Closed Bug 1203787 Opened 9 years ago Closed 9 years ago

Cope with hashed Add-on IDs in the CN field

Categories

(Toolkit :: Add-ons Manager, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla44
Tracking Status
firefox43 + fixed
firefox44 + fixed

People

(Reporter: andy+bugzilla, Assigned: mossop)

References

Details

Attachments

(1 file)

As per bug 1201176, when the addon ID is longer than 64 chars it will be hashed in the CN field. Which means the signature will be invalid. When installing the addon and performing this check on the CN field Firefox will need to hash the ID and then compare the value.

The hash is being done on AMO side in bug 1203365.
No longer blocks: 1203915
See Also: → 1203915
We don't have anyone yet to work on this, would you be able to work on this for 43?
Flags: needinfo?(dtownsend)
(In reply to Andy McKay [:andym] from comment #1)
> We don't have anyone yet to work on this, would you be able to work on this
> for 43?

Yes this is pretty straightforward, I just need to figure out how to get a testcase
Assignee: nobody → dtownsend
Flags: needinfo?(dtownsend)
Attached patch patchSplinter Review
This hashes the add-on ID before comparing to the common name if the ID is longer than 64 characters. The test includes 5 add-ons:

long_63_plain.xpi: ID is 63 characters long, the common name is the plain ID
long_63_hash.xpi: ID is 63 characters long, the common name is the hashed ID
long_64_plain.xpi: ID is 64 characters long, the common name is the plain ID
long_64_hash.xpi: ID is 64 characters long, the common name is the hashed ID
long_65_hash.xpi: ID is 65 characters long, the common name is the hashed ID
Attachment #8663080 - Flags: review?(dveditz)
Comment on attachment 8663080 [details] [diff] [review]
patch

Review of attachment 8663080 [details] [diff] [review]:
-----------------------------------------------------------------

r=dveditz
Attachment #8663080 - Flags: review?(dveditz) → review+
https://hg.mozilla.org/mozilla-central/rev/201ca50802b2
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla44
Comment on attachment 8663080 [details] [diff] [review]
patch

Approval Request Comment
[Feature/regressing bug #]: 1201176
[User impact if declined]: Multiple add-ons will fail on Firefox 43 when signing is turned on.
[Describe test coverage new/current, TreeHerder]:
[Risks and why]: Seems low risk.
[String/UUID change made/needed]: none (I believe)
Attachment #8663080 - Flags: approval-mozilla-aurora?
Comment on attachment 8663080 [details] [diff] [review]
patch

Approved for uplift to aurora. Good to do since we accept long GUIDs again.
Attachment #8663080 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.