Skip authenticode and cert checks completely when fallback key is present
authorBrian R. Bondy <netzen@gmail.com>
Tue, 27 Jan 2015 21:41:07 -0500
changeset 491370 4baf21fa0db8966e2a8bbee7499497203778cf78
parent 491369 54805643390a8074ae8f4127051db718c7433ac2
child 491371 a9b91a13402a7aaed28be9bfc1d5fa72ffaf355a
push id47343
push userbmo:dothayer@mozilla.com
push dateWed, 01 Mar 2017 22:58:58 +0000
milestone37.0a1
Skip authenticode and cert checks completely when fallback key is present
toolkit/components/maintenanceservice/registrycertificates.cpp
--- a/toolkit/components/maintenanceservice/registrycertificates.cpp
+++ b/toolkit/components/maintenanceservice/registrycertificates.cpp
@@ -44,16 +44,20 @@ DoesBinaryMatchAllowedCertificates(LPCWS
     // We use this registry key on our test slaves to store the 
     // allowed name/issuers.
     retCode = RegOpenKeyExW(HKEY_LOCAL_MACHINE, 
                             TEST_ONLY_FALLBACK_KEY_PATH, 0,
                             KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
     if (retCode != ERROR_SUCCESS) {
       LOG_WARN(("Could not open fallback key.  (%d)", retCode));
       return FALSE;
+    } else {
+      LOG_WARN(("Fallback key present, skipping authenticode "
+                "check and cert check."));
+      return TRUE;
     }
   }
   nsAutoRegKey baseKey(baseKeyRaw);
 
   // Get the number of subkeys.
   DWORD subkeyCount = 0;
   retCode = RegQueryInfoKeyW(baseKey, nullptr, nullptr, nullptr, &subkeyCount,
                              nullptr, nullptr, nullptr, nullptr, nullptr,