[tor-commits] [tor-browser-spec/master] Add Firefox 31 network audit notes.
mikeperry at torproject.org
mikeperry at torproject.org
Thu Sep 18 04:14:36 UTC 2014
commit 7808ae2fd1cd73dd14db6f29f35575cfdb66e5b6
Author: Mike Perry <mikeperry-git at torproject.org>
Date: Wed Sep 17 20:22:08 2014 -0700
Add Firefox 31 network audit notes.
---
audits/FF31_NETWORK_AUDIT | 285 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 285 insertions(+)
diff --git a/audits/FF31_NETWORK_AUDIT b/audits/FF31_NETWORK_AUDIT
new file mode 100644
index 0000000..9a8c84d
--- /dev/null
+++ b/audits/FF31_NETWORK_AUDIT
@@ -0,0 +1,285 @@
+Lowest level resolver calls:
+ - PR_GetHostByName
+ + ./profile/dirserviceprovider/src/nsProfileLock.cpp
+ + nsProfileLock::LockWithSymlink() looks up 127.0.0.1..
+ + XXX: Should we remove this? It seems kind of silly.
+ + ./nsprpub/pr/src/cplus/rcnetdb.cpp
+ + RCHostLookup::ByName()
+ + Not used
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+ - XXX: pkix_pl_Socket_CreateByName and pkix_pl_Socket_CreateByHostAndPort
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.c
+ - PKIX_PL_LdapDefaultClient_CreateByName
+ - pkix_pl_AiaMgr_FindLDAPClient
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
+ - pkix_HttpCertStore_FindSocketConnection
+ - pkix_pl_HttpDefaultClient_RequestCreate
+ - pkix_pl_HttpDefaultClient_RequestCreateFcn
+ - SEC_HttpClientFcnV1 vtable.createFcn and
+ + ./security/manager/ssl/src/nsNSSCallbacks.cpp
+ + Uses nsHTTPHttpInterface::createFcn()
+ + ./security/manager/ssl/src/nsNSSCallbacks.h
+ + ./security/certverifier/OCSPRequestor.cpp
+ - ./security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
+ - pkix_pl_OcspResponse_Create uses the whatever is in its arg
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
+ - pkix_pl_AIAMgr_GetHTTPCerts uses SEC_GetRegisteredHttpClient()
+ - which uses SEC_RegisterDefaultHttpClient()
+ - This is safe for nsNSSCallbacks.c
+ - Not safe for
+ ./security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c
+ - PKIX_PL_Initialize
+ - PKIX_Initialize
+ - nss_init
+ - NSS_Init*
+ - NSS_NoDB_Init
+ - PKIX_PL_AIAMgr_GetAIACerts
+ - pkix_BuildForwardDepthFirstSearch
+ - pkix_Build_ResumeBuildChain and pkix_Build_InitiateBuildChain
+ - PKIX_BuildChain
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c
+ - PKIX_PL_Pk11CertStore_Create controls which http client
+ is used
+ - ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
+ - ./security/nss/lib/certhigh/ocsp.c
+ - ./security/nss/lib/certhigh/ocsp.c
+ - XXX: ocsp_ConnectToHost
+ - ocsp_SendEncodedRequest
+ - cert_FetchOCSPResponse (exported)
+ - CERT_PostOCSPRequest (exported)
+ - cert_GetOCSPResponse (static)
+ - ocsp_GetEncodedOCSPResponseFromRequest (static)
+ - ocsp_GetEncodedOCSPResponseForSingleCert (static)
+ - ocsp_GetOCSPStatusFromNetwork (static)
+ - CERT_CheckOCSPStatus (exported)
+ - statusConfig->statusChecker
+ - CERT_VerifyCertificate
+ - CERT_VerifyCertificateNow
+ - cert_VerifyCertWithFlags
+ - CERT_VerifyCert
+ - CERT_VerifyCertNow
+ + PR_GetIPNodeByName
+ + Used by tests only
+ + PR_GetAddrInfoByName
+ + ./security/nss/cmd/ usage (NSS cli commands only)
+ + ./netwerk/dns/nsHostResolver.cpp
+ + nsHostResolver::ResolveHost() is entrypoint
+ + nsHostResolver::ThreadFunc() will resolve without SOCKS
+ + Unused except by nsDNSService, which we block.
+ + PR_StringToNetAddr
+ + Passes AI_NUMERICHOST to getaddrinfo. No resolution.
+
+Direct paths to DNS resolution:
+ - nsDNSService::Resolve
+ - XXX: Our rebased patch has a weird chunk in the wrong place here!
+ + nsDNSService::AsyncResolve
+ + Patched for safety
+ + nsHostResolver::ResolveHost
+ + Only used by nsDNSService
+
+Misc UDP (SOCK_DGRAM, PR_DESC_SOCKET_UDP):
+ + PR_DESC_SOCKET_UDP
+ + ./nsprpub/pr/src/md/os2/os2io.c
+ + ./nsprpub/pr/src/cplus/rcio.h
+ + RCFileIO (not used)
+ + RCNetStreamIO (not used)
+ + ./nsprpub/pr/src/io/prsocket.c
+ + PR_GetUDPMethods
+ + ./nsprpub/pr/src/misc/prinit.c
+ + PR_GetInheritedFD
+ + ./nsprpub/pr/src/pthreads/ptio.c
+ + SOCK_DGRAM
+ + Android junk (not relevant):
+ + ./other-licenses/android/res_send.c
+ + ./other-licenses/android/res_init.c
+ + ./other-licenses/android/getaddrinfo.c
+ + ./hal/gonk/UeventPoller.cpp
+ + netlink stuff
+ + ./nsprpub/pr/src/io/prsocket.c
+ + PR_NewUDPSocket
+ + PR_OpenUDPSocket
+ + PR_Socket
+ + ./nsprpub/pr/src/pthreads/ptio.c
+ + ./media/webrtc/*
+ + Disabled
+ + ./media/mtransport/third_party/nICEr/src/stun/addrs.c
+ + boils down to NrIceCtx::StartGathering
+ + Used only for PeerConnection, which we disable
+ + ./ipc/chromium/src/third_party/libevent/evdns.c
+ + evdns is unused
+ + ./ipc/chromium/src/third_party/libevent/evutil.c
+ + interface checking functions. Unused.
+ + ./netwerk/wifi/nsWifiScannerFreeBSD.cpp
+ + GeoIP stuff. Is disabled.
+ + RTSP is only on Android (media.rtsp.enabled):
+ + ./netwerk/protocol/rtsp/rtsp/ARTPSession.cpp
+ + ./netwerk/protocol/rtsp/rtsp/ARTPConnection.cpp
+ + ./netwerk/protocol/rtsp/rtsp/ARTPWriter.cpp
+ + ./netwerk/protocol/rtsp/rtsp/UDPPusher.cpp
+ + SCTP is only enabled with WEBRTC
+ + ./netwerk/sctp/src/netinet/sctputil.c
+ + ./netwerk/sctp/src/netinet/sctp_userspace.c
+ + ./netwerk/sctp/src/netinet/sctp_pcb.c
+ + ./netwerk/sctp/src/ifaddrs_android.cpp
+ + ./netwerk/sctp/src/user_recv_thread.c
+ + PR_NewUDPSocket
+ + ./media/mtransport/nr_socket_prsock.cpp
+ + Disabled with WebRTC
+ + PR_OpenUDPSocket
+ + ./netwerk/base/src/Tickler.cpp
+ + Sends UDP packets to DHCP gateway, but only on android
+ + ./netwerk/socket/nsUDPSocketProvider.cpp
+ + NewSocket(). Unused.
+ + ./netwerk/base/src/ProxyAutoConfig.cpp
+ + We don't use PAC.
+ + ./netwerk/base/src/nsUDPSocket.cpp
+ + Unused except for nsUDPSocketProvider
+ + PR_ImportUDPSocket
+ + Only called if NSPR_INHERIT_FDS in environment
+
+Misc TCP (SOCK_STREAM, PR_DESC_SOCKET_TCP):
+ + PR_DESC_SOCKET_TCP
+ + ./nsprpub/pr/src/md/os2/os2io.c
+ + OS/2 only
+ + ./nsprpub/pr/src/cplus/rcio.h
+ + RCFileIO (not used)
+ + RCNetStreamIO (not used)
+ + ./nsprpub/pr/src/io/pripv6.c
+ + Underlying wrapper for PR_Socket
+ + ./nsprpub/pr/src/io/prsocket.c
+ + ./nsprpub/pr/src/misc/prinit.c
+ + ./nsprpub/pr/src/pthreads/ptio.c
+ + ./netwerk/base/src/nsSocketTransportService2.cpp
+ + SOCK_STREAM
+ + ./nsprpub/pr/src/misc/prnetdb.c
+ + Android stuff: disabled
+ + ./other-licenses/android/res_send.c
+ + ./other-licenses/android/getaddrinfo.c
+ + ./nsprpub/pr/src/md/windows/ntio.c
+ + ./nsprpub/pr/src/cplus/rcnetio.cpp
+ + ./nsprpub/pr/src/io/prsocket.c
+ + ./nsprpub/pr/src/misc/prnetdb.c
+ + ./nsprpub/pr/src/pthreads/ptio.c
+ + ./media/webrtc/* - disabled
+ + ./toolkit/crashreporter/google-breakpad/src/client/linux/crash_generation/crash_generation_client.cc
+ + AF_UNIX socket..
+ + ./ipc/chromium/src/chrome/common/ipc_channel_posix.cc
+ + AF_UNIX/local only
+ + ./ipc/chromium/src/third_party/libevent/event.c
+ + ./ipc/chromium/src/third_party/libevent/evutil.c
+ + ./ipc/chromium/src/third_party/libevent/listener.c
+ + ./ipc/chromium/src/third_party/libevent/bufferevent_sock.c
+ + ./ipc/chromium/src/third_party/libevent/signal.c
+ + ./ipc/chromium/src/third_party/libevent/http.c
+ + ./ipc/chromium/src/third_party/libevent/event_iocp.c
+ + ./ipc/keystore/KeyStore.cpp
+ + AF_LOCAL only
+ + ./ipc/nfc/Nfc.cpp
+ + local/loopback only
+ + ./ipc/ril/Ril.cpp
+ + local/loopback only
+ + ./ipc/netd/Netd.cpp
+ + local only
+ + RTSP and SCTP are disabled if WebRTC is compiled out
+ + ./netwerk/protocol/rtsp/rtsp/ARTSPConnection.cpp
+ + ./netwerk/sctp/src/netinet/sctp_pcb.c
+ + ./netwerk/sctp/src/user_socket.c
+ + ./netwerk/sctp/datachannel/DataChannel.cpp
+ + ./dom/system/gonk/VolumeManager.cpp
+ + local only
+ + ./dom/bluetooth/bluez/BluetoothUnixSocketConnector.cpp
+ + bluetooth sockets only
+ + ./mozglue/build/Nuwa.cpp
+ + Unix sockets only
+ - PR_NewTCPSocket
+ + ./nsprpub/pr/src/cplus/rcnetio.cpp
+ + ./nsprpub/pr/src/io/prpolevt.c
+ + ./media/mtransport/nr_socket_prsock.cpp
+ + WebRTC only
+ + ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+ + pkix_pl_Socket_CreateClient
+ + pkix_pl_Socket_CreateByHostAndPort and pkix_pl_Socket_CreateByName
+ and pkix_pl_Socket_Create
+ + PKIX_PL_LdapDefaultClient_Create is unused. Other two noted above.
+ - XXX: Probably best to patch pkix_pl_Socket_Create anyway.
+ + ./security/nss/lib/certhigh/ocsp.c
+ + ocsp_ConnectToHost. Noted above. Needs patching for DID.
+ + PR_OpenTCPSocket
+ + ./security/manager/ssl/src/nsNSSIOLayer.cpp
+ + nsSSLIOLayerNewSocket
+ + ./security/manager/ssl/src/nsTLSSocketProvider.cpp
+ + nsTLSSocketProvider::NewSocket
+ + ./security/manager/ssl/src/nsSSLSocketProvider.cpp
+ + nsSSLSocketProvider::NewSocket (nsISocketProvider)
+ + nsISocketProvider.newSocket
+ + used with proxy settings
+ + ./netwerk/socket/nsSOCKSIOLayer.cpp
+ + ./netwerk/socket/nsSOCKSSocketProvider.cpp
+ + ./netwerk/base/src/nsSocketTransportService2.cpp
+ + ./netwerk/base/src/nsSocketTransport2.cpp
+ + ./netwerk/base/src/nsServerSocket.cpp
+ + PR_ImportTCPSocket
+
+Misc PR_Socket:
+ + ./nsprpub/pr/src/io/prmapopt.c
+ + ./nsprpub/pr/src/cplus/rcnetio.cpp
+ + RCNetStreamIO::RCNetStreamIO
+
+Misc XPCOM:
+ + *SocketProvider
+ + newSocket
+ + ./netwerk/base/src/nsSocketTransport2.cpp:
+ + used with proxy settings
+ + addToSocket
+ + @mozilla.org/network/udp-socket
+ + ./mobile/android/modules/SimpleServiceDiscovery.jsm
+ + local SSDP on Android
+ + ./dom/push/src/PushService.jsm
+ + WTF. _listenForUDPWakeup!!!
+ + Controlled by pref services.push.udp.wakeupEnabled
+ + And also services.push.enabled
+ + Currently false
+ - XXX: Verify false on android and in the future!
+ + ./netwerk/build/nsNetCID.h
+ + NS_SOCKETTRANSPORTSERVICE_*
+ + Proxied if TCP
+ + Udp limited to mtransport and webrtc
+ + NS_UDPSOCKET_*
+ + @mozilla.org/tcp-socket-*
+ + ./layout/build/nsLayoutModule.cpp
+ + @mozilla.org/udp-socket-*
+ + ./media/mtransport/nr_socket_prsock.cpp
+ + WebRTC disables
+ + ./layout/build/nsLayoutModule.cpp
+ + @mozilla.org/network/*socket*:
+ + ./toolkit/xre/nsAppRunner.cpp
+ + Debugger stuff
+ + ./toolkit/devtools/server/main.js
+ + ./toolkit/devtools/client/connection-manager.js
+ + ./toolkit/devtools/server/main.js
+ + ./toolkit/devtools/client/dbg-client.jsm
+ + ./toolkit/modules/Sntp.jsm
+ + B2G ntp
+ + ./addon-sdk/source/lib/sdk/test/httpd.js
+ + ./addon-sdk/source/lib/sdk/io/stream.js
+ + ./netwerk/build/nsNetCID.h
+ + ./netwerk/protocol/websocket/WebSocketChannelParent.cpp
+ + ./netwerk/protocol/websocket/WebSocketChannel.cpp
+ + ./dom/ipc/preload.js
+ + ./dom/network/src/TCPServerSocket.js
+ + ./dom/network/src/UDPSocketParent.cpp
+ + ./dom/network/src/TCPSocket.js
+ + ./dom/push/src/PushService.jsm
+ + Android stuff:
+ + ./mobile/android/chrome/content/WebappRT.js
+ + Debugger?
+ + ./mobile/android/modules/RokuApp.jsm
+ + createTransport()
+ + ./netwerk/protocol/http/nsHttpConnectionMgr.cpp
+ + ./netwerk/protocol/ftp/nsFtpConnectionThread.cpp:
+ + ./netwerk/protocol/ftp/nsFtpControlConnection.cpp:
+ + ./dom/network/src/TCPSocket.js
+
+- Gstreamer
+ - ./content/media/gstreamer/GStreamerDecoder.cpp
+ - ./content/media/DecoderTraits.cpp
More information about the tor-commits
mailing list