Closed
Bug 1291749
Opened 8 years ago
Closed 3 years ago
Manager complains unsigned Add-Ons, Info-Link leads to not existing Web Page
Categories
(SeaMonkey :: General, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: RainerBielefeldNG, Unassigned)
Details
(Keywords: reproducible, Whiteboard: [easyconfirm])
Attachments
(2 files)
Steps how to reproduce with unofficial (from ~akalla/unofficial/) ) en-US SeaMonkey 2.48a1 (NT 6.1; Win64; x64; rv:51.0) Gecko/20100101 Firefox/51.0 Build 20160802100714 (Default Classic Theme) on German WIN7 64bit;
1. Launch Browser → menu ˋTools → Add-Ons-Manager → Extensionsˊ
» Extensions list appears
Problem: lots of complains "<add-on name> could not be verified ..."
Bug: "More Information" link leads to
<http://www.seamonkey-project.org/doc/unsigned-addons>, what does not
exist.
a) drop that message or create useful information page?
Comment 1•8 years ago
|
||
I had this problem as well with a 2.45 build from comm-beta from a few days ago (akalla's build from Aug 1.)
Reporter | ||
Comment 2•8 years ago
|
||
NEW due to comment 1
Also REPRODUCIBLE with *official* en-US SeaMonkey 2.48a1 (NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 Build 20160804000913 (Default Classic Theme) on German WIN7 64bit
I wonder whether these issues <https://seamonkeyde.wordpress.com/2016/08/03/neue-inoffizielle-lokalisierte-builds-verfuegbar-4/#comment-310> (German) with real function problems have similar roots.
May be these Messages are a feature, but the dead link is a bug.
@Adrian:
What do you think?
This was supposed to be fixed by bug 1273298, the only open question was whether or not the signing requirement could be disabled on beta/release (see yesterday's meeting minutes).
The message itself (notification.unsigned) though comes from bug 1149702 and is different from the message of an actually blocked/force-disabled addon (notification.unsignedAndDisabled).
As for the wrong link, initially there was a separate pref xpinstall.signatures.infoURL defined but later replaced by "app.support.baseURL" + "unsigned-addons", resulting in the said link for SeaMonkey. Unfortunately, this is hard-wired in the Toolkit code, thus may be tricky to change.
(In reply to rsx11m from comment #3)
> xpinstall.signatures.infoURL defined but later replaced by
> "app.support.baseURL" + "unsigned-addons"
Bug 1170162 - Link Addon-unverified-Warning More-Information-Link to sumo-page
Reporter | ||
Comment 5•8 years ago
|
||
Currently I don't even understand the system when a message is shown or not, I can see no correlation between "signed" ↔ "message" or "no message"
Comment 6•8 years ago
|
||
As far as I understand this, the "MOZ_ADDON_SIGNING" mozconfig option is responsible for the signature verification, thus this warning message. This message is shown if there is no signature at all, the signature is wrong or when it was not signed by the "trusted root" (Mozilla Key) - this might explain comment #5.
Setting the mozconfig option "MOZ_ADDON_SIGNING=0" should disable this warning message (it did work in the case of my builds, as described here: https://seamonkeyde.wordpress.com/2016/08/03/neue-inoffizielle-lokalisierte-builds-verfuegbar-4/#comment-310 (German).
BTW. @Rainer: could you please post the not working link here?
Reporter | ||
Comment 7•8 years ago
|
||
(In reply to Adrian Kalla [:adriank] from comment #6)
> BTW. @Rainer: could you please post the not working link here?
I don't understand your question - what link do you need?
Comment 8•8 years ago
|
||
>> Setting the mozconfig option "MOZ_ADDON_SIGNING=0" should disable this warning message
Should be 0 in all official builds unless I am missing something.
The configs include
. "$topsrcdir/build/mozconfig.common"
which contains:
# Enable checking that add-ons are signed by the trusted root
MOZ_ADDON_SIGNING=${MOZ_ADDON_SIGNING-1}
# Disable enforcing that add-ons are signed by the trusted root
MOZ_REQUIRE_SIGNING=${MOZ_REQUIRE_SIGNING-0}
but later set this (see bug 1273298):
# Disable checking that add-ons are signed by the trusted root
MOZ_ADDON_SIGNING=0
# Disable enforcing that add-ons are signed by the trusted root
MOZ_REQUIRE_SIGNING=0
Just checking config.status should be enough to confirm this.
As far as I can see the warning can not be disabled:
https://dxr.mozilla.org/comm-central/source/mozilla/toolkit/mozapps/extensions/content/extensions.js
It just checks REQUIRE_SIGNING:
https://dxr.mozilla.org/comm-central/source/mozilla/toolkit/mozapps/extensions/internal/AddonConstants.jsm
which is probably wrong. There should be no message if MOZ_ADDON_SIGNING=0 but this one is not in the loop as far as I can see. Same in extensions.xml.
If you concur we should probably file a bug against toolkit.
Comment 9•8 years ago
|
||
(In reply to Rainer Bielefeld from comment #7)
> (In reply to Adrian Kalla [:adriank] from comment #6)
> > BTW. @Rainer: could you please post the not working link here?
> I don't understand your question - what link do you need?
I meant the link described by "Info-Link leads to not existing Web Page" - but what I've missed is, that you've already posted in comment #0...
Comment 10•3 years ago
|
||
I have not seen unsigned warnings in a long time.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•