Closed Bug 1895492 Opened 6 months ago Closed 5 months ago

Update user-agent of InetBgDL for the stub installer

Categories

(Firefox :: Installer, task)

Product:
Firefox
Component:
Installer
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
127 Branch
Tracking Flags:
Tracking Status
firefox127 --- fixed

People

(Reporter: jcristau, Assigned: bhearsum)

References

Details

Attachments

(2 files, 1 obsolete file)

Bug 1895492: bump user agent of InetBgDL r?nalexander!
48 bytes, text/x-phabricator-request
Details | Review
[mozilla-releng/adhoc-signing] bug 1895492: Add signing manifest for net InetBgDL nsis plugin. (#207)
56 bytes, text/x-github-pull-request
Details | Review

As part of bug 1889299, we need to be able to distinguish stub installers that expect a full installer signed with a cert issued by the old DigiCert intermediate vs stub installers that expect a full installer signed with a cert issued by the new DigiCert intermediate.
One way to do that is to update the User-Agent at the same time as we're switching signing certificates.

This bump to the user agent allows us to distinguish between stub installers with and without this change, which enables us to keep both of them working after we switch to a new authenticode certificate in https://bugzilla.mozilla.org/show_bug.cgi?id=1889299

We do not have automatic builds for these; my plan is to use the child revisions of this (related to https://bugzilla.mozilla.org/show_bug.cgi?id=1771192) to build it on Try. From there, we'll sign it by hand (as we've done for plugins in the past), and check it into the tree in a separate revision that must be landed at the same time as the new authenticode certificate.

Assignee: nobody → bhearsum
Status: NEW → ASSIGNED
Pushed by bhearsum@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6af7fa4a4208 bump user agent of InetBgDL r=nalexander

https://hg.mozilla.org/mozilla-central/rev/6af7fa4a4208

Status: ASSIGNED → RESOLVED
Closed: 6 months ago
status-firefox127: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 127 Branch

This is not quite fixed yet - we've landed new code, but haven't updated the plugins that actually ship with Firefox.

Status: RESOLVED → REOPENED
Resolution: FIXED → ---

I've built a new version of the InetBgDL plugin in https://treeherder.mozilla.org/jobs?repo=try&revision=1319a798b6a6f4ad0a2ae4a8a6004bc7fecf2b4b, which is the latest mozilla-central (which includes the change to that plugin's source), with the patches from https://bugzilla.mozilla.org/show_bug.cgi?id=1771192 applied to it.

From there, I've downloaded the setup-stub.exe that the job produced, and pulled InetBgDL.dll out of it. https://github.com/mozilla-releng/adhoc-signing/pull/207 has been opened to get that signed.

Once that's done I'll prep a patch to update it in tree (whose landing needs to be coordinated with watershed creation, switching to the new authenticode cert, etc.

This was built in a shippable win32 build on Try in https://treeherder.mozilla.org/jobs?repo=try&revision=1319a798b6a6f4ad0a2ae4a8a6004bc7fecf2b4b, which was based on central, with https://phabricator.services.mozilla.com/D209700 and the patches from https://bugzilla.mozilla.org/show_bug.cgi?id=1771192 applied to it.

From there, I downloaded setup-stub.exe, extracted it with 7zip, and sent it through adhoc signing to be signed: https://github.com/mozilla-releng/adhoc-signing/pull/207.

The output from that from that (https://firefox-ci-tc.services.mozilla.com/tasks/QJkRwbZuS4uRht111JpSMw) is what is included in this revision.

Target Milestone: 127 Branch → ---
Attachment #9400755 - Attachment description: WIP: Bug 1895492: update InetBgDL.dll nsis plugin r?nalexander!,jcristau! → Bug 1895492: update InetBgDL.dll nsis plugin r?nalexander!,jcristau!
Pushed by jcristau@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/3fd1528e5f79 update InetBgDL.dll nsis plugin r=nalexander,jcristau

https://hg.mozilla.org/mozilla-central/rev/3fd1528e5f79

Status: REOPENED → RESOLVED
Closed: 6 months ago6 months ago
status-firefox128: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 128 Branch
Regressions: 1896868
Backout by csabou@mozilla.com: https://hg.mozilla.org/mozilla-central/rev/b7871b7f2c05 Backed out 2 changesets (bug 1895492, bug 1889299) for causing bug 1896944. a=backout

Backed out from central for causing bug 1896944: https://hg.mozilla.org/mozilla-central/rev/b7871b7f2c05e4076ad55ae4aa929b9862d4c8af

Status: RESOLVED → REOPENED
status-firefox128: fixed → ---
Flags: needinfo?(bhearsum)
Resolution: FIXED → ---
Target Milestone: 128 Branch → ---
Status: REOPENED → ASSIGNED
status-firefox127: affected → ---
Attachment #9400755 - Attachment is obsolete: true

Updated version of the plugin is in bug 1896868.

Status: ASSIGNED → RESOLVED
Closed: 6 months ago5 months ago
Duplicate of bug: 1896868
Flags: needinfo?(bhearsum)
Resolution: --- → DUPLICATE
Blocks: 1896868
status-firefox127: --- → fixed
No longer duplicate of bug: 1896868
No longer regressions: 1896868
Resolution: DUPLICATE → FIXED
Summary: update user-agent for the stub installer along with issuer pin → Update user-agent of InetBgDL for the stub installer
Target Milestone: --- → 127 Branch

Updated the status to show that the first patch landed in this bug and the second one landed in bug 1896868.

The patch from this bug was backed out, so it didn't land on m-c. I think the previous status was a bit more clear since no patch attached to this bug fixed it.

Flags: needinfo?(mathew.hodson)

(In reply to William Durand [:willdurand] from comment #14)

The patch from this bug was backed out, so it didn't land on m-c. I think the previous status was a bit more clear since no patch attached to this bug fixed it.

Only the second patch was backed out. https://phabricator.services.mozilla.com/D209700 landed in this bug on 127 branch, which updated the user agent.

Flags: needinfo?(mathew.hodson)

D209700 was a no-op on its own, though, since firefox builds use the pre-built/signed dll.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: