Opened 3 years ago

Closed 3 years ago

#18951 closed defect (fixed)

Mac OS: HTTPS-E missing after update

Reported by: mcs Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam201605R
Cc: brade Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In the TB 6.0a5 installable packages (dmg files), HTTPS-E is included under TorBrowser.app/Contents/Resources/distribution/extensions as expected. But after completing an incremental update from TB 6.0a4 to 6.0a5, the HTTPS-E extension is missing.

Child Tickets

Change History (5)

comment:1 Changed 3 years ago by mcs

Priority: MediumVery High

I noticed this problem while I was trying to reproduce #18947. This one is caused by some code within the make_add_instruction function in tools/update-packaging/common.sh. It has some special handling for unpacked extensions that are located under distribution\/extensions. I do not know why, but instead of placing simple "add" instructions in the MAR file manifest it generates "add-if" instructions, e.g.,

add-if "Contents/Resources/distribution/extensions/https-everywhere-eff@eff.org" "Contents/Resources/distribution/extensions/https-everywhere-eff@eff.org/install.rdf"

Since Contents/Resources/distribution/extensions/https-everywhere-eff@… does not exist in 6.0a4 or older releases, none of the files under https-everywhere-eff@…/ are added during the update.

comment:2 Changed 3 years ago by mcs

Cc: brade added
Keywords: TorBrowserTeam201605R added
Status: newneeds_review

Here is a fix:
https://gitweb.torproject.org/user/brade/tor-browser.git/commit/?h=bug18951-01&id=e51823989e0f57328f6b710e599ed3b564ac0c37

We also need to decide if we want to do anything special to fix installations that have been affected by this bug. When we ship a new version of HTTPS-E, the incremental update will fail for such people (because the incremental MAR will try to patch files and find that they are missing) and things will be fixed when the full MAR is applied. But we could force an update of all of the HTTPS-E files to make the upgrade smoother and to avoid having to wait for a new HTTPS-E version. Kathy and I think it is OK to just let the fallback to a full update occur.

comment:3 Changed 3 years ago by gk

Status: needs_reviewneeds_information

If I understand your fixup correctly then what is does is basically cutting out an optimization which makes sure that the extension(s) get added anyway (and this is platform-agnostic). Looks good to me in this case.

I am fine with letting the full update occur. What do we do in the mean time, though? Adding that to the known issues on our blog? Making sure all users updating now are getting only the full update?

comment:4 in reply to:  3 ; Changed 3 years ago by mcs

Replying to gk:

If I understand your fixup correctly then what is does is basically cutting out an optimization which makes sure that the extension(s) get added anyway (and this is platform-agnostic). Looks good to me in this case.

Correct.

I am fine with letting the full update occur. What do we do in the mean time, though? Adding that to the known issues on our blog? Making sure all users updating now are getting only the full update?

The full MAR file has the same problem, so removing the incremental MARs is not a fix.
For the next release, we need to make sure we ship a new HTTPS-E extension (e.g., version 5.1.7 assuming it exists) or we need to omit the incremental MARs.

My recommendation for 6.0a5 is to add this to the known issues list on the blog and tell people to install HTTPS-E 5.1.6 from https://www.eff.org/https-everywhere (we don't want them to install the one from addons.mozilla.org since the extension ID is different).

comment:5 in reply to:  4 Changed 3 years ago by gk

Resolution: fixed
Status: needs_informationclosed

Replying to mcs:

Replying to gk:

If I understand your fixup correctly then what is does is basically cutting out an optimization which makes sure that the extension(s) get added anyway (and this is platform-agnostic). Looks good to me in this case.

Correct.

I am fine with letting the full update occur. What do we do in the mean time, though? Adding that to the known issues on our blog? Making sure all users updating now are getting only the full update?

The full MAR file has the same problem, so removing the incremental MARs is not a fix.

Ah, yes, indeed.

For the next release, we need to make sure we ship a new HTTPS-E extension (e.g., version 5.1.7 assuming it exists) or we need to omit the incremental MARs.

Okay.

My recommendation for 6.0a5 is to add this to the known issues list on the blog and tell people to install HTTPS-E 5.1.6 from https://www.eff.org/https-everywhere (we don't want them to install the one from addons.mozilla.org since the extension ID is different).

Done. commit e51823989e0f57328f6b710e599ed3b564ac0c37 has the fix.

Note: See TracTickets for help on using tickets.