Ticket #27220: 0001-Bug-27220-Don-t-verify-signatures-for-tb-tl-and-http.patch

File 0001-Bug-27220-Don-t-verify-signatures-for-tb-tl-and-http.patch, 1.1 KB (added by igt0, 10 months ago)
  • toolkit/mozapps/extensions/internal/XPIInstall.jsm

    From a0c1b4ab41c56ce12cb7f1775107d77d521dbecc Mon Sep 17 00:00:00 2001
    From: Igor Oliveira <igt0@torproject.org>
    Date: Mon, 20 Aug 2018 15:17:59 -0300
    Subject: [PATCH] Bug 27220 - Don't verify signatures for tb, tl and https-e
    
    Tor Browser for Desktop has a similar logic.
    ---
     toolkit/mozapps/extensions/internal/XPIInstall.jsm | 6 ++++++
     1 file changed, 6 insertions(+)
    
    diff --git a/toolkit/mozapps/extensions/internal/XPIInstall.jsm b/toolkit/mozapps/extensions/internal/XPIInstall.jsm
    index 659d97616dc6..6c3420aa3090 100644
    a b function getSignedStatus(aRv, aCert, aAddonID) { 
    10291029}
    10301030
    10311031function shouldVerifySignedState(aAddon) {
     1032  if (aAddon.id == "torbutton@torproject.org" ||
     1033      aAddon.id == "tor-launcher@torproject.org" ||
     1034      aAddon.id == "https-everywhere-eff@eff.org") {
     1035    return false;
     1036  }
     1037
    10321038  // Updated system add-ons should always have their signature checked
    10331039  if (aAddon._installLocation.name == KEY_APP_SYSTEM_ADDONS)
    10341040    return true;