commit df4695f356a3369ef448b8c923c7b9bec4f77f18 Author: Sukhbir Singh <sukhbir@torproject.org> Date: Tue Jul 19 14:13:24 2016 -0400 Add patch for signing MAR files (#13379) --- .../instantbird/Sign-MAR-files-bug-13379.mozpatch | 616 +++++++++++++++++++++ projects/instantbird/config | 1 + 2 files changed, 617 insertions(+) diff --git a/projects/instantbird/Sign-MAR-files-bug-13379.mozpatch b/projects/instantbird/Sign-MAR-files-bug-13379.mozpatch new file mode 100644 index 0000000..bfc1e64 --- /dev/null +++ b/projects/instantbird/Sign-MAR-files-bug-13379.mozpatch @@ -0,0 +1,616 @@ +From 94882047c2de9160fd08f33ee2d5541df7baff4d Mon Sep 17 00:00:00 2001 +From: Kathy Brade <brade@pearlcrescent.com> +Date: Wed, 17 Dec 2014 16:37:11 -0500 +Subject: Bug 13379: Sign our MAR files. + +Replace Mozilla's MAR signing certificates with our own. +Configure with --enable-signmar (build the signmar tool). +Configure with --enable-verify-mar (when updating, require a valid signature + on the MAR file before it is applied). +Use the Tor Browser version instead of the Firefox version inside the + MAR file info block (necessary to prevent downgrade attacks). +Use NSS on all platforms for checking MAR signatures (Mozilla plans to use + OS-native APIs on Mac OS and they already do so on Windows). So that the + NSS and NSPR libraries the updater depends on can be found at runtime, we + add the firefox directory to the shared library search path on all platforms. +Use SHA512-based MAR signatures instead of the SHA1-based ones that Mozilla + uses. This is implemented inside MAR_USE_SHA512_RSA_SIG #ifdef's and with + a signature algorithm ID of 512 to help avoid collisions with future work + Mozilla might do in this area. + See: https://bugzilla.mozilla.org/show_bug.cgi?id=1105689 + +diff --git a/config/external/nss/Makefile.in b/config/external/nss/Makefile.in +index c91bf5b..e636fa0 100644 +--- a/config/external/nss/Makefile.in ++++ b/config/external/nss/Makefile.in +@@ -283,11 +283,11 @@ endif + NSS_DIRS += \ + nss/cmd/lib \ + nss/cmd/shlibsign \ ++ nss/cmd/certutil \ + $(NULL) + + ifdef ENABLE_TESTS + NSS_DIRS += \ +- nss/cmd/certutil \ + nss/cmd/pk12util \ + nss/cmd/modutil \ + $(NULL) +diff --git a/modules/libmar/sign/mar_sign.c b/modules/libmar/sign/mar_sign.c +index 2a08abf..902c6f2 100644 +--- a/modules/libmar/sign/mar_sign.c ++++ b/modules/libmar/sign/mar_sign.c +@@ -95,7 +95,12 @@ NSSSignBegin(const char *certName, + return -1; + } + +- *ctx = SGN_NewContext (SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE, *privKey); ++#ifdef MAR_USE_SHA512_RSA_SIG ++ SECOidTag sigAlg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; ++#else ++ SECOidTag sigAlg = SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE; ++#endif ++ *ctx = SGN_NewContext(sigAlg, *privKey); + if (!*ctx) { + fprintf(stderr, "ERROR: Could not create signature context\n"); + return -1; +@@ -994,8 +999,12 @@ mar_repackage_and_sign(const char *NSSConfigDir, + signaturePlaceholderOffset = ftello(fpDest); + + for (k = 0; k < certCount; k++) { +- /* Write out the signature algorithm ID, Only an ID of 1 is supported */ +- signatureAlgorithmID = htonl(1); ++ /* Write out the signature algorithm ID. */ ++#ifdef MAR_USE_SHA512_RSA_SIG ++ signatureAlgorithmID = htonl(SIGNATURE_ALGORITHM_ID_SHA512_RSA); ++#else ++ signatureAlgorithmID = htonl(SIGNATURE_ALGORITHM_ID_SHA1_RSA); ++#endif + if (WriteAndUpdateSignatures(fpDest, &signatureAlgorithmID, + sizeof(signatureAlgorithmID), + ctxs, certCount, "num signatures")) { +diff --git a/modules/libmar/sign/moz.build b/modules/libmar/sign/moz.build +index d7b8d1f..849deff 100644 +--- a/modules/libmar/sign/moz.build ++++ b/modules/libmar/sign/moz.build +@@ -19,6 +19,7 @@ LOCAL_INCLUDES += [ + ] + + DEFINES['MAR_NSS'] = True ++DEFINES['MAR_USE_SHA512_RSA_SIG'] = True + + if CONFIG['OS_ARCH'] == 'WINNT': + USE_STATIC_LIBS = True +diff --git a/modules/libmar/src/mar_private.h b/modules/libmar/src/mar_private.h +index e0c2632..add03f5 100644 +--- a/modules/libmar/src/mar_private.h ++++ b/modules/libmar/src/mar_private.h +@@ -21,6 +21,14 @@ + which is 16 bytes */ + #define SIGNATURE_BLOCK_OFFSET 16 + ++/* Signature algorithm IDs. */ ++#define SIGNATURE_ALGORITHM_ID_SHA1_RSA 1 ++#ifdef MAR_USE_SHA512_RSA_SIG ++/* Use 512 as the algorithm ID so it is less likely that we will conflict with ++ whatever Mozilla chooses when they add support for a stronger signature. */ ++#define SIGNATURE_ALGORITHM_ID_SHA512_RSA 512 ++#endif ++ + /* Make sure the file is less than 500MB. We do this to protect against + invalid MAR files. */ + #define MAX_SIZE_OF_MAR_FILE ((int64_t)524288000) +diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c +index 5011c88..ef0a3eb 100644 +--- a/modules/libmar/tool/mar.c ++++ b/modules/libmar/tool/mar.c +@@ -31,7 +31,11 @@ int mar_repackage_and_sign(const char *NSSConfigDir, + const char * dest); + + static void print_version() { ++#ifdef TOR_BROWSER_UPDATE ++ printf("Version: %s\n", TOR_BROWSER_VERSION); ++#else + printf("Version: %s\n", MOZ_APP_VERSION); ++#endif + printf("Default Channel ID: %s\n", MAR_CHANNEL_ID); + } + +@@ -61,7 +65,7 @@ static void print_usage() { + "signed_input_archive.mar base_64_encoded_signature_file " + "changed_signed_output.mar\n"); + printf("(i) is the index of the certificate to extract\n"); +-#if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) ++#if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) + printf("Verify a MAR file:\n"); + printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); + printf("At most %d signature certificate DER files are specified by " +@@ -116,7 +120,11 @@ int main(int argc, char **argv) { + char *NSSConfigDir = NULL; + const char *certNames[MAX_SIGNATURES]; + char *MARChannelID = MAR_CHANNEL_ID; ++#ifdef TOR_BROWSER_UPDATE ++ char *productVersion = TOR_BROWSER_VERSION; ++#else + char *productVersion = MOZ_APP_VERSION; ++#endif + uint32_t k; + int rv = -1; + uint32_t certCount = 0; +@@ -135,8 +143,8 @@ int main(int argc, char **argv) { + #if defined(XP_WIN) && !defined(MAR_NSS) && !defined(NO_SIGN_VERIFY) + memset((void*)certBuffers, 0, sizeof(certBuffers)); + #endif +-#if !defined(NO_SIGN_VERIFY) && ((!defined(MAR_NSS) && defined(XP_WIN)) || \ +- defined(XP_MACOSX)) ++#if !defined(NO_SIGN_VERIFY) && (!defined(MAR_NSS) && (defined(XP_WIN) || \ ++ defined(XP_MACOSX))) + memset(DERFilePaths, 0, sizeof(DERFilePaths)); + memset(fileSizes, 0, sizeof(fileSizes)); + #endif +@@ -167,8 +175,8 @@ int main(int argc, char **argv) { + argv += 2; + argc -= 2; + } +-#if !defined(NO_SIGN_VERIFY) && ((!defined(MAR_NSS) && defined(XP_WIN)) || \ +- defined(XP_MACOSX)) ++#if !defined(NO_SIGN_VERIFY) && (!defined(MAR_NSS) && (defined(XP_WIN) || \ ++ defined(XP_MACOSX))) + /* -D DERFilePath, also matches -D[index] DERFilePath + We allow an index for verifying to be symmetric + with the import and export command line arguments. */ +@@ -343,6 +351,10 @@ int main(int argc, char **argv) { + #if (defined(XP_WIN) || defined(XP_MACOSX)) && !defined(MAR_NSS) + rv = mar_read_entire_file(DERFilePaths[k], MAR_MAX_CERT_SIZE, + &certBuffers[k], &fileSizes[k]); ++ if (rv) { ++ fprintf(stderr, "ERROR: could not read file %s", DERFilePaths[k]); ++ break; ++ } + #else + /* It is somewhat circuitous to look up a CERTCertificate and then pass + * in its DER encoding just so we can later re-create that +@@ -359,11 +371,11 @@ int main(int argc, char **argv) { + } else { + rv = -1; + } +-#endif + if (rv) { +- fprintf(stderr, "ERROR: could not read file %s", DERFilePaths[k]); ++ fprintf(stderr, "ERROR: no certificate named %s", certNames[k]); + break; + } ++#endif + } + + if (!rv) { +diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build +index 5b52124..9fa982e 100644 +--- a/modules/libmar/tool/moz.build ++++ b/modules/libmar/tool/moz.build +@@ -29,7 +29,13 @@ for var in ('MAR_CHANNEL_ID', 'MOZ_APP_VERSION'): + DEFINES[var] = '"%s"' % CONFIG[var] + HOST_DEFINES[var] = DEFINES[var] + ++if CONFIG['TOR_BROWSER_UPDATE']: ++ DEFINES['TOR_BROWSER_UPDATE'] = '%s' % CONFIG['TOR_BROWSER_UPDATE'] ++if CONFIG['TOR_BROWSER_VERSION']: ++ DEFINES['TOR_BROWSER_VERSION'] = '"%s"' % CONFIG['TOR_BROWSER_VERSION'] ++ + if CONFIG['MOZ_ENABLE_SIGNMAR']: ++ DEFINES['MAR_NSS'] = True + USE_LIBS += [ + 'nspr', + 'nss', +@@ -43,12 +49,12 @@ if CONFIG['OS_ARCH'] == 'WINNT': + OS_LIBS += [ + 'ws2_32', + ] +- if CONFIG['MOZ_ENABLE_SIGNMAR']: ++ if CONFIG['MOZ_ENABLE_SIGNMAR'] and not DEFINES['MAR_NSS']: + OS_LIBS += [ + 'crypt32', + 'advapi32', + ] +-elif CONFIG['OS_ARCH'] == 'Darwin': ++elif CONFIG['OS_ARCH'] == 'Darwin' and not DEFINES['MAR_NSS']: + OS_LIBS += [ + '-framework Security', + ] +diff --git a/modules/libmar/verify/cryptox.c b/modules/libmar/verify/cryptox.c +index af34210..f39669b 100644 +--- a/modules/libmar/verify/cryptox.c ++++ b/modules/libmar/verify/cryptox.c +@@ -64,8 +64,12 @@ NSS_VerifyBegin(VFYContext **ctx, + return CryptoX_Error; + } + +- *ctx = VFY_CreateContext(*publicKey, NULL, +- SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE, NULL); ++#ifdef MAR_USE_SHA512_RSA_SIG ++ SECOidTag sigAlg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; ++#else ++ SECOidTag sigAlg = SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE; ++#endif ++ *ctx = VFY_CreateContext(*publicKey, NULL, sigAlg, NULL); + if (*ctx == NULL) { + return CryptoX_Error; + } +diff --git a/modules/libmar/verify/cryptox.h b/modules/libmar/verify/cryptox.h +index 2296b81..ab9b5a3 100644 +--- a/modules/libmar/verify/cryptox.h ++++ b/modules/libmar/verify/cryptox.h +@@ -59,6 +59,10 @@ CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx , + + #elif XP_MACOSX + ++#ifdef MAR_USE_SHA512_RSA_SIG ++#error MAR_USE_SHA512_RSA_SIG is not implemented. ++#endif ++ + #define CryptoX_InvalidHandleValue NULL + #define CryptoX_ProviderHandle void* + #define CryptoX_SignatureHandle void* +@@ -106,6 +110,11 @@ void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey); + + #elif defined(XP_WIN) + ++#ifdef MAR_USE_SHA512_RSA_SIG ++#error MAR_USE_SHA512_RSA_SIG is not implemented. ++#endif ++ ++ + #include <windows.h> + #include <wincrypt.h> + +diff --git a/modules/libmar/verify/mar_verify.c b/modules/libmar/verify/mar_verify.c +index 07e4354..a9ecaa8 100644 +--- a/modules/libmar/verify/mar_verify.c ++++ b/modules/libmar/verify/mar_verify.c +@@ -277,8 +277,25 @@ mar_extract_and_verify_signatures_fp(FILE *fp, + } + + /* We don't try to verify signatures we don't know about */ +- if (signatureAlgorithmIDs[i] != 1) { +- fprintf(stderr, "ERROR: Unknown signature algorithm ID.\n"); ++#ifdef MAR_USE_SHA512_RSA_SIG ++ const uint32_t kSupportedAlgID = SIGNATURE_ALGORITHM_ID_SHA512_RSA; ++#else ++ const uint32_t kSupportedAlgID = SIGNATURE_ALGORITHM_ID_SHA1_RSA; ++#endif ++ ++ if (signatureAlgorithmIDs[i] != kSupportedAlgID) { ++#ifdef MAR_USE_SHA512_RSA_SIG ++ if (signatureAlgorithmIDs[i] == SIGNATURE_ALGORITHM_ID_SHA1_RSA) { ++ fprintf(stderr, ++ "ERROR: Unsupported signature algorithm (SHA1 with RSA).\n"); ++ } else { ++ fprintf(stderr, "ERROR: Unknown signature algorithm ID %u.\n", ++ signatureAlgorithmIDs[i]); ++ } ++#else ++ fprintf(stderr, "ERROR: Unknown signature algorithm ID %u.\n", ++ signatureAlgorithmIDs[i]); ++#endif + for (i = 0; i < signatureCount; ++i) { + free(extractedSignatures[i]); + } +diff --git a/modules/libmar/verify/moz.build b/modules/libmar/verify/moz.build +index 89f7323..735cf7c 100644 +--- a/modules/libmar/verify/moz.build ++++ b/modules/libmar/verify/moz.build +@@ -15,16 +15,10 @@ FORCE_STATIC_LIB = True + + if CONFIG['OS_ARCH'] == 'WINNT': + USE_STATIC_LIBS = True +-elif CONFIG['OS_ARCH'] == 'Darwin': +- UNIFIED_SOURCES += [ +- 'MacVerifyCrypto.cpp', +- ] +- OS_LIBS += [ +- '-framework Security', +- ] +-else: +- DEFINES['MAR_NSS'] = True +- LOCAL_INCLUDES += ['../sign'] ++ ++DEFINES['MAR_NSS'] = True ++DEFINES['MAR_USE_SHA512_RSA_SIG'] = True ++LOCAL_INCLUDES += ['../sign'] + + LOCAL_INCLUDES += [ + '../src', +diff --git a/toolkit/mozapps/update/updater/Makefile.in b/toolkit/mozapps/update/updater/Makefile.in +index d216298..f2c7540 100644 +--- a/toolkit/mozapps/update/updater/Makefile.in ++++ b/toolkit/mozapps/update/updater/Makefile.in +@@ -15,7 +15,7 @@ endif + + include $(topsrcdir)/config/rules.mk + +-ifneq (,$(filter beta release esr,$(MOZ_UPDATE_CHANNEL))) ++ifneq (,$(filter alpha beta hardened release esr,$(MOZ_UPDATE_CHANNEL))) + PRIMARY_CERT = release_primary.der + SECONDARY_CERT = release_secondary.der + else ifneq (,$(filter nightly aurora nightly-elm nightly-profiling nightly-oak nightly-ux,$(MOZ_UPDATE_CHANNEL))) +diff --git a/toolkit/mozapps/update/updater/release_primary.der b/toolkit/mozapps/update/updater/release_primary.der +index 11417c3..542fb24 100644 +Binary files a/toolkit/mozapps/update/updater/release_primary.der and b/toolkit/mozapps/update/updater/release_primary.der differ +diff --git a/toolkit/mozapps/update/updater/updater-common.build b/toolkit/mozapps/update/updater/updater-common.build +index a39d47d88..a9699c23 100644 +--- a/toolkit/mozapps/update/updater/updater-common.build ++++ b/toolkit/mozapps/update/updater/updater-common.build +@@ -4,6 +4,10 @@ + # License, v. 2.0. If a copy of the MPL was not distributed with this + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + ++DEFINES['MAR_NSS'] = True ++ ++link_with_nss = DEFINES['MAR_NSS'] or (CONFIG['OS_ARCH'] == 'Linux' and CONFIG['MOZ_VERIFY_MAR_SIGNATURE']) ++ + srcs = [ + 'archivereader.cpp', + 'bspatch.cpp', +@@ -41,19 +45,23 @@ if CONFIG['OS_ARCH'] == 'WINNT': + 'ws2_32', + 'shell32', + 'shlwapi', +- 'crypt32', +- 'advapi32', + ] +-elif CONFIG['OS_ARCH'] == 'Linux' and CONFIG['MOZ_VERIFY_MAR_SIGNATURE']: ++ ++ if not link_with_nss: ++ OS_LIBS += [ ++ 'crypt32', ++ 'advapi32', ++ ] ++else: + USE_LIBS += [ +- 'nss', +- 'signmar', + 'updatecommon', + ] +- OS_LIBS += CONFIG['NSPR_LIBS'] +-else: ++ ++if link_with_nss: + USE_LIBS += [ +- 'updatecommon', ++ 'nspr', ++ 'nss', ++ 'signmar', + ] + + USE_LIBS += [ +@@ -81,8 +89,12 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': + ] + OS_LIBS += [ + '-framework Cocoa', +- '-framework Security', + ] ++ ++ if not link_with_nss: ++ OS_LIBS += [ ++ '-framework Security', ++ ] + elif CONFIG['MOZ_WIDGET_TOOLKIT'] == 'gonk': + have_progressui = 1 + srcs += [ +diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp +index f362292..2d205a8 100644 +--- a/toolkit/mozapps/update/updater/updater.cpp ++++ b/toolkit/mozapps/update/updater/updater.cpp +@@ -120,11 +120,13 @@ static bool sUseHardLinks = true; + # define MAYBE_USE_HARD_LINKS 0 + #endif + +-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \ +- !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) ++#if defined(MOZ_VERIFY_MAR_SIGNATURE) ++#if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX) && \ ++ !defined(MOZ_WIDGET_GONK)) + #include "nss.h" + #include "prerror.h" + #endif ++#endif + + #ifdef XP_WIN + #ifdef MOZ_MAINTENANCE_SERVICE +@@ -2635,8 +2637,13 @@ UpdateThreadFunc(void *param) + MARStrings.MARChannelID[0] = '\0'; + } + ++#ifdef TOR_BROWSER_UPDATE ++ const char *appVersion = TOR_BROWSER_VERSION; ++#else ++ const char *appVersion = MOZ_APP_VERSION; ++#endif + rv = gArchiveReader.VerifyProductInformation(MARStrings.MARChannelID, +- MOZ_APP_VERSION); ++ appVersion); + } + } + #endif +@@ -2722,12 +2729,11 @@ int NS_main(int argc, NS_tchar **argv) + } + #endif + +-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \ +- !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +- // On Windows and Mac we rely on native APIs to do verifications so we don't +- // need to initialize NSS at all there. +- // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS +- // databases. ++#if defined(MOZ_VERIFY_MAR_SIGNATURE) ++#if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX) && \ ++ !defined(MOZ_WIDGET_GONK)) ++ // If using NSS for signature verification, initialize NSS but minimize ++ // the portion we depend on by avoiding all of the NSS databases. + if (NSS_NoDB_Init(NULL) != SECSuccess) { + PRErrorCode error = PR_GetError(); + fprintf(stderr, "Could not initialize NSS: %s (%d)", +@@ -2735,6 +2741,7 @@ int NS_main(int argc, NS_tchar **argv) + _exit(1); + } + #endif ++#endif + + InitProgressUI(&argc, &argv); + +diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build +index 3e6a3b6..7d46dfd 100644 +--- a/toolkit/xre/moz.build ++++ b/toolkit/xre/moz.build +@@ -149,6 +149,9 @@ for var in ('APP_VERSION', 'APP_ID'): + if CONFIG['MOZ_BUILD_APP'] == 'browser': + DEFINES['MOZ_BUILD_APP_IS_BROWSER'] = True + ++if CONFIG['MOZ_ENABLE_SIGNMAR'] and CONFIG['TOR_BROWSER_UPDATE']: ++ DEFINES['MAR_NSS'] = True ++ + LOCAL_INCLUDES += [ + '../profile', + '/config', +diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp +index ee60aee..0c7b6b0 100644 +--- a/toolkit/xre/nsUpdateDriver.cpp ++++ b/toolkit/xre/nsUpdateDriver.cpp +@@ -39,7 +39,6 @@ + # include <windows.h> + # include <shlwapi.h> + # include "nsWindowsHelpers.h" +-# include "prprf.h" + # define getcwd(path, size) _getcwd(path, size) + # define getpid() GetCurrentProcessId() + #elif defined(XP_UNIX) +@@ -169,36 +168,6 @@ GetInstallDirPath(nsIFile *appDir, nsACString& installDirPath) + return NS_OK; + } + +-#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN) +-#define PATH_SEPARATOR ";" +- +-// In Tor Browser, updater.exe depends on some DLLs that are located in the +-// app directory. To allow the updater to run when it has been copied into +-// the update directory, we append the app directory to the PATH. +-static nsresult +-AdjustPathForUpdater(nsIFile *appDir) +-{ +- nsAutoCString appPath; +- nsresult rv = appDir->GetNativePath(appPath); +- NS_ENSURE_SUCCESS(rv, rv); +- +- char *s = nullptr; +- char *pathValue = PR_GetEnv("PATH"); +- if ((nullptr == pathValue) || ('\0' == *pathValue)) { +- s = PR_smprintf("PATH=%s", appPath.get()); +- } else { +- s = PR_smprintf("PATH=%s" PATH_SEPARATOR "%s", pathValue, appPath.get()); +- } +- +- // We intentionally leak the value that is passed into PR_SetEnv() because +- // the environment will hold a pointer to it. +- if ((nullptr == s) || (PR_SUCCESS != PR_SetEnv(s))) +- return NS_ERROR_FAILURE; +- +- return NS_OK; +-} +-#endif +- + #ifdef DEBUG + static void + dump_argv(const char *aPrefix, char **argv, int argc) +@@ -500,13 +469,22 @@ CopyUpdaterIntoUpdateDir(nsIFile *greDir, nsIFile *appDir, nsIFile *updateDir, + * Appends the specified path to the library path. + * This is used so that updater can find libmozsqlite3.so and other shared libs. + * +- * @param pathToAppend A new library path to prepend to LD_LIBRARY_PATH ++ * @param pathToAppend A new library path to prepend to the dynamic linker's search path. + */ +-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \ +- !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) ++#if defined(MOZ_VERIFY_MAR_SIGNATURE) && (defined(MAR_NSS) || \ ++ (!defined(XP_WIN) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK))) + #include "prprf.h" ++#if defined(XP_WIN) ++#define PATH_SEPARATOR ";" ++#define LD_LIBRARY_PATH_ENVVAR_NAME "PATH" ++#else + #define PATH_SEPARATOR ":" ++#if defined(XP_MACOSX) ++#define LD_LIBRARY_PATH_ENVVAR_NAME "DYLD_LIBRARY_PATH" ++#else + #define LD_LIBRARY_PATH_ENVVAR_NAME "LD_LIBRARY_PATH" ++#endif ++#endif + static void + AppendToLibPath(const char *pathToAppend) + { +@@ -732,16 +710,20 @@ SwitchToUpdatedApp(nsIFile *greDir, nsIFile *updateDir, + if (gSafeMode) { + PR_SetEnv("MOZ_SAFE_MODE_RESTART=1"); + } +-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \ +- !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +- AppendToLibPath(installDirPath.get()); +-#endif + +-#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN) +- nsresult rv2 = AdjustPathForUpdater(appDir); +- if (NS_FAILED(rv2)) { +- LOG(("SwitchToUpdatedApp -- AdjustPathForUpdater failed (0x%x)\n", rv2)); ++#if defined(MOZ_VERIFY_MAR_SIGNATURE) && (defined(MAR_NSS) || \ ++ (!defined(XP_WIN) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK))) ++#ifdef TOR_BROWSER_UPDATE ++ nsAutoCString appPath; ++ nsresult rv2 = appDir->GetNativePath(appPath); ++ if (NS_SUCCEEDED(rv2)) { ++ AppendToLibPath(appPath.get()); ++ } else { ++ LOG(("SwitchToUpdatedApp -- appDir->GetNativePath() failed (0x%x)\n", rv2)); + } ++#else ++ AppendToLibPath(installDirPath.get()); ++#endif + #endif + + LOG(("spawning updater process for replacing [%s]\n", updaterPath.get())); +@@ -1020,22 +1002,25 @@ ApplyUpdate(nsIFile *greDir, nsIFile *updateDir, nsIFile *statusFile, + if (gSafeMode) { + PR_SetEnv("MOZ_SAFE_MODE_RESTART=1"); + } +-#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \ +- !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) ++#if defined(MOZ_VERIFY_MAR_SIGNATURE) && (defined(MAR_NSS) || \ ++ (!defined(XP_WIN) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK))) ++#ifdef TOR_BROWSER_UPDATE ++ nsAutoCString appPath; ++ nsresult rv2 = appDir->GetNativePath(appPath); ++ if (NS_SUCCEEDED(rv2)) { ++ AppendToLibPath(appPath.get()); ++ } else { ++ LOG(("ApplyUpdate -- appDir->GetNativePath() failed (0x%x)\n", rv2)); ++ } ++#else + AppendToLibPath(installDirPath.get()); + #endif ++#endif + + if (isOSUpdate) { + PR_SetEnv("MOZ_OS_UPDATE=1"); + } + +-#if defined(TOR_BROWSER_UPDATE) && defined(XP_WIN) +- nsresult rv2 = AdjustPathForUpdater(appDir); +- if (NS_FAILED(rv2)) { +- LOG(("ApplyUpdate -- AdjustPathForUpdater failed (0x%x)\n", rv2)); +- } +-#endif +- + #if defined(MOZ_WIDGET_GONK) + // We want the updater to be CPU friendly and not subject to being killed by + // the low memory killer, so we pass in some preferences to allow it to +-- +cgit v0.10.2 + diff --git a/projects/instantbird/config b/projects/instantbird/config index 3c5871d..f6db253 100644 --- a/projects/instantbird/config +++ b/projects/instantbird/config @@ -126,6 +126,7 @@ input_files: - filename: Improve-profile-access-bug-14631-first.mozpatch - filename: Improve-profile-access-bug-14631-second.mozpatch - filename: Mac-outside-app-data-bug-13252.mozpatch + - filename: Sign-MAR-files-bug-13379.mozpatch - filename: Update-load-local-changes-bug-14392-first.mozpatch - filename: Update-load-local-changes-bug-16940-second.mozpatch - filename: aboutTBUpdateLogo.png