Closed Bug 1291749 Opened 8 years ago Closed 3 years ago

Manager complains unsigned Add-Ons, Info-Link leads to not existing Web Page

Categories

(SeaMonkey :: General, defect)

SeaMonkey 2.48 Branch
Unspecified
Windows 7
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED WORKSFORME

People

(Reporter: RainerBielefeldNG, Unassigned)

Details

(Keywords: reproducible, Whiteboard: [easyconfirm])

Attachments

(2 files)

Steps how to reproduce with unofficial (from ~akalla/unofficial/) ) en-US SeaMonkey 2.48a1 (NT 6.1; Win64; x64; rv:51.0) Gecko/20100101 Firefox/51.0 Build 20160802100714 (Default Classic Theme) on German WIN7 64bit; 1. Launch Browser → menu ˋTools → Add-Ons-Manager → Extensionsˊ » Extensions list appears Problem: lots of complains "<add-on name> could not be verified ..." Bug: "More Information" link leads to <http://www.seamonkey-project.org/doc/unsigned-addons>, what does not exist. a) drop that message or create useful information page?
I had this problem as well with a 2.45 build from comm-beta from a few days ago (akalla's build from Aug 1.)
NEW due to comment 1 Also REPRODUCIBLE with *official* en-US SeaMonkey 2.48a1 (NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 Build 20160804000913 (Default Classic Theme) on German WIN7 64bit I wonder whether these issues <https://seamonkeyde.wordpress.com/2016/08/03/neue-inoffizielle-lokalisierte-builds-verfuegbar-4/#comment-310> (German) with real function problems have similar roots. May be these Messages are a feature, but the dead link is a bug. @Adrian: What do you think?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: reproducible
OS: Unspecified → Windows 7
This was supposed to be fixed by bug 1273298, the only open question was whether or not the signing requirement could be disabled on beta/release (see yesterday's meeting minutes). The message itself (notification.unsigned) though comes from bug 1149702 and is different from the message of an actually blocked/force-disabled addon (notification.unsignedAndDisabled). As for the wrong link, initially there was a separate pref xpinstall.signatures.infoURL defined but later replaced by "app.support.baseURL" + "unsigned-addons", resulting in the said link for SeaMonkey. Unfortunately, this is hard-wired in the Toolkit code, thus may be tricky to change.
(In reply to rsx11m from comment #3) > xpinstall.signatures.infoURL defined but later replaced by > "app.support.baseURL" + "unsigned-addons" Bug 1170162 - Link Addon-unverified-Warning More-Information-Link to sumo-page
Attached file message comparison
Currently I don't even understand the system when a message is shown or not, I can see no correlation between "signed" ↔ "message" or "no message"
As far as I understand this, the "MOZ_ADDON_SIGNING" mozconfig option is responsible for the signature verification, thus this warning message. This message is shown if there is no signature at all, the signature is wrong or when it was not signed by the "trusted root" (Mozilla Key) - this might explain comment #5. Setting the mozconfig option "MOZ_ADDON_SIGNING=0" should disable this warning message (it did work in the case of my builds, as described here: https://seamonkeyde.wordpress.com/2016/08/03/neue-inoffizielle-lokalisierte-builds-verfuegbar-4/#comment-310 (German). BTW. @Rainer: could you please post the not working link here?
(In reply to Adrian Kalla [:adriank] from comment #6) > BTW. @Rainer: could you please post the not working link here? I don't understand your question - what link do you need?
>> Setting the mozconfig option "MOZ_ADDON_SIGNING=0" should disable this warning message Should be 0 in all official builds unless I am missing something. The configs include . "$topsrcdir/build/mozconfig.common" which contains: # Enable checking that add-ons are signed by the trusted root MOZ_ADDON_SIGNING=${MOZ_ADDON_SIGNING-1} # Disable enforcing that add-ons are signed by the trusted root MOZ_REQUIRE_SIGNING=${MOZ_REQUIRE_SIGNING-0} but later set this (see bug 1273298): # Disable checking that add-ons are signed by the trusted root MOZ_ADDON_SIGNING=0 # Disable enforcing that add-ons are signed by the trusted root MOZ_REQUIRE_SIGNING=0 Just checking config.status should be enough to confirm this. As far as I can see the warning can not be disabled: https://dxr.mozilla.org/comm-central/source/mozilla/toolkit/mozapps/extensions/content/extensions.js It just checks REQUIRE_SIGNING: https://dxr.mozilla.org/comm-central/source/mozilla/toolkit/mozapps/extensions/internal/AddonConstants.jsm which is probably wrong. There should be no message if MOZ_ADDON_SIGNING=0 but this one is not in the loop as far as I can see. Same in extensions.xml. If you concur we should probably file a bug against toolkit.
(In reply to Rainer Bielefeld from comment #7) > (In reply to Adrian Kalla [:adriank] from comment #6) > > BTW. @Rainer: could you please post the not working link here? > I don't understand your question - what link do you need? I meant the link described by "Info-Link leads to not existing Web Page" - but what I've missed is, that you've already posted in comment #0...

I have not seen unsigned warnings in a long time.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: