[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 27220 - Don't verify signature for Tor Button
gk at torproject.org
gk at torproject.org
Wed Aug 22 09:25:39 UTC 2018
commit b9aecf44142c7874de51bd29abdcd40dcf3e6cb2
Author: Igor Oliveira <igt0 at torproject.org>
Date: Mon Aug 20 16:33:16 2018 -0300
Bug 27220 - Don't verify signature for Tor Button
Tor Browser for Desktop has a similar logic.
---
toolkit/mozapps/extensions/internal/XPIInstall.jsm | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/toolkit/mozapps/extensions/internal/XPIInstall.jsm b/toolkit/mozapps/extensions/internal/XPIInstall.jsm
index 659d97616dc6..17fa45514063 100644
--- a/toolkit/mozapps/extensions/internal/XPIInstall.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIInstall.jsm
@@ -1029,6 +1029,10 @@ function getSignedStatus(aRv, aCert, aAddonID) {
}
function shouldVerifySignedState(aAddon) {
+ if (aAddon.id === "torbutton at torproject.org") {
+ return false;
+ }
+
// Updated system add-ons should always have their signature checked
if (aAddon._installLocation.name == KEY_APP_SYSTEM_ADDONS)
return true;
More information about the tor-commits
mailing list