- tbb-commits - lists.torproject.org

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1503354 - Disable background HTTP response throttling for causing visible regressions. r=dragana, a=pascalc
by gk＠torproject.org 04 Dec '18

04 Dec '18

commit 2789cecf98cd603f835711378d76ed06b4369609 Author: Honza Bambas <honzab.moz(a)firemni.cz> Date: Wed Oct 31 02:13:00 2018 -0400 Bug 1503354 - Disable background HTTP response throttling for causing visible regressions. r=dragana, a=pascalc --HG-- extra : source : 1ed273626bbd38cde17d7610ac5d7dad0aca91c1 extra : intermediate-source : c89f12000b079c50362ce52e661e3c5e24836a11 This backport fixes our bug 28608. --- modules/libpref/init/all.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index f5a2ec47593a..e358cfcfcb2d 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -2275,9 +2275,9 @@ pref("network.auth.non-web-content-triggered-resources-http-auth-allow", false); // in that case default credentials will always be used. pref("network.auth.private-browsing-sso", false); -// Control how throttling of http responses works - number of ms that each -// suspend and resume period lasts (prefs named appropriately) -pref("network.http.throttle.enable", true); +// This feature is occasionally causing visible regressions (download too slow for +// too long time, jitter in video/audio in background tabs...) +pref("network.http.throttle.enable", false); pref("network.http.throttle.version", 1); // V1 prefs

1 0

[tor-browser/tor-browser-60.3.0esr-8.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 04 Dec '18

04 Dec '18

commit 3c03aad30d2b2b0e92359f15a1a95cfb2354544e Author: Georg Koppen <gk(a)torproject.org> Date: Wed Nov 21 10:02:20 2018 +0000 fixup! TB4: Tor Browser's Firefox preference overrides. Bug 25794 deals with pointer events and associated fingerprinting risks. There are patches we can backport from Mozilla, but they are not small and we should give them some baking time. Thus, let's disable pointer events for now. --- browser/app/profile/000-tor-browser.js | 1 + 1 file changed, 1 insertion(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index bc7c4b05e3a1..07005f326580 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -150,6 +150,7 @@ pref("media.webspeech.synth.enabled", false); // Bug 10283: Disable SpeechSynthe pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API pref("dom.maxHardwareConcurrency", 1); // Bug 21675: Spoof single-core cpu pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +pref("dom.w3c_pointer_events.enabled", false); pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now // Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575) pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 04 Dec '18

04 Dec '18

commit c20210b1a017c4e94157c1acfbef18e878202ff4 Author: Georg Koppen <gk(a)torproject.org> Date: Wed Nov 21 10:02:20 2018 +0000 fixup! TB4: Tor Browser's Firefox preference overrides. Bug 25794 deals with pointer events and associated fingerprinting risks. There are patches we can backport from Mozilla, but they are not small and we should give them some baking time. Thus, let's disable pointer events for now. --- browser/app/profile/000-tor-browser.js | 1 + 1 file changed, 1 insertion(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 38f72579760a..8f74748f2072 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -150,6 +150,7 @@ pref("media.webspeech.synth.enabled", false); // Bug 10283: Disable SpeechSynthe pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API pref("dom.maxHardwareConcurrency", 1); // Bug 21675: Spoof single-core cpu pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +pref("dom.w3c_pointer_events.enabled", false); pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now // Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575) pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 27762: Remove workarounds that allowed torbutton extension to load
by gk＠torproject.org 04 Dec '18

04 Dec '18

commit 057daaf3fa81f46d4a3653115990b462fe7b2551 Author: Igor Oliveira <igt0(a)torproject.org> Date: Tue Dec 4 07:18:46 2018 -0200 Bug 27762: Remove workarounds that allowed torbutton extension to load Since torbutton became a system extension, those workarounds (implemented in #27220 and #27271+#27763) are not needed anymore. --- mobile/android/app/000-tor-browser-android.js | 5 ----- toolkit/mozapps/extensions/internal/XPIInstall.jsm | 5 ----- 2 files changed, 10 deletions(-) diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js index e7e337276acb..de51ec125406 100644 --- a/mobile/android/app/000-tor-browser-android.js +++ b/mobile/android/app/000-tor-browser-android.js @@ -54,10 +54,5 @@ pref("media.realtime_decoder.enabled", false); pref("general.useragent.updates.enabled", false); pref("general.useragent.updates.url", ""); -// Do not allow the user to install extensions from web -pref("xpinstall.enabled", false); -pref("extensions.enabledScopes", 1); -pref("extensions.autoDisableScopes", 1); - // Enable touch events on Android (highlighting text, etc) pref("dom.w3c_touch_events.enabled", 2); diff --git a/toolkit/mozapps/extensions/internal/XPIInstall.jsm b/toolkit/mozapps/extensions/internal/XPIInstall.jsm index 40b3b1d6434e..f97669951710 100644 --- a/toolkit/mozapps/extensions/internal/XPIInstall.jsm +++ b/toolkit/mozapps/extensions/internal/XPIInstall.jsm @@ -1029,11 +1029,6 @@ function getSignedStatus(aRv, aCert, aAddonID) { } function shouldVerifySignedState(aAddon) { - if (AppConstants.platform === "android" && - aAddon.id === "torbutton(a)torproject.org") { - return false; - } - // Updated system add-ons should always have their signature checked if (aAddon._installLocation.name == KEY_APP_SYSTEM_ADDONS) return true;

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1322748 add ability to get registered channelwrappers, r=kmag
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit c1774ae7fc74bef7956caca4fe1b8de1365f5d48 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Tue May 22 14:19:57 2018 -0400 Bug 1322748 add ability to get registered channelwrappers, r=kmag MozReview-Commit-ID: SphwWjzQuo --HG-- extra : rebase_source : 0b5193d7f4e9e7f27f9a7d622699b673781c3dd4 --- dom/chrome-webidl/ChannelWrapper.webidl | 8 ++++++++ .../extensions/webrequest/ChannelWrapper.cpp | 18 ++++++++++++++++++ .../components/extensions/webrequest/ChannelWrapper.h | 2 +- 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/dom/chrome-webidl/ChannelWrapper.webidl b/dom/chrome-webidl/ChannelWrapper.webidl index b8d921cea58d..2777aab65c8e 100644 --- a/dom/chrome-webidl/ChannelWrapper.webidl +++ b/dom/chrome-webidl/ChannelWrapper.webidl @@ -49,6 +49,14 @@ interface ChannelWrapper : EventTarget { static ChannelWrapper get(MozChannel channel); /** + * Returns the wrapper instance for the given channel. The same wrapper is + * always returned for a given channel. + */ + static ChannelWrapper getRegisteredChannel(unsigned long long aChannelId, + WebExtensionPolicy extension, + TabParent? tabParent); + + /** * A unique ID for for the requests which remains constant throughout the * redirect chain. */ diff --git a/toolkit/components/extensions/webrequest/ChannelWrapper.cpp b/toolkit/components/extensions/webrequest/ChannelWrapper.cpp index de4a7fee1a2a..52508f0f24ed 100644 --- a/toolkit/components/extensions/webrequest/ChannelWrapper.cpp +++ b/toolkit/components/extensions/webrequest/ChannelWrapper.cpp @@ -78,6 +78,24 @@ ChannelWrapper::Get(const GlobalObject& global, nsIChannel* channel) return wrapper.forget(); } +already_AddRefed<ChannelWrapper> +ChannelWrapper::GetRegisteredChannel(const GlobalObject& global, uint64_t aChannelId, const WebExtensionPolicy& aAddon, nsITabParent* aTabParent) +{ + nsIContentParent* contentParent = nullptr; + if (TabParent* parent = static_cast<TabParent*>(aTabParent)) { + contentParent = static_cast<nsIContentParent*>(parent->Manager()); + } + + auto& webreq = WebRequestService::GetSingleton(); + + nsCOMPtr<nsITraceableChannel> channel = webreq.GetTraceableChannel(aChannelId, aAddon.Id(), contentParent); + if (!channel) { + return nullptr; + } + nsCOMPtr<nsIChannel> chan(do_QueryInterface(channel)); + return ChannelWrapper::Get(global, chan); +} + void ChannelWrapper::SetChannel(nsIChannel* aChannel) { diff --git a/toolkit/components/extensions/webrequest/ChannelWrapper.h b/toolkit/components/extensions/webrequest/ChannelWrapper.h index 8ba238991070..750aed434f6a 100644 --- a/toolkit/components/extensions/webrequest/ChannelWrapper.h +++ b/toolkit/components/extensions/webrequest/ChannelWrapper.h @@ -121,7 +121,7 @@ public: NS_DECLARE_STATIC_IID_ACCESSOR(NS_CHANNELWRAPPER_IID) static already_AddRefed<extensions::ChannelWrapper> Get(const dom::GlobalObject& global, nsIChannel* channel); - + static already_AddRefed<extensions::ChannelWrapper> GetRegisteredChannel(const dom::GlobalObject& global, uint64_t aChannelId, const WebExtensionPolicy& aAddon, nsITabParent* aTabParent); uint64_t Id() const { return mId; }

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1474626 - fix timestamp test and values, r=rpl
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit b3d74f7db1cc0ddf54771e3e9e5de4b8549b0c88 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Wed Jul 11 14:54:03 2018 -0300 Bug 1474626 - fix timestamp test and values, r=rpl The test was incorrect and the timestamp should be milliseconds, not microseconds. MozReview-Commit-ID: 2d79r6PHH4Z --HG-- extra : rebase_source : edd97899f0646f2cae2fbf119206ec470a6b97a0 --- .../extensions/test/mochitest/test_ext_webrequest_hsts.html | 6 +++++- toolkit/modules/addons/SecurityInfo.jsm | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html index df8b541808f9..b8385ca08843 100644 --- a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html +++ b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html @@ -38,7 +38,11 @@ function getExtension() { browser.test.assertTrue(securityInfo.certificates.length == 1, "no certificate chain"); } let cert = securityInfo.certificates[0]; - browser.test.assertTrue(cert.validity.start < Date.now() < cert.validity.end, "cert validity is correct"); + let now = Date.now(); + browser.test.assertTrue(Number.isInteger(cert.validity.start), "cert start is integer"); + browser.test.assertTrue(Number.isInteger(cert.validity.end), "cert end is integer"); + browser.test.assertTrue(cert.validity.start < now, "cert start validity is correct"); + browser.test.assertTrue(now < cert.validity.end, "cert end validity is correct"); if (options.rawDER) { for (let cert of securityInfo.certificates) { browser.test.assertTrue(cert.rawDER.length > 0, "have rawDER"); diff --git a/toolkit/modules/addons/SecurityInfo.jsm b/toolkit/modules/addons/SecurityInfo.jsm index a931602b517a..de0084398aa6 100644 --- a/toolkit/modules/addons/SecurityInfo.jsm +++ b/toolkit/modules/addons/SecurityInfo.jsm @@ -214,8 +214,8 @@ const SecurityInfo = { subject: cert.subjectName, issuer: cert.issuerName, validity: { - start: cert.validity.notBefore, - end: cert.validity.notAfter, + start: cert.validity.notBefore ? Math.trunc(cert.validity.notBefore / 1000) : 0, + end: cert.validity.notAfter ? Math.trunc(cert.validity.notAfter / 1000) : 0, }, fingerprint: { sha1: cert.sha1Fingerprint,

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1471959 - leave keaGroupName and signatureSchemeName undefined if value is none, r=rpl
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit b81fe53f5fe1ecd749ca900ccfc1a00ae1fd9328 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Fri Jul 6 09:41:56 2018 -0300 Bug 1471959 - leave keaGroupName and signatureSchemeName undefined if value is none, r=rpl MozReview-Commit-ID: 2Ca7xCMOPAH --HG-- extra : rebase_source : 2fa9d6b80c9ead0d90927878ce10390791cbadd9 --- toolkit/components/extensions/schemas/web_request.json | 10 ++++++++++ toolkit/modules/addons/SecurityInfo.jsm | 8 ++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/toolkit/components/extensions/schemas/web_request.json b/toolkit/components/extensions/schemas/web_request.json index 508ca8b05f8f..6fe12f7b6ca5 100644 --- a/toolkit/components/extensions/schemas/web_request.json +++ b/toolkit/components/extensions/schemas/web_request.json @@ -269,6 +269,16 @@ "description": "The cipher suite used in this request if state is \"secure\".", "optional": true }, + "keaGroupName": { + "type": "string", + "description": "The key exchange algorithm used in this request if state is \"secure\".", + "optional": true + }, + "signatureSchemeName": { + "type": "string", + "description": "The signature scheme used in this request if state is \"secure\".", + "optional": true + }, "certificates": { "description": "Certificate data if state is \"secure\". Will only contain one entry unless <code>certificateChain</code> is passed as an option.", "type": "array", diff --git a/toolkit/modules/addons/SecurityInfo.jsm b/toolkit/modules/addons/SecurityInfo.jsm index 8c5cef18754d..a931602b517a 100644 --- a/toolkit/modules/addons/SecurityInfo.jsm +++ b/toolkit/modules/addons/SecurityInfo.jsm @@ -137,10 +137,14 @@ const SecurityInfo = { info.cipherSuite = SSLStatus.cipherName; // Key exchange group name. - info.keaGroupName = SSLStatus.keaGroupName; + if (SSLStatus.keaGroupName !== "none") { + info.keaGroupName = SSLStatus.keaGroupName; + } // Certificate signature scheme. - info.signatureSchemeName = SSLStatus.signatureSchemeName; + if (SSLStatus.signatureSchemeName !== "none") { + info.signatureSchemeName = SSLStatus.signatureSchemeName; + } info.isDomainMismatch = SSLStatus.isDomainMismatch; info.isExtendedValidation = SSLStatus.isExtendedValidation;

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1470516 - remove or fix localized values in securityInfo, r=rpl
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit 05cbc6e53b30707e32af750eb082a90f715cbf95 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Mon Jul 2 15:45:18 2018 -0300 Bug 1470516 - remove or fix localized values in securityInfo, r=rpl MozReview-Commit-ID: 3xURSfbPTmS --HG-- extra : rebase_source : aeb333a0c72120724a5a7d988f460e3c703b09c3 --- toolkit/components/extensions/schemas/web_request.json | 9 +++------ .../extensions/test/mochitest/test_ext_webrequest_hsts.html | 2 ++ toolkit/modules/addons/SecurityInfo.jsm | 5 ++--- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/toolkit/components/extensions/schemas/web_request.json b/toolkit/components/extensions/schemas/web_request.json index ed1840cabe2a..508ca8b05f8f 100644 --- a/toolkit/components/extensions/schemas/web_request.json +++ b/toolkit/components/extensions/schemas/web_request.json @@ -189,10 +189,10 @@ }, "validity": { "type": "object", - "description": "Contains start and end dates in GMT.", + "description": "Contains start and end timestamps.", "properties": { - "startGMT": { "type": "string" }, - "endGMT": { "type": "string" } + "start": { "type": "integer" }, + "end": { "type": "integer" } } }, "fingerprint": { @@ -214,9 +214,6 @@ "sha256": { "type": "string" } } }, - "keyUsages": { - "type": "string" - }, "rawDER": { "optional": true, "type": "array", diff --git a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html index 849527ea4a80..df8b541808f9 100644 --- a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html +++ b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html @@ -37,6 +37,8 @@ function getExtension() { } else { browser.test.assertTrue(securityInfo.certificates.length == 1, "no certificate chain"); } + let cert = securityInfo.certificates[0]; + browser.test.assertTrue(cert.validity.start < Date.now() < cert.validity.end, "cert validity is correct"); if (options.rawDER) { for (let cert of securityInfo.certificates) { browser.test.assertTrue(cert.rawDER.length > 0, "have rawDER"); diff --git a/toolkit/modules/addons/SecurityInfo.jsm b/toolkit/modules/addons/SecurityInfo.jsm index 4984f76dd463..8c5cef18754d 100644 --- a/toolkit/modules/addons/SecurityInfo.jsm +++ b/toolkit/modules/addons/SecurityInfo.jsm @@ -210,8 +210,8 @@ const SecurityInfo = { subject: cert.subjectName, issuer: cert.issuerName, validity: { - startGMT: cert.validity.notBeforeGMT, - endGMT: cert.validity.notAfterGMT, + start: cert.validity.notBefore, + end: cert.validity.notAfter, }, fingerprint: { sha1: cert.sha1Fingerprint, @@ -222,7 +222,6 @@ const SecurityInfo = { subjectPublicKeyInfoDigest: { sha256: cert.sha256SubjectPublicKeyInfoDigest, }, - keyUsages: cert.keyUsages, }; if (options.rawDER) { certData.rawDER = cert.getRawDER({});

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1322748 add securityInfo to webRequest listeners, r=keeler, rpl
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit 1935dcf38ca112f9fbc9fe42c2289d77e4f95932 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Wed May 23 14:36:19 2018 -0400 Bug 1322748 add securityInfo to webRequest listeners, r=keeler,rpl MozReview-Commit-ID: Hen1tl1RWTC --HG-- extra : rebase_source : e5dae021438ece0477d89e1d4e91eaaf2ebfd06e --- toolkit/components/extensions/ext-webRequest.js | 8 + .../components/extensions/schemas/web_request.json | 171 ++++++++++++ .../test/mochitest/test_ext_webrequest_hsts.html | 28 +- toolkit/modules/addons/SecurityInfo.jsm | 297 +++++++++++++++++++++ toolkit/modules/addons/WebRequest.jsm | 21 +- toolkit/modules/moz.build | 1 + 6 files changed, 516 insertions(+), 10 deletions(-) diff --git a/toolkit/components/extensions/ext-webRequest.js b/toolkit/components/extensions/ext-webRequest.js index f953be4a6e40..19306816adc3 100644 --- a/toolkit/components/extensions/ext-webRequest.js +++ b/toolkit/components/extensions/ext-webRequest.js @@ -102,6 +102,14 @@ this.webRequest = class extends ExtensionAPI { onResponseStarted: new WebRequestEventManager(context, "onResponseStarted").api(), onErrorOccurred: new WebRequestEventManager(context, "onErrorOccurred").api(), onCompleted: new WebRequestEventManager(context, "onCompleted").api(), + getSecurityInfo: function(requestId, options = {}) { + return WebRequest.getSecurityInfo({ + id: requestId, + extension: context.extension.policy, + tabParent: context.xulBrowser.frameLoader.tabParent, + options, + }); + }, handlerBehaviorChanged: function() { // TODO: Flush all caches. }, diff --git a/toolkit/components/extensions/schemas/web_request.json b/toolkit/components/extensions/schemas/web_request.json index 97badfc797b9..ed1840cabe2a 100644 --- a/toolkit/components/extensions/schemas/web_request.json +++ b/toolkit/components/extensions/schemas/web_request.json @@ -177,6 +177,148 @@ } }, { + "id": "CertificateInfo", + "type": "object", + "description": "Contains the certificate properties of the request if it is a secure request.", + "properties": { + "subject": { + "type": "string" + }, + "issuer": { + "type": "string" + }, + "validity": { + "type": "object", + "description": "Contains start and end dates in GMT.", + "properties": { + "startGMT": { "type": "string" }, + "endGMT": { "type": "string" } + } + }, + "fingerprint": { + "type": "object", + "properties": { + "sha1": { "type": "string" }, + "sha256": { "type": "string" } + } + }, + "serialNumber": { + "type": "string" + }, + "isBuiltInRoot": { + "type": "boolean" + }, + "subjectPublicKeyInfoDigest": { + "type": "object", + "properties": { + "sha256": { "type": "string" } + } + }, + "keyUsages": { + "type": "string" + }, + "rawDER": { + "optional": true, + "type": "array", + "items": { + "type": "integer" + } + } + } + }, + { + "id": "CertificateTransparencyStatus", + "type": "string", + "enum": ["not_applicable", "policy_compliant", "policy_not_enough_scts", "policy_not_diverse_scts"] + }, + { + "id": "TransportWeaknessReasons", + "type": "string", + "enum": ["cipher"] + }, + { + "id": "SecurityInfo", + "type": "object", + "description": "Contains the security properties of the request (ie. SSL/TLS information).", + "properties": { + "state": { + "type": "string", + "enum": [ + "insecure", + "weak", + "broken", + "secure" + ] + }, + "errorMessage": { + "type": "string", + "description": "Error message if state is \"broken\"", + "optional": true + }, + "protocolVersion": { + "type": "string", + "description": "Protocol version if state is \"secure\"", + "enum": [ + "TLSv1", + "TLSv1.1", + "TLSv1.2", + "TLSv1.3", + "unknown" + ], + "optional": true + }, + "cipherSuite": { + "type": "string", + "description": "The cipher suite used in this request if state is \"secure\".", + "optional": true + }, + "certificates": { + "description": "Certificate data if state is \"secure\". Will only contain one entry unless <code>certificateChain</code> is passed as an option.", + "type": "array", + "items": { "$ref": "CertificateInfo" } + }, + "isDomainMismatch": { + "description": "The domain name does not match the certificate domain.", + "type": "boolean", + "optional": true + }, + "isExtendedValidation": { + "type": "boolean", + "optional": true + }, + "isNotValidAtThisTime": { + "description": "The certificate is either expired or is not yet valid. See <code>CertificateInfo.validity</code> for start and end dates.", + "type": "boolean", + "optional": true + }, + "isUntrusted": { + "type": "boolean", + "optional": true + }, + "certificateTransparencyStatus": { + "description": "Certificate transparency compliance per RFC 6962. See <code>https://www.certificate-transparency.org/what-is-ct</code> for more information.", + "$ref": "CertificateTransparencyStatus", + "optional": true + }, + "hsts": { + "type": "boolean", + "description": "True if host uses Strict Transport Security and state is \"secure\".", + "optional": true + }, + "hpkp": { + "type": "string", + "description": "True if host uses Public Key Pinning and state is \"secure\".", + "optional": true + }, + "weaknessReasons": { + "type": "array", + "items": { "$ref": "TransportWeaknessReasons" }, + "description": "list of reasons that cause the request to be considered weak, if state is \"weak\"", + "optional": true + } + } + }, + { "id": "UploadData", "type": "object", "properties": { @@ -225,6 +367,35 @@ "additionalProperties": {"type": "any"}, "isInstanceOf": "StreamFilter" } + }, + { + "name": "getSecurityInfo", + "type": "function", + "async": true, + "description": "Retrieves the security information for the request. Returns a promise that will resolve to a SecurityInfo object.", + "parameters": [ + { + "name": "requestId", + "type": "string" + }, + { + "name": "options", + "optional": true, + "type": "object", + "properties": { + "certificateChain": { + "type": "boolean", + "description": "Include the entire certificate chain.", + "optional": true + }, + "rawDER": { + "type": "boolean", + "description": "Include raw certificate data for processing by the extension.", + "optional": true + } + } + } + ] } ], "events": [ diff --git a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html index 4dce90cd377e..ad4d4f32a657 100644 --- a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html +++ b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html @@ -25,9 +25,35 @@ function getExtension() { browser.webRequest.onSendHeaders.addListener(details => { browser.test.assertEq(expect.shift(), "onSendHeaders"); }, {urls}, ["requestHeaders"]); - browser.webRequest.onHeadersReceived.addListener(details => { + + async function testSecurityInfo(details, options) { + let securityInfo = await browser.webRequest.getSecurityInfo(details.requestId, options); + browser.test.assertTrue(securityInfo && securityInfo.state == "secure", + "security info reflects https"); + + if (options.certificateChain) { + // Some of the tests here only produce a single cert in the chain. + browser.test.assertTrue(securityInfo.certificates.length >= 1, "have certificate chain"); + } else { + browser.test.assertTrue(securityInfo.certificates.length == 1, "no certificate chain"); + } + if (options.rawDER) { + for (let cert of securityInfo.certificates) { + browser.test.assertTrue(cert.rawDER.length > 0, "have rawDER"); + } + } + } + + browser.webRequest.onHeadersReceived.addListener(async (details) => { browser.test.assertEq(expect.shift(), "onHeadersReceived"); + // We exepect all requests to have been upgraded at this point. + browser.test.assertTrue(details.url.startsWith("https"), "connection is https"); + await testSecurityInfo(details, {}); + await testSecurityInfo(details, {certificateChain: true}); + await testSecurityInfo(details, {rawDER: true}); + await testSecurityInfo(details, {certificateChain: true, rawDER: true}); + let headers = details.responseHeaders || []; for (let header of headers) { if (header.name.toLowerCase() === "strict-transport-security") { diff --git a/toolkit/modules/addons/SecurityInfo.jsm b/toolkit/modules/addons/SecurityInfo.jsm new file mode 100644 index 000000000000..4984f76dd463 --- /dev/null +++ b/toolkit/modules/addons/SecurityInfo.jsm @@ -0,0 +1,297 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const EXPORTED_SYMBOLS = ["SecurityInfo"]; + +ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); + +const wpl = Ci.nsIWebProgressListener; +XPCOMUtils.defineLazyServiceGetter(this, "NSSErrorsService", + "@mozilla.org/nss_errors_service;1", + "nsINSSErrorsService"); +XPCOMUtils.defineLazyServiceGetter(this, "sss", + "@mozilla.org/ssservice;1", + "nsISiteSecurityService"); + +// NOTE: SecurityInfo is largely reworked from the devtools NetworkHelper with changes +// to better support the WebRequest api. The objects returned are formatted specifically +// to pass through as part of a response to webRequest listeners. + +const SecurityInfo = { + /** + * Extracts security information from nsIChannel.securityInfo. + * + * @param {nsIChannel} channel + * If null channel is assumed to be insecure. + * @param {Object} options + * + * @returns {Object} + * Returns an object containing following members: + * - state: The security of the connection used to fetch this + * request. Has one of following string values: + * * "insecure": the connection was not secure (only http) + * * "weak": the connection has minor security issues + * * "broken": secure connection failed (e.g. expired cert) + * * "secure": the connection was properly secured. + * If state == broken: + * - errorMessage: full error message from + * nsITransportSecurityInfo. + * If state == secure: + * - protocolVersion: one of TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. + * - cipherSuite: the cipher suite used in this connection. + * - cert: information about certificate used in this connection. + * See parseCertificateInfo for the contents. + * - hsts: true if host uses Strict Transport Security, + * false otherwise + * - hpkp: true if host uses Public Key Pinning, false otherwise + * If state == weak: Same as state == secure and + * - weaknessReasons: list of reasons that cause the request to be + * considered weak. See getReasonsForWeakness. + */ + getSecurityInfo(channel, options = {}) { + const info = { + state: "insecure", + }; + + /** + * Different scenarios to consider here and how they are handled: + * - request is HTTP, the connection is not secure + * => securityInfo is null + * => state === "insecure" + * + * - request is HTTPS, the connection is secure + * => .securityState has STATE_IS_SECURE flag + * => state === "secure" + * + * - request is HTTPS, the connection has security issues + * => .securityState has STATE_IS_INSECURE flag + * => .errorCode is an NSS error code. + * => state === "broken" + * + * - request is HTTPS, the connection was terminated before the security + * could be validated + * => .securityState has STATE_IS_INSECURE flag + * => .errorCode is NOT an NSS error code. + * => .errorMessage is not available. + * => state === "insecure" + * + * - request is HTTPS but it uses a weak cipher or old protocol, see + * https://hg.mozilla.org/mozilla-central/annotate/def6ed9d1c1a/ + * security/manager/ssl/nsNSSCallbacks.cpp#l1233 + * - request is mixed content (which makes no sense whatsoever) + * => .securityState has STATE_IS_BROKEN flag + * => .errorCode is NOT an NSS error code + * => .errorMessage is not available + * => state === "weak" + */ + + let securityInfo = channel.securityInfo; + if (!securityInfo) { + return info; + } + + securityInfo.QueryInterface(Ci.nsITransportSecurityInfo); + securityInfo.QueryInterface(Ci.nsISSLStatusProvider); + + const SSLStatus = securityInfo.SSLStatus; + if (NSSErrorsService.isNSSErrorCode(securityInfo.errorCode)) { + // The connection failed. + info.state = "broken"; + info.errorMessage = securityInfo.errorMessage; + if (options.certificateChain && SSLStatus.failedCertChain) { + info.certificates = this.getCertificateChain(SSLStatus.failedCertChain, options); + } + return info; + } + + const state = securityInfo.securityState; + + let uri = channel.URI; + if (uri && !uri.schemeIs("https") && !uri.schemeIs("wss")) { + // it is not enough to look at the transport security info - + // schemes other than https and wss are subject to + // downgrade/etc at the scheme level and should always be + // considered insecure. + // Leave info.state = "insecure"; + } else if (state & wpl.STATE_IS_SECURE) { + // The connection is secure if the scheme is sufficient + info.state = "secure"; + } else if (state & wpl.STATE_IS_BROKEN) { + // The connection is not secure, there was no error but there's some + // minor security issues. + info.state = "weak"; + info.weaknessReasons = this.getReasonsForWeakness(state); + } else if (state & wpl.STATE_IS_INSECURE) { + // This was most likely an https request that was aborted before + // validation. Return info as info.state = insecure. + return info; + } else { + // No known STATE_IS_* flags. + return info; + } + + // Cipher suite. + info.cipherSuite = SSLStatus.cipherName; + + // Key exchange group name. + info.keaGroupName = SSLStatus.keaGroupName; + + // Certificate signature scheme. + info.signatureSchemeName = SSLStatus.signatureSchemeName; + + info.isDomainMismatch = SSLStatus.isDomainMismatch; + info.isExtendedValidation = SSLStatus.isExtendedValidation; + info.isNotValidAtThisTime = SSLStatus.isNotValidAtThisTime; + info.isUntrusted = SSLStatus.isUntrusted; + + info.certificateTransparencyStatus = this.getTransparencyStatus(SSLStatus.certificateTransparencyStatus); + + // Protocol version. + info.protocolVersion = this.formatSecurityProtocol(SSLStatus.protocolVersion); + + if (options.certificateChain && SSLStatus.succeededCertChain) { + info.certificates = this.getCertificateChain(SSLStatus.succeededCertChain, options); + } else { + info.certificates = [this.parseCertificateInfo(SSLStatus.serverCert, options)]; + } + + // HSTS and HPKP if available. + if (uri && uri.host) { + // SiteSecurityService uses different storage if the channel is + // private. Thus we must give isSecureURI correct flags or we + // might get incorrect results. + let flags = 0; + if (channel instanceof Ci.nsIPrivateBrowsingChannel && channel.isChannelPrivate) { + flags = Ci.nsISocketProvider.NO_PERMANENT_STORAGE; + } + + info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags); + info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags); + } else { + info.hsts = false; + info.hpkp = false; + } + + return info; + }, + + getCertificateChain(certChain, options = {}) { + let certificates = []; + for (let cert of XPCOMUtils.IterSimpleEnumerator(certChain.getEnumerator(), Ci.nsIX509Cert)) { + certificates.push(this.parseCertificateInfo(cert, options)); + } + return certificates; + }, + + /** + * Takes an nsIX509Cert and returns an object with certificate information. + * + * @param {nsIX509Cert} cert + * The certificate to extract the information from. + * @param {Object} options + * @returns {Object} + * An object with following format: + * { + * subject: subjectName, + * issuer: issuerName, + * validity: { start, end }, + * fingerprint: { sha1, sha256 } + * } + */ + parseCertificateInfo(cert, options = {}) { + if (!cert) { + return {}; + } + + let certData = { + subject: cert.subjectName, + issuer: cert.issuerName, + validity: { + startGMT: cert.validity.notBeforeGMT, + endGMT: cert.validity.notAfterGMT, + }, + fingerprint: { + sha1: cert.sha1Fingerprint, + sha256: cert.sha256Fingerprint, + }, + serialNumber: cert.serialNumber, + isBuiltInRoot: cert.isBuiltInRoot, + subjectPublicKeyInfoDigest: { + sha256: cert.sha256SubjectPublicKeyInfoDigest, + }, + keyUsages: cert.keyUsages, + }; + if (options.rawDER) { + certData.rawDER = cert.getRawDER({}); + } + return certData; + }, + + // Bug 1355903 Transparency is currently disabled using security.pki.certificate_transparency.mode + getTransparencyStatus(status) { + switch (status) { + case Ci.nsISSLStatus.CERTIFICATE_TRANSPARENCY_NOT_APPLICABLE: + return "not_applicable"; + case Ci.nsISSLStatus.CERTIFICATE_TRANSPARENCY_POLICY_COMPLIANT: + return "policy_compliant"; + case Ci.nsISSLStatus.CERTIFICATE_TRANSPARENCY_POLICY_NOT_ENOUGH_SCTS: + return "policy_not_enough_scts"; + case Ci.nsISSLStatus.CERTIFICATE_TRANSPARENCY_POLICY_NOT_DIVERSE_SCTS: + return "policy_not_diverse_scts"; + } + return "unknown"; + }, + + /** + * Takes protocolVersion of SSLStatus object and returns human readable + * description. + * + * @param {number} version + * One of nsISSLStatus version constants. + * @returns {string} + * One of TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 if version + * is valid, Unknown otherwise. + */ + formatSecurityProtocol(version) { + switch (version) { + case Ci.nsISSLStatus.TLS_VERSION_1: + return "TLSv1"; + case Ci.nsISSLStatus.TLS_VERSION_1_1: + return "TLSv1.1"; + case Ci.nsISSLStatus.TLS_VERSION_1_2: + return "TLSv1.2"; + case Ci.nsISSLStatus.TLS_VERSION_1_3: + return "TLSv1.3"; + } + return "unknown"; + }, + + /** + * Takes the securityState bitfield and returns reasons for weak connection + * as an array of strings. + * + * @param {number} state + * nsITransportSecurityInfo.securityState. + * + * @returns {array<string>} + * List of weakness reasons. A subset of { cipher } where + * * cipher: The cipher suite is consireded to be weak (RC4). + */ + getReasonsForWeakness(state) { + // If there's non-fatal security issues the request has STATE_IS_BROKEN + // flag set. See https://hg.mozilla.org/mozilla-central/file/44344099d119 + // /security/manager/ssl/nsNSSCallbacks.cpp#l1233 + let reasons = []; + + if (state & wpl.STATE_IS_BROKEN) { + if (state & wpl.STATE_USES_WEAK_CRYPTO) { + reasons.push("cipher"); + } + } + + return reasons; + }, +}; diff --git a/toolkit/modules/addons/WebRequest.jsm b/toolkit/modules/addons/WebRequest.jsm index 786a2d5dbe91..a4c9e9859a21 100644 --- a/toolkit/modules/addons/WebRequest.jsm +++ b/toolkit/modules/addons/WebRequest.jsm @@ -15,14 +15,12 @@ const {nsIHttpActivityObserver, nsISocketTransport} = Ci; ChromeUtils.import("resource://gre/modules/Services.jsm"); ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); -ChromeUtils.defineModuleGetter(this, "ExtensionUtils", - "resource://gre/modules/ExtensionUtils.jsm"); -ChromeUtils.defineModuleGetter(this, "WebRequestCommon", - "resource://gre/modules/WebRequestCommon.jsm"); -ChromeUtils.defineModuleGetter(this, "WebRequestUpload", - "resource://gre/modules/WebRequestUpload.jsm"); - -XPCOMUtils.defineLazyGetter(this, "ExtensionError", () => ExtensionUtils.ExtensionError); +XPCOMUtils.defineLazyModuleGetters(this, { + ExtensionUtils: "resource://gre/modules/ExtensionUtils.jsm", + WebRequestCommon: "resource://gre/modules/WebRequestCommon.jsm", + WebRequestUpload: "resource://gre/modules/WebRequestUpload.jsm", + SecurityInfo: "resource://gre/modules/SecurityInfo.jsm", +}); function runLater(job) { Services.tm.dispatchToMainThread(job); @@ -41,7 +39,7 @@ function parseExtra(extra, allowed = [], optionsObj = {}) { if (extra) { for (let ex of extra) { if (!allowed.includes(ex)) { - throw new ExtensionError(`Invalid option ${ex}`); + throw new ExtensionUtils.ExtensionError(`Invalid option ${ex}`); } } } @@ -1011,6 +1009,11 @@ var WebRequest = { // nsIHttpActivityObserver. onErrorOccurred: onErrorOccurred, + + getSecurityInfo: (details) => { + let channel = ChannelWrapper.getRegisteredChannel(details.id, details.extension, details.tabParent); + return SecurityInfo.getSecurityInfo(channel.channel, details.options); + }, }; Services.ppmm.loadProcessScript("resource://gre/modules/WebRequestContent.js", true); diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index 110fff7737f2..0a1e48b964c1 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -167,6 +167,7 @@ with Files('docs/**'): EXTRA_JS_MODULES += [ 'addons/MatchURLFilters.jsm', + 'addons/SecurityInfo.jsm', 'addons/WebNavigation.jsm', 'addons/WebNavigationContent.js', 'addons/WebNavigationFrames.jsm',

1 0

[tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 1464481 - fix and test crash when getting registered channelwrapper, r=kmag
by gk＠torproject.org 03 Dec '18

03 Dec '18

commit 1305066f21439675842aad91844e6b490df8c3e0 Author: Shane Caraveo <scaraveo(a)mozilla.com> Date: Fri May 25 16:41:19 2018 -0400 Bug 1464481 - fix and test crash when getting registered channelwrapper, r=kmag MozReview-Commit-ID: LEGojHEb742 --HG-- extra : rebase_source : 7018cfef6b7415ea275dc2c3e414586396a9e2be --- dom/chrome-webidl/ChannelWrapper.webidl | 2 +- .../test/mochitest/test_ext_webrequest_hsts.html | 25 ++++++++++++++++++++++ toolkit/modules/addons/WebRequest.jsm | 4 +++- 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/dom/chrome-webidl/ChannelWrapper.webidl b/dom/chrome-webidl/ChannelWrapper.webidl index 2777aab65c8e..bc959d30d043 100644 --- a/dom/chrome-webidl/ChannelWrapper.webidl +++ b/dom/chrome-webidl/ChannelWrapper.webidl @@ -52,7 +52,7 @@ interface ChannelWrapper : EventTarget { * Returns the wrapper instance for the given channel. The same wrapper is * always returned for a given channel. */ - static ChannelWrapper getRegisteredChannel(unsigned long long aChannelId, + static ChannelWrapper? getRegisteredChannel(unsigned long long aChannelId, WebExtensionPolicy extension, TabParent? tabParent); diff --git a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html index ad4d4f32a657..849527ea4a80 100644 --- a/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html +++ b/toolkit/components/extensions/test/mochitest/test_ext_webrequest_hsts.html @@ -185,6 +185,31 @@ add_task(async function test_hsts_header() { await extension.unload(); }); + +add_task(async function test_nonBlocking_securityInfo() { + let extension = ExtensionTestUtils.loadExtension({ + manifest: { + "permissions": [ + "webRequest", + "<all_urls>", + ], + }, + async background() { + let tab; + browser.webRequest.onHeadersReceived.addListener(async (details) => { + let securityInfo = await browser.webRequest.getSecurityInfo(details.requestId, {}); + browser.test.assertTrue(!securityInfo, "securityInfo undefined on http request"); + browser.tabs.remove(tab.id); + browser.test.notifyPass("success"); + }, {urls: ["<all_urls>"], types: ["main_frame"]}); + tab = await browser.tabs.create({url: "https://example.org/tests/toolkit/components/extensions/test/mochitest/file…"}); + }, + }); + await extension.startup(); + + await extension.awaitFinish("success"); + await extension.unload(); +}); </script> </head> <body> diff --git a/toolkit/modules/addons/WebRequest.jsm b/toolkit/modules/addons/WebRequest.jsm index a4c9e9859a21..6a95182a3876 100644 --- a/toolkit/modules/addons/WebRequest.jsm +++ b/toolkit/modules/addons/WebRequest.jsm @@ -1012,7 +1012,9 @@ var WebRequest = { getSecurityInfo: (details) => { let channel = ChannelWrapper.getRegisteredChannel(details.id, details.extension, details.tabParent); - return SecurityInfo.getSecurityInfo(channel.channel, details.options); + if (channel) { + return SecurityInfo.getSecurityInfo(channel.channel, details.options); + } }, };

1 0