects/tor-messenger/build | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/projects/tor-messenger/build b/projects/tor-messenger/build index 3f7cd1b..02028f2 100644 --- a/projects/tor-messenger/build +++ b/projects/tor-messenger/build @@ -1,29 +1,31 @@ #!/bin/sh set -e -tar xf [% c('input_files_by_name/instantbird') %] + +mkdir -p bundle/Messenger/ +tar xf [% c('input_files_by_name/instantbird') %] -C bundle/Messenger --strip 1 [% IF c("var/linux") %] tar xf [% c('input_files_by_name/gcc') %] chmod 755 start-tor-messenger -mv start-tor-messenger instantbird/ -mkdir -p instantbird/lib -cp -L gcc/lib[% c('arch') == 'x86_64' ? '64' : '32' %]/libstdc++.so.6 instantbird/lib/ +mv start-tor-messenger bundle/ +mkdir -p bundle/Messenger/lib +cp -L gcc/lib[% c('arch') == 'x86_64' ? '64' : '32' %]/libstdc++.so.6 bundle/Messenger/lib/ [% END %] -cd instantbird/extensions -tar xf ../../[% c('input_files_by_name/ctypes-otr') %] +cd bundle/Messenger/extensions +tar xf ../../../[% c('input_files_by_name/ctypes-otr') %] mv ctypes-otr* 'ctypes-otr@tormessenger' mkdir tor-launcher(a)torproject.org -unzip -q ../../[% c('input_files_by_name/tor-launcher') %] -d tor-launcher(a)torproject.org +unzip -q ../../../[% c('input_files_by_name/tor-launcher') %] -d tor-launcher(a)torproject.org mkdir -p tor-launcher(a)torproject.org/TorBrowser/Data -tar xf ../../[% c('input_files_by_name/tor-browser') %] +tar xf ../../../[% c('input_files_by_name/tor-browser') %] sed -i 's/^SocksPort .*/SocksPort 9152/' tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults sed -i 's/^ControlPort .*/ControlPort 9153/' tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults mv tor-browser_en-US/Browser/TorBrowser/Tor tor-launcher(a)torproject.org/TorBrowser/Tor mv tor-browser_en-US/Browser/TorBrowser/Data/Tor tor-launcher(a)torproject.org/TorBrowser/Data/Tor rm -Rf tor-browser_en-US -cd ../.. -mv instantbird tor-messenger-[% c("version") %] +cd ../../../ +mv bundle tor-messenger-[% c("version") %] [% SET src_dir=project _ '-' _ c('version'); c('tar', { tar_src => [src_dir],

1 0

[tor-messenger-build/master] Add updateURL for default theme (set it to localhost)
by sukhbir＠torproject.org 18 Dec '14

18 Dec '14

commit 01e009e46e1ce8a3ff834bb3e7bcf678d71a9341 Author: Sukhbir Singh <sukhbir(a)torproject.org> Date: Thu Dec 18 11:51:41 2014 +0530 Add updateURL for default theme (set it to localhost) --- projects/instantbird/config | 1 + projects/instantbird/theme-extension-update.patch | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/projects/instantbird/config b/projects/instantbird/config index f592e96..7eab581 100644 --- a/projects/instantbird/config +++ b/projects/instantbird/config @@ -68,6 +68,7 @@ input_files: - filename: links.patch - filename: picture.patch - filename: trafficinfo.patch + - filename: theme-extension-update.patch - filename: installer.patch - filename: cert_override.txt - filename: fix-mingw-build.nsprpatch diff --git a/projects/instantbird/theme-extension-update.patch b/projects/instantbird/theme-extension-update.patch new file mode 100644 index 0000000..8ad39d4 --- /dev/null +++ b/projects/instantbird/theme-extension-update.patch @@ -0,0 +1,12 @@ +diff --git a/im/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in b/im/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in +index a7e38bb..5eea8ba 100644 +--- a/im/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in ++++ b/im/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in +@@ -26,6 +26,7 @@ +  + <em:name>Instantbird (default)</em:name> + <em:description>The default theme.</em:description> ++ <em:updateURL>https://127.0.0.1/</em:updateURL> + + <!-- EXTENSION AUTHORS! + DO NOT COPY THIS PROPERTY INTO YOUR INSTALL RDF FILES

1 0

[tor-browser-bundle/master] Bug 13379: Sign our MAR files.
by brade＠torproject.org 17 Dec '14

17 Dec '14

commit d852329ac0979d8005e9e8bdd9b3f8a049fc2db4 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Dec 17 16:57:28 2014 -0500 Bug 13379: Sign our MAR files. In the Linux mar-tools package, include certutil, signmar, and the required NSS and NSPR libraries. Change update_responses to select the action to be done based on the program name, thereby separating the incremental MAR file generation (done via a new 'gen_incrementals' symlink) from the htdocs generation. Also added an 'update_responses' make target. Thanks to boklm for help with this. Add a series of 'signmar' make targets which run a new signmars.sh script, which does the following: 1. Prompts for an NSS password (the script assumes that an nssdb directory exists that contains the signing key/cert). 2. Moves original (unsigned) MAR files to a TORBROWSER_VERSION-unsigned/ directory. 3. Signs each of the MAR files, placing the signed files in the TORBROWSER_VERSION/ directory. You may set NSS_DB_DIR and/or NSS_CERTNAME before running signmars.sh; the defaults are ./nssdb and marsigner --- gitian/Makefile | 15 +++ gitian/descriptors/linux/gitian-firefox.yml | 11 +++ gitian/signmars.sh | 135 +++++++++++++++++++++++++++ tools/update-responses/gen_incrementals | 1 + tools/update-responses/update_responses | 34 +++++-- 5 files changed, 189 insertions(+), 7 deletions(-) diff --git a/gitian/Makefile b/gitian/Makefile index 2c17656..9613db6 100644 --- a/gitian/Makefile +++ b/gitian/Makefile @@ -33,6 +33,21 @@ build-beta: ./hash-bundles.sh versions.beta incrementals: + ../tools/update-responses/gen_incrementals + +signmars: + ./signmars.sh versions + +signmars-alpha: + ./signmars.sh versions.alpha + +signmars-beta: + ./signmars.sh versions.beta + +signmars-nightly: + ./signmars.sh versions.nightly + +update_responses: ../tools/update-responses/update_responses hash: diff --git a/gitian/descriptors/linux/gitian-firefox.yml b/gitian/descriptors/linux/gitian-firefox.yml index 5f96b6e..a1abf2e 100644 --- a/gitian/descriptors/linux/gitian-firefox.yml +++ b/gitian/descriptors/linux/gitian-firefox.yml @@ -136,12 +136,23 @@ script: | rm -f $INSTDIR/Browser/*.chk # # Make MAR-based update tools available for use during the bundle phase. + # Note that mar and mbsdiff are standalone tools, compiled for the build + # host's architecture. We also include signmar, certutil, and the libraries + # they require; these utilities and libraries are built for the target + # architecture. MARTOOLS=~/build/mar-tools mkdir -p $MARTOOLS cp -p config/createprecomplete.py $MARTOOLS/ cp -p tools/update-packaging/*.sh $MARTOOLS/ cp -p obj-*/dist/host/bin/mar $MARTOOLS/ cp -p obj-*/dist/host/bin/mbsdiff $MARTOOLS/ + cp -p obj-*/modules/libmar/tool/signmar $MARTOOLS/ + cp -p obj-*/security/nss/cmd/certutil/certutil $MARTOOLS/ + NSS_LIBS="libfreebl3.so libmozsqlite3.so libnss3.so libnssdbm3.so libnssutil3.so libsmime3.so libsoftokn3.so libssl3.so" + NSPR_LIBS="libnspr4.so libplc4.so libplds4.so" + for LIB in $NSS_LIBS $NSPR_LIBS; do + cp -p obj-*/dist/bin/$LIB $MARTOOLS/ + done cd ~/build zip -r mar-tools-linux${GBUILD_BITS}.zip mar-tools cp -p mar-tools-linux${GBUILD_BITS}.zip $OUTDIR/ diff --git a/gitian/signmars.sh b/gitian/signmars.sh new file mode 100755 index 0000000..fdb531e --- /dev/null +++ b/gitian/signmars.sh @@ -0,0 +1,135 @@ +#!/bin/bash +# +# +# You may set NSS_DB_DIR and/or NSS_CERTNAME before invoking this script. + +set -e +set -u + +WRAPPER_DIR=$(dirname "$0") +WRAPPER_DIR=$(readlink -e "$WRAPPER_DIR") + +if [ -z "${NSS_DB_DIR+x}" ]; then + NSS_DB_DIR=$WRAPPER_DIR/nssdb +fi + +if [ -z "${NSS_CERTNAME+x}" ]; then + NSS_CERTNAME=marsigner +fi + +# Incorporate definitions from the versions file. +if [ -z "$1" ]; then + VERSIONS_FILE=$WRAPPER_DIR/versions +else + VERSIONS_FILE=$1 +fi + +if ! [ -e $VERSIONS_FILE ]; then + echo >&2 "Error: $VERSIONS_FILE file does not exist" + exit 1 +fi + +. $VERSIONS_FILE + +export LC_ALL=C + +# Check some prerequisites. +if [ ! -r "$NSS_DB_DIR/cert8.db" ]; then + >&2 echo "Please create and populate the $NSS_DB_DIR directory" + exit 2 +fi + +OSNAME="" +ARCH="$(uname -s)-$(uname -m)" +case $ARCH in + Linux-x86_64) + OSNAME="linux64" + ;; + Linux-i*86) + OSNAME="linux32" + ;; + *) + >&2 echo "Unsupported architecture $ARCH" + exit 2 +esac + +# Extract the MAR tools so we can use the signmar program. +MARTOOLS_TMP_DIR=$(mktemp -d) +trap "rm -rf $MARTOOLS_TMP_DIR" EXIT +MARTOOLS_ZIP="$WRAPPER_DIR/../../gitian-builder/inputs/mar-tools-${OSNAME}.zip" +cd $MARTOOLS_TMP_DIR +unzip -q "$MARTOOLS_ZIP" +cd $WRAPPER_DIR +export PATH="$MARTOOLS_TMP_DIR/mar-tools:$PATH" +if [ -z "${LD_LIBRARY_PATH+x}" ]; then + export LD_LIBRARY_PATH="$MARTOOLS_TMP_DIR/mar-tools" +else + export LD_LIBRARY_PATH="$MARTOOLS_TMP_DIR/mar-tools:$LD_LIBRARY_PATH" +fi + +# Prompt for the NSS password. +# TODO: Test that the entered NSS password is correct. But how? Unfortunately, +# both certutil and signmar keep trying to read a new password when they are +# given an incorrect one. +read -s -p "NSS password:" NSSPASS +echo "" + +# Sign each MAR file. +# +# Our strategy is to first move all .mar files out of the TORBROWSER_VERSION +# directory into a TORBROWSER_VERSION-unsigned/ directory. Details: +# If a file has not been signed, we move it to the -unsigned/ directory. +# If a file has already been signed and a file with the same name exists in +# the -unsigned/ directory, we just delete the signed file. +# If a file has already been signed but no corresponding file exists in +# the -unsigned/ directory, we report an error and exit. +# +# Once the above is done, the -unsigned/ directory contains a set of .mar +# files that need to be signed, so we go ahead and sign them one-by-one. +SIGNED_DIR="$WRAPPER_DIR/$TORBROWSER_VERSION" +UNSIGNED_DIR="$WRAPPER_DIR/${TORBROWSER_VERSION}-unsigned" +mkdir -p "$UNSIGNED_DIR" +cd "$SIGNED_DIR" +for marfile in *.mar; do + if [ ! -f "$marfile" ]; then + continue; + fi + + # First, we check for an existing signature. The signmar -T output will + # include a line like "Signature block found with N signatures". + SIGINFO_PREFIX="Signature block found with " + SIGINFO=$(signmar -T "$marfile" | grep "^${SIGINFO_PREFIX}") + SIGCOUNT=0 + if [ ! -z "$SIGINFO" ]; then + SIGCOUNT=$(echo $SIGINFO | sed -e "s/${SIGINFO_PREFIX}//" -e 's/$[0-9]*$.*$/\1/') + fi + if [ $SIGCOUNT -eq 0 ]; then + # No signature; move this .mar file to the -unsigned/ directory. + mv "$marfile" "$UNSIGNED_DIR/" + elif [ -e "$UNSIGNED_DIR/$marfile" ]; then + # We have an -unsigned/ copy; discard this file. + rm "$marfile" + else + >&2 echo "Error: $SIGNED_DIR/$marfile is already signed but $UNSIGNED_DIR/$marfile is missing" + # TODO: Try to remove the existing signature(s) from marfile? + exit 1 + fi +done + +# Use signmar to sign each .mar file that is now in the -unsigned directory. +TMPMAR="$SIGNED_DIR/tmp.mar" +trap "rm -f $TMPMAR" EXIT +cd "$UNSIGNED_DIR" +COUNT=0 +for marfile in *.mar; do + if [ ! -f "$marfile" ]; then + continue; + fi + echo "$NSSPASS" | signmar -d "$NSS_DB_DIR" -n "$NSS_CERTNAME" -s \ + "$marfile" "$TMPMAR" + mv "$TMPMAR" "$SIGNED_DIR/$marfile" + COUNT=$((COUNT + 1)) +done + +echo "The $COUNT MAR files located in $SIGNED_DIR/ have been signed." +echo "The unsigned (original) MAR files are in $UNSIGNED_DIR/" diff --git a/tools/update-responses/gen_incrementals b/tools/update-responses/gen_incrementals new file mode 120000 index 0000000..3766925 --- /dev/null +++ b/tools/update-responses/gen_incrementals @@ -0,0 +1 @@ +update_responses \ No newline at end of file diff --git a/tools/update-responses/update_responses b/tools/update-responses/update_responses index b28b575..5b85037 100755 --- a/tools/update-responses/update_responses +++ b/tools/update-responses/update_responses @@ -1,6 +1,7 @@ #!/usr/bin/perl -w use strict; +use English; use FindBin; use YAML qw(LoadFile); use File::Slurp; @@ -13,6 +14,7 @@ use File::Which; use POSIX qw(setlocale LC_ALL); use IO::CaptureOutput qw(capture_exec); use Parallel::ForkManager; +use File::Basename; # Set umask and locale to provide a consistent environment for MAR file # generation, etc. @@ -158,7 +160,7 @@ sub create_incremental_mar { $pm->finish; } -sub create_missing_incremental_mars { +sub create_missing_incremental_mars_for_version { my ($config, $version) = @_; my $pm = Parallel::ForkManager->new(get_nbprocs); $pm->run_on_finish(sub { $_[2]->(@_) }); @@ -178,6 +180,14 @@ sub create_missing_incremental_mars { $pm->wait_all_children; } +sub create_all_missing_incremental_mars { + my ($config) = @_; + foreach my $version (values %{$config->{channels}}) { + get_version_files($config, $version); + create_missing_incremental_mars_for_version($config, $version); + } +} + sub get_config { my ($config, $version, $os, $name) = @_; return $config->{versions}{$version}{$os}{$name} @@ -224,7 +234,6 @@ sub write_responses { my ($config) = @_; foreach my $version (values %{$config->{channels}}) { get_version_files($config, $version); - create_missing_incremental_mars($config, $version); my $files = $config->{versions}{$version}{files}; my $migrate_archs = $config->{versions}{$version}{migrate_archs} // {}; foreach my $old_os (keys %$migrate_archs) { @@ -309,8 +318,19 @@ sub extract_martools { $ENV{PATH} .= ":$martools_tmpdir/mar-tools"; } -extract_martools; -check_deps; -write_responses($config); -write_htaccess($config); -clean_htdocs; +my %actions = ( + update_responses => sub { + write_responses(@_); + write_htaccess(@_); + clean_htdocs; + }, + gen_incrementals => sub { + extract_martools; + check_deps; + create_all_missing_incremental_mars(@_); + }, +); + +my $action = fileparse($PROGRAM_NAME); +exit_error "Unknown action $action" unless $actions{$action}; +$actions{$action}->($config);

1 0

[tor-browser/tor-browser-31.3.0esr-4.5-1] Bug 902761 - Build configuration for turning .der files into .h files. r=rstrong
by brade＠torproject.org 17 Dec '14

17 Dec '14

commit 7d87311b58709d8ab2a8ec052e0613b574b19a7b Author: Brian R. Bondy <netzen(a)gmail.com> Date: Wed Oct 15 23:00:23 2014 -0400 Bug 902761 - Build configuration for turning .der files into .h files. r=rstrong --- toolkit/mozapps/update/updater/Makefile.in | 16 +++++++++++++ toolkit/mozapps/update/updater/gen_cert_header.py | 25 +++++++++++++++++++++ toolkit/mozapps/update/updater/moz.build | 4 ---- 3 files changed, 41 insertions(+), 4 deletions(-) diff --git a/toolkit/mozapps/update/updater/Makefile.in b/toolkit/mozapps/update/updater/Makefile.in index d4c06b9..bd6716b 100644 --- a/toolkit/mozapps/update/updater/Makefile.in +++ b/toolkit/mozapps/update/updater/Makefile.in @@ -44,6 +44,22 @@ endif include $(topsrcdir)/config/rules.mk +ifneq (,$(filter beta release esr,$(MOZ_UPDATE_CHANNEL))) + PRIMARY_CERT = release_primary.der + SECONDARY_CERT = release_secondary.der +else ifneq (,$(filter nightly aurora nightly-elm nightly-profiling nightly-oak nightly-ux,$(MOZ_UPDATE_CHANNEL))) + PRIMARY_CERT = nightly_aurora_level3_primary.der + SECONDARY_CERT = nightly_aurora_level3_secondary.der +else + PRIMARY_CERT = dep1.der + SECONDARY_CERT = dep2.der +endif + +export:: + $(PYTHON) $(srcdir)/gen_cert_header.py primaryCertData $(srcdir)/$(PRIMARY_CERT) > primaryCert.h + $(PYTHON) $(srcdir)/gen_cert_header.py secondaryCertData $(srcdir)/$(SECONDARY_CERT) > secondaryCert.h + $(PYTHON) $(srcdir)/gen_cert_header.py xpcshellCertData $(srcdir)/xpcshellCertificate.der > xpcshellCert.h + ifdef MOZ_WIDGET_GTK libs:: updater.png $(NSINSTALL) -D $(DIST)/bin/icons diff --git a/toolkit/mozapps/update/updater/gen_cert_header.py b/toolkit/mozapps/update/updater/gen_cert_header.py new file mode 100644 index 0000000..182e98b --- /dev/null +++ b/toolkit/mozapps/update/updater/gen_cert_header.py @@ -0,0 +1,25 @@ +import sys +import binascii + +def file_byte_generator(filename, block_size = 512): + with open(filename, "rb") as f: + while True: + block = f.read(block_size) + if block: + for byte in block: + yield byte + else: + break + +def create_header(array_name, in_filename): + hexified = ["0x" + binascii.hexlify(byte) for byte in file_byte_generator(in_filename)] + print "const uint8_t " + array_name + "[] = {" + print ", ".join(hexified) + print "};" + return 0 + +if __name__ == '__main__': + if len(sys.argv) < 3: + print 'ERROR: usage: gen_cert_header.py array_name in_filename' + sys.exit(1); + sys.exit(create_header(sys.argv[1], sys.argv[2])) diff --git a/toolkit/mozapps/update/updater/moz.build b/toolkit/mozapps/update/updater/moz.build index ba1c088..833164a 100644 --- a/toolkit/mozapps/update/updater/moz.build +++ b/toolkit/mozapps/update/updater/moz.build @@ -78,7 +78,3 @@ if CONFIG['_MSC_VER']: elif CONFIG['OS_ARCH'] == 'WINNT': WIN32_EXE_LDFLAGS += ['-municode'] -if CONFIG['MOZ_UPDATE_CHANNEL'] in ('beta', 'release', 'esr'): - DEFINES['MAR_SIGNING_RELEASE_BETA'] = '1' -elif CONFIG['MOZ_UPDATE_CHANNEL'] in ('nightly', 'aurora', 'nightly-elm', 'nightly-profiling', 'nightly-oak', 'nightly-ux'): - DEFINES['MAR_SIGNING_AURORA_NIGHTLY'] = '1'

1 0

[tor-browser/tor-browser-31.3.0esr-4.5-1] Bug 13379: Sign our MAR files.
by brade＠torproject.org 17 Dec '14

17 Dec '14

commit 7612aeba131f3eca1c80a369aab97da6fc249565 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Dec 17 16:37:11 2014 -0500 Bug 13379: Sign our MAR files. Configure with --enable-signmar (build the signmar tool). Configure with --enable-verify-mar (when updating, require a valid signature on the MAR file before it is applied). Use the Tor Browser version instead of the Firefox version inside the MAR file info block (necessary to prevent downgrade attacks). Use NSS on all platforms for checking MAR signatures (Mozilla plans to use OS-native APIs on Mac OS and they already do so on Windows). So that the NSS and NSPR libraries the updater depends on can be found at runtime, we add the firefox directory to the shared library search path on all platforms. Use SHA512-based MAR signatures instead of the SHA1-based ones that Mozilla uses. This is implemented inside MAR_USE_SHA512_RSA_SIG #ifdef's and with a signature algorithm ID of 512 to help avoid collisions with future work Mozilla might do in this area. See: https://bugzilla.mozilla.org/show_bug.cgi?id=1105689 --- .mozconfig | 4 +-- .mozconfig-mac | 4 +-- .mozconfig-mingw | 4 +-- modules/libmar/sign/mar_sign.c | 15 ++++++++-- modules/libmar/sign/moz.build | 1 + modules/libmar/src/mar_private.h | 8 +++++ modules/libmar/tool/Makefile.in | 1 - modules/libmar/tool/mar.c | 26 +++++++++++----- modules/libmar/tool/moz.build | 7 +++++ modules/libmar/verify/cryptox.c | 8 +++-- modules/libmar/verify/cryptox.h | 9 ++++++ modules/libmar/verify/mar_verify.c | 21 +++++++++++-- modules/libmar/verify/moz.build | 14 +++------ security/build/Makefile.in | 2 +- toolkit/mozapps/update/updater/Makefile.in | 14 ++++++++- toolkit/mozapps/update/updater/moz.build | 1 + toolkit/mozapps/update/updater/updater.cpp | 21 ++++++++----- toolkit/xre/nsUpdateDriver.cpp | 44 +++++++++++++++++----------- 18 files changed, 147 insertions(+), 57 deletions(-) diff --git a/.mozconfig b/.mozconfig index f0c5510..f2874e8 100755 --- a/.mozconfig +++ b/.mozconfig @@ -11,8 +11,8 @@ ac_add_options --enable-optimize ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update ac_add_options --enable-update-packaging -# We do not use signed MAR files yet (Mozilla uses them on Windows only). -ac_add_options --disable-verify-mar +ac_add_options --enable-signmar +ac_add_options --enable-verify-mar ac_add_options --disable-strip ac_add_options --disable-install-strip ac_add_options --disable-tests diff --git a/.mozconfig-mac b/.mozconfig-mac index 2c06c34..06dc226 100644 --- a/.mozconfig-mac +++ b/.mozconfig-mac @@ -38,8 +38,8 @@ ac_add_options --disable-debug ac_add_options --enable-tor-browser-update ac_add_options --enable-update-packaging -# We do not use signed MAR files yet (Mozilla uses them on Windows only). -ac_add_options --disable-verify-mar +ac_add_options --enable-signmar +ac_add_options --enable-verify-mar # ICU seems still to have cross-compiling issues: ac_add_options --without-intl-api diff --git a/.mozconfig-mingw b/.mozconfig-mingw index 691178b..15954d7 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -16,8 +16,8 @@ ac_add_options --enable-strip ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update ac_add_options --enable-update-packaging -# We do not use signed MAR files yet (Mozilla uses them on Windows only). -ac_add_options --disable-verify-mar +ac_add_options --enable-signmar +ac_add_options --enable-verify-mar # ICU seems still to have cross-compiling issues: # https://bugzilla.mozilla.org/show_bug.cgi?id=1019744#c19 diff --git a/modules/libmar/sign/mar_sign.c b/modules/libmar/sign/mar_sign.c index 6f21a31..e867d28 100644 --- a/modules/libmar/sign/mar_sign.c +++ b/modules/libmar/sign/mar_sign.c @@ -95,7 +95,12 @@ NSSSignBegin(const char *certName, return -1; } - *ctx = SGN_NewContext (SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE, *privKey); +#ifdef MAR_USE_SHA512_RSA_SIG + SECOidTag sigAlg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; +#else + SECOidTag sigAlg = SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE; +#endif + *ctx = SGN_NewContext (sigAlg, *privKey); if (!*ctx) { fprintf(stderr, "ERROR: Could not create signature context\n"); return -1; @@ -991,8 +996,12 @@ mar_repackage_and_sign(const char *NSSConfigDir, signaturePlaceholderOffset = ftello(fpDest); for (k = 0; k < certCount; k++) { - /* Write out the signature algorithm ID, Only an ID of 1 is supported */ - signatureAlgorithmID = htonl(1); + /* Write out the signature algorithm ID. */ +#ifdef MAR_USE_SHA512_RSA_SIG + signatureAlgorithmID = htonl(SIGNATURE_ALGORITHM_ID_SHA512_RSA); +#else + signatureAlgorithmID = htonl(SIGNATURE_ALGORITHM_ID_SHA1_RSA); +#endif if (WriteAndUpdateSignatures(fpDest, &signatureAlgorithmID, sizeof(signatureAlgorithmID), ctxs, certCount, "num signatures")) { diff --git a/modules/libmar/sign/moz.build b/modules/libmar/sign/moz.build index a6d0308..2be6da2 100644 --- a/modules/libmar/sign/moz.build +++ b/modules/libmar/sign/moz.build @@ -19,6 +19,7 @@ LOCAL_INCLUDES += [ ] DEFINES['MAR_NSS'] = True +DEFINES['MAR_USE_SHA512_RSA_SIG'] = True if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True diff --git a/modules/libmar/src/mar_private.h b/modules/libmar/src/mar_private.h index e0c2632..add03f5 100644 --- a/modules/libmar/src/mar_private.h +++ b/modules/libmar/src/mar_private.h @@ -21,6 +21,14 @@ which is 16 bytes */ #define SIGNATURE_BLOCK_OFFSET 16 +/* Signature algorithm IDs. */ +#define SIGNATURE_ALGORITHM_ID_SHA1_RSA 1 +#ifdef MAR_USE_SHA512_RSA_SIG +/* Use 512 as the algorithm ID so it is less likely that we will conflict with + whatever Mozilla chooses when they add support for a stronger signature. */ +#define SIGNATURE_ALGORITHM_ID_SHA512_RSA 512 +#endif + /* Make sure the file is less than 500MB. We do this to protect against invalid MAR files. */ #define MAX_SIZE_OF_MAR_FILE ((int64_t)524288000) diff --git a/modules/libmar/tool/Makefile.in b/modules/libmar/tool/Makefile.in index fb456726..06ec0ea 100644 --- a/modules/libmar/tool/Makefile.in +++ b/modules/libmar/tool/Makefile.in @@ -44,6 +44,5 @@ include $(topsrcdir)/config/rules.mk ifdef CROSS_COMPILE ifdef HOST_NSPR_MDCPUCFG HOST_CFLAGS += -DMDCPUCFG=$(HOST_NSPR_MDCPUCFG) -CFLAGS += -DMDCPUCFG=$(HOST_NSPR_MDCPUCFG) endif endif diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 821813c..82701a9 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -31,7 +31,11 @@ int mar_repackage_and_sign(const char *NSSConfigDir, const char * dest); static void print_version() { +#ifdef TOR_BROWSER_UPDATE + printf("Version: %s\n", TOR_BROWSER_VERSION); +#else printf("Version: %s\n", MOZ_APP_VERSION); +#endif printf("Default Channel ID: %s\n", MAR_CHANNEL_ID); } @@ -61,7 +65,7 @@ static void print_usage() { "signed_input_archive.mar base_64_encoded_signature_file " "changed_signed_output.mar\n"); printf("(i) is the index of the certificate to extract\n"); -#if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) +#if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) printf("Verify a MAR file:\n"); printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); printf("At most %d signature certificate DER files are specified by " @@ -116,7 +120,11 @@ int main(int argc, char **argv) { char *NSSConfigDir = NULL; const char *certNames[MAX_SIGNATURES]; char *MARChannelID = MAR_CHANNEL_ID; +#ifdef TOR_BROWSER_UPDATE + char *productVersion = TOR_BROWSER_VERSION; +#else char *productVersion = MOZ_APP_VERSION; +#endif uint32_t i, k; int rv = -1; uint32_t certCount = 0; @@ -135,8 +143,8 @@ int main(int argc, char **argv) { #if defined(XP_WIN) && !defined(MAR_NSS) && !defined(NO_SIGN_VERIFY) memset(certBuffers, 0, sizeof(certBuffers)); #endif -#if !defined(NO_SIGN_VERIFY) && ((!defined(MAR_NSS) && defined(XP_WIN)) || \ - defined(XP_MACOSX)) +#if !defined(NO_SIGN_VERIFY) && (!defined(MAR_NSS) && (defined(XP_WIN) || \ + defined(XP_MACOSX))) memset(DERFilePaths, 0, sizeof(DERFilePaths)); memset(fileSizes, 0, sizeof(fileSizes)); #endif @@ -165,8 +173,8 @@ int main(int argc, char **argv) { argv += 2; argc -= 2; } -#if !defined(NO_SIGN_VERIFY) && ((!defined(MAR_NSS) && defined(XP_WIN)) || \ - defined(XP_MACOSX)) +#if !defined(NO_SIGN_VERIFY) && (!defined(MAR_NSS) && (defined(XP_WIN) || \ + defined(XP_MACOSX))) /* -D DERFilePath, also matches -D[index] DERFilePath We allow an index for verifying to be symmetric with the import and export command line arguments. */ @@ -341,6 +349,10 @@ int main(int argc, char **argv) { #if (defined(XP_WIN) || defined(XP_MACOSX)) && !defined(MAR_NSS) rv = mar_read_entire_file(DERFilePaths[k], MAR_MAX_CERT_SIZE, &certBuffers[k], &fileSizes[k]); + if (rv) { + fprintf(stderr, "ERROR: could not read file %s", DERFilePaths[k]); + break; + } #else /* It is somewhat circuitous to look up a CERTCertificate and then pass * in its DER encoding just so we can later re-create that @@ -357,11 +369,11 @@ int main(int argc, char **argv) { } else { rv = -1; } -#endif if (rv) { - fprintf(stderr, "ERROR: could not read file %s", DERFilePaths[k]); + fprintf(stderr, "ERROR: no certificate named %s", certNames[k]); break; } +#endif } if (!rv) { diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build index 9e739e0..6b14e00 100644 --- a/modules/libmar/tool/moz.build +++ b/modules/libmar/tool/moz.build @@ -17,8 +17,15 @@ HOST_PROGRAM = 'mar' for var in ('MAR_CHANNEL_ID', 'MOZ_APP_VERSION'): DEFINES[var] = '"%s"' % CONFIG[var] +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['TOR_BROWSER_UPDATE'] = '%s' % CONFIG['TOR_BROWSER_UPDATE'] +if CONFIG['TOR_BROWSER_VERSION']: + DEFINES['TOR_BROWSER_VERSION'] = '"%s"' % CONFIG['TOR_BROWSER_VERSION'] + if not CONFIG['MOZ_ENABLE_SIGNMAR']: DEFINES['NO_SIGN_VERIFY'] = True +else: + DEFINES['MAR_NSS'] = True if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True diff --git a/modules/libmar/verify/cryptox.c b/modules/libmar/verify/cryptox.c index af34210..f39669b 100644 --- a/modules/libmar/verify/cryptox.c +++ b/modules/libmar/verify/cryptox.c @@ -64,8 +64,12 @@ NSS_VerifyBegin(VFYContext **ctx, return CryptoX_Error; } - *ctx = VFY_CreateContext(*publicKey, NULL, - SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE, NULL); +#ifdef MAR_USE_SHA512_RSA_SIG + SECOidTag sigAlg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; +#else + SECOidTag sigAlg = SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE; +#endif + *ctx = VFY_CreateContext(*publicKey, NULL, sigAlg, NULL); if (*ctx == NULL) { return CryptoX_Error; } diff --git a/modules/libmar/verify/cryptox.h b/modules/libmar/verify/cryptox.h index ec8f5ac..8f579b6 100644 --- a/modules/libmar/verify/cryptox.h +++ b/modules/libmar/verify/cryptox.h @@ -59,6 +59,10 @@ CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx , #elif XP_MACOSX +#ifdef MAR_USE_SHA512_RSA_SIG +#error MAR_USE_SHA512_RSA_SIG is not implemented. +#endif + #define CryptoX_InvalidHandleValue NULL #define CryptoX_ProviderHandle void* #define CryptoX_SignatureHandle void* @@ -105,6 +109,11 @@ void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey); #elif defined(XP_WIN) +#ifdef MAR_USE_SHA512_RSA_SIG +#error MAR_USE_SHA512_RSA_SIG is not implemented. +#endif + + #include <windows.h> #include <wincrypt.h> diff --git a/modules/libmar/verify/mar_verify.c b/modules/libmar/verify/mar_verify.c index 165a802..78b3247 100644 --- a/modules/libmar/verify/mar_verify.c +++ b/modules/libmar/verify/mar_verify.c @@ -276,8 +276,25 @@ mar_extract_and_verify_signatures_fp(FILE *fp, } /* We don't try to verify signatures we don't know about */ - if (signatureAlgorithmIDs[i] != 1) { - fprintf(stderr, "ERROR: Unknown signature algorithm ID.\n"); +#ifdef MAR_USE_SHA512_RSA_SIG + const uint32_t kSupportedAlgID = SIGNATURE_ALGORITHM_ID_SHA512_RSA; +#else + const uint32_t kSupportedAlgID = SIGNATURE_ALGORITHM_ID_SHA1_RSA; +#endif + + if (signatureAlgorithmIDs[i] != kSupportedAlgID) { +#ifdef MAR_USE_SHA512_RSA_SIG + if (signatureAlgorithmIDs[i] == SIGNATURE_ALGORITHM_ID_SHA1_RSA) { + fprintf(stderr, + "ERROR: Unsupported signature algorithm (SHA1 with RSA).\n"); + } else { + fprintf(stderr, "ERROR: Unknown signature algorithm ID %u.\n", + signatureAlgorithmIDs[i]); + } +#else + fprintf(stderr, "ERROR: Unknown signature algorithm ID %u.\n", + signatureAlgorithmIDs[i]); +#endif for (i = 0; i < signatureCount; ++i) { free(extractedSignatures[i]); } diff --git a/modules/libmar/verify/moz.build b/modules/libmar/verify/moz.build index 6667bc1..ec5a3a2 100644 --- a/modules/libmar/verify/moz.build +++ b/modules/libmar/verify/moz.build @@ -15,16 +15,10 @@ FORCE_STATIC_LIB = True if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True -elif CONFIG['OS_ARCH'] == 'Darwin': - UNIFIED_SOURCES += [ - 'MacVerifyCrypto.cpp', - ] - LDFLAGS += [ - '-framework Security', - ] -else: - DEFINES['MAR_NSS'] = True - LOCAL_INCLUDES += ['../sign'] + +DEFINES['MAR_NSS'] = True +DEFINES['MAR_USE_SHA512_RSA_SIG'] = True +LOCAL_INCLUDES += ['../sign'] LOCAL_INCLUDES += [ '../src', diff --git a/security/build/Makefile.in b/security/build/Makefile.in index 0453492..816acd9 100644 --- a/security/build/Makefile.in +++ b/security/build/Makefile.in @@ -289,11 +289,11 @@ endif NSS_DIRS += \ nss/cmd/lib \ nss/cmd/shlibsign \ + nss/cmd/certutil \ $(NULL) ifdef ENABLE_TESTS NSS_DIRS += \ - nss/cmd/certutil \ nss/cmd/pk12util \ nss/cmd/modutil \ $(NULL) diff --git a/toolkit/mozapps/update/updater/Makefile.in b/toolkit/mozapps/update/updater/Makefile.in index 52cdbeb..bdb9f27 100644 --- a/toolkit/mozapps/update/updater/Makefile.in +++ b/toolkit/mozapps/update/updater/Makefile.in @@ -3,6 +3,9 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +# Use NSS for MAR signature verification on all platforms: +MAR_NSS=1 + # Don't link the updater against libmozglue. See bug 687139 MOZ_GLUE_LDFLAGS = MOZ_GLUE_PROGRAM_LDFLAGS = @@ -22,7 +25,14 @@ LIBS += $(call EXPAND_LIBNAME_PATH,signmar,$(DEPTH)/modules/libmar/sign) LIBS += $(call EXPAND_LIBNAME_PATH,verifymar,$(DEPTH)/modules/libmar/verify) ifeq ($(OS_ARCH),WINNT) OS_LIBS += $(call EXPAND_LIBNAME,comctl32 ws2_32 shell32 shlwapi) +ifdef MAR_NSS +LINK_UPDATER_WITH_NSS=1 +endif else +LINK_UPDATER_WITH_NSS=1 +endif + +ifdef LINK_UPDATER_WITH_NSS LIBS += $(DIST)/lib/$(LIB_PREFIX)nss3.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nssutil3.$(LIB_SUFFIX) \ $(NSPR_LIBS) @@ -49,7 +59,7 @@ endif include $(topsrcdir)/config/rules.mk -ifneq (,$(filter beta release esr,$(MOZ_UPDATE_CHANNEL))) +ifneq (,$(filter alpha beta release esr,$(MOZ_UPDATE_CHANNEL))) PRIMARY_CERT = release_primary.der SECONDARY_CERT = release_secondary.der else ifneq (,$(filter nightly aurora nightly-elm nightly-profiling nightly-oak nightly-ux,$(MOZ_UPDATE_CHANNEL))) @@ -81,9 +91,11 @@ libs:: rm -f $(DIST)/bin/updater endif +ifndef LINK_UPDATER_WITH_NSS ifeq ($(OS_ARCH),WINNT) EXTRA_LIBS += $(call EXPAND_LIBNAME,crypt32) EXTRA_LIBS += $(call EXPAND_LIBNAME,advapi32) endif +endif CXXFLAGS += $(MOZ_BZ2_CFLAGS) diff --git a/toolkit/mozapps/update/updater/moz.build b/toolkit/mozapps/update/updater/moz.build index 833164a..950a6f8 100644 --- a/toolkit/mozapps/update/updater/moz.build +++ b/toolkit/mozapps/update/updater/moz.build @@ -57,6 +57,7 @@ if have_progressui == 0: 'progressui_null.cpp', ] +DEFINES['MAR_NSS'] = True DEFINES['NS_NO_XPCOM'] = True DISABLE_STL_WRAPPING = True for var in ('MAR_CHANNEL_ID', 'MOZ_APP_VERSION'): diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 3a3968e..80de531 100644 --- a/toolkit/mozapps/update/updater/updater.cpp +++ b/toolkit/mozapps/update/updater/updater.cpp @@ -108,10 +108,12 @@ static bool sUseHardLinks = true; # define MAYBE_USE_HARD_LINKS 0 #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +#if defined(MAR_NSS) || !defined(XP_WIN) #include "nss.h" #include "prerror.h" #endif +#endif #ifdef XP_WIN #include "updatehelper.h" @@ -2422,8 +2424,13 @@ UpdateThreadFunc(void *param) MARStrings.MARChannelID[0] = '\0'; } +#ifdef TOR_BROWSER_UPDATE + const char *appVersion = TOR_BROWSER_VERSION; +#else + const char *appVersion = MOZ_APP_VERSION; +#endif rv = gArchiveReader.VerifyProductInformation(MARStrings.MARChannelID, - MOZ_APP_VERSION); + appVersion); } } #endif @@ -2526,11 +2533,10 @@ int NS_main(int argc, NS_tchar **argv) } #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) - // On Windows we rely on CyrptoAPI to do verifications so we don't need to - // initialize NSS at all there. - // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS - // databases. +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +#if defined(MAR_NSS) || !defined(XP_WIN) + // If using NSS for signature verification, initialize NSS but minimize + // the portion we depend on by avoiding all of the NSS databases. if (NSS_NoDB_Init(NULL) != SECSuccess) { PRErrorCode error = PR_GetError(); fprintf(stderr, "Could not initialize NSS: %s (%d)", @@ -2538,6 +2544,7 @@ int NS_main(int argc, NS_tchar **argv) _exit(1); } #endif +#endif InitProgressUI(&argc, &argv); diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp index 1188736..aeb2b6b 100644 --- a/toolkit/xre/nsUpdateDriver.cpp +++ b/toolkit/xre/nsUpdateDriver.cpp @@ -17,6 +17,7 @@ #include "prproces.h" #include "prlog.h" #include "prenv.h" +#include "prprf.h" #include "nsVersionComparator.h" #include "nsXREDirProvider.h" #include "SpecialSystemDirectory.h" @@ -39,7 +40,6 @@ # include <windows.h> # include <shlwapi.h> # include "nsWindowsHelpers.h" -# include "prprf.h" # define getcwd(path, size) _getcwd(path, size) # define getpid() GetCurrentProcessId() #elif defined(XP_UNIX) @@ -134,25 +134,39 @@ GetCurrentWorkingDir(char *buf, size_t size) } +// In Tor Browser, updater(.exe) depends on some shared libraries that are +// located in the app directory. To allow the updater to run when it has been +// copied into the update directory, we prepend the app directory to the +// appropriate environment variable so it will be searched by the dynamic +// linker. + #if defined(XP_WIN) #define PATH_SEPARATOR ";" +#define LD_LIBRARY_PATH_ENVVAR_NAME "PATH" +#else +#define PATH_SEPARATOR ":" +#if defined(XP_MACOSX) +#define LD_LIBRARY_PATH_ENVVAR_NAME "DYLD_LIBRARY_PATH" +#else +#define LD_LIBRARY_PATH_ENVVAR_NAME "LD_LIBRARY_PATH" +#endif +#endif -// In Tor Browser, updater.exe depends on some DLLs that are located in the -// app directory. To allow the updater to run when it has been copied into -// the update directory, we append the app directory to the PATH. static nsresult -AdjustPathForUpdater(nsIFile *appDir) +AdjustLibSearchPathForUpdater(nsIFile *appDir) { nsAutoCString appPath; nsresult rv = appDir->GetNativePath(appPath); NS_ENSURE_SUCCESS(rv, rv); char *s = nullptr; - char *pathValue = PR_GetEnv("PATH"); + char *pathValue = PR_GetEnv(LD_LIBRARY_PATH_ENVVAR_NAME); if ((nullptr == pathValue) || ('\0' == *pathValue)) { - s = PR_smprintf("PATH=%s", appPath.get()); + s = PR_smprintf("%s=%s", + LD_LIBRARY_PATH_ENVVAR_NAME, appPath.get()); } else { - s = PR_smprintf("PATH=%s" PATH_SEPARATOR "%s", pathValue, appPath.get()); + s = PR_smprintf("%s=%s" PATH_SEPARATOR "%s", + LD_LIBRARY_PATH_ENVVAR_NAME, appPath.get(), pathValue); } // We intentionally leak the value that is passed into PR_SetEnv() because @@ -162,7 +176,7 @@ AdjustPathForUpdater(nsIFile *appDir) return NS_OK; } -#endif + #ifdef DEBUG static void @@ -623,12 +637,10 @@ SwitchToUpdatedApp(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile, PR_SetEnv("MOZ_SAFE_MODE_RESTART=1"); } -#if defined(XP_WIN) - nsresult rv2 = AdjustPathForUpdater(appDir); + nsresult rv2 = AdjustLibSearchPathForUpdater(appDir); if (NS_FAILED(rv2)) { - LOG(("SwitchToUpdatedApp -- AdjustPathForUpdater failed (0x%x)\n", rv2)); + LOG(("SwitchToUpdatedApp -- AdjustLibSearchPathForUpdater failed (0x%x)\n", rv2)); } -#endif LOG(("spawning updater process for replacing [%s]\n", updaterPath.get())); @@ -920,12 +932,10 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile, PR_SetEnv("MOZ_OS_UPDATE=1"); } -#if defined(XP_WIN) - nsresult rv2 = AdjustPathForUpdater(appDir); + nsresult rv2 = AdjustLibSearchPathForUpdater(appDir); if (NS_FAILED(rv2)) { - LOG(("ApplyUpdate -- AdjustPathForUpdater failed (0x%x)\n", rv2)); + LOG(("ApplyUpdate -- AdjustLibSearchPathForUpdater failed (0x%x)\n", rv2)); } -#endif #if defined(MOZ_WIDGET_GONK) // We want the updater to be CPU friendly and not subject to being killed by

1 0

[tor-browser/tor-browser-31.3.0esr-4.5-1] Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong
by brade＠torproject.org 17 Dec '14

17 Dec '14

commit 9c7ea1fb1df0545990a85aabcef8180ea287305f Author: Brian R. Bondy <netzen(a)gmail.com> Date: Wed Oct 15 23:01:11 2014 -0400 Bug 902761 - Stop storing certs used for MAR verification in EXE resource files. r=rstrong --- toolkit/mozapps/update/updater/archivereader.cpp | 70 ++++++---------------- toolkit/mozapps/update/updater/updater.rc | 19 ------ 2 files changed, 18 insertions(+), 71 deletions(-) diff --git a/toolkit/mozapps/update/updater/archivereader.cpp b/toolkit/mozapps/update/updater/archivereader.cpp index 271905d..f0e6ea3 100644 --- a/toolkit/mozapps/update/updater/archivereader.cpp +++ b/toolkit/mozapps/update/updater/archivereader.cpp @@ -15,6 +15,14 @@ #include "updatehelper.h" #endif +#ifdef XP_WIN +// These are generated at compile time based on the DER file for the channel +// being used +#include "primaryCert.h" +#include "secondaryCert.h" +#include "xpcshellCert.h" +#endif + #define UPDATER_NO_STRING_GLUE_STL #include "nsVersionComparator.cpp" #undef UPDATER_NO_STRING_GLUE_STL @@ -34,61 +42,19 @@ static char *outbuf = nullptr; #include "resource.h" /** - * Obtains the data of the specified resource name and type. - * - * @param name The name ID of the resource - * @param type The type ID of the resource - * @param data Out parameter which sets the pointer to a buffer containing - * the needed data. - * @param size Out parameter which sets the size of the returned data buffer - * @return TRUE on success -*/ -BOOL -LoadFileInResource(int name, int type, const uint8_t *&data, uint32_t& size) -{ - HMODULE handle = GetModuleHandle(nullptr); - if (!handle) { - return FALSE; - } - - HRSRC resourceInfoBlockHandle = FindResource(handle, - MAKEINTRESOURCE(name), - MAKEINTRESOURCE(type)); - if (!resourceInfoBlockHandle) { - FreeLibrary(handle); - return FALSE; - } - - HGLOBAL resourceHandle = LoadResource(handle, resourceInfoBlockHandle); - if (!resourceHandle) { - FreeLibrary(handle); - return FALSE; - } - - size = SizeofResource(handle, resourceInfoBlockHandle); - data = static_cast<const uint8_t*>(::LockResource(resourceHandle)); - FreeLibrary(handle); - return TRUE; -} - -/** * Performs a verification on the opened MAR file with the passed in * certificate name ID and type ID. * - * @param archive The MAR file to verify the signature on - * @param name The name ID of the resource - * @param type THe type ID of the resource - * @return OK on success, CERT_LOAD_ERROR or CERT_VERIFY_ERROR on failure. + * @param archive The MAR file to verify the signature on. + * @param certData The certificate data. + * @return OK on success, CERT_VERIFY_ERROR on failure. */ +template<uint32_t SIZE> int -VerifyLoadedCert(MarFile *archive, int name, int type) +VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE]) { - uint32_t size = 0; - const uint8_t *data = nullptr; - if (!LoadFileInResource(name, type, data, size) || !data || !size) { - return CERT_LOAD_ERROR; - } - + const uint32_t size = SIZE; + const uint8_t * const data = &certData[0]; if (mar_verify_signaturesW(archive, &data, &size, 1)) { return CERT_VERIFY_ERROR; } @@ -118,11 +84,11 @@ ArchiveReader::VerifySignature() // use the XPCShell specific cert for the signed MAR. int rv; if (DoesFallbackKeyExist()) { - rv = VerifyLoadedCert(mArchive, IDR_XPCSHELL_CERT, TYPE_CERT); + rv = VerifyLoadedCert(mArchive, xpcshellCertData); } else { - rv = VerifyLoadedCert(mArchive, IDR_PRIMARY_CERT, TYPE_CERT); + rv = VerifyLoadedCert(mArchive, primaryCertData); if (rv != OK) { - rv = VerifyLoadedCert(mArchive, IDR_BACKUP_CERT, TYPE_CERT); + rv = VerifyLoadedCert(mArchive, secondaryCertData); } } return rv; diff --git a/toolkit/mozapps/update/updater/updater.rc b/toolkit/mozapps/update/updater/updater.rc index acea427..5dc4c85 100644 --- a/toolkit/mozapps/update/updater/updater.rc +++ b/toolkit/mozapps/update/updater/updater.rc @@ -42,25 +42,6 @@ IDI_DIALOG ICON "updater.ico" ///////////////////////////////////////////////////////////////////////////// // -// Embedded certificates for allowed MARs -// - -#if defined(MAR_SIGNING_RELEASE_BETA) -IDR_PRIMARY_CERT TYPE_CERT "release_primary.der" -IDR_BACKUP_CERT TYPE_CERT "release_secondary.der" -#elif defined(MAR_SIGNING_AURORA_NIGHTLY) -IDR_PRIMARY_CERT TYPE_CERT "nightly_aurora_level3_primary.der" -IDR_BACKUP_CERT TYPE_CERT "nightly_aurora_level3_secondary.der" -#else -IDR_PRIMARY_CERT TYPE_CERT "dep1.der" -IDR_BACKUP_CERT TYPE_CERT "dep2.der" -#endif - -IDR_XPCSHELL_CERT TYPE_CERT "xpcshellCertificate.der" - - -///////////////////////////////////////////////////////////////////////////// -// // Embedded an identifier to uniquely identiy this as a Mozilla updater. //

1 0

[tor-browser/tor-browser-31.3.0esr-4.5-1] Bug 13379: Sign our MAR files (backport Mozilla patches).
by brade＠torproject.org 17 Dec '14

17 Dec '14

commit 40b509e6d7408a73c5a81a3d971dfc6daf5f7510 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Nov 14 11:24:14 2014 -0500 Bug 13379: Sign our MAR files (backport Mozilla patches). Backport reviewed patches from these two Mozilla bugs: 903135 - Link updater to NSS and enable MAR verification on Linux and OSX 903126 - Implement a platform independent way to determine which cert to use for verifying mars Configure browser build with --enable-signmar and --enable-verify-mar. --- browser/confvars.sh | 5 + configure.in | 6 +- modules/libmar/moz.build | 6 +- modules/libmar/src/mar.h | 30 ++++- modules/libmar/src/mar_cmdline.h | 32 ----- modules/libmar/tool/mar.c | 109 +++++++++-------- modules/libmar/verify/cryptox.c | 32 ++--- modules/libmar/verify/cryptox.h | 29 ++--- modules/libmar/verify/mar_verify.c | 143 +++++++--------------- toolkit/mozapps/update/updater/Makefile.in | 12 +- toolkit/mozapps/update/updater/archivereader.cpp | 29 +---- toolkit/mozapps/update/updater/updater.cpp | 19 +++ 12 files changed, 197 insertions(+), 255 deletions(-) diff --git a/browser/confvars.sh b/browser/confvars.sh index 8914379..8e7cf7e 100644 --- a/browser/confvars.sh +++ b/browser/confvars.sh @@ -8,6 +8,11 @@ MOZ_APP_VENDOR=Mozilla MOZ_UPDATER=1 MOZ_PHOENIX=1 +MOZ_VERIFY_MAR_SIGNATURE=1 + +# Enable building ./signmar and running libmar signature tests +MOZ_ENABLE_SIGNMAR=1 + MOZ_CHROME_FILE_FORMAT=omni MOZ_DISABLE_EXPORT_JS=1 MOZ_SAFE_BROWSING=1 diff --git a/configure.in b/configure.in index b97a1e6..3093a3f 100644 --- a/configure.in +++ b/configure.in @@ -6351,11 +6351,7 @@ MOZ_ARG_ENABLE_BOOL(verify-mar, MOZ_VERIFY_MAR_SIGNATURE= ) if test -n "$MOZ_VERIFY_MAR_SIGNATURE"; then - if test "$OS_ARCH" = "WINNT"; then - AC_DEFINE(MOZ_VERIFY_MAR_SIGNATURE) - else - AC_MSG_ERROR([Can only build with --enable-verify-mar with a Windows target]) - fi + AC_DEFINE(MOZ_VERIFY_MAR_SIGNATURE) fi dnl ======================================================== diff --git a/modules/libmar/moz.build b/modules/libmar/moz.build index 44191c3..d9a8b34 100644 --- a/modules/libmar/moz.build +++ b/modules/libmar/moz.build @@ -9,11 +9,7 @@ DIRS += ['src'] if CONFIG['MOZ_ENABLE_SIGNMAR']: DIRS += ['sign', 'verify'] TEST_DIRS += ['tests'] -elif CONFIG['OS_ARCH'] == 'WINNT': - # On Windows we don't verify with NSS and updater needs to link to it - DIRS += ['verify'] -elif CONFIG['OS_ARCH'] == 'Darwin': - # On OSX we don't verify with NSS and updater needs to link to it. +elif CONFIG['MOZ_VERIFY_MAR_SIGNATURE']: DIRS += ['verify'] # If we are building ./sign and ./verify then ./tool must come after it diff --git a/modules/libmar/src/mar.h b/modules/libmar/src/mar.h index 4e53d2c..98b454d 100644 --- a/modules/libmar/src/mar.h +++ b/modules/libmar/src/mar.h @@ -134,6 +134,26 @@ int mar_create(const char *dest, */ int mar_extract(const char *path); +#define MAR_MAX_CERT_SIZE (16*1024) // Way larger than necessary + +/* Read the entire file (not a MAR file) into a newly-allocated buffer. + * This function does not write to stderr. Instead, the caller should + * write whatever error messages it sees fit. The caller must free the returned + * buffer using free(). + * + * @param filePath The path to the file that should be read. + * @param maxSize The maximum valid file size. + * @param data On success, *data will point to a newly-allocated buffer + * with the file's contents in it. + * @param size On success, *size will be the size of the created buffer. + * + * @return 0 on success, -1 on error + */ +int mar_read_entire_file(const char * filePath, + uint32_t maxSize, + /*out*/ const uint8_t * *data, + /*out*/ uint32_t *size); + /** * Verifies a MAR file by verifying each signature with the corresponding * certificate. That is, the first signature will be verified using the first @@ -154,12 +174,10 @@ int mar_extract(const char *path); * a negative number if there was an error * a positive number if the signature does not verify */ -#ifdef XP_WIN -int mar_verify_signaturesW(MarFile *mar, - const uint8_t * const *certData, - const uint32_t *certDataSizes, - uint32_t certCount); -#endif +int mar_verify_signatures(MarFile *mar, + const uint8_t * const *certData, + const uint32_t *certDataSizes, + uint32_t certCount); /** * Reads the product info block from the MAR file's additional block section. diff --git a/modules/libmar/src/mar_cmdline.h b/modules/libmar/src/mar_cmdline.h index e8645ec..e2c9ed5 100644 --- a/modules/libmar/src/mar_cmdline.h +++ b/modules/libmar/src/mar_cmdline.h @@ -38,38 +38,6 @@ int get_mar_file_info(const char *path, uint32_t *offsetAdditionalBlocks, uint32_t *numAdditionalBlocks); -/** - * Verifies a MAR file by verifying each signature with the corresponding - * certificate. That is, the first signature will be verified using the first - * certificate given, the second signature will be verified using the second - * certificate given, etc. The signature count must exactly match the number of - * certificates given, and all signature verifications must succeed. - * This is only used by the signmar program when used with arguments to verify - * a MAR. This should not be used to verify a MAR that will be extracted in the - * same operation by updater code. This function prints the error message if - * verification fails. - * - * @param pathToMAR The path of the MAR file whose signature should be - * checked - * @param certData Pointer to the first element in an array of certificate - * file data. - * @param certDataSizes Pointer to the first element in an array for size of - * the cert data. - * @param certNames Pointer to the first element in an array of certificate - * names. - * Used only if compiled with NSS support - * @param certCount The number of elements in certData, certDataSizes, - * and certNames - * @return 0 on success - * a negative number if there was an error - * a positive number if the signature does not verify - */ -int mar_verify_signatures(const char *pathToMAR, - const uint8_t * const *certData, - const uint32_t *certDataSizes, - const char * const *certNames, - uint32_t certCount); - /** * Reads the product info block from the MAR file's additional block section. * The caller is responsible for freeing the fields in infoBlock diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 8abbac7..821813c 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -19,6 +19,8 @@ #endif #if !defined(NO_SIGN_VERIFY) && (!defined(XP_WIN) || defined(MAR_NSS)) +#include "cert.h" +#include "pk11pub.h" int NSSInitCryptoContext(const char *NSSConfigDir); #endif @@ -120,15 +122,13 @@ int main(int argc, char **argv) { uint32_t certCount = 0; int32_t sigIndex = -1; -#if defined(XP_WIN) && !defined(MAR_NSS) && !defined(NO_SIGN_VERIFY) - HANDLE certFile; - uint8_t *certBuffers[MAX_SIGNATURES]; -#endif -#if !defined(NO_SIGN_VERIFY) && ((!defined(MAR_NSS) && defined(XP_WIN)) || \ - defined(XP_MACOSX)) - char* DERFilePaths[MAX_SIGNATURES]; +#if !defined(NO_SIGN_VERIFY) uint32_t fileSizes[MAX_SIGNATURES]; - uint32_t read; + uint8_t* certBuffers[MAX_SIGNATURES]; + char* DERFilePaths[MAX_SIGNATURES]; +#if (!defined(XP_WIN) && !defined(XP_MACOSX)) || defined(MAR_NSS) + CERTCertificate* certs[MAX_SIGNATURES]; +#endif #endif memset(certNames, 0, sizeof(certNames)); @@ -319,43 +319,68 @@ int main(int argc, char **argv) { return import_signature(argv[2], sigIndex, argv[3], argv[4]); case 'v': - -#if defined(XP_WIN) && !defined(MAR_NSS) if (certCount == 0) { print_usage(); return -1; } +#if (!defined(XP_WIN) && !defined(XP_MACOSX)) || defined(MAR_NSS) + if (!NSSConfigDir || certCount == 0) { + print_usage(); + return -1; + } + + if (NSSInitCryptoContext(NSSConfigDir)) { + fprintf(stderr, "ERROR: Could not initialize crypto library.\n"); + return -1; + } +#endif + + rv = 0; for (k = 0; k < certCount; ++k) { - /* If the mar program was built using CryptoAPI, then read in the buffer - containing the cert from disk. */ - certFile = CreateFileA(DERFilePaths[k], GENERIC_READ, - FILE_SHARE_READ | - FILE_SHARE_WRITE | - FILE_SHARE_DELETE, - NULL, - OPEN_EXISTING, - 0, NULL); - if (INVALID_HANDLE_VALUE == certFile) { - return -1; +#if (defined(XP_WIN) || defined(XP_MACOSX)) && !defined(MAR_NSS) + rv = mar_read_entire_file(DERFilePaths[k], MAR_MAX_CERT_SIZE, + &certBuffers[k], &fileSizes[k]); +#else + /* It is somewhat circuitous to look up a CERTCertificate and then pass + * in its DER encoding just so we can later re-create that + * CERTCertificate to extract the public key out of it. However, by doing + * things this way, we maximize the reuse of the mar_verify_signatures + * function and also we keep the control flow as similar as possible + * between programs and operating systems, at least for the functions + * that are critically important to security. + */ + certs[k] = PK11_FindCertFromNickname(certNames[k], NULL); + if (certs[k]) { + certBuffers[k] = certs[k]->derCert.data; + fileSizes[k] = certs[k]->derCert.len; + } else { + rv = -1; } - fileSizes[k] = GetFileSize(certFile, NULL); - certBuffers[k] = malloc(fileSizes[k]); - if (!ReadFile(certFile, certBuffers[k], fileSizes[k], &read, NULL) || - fileSizes[k] != read) { - CloseHandle(certFile); - for (i = 0; i <= k; i++) { - free(certBuffers[i]); - } - return -1; +#endif + if (rv) { + fprintf(stderr, "ERROR: could not read file %s", DERFilePaths[k]); + break; } - CloseHandle(certFile); } - rv = mar_verify_signatures(argv[2], certBuffers, fileSizes, - NULL, certCount); + if (!rv) { + MarFile *mar = mar_open(argv[2]); + if (mar) { + rv = mar_verify_signatures(mar, certBuffers, fileSizes, certCount); + mar_close(mar); + } else { + fprintf(stderr, "ERROR: Could not open MAR file.\n"); + rv = -1; + } + } for (k = 0; k < certCount; ++k) { +#if (defined(XP_WIN) || defined(XP_MACOSX)) && !defined(MAR_NSS) free(certBuffers[k]); +#else + /* certBuffers[k] is owned by certs[k] so don't free it */ + CERT_DestroyCertificate(certs[k]); +#endif } if (rv) { /* Determine if the source MAR file has the new fields for signing */ @@ -369,26 +394,8 @@ int main(int argc, char **argv) { } return -1; } - return 0; -#elif defined(XP_MACOSX) - return mar_verify_signatures(argv[2], (const uint8_t* const*)DERFilePaths, - 0, NULL, certCount); -#else - if (!NSSConfigDir || certCount == 0) { - print_usage(); - return -1; - } - - if (NSSInitCryptoContext(NSSConfigDir)) { - fprintf(stderr, "ERROR: Could not initialize crypto library.\n"); - return -1; - } - - return mar_verify_signatures(argv[2], NULL, 0, certNames, certCount); - -#endif /* defined(XP_WIN) && !defined(MAR_NSS) */ case 's': if (!NSSConfigDir || certCount == 0 || argc < 4) { print_usage(); diff --git a/modules/libmar/verify/cryptox.c b/modules/libmar/verify/cryptox.c index 48fbecd..af34210 100644 --- a/modules/libmar/verify/cryptox.c +++ b/modules/libmar/verify/cryptox.c @@ -16,29 +16,32 @@ /** * Loads the public key for the specified cert name from the NSS store. * - * @param certName The cert name to find. + * @param certData The DER-encoded X509 certificate to extract the key from. + * @param certDataSize The size of certData. * @param publicKey Out parameter for the public key to use. - * @param cert Out parameter for the certificate to use. * @return CryptoX_Success on success, CryptoX_Error on error. */ CryptoX_Result -NSS_LoadPublicKey(const char *certNickname, - SECKEYPublicKey **publicKey, - CERTCertificate **cert) +NSS_LoadPublicKey(const unsigned char *certData, unsigned int certDataSize, + SECKEYPublicKey **publicKey) { - secuPWData pwdata = { PW_NONE, 0 }; - if (!cert || !publicKey || !cert) { + CERTCertificate * cert; + SECItem certDataItem = { siBuffer, (unsigned char*) certData, certDataSize }; + + if (!certData || !publicKey) { return CryptoX_Error; } + cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &certDataItem, NULL, + PR_FALSE, PR_TRUE); /* Get the cert and embedded public key out of the database */ - *cert = PK11_FindCertFromNickname(certNickname, &pwdata); - if (!*cert) { + if (!cert) { return CryptoX_Error; } - *publicKey = CERT_ExtractPublicKey(*cert); + *publicKey = CERT_ExtractPublicKey(cert); + CERT_DestroyCertificate(cert); + if (!*publicKey) { - CERT_DestroyCertificate(*cert); return CryptoX_Error; } return CryptoX_Success; @@ -150,12 +153,11 @@ CryptoX_Result CryptoAPI_LoadPublicKey(HCRYPTPROV provider, BYTE *certData, DWORD sizeOfCertData, - HCRYPTKEY *publicKey, - HCERTSTORE *certStore) + HCRYPTKEY *publicKey) { CRYPT_DATA_BLOB blob; CERT_CONTEXT *context; - if (!provider || !certData || !publicKey || !certStore) { + if (!provider || !certData || !publicKey) { return CryptoX_Error; } @@ -165,7 +167,7 @@ CryptoAPI_LoadPublicKey(HCRYPTPROV provider, CERT_QUERY_CONTENT_FLAG_CERT, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, - certStore, NULL, (const void **)&context)) { + NULL, NULL, (const void **)&context)) { return CryptoX_Error; } diff --git a/modules/libmar/verify/cryptox.h b/modules/libmar/verify/cryptox.h index 2dd93ef..ec8f5ac 100644 --- a/modules/libmar/verify/cryptox.h +++ b/modules/libmar/verify/cryptox.h @@ -15,7 +15,9 @@ #if defined(MAR_NSS) -#include "nss_secutil.h" +#include "cert.h" +#include "keyhi.h" +#include "cryptohi.h" #define CryptoX_InvalidHandleValue NULL #define CryptoX_ProviderHandle void* @@ -26,9 +28,9 @@ #ifdef __cplusplus extern "C" { #endif -CryptoX_Result NSS_LoadPublicKey(const char *certNickname, - SECKEYPublicKey **publicKey, - CERTCertificate **cert); +CryptoX_Result NSS_LoadPublicKey(const unsigned char* certData, + unsigned int certDataSize, + SECKEYPublicKey** publicKey); CryptoX_Result NSS_VerifyBegin(VFYContext **ctx, SECKEYPublicKey * const *publicKey); CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx , @@ -46,9 +48,8 @@ CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx , VFY_DestroyContext(*SignatureHandle, PR_TRUE) #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \ VFY_Update(*SignatureHandle, (const unsigned char*)(buf), len) -#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \ - publicKey, certName, cert) \ - NSS_LoadPublicKey(certName, publicKey, cert) +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \ + NSS_LoadPublicKey(certData, dataSize, publicKey) #define CryptoX_VerifySignature(hash, publicKey, signedData, len) \ NSS_VerifySignature(hash, (const unsigned char *)(signedData), len) #define CryptoX_FreePublicKey(key) \ @@ -91,7 +92,7 @@ void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey); #define CryptoX_VerifyUpdate(aInputData, aBuf, aLen) \ CryptoMac_VerifyUpdate(aInputData, aBuf, aLen) #define CryptoX_LoadPublicKey(aProviderHandle, aCertData, aDataSize, \ - aPublicKey, aCertName, aCert) \ + aPublicKey) \ CryptoMac_LoadPublicKey(aCertData, aPublicKey) #define CryptoX_VerifySignature(aInputData, aPublicKey, aSignature, \ aSignatureLen) \ @@ -111,8 +112,7 @@ CryptoX_Result CryptoAPI_InitCryptoContext(HCRYPTPROV *provider); CryptoX_Result CryptoAPI_LoadPublicKey(HCRYPTPROV hProv, BYTE *certData, DWORD sizeOfCertData, - HCRYPTKEY *publicKey, - HCERTSTORE *cert); + HCRYPTKEY *publicKey); CryptoX_Result CryptoAPI_VerifyBegin(HCRYPTPROV provider, HCRYPTHASH* hash); CryptoX_Result CryptoAPI_VerifyUpdate(HCRYPTHASH* hash, BYTE *buf, DWORD len); @@ -133,10 +133,8 @@ CryptoX_Result CyprtoAPI_VerifySignature(HCRYPTHASH *hash, #define CryptoX_FreeSignatureHandle(SignatureHandle) #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \ CryptoAPI_VerifyUpdate(SignatureHandle, (BYTE *)(buf), len) -#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \ - publicKey, certName, cert) \ - CryptoAPI_LoadPublicKey(CryptoHandle, (BYTE*)(certData), \ - dataSize, publicKey, cert) +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \ + CryptoAPI_LoadPublicKey(CryptoHandle, (BYTE*)(certData), dataSize, publicKey) #define CryptoX_VerifySignature(hash, publicKey, signedData, len) \ CyprtoAPI_VerifySignature(hash, publicKey, signedData, len) #define CryptoX_FreePublicKey(key) \ @@ -163,8 +161,7 @@ CryptoX_Result CyprtoAPI_VerifySignature(HCRYPTHASH *hash, CryptoX_Error #define CryptoX_FreeSignatureHandle(SignatureHandle) #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) CryptoX_Error -#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \ - publicKey, certName, cert) \ +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \ CryptoX_Error #define CryptoX_VerifySignature(hash, publicKey, signedData, len) CryptoX_Error #define CryptoX_FreePublicKey(key) CryptoX_Error diff --git a/modules/libmar/verify/mar_verify.c b/modules/libmar/verify/mar_verify.c index 7578b62..165a802 100644 --- a/modules/libmar/verify/mar_verify.c +++ b/modules/libmar/verify/mar_verify.c @@ -17,6 +17,46 @@ #include "mar.h" #include "cryptox.h" +int +mar_read_entire_file(const char * filePath, uint32_t maxSize, + /*out*/ const uint8_t * *data, + /*out*/ uint32_t *size) +{ + int result; + FILE * f; + + if (!filePath || !data || !size) { + return -1; + } + + f = fopen(filePath, "rb"); + if (!f) { + return -1; + } + + result = -1; + if (!fseeko(f, 0, SEEK_END)) { + int64_t fileSize = ftello(f); + if (fileSize > 0 && fileSize <= maxSize && !fseeko(f, 0, SEEK_SET)) { + unsigned char * fileData; + + *size = (unsigned int) fileSize; + fileData = malloc(*size); + if (fileData) { + if (fread(fileData, *size, 1, f) == 1) { + *data = fileData; + result = 0; + } else { + free(fileData); + } + } + } + fclose(f); + } + + return result; +} + int mar_extract_and_verify_signatures_fp(FILE *fp, CryptoX_ProviderHandle provider, CryptoX_PublicKey *keys, @@ -81,92 +121,8 @@ ReadAndUpdateVerifyContext(FILE *fp, * certificate given, the second signature will be verified using the second * certificate given, etc. The signature count must exactly match the number of * certificates given, and all signature verifications must succeed. - * This is only used by the signmar program when used with arguments to verify - * a MAR. This should not be used to verify a MAR that will be extracted in the - * same operation by updater code. This function prints the error message if - * verification fails. * - * @param pathToMARFile The path of the MAR file to verify. - * @param certData Pointer to the first element in an array of certificate - * file data. - * @param certDataSizes Pointer to the first element in an array for size of the - * cert data. - * @param certNames Pointer to the first element in an array of certificate names. - * Used only if compiled as NSS, specifies the certificate names - * @param certCount The number of elements in certData, certDataSizes, and certNames - * @return 0 on success - * a negative number if there was an error - * a positive number if the signature does not verify - */ -int -mar_verify_signatures(const char *pathToMARFile, - const uint8_t * const *certData, - const uint32_t *certDataSizes, - const char * const *certNames, - uint32_t certCount) { - int rv; - CryptoX_ProviderHandle provider = CryptoX_InvalidHandleValue; - CryptoX_Certificate certs[MAX_SIGNATURES]; - CryptoX_PublicKey keys[MAX_SIGNATURES]; - FILE *fp; - uint32_t k; - - memset(certs, 0, sizeof(certs)); - memset(keys, 0, sizeof(keys)); - - if (!pathToMARFile || certCount == 0) { - fprintf(stderr, "ERROR: Invalid parameter specified.\n"); - return CryptoX_Error; - } - - fp = fopen(pathToMARFile, "rb"); - if (!fp) { - fprintf(stderr, "ERROR: Could not open MAR file.\n"); - return CryptoX_Error; - } - - if (CryptoX_Failed(CryptoX_InitCryptoProvider(&provider))) { - fclose(fp); - fprintf(stderr, "ERROR: Could not init crytpo library.\n"); - return CryptoX_Error; - } - - /* Load the certs and keys */ - for (k = 0; k < certCount; k++) { - if (CryptoX_Failed(CryptoX_LoadPublicKey(provider, certData[k], certDataSizes[k], - &keys[k], certNames[k], &certs[k]))) { - fclose(fp); - fprintf(stderr, "ERROR: Could not load public key.\n"); - return CryptoX_Error; - } - } - - rv = mar_extract_and_verify_signatures_fp(fp, provider, keys, certCount); - fclose(fp); - - /* Cleanup the allocated keys and certs */ - for (k = 0; k < certCount; k++) { - if (keys[k]) { - CryptoX_FreePublicKey(&keys[k]); - } - - if (certs[k]) { - CryptoX_FreeCertificate(&certs[k]); - } - } - return rv; -} - -#ifdef XP_WIN -/** - * Verifies a MAR file by verifying each signature with the corresponding - * certificate. That is, the first signature will be verified using the first - * certificate given, the second signature will be verified using the second - * certificate given, etc. The signature count must exactly match the number of - * certificates given, and all signature verifications must succeed. - * - * @param pathToMARFile The path of the MAR file who's signature - * should be calculated + * @param mar The file who's signature should be calculated * @param certData Pointer to the first element in an array of * certificate data * @param certDataSizes Pointer to the first element in an array for size of @@ -175,17 +131,15 @@ mar_verify_signatures(const char *pathToMARFile, * @return 0 on success */ int -mar_verify_signaturesW(MarFile *mar, - const uint8_t * const *certData, - const uint32_t *certDataSizes, - uint32_t certCount) { +mar_verify_signatures(MarFile *mar, + const uint8_t * const *certData, + const uint32_t *certDataSizes, + uint32_t certCount) { int rv = -1; CryptoX_ProviderHandle provider = CryptoX_InvalidHandleValue; - CryptoX_Certificate certs[MAX_SIGNATURES]; CryptoX_PublicKey keys[MAX_SIGNATURES]; uint32_t k; - memset(certs, 0, sizeof(certs)); memset(keys, 0, sizeof(keys)); if (!mar || !certData || !certDataSizes || certCount == 0) { @@ -205,7 +159,7 @@ mar_verify_signaturesW(MarFile *mar, for (k = 0; k < certCount; ++k) { if (CryptoX_Failed(CryptoX_LoadPublicKey(provider, certData[k], certDataSizes[k], - &keys[k], "", &certs[k]))) { + &keys[k]))) { fprintf(stderr, "ERROR: Could not load public key.\n"); goto failure; } @@ -219,15 +173,10 @@ failure: if (keys[k]) { CryptoX_FreePublicKey(&keys[k]); } - - if (certs[k]) { - CryptoX_FreeCertificate(&certs[k]); - } } return rv; } -#endif /** * Extracts each signature from the specified MAR file, diff --git a/toolkit/mozapps/update/updater/Makefile.in b/toolkit/mozapps/update/updater/Makefile.in index bd6716b..52cdbeb 100644 --- a/toolkit/mozapps/update/updater/Makefile.in +++ b/toolkit/mozapps/update/updater/Makefile.in @@ -18,9 +18,14 @@ LIBS += \ $(MOZ_BZ2_LIBS) \ $(NULL) -ifeq ($(OS_ARCH),WINNT) +LIBS += $(call EXPAND_LIBNAME_PATH,signmar,$(DEPTH)/modules/libmar/sign) LIBS += $(call EXPAND_LIBNAME_PATH,verifymar,$(DEPTH)/modules/libmar/verify) +ifeq ($(OS_ARCH),WINNT) OS_LIBS += $(call EXPAND_LIBNAME,comctl32 ws2_32 shell32 shlwapi) +else +LIBS += $(DIST)/lib/$(LIB_PREFIX)nss3.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nssutil3.$(LIB_SUFFIX) \ + $(NSPR_LIBS) endif ifdef MOZ_WIDGET_GTK @@ -51,14 +56,13 @@ else ifneq (,$(filter nightly aurora nightly-elm nightly-profiling nightly-oak n PRIMARY_CERT = nightly_aurora_level3_primary.der SECONDARY_CERT = nightly_aurora_level3_secondary.der else - PRIMARY_CERT = dep1.der - SECONDARY_CERT = dep2.der + PRIMARY_CERT = xpcshellCertificate.der + SECONDARY_CERT = xpcshellCertificate.der endif export:: $(PYTHON) $(srcdir)/gen_cert_header.py primaryCertData $(srcdir)/$(PRIMARY_CERT) > primaryCert.h $(PYTHON) $(srcdir)/gen_cert_header.py secondaryCertData $(srcdir)/$(SECONDARY_CERT) > secondaryCert.h - $(PYTHON) $(srcdir)/gen_cert_header.py xpcshellCertData $(srcdir)/xpcshellCertificate.der > xpcshellCert.h ifdef MOZ_WIDGET_GTK libs:: updater.png diff --git a/toolkit/mozapps/update/updater/archivereader.cpp b/toolkit/mozapps/update/updater/archivereader.cpp index f0e6ea3..aa9ccc4 100644 --- a/toolkit/mozapps/update/updater/archivereader.cpp +++ b/toolkit/mozapps/update/updater/archivereader.cpp @@ -15,13 +15,10 @@ #include "updatehelper.h" #endif -#ifdef XP_WIN // These are generated at compile time based on the DER file for the channel // being used #include "primaryCert.h" #include "secondaryCert.h" -#include "xpcshellCert.h" -#endif #define UPDATER_NO_STRING_GLUE_STL #include "nsVersionComparator.cpp" @@ -38,9 +35,6 @@ static int outbuf_size = 262144; static char *inbuf = nullptr; static char *outbuf = nullptr; -#ifdef XP_WIN -#include "resource.h" - /** * Performs a verification on the opened MAR file with the passed in * certificate name ID and type ID. @@ -54,15 +48,13 @@ int VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE]) { const uint32_t size = SIZE; - const uint8_t * const data = &certData[0]; - if (mar_verify_signaturesW(archive, &data, &size, 1)) { + const uint8_t* const data = &certData[0]; + if (mar_verify_signatures(archive, &data, &size, 1)) { return CERT_VERIFY_ERROR; } return OK; } -#endif - /** * Performs a verification on the opened MAR file. Both the primary and backup @@ -79,22 +71,11 @@ ArchiveReader::VerifySignature() return ARCHIVE_NOT_OPEN; } -#ifdef XP_WIN - // If the fallback key exists we're running an XPCShell test and we should - // use the XPCShell specific cert for the signed MAR. - int rv; - if (DoesFallbackKeyExist()) { - rv = VerifyLoadedCert(mArchive, xpcshellCertData); - } else { - rv = VerifyLoadedCert(mArchive, primaryCertData); - if (rv != OK) { - rv = VerifyLoadedCert(mArchive, secondaryCertData); - } + int rv = VerifyLoadedCert(mArchive, primaryCertData); + if (rv != OK) { + rv = VerifyLoadedCert(mArchive, secondaryCertData); } return rv; -#else - return OK; -#endif } /** diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 4cf24db..3a3968e 100644 --- a/toolkit/mozapps/update/updater/updater.cpp +++ b/toolkit/mozapps/update/updater/updater.cpp @@ -108,6 +108,11 @@ static bool sUseHardLinks = true; # define MAYBE_USE_HARD_LINKS 0 #endif +#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) +#include "nss.h" +#include "prerror.h" +#endif + #ifdef XP_WIN #include "updatehelper.h" @@ -2520,6 +2525,20 @@ int NS_main(int argc, NS_tchar **argv) _exit(1); } #endif + +#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) + // On Windows we rely on CyrptoAPI to do verifications so we don't need to + // initialize NSS at all there. + // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS + // databases. + if (NSS_NoDB_Init(NULL) != SECSuccess) { + PRErrorCode error = PR_GetError(); + fprintf(stderr, "Could not initialize NSS: %s (%d)", + PR_ErrorToName(error), (int) error); + _exit(1); + } +#endif + InitProgressUI(&argc, &argv); // To process an update the updater command line must at a minimum have the

1 0

[tor-messenger-build/master] Add support for copying cert_override.txt to new profiles
by sukhbir＠torproject.org 17 Dec '14

17 Dec '14

commit a7841ba7454b0899cae7059f6695e5073381ff0f Author: Sukhbir Singh <sukhbir(a)torproject.org> Date: Wed Dec 17 22:00:40 2014 +0530 Add support for copying cert_override.txt to new profiles --- projects/instantbird/build | 1 + projects/instantbird/cert_override.txt | 3 +++ projects/instantbird/config | 2 ++ projects/instantbird/installer.patch | 41 ++++++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+) diff --git a/projects/instantbird/build b/projects/instantbird/build index 0a6dbe3..c1e3147 100644 --- a/projects/instantbird/build +++ b/projects/instantbird/build @@ -38,6 +38,7 @@ do patch -p1 < $patch done cat ../spi-cacert.der >> mozilla/security/nss/lib/ckfw/builtins/certdata.txt +cp ../cert_override.txt im/app/profile cd mozilla if ls -1 $rootdir/*.mozpatch > /dev/null 2>&1 then diff --git a/projects/instantbird/cert_override.txt b/projects/instantbird/cert_override.txt new file mode 100644 index 0000000..fbe9a6f --- /dev/null +++ b/projects/instantbird/cert_override.txt @@ -0,0 +1,3 @@ +# PSM Certificate Override Settings file +# This is a generated file! Do not edit. +jabber.ccc.de:5222 OID.2.16.840.1.101.3.4.2.1 63:0F:F6:2F:26:2E:2E:D3:52:4E:03:1F:39:1B:72:96:FD:09:9E:CA:10:64:76:88:74:C4:49:52:6F:94:A5:41 U AAAAAAAAAAAAAAADAAAAew308jB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZw== diff --git a/projects/instantbird/config b/projects/instantbird/config index 2a479cb..f592e96 100644 --- a/projects/instantbird/config +++ b/projects/instantbird/config @@ -68,6 +68,8 @@ input_files: - filename: links.patch - filename: picture.patch - filename: trafficinfo.patch + - filename: installer.patch + - filename: cert_override.txt - filename: fix-mingw-build.nsprpatch enable: '[% c("var/windows") %]' - filename: fix-mingw-build.patch diff --git a/projects/instantbird/installer.patch b/projects/instantbird/installer.patch new file mode 100644 index 0000000..8fca9bd --- /dev/null +++ b/projects/instantbird/installer.patch @@ -0,0 +1,41 @@ +diff --git a/im/app/profile/Makefile.in b/im/app/profile/Makefile.in +index 6de1a3d..ee71ede 100644 +--- a/im/app/profile/Makefile.in ++++ b/im/app/profile/Makefile.in +@@ -14,7 +14,8 @@ include $(topsrcdir)/config/rules.mk + + FILES := \ + mimeTypes.rdf \ +- localstore.rdf \ ++ localstore.rdf \ ++ cert_override.txt \ + $(NULL) + + libs:: $(FILES) +diff --git a/im/installer/Makefile.in b/im/installer/Makefile.in +index 396d5f8..deca57e 100644 +--- a/im/installer/Makefile.in ++++ b/im/installer/Makefile.in +@@ -109,7 +109,9 @@ MOZ_PKG_MAC_ICON=branding/disk.icns + MOZ_PKG_MAC_EXTRA=--symlink "/Applications:/ " + endif + +-NON_OMNIJAR_FILES = ++NON_OMNIJAR_FILES = \ ++ defaults/profile/cert_override.txt \ ++ $(NULL) + + ifndef LIBXUL_SDK + INSTALL_SDK = 1 +diff --git a/im/installer/package-manifest.in b/im/installer/package-manifest.in +index bda87fa..dfdd2d1 100644 +--- a/im/installer/package-manifest.in ++++ b/im/installer/package-manifest.in +@@ -156,6 +156,7 @@ + @RESPATH@/defaults/profile/localstore.rdf + @RESPATH@/defaults/profile/prefs.js + @RESPATH@/defaults/profile/mimeTypes.rdf ++@RESPATH@/defaults/profile/cert_override.txt + + #ifdef XP_MACOSX + @RESPATH@/components/ibDockBadge.js

1 0

[translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
by translation＠torproject.org 17 Dec '14

17 Dec '14

commit 1b25ee166f3c31cae2716b14053d93fe805a28eb Author: Translation commit bot <translation(a)torproject.org> Date: Wed Dec 17 12:15:45 2014 +0000 Update translations for torbutton-torbuttonproperties --- mr/torbutton.properties | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mr/torbutton.properties b/mr/torbutton.properties index 8d2871d..df6fb45 100644 --- a/mr/torbutton.properties +++ b/mr/torbutton.properties @@ -41,10 +41,10 @@ torbutton.popup.pref_error = à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€° à€ªà¥à€°à¥à€«à€Ÿ torbutton.popup.permission_denied = à€à¥à€ªà€¯à€Ÿ à€à€à€€à€° à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€° à€¡à€Ÿà€¯à€°à¥à€à¥à€à¥à€°à¥à€à¥à€¯à€Ÿ à€ªà€°à€µà€Ÿà€šà€à¥à€¯à€Ÿ à€ªà¥à€šà€°à¥à€žà¥à€¥à€Ÿà€ªà€¿à€€ à€à€°à€Ÿ, à€à€¿à€à€µà€Ÿ à€€à€¿à€²à€Ÿ à€à€à€Ÿ à€šà€µà¥à€¯à€Ÿ à€à€Ÿà€à¥ à€¹à€²à€µà€Ÿ. torbutton.popup.device_full = à€¡à€¿à€žà¥à€ à€ªà¥à€°à¥à€£ à€à€°à€²à¥à€¯à€Ÿà€à¥ à€à€Ÿà€£à€µà€€à¥à€¯. à€à¥à€ªà€¯à€Ÿ à€à€Ÿà€¹à¥ à€à€Ÿà€à€Ÿ à€®à¥à€à€³à¥ à€à€°à€Ÿ à€à€¿à€à€µà€Ÿ à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€° à€Šà¥à€žà€°à¥âà€¯à€Ÿ à€à€ªà€à€°à€£à€Ÿà€µà€° à€¹à€²à€µà€Ÿ. torbutton.title.prompt_torbrowser = à€à¥à€°à€¬à€à€šà€¬à€Šà¥à€Šà€² à€®à€¹à€€à¥à€€à¥à€µà€Ÿà€à¥ à€®à€Ÿà€¹à€¿à€€à¥ -torbutton.popup.prompt_torbrowser = Torbutton works differently now: you can't turn it off any more.\n\nWe made this change because it isn't safe to use Torbutton in a browser that's also used for non-Tor browsing. There were too many bugs there that we couldn't fix any other way.\n\nIf you want to keep using Firefox normally, you should uninstall Torbutton and download Tor Browser Bundle. The privacy properties of Tor Browser are also superior to those of normal Firefox, even when Firefox is used with Torbutton.\n\nTo remove Torbutton, go to Tools->Addons->Extensions and then click the Remove button next to Torbutton. -torbutton.popup.short_torbrowser = Important Torbutton Information!\n\nTorbutton is now always enabled.\n\nClick on the Torbutton for more information. +torbutton.popup.prompt_torbrowser = à€à¥à€°à€¬à€à€š à€à€€à€Ÿ à€µà¥à€à€³à¥à€¯à€Ÿà€ªà¥à€°à€à€Ÿà€°à¥ à€à€Ÿà€® à€à€°à€€à¥ : à€à€€à€Ÿ à€€à¥à€®à¥à€¹à¥ à€€à¥à€¯à€Ÿà€²à€Ÿ à€¬à€à€Š à€à€°à¥ à€¶à€à€€ à€šà€Ÿà€¹à¥.\n\nà€à€®à¥à€¹à¥ à€¹à€Ÿ à€¬à€Šà€² à€¹à¥à€¯à€Ÿà€žà€Ÿà€ à¥ à€à¥à€²à€Ÿ à€à€Ÿà€°à€£ à€à€° à€à¥à€°-à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€¿à€à€à€žà€Ÿà€ à¥ à€žà¥à€Šà¥à€§à€Ÿ à€à€à€Ÿà€Šà€Ÿ à€¬à¥à€°à€Ÿà€à€à€° à€µà€Ÿà€ªà€°à€²à€Ÿ à€à€Ÿà€€ à€à€žà¥à€², à€€à€° à€€à¥à€¯à€Ÿà€®à€§à¥à€¯à¥ à€à¥à€°à€¬à€à€šà€à€Ÿ à€µà€Ÿà€ªà€° à€žà¥à€°à€à¥à€·à€¿à€€ à€šà€žà€€à¥. à€€à¥à€¯à€Ÿà€®à€§à¥à€¯à¥ à€à€šà¥à€ à€€à¥à€°à¥à€à¥à€¯à€Ÿ à€à€¹à¥à€€ à€à¥à€¯à€Ÿà€à€šà€Ÿ à€à€®à¥à€¹à¥ à€à€€à€° à€ªà¥à€°à€à€Ÿà€°à¥ à€Šà¥à€°à¥à€žà¥à€€ à€šà€Ÿà€¹à¥ à€à€°à¥ à€¶à€à€²à¥.\n\nà€à€° à€€à¥à€®à¥à€¹à€Ÿà€²à€Ÿ à€šà¥à€¹à€®à¥à€žà€Ÿà€°à€à¥à€ à€žà€Ÿà€§à¥ à€«à€Ÿà€¯à€°à€«à¥à€à¥à€ž à€µà€Ÿà€ªà€°à€Ÿà€¯à€à¥ à€à€žà¥à€², à€€à€° à€€à¥à€®à¥à€¹à¥ à€à¥à€°à€¬à€à€š à€à €Ÿà€¢à¥à€š à€à€Ÿà€à€²à¥ à€ªà€Ÿà€¹à€¿à€à¥ à€à€£à€¿ à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€° à€¬à€à€¡à€² à€¡à€Ÿà€à€šà€²à¥à€¡ à€à¥à€²à€Ÿ à€ªà€Ÿà€¹à€¿à€à¥. à€à¥à€° à€¬à¥à€°à€Ÿà€à€à€°à€à¥à€¯à€Ÿ à€ªà¥à€°à€Ÿà€¯à€µà¥à€¹à€žà¥ à€ªà¥à€°à¥à€ªà€°à¥à€à¥à€ à€žà¥à€Šà¥à€§à€Ÿ à€žà€Ÿà€§à¥à€¯à€Ÿ à€«à€Ÿà€¯à€°à€«à¥à€à¥à€žà€ªà¥à€à¥à€·à€Ÿ à€à€à¥à€ à€Šà€°à¥à€à€Ÿà€à¥à€¯à€Ÿ à€à€¹à¥à€€, à€®à€ à€€à¥à€®à¥à€¹à¥ à€«à€Ÿà€¯à€°à€«à¥à€à¥à€žà€²à€Ÿ à€à¥à€°à€¬à€à€šà€žà¥à€¬à€€ à€µà€Ÿà€ªà€°à€€ à€à€žà€²à€Ÿà€€ à€€à€°à¥.\n\nà€à¥à€°à€¬à€à€šà€²à€Ÿ à€à€Ÿà€¢à¥à€š à€à€Ÿà€à€£à¥à€¯à€Ÿà€žà€Ÿà€ à¥, à€à€¥à¥ à€à€Ÿ à€žà€Ÿà€§à€šà¥->à€âà¥à€¡à¥à€šà¥à€ž->à€à€à¥à€žà¥à€à¥à€à€¶à€šà¥à€ž à€à€£à€¿ à€®à€ à€à¥à€°à€¬à€à€šà€à¥à€¯à€Ÿ à€¶à¥à€à€Ÿà€°à€à¥ "à€à€Ÿà€¢à¥à€š à€à€Ÿà€à€Ÿ" à€¹à¥à€¯à€Ÿ à€¬à€à€šà€Ÿà€µà€° à€à¥à€²à€¿à€ à€à€°à€Ÿ. +torbutton.popup.short_torbrowser = à€à¥à€°à€¬à€à€šà€¬à€Šà¥à€Šà€² à€®à€¹à€€à¥à€€à¥à€µà€Ÿà€à¥ à€®à€Ÿà€¹à€¿à€€à¥!\n\nà€à¥à€°à€¬à€à€š à€à€€à€Ÿ à€šà¥à€¹à€®à¥à€ à€žà¥à€°à¥ à€°à€Ÿà€¹à€¿à€².\n\nà€à€§à€¿à€ à€®à€Ÿà€¹à€¿à€€à¥à€žà€Ÿà€ à¥ à€à¥à€°à€¬à€à€šà€µà€° à€à¥à€²à€¿à€ à€à€°à€Ÿ. -torbutton.popup.confirm_plugins = Plugins such as Flash can harm your privacy and anonymity.\n\nThey can also bypass Tor to reveal your current location and IP address.\n\nAre you sure you want to enable plugins?\n\n +torbutton.popup.confirm_plugins = à€«à¥à€²à¥à€¶ à€žà€Ÿà€°à€à¥à€¯à€Ÿ à€ªà¥à€²à€à€¿à€šà¥à€žà€®à¥à€³à¥ à€€à¥à€®à€à¥à€¯à€Ÿ à€à¥à€ªà€šà¥à€¯à€€à€Ÿ à€à€£à€¿ à€à€šà€Ÿà€®à€¿à€à€€à¥à€µà€Ÿà€²à€Ÿ à€§à¥à€à€Ÿ à€à€¹à¥.\n\nà€¹à¥ à€ªà¥à€²à€à€¿à€šà¥à€ž à€à¥à€°à€®à€Ÿà€°à¥à€«à€€ à€š à€à¥à€¡à€€à€Ÿ à€¥à¥à€ à€à¥à€¡à€²à¥ à€à€Ÿà€ à€¶à€à€€à€Ÿ, à€à¥à€¯à€Ÿà€®à¥à€³à¥ à€€à¥à€®à€à¥ à€žà€§à¥à€¯à€Ÿà€à¥ à€ à€¿à€à€Ÿà€£ à€à€£à€¿ à€à€¯.à€ªà¥. à€âà¥à€¡à¥à€°à¥à€ž à€à€€à€°à€Ÿà€à€šà€Ÿ à€à€³à¥ à€¶à€à€€à€Ÿà€€.\n\nà€€à¥à€®à¥à€¹à¥ à€ªà¥à€²à€à€¿à€šà¥à€ž à€žà¥à€°à¥ à€à€°à€£à¥à€¯à€Ÿà€žà€Ÿà€ à¥ à€ªà€°à€µà€Ÿà€šà€à¥ à€šà€à¥à€à¥ à€Šà¥à€ à€à€à¥à€à€¿à€€à€Ÿ à€à€Ÿ?\n\n torbutton.popup.never_ask_again = à€®à€²à€Ÿ à€ªà¥à€šà¥à€¹à€Ÿ à€µà€¿à€à€Ÿà€°à¥ à€šà€à€Ÿ # Canvas permission prompt. Strings are kept here for ease of translation.

1 0

[translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
by translation＠torproject.org 17 Dec '14

17 Dec '14

commit ead33f7e8928ad612a74b0fdd7bb1b892bad26f1 Author: Translation commit bot <translation(a)torproject.org> Date: Wed Dec 17 11:45:46 2014 +0000 Update translations for torbutton-torbuttonproperties --- mr/torbutton.properties | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/mr/torbutton.properties b/mr/torbutton.properties index ec8e723..8d2871d 100644 --- a/mr/torbutton.properties +++ b/mr/torbutton.properties @@ -1,11 +1,11 @@ -torbutton.button.tooltip.disabled = टॉर कार्यान्वित करा -torbutton.button.tooltip.enabled = टॉर अकार्यान्वित करा -torbutton.panel.tooltip.disabled = टॉर कार्यान्वित करण्यासाठी क्लिक करा -torbutton.panel.tooltip.enabled = टॉर अकार्यान्वित करण्यासाठी क्लिक करा -torbutton.panel.plugins.disabled = प्लगिन्स कार्यान्वित करण्यासाठी क्लिक करा -torbutton.panel.plugins.enabled = प्लगिन्स अकार्यान्वित करण्यासाठी क्लिक करा -torbutton.panel.label.disabled = टॉर अकार्यान्वित -torbutton.panel.label.enabled = टॉर कार्यान्वित +torbutton.button.tooltip.disabled = टॉर सुरू करा +torbutton.button.tooltip.enabled = टॉर बंद करा +torbutton.panel.tooltip.disabled = टॉर सुरू करण्यासाठी क्लिक करा +torbutton.panel.tooltip.enabled = टॉर बंद करण्यासाठी क्लिक करा +torbutton.panel.plugins.disabled = प्लगिन्स सुरू करण्यासाठी क्लिक करा +torbutton.panel.plugins.enabled = प्लगिन्स बंद करण्यासाठी क्लिक करा +torbutton.panel.label.disabled = टॉर बंद केले +torbutton.panel.label.enabled = टॉर सुरू केले extensions.torbutton(a)torproject.org.description = Torbutton provides a button to configure Tor settings and quickly and easily clear private browsing data. torbutton.popup.history.warning = Torbutton blocked activity from a tab loaded in a different Tor state.\n\nThis is to work around Firefox Bugs 409737 and 417869.\n\nIf this popup seemed to happen for no reason, one of your tabs is attempting to reload itself in the background, and this was blocked.\n\nTo reload the tab in this Tor state, hit 'enter' in the URL location box.\n\n torbutton.popup.plugin.warning = Torbutton blocked direct Tor load of plugin content.\n\nUse Save-As instead.\n\n @@ -14,14 +14,14 @@ torbutton.popup.ff3.warning = Warning!\n\nTorbutton on Firefox 3 is known to lea torbutton.popup.toggle.warning = You need to toggle Tor or restart for your settings to take effect. torbutton.popup.test.success = टॉर प्रॉक्सी चाचणी यशस्वी! torbutton.popup.test.failure = टॉर प्रॉक्सी चाचणी अयशस्वी! प्रॉक्सी आणि पॉलिपोच्या सेटिंग्स तपासून पहा. -torbutton.popup.test.confirm_toggle = The most recent Tor proxy test failed to use Tor.\n\nAre you sure you want to enable anyway?\n\nNote: If you have fixed the problem, you can rerun the test in the Torbutton Proxy Preferences window to eliminate this warning. -torbutton.popup.test.ff3_notice = Click OK to test Tor proxy settings. This test will happen in the background. Please be patient. +torbutton.popup.test.confirm_toggle = सर्वांत शेवटची टॉर प्रॉक्झी चाचणी टॉर वापरण्यास अपयशी ठरली.\n\nतरीसुद्धा सुरू करण्यासाठी तुमची परवानगी आहे का?\n\nटीप : जर तुम्ही समस्या सोडवलेली असेल, तर तुम्ही "टॉरबटन प्रॉक्झी पसंती" ह्या खिडकीतून परत एकदा चाचणी चालवून ही चेतावणी घालवू शकता. +torbutton.popup.test.ff3_notice = टॉर प्रॉक्झी सेटिंग्स तपासण्यासाठी "ठीक आहे" वर क्लिक करा. ही चाचणी पडद्यामागे चालेले. कृपया धीर धरा. torbutton.panel.label.verified = टॉर सत्यापित torbutton.popup.test.auto_failed = स्वयंचलित टॉर प्रॉक्सी चाचणी टॉर वापरण्यात अपयशी.\n\nतरीसुद्धा तुम्हाला नक्की कार्यान्वित करायचे आहे का? -torbutton.prefs.recommended = (शिफारस केलेले) +torbutton.prefs.recommended = (शिफारस केलेली) torbutton.prefs.optional = (ऐच्छिक) torbutton.prefs.crucial = (महत्त्वाचे) -torbutton.popup.external.title = बाह्य फाइल प्रकार डाउनलोड करायचा का? +torbutton.popup.external.title = बाहेरील फाइल प्रकार डाउनलोड करायचा का? torbutton.popup.external.app = टॉर ब्राउझर ही फाइल दाखवू शकत नाही. तिला दुसर्‍या अ‍ॅप्लिकेशन द्वारे उघडावे लागेल.\n\n torbutton.popup.external.note = काही फाइल प्रकारांमुळे टॉर न वापरतासुद्धा अ‍ॅप्लिकेशन्स महाजालाशी थेट जोडले जाऊ शकतात.\n\n torbutton.popup.external.suggest = सुरक्षिततेसाठी, डाउनलोड केलेल्या फाइली तुम्ही ऑफलाइन असतानाच उघडल्या पाहिजेत, किंवा टेल्स / Tails सारखी एखादी टॉर लाइव्ह सीडी / Tor Live CD वापरली पाहिजे.\n @@ -29,18 +29,18 @@ torbutton.popup.launch = फाइल डाउनलोड करा torbutton.popup.cancel = रद्द करा torbutton.popup.dontask = ह्यापुढे नेहमी फाइली आपोआप डाउनलोड करा torbutton.popup.test.no_http_proxy = टॉर प्रॉक्सी चाचणी : स्थानिक HTTP प्रॉक्सी असाध्य आहे. पॉलिपो व्यवस्थित चालू आहे का? -torbutton.popup.captcha.title = Google Captcha टाळायचे का? -torbutton.popup.captcha.ask = Torbuttonला Google Captcha आढळला. ह्या क्वेरीला दुसर्‍या शोधयंत्राकडे पुनर्निर्देशित केलेले तुम्हाला आवडेल का? +torbutton.popup.captcha.title = गूगल कॅपचा टाळायचे का? +torbutton.popup.captcha.ask = टॉरबटनला एक गूगल कॅपचा आढळला. ह्या क्वेरीला दुसर्‍या शोधयंत्राकडे पुनर्निर्देशित केलेले तुम्हाला आवडेल का? torbutton.popup.captcha.always = ह्यापुढे नेहमी ही कृती करा torbutton.popup.redirect = पुनर्निर्देशित करा torbutton.popup.no_redirect = पुनर्निर्देशित करू नका torbutton.popup.prompted_language = To give you more privacy, Torbutton can request the English language version of web pages. This may cause web pages that you prefer to read in your native language to display in English instead.\n\nWould you like to request English language web pages for better privacy? torbutton.popup.no_newnym = Torbutton cannot safely give you a new identity. It does not have access to the Tor Control Port.\n\nAre you running Tor Browser Bundle? torbutton.popup.use_tbb = It appears that you are using Torbutton with Firefox, which is no longer a recommended safe configuration.\n\nInstead, we recommend that you obtain the latest Tor Browser Bundle by sending email to gettor(a)torproject.org or by downloading it at the following URL: -torbutton.popup.pref_error = Torbutton cannot update preferences in the Tor Browser profile directory. -torbutton.popup.permission_denied = Please either reset the permissions of the Tor Browser directory or copy it to a new location. +torbutton.popup.pref_error = टॉर ब्राउझर प्रोफाइल डायरेक्ट्रीमध्ये पसंतीच्या निवडी साठवण्यास टॉरबटन अपयशी. +torbutton.popup.permission_denied = कृपया एकतर टॉर ब्राउझर डायरेक्ट्रीच्या परवानग्या पुनर्स्थापित करा, किंवा तिला एका नव्या जागी हलवा. torbutton.popup.device_full = डिस्क पूर्ण भरल्याचे जाणवतेय. कृपया काही जागा मोकळी करा किंवा टॉर ब्राउझर दुसर्‍या उपकरणावर हलवा. -torbutton.title.prompt_torbrowser = Torbuttonबद्दल महत्त्वाची माहिती +torbutton.title.prompt_torbrowser = टॉरबटनबद्दल महत्त्वाची माहिती torbutton.popup.prompt_torbrowser = Torbutton works differently now: you can't turn it off any more.\n\nWe made this change because it isn't safe to use Torbutton in a browser that's also used for non-Tor browsing. There were too many bugs there that we couldn't fix any other way.\n\nIf you want to keep using Firefox normally, you should uninstall Torbutton and download Tor Browser Bundle. The privacy properties of Tor Browser are also superior to those of normal Firefox, even when Firefox is used with Torbutton.\n\nTo remove Torbutton, go to Tools->Addons->Extensions and then click the Remove button next to Torbutton. torbutton.popup.short_torbrowser = Important Torbutton Information!\n\nTorbutton is now always enabled.\n\nClick on the Torbutton for more information. @@ -50,8 +50,8 @@ torbutton.popup.never_ask_again = मला पुन्हा विचार # Canvas permission prompt. Strings are kept here for ease of translation. canvas.siteprompt=हे संकेतस्थळ (%S) HTML5 कॅन्व्हास इमेज डेटा स्वतःकडे साठवून ठेवण्याचा प्रयत्न करत आहे, ज्याचा वापर तुमच्या संगणकाची थेट ओळख पटवण्यासाठी केला जाऊ शकतो.\n\nटॉर ब्राउझरने ह्या संकेतस्थळाला HTML5 कॅन्व्हास इमेज डेटा स्वतःकडे साठवून ठेवण्याची परवानगी द्यावी का? canvas.notNow=सध्या नको -canvas.notNowAccessKey=नाही +canvas.notNowAccessKey=N canvas.allow=भविष्यात परवानगी द्या canvas.allowAccessKey=A -canvas.never=ह्या संकेतस्थळासाठी कधीच नाही (पसंती सुचवलेली) +canvas.never=ह्या संकेतस्थळासाठी कधीच नाही (शिफारस केलेली) canvas.neverAccessKey=e

1 0