Closed Bug 1131880 Opened 5 years ago Closed 5 years ago

Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback

Categories

(Core :: Security: PSM, defect)

37 Branch
defect
Not set

Tracking

()

RESOLVED FIXED
mozilla38
Tracking Status
firefox37 --- fixed
firefox38 --- fixed

People

(Reporter: emk, Assigned: emk)

References

Details

Attachments

(1 file)

Attached patch patchSplinter Review
On Nightly, PR_CONNECT_RESET_ERROR will be allowed if "security.tls.version.fallback-limit" is smaller than 3 due to bug 1124039.
Since I'm not going to backport the entire bug 1124039 (yet), I wrote a patch only to backport this behavior change.
Attachment #8562466 - Flags: review?(dkeeler)
I'm not sure I understand the motivation here - could you explain a bit more what the goal of this change is and why it's important? Thanks.
Flags: needinfo?(VYV03354)
Basically what I explained in bug 1124039 comment #15:
> users (or
> hotfix addons) can disable the behavior from bug 1128763 globally in case
> too many sites are broken.
Flags: needinfo?(VYV03354)
Comment on attachment 8562466 [details] [diff] [review]
patch

Review of attachment 8562466 [details] [diff] [review]:
-----------------------------------------------------------------

Oh, now I get it. Ok - r=me. (This is only landing on 37, right?)
Attachment #8562466 - Flags: review?(dkeeler) → review+
(In reply to David Keeler [:keeler] (use needinfo?) from comment #3)
> (This is only landing on 37, right?)

Yes.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=b7d28228e557
Comment on attachment 8562466 [details] [diff] [review]
patch

Approval Request Comment
[Feature/regressing bug #]: 1128763
[User impact if declined]: Users will not have an easy workaround to connect some sites. We will also have fewer choices in case we have to release a hotfix addon.
[Describe test coverage new/current, TreeHerder]: Manually tested. No existing tests are broken (see the above try run, e10s failures are expected).
[Risks and why]: Very low. Simple few changes, make Firefox more compatible with broken sites, and only <0.3% sites will be affected.
[String/UUID change made/needed]: none
Attachment #8562466 - Flags: approval-mozilla-aurora?
Landed on inbound because bug 1124039 has been backed out.
https://hg.mozilla.org/integration/mozilla-inbound/rev/f96476302284
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
https://hg.mozilla.org/mozilla-central/rev/f96476302284
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
Comment on attachment 8562466 [details] [diff] [review]
patch

Aurora+
Attachment #8562466 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.