Mercurial > mozreview > gecko / changeset / 3556870721fb9b6de28550b7662d31f3732a60cf ☠
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1079858, Deal with deprecation of SHA1 (SHA-1) Authenticode signatures for Windows signing, part 2 (swap cert, relanding), r=catlee, a=lizzard
☠☠ backed out by 454879ae971d ☠ ☠
authorMatt Howell <mhowell@mozilla.com>
Wed, 09 Dec 2015 17:22:19 -0500
changeset 317129 3556870721fb9b6de28550b7662d31f3732a60cf
parent 317128 1ba4f6d91e637348dc0cdc7e9d311c4cddbc8a5e
child 317130 454879ae971d4ae09a8a1985b03c7702bc2ea397
push id8643
push usermconley@mozilla.com
push dateTue, 22 Dec 2015 18:28:20 +0000
reviewerscatlee, lizzard
bugs1079858
milestone45.0a2
Bug 1079858, Deal with deprecation of SHA1 (SHA-1) Authenticode signatures for Windows signing, part 2 (swap cert, relanding), r=catlee, a=lizzard CLOSED TREE
browser/branding/aurora/branding.nsi file | annotate | diff | comparison | revisions
browser/branding/nightly/branding.nsi file | annotate | diff | comparison | revisions
browser/branding/official/branding.nsi file | annotate | diff | comparison | revisions
browser/branding/unofficial/branding.nsi file | annotate | diff | comparison | revisions
toolkit/mozapps/installer/signing.mk file | annotate | diff | comparison | revisions
toolkit/mozapps/installer/upload-files.mk file | annotate | diff | comparison | revisions
tools/update-packaging/Makefile.in file | annotate | diff | comparison | revisions 
--- a/browser/branding/aurora/branding.nsi
+++ b/browser/branding/aurora/branding.nsi
@@ -15,17 +15,17 @@
 !define HelpLink              "https://support.mozilla.org"
 
 !define URLStubDownload "http://download.mozilla.org/?os=win&lang=${AB_CD}&product=firefox-aurora-latest"
 !define URLManualDownload "https://www.mozilla.org/${AB_CD}/firefox/installer-help/?channel=aurora&installer_lang=${AB_CD}"
 !define Channel "aurora"
 
 # The installer's certificate name and issuer expected by the stub installer
 !define CertNameDownload   "Mozilla Corporation"
-!define CertIssuerDownload "DigiCert Assured ID Code Signing CA-1"
+!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA"
 
 # Dialog units are used so the UI displays correctly with the system's DPI
 # settings.
 # The dialog units for the bitmap's dimensions should match exactly with the
 # bitmap's width and height in pixels.
 !define APPNAME_BMP_WIDTH_DU 108u
 !define APPNAME_BMP_HEIGHT_DU 48u
 !define INTRO_BLURB_WIDTH_DU "232u"
--- a/browser/branding/nightly/branding.nsi
+++ b/browser/branding/nightly/branding.nsi
@@ -14,17 +14,17 @@
 !define HelpLink              "https://support.mozilla.org"
 
 !define URLStubDownload "http://download.mozilla.org/?os=win&lang=${AB_CD}&product=firefox-nightly-latest"
 !define URLManualDownload "https://www.mozilla.org/${AB_CD}/firefox/installer-help/?channel=nightly&installer_lang=${AB_CD}"
 !define Channel "nightly"
 
 # The installer's certificate name and issuer expected by the stub installer
 !define CertNameDownload   "Mozilla Corporation"
-!define CertIssuerDownload "DigiCert Assured ID Code Signing CA-1"
+!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA"
 
 # Dialog units are used so the UI displays correctly with the system's DPI
 # settings.
 # The dialog units for the bitmap's dimensions should match exactly with the
 # bitmap's width and height in pixels.
 !define APPNAME_BMP_WIDTH_DU 159u
 !define APPNAME_BMP_HEIGHT_DU 28u
 !define INTRO_BLURB_WIDTH_DU "230u"
--- a/browser/branding/official/branding.nsi
+++ b/browser/branding/official/branding.nsi
@@ -19,17 +19,17 @@
 ; set the update channel to beta.
 !define OFFICIAL
 !define URLStubDownload "http://download.mozilla.org/?os=win&lang=${AB_CD}&product=firefox-latest"
 !define URLManualDownload "https://www.mozilla.org/${AB_CD}/firefox/installer-help/?channel=release&installer_lang=${AB_CD}"
 !define Channel "release"
 
 # The installer's certificate name and issuer expected by the stub installer
 !define CertNameDownload   "Mozilla Corporation"
-!define CertIssuerDownload "DigiCert Assured ID Code Signing CA-1"
+!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA"
 
 # Dialog units are used so the UI displays correctly with the system's DPI
 # settings.
 # The dialog units for the bitmap's dimensions should match exactly with the
 # bitmap's width and height in pixels.
 !define APPNAME_BMP_WIDTH_DU "134u"
 !define APPNAME_BMP_HEIGHT_DU "36u"
 !define INTRO_BLURB_WIDTH_DU "258u"
--- a/browser/branding/unofficial/branding.nsi
+++ b/browser/branding/unofficial/branding.nsi
@@ -14,17 +14,17 @@
 !define HelpLink              "https://support.mozilla.org"
 
 !define URLStubDownload "http://download.mozilla.org/?os=win&lang=${AB_CD}&product=firefox-latest"
 !define URLManualDownload "https://www.mozilla.org/${AB_CD}/firefox/installer-help/?channel=release&installer_lang=${AB_CD}"
 !define Channel "unofficial"
 
 # The installer's certificate name and issuer expected by the stub installer
 !define CertNameDownload   "Mozilla Corporation"
-!define CertIssuerDownload "Thawte Code Signing CA - G2"
+!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA"
 
 # Dialog units are used so the UI displays correctly with the system's DPI
 # settings.
 # The dialog units for the bitmap's dimensions should match exactly with the
 # bitmap's width and height in pixels.
 !define APPNAME_BMP_WIDTH_DU 159u
 !define APPNAME_BMP_HEIGHT_DU 50u
 !define INTRO_BLURB_WIDTH_DU "230u"
--- a/toolkit/mozapps/installer/signing.mk
+++ b/toolkit/mozapps/installer/signing.mk
@@ -3,18 +3,18 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 # We shouldn't sign the first pass of a PGO build
 ifndef MOZ_PROFILE_GENERATE
 
 # Signing support
 ifdef MOZ_SIGN_CMD
 ifeq (WINNT,$(OS_ARCH))
-MOZ_INTERNAL_SIGNING_FORMAT := osslsigncode
-MOZ_EXTERNAL_SIGNING_FORMAT := osslsigncode
+MOZ_INTERNAL_SIGNING_FORMAT := sha2signcode
+MOZ_EXTERNAL_SIGNING_FORMAT := sha2signcode
 SIGN_INCLUDES := \
   '*.dll' \
   '*.exe' \
   $(NULL)
 
 SIGN_EXCLUDES := \
   'D3DCompiler*.dll' \
   'msvc*.dll' \
--- a/toolkit/mozapps/installer/upload-files.mk
+++ b/toolkit/mozapps/installer/upload-files.mk
@@ -144,18 +144,18 @@ INNER_MAKE_PACKAGE 	= $(CREATE_FINAL_TAR
 else
 INNER_MAKE_PACKAGE 	= $(CREATE_FINAL_TAR) - $(MOZ_PKG_DIR) | bzip2 -vf > $(PACKAGE)
 endif
 INNER_UNMAKE_PACKAGE	= bunzip2 -c $(UNPACKAGE) | $(UNPACK_TAR)
 MAKE_SDK = $(CREATE_FINAL_TAR) - $(MOZ_APP_NAME)-sdk | bzip2 -vf > $(SDK)
 endif
 ifeq ($(MOZ_PKG_FORMAT),ZIP)
 ifdef MOZ_EXTERNAL_SIGNING_FORMAT
-# We can't use osslsigncode on zip files
-MOZ_EXTERNAL_SIGNING_FORMAT := $(filter-out osslsigncode,$(MOZ_EXTERNAL_SIGNING_FORMAT))
+# We can't use sha2signcode on zip files
+MOZ_EXTERNAL_SIGNING_FORMAT := $(filter-out sha2signcode,$(MOZ_EXTERNAL_SIGNING_FORMAT))
 endif
 PKG_SUFFIX	= .zip
 INNER_MAKE_PACKAGE	= $(ZIP) -r9D $(PACKAGE) $(MOZ_PKG_DIR) \
   -x \*/.mkdir.done
 INNER_UNMAKE_PACKAGE	= $(UNZIP) $(UNPACKAGE)
 MAKE_SDK = $(call py_action,zip,$(SDK) $(MOZ_APP_NAME)-sdk)
 endif
 ifeq ($(MOZ_PKG_FORMAT),SFX7Z)
--- a/tools/update-packaging/Makefile.in
+++ b/tools/update-packaging/Makefile.in
@@ -41,18 +41,18 @@ UNPACKAGE	= '$(PACKAGE_BASE_DIR)/$(PACKA
 endif
 endif
 
 include $(topsrcdir)/config/rules.mk
 include $(topsrcdir)/toolkit/mozapps/installer/signing.mk
 include $(topsrcdir)/toolkit/mozapps/installer/packager.mk
 
 ifdef MOZ_EXTERNAL_SIGNING_FORMAT
-# We can't use osslsigncode on mar files
-MOZ_EXTERNAL_SIGNING_FORMAT := $(filter-out osslsigncode,$(MOZ_EXTERNAL_SIGNING_FORMAT))
+# We can't use sha2signcode on mar files
+MOZ_EXTERNAL_SIGNING_FORMAT := $(filter-out sha2signcode,$(MOZ_EXTERNAL_SIGNING_FORMAT))
 MOZ_EXTERNAL_SIGNING_FORMAT := mar $(MOZ_EXTERNAL_SIGNING_FORMAT)
 endif
 
 dir-stage := $(call mkdir_deps,$(STAGE_DIR))
 
 complete-patch:: $(dir-stage)
 ifeq ($(OS_TARGET), WINNT)
 	test -f $(UNPACKAGE)
gecko
Deployed from 1769ae2b5feb at 2022-05-11T14:55:52Z.