Backed out changeset acb04833e713 (bug 1500533) for assertion failure in nsHttpChannel.cpp on a CLOSED TREE

2025-01-26 23:23:33 +00:00 · 2019-04-11 23:15:08 +03:00 · 2019-04-11 23:15:08 +03:00 · 76651301a1
commit 76651301a1
parent aa44fadac3
9 changed files with 2 additions and 114 deletions
--- a/build/pgo/certs/cert9.db
+++ b/build/pgo/certs/cert9.db
--- a/build/pgo/certs/key4.db
+++ b/build/pgo/certs/key4.db
--- a/build/pgo/certs/mochitest.client
+++ b/build/pgo/certs/mochitest.client
--- a/build/pgo/server-locations.txt
+++ b/build/pgo/server-locations.txt
@ -178,11 +178,6 @@ http://another-tracking.example.net:80
 http://itisatracker.org:80
 https://itisatracker.org:443
 http://trackertest.org:80
-#
-# Used while testing TLS session ticket resumption for third-party trackers (bug 1500533)
-# (DO NOT USE THIS HOST IN OTHER TESTS!)
-#
-https://tlsresumptiontest.example.org:443

 https://malware.example.com:443
 https://unwanted.example.com:443
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -625,13 +625,9 @@ nsresult nsHttpChannel::ContinueOnBeforeConnect(bool aShouldUpgrade,
    mCaps |= NS_HTTP_DISABLE_TRR;
  }

-  bool isIsolated = !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(
-      this, mURI, nullptr);
-  MOZ_ASSERT_IF(mPrivateBrowsing, isIsolated);
-
  // Finalize ConnectionInfo flags before SpeculativeConnect
  mConnectionInfo->SetAnonymous((mLoadFlags & LOAD_ANONYMOUS) != 0);
-  mConnectionInfo->SetPrivate(isIsolated);
+  mConnectionInfo->SetPrivate(mPrivateBrowsing);
  mConnectionInfo->SetNoSpdy(mCaps & NS_HTTP_DISALLOW_SPDY);
  mConnectionInfo->SetBeConservative((mCaps & NS_HTTP_BE_CONSERVATIVE) ||
                                     mBeConservative);
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@ -2475,12 +2475,6 @@ static nsresult nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
    return NS_ERROR_FAILURE;
  }

-  if (flags & nsISocketProvider::NO_PERMANENT_STORAGE) {
-    if (SECSuccess != SSL_OptionSet(fd, SSL_ENABLE_SESSION_TICKETS, false)) {
-      return NS_ERROR_FAILURE;
-    }
-  }
-
  return NS_OK;
 }

--- a/toolkit/components/antitracking/test/browser/browser.ini
+++ b/toolkit/components/antitracking/test/browser/browser.ini
@ -77,7 +77,6 @@ skip-if = serviceworker_e10s
 [browser_storageAccessSandboxed.js]
 skip-if = serviceworker_e10s
 [browser_storageAccessWithHeuristics.js]
-[browser_tlsSessionTickets.js]
 [browser_allowPermissionForTracker.js]
 [browser_denyPermissionForTracker.js]
 [browser_localStorageEvents.js]
--- a/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js
+++ b/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js
@ -1,93 +0,0 @@
-add_task(async function() {
-  info("Starting tlsSessionTickets test");
-
-  await SpecialPowers.flushPrefEnv();
-  await SpecialPowers.pushPrefEnv({"set": [
-    ["browser.cache.disk.enable", false],
-    ["browser.cache.memory.enable", false],
-    ["browser.contentblocking.allowlist.annotations.enabled", true],
-    ["browser.contentblocking.allowlist.storage.enabled", true],
-    ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],
-    ["privacy.trackingprotection.enabled", false],
-    ["privacy.trackingprotection.pbmode.enabled", false],
-    ["privacy.trackingprotection.annotate_channels", true],
-  ]});
-
-  await UrlClassifierTestUtils.addTestTrackers();
-
-  info("Creating a new tab");
-  let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
-  gBrowser.selectedTab = tab;
-
-  let browser = gBrowser.getBrowserForTab(tab);
-  await BrowserTestUtils.browserLoaded(browser);
-
-  const trackingURL = "https://tlsresumptiontest.example.org/browser/toolkit/components/antitracking/test/browser/empty.js";
-  const kTopic = "http-on-examine-response";
-
-  let resumedState = [];
-  let hashKeys = [];
-
-  function observer(subject, topic, data) {
-    if (topic != kTopic) {
-      return;
-    }
-
-    subject.QueryInterface(Ci.nsIChannel);
-    if (subject.URI.spec != trackingURL) {
-      return;
-    }
-
-    resumedState.push(subject.securityInfo
-                             .QueryInterface(Ci.nsISSLSocketControl)
-                             .resumed);
-    hashKeys.push(subject.QueryInterface(Ci.nsIHttpChannelInternal)
-                         .connectionInfoHashKey);
-  }
-
-  Services.obs.addObserver(observer, kTopic);
-  registerCleanupFunction(() => Services.obs.removeObserver(observer, kTopic));
-
-  info("Loading tracking scripts and tracking images");
-  await ContentTask.spawn(browser, {trackingURL}, async function(obj) {
-    {
-      let src = content.document.createElement("script");
-      let p = new content.Promise(resolve => { src.onload = resolve; });
-      content.document.body.appendChild(src);
-      src.src = obj.trackingURL;
-      await p;
-    }
-  });
-
-  // Load our tracking URL two more times, but this time in the first-party context.
-  // The TLS session should be resumed the second time here.
-  await fetch(trackingURL);
-  await fetch(trackingURL).then(() => {
-    is(resumedState.length, 3, "We should have observed 3 loads for " + trackingURL);
-    ok(!resumedState[0], "The first load should NOT have been resumed");
-    ok(!resumedState[1], "The second load should NOT have been resumed");
-    ok(resumedState[2], "The third load SHOULD have been resumed");
-
-    // We also verify that the hashKey of the first connection is different to
-    // both the second and third connections, and that the hashKey of the
-    // second and third connections are the same.  The reason why this check is
-    // done is that the private bit on the connection info object is used to
-    // construct the hash key, so when the connection is isolated because it
-    // comes from a third-party tracker context, its hash key must be
-    // different.
-    is(hashKeys.length, 3, "We should have observed 3 loads for " + trackingURL);
-    is(hashKeys[1], hashKeys[2], "The second and third hash keys should match");
-    isnot(hashKeys[0], hashKeys[1], "The first and second hash keys should not match");
-  });
-
-  info("Removing the tab");
-  BrowserTestUtils.removeTab(tab);
-});
-
-add_task(async function() {
-  info("Cleaning up.");
-  await new Promise(resolve => {
-    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => resolve());
-  });
-});
-
--- a/toolkit/components/url-classifier/tests/UrlClassifierTestUtils.jsm
+++ b/toolkit/components/url-classifier/tests/UrlClassifierTestUtils.jsm
@ -24,7 +24,6 @@ var UrlClassifierTestUtils = {
    let annotationURL2 = "itisatracker.org/";
    let annotationURL3 = "trackertest.org/";
    let annotationURL4 = "another-tracking.example.net/";
-    let annotationURL5 = "tlsresumptiontest.example.org/";
    let annotationWhitelistedURL = "itisatrap.org/?resource=example.org";
    let trackingURL1 = "tracking.example.com/"; // only for TP
    let trackingURL2 = "itisatracker.org/";
@ -40,9 +39,7 @@ var UrlClassifierTestUtils = {
          "a:3:32:" + annotationURL3.length + "\n" +
          annotationURL3 + "\n" +
          "a:4:32:" + annotationURL4.length + "\n" +
-          annotationURL4 + "\n" +
-          "a:5:32:" + annotationURL5.length + "\n" +
-          annotationURL5 + "\n";
+          annotationURL4 + "\n";
    let annotationWhitelistUpdate =
          "n:1000\ni:" + ANNOTATION_WHITELIST_TABLE_NAME + "\nad:1\n" +
          "a:1:32:" + annotationWhitelistedURL.length + "\n" +