Closed
Bug 1165421
Opened 10 years ago
Closed 8 years ago
It's not obvious that "security.tls.insecure_fallback_hosts" control RC4 fallback behaviour as well
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: public, Unassigned)
References
Details
(Whiteboard: [psm-blocked])
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150513174244
Steps to reproduce:
Hello,
I use FF 38.0.1 on Windows 7 SP1.
At start all of my RC4 ciphers are set to “True” (all 4 of them).
1. If “security.tls.unrestricted_rc4_fallback” is set to “False” – still FF connects, as a fallback, to both https://www.bankhapoalim.co.il and (only two ciphers - TLS_RSA_WITH_RC4_128_MD5 (0x4) is first and TLS_RSA_WITH_RC4_128_SHA (0x5) is second) https://hb2.bankleumi.co.il/ (TLS_RSA_WITH_RC4_128_SHA (0x5) is first and TLS_RSA_WITH_RC4_128_MD5 (0x4) is second – the opposite of its former).
This behavior is stable across this setting a change online and then doing a page refresh or via a browser restart. It looks like FF doesn’t block the fallback into the RC4 ciphers for these sites.
On the other hand, for comparison, the site of https://www.fibi-online.co.il (only two ciphers - TLS_RSA_WITH_RC4_128_MD5 (0x4) is first and TLS_RSA_WITH_RC4_128_SHA (0x5) is second) DOES get blocked if “security.tls.unrestricted_rc4_fallback” is set to “False”.
2. Online changes behavior (comparing the Hapoalim and Leumi sites):
A. A change for “security.ssl3.rsa_rc4_128_sha” in either toggle direction – does not apply. The change is applied only via FF restart
B. A change for “security.ssl3.rsa_rc4_128_md5” is applied online only for blocking but not for enabling. The change is applied only via FF restart.
Matrix of results (“security.tls.unrestricted_rc4_fallback” is False in all of the following scenarios):
***Restart***
Both ciphers are false:
Both sites are blocked with “ssl_error_no_cypher_overlap”
Both ciphers are true:
Hapoalim is OK, using MD5 (As expected)
Leumi is OK, using SHA (As expected)
SHA is False, MD5 is True:
Hapoalim is OK, using MD5 (As expected)
Leumi is OK, using MD5 (As expected – A fallback from the disabled SHA)
SHA is True, MD5 is False:
Hapoalim is OK, using SHA (As expected – A fallback from the disabled MD5)
Leumi is OK, using SHA
So, restart works fine in all cases.
***Online change and then a page refresh***
Initial (after FF restart) – both ciphers are True
Hapoalim is OK, using MD5 (As expected)
Leumi is OK, using SHA (As expected)
Online changing SHA to False and refreshing both pages
Hapoalim is OK, using MD5 (As expected)
Leumi stays with SHA – The change did not apply, online blocking doesn’t work (Bad).
**Doing a Restart**
Hapoalim is OK, using MD5 (As expected)
Leumi is OK, using MD5 (Fallback from the disabled SHA) (As expected)
Online changing SHA to True and refreshing both pages
Hapoalim is OK, using MD5 (As expected)
Leumi stays with MD5 – The change did not apply, online enabling doesn’t work (Bad).
So, it looks like online change for “security.ssl3.rsa_rc4_128_sha” in either toggle direction – does apply. It is applied only via FF restart.
Initial (after FF restart) – both ciphers are True
Hapoalim is OK, using MD5 (As expected)
Leumi is OK, using SHA (As expected)
Changing MD5 to False and refreshing both pages
Hapoalim is now using SHA, falling back since MD5 is now disabled (Good) (As expected)
Leumi stays with SHA (As expected)
Changing MD5 to True and refreshing both pages
Hapoalim stays with SHA – The change did not apply, online enabling doesn’t work (Bad).
Leumi stays with SHA (As expected)
So, it looks like online change for “security.ssl3.rsa_rc4_128_md5” is applied online only for blocking but not for enabling. It is applied only via FF restart.
As a helping reference, see both SSL server test for both sites, from Qualys:
Qualys SSL test for BankHapoalim
https://www.ssllabs.com/ssltest/analyze.html?d=www.bankhapoalim.co.il&s=81.218.18.149
Qualys SSL test for Leumi
https://www.ssllabs.com/ssltest/analyze.html?d=hb2.bankleumi.co.il
Qualys SSL test for Fibi
https://www.ssllabs.com/ssltest/analyze.html?d=fibi-online.co.il&s=62.128.33.11
Eitan Caspi
Actual results:
See above
Expected results:
See above
Reporter | ||
Updated•10 years ago
|
OS: Unspecified → Windows 7
Hardware: Unspecified → x86
Reporter | ||
Comment 1•10 years ago
|
||
OK, some updates:
1. You can also test using the site of https://www1.isracard.co.il/ which is behaving similar to the Fibi site
2. The Fibi and Isracard sites do get blocked if FF is starting with “security.tls.unrestricted_rc4_fallback” set to "False" and changing it online to be "True" and refreshing the pages works fine and the sites are loaded correctly with RC4 - but, the opposite doesn't work online - if you change the value to "False" and refresh the pages - the sites doesn't get blocked
Summary: Three RC4 issues → Several RC4 issues
Comment 2•10 years ago
|
||
A restart is required for some about:config changes to take effect — that's known and not a bug. If there's anything else that you're reporting here, numbered steps to reproduce, and succinct explanations of what's expected and the actual results would be appreciated.
https://developer.mozilla.org/docs/Mozilla/QA/Bug_writing_guidelines
As for the site problems, one bug report already existed; I filed the remaining three.
Bug 1138231
Bug 1165579
Bug 1165580
Bug 1165582
Comment 3•10 years ago
|
||
Hi Eitan,
Thanks for the report.
As mentioned in Comment 2, some prefs require a restart, some don't. This might just be a case of a cache returning previous content.
In any case, this is an advanced pref, so I don't think it needs to be restartless. I'll resolve this bug as invalid for now, but feel free to re-open if you really feel strongly about it.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Component: Untriaged → Security: PSM
OS: Windows 7 → All
Product: Firefox → Core
Hardware: x86 → All
Resolution: --- → INVALID
Summary: Several RC4 issues → Changing security.tls.unrestricted_rc4_fallback pref requires a restart to fully take effect
Reporter | ||
Comment 4•10 years ago
|
||
You focused on the lesser important issue here.
The main issue is that turning the RC4 fallback setting to "False" doesn't always work as there are sites that DO load OK with RC4 when this setting set to "False".
Repro:
1. Set "security.tls.unrestricted_rc4_fallback" to falls. Make sure all of the RC4 ciphers are set to "True"
2. Clear all FF history and cache and whatever you wish
3. Exit FF
4. Open FF
5. Open the sites of
a. https://www.bankhapoalim.co.il/ - it will load OK (bad - fallback should not have worked as "security.tls.unrestricted_rc4_fallback" is set to "False")
b. https://hb2.bankleumi.co.il - it will load OK (bad - fallback should have not worked as "security.tls.unrestricted_rc4_fallback" is set to "False")
c. https://www.fibi-online.co.il - will not load (good - since fallback is set to "False")
d. https://www1.isracard.co.il/ - will not load (good - since fallback is set to "False")
Please focus on this issue.
Thanks,
Eitan
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
Comment 5•10 years ago
|
||
(In reply to Eitan Caspi from comment #4)
> You focused on the lesser important issue here.
>
> The main issue is that turning the RC4 fallback setting to "False" doesn't
> always work as there are sites that DO load OK with RC4 when this setting
> set to "False".
Indeed, I misread your comments saying that restarts had no effect. Sorry about that!
> b. https://hb2.bankleumi.co.il - it will load OK (bad - fallback should have
> not worked as "security.tls.unrestricted_rc4_fallback" is set to "False")
Note that this site is no longer relevant; it's been fixed (see Bug 1138142, Bug 1165579 etc).
--------------------------------------
What is going on here is that https://hb2.bankleumi.co.il is part of the static whitelist found here:
https://hg.mozilla.org/integration/mozilla-inbound/annotate/3e18d65b28c3/security/manager/ssl/src/IntolerantFallbackList.inc#l160
As such, if "security.tls.insecure_fallback_hosts.use_static_list" is set to true, TLS intolerance fallbacks *and* RC4 fallbacks will occur for this site, regardless of what the value of "security.tls.unrestricted_rc4_fallback" is.
The final two sites listed are not on the whitelist (yet), and certainly not on Firefox 38, so this behaviour does not occur.
However, the same thing will also happen if e.g. you set "security.tls.insecure_fallback_hosts" to "www.fibi-online.co.il".
Status: UNCONFIRMED → NEW
Depends on: 1124039
Ever confirmed: true
Summary: Changing security.tls.unrestricted_rc4_fallback pref requires a restart to fully take effect → It's not obvious that "security.tls.insecure_fallback_hosts.use_static_list" and "security.tls.insecure_fallback_hosts" control RC4 fallback behaviour as well
Updated•10 years ago
|
Reporter | ||
Comment 6•10 years ago
|
||
Wow, OMG - you whithelist RC4 site globally in an online location. Amazing.
OK, I turned "security.tls.insecure_fallback_hosts.use_static_list" to "false" and now all RC4 sites are blocked.
BTW, https://hb2.bankleumi.co.il/ removed any RC4 support as I checked it now using
https://www.ssllabs.com/ssltest/analyze.html?d=hb2.bankleumi.co.il
I guess if the whole thing was explained better (at all?) somewhere in the web, it would have save the need for this bug (may it help others bumping into the same issue)
I guess you can close this bug if see fit.
Comment 7•9 years ago
|
||
The static list is gone.
Also, we have a UI to maintain "security.tls.insecure_fallback_hosts" now.
Summary: It's not obvious that "security.tls.insecure_fallback_hosts.use_static_list" and "security.tls.insecure_fallback_hosts" control RC4 fallback behaviour as well → It's not obvious that "security.tls.insecure_fallback_hosts.use_static_list" control RC4 fallback behaviour as well
Updated•9 years ago
|
Summary: It's not obvious that "security.tls.insecure_fallback_hosts.use_static_list" control RC4 fallback behaviour as well → It's not obvious that "security.tls.insecure_fallback_hosts" control RC4 fallback behaviour as well
Updated•9 years ago
|
Whiteboard: [psm-blocked]
Comment 9•8 years ago
|
||
Fixed by removing RC4 fallback.
Status: NEW → RESOLVED
Closed: 10 years ago → 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•