mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 05:11:16 +00:00
Bug 1885652 - Add Enterprise Policies setting to allow installing XPI files signed using deprecated signatures algorithms. r=mkaply,willdurand
Differential Revision: https://phabricator.services.mozilla.com/D204814
This commit is contained in:
parent
c145757c68
commit
4b62f693f8
@ -662,6 +662,9 @@
|
||||
"items": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"temporarily_allow_weak_signatures": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -691,6 +694,9 @@
|
||||
"default_area": {
|
||||
"type": "string",
|
||||
"enum": ["navbar", "menupanel"]
|
||||
},
|
||||
"temporarily_allow_weak_signatures": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -21,7 +21,7 @@ let themeID = "policytheme@mozilla.com";
|
||||
|
||||
let fileURL;
|
||||
|
||||
add_task(async function setup() {
|
||||
add_setup(async function setup() {
|
||||
await AddonTestUtils.promiseStartupManager();
|
||||
|
||||
let webExtensionFile = AddonTestUtils.createTempWebExtensionFile({
|
||||
@ -34,6 +34,10 @@ add_task(async function setup() {
|
||||
},
|
||||
});
|
||||
|
||||
server.registerFile(
|
||||
"/data/amosigned-sha1only.xpi",
|
||||
do_get_file("amosigned-sha1only.xpi")
|
||||
);
|
||||
server.registerFile("/data/policy_test.xpi", webExtensionFile);
|
||||
fileURL = Services.io
|
||||
.newFileURI(webExtensionFile)
|
||||
@ -289,3 +293,112 @@ add_task(async function test_addon_normalinstalled_file() {
|
||||
|
||||
await addon.uninstall();
|
||||
});
|
||||
|
||||
add_task(async function test_allow_weak_signatures() {
|
||||
// Make sure weak signatures are restricted.
|
||||
const resetWeakSignaturePref =
|
||||
AddonTestUtils.setWeakSignatureInstallAllowed(false);
|
||||
|
||||
const id = "amosigned-xpi@tests.mozilla.org";
|
||||
const perAddonSettings = {
|
||||
installation_mode: "normal_installed",
|
||||
install_url: BASE_URL + "/amosigned-sha1only.xpi",
|
||||
};
|
||||
|
||||
info(
|
||||
"Sanity check: expect install to fail if not allowed through enterprise policy settings"
|
||||
);
|
||||
await Promise.all([
|
||||
AddonTestUtils.promiseInstallEvent("onDownloadFailed"),
|
||||
setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
ExtensionSettings: {
|
||||
[id]: { ...perAddonSettings },
|
||||
},
|
||||
},
|
||||
}),
|
||||
]);
|
||||
let addon = await AddonManager.getAddonByID(id);
|
||||
equal(addon, null, "Add-on not installed");
|
||||
|
||||
info(
|
||||
"Expect install to be allowed through per-addon enterprise policy settings"
|
||||
);
|
||||
await Promise.all([
|
||||
AddonTestUtils.promiseInstallEvent("onInstallEnded"),
|
||||
setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
ExtensionSettings: {
|
||||
[id]: {
|
||||
...perAddonSettings,
|
||||
temporarily_allow_weak_signatures: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
}),
|
||||
]);
|
||||
addon = await AddonManager.getAddonByID(id);
|
||||
notEqual(addon, null, "Add-on not installed");
|
||||
await addon.uninstall();
|
||||
|
||||
info(
|
||||
"Expect install to be allowed through global enterprise policy settings"
|
||||
);
|
||||
await Promise.all([
|
||||
AddonTestUtils.promiseInstallEvent("onInstallEnded"),
|
||||
setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
ExtensionSettings: {
|
||||
"*": { temporarily_allow_weak_signatures: true },
|
||||
[id]: { ...perAddonSettings },
|
||||
},
|
||||
},
|
||||
}),
|
||||
]);
|
||||
addon = await AddonManager.getAddonByID(id);
|
||||
notEqual(addon, null, "Add-on installed");
|
||||
await addon.uninstall();
|
||||
|
||||
info(
|
||||
"Expect install to fail if allowed globally but disallowed by per-addon settings"
|
||||
);
|
||||
await Promise.all([
|
||||
AddonTestUtils.promiseInstallEvent("onDownloadFailed"),
|
||||
setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
ExtensionSettings: {
|
||||
"*": { temporarily_allow_weak_signatures: true },
|
||||
[id]: {
|
||||
...perAddonSettings,
|
||||
temporarily_allow_weak_signatures: false,
|
||||
},
|
||||
},
|
||||
},
|
||||
}),
|
||||
]);
|
||||
addon = await AddonManager.getAddonByID(id);
|
||||
equal(addon, null, "Add-on not installed");
|
||||
|
||||
info(
|
||||
"Expect install to be allowed through per addon setting when globally disallowed"
|
||||
);
|
||||
await Promise.all([
|
||||
AddonTestUtils.promiseInstallEvent("onInstallEnded"),
|
||||
setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
ExtensionSettings: {
|
||||
"*": { temporarily_allow_weak_signatures: false },
|
||||
[id]: {
|
||||
...perAddonSettings,
|
||||
temporarily_allow_weak_signatures: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
}),
|
||||
]);
|
||||
addon = await AddonManager.getAddonByID(id);
|
||||
notEqual(addon, null, "Add-on installed");
|
||||
await addon.uninstall();
|
||||
|
||||
resetWeakSignaturePref();
|
||||
});
|
||||
|
@ -2,7 +2,10 @@
|
||||
skip-if = ["os == 'android'"] # bug 1730213
|
||||
firefox-appdir = "browser"
|
||||
head = "head.js"
|
||||
support-files = ["policytest_v0.1.xpi"]
|
||||
support-files = [
|
||||
"policytest_v0.1.xpi",
|
||||
"../../../../../toolkit/mozapps/extensions/test/xpinstall/amosigned-sha1only.xpi"
|
||||
]
|
||||
|
||||
["test_3rdparty.js"]
|
||||
|
||||
|
@ -1654,20 +1654,40 @@ class AddonInstall {
|
||||
!XPIInstall.isWeakSignatureInstallAllowed() &&
|
||||
this.addon.signedDate &&
|
||||
!hasStrongSignature(this.addon)
|
||||
) {
|
||||
const addonAllowedByPolicies = Services.policies.getExtensionSettings(
|
||||
this.addon.id
|
||||
)?.temporarily_allow_weak_signatures;
|
||||
|
||||
const globallyAllowedByPolicies =
|
||||
Services.policies.getExtensionSettings(
|
||||
"*"
|
||||
)?.temporarily_allow_weak_signatures;
|
||||
|
||||
const allowedByPolicies =
|
||||
(globallyAllowedByPolicies &&
|
||||
(addonAllowedByPolicies || addonAllowedByPolicies == null)) ||
|
||||
addonAllowedByPolicies;
|
||||
|
||||
if (
|
||||
!allowedByPolicies &&
|
||||
(!this.existingAddon || hasStrongSignature(this.existingAddon))
|
||||
) {
|
||||
// Reject if it is a new install or installing over an existing addon including
|
||||
// strong cryptographic signatures.
|
||||
if (!this.existingAddon || hasStrongSignature(this.existingAddon)) {
|
||||
return Promise.reject([
|
||||
AddonManager.ERROR_CORRUPT_FILE,
|
||||
"install rejected due to the package not including a strong cryptographic signature",
|
||||
]);
|
||||
}
|
||||
|
||||
// Still allow installs using weak signatures to install if the existing addon also had a
|
||||
// weak signature.
|
||||
// Still allow installs using weak signatures to install if either:
|
||||
// - it is explicitly allowed through Enterprise Policies Settings
|
||||
// - or there is an existing addon with a weak signature.
|
||||
logger.warn(
|
||||
`Allow weak signature install over existing "${this.existingAddon.id}" XPI`
|
||||
allowedByPolicies
|
||||
? `Allow weak signature install for ${this.addon.id} XPI due to Enterprise Policies`
|
||||
: `Allow weak signature install over existing "${this.existingAddon.id}" XPI`
|
||||
);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user