Bug 1217985 - Don't depend on Windows crypto DLLs
authorKathy Brade <brade@pearlcrescent.com>
Tue, 27 Oct 2015 17:50:32 -0700
changeset 305002 c4aebb4abcc52d6a4e096f6d30c799e82f2717d8
parent 305001 4a412e7f72b1b39b1f8413d6c4c7c7fdc48a2172
child 305003 872927368b0e59155a52cabb46084d0a19ab4b5f
child 305092 093802a6d8aeff51c68c92323b3b799b5fc7cd4c
push id1001
push userraliiev@mozilla.com
push dateMon, 18 Jan 2016 19:06:03 +0000
treeherdermozilla-release@8b89261f3ac4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1217985
milestone44.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1217985 - Don't depend on Windows crypto DLLs If not building the Windows Maintenance Service, avoid a dependency on crypt32.dll and wintrust.dll. Also, avoid setting sUsingService inside the updater code; this ensures that all Maintenance Service related codepaths are skipped.
toolkit/mozapps/update/common/moz.build
toolkit/mozapps/update/common/sources.mozbuild
toolkit/mozapps/update/updater/updater.cpp
--- a/toolkit/mozapps/update/common/moz.build
+++ b/toolkit/mozapps/update/common/moz.build
@@ -7,23 +7,26 @@
 EXPORTS += [
     'readstrings.h',
     'updatedefines.h',
     'updatelogging.h',
 ]
 
 if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':
     EXPORTS += [
-        'certificatecheck.h',
         'pathhash.h',
-        'registrycertificates.h',
         'uachelper.h',
         'updatehelper.cpp',
         'updatehelper.h',
     ]
+    if CONFIG['MOZ_MAINTENANCE_SERVICE']:
+        EXPORTS += [
+            'certificatecheck.h',
+            'registrycertificates.h',
+        ]
 
 Library('updatecommon')
 
 DEFINES['NS_NO_XPCOM'] = True
 
 srcdir = '.'
 
 include('sources.mozbuild')
--- a/toolkit/mozapps/update/common/sources.mozbuild
+++ b/toolkit/mozapps/update/common/sources.mozbuild
@@ -1,25 +1,28 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 sources = []
 
 if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':
     sources += [
-        'certificatecheck.cpp',
         'pathhash.cpp',
-        'registrycertificates.cpp',
         'uachelper.cpp',
         'updatehelper.cpp',
     ]
-    OS_LIBS += [
-        'crypt32',
-        'wintrust',
-    ]
+    if CONFIG['MOZ_MAINTENANCE_SERVICE']:
+        sources += [
+            'certificatecheck.cpp',
+            'registrycertificates.cpp',
+        ]
+        OS_LIBS += [
+            'crypt32',
+            'wintrust',
+        ]
 
 sources += [
     'readstrings.cpp',
     'updatelogging.cpp',
 ]
 
 SOURCES += sorted(['%s/%s' % (srcdir, s) for s in sources])
--- a/toolkit/mozapps/update/updater/updater.cpp
+++ b/toolkit/mozapps/update/updater/updater.cpp
@@ -122,17 +122,19 @@ static bool sUseHardLinks = true;
 
 #if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && \
     !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK)
 #include "nss.h"
 #include "prerror.h"
 #endif
 
 #ifdef XP_WIN
+#ifdef MOZ_MAINTENANCE_SERVICE
 #include "registrycertificates.h"
+#endif
 BOOL PathAppendSafe(LPWSTR base, LPCWSTR extra);
 BOOL PathGetSiblingFilePath(LPWSTR destinationBuffer,
                             LPCWSTR siblingFilePath,
                             LPCWSTR newFileName);
 #include "updatehelper.h"
 
 // Closes the handle if valid and if the updater is elevated returns with the
 // return code specified. This prevents multiple launches of the callback
@@ -1871,17 +1873,17 @@ LaunchWinPostProcess(const WCHAR *instal
   }
 
   WCHAR exefullpath[MAX_PATH + 1] = { L'\0' };
   wcsncpy(exefullpath, installationDir, MAX_PATH);
   if (!PathAppendSafe(exefullpath, exefile)) {
     return false;
   }
 
-#if !defined(TEST_UPDATER)
+#if !defined(TEST_UPDATER) && defined(MOZ_MAINTENANCE_SERVICE)
   if (sUsingService &&
       !DoesBinaryMatchAllowedCertificates(installationDir, exefullpath)) {
     return false;
   }
 #endif
 
   WCHAR dlogFile[MAX_PATH + 1];
   if (!PathGetSiblingFilePath(dlogFile, exefullpath, L"uninstall.update")) {
@@ -2747,18 +2749,20 @@ int NS_main(int argc, NS_tchar **argv)
   }
 
   // The callback is the remaining arguments starting at callbackIndex.
   // The argument specified by callbackIndex is the callback executable and the
   // argument prior to callbackIndex is the working directory.
   const int callbackIndex = 6;
 
 #if defined(XP_WIN)
+#ifdef MOZ_MAINTENANCE_SERVICE
   sUsingService = EnvHasValue("MOZ_USING_SERVICE");
   putenv(const_cast<char*>("MOZ_USING_SERVICE="));
+#endif
   // lastFallbackError keeps track of the last error for the service not being
   // used, in case of an error when fallback is not enabled we write the
   // error to the update.status file.
   // When fallback is disabled (MOZ_NO_SERVICE_FALLBACK does not exist) then
   // we will instead fallback to not using the service and display a UAC prompt.
   int lastFallbackError = FALLBACKKEY_UNKNOWN_ERROR;
 
   // Launch a second instance of the updater with the runas verb on Windows