Loading toolkit/mozapps/update/updater/archivereader.cpp +7 −15 Original line number Diff line number Diff line Loading @@ -15,13 +15,11 @@ #include "updatehelper.h" #endif #ifdef XP_WIN // These are generated at compile time based on the DER file for the channel // being used #include "primaryCert.h" #include "secondaryCert.h" #include "xpcshellCert.h" #endif #define UPDATER_NO_STRING_GLUE_STL #include "nsVersionComparator.cpp" Loading @@ -38,9 +36,6 @@ static int outbuf_size = 262144; static char *inbuf = nullptr; static char *outbuf = nullptr; #ifdef XP_WIN #include "resource.h" /** * Performs a verification on the opened MAR file with the passed in * certificate name ID and type ID. Loading @@ -55,14 +50,12 @@ VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE]) { const uint32_t size = SIZE; const uint8_t* const data = &certData[0]; if (mar_verify_signaturesW(archive, &data, &size, 1)) { if (mar_verify_signatures(archive, &data, &size, 1)) { return CERT_VERIFY_ERROR; } return OK; } #endif /** * Performs a verification on the opened MAR file. Both the primary and backup Loading @@ -79,22 +72,21 @@ ArchiveReader::VerifySignature() return ARCHIVE_NOT_OPEN; } #ifdef XP_WIN // If the fallback key exists we're running an XPCShell test and we should // use the XPCShell specific cert for the signed MAR. int rv; int rv = OK; #ifdef XP_WIN if (DoesFallbackKeyExist()) { rv = VerifyLoadedCert(mArchive, xpcshellCertData); } else { } else #endif { rv = VerifyLoadedCert(mArchive, primaryCertData); if (rv != OK) { rv = VerifyLoadedCert(mArchive, secondaryCertData); } } return rv; #else return OK; #endif } /** Loading toolkit/mozapps/update/updater/updater.cpp +19 −0 Original line number Diff line number Diff line Loading @@ -116,6 +116,11 @@ static bool sUseHardLinks = true; # define MAYBE_USE_HARD_LINKS 0 #endif #if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) #include "nss.h" #include "prerror.h" #endif #ifdef XP_WIN #include "updatehelper.h" Loading Loading @@ -2552,6 +2557,20 @@ int NS_main(int argc, NS_tchar **argv) _exit(1); } #endif #if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) // On Windows we rely on CyrptoAPI to do verifications so we don't need to // initialize NSS at all there. // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS // databases. if (NSS_NoDB_Init(NULL) != SECSuccess) { PRErrorCode error = PR_GetError(); fprintf(stderr, "Could not initialize NSS: %s (%d)", PR_ErrorToName(error), (int) error); _exit(1); } #endif InitProgressUI(&argc, &argv); // To process an update the updater command line must at a minimum have the Loading Loading
toolkit/mozapps/update/updater/archivereader.cpp +7 −15 Original line number Diff line number Diff line Loading @@ -15,13 +15,11 @@ #include "updatehelper.h" #endif #ifdef XP_WIN // These are generated at compile time based on the DER file for the channel // being used #include "primaryCert.h" #include "secondaryCert.h" #include "xpcshellCert.h" #endif #define UPDATER_NO_STRING_GLUE_STL #include "nsVersionComparator.cpp" Loading @@ -38,9 +36,6 @@ static int outbuf_size = 262144; static char *inbuf = nullptr; static char *outbuf = nullptr; #ifdef XP_WIN #include "resource.h" /** * Performs a verification on the opened MAR file with the passed in * certificate name ID and type ID. Loading @@ -55,14 +50,12 @@ VerifyLoadedCert(MarFile *archive, const uint8_t (&certData)[SIZE]) { const uint32_t size = SIZE; const uint8_t* const data = &certData[0]; if (mar_verify_signaturesW(archive, &data, &size, 1)) { if (mar_verify_signatures(archive, &data, &size, 1)) { return CERT_VERIFY_ERROR; } return OK; } #endif /** * Performs a verification on the opened MAR file. Both the primary and backup Loading @@ -79,22 +72,21 @@ ArchiveReader::VerifySignature() return ARCHIVE_NOT_OPEN; } #ifdef XP_WIN // If the fallback key exists we're running an XPCShell test and we should // use the XPCShell specific cert for the signed MAR. int rv; int rv = OK; #ifdef XP_WIN if (DoesFallbackKeyExist()) { rv = VerifyLoadedCert(mArchive, xpcshellCertData); } else { } else #endif { rv = VerifyLoadedCert(mArchive, primaryCertData); if (rv != OK) { rv = VerifyLoadedCert(mArchive, secondaryCertData); } } return rv; #else return OK; #endif } /** Loading
toolkit/mozapps/update/updater/updater.cpp +19 −0 Original line number Diff line number Diff line Loading @@ -116,6 +116,11 @@ static bool sUseHardLinks = true; # define MAYBE_USE_HARD_LINKS 0 #endif #if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) #include "nss.h" #include "prerror.h" #endif #ifdef XP_WIN #include "updatehelper.h" Loading Loading @@ -2552,6 +2557,20 @@ int NS_main(int argc, NS_tchar **argv) _exit(1); } #endif #if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) // On Windows we rely on CyrptoAPI to do verifications so we don't need to // initialize NSS at all there. // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS // databases. if (NSS_NoDB_Init(NULL) != SECSuccess) { PRErrorCode error = PR_GetError(); fprintf(stderr, "Could not initialize NSS: %s (%d)", PR_ErrorToName(error), (int) error); _exit(1); } #endif InitProgressUI(&argc, &argv); // To process an update the updater command line must at a minimum have the Loading
