Backed out 3 changesets (bug 1151266, bug 920750, bug 1138284) for Windows updater XPCshell test failures

Backed out changeset 816465912339 (bug 920750)
Backed out changeset 8cd18e65ef94 (bug 1138284)
Backed out changeset 8f9d45fcae6b (bug 1151266)

browser/app/profile/firefox.js

@@ -102,10 +102,10 @@ pref("app.update.log", false);
 pref("app.update.backgroundMaxErrors", 10);
 
 // The aus update xml certificate checks for application update are disabled on
-// Windows and Mac OS X since the mar signature check are implemented on these
-// platforms and is sufficient to prevent us from applying a mar that is not
+// Windows since the mar signature check which is currently only implemented on
+// Windows is sufficient for preventing us from applying a mar that is not
 // valid.
-#if defined(XP_WIN) || defined(XP_MACOSX)
+#ifdef XP_WIN
 pref("app.update.cert.requireBuiltIn", false);
 pref("app.update.cert.checkAttributes", false);
 #else

modules/libmar/src/mar_read.c

@@ -437,7 +437,7 @@ mar_read_product_info_block(MarFile *mar,
         return -1;
       }
 
-      if (fread(buf, additionalBlockSize, 1, mar->fp) != 1) {
+    if (fread(buf, additionalBlockSize, 1, mar->fp) != 1) {
         return -1;
       }
 

toolkit/components/maintenanceservice/registrycertificates.cpp

@@ -11,7 +11,6 @@
 #include "nsWindowsHelpers.h"
 #include "servicebase.h"
 #include "updatehelper.h"
-#include "errors.h"
 #define MAX_KEY_LENGTH 255
 
 /**
@@ -33,7 +32,7 @@ DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath,
   WCHAR maintenanceServiceKey[MAX_PATH + 1];
   if (!CalculateRegistryPathFromFilePath(basePathForUpdate, 
                                          maintenanceServiceKey)) {
-    return SERVICE_UPDATER_SIGN_CALC_PATH;
+    return FALSE;
   }
 
   // We use KEY_WOW64_64KEY to always force 64-bit view.
@@ -56,7 +55,7 @@ DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath,
                             KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
     if (retCode != ERROR_SUCCESS) {
       LOG_WARN(("Could not open fallback key.  (%d)", retCode));
-      return SERVICE_UPDATER_SIGN_REG_OPEN;
+      return FALSE;
     } else if (allowFallbackKeySkip) {
       LOG_WARN(("Fallback key present, skipping VerifyCertificateTrustForFile "
                 "check and the certificate attribute registry matching "
@@ -73,7 +72,7 @@ DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath,
                              nullptr, nullptr);
   if (retCode != ERROR_SUCCESS) {
     LOG_WARN(("Could not query info key.  (%d)", retCode));
-    return SERVICE_UPDATER_SIGN_REG_QUERY;
+    return FALSE;
   }
 
   // Enumerate the subkeys, each subkey represents an allowed certificate.
@@ -85,7 +84,7 @@ DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath,
                             nullptr, nullptr, nullptr); 
     if (retCode != ERROR_SUCCESS) {
       LOG_WARN(("Could not enum certs.  (%d)", retCode));
-      return SERVICE_UPDATER_SIGN_REG_ENUM;
+      return FALSE;
     }
 
     // Open the subkey for the current certificate
@@ -141,9 +140,9 @@ DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath,
     }
 
     // Raise the roof, we found a match!
-    return OK;
+    return TRUE; 
   }
   
   // No certificates match, :'(
-  return SERVICE_UPDATER_SIGN_ERROR;
+  return FALSE;
 }

toolkit/components/maintenanceservice/registrycertificates.h

@@ -7,8 +7,8 @@
 
 #include "certificatecheck.h"
 
-int DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate,
-                                       LPCWSTR filePath,
-                                       BOOL allowFallbackKeySkip = TRUE);
+BOOL DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate,
+                                        LPCWSTR filePath,
+                                        BOOL allowFallbackKeySkip = TRUE);
 
 #endif

toolkit/components/maintenanceservice/workmonitor.cpp

@@ -471,13 +471,14 @@ ProcessSoftwareUpdateCommand(DWORD argc, LPWSTR *argv)
   }
 
   // Check for updater.exe sign problems
-  int rv = OK;
+  BOOL updaterSignProblem = FALSE;
 #ifndef DISABLE_UPDATER_AUTHENTICODE_CHECK
-  rv = DoesBinaryMatchAllowedCertificates(installDir, argv[0]);
+  updaterSignProblem = !DoesBinaryMatchAllowedCertificates(installDir,
+                                                           argv[0]);
 #endif
 
   // Only proceed with the update if we have no signing problems
-  if (rv == OK) {
+  if (!updaterSignProblem) {
     BOOL updateProcessWasStarted = FALSE;
     if (StartUpdateProcess(argc, argv, installDir,
                            updateProcessWasStarted)) {
@@ -516,8 +517,9 @@ ProcessSoftwareUpdateCommand(DWORD argc, LPWSTR *argv)
 
     // When there is a certificate check error on the updater.exe application,
     // we want to write out the error.
-    if (!WriteStatusFailure(argv[1], rv)) {
-      LOG_WARN(("Could not write failed state to update.status.  (%d)",
+    if (!WriteStatusFailure(argv[1],
+                            SERVICE_UPDATER_SIGN_ERROR)) {
+      LOG_WARN(("Could not write pending state to update.status.  (%d)",
                 GetLastError()));
     }
   }

toolkit/mozapps/update/common/errors.h

@@ -71,10 +71,6 @@
 #define SERVICE_COULD_NOT_COPY_UPDATER 49
 #define SERVICE_STILL_APPLYING_TERMINATED 50
 #define SERVICE_STILL_APPLYING_NO_EXIT_CODE 51
-#define SERVICE_UPDATER_SIGN_CALC_PATH 52
-#define SERVICE_UPDATER_SIGN_REG_OPEN 53
-#define SERVICE_UPDATER_SIGN_REG_QUERY 54
-#define SERVICE_UPDATER_SIGN_REG_ENUM 55
 
 #define WRITE_ERROR_FILE_COPY 61
 #define WRITE_ERROR_DELETE_FILE 62

toolkit/mozapps/update/nsUpdateService.js

@@ -117,10 +117,6 @@ const FILESYSTEM_MOUNT_READWRITE_ERROR     = 43;
 const SERVICE_COULD_NOT_COPY_UPDATER       = 49;
 const SERVICE_STILL_APPLYING_TERMINATED    = 50;
 const SERVICE_STILL_APPLYING_NO_EXIT_CODE  = 51;
-const SERVICE_UPDATER_SIGN_CALC_PATH       = 52;
-const SERVICE_UPDATER_SIGN_REG_OPEN        = 53;
-const SERVICE_UPDATER_SIGN_REG_QUERY       = 54;
-const SERVICE_UPDATER_SIGN_REG_ENUM        = 55;
 const WRITE_ERROR_FILE_COPY                = 61;
 const WRITE_ERROR_DELETE_FILE              = 62;
 const WRITE_ERROR_OPEN_PATCH_FILE          = 63;
@@ -160,11 +156,7 @@ const SERVICE_ERRORS = [SERVICE_UPDATER_COULD_NOT_BE_STARTED,
                         SERVICE_INSTALLDIR_ERROR,
                         SERVICE_COULD_NOT_COPY_UPDATER,
                         SERVICE_STILL_APPLYING_TERMINATED,
-                        SERVICE_STILL_APPLYING_NO_EXIT_CODE,
-                        SERVICE_UPDATER_SIGN_CALC_PATH,
-                        SERVICE_UPDATER_SIGN_REG_OPEN,
-                        SERVICE_UPDATER_SIGN_REG_QUERY,
-                        SERVICE_UPDATER_SIGN_REG_ENUM];
+                        SERVICE_STILL_APPLYING_NO_EXIT_CODE];
 
 // Error codes 80 through 99 are reserved for nsUpdateService.js and are not
 // defined in common/errors.h

toolkit/mozapps/update/tests/data/xpcshellUtilsAUS.js

@@ -2,32 +2,6 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
-/**
- * Test log warnings that happen before the test has started
- * "Couldn't get the user appdata directory. Crash events may not be produced."
- * in nsExceptionHandler.cpp (possibly bug 619104)
- *
- * Test log warnings that happen after the test has finished
- * "OOPDeinit() without successful OOPInit()" in nsExceptionHandler.cpp
- * (bug 619104)
- * "XPCOM objects created/destroyed from static ctor/dtor" in nsTraceRefcnt.cpp
- * (possibly bug 457479)
- *
- * Other warnings printed to the test logs
- * "site security information will not be persisted" in
- * nsSiteSecurityService.cpp and the error in nsSystemInfo.cpp preceding this
- * error are due to not having a profile when running some of the xpcshell
- * tests. Since most xpcshell tests also log these errors these tests don't
- * call do_get_profile unless necessary for the test.
- * The "This method is lossy. Use GetCanonicalPath !" warning on Windows in
- * nsLocalFileWin.cpp is from the call to GetNSSProfilePath in
- * nsNSSComponent.cpp due to it using GetNativeCanonicalPath.
- * "!mMainThread" in nsThreadManager.cpp are due to using timers and it might be
- * possible to fix some or all of these in the test itself.
- * "NS_FAILED(rv)" in nsThreadUtils.cpp are due to using timers and it might be
- * possible to fix some or all of these in the test itself.
- */
-
 'use strict';
 
 const { classes: Cc, interfaces: Ci, manager: Cm, results: Cr,
@@ -808,17 +782,6 @@ function setupTestCommon() {
   // it is defined as a function.
   adjustGeneralPaths();
 
-  // This prevents a warning about not being able to find the greprefs.js file
-  // from being logged.
-  let grePrefsFile = getGREDir();
-  if (!grePrefsFile.exists()) {
-    grePrefsFile.create(Ci.nsIFile.DIRECTORY_TYPE, PERMS_DIRECTORY);
-  }
-  grePrefsFile.append("greprefs.js");
-  if (!grePrefsFile.exists()) {
-    grePrefsFile.create(Ci.nsILocalFile.NORMAL_FILE_TYPE, PERMS_FILE);
-  }
-
   // Remove the updates directory on Windows and Mac OS X which is located
   // outside of the application directory after the call to adjustGeneralPaths
   // has set it up. Since the test hasn't ran yet and the directory shouldn't
@@ -1618,8 +1581,8 @@ function shouldRunServiceTest(aFirstTest) {
     // in which case we should fail the test if the updater binary is signed so
     // the build system can be fixed by adding the registry key.
     if (IS_AUTHENTICODE_CHECK_ENABLED) {
-      Assert.ok(!isBinSigned, "the updater.exe binary should not be signed " +
-                "when the test registry key doesn't exist (if it is, build " +
+      Assert.ok(isBinSigned, "the updater.exe binary should not be signed " +
+                "when the test registry key doesn't exist (if not, build " +
                 "system configuration bug?)");
     }