reverted my TLS 1.3 changes and import changes from tenfourfox:

- #334, closes #489: enable TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for amtrak.com (14d8add7c) (#334 part only) - #590: TLS 1.3 support (consolidated) with locale workaround (fae264c81)
2026-05-26 06:25:03 +00:00 · 2020-02-28 13:30:16 +08:00
parent e3bc38bb5c
commit 13552d57d1
10 changed files with 52 additions and 27 deletions
@@ -529,7 +529,7 @@ var NetworkHelper = {
   *          If state == broken:
   *            - errorMessage: full error message from nsITransportSecurityInfo.
   *          If state == secure:
-   *            - protocolVersion: one of TLSv1, TLSv1.1, TLSv1.2.
+   *            - protocolVersion: one of TLSv1, TLSv1.1, TLSv1.2, TLSv1.3.
   *            - cipherSuite: the cipher suite used in this connection.
   *            - cert: information about certificate used in this connection.
   *                    See parseCertificateInfo for the contents.
@@ -691,6 +691,7 @@ static const uint32_t EnabledCiphers[] = {
 static const uint32_t DisabledCiphers[] = {
  // ALL SHA384 ciphers are disabled per bug 1310061.
  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+  TLS_RSA_WITH_AES_256_GCM_SHA384,

  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
@@ -711,7 +712,6 @@ static const uint32_t DisabledCiphers[] = {
  TLS_ECDH_RSA_WITH_RC4_128_SHA,

  TLS_RSA_WITH_AES_128_GCM_SHA256,
-  TLS_RSA_WITH_AES_256_GCM_SHA384,
  TLS_RSA_WITH_AES_128_CBC_SHA,
  TLS_RSA_WITH_AES_128_CBC_SHA256,
  TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
@@ -7,7 +7,7 @@ pref("security.tls.version.max", 4);
 pref("security.tls.version.fallback-limit", 3);
 pref("security.tls.insecure_fallback_hosts", "");
 pref("security.tls.unrestricted_rc4_fallback", false);
-pref("security.tls.enable_0rtt_data", false);
+pref("security.tls.enable_0rtt_data", true);

 pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
 pref("security.ssl.require_safe_negotiation",  false);
@@ -99,18 +99,22 @@ nsHttpConnection::~nsHttpConnection()
    if (!mEverUsedSpdy) {
        LOG(("nsHttpConnection %p performed %d HTTP/1.x transactions\n",
             this, mHttp1xTransactionCount));
+/*
        Telemetry::Accumulate(Telemetry::HTTP_REQUEST_PER_CONN,
                              mHttp1xTransactionCount);
+*/
    }

    if (mTotalBytesRead) {
        uint32_t totalKBRead = static_cast<uint32_t>(mTotalBytesRead >> 10);
        LOG(("nsHttpConnection %p read %dkb on connection spdy=%d\n",
             this, totalKBRead, mEverUsedSpdy));
+/*
        Telemetry::Accumulate(mEverUsedSpdy ?
                              Telemetry::SPDY_KBREAD_PER_CONN :
                              Telemetry::HTTP_KBREAD_PER_CONN,
                              totalKBRead);
+*/
    }
    if (mForceSendTimer) {
        mForceSendTimer->Cancel();
@@ -414,7 +418,7 @@ nsHttpConnection::EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue,
          mContentBytesWritten = mContentBytesWritten0RTT;
        }

-        Telemetry::Accumulate(Telemetry::SPDY_NPN_CONNECT, UsingSpdy());
+        //Telemetry::Accumulate(Telemetry::SPDY_NPN_CONNECT, UsingSpdy());
    }

 npnComplete:
@@ -66,13 +66,7 @@ function startServer(cert, expectingPeerCert, clientCertificateConfig) {

      equal(status.tlsVersionUsed, Ci.nsITLSClientStatus.TLS_VERSION_1_2,
            "Using TLS 1.2");
-      let expectedCipher;
-      if (expectedVersion >= 772) {
-        expectedCipher = "TLS_AES_128_GCM_SHA256";
-      } else {
-        expectedCipher = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
-      }
-      equal(status.cipherName, expectedCipher,
+      equal(status.cipherName, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
            "Using expected cipher");
      equal(status.keyLength, 128, "Using 128-bit key");
      equal(status.macLength, 128, "Using 128-bit MAC");
@@ -30,8 +30,10 @@ using namespace mozilla::psm;

 extern PRLogModuleInfo* gPIPNSSLog;

+#if (0) // TenFourFox issue 334
 static void AccumulateCipherSuite(Telemetry::ID probe,
                                  const SSLChannelInfo& channelInfo);
+#endif

 namespace {

@@ -1030,6 +1032,8 @@ CanFalseStartCallback(PRFileDesc* fd, void* client_data, PRBool *canFalseStart)
  return SECSuccess;
 }

+#if(0) // TenFourFox issue 334
+#error this no longer has correct constants and should not be reenabled
 static void
 AccumulateNonECCKeySize(Telemetry::ID probe, uint32_t bits)
 {
@@ -1121,6 +1125,7 @@ AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo)
  MOZ_ASSERT(value != 0);
  Telemetry::Accumulate(probe, value);
 }
+#endif

 void HandshakeCallback(PRFileDesc* fd, void* client_data) {
  nsNSSShutDownPreventionLock locker;
@@ -1153,6 +1158,7 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
  rv = SSL_GetChannelInfo(fd, &channelInfo, sizeof(channelInfo));
  MOZ_ASSERT(rv == SECSuccess);
  if (rv == SECSuccess) {
+#if(0) // TenFourFox issue 334
    // Get the protocol version for telemetry
    // 0=ssl3, 1=tls1, 2=tls1.1, 3=tls1.2, 4=tls1.3
    unsigned int versionEnum = channelInfo.protocolVersion & 0xFF;
@@ -1162,6 +1168,7 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
      infoObject->IsFullHandshake() ? Telemetry::SSL_CIPHER_SUITE_FULL
                                    : Telemetry::SSL_CIPHER_SUITE_RESUMED,
      channelInfo);
+#endif

    SSLCipherSuiteInfo cipherInfo;
    rv = SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
@@ -1170,17 +1177,20 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
    if (rv == SECSuccess) {
      usesWeakCipher = cipherInfo.symCipher == ssl_calg_rc4;

+#if(0)
      // keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4
      Telemetry::Accumulate(
        infoObject->IsFullHandshake()
          ? Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_FULL
          : Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_RESUMED,
        channelInfo.keaType);
+#endif

      DebugOnly<int16_t> KEAUsed;
      MOZ_ASSERT(NS_SUCCEEDED(infoObject->GetKEAUsed(&KEAUsed)) &&
                 (KEAUsed == channelInfo.keaType));

+#if(0)
      if (infoObject->IsFullHandshake()) {
        switch (channelInfo.keaType) {
          case ssl_kea_rsa:
@@ -1231,6 +1241,7 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
            ? Telemetry::SSL_SYMMETRIC_CIPHER_FULL
            : Telemetry::SSL_SYMMETRIC_CIPHER_RESUMED,
          cipherInfo.symCipher);
+#endif
    }
  }

@@ -644,6 +644,13 @@ static const CipherPref sCipherPrefs[] = {
 { "security.ssl3.dhe_rsa_aes_256_sha",
   TLS_DHE_RSA_WITH_AES_256_CBC_SHA, true },

+ { "security.tls13.aes_128_gcm_sha256",
+   TLS_AES_128_GCM_SHA256, true },
+ { "security.tls13.chacha20_poly1305_sha256",
+   TLS_CHACHA20_POLY1305_SHA256, true },
+ { "security.tls13.aes_256_gcm_sha384",
+   TLS_AES_256_GCM_SHA384, true },
+
 { "security.ssl3.ecdhe_rsa_rc4_128_sha",
   TLS_ECDHE_RSA_WITH_RC4_128_SHA, true, true }, // deprecated (RC4)
 { "security.ssl3.ecdhe_ecdsa_rc4_128_sha",
@@ -661,13 +668,6 @@ static const CipherPref sCipherPrefs[] = {
 { "security.ssl3.rsa_rc4_128_md5",
   TLS_RSA_WITH_RC4_128_MD5, true, true }, // deprecated (RSA key exchange, RC4, HMAC-MD5)

- { "security.tls13.aes_128_gcm_sha256",
-   TLS_AES_128_GCM_SHA256, true },
- { "security.tls13.chacha20_poly1305_sha256",
-   TLS_CHACHA20_POLY1305_SHA256, true },
- { "security.tls13.aes_256_gcm_sha384",
-   TLS_AES_256_GCM_SHA384, true },
-
 // All the rest are disabled by default

 { nullptr, 0 } // end marker
@@ -1097,7 +1097,6 @@ nsNSSComponent::InitializeNSS()
  SSL_OptionSetDefault(SSL_ENABLE_ALPN,
                       Preferences::GetBool("security.ssl.enable_alpn",
                                            ALPN_ENABLED_DEFAULT));
-
  SSL_OptionSetDefault(SSL_ENABLE_0RTT_DATA,
                       Preferences::GetBool("security.tls.enable_0rtt_data",
                                            ENABLED_0RTT_DATA_DEFAULT));
@@ -1069,6 +1069,7 @@ class SSLErrorRunnable : public SyncRunnableBase

 namespace {

+#if(0)
 uint32_t tlsIntoleranceTelemetryBucket(PRErrorCode err)
 {
  // returns a numeric code for where we track various errors in telemetry
@@ -1091,6 +1092,7 @@ uint32_t tlsIntoleranceTelemetryBucket(PRErrorCode err)
    default: return 0;
  }
 }
+#endif

 bool
 retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo)
@@ -1166,12 +1168,13 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo)
    return false;
  }

+#if(0)
+#error doesn't support TLS 1.3
  uint32_t reason = tlsIntoleranceTelemetryBucket(err);
  if (reason == 0) {
    return false;
  }

-#if(0)
  Telemetry::ID pre;
  Telemetry::ID post;
  switch (range.max) {
@@ -8083,37 +8083,37 @@
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.2 intolerance, before considering historical info"
+    "description": "detected symptom of TLS 1.2 intolerance, before considering historical info"
  },
  "SSL_TLS12_INTOLERANCE_REASON_POST": {
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.2 intolerance, after considering historical info"
+    "description": "detected symptom of TLS 1.2 intolerance, after considering historical info"
  },
  "SSL_TLS11_INTOLERANCE_REASON_PRE": {
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.1 intolerance, before considering historical info"
+    "description": "detected symptom of TLS 1.1 intolerance, before considering historical info"
  },
  "SSL_TLS11_INTOLERANCE_REASON_POST": {
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.1 intolerance, after considering historical info"
+    "description": "detected symptom of TLS 1.1 intolerance, after considering historical info"
  },
  "SSL_TLS10_INTOLERANCE_REASON_PRE": {
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.0 intolerance, before considering historical info"
+    "description": "detected symptom of TLS 1.0 intolerance, before considering historical info"
  },
  "SSL_TLS10_INTOLERANCE_REASON_POST": {
    "expires_in_version": "never",
    "kind": "enumerated",
    "n_values": 64,
-    "description": "Detected symptom of TLS 1.0 intolerance, after considering historical info"
+    "description": "detected symptom of TLS 1.0 intolerance, after considering historical info"
  },
  "SSL_VERSION_FALLBACK_INAPPROPRIATE": {
    "expires_in_version": "never",
@@ -8121,6 +8121,12 @@
    "n_values": 64,
    "description": "TLS/SSL version intolerance was falsely detected, server rejected handshake"
  },
+  "SSL_FALLBACK_LIMIT_REACHED": {
+    "expires_in_version": "default",
+    "kind": "enumerated",
+    "n_values": 16,
+    "description": "TLS/SSL version fallback reached the minimum version (1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2) or the fallback limit (4=TLS 1.0, 8=TLS 1.1, 12=TLS 1.2), stopped the fallback"
+  },
  "SSL_WEAK_CIPHERS_FALLBACK": {
    "expires_in_version": "never",
    "kind": "enumerated",
@@ -1090,7 +1090,15 @@ NS_IMETHODIMP nsDocLoader::OnStatus(nsIRequest* aRequest, nsISupports* ctxt,
    if (!sbs)
      return NS_ERROR_FAILURE;
    nsXPIDLString msg;
-    nsresult rv = sbs->FormatStatusMessage(aStatus, aStatusArg,
+    /* TenFourFox issue 590. Map NS_NET_STATUS_TLS_HANDSHAKE_STARTING and
+       NS_NET_STATUS_TLS_HANDSHAKE_ENDED to NS_NET_STATUS_CONNECTED_TO so
+       that we don't instantly invalidate all our locales. See also
+       netwerk/locales/en-US/necko.properties XXX */
+    nsresult rv = sbs->FormatStatusMessage(
+    (aStatus == NS_NET_STATUS_TLS_HANDSHAKE_STARTING ||
+     aStatus == NS_NET_STATUS_TLS_HANDSHAKE_ENDED) ?
+     NS_NET_STATUS_CONNECTED_TO : aStatus,
+                                           aStatusArg,
                                           getter_Copies(msg));
    if (NS_FAILED(rv))
      return rv;