This is an automated email from the git hooks/post-receive script.
pierov pushed a commit to branch tor-browser-91.10.0esr-11.0-1 in repository tor-browser.
commit 496f98cc6c38765aab17278d3ea65603a0d18c91 Author: Bryce Seager van Dyk bvandyk@mozilla.com AuthorDate: Wed Apr 13 06:59:57 2022 +0000
Bug 1760527 - Use content signature instead of cert pinning everywhere for GMP updates. r=Gijs, a=RyanVM
This sets up prefs so by default any release will use the content signature path for GMP updates, rather than cert pinning. This intentionally leaves in place the old cert pinning machinery so that we can still use if we need to - Compare the new and old for things like debugging. - Revert these changes in the case of regressions (either by shipping a patch or something like normandy).
This patch is also small to enable it to be uplifted easily.
Once we're sure this new path is good, a larger patch can follow up to remove the cert pinning code + rework our tests.
Differential Revision: https://phabricator.services.mozilla.com/D141891 --- modules/libpref/init/all.js | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index d3650a05b5dd7..c232cda7359eb 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -4133,13 +4133,10 @@ pref("media.gmp-manager.url", "https://aus5.mozilla.org/update/3/GMP/%VERSION%/% // header. Information from this header will be used to validate the response. // If this header is not present, is malformed, or cannot be determined as // valid then the update will fail. -#ifdef EARLY_BETA_OR_EARLIER - // The plan is to have the feature gated by this pref to eventually replace - // the features controlled by the media.gmp-manager.cert.* prefs. Once that - // happens we can remove related code and prefs, but while testing we'll use - // this to gate (see bug 1714621 for more info). - pref("media.gmp-manager.checkContentSignature", true); -#endif +// We should eventually remove this pref and any cert pinning code and make +// the content signature path the sole path. We retain this for now in case +// we need to debug content sig vs cert pin. +pref("media.gmp-manager.checkContentSignature", true);
// When |media.gmp-manager.cert.requireBuiltIn| is true or not specified the // final certificate and all certificates the connection is redirected to before