Pier Angelo Vendrame pushed to branch tor-browser-115.15.0esr-13.5-2 at The Tor Project / Applications / Tor Browser

Commits: 757b1f4d by Pier Angelo Vendrame at 2024-08-28T08:45:55+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser.

Bug 42747: Discard unsupported updates earlier.

Firefox's updater has a function to select updates, which checks mainly the version number. Therefore, a more recent update that is unsupported will be chosen over a compatible one. We patch this to be able to provide an alternative update path to Windows 7.

- - - - - 2f730245 by Pier Angelo Vendrame at 2024-08-28T08:45:55+02:00 fixup! Bug 19121: reinstate the update.xml hash check

Revert "Bug 19121: reinstate the update.xml hash check"

This reverts commit 39a712fbaf18cb64b6dc601c71bac82718de1a01.

- - - - -

3 changed files:

- toolkit/mozapps/update/UpdateService.sys.mjs - toolkit/mozapps/update/UpdateTelemetry.sys.mjs - toolkit/mozapps/update/nsIUpdateService.idl

Changes:

===================================== toolkit/mozapps/update/UpdateService.sys.mjs ===================================== @@ -2127,8 +2127,6 @@ function UpdatePatch(patch) { } break; case "finalURL": - case "hashFunction": - case "hashValue": case "state": case "type": case "URL": @@ -2148,8 +2146,6 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode", - "hashFunction", - "hashValue", "finalURL", "selected", "size", @@ -2163,8 +2159,6 @@ UpdatePatch.prototype = { */ serialize: function UpdatePatch_serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); - patch.setAttribute("hashFunction", this.hashFunction); - patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -3737,18 +3731,20 @@ UpdateService.prototype = {

switch (aUpdate.type) { case "major": - if (!majorUpdate) { + if (!majorUpdate || majorUpdate.unsupported) { majorUpdate = aUpdate; } else if ( + !aUpdate.unsupported && vc.compare(majorUpdate.appVersion, aUpdate.appVersion) <= 0 ) { majorUpdate = aUpdate; } break; case "minor": - if (!minorUpdate) { + if (!minorUpdate || minorUpdate.unsupported) { minorUpdate = aUpdate; } else if ( + !aUpdate.unsupported && vc.compare(minorUpdate.appVersion, aUpdate.appVersion) <= 0 ) { minorUpdate = aUpdate; @@ -5792,56 +5788,7 @@ Downloader.prototype = { }

LOG("Downloader:_verifyDownload downloaded size == expected size."); - let fileStream = Cc[ - "@mozilla.org/network/file-input-stream;1" - ].createInstance(Ci.nsIFileInputStream); - fileStream.init( - destination, - FileUtils.MODE_RDONLY, - FileUtils.PERMS_FILE, - 0 - ); - - let digest; - try { - let hash = Cc["@mozilla.org/security/hash;1"].createInstance( - Ci.nsICryptoHash - ); - var hashFunction = - Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; - if (hashFunction == undefined) { - throw Components.Exception("", Cr.NS_ERROR_UNEXPECTED); - } - hash.init(hashFunction); - hash.updateFromStream(fileStream, -1); - // NOTE: For now, we assume that the format of _patch.hashValue is hex - // encoded binary (such as what is typically output by programs like - // sha1sum). In the future, this may change to base64 depending on how - // we choose to compute these hashes. - hash = hash.finish(false); - digest = Array.from(hash, (c, i) => - hash.charCodeAt(i).toString(16).padStart(2, "0") - ).join(""); - } catch (e) { - LOG( - "Downloader:_verifyDownload - failed to compute hash of the downloaded update archive" - ); - digest = ""; - } - - fileStream.close(); - - if (digest == this._patch.hashValue.toLowerCase()) { - LOG("Downloader:_verifyDownload hashes match."); - return true; - } - - LOG("Downloader:_verifyDownload hashes do not match. "); - AUSTLMY.pingDownloadCode( - this.isCompleteUpdate, - AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH - ); - return false; + return true; },

/** @@ -6477,9 +6424,6 @@ Downloader.prototype = { " is higher than patch size: " + this._patch.size ); - // It's important that we use a different code than - // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference - // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_LARGER @@ -6498,9 +6442,6 @@ Downloader.prototype = { " is not equal to expected patch size: " + this._patch.size ); - // It's important that we use a different code than - // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference - // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_NOT_EQUAL

===================================== toolkit/mozapps/update/UpdateTelemetry.sys.mjs ===================================== @@ -190,7 +190,6 @@ export var AUSTLMY = { DWNLD_ERR_VERIFY_NO_REQUEST: 13, DWNLD_ERR_VERIFY_PATCH_SIZE_NOT_EQUAL: 14, DWNLD_ERR_WRITE_FAILURE: 15, - DWNLD_ERR_VERIFY_NO_HASH_MATCH: 16, // Temporary failure code to see if there are failures without an update phase DWNLD_UNKNOWN_PHASE_ERR_WRITE_FAILURE: 40,

===================================== toolkit/mozapps/update/nsIUpdateService.idl ===================================== @@ -39,17 +39,6 @@ interface nsIUpdatePatch : nsISupports */ attribute AString finalURL;

- /** - * The hash function to use when determining this file's integrity - */ - attribute AString hashFunction; - - /** - * The value of the hash function named above that should be computed if - * this file is not corrupt. - */ - attribute AString hashValue; - /** * The size of this file, in bytes. */

View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/6935ca0...