Created attachment 8370417 [details] Screenshot of failure We've had a few reports of Flash installs (via PFS) not working in Firefox. I just tried doing this on my Win7-sans-Flash box, and also get a failure. It downloads (somewhat slowly), and then displays the failure shown in the attached screenshot. Note that the version number shown is 11.9.900.170. I'm pretty sure this just comes straight from the PFS datasource. That implies that the update in bug 946521 made it to production (commit was 12/8), but the update in bug 957357 did not (commit was 1/9). The download URL stays the same, so I believe we're downloading the latest code from Adobe, but treating it as a failure because we're checking outdated hashes from PFS. :( Our logging sucks, and I'm not sure offhand what the PFS url we're querying is, so I didn't fully verify this. But it seems likely.
If I download the .exe manually and check the version, it's 126.96.36.199.
dveditz points out that the hash changed in https://github.com/mozilla/zamboni/commit/7ee027d0500af47f5200521f9557ec43b8cd90a6 is a character short, so it probably never worked in the first place. :( We should probably figure out how to loop QA into these changes so we can verify we're not breaking installs. :(
(In reply to Justin Dolske [:Dolske] from comment #2) > dveditz points out that the hash changed in > https://github.com/mozilla/zamboni/commit/ > 7ee027d0500af47f5200521f9557ec43b8cd90a6 is a character short, so it > probably never worked in the first place. :( > hm https://github.com/mozilla/zamboni/blob/master/services/pfs.py shows 188.8.131.52 which was what we got from adobe so i guess it has worked till adobe updated now the files
Created attachment 8370560 [details] [diff] [review] flashmorning.diff Wil, seems adobe didn't notified us this time beforehand and so they did a security update and here comes the patch for pfs
https://github.com/mozilla/zamboni/commit/bbc2d3c0742e8879b6eb8d97a508c59e8aaab09a I'll try to get it out today
Paul, can you please take a look at this and verify that Flash is installable via the plugin finder service using a few different Firefox versions, locales and platforms?
Checked on: 27 en-us, 28b1 en-us, 29a2 en-us, 30a1 en-us Win 7 x64 - PASS 27 de, 28b1 ja, 29a2 en-us, 30a1 en-us Win 8.1 x64 - PASS 27 fr, 28b1 ar, 29a2 en-us, 30a1 en-us Win XP x86 - PASS Ubuntu 13.04 x64, Mac OS X 10.8.5 - FAIL
Found another issue here: bug 968762
(In reply to Paul Silaghi, QA [:pauly] from comment #7) > Checked on: > 27 en-us, 28b1 en-us, 29a2 en-us, 30a1 en-us Win 7 x64 - PASS > 27 de, 28b1 ja, 29a2 en-us, 30a1 en-us Win 8.1 x64 - PASS > 27 fr, 28b1 ar, 29a2 en-us, 30a1 en-us Win XP x86 - PASS > Ubuntu 13.04 x64, Mac OS X 10.8.5 - FAIL Hi Paul, i think the result for ubuntu and mac is expected since pfs for flash only supports windows i think
Calling this verified fixed based on comment 7. Thanks for the help, Paul.
(In reply to Carsten Book [:Tomcat] from comment #3) > > dveditz points out that the hash changed in > > https://github.com/mozilla/zamboni/commit/ > > 7ee027d0500af47f5200521f9557ec43b8cd90a6 is a character short, so it > > probably never worked in the first place. :( > > > > hm https://github.com/mozilla/zamboni/blob/master/services/pfs.py shows > 184.108.40.206 which was what we got from adobe so i guess it has worked till > adobe updated now the files I don't see how that could have worked. sha256 hashes are always the same length, so specifying a hash that's too short will never match any input. This seems to be working now (per QA), but I just wanted to reiterate: the root issue here was that had 2 problematic PFS.py changes in Github -- one with a bash hash, one that simply never made it into production -- and neither was noticed for a long time.
(To be extra clear: this was all independent of the .44 update from Adobe. Even if that surprise update hadn't happened, PFS was still broken.)