[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15532 [Tor Browser]: Tor Browser 4.5 displays signature validation error during update

Subject: Re: [tor-bugs] #15532 [Tor Browser]: Tor Browser 4.5 displays signature validation error during update
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 01 Apr 2015 21:35:30 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 01 Apr 2015 17:35:38 -0400
In-reply-to: <049.3f8b625d18877ea30a4fe000d5cf3a5a@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.3f8b625d18877ea30a4fe000d5cf3a5a@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15532: Tor Browser 4.5 displays signature validation error during update
-----------------------------+---------------------------
     Reporter:  mikeperry    |      Owner:  tbb-team
         Type:  defect       |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:  tbb-4.5-alpha
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+---------------------------

Comment (by mcs):

 The difficulty in fixing this bug is that Mozilla tends to consider stderr
 as something that most users will ignore. In this specific case, a
 function named mar_verify_signatures() that is in
 modules/libmar/verify/mar_verify.c is called twice by the updater code.
 The first call, with the cert that was not used to sign the 4.5a5 MAR
 files, causes two error lines to be sent to stderr.

 Unfortunately, the code in mar_verify.c contains 32 fprintf(stderr,
 "ERROR: ...") statements. The information that is output could be very
 useful if there is a real problem with MAR file signature verification,
 and mar_verify.c is also used by the signmar command line program (where
 it makes sense to have the stderr output).

 Maybe we can add a bool parameter to mar_verify_signatures() that controls
 whether messages are written to stderr. Then we could enable them for the
 signmar command line program and disable them for the updater. I think the
 patch to do this will be somewhat large but fairly simple. We might even
 be able to make it so that the messages are logged to stderr when the
 app.update.log pref. is true, although that is a little tricky because the
 updater program itself cannot read prefs. But we could use an environment
 variable like Mozilla does for other things; look for PR_SetEnv() calls
 inside toolkit/xre/nsUpdateDriver.cpp.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15532#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #15532 [Tor Browser]: Tor Browser 4.5 displays signature validation error during update
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #15529 [HTTPS Everywhere: Chrome]: Redirects to spammy sites from Sched.org shortlinks
Next by Author: Re: [tor-bugs] #15534 [Tor]: Regression test fails in tor dev head
Previous by thread: Re: [tor-bugs] #15532 [Tor Browser]: Tor Browser 4.5 displays signature validation error during update
Next by thread: Re: [tor-bugs] #15532 [Tor Browser]: Tor Browser 4.5 displays signature validation error during update
Index(es):
- Author
- Thread