Bug 1585236 - Have a preference to not be conservative when conneting a proxy, r=dragana

Differential Revision: https://phabricator.services.mozilla.com/D47973 --HG-- extra : moz-landing-system : lando
2024-10-24 18:55:30 +00:00 · 2019-10-09 16:24:00 +00:00 · 2019-10-09 16:24:00 +00:00 · 67089d8402
commit 67089d8402
parent be025da362
4 changed files with 48 additions and 2 deletions
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@ -1266,6 +1266,13 @@ pref("network.http.proxy.version", "1.1");    // default
 // pref("network.http.proxy.version", "1.0"); // uncomment this out in case of problems
                                              // (required if using junkbuster proxy)

+// Whether we should respect the BE_CONSERVATIVE (aka nsIHttpChannelInternal.beConservative)
+// flag when connecting to a proxy.  If the configured proxy accepts only TLS 1.3, system
+// requests like updates will not pass through.  Setting this pref to false will fix that
+// problem.
+// Default at true to preserve the behavior we had before for backward compat.
+pref("network.http.proxy.respect-be-conservative", true);
+
 // this preference can be set to override the socket type used for normal
 // HTTP traffic.  an empty value indicates the normal TCP/IP socket type.
 pref("network.http.default-socket-type", "");
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@ -126,6 +126,7 @@ nsHttpConnectionMgr::nsHttpConnectionMgr()
      mThrottleReadInterval(0),
      mThrottleHoldTime(0),
      mThrottleMaxTime(0),
+      mBeConservativeForProxy(true),
      mIsShuttingDown(false),
      mNumActiveConns(0),
      mNumIdleConns(0),
@ -3003,6 +3004,9 @@ void nsHttpConnectionMgr::OnMsgUpdateParam(int32_t inParam, ARefBase*) {
    case THROTTLING_MAX_TIME:
      mThrottleMaxTime = TimeDuration::FromMilliseconds(value);
      break;
+    case PROXY_BE_CONSERVATIVE:
+      mBeConservativeForProxy = !!value;
+      break;
    default:
      MOZ_ASSERT_UNREACHABLE("unexpected parameter name");
  }
@ -4013,6 +4017,24 @@ nsHttpConnectionMgr::nsHalfOpenSocket::~nsHalfOpenSocket() {
  if (mEnt) mEnt->RemoveHalfOpen(this);
 }

+bool nsHttpConnectionMgr::BeConservativeIfProxied(nsIProxyInfo* proxy) {
+  if (mBeConservativeForProxy) {
+    // The pref says to be conservative for proxies.
+    return true;
+  }
+
+  if (!proxy) {
+    // There is no proxy, so be conservative by default.
+    return true;
+  }
+
+  // Be conservative only if there is no proxy host set either.
+  // This logic was copied from nsSSLIOLayerAddToSocket.
+  nsAutoCString proxyHost;
+  proxy->GetHost(proxyHost);
+  return proxyHost.IsEmpty();
+}
+
 nsresult nsHttpConnectionMgr::nsHalfOpenSocket::SetupStreams(
    nsISocketTransport** transport, nsIAsyncInputStream** instream,
    nsIAsyncOutputStream** outstream, bool isBackup) {
@ -4085,7 +4107,8 @@ nsresult nsHttpConnectionMgr::nsHalfOpenSocket::SetupStreams(
    tmpFlags |= nsISocketTransport::DONT_TRY_ESNI;
  }

-  if ((mCaps & NS_HTTP_BE_CONSERVATIVE) || ci->GetBeConservative()) {
+  if (((mCaps & NS_HTTP_BE_CONSERVATIVE) || ci->GetBeConservative()) &&
+      gHttpHandler->ConnMgr()->BeConservativeIfProxied(ci->ProxyInfo())) {
    LOG(("Setting Socket to BE_CONSERVATIVE"));
    tmpFlags |= nsISocketTransport::BE_CONSERVATIVE;
  }
--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
@ -65,7 +65,8 @@ class nsHttpConnectionMgr final : public nsIObserver, public AltSvcCache {
    THROTTLING_READ_LIMIT,
    THROTTLING_READ_INTERVAL,
    THROTTLING_HOLD_TIME,
-    THROTTLING_MAX_TIME
+    THROTTLING_MAX_TIME,
+    PROXY_BE_CONSERVATIVE
  };

  //-------------------------------------------------------------------------
@ -565,6 +566,7 @@ class nsHttpConnectionMgr final : public nsIObserver, public AltSvcCache {
  uint32_t mThrottleReadInterval;
  uint32_t mThrottleHoldTime;
  TimeDuration mThrottleMaxTime;
+  bool mBeConservativeForProxy;
  Atomic<bool, mozilla::Relaxed> mIsShuttingDown;

  //-------------------------------------------------------------------------
@ -818,6 +820,10 @@ class nsHttpConnectionMgr final : public nsIObserver, public AltSvcCache {
  // Then, it notifies selected transactions' connection of the new active tab
  // id.
  void NotifyConnectionOfWindowIdChange(uint64_t previousWindowId);
+
+  // A test if be-conservative should be used when proxy is setup for the
+  // connection
+  bool BeConservativeIfProxied(nsIProxyInfo* proxy);
 };

 NS_DEFINE_STATIC_IID_ACCESSOR(nsHttpConnectionMgr::nsHalfOpenSocket,
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@ -1319,6 +1319,16 @@ void nsHttpHandler::PrefsChanged(const char* pref) {
    }
  }

+  if (PREF_CHANGED(HTTP_PREF("proxy.respect-be-conservative"))) {
+    rv =
+        Preferences::GetBool(HTTP_PREF("proxy.respect-be-conservative"), &cVar);
+    if (NS_SUCCEEDED(rv) && mConnMgr) {
+      Unused << mConnMgr->UpdateParam(
+          nsHttpConnectionMgr::PROXY_BE_CONSERVATIVE,
+          static_cast<int32_t>(cVar));
+    }
+  }
+
  if (PREF_CHANGED(HTTP_PREF("qos"))) {
    rv = Preferences::GetInt(HTTP_PREF("qos"), &val);
    if (NS_SUCCEEDED(rv)) mQoSBits = (uint8_t)clamped(val, 0, 0xff);