wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 952863, Part 2: Remove dead code for non-ECDHE TLS False Start, r=keeler

Browse Source 
--HG--
extra : rebase_source : 47ee95682f769b8e10aaf55b0f4fccfef1fcdea0
This commit is contained in:
Brian Smith 2014-12-10 10:13:18 -08:00
parent 6160da11d7
commit ab604352ec
5 changed files with 3 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
netwerk/base/public/security-prefs.js
View File

@ -14,7 +14,6 @@ pref("security.ssl.warn_missing_rfc5746", 1);
pref("security.ssl.enable_ocsp_stapling", true);
pref("security.ssl.enable_false_start", true);
pref("security.ssl.false_start.require-npn", false);
pref("security.ssl.false_start.require-forward-secrecy", true);
pref("security.ssl.enable_npn", true);
pref("security.ssl.enable_alpn", true);

11
netwerk/protocol/http/nsHttpConnection.cpp
View File

@ -654,17 +654,6 @@ nsHttpConnection::InitSSLParams(bool connectingToProxy, bool proxyStartSSL)
mNPNComplete = false;
}
// transaction caps apply only to origin. we don't track
// proxy history.
if (!connectingToProxy &&
(mTransactionCaps & NS_HTTP_ALLOW_RSA_FALSESTART)) {
LOG(("nsHttpConnection::InitSSLParams %p "
">= RSA Key Exchange Expected\n", this));
ssl->SetKEAExpected(ssl_kea_rsa);
} else {
ssl->SetKEAExpected(nsISSLSocketControl::KEY_EXCHANGE_UNKNOWN);
}
return NS_OK;
}

8
netwerk/socket/nsISSLSocketControl.idl
View File

@ -15,7 +15,7 @@ class nsCString;
%}
[ref] native nsCStringTArrayRef(nsTArray<nsCString>);
[scriptable, builtinclass, uuid(f160ec31-01f3-47f2-b542-0e12a647b07f)]
[scriptable, builtinclass, uuid(c6acb521-df47-49aa-b9e8-51c4e984968a)]
interface nsISSLSocketControl : nsISupports {
attribute nsIInterfaceRequestor notificationCallbacks;
@ -59,10 +59,9 @@ interface nsISSLSocketControl : nsISupports {
boolean isAcceptableForHost(in ACString hostname);
/* The Key Exchange Algorithm is used when determining whether or
not to do false start and whether or not HTTP/2 can be used.
not HTTP/2 can be used.
After a handshake is complete it can be read from KEAUsed,
before a handshake is started it may be set through KEAExpected.
After a handshake is complete it can be read from KEAUsed.
The values correspond to the SSLKEAType enum in NSS or the
KEY_EXCHANGE_UNKNOWN constant defined below.
@ -70,7 +69,6 @@ interface nsISSLSocketControl : nsISupports {
*/
[infallible] readonly attribute short KEAUsed;
[infallible] attribute short KEAExpected;
[infallible] readonly attribute unsigned long KEAKeyBits;
const short KEY_EXCHANGE_UNKNOWN = -1;

51
security/manager/ssl/src/nsNSSIOLayer.cpp
View File

@ -79,30 +79,6 @@ getSiteKey(const nsACString& hostName, uint16_t port,
// SSM_UserCertChoice: enum for cert choice info
typedef enum {ASK, AUTO} SSM_UserCertChoice;
// Forward secrecy provides us with a proof of posession of the private key
// from the server. Without of proof of posession of the private key of the
// server, any MitM can force us to false start in a connection that the real
// server never participates in, since with RSA key exchange a MitM can
// complete the server's first round of the handshake without knowing the
// server's public key This would be used, for example, to greatly accelerate
// the attacks on RC4 or other attacks that allow a MitM to decrypt encrypted
// data without having the server's private key. Without false start, such
// attacks are naturally rate limited by network latency and may also be rate
// limited explicitly by the server's DoS or other security mechanisms.
// Further, because the server that has the private key must participate in the
// handshake, the server could detect these kinds of attacks if they they are
// repeated rapidly and/or frequently, by noticing lots of invalid or
// incomplete handshakes.
//
// With this in mind, when we choose not to require forward secrecy (when the
// pref's value is false), then we will still only false start for RSA key
// exchange only if the most recent handshake we've previously done used RSA
// key exchange. This way, we prevent any (EC)DHE-to-RSA downgrade attacks for
// servers that consistently choose (EC)DHE key exchange. In order to prevent
// downgrade from ECDHE_*_GCM cipher suites, we need to also consider downgrade
// from TLS 1.2 to earlier versions (bug 861310).
static const bool FALSE_START_REQUIRE_FORWARD_SECRECY_DEFAULT = true;
// Historically, we have required that the server negotiate ALPN or NPN in
// order to false start, as a compatibility hack to work around
// implementations that just stop responding during false start. However, now
@ -134,7 +110,6 @@ nsNSSSocketInfo::nsNSSSocketInfo(SharedSSLState& aState, uint32_t providerFlags)
mNotedTimeUntilReady(false),
mFailedVerification(false),
mKEAUsed(nsISSLSocketControl::KEY_EXCHANGE_UNKNOWN),
mKEAExpected(nsISSLSocketControl::KEY_EXCHANGE_UNKNOWN),
mKEAKeyBits(0),
mSSLVersionUsed(nsISSLSocketControl::SSL_VERSION_UNKNOWN),
mMACAlgorithmUsed(nsISSLSocketControl::SSL_MAC_UNKNOWN),
@ -170,20 +145,6 @@ nsNSSSocketInfo::GetKEAUsed(int16_t* aKea)
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetKEAExpected(int16_t* aKea)
{
*aKea = mKEAExpected;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::SetKEAExpected(int16_t aKea)
{
mKEAExpected = aKea;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetKEAKeyBits(uint32_t* aKeyBits)
{
@ -1484,7 +1445,6 @@ nsSSLIOLayerHelpers::nsSSLIOLayerHelpers()
, mWarnLevelMissingRFC5746(1)
, mTLSIntoleranceInfo()
, mFalseStartRequireNPN(true)
, mFalseStartRequireForwardSecrecy(false)
, mVersionFallbackLimit(SSL_LIBRARY_VERSION_TLS_1_0)
, mutex("nsSSLIOLayerHelpers.mutex")
{
@ -1708,10 +1668,6 @@ PrefObserver::Observe(nsISupports* aSubject, const char* aTopic,
mOwner->mFalseStartRequireNPN =
Preferences::GetBool("security.ssl.false_start.require-npn",
FALSE_START_REQUIRE_NPN_DEFAULT);
} else if (prefName.EqualsLiteral("security.ssl.false_start.require-forward-secrecy")) {
mOwner->mFalseStartRequireForwardSecrecy =
Preferences::GetBool("security.ssl.false_start.require-forward-secrecy",
FALSE_START_REQUIRE_FORWARD_SECRECY_DEFAULT);
} else if (prefName.EqualsLiteral("security.tls.version.fallback-limit")) {
mOwner->loadVersionFallbackLimit();
}
@ -1750,8 +1706,6 @@ nsSSLIOLayerHelpers::~nsSSLIOLayerHelpers()
"security.ssl.warn_missing_rfc5746");
Preferences::RemoveObserver(mPrefObserver,
"security.ssl.false_start.require-npn");
Preferences::RemoveObserver(mPrefObserver,
"security.ssl.false_start.require-forward-secrecy");
}
}
@ -1819,9 +1773,6 @@ nsSSLIOLayerHelpers::Init()
mFalseStartRequireNPN =
Preferences::GetBool("security.ssl.false_start.require-npn",
FALSE_START_REQUIRE_NPN_DEFAULT);
mFalseStartRequireForwardSecrecy =
Preferences::GetBool("security.ssl.false_start.require-forward-secrecy",
FALSE_START_REQUIRE_FORWARD_SECRECY_DEFAULT);
loadVersionFallbackLimit();
mPrefObserver = new PrefObserver(this);
@ -1833,8 +1784,6 @@ nsSSLIOLayerHelpers::Init()
"security.ssl.warn_missing_rfc5746");
Preferences::AddStrongObserver(mPrefObserver,
"security.ssl.false_start.require-npn");
Preferences::AddStrongObserver(mPrefObserver,
"security.ssl.false_start.require-forward-secrecy");
Preferences::AddStrongObserver(mPrefObserver,
"security.tls.version.fallback-limit");
return NS_OK;

8
security/manager/ssl/src/nsNSSIOLayer.h
View File

@ -96,13 +96,6 @@ public:
void SetPreliminaryHandshakeDone() { mPreliminaryHandshakeDone = true; }
void SetKEAUsed(uint16_t kea) { mKEAUsed = kea; }
inline int16_t GetKEAExpected() // infallible in nsISSLSocketControl
{
int16_t result;
mozilla::DebugOnly<nsresult> rv = GetKEAExpected(&result);
MOZ_ASSERT(NS_SUCCEEDED(rv));
return result;
}
void SetKEAKeyBits(uint32_t keaBits) { mKEAKeyBits = keaBits; }
@ -160,7 +153,6 @@ private:
// mKEA* are used in false start and http/2 detetermination
// Values are from nsISSLSocketControl
int16_t mKEAUsed;
int16_t mKEAExpected;
uint32_t mKEAKeyBits;
int16_t mSSLVersionUsed;
int16_t mMACAlgorithmUsed;