Padlock in URL bar is sometimes missing when a FPN session is active
Categories
(Core :: Networking, defect, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr68 | --- | unaffected |
firefox74 | --- | unaffected |
firefox75 | --- | unaffected |
firefox76 | --- | disabled |
firefox77 | --- | verified |
People
(Reporter: Fanolian+BMO, Assigned: kershaw)
References
(Regression)
Details
(Keywords: nightly-community, regression, reproducible, Whiteboard: [necko-triaged])
Attachments
(3 files)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0
Build ID: 20200406092400
Steps to reproduce
The issue randomly appears when I am surfing the net and it can occur to any website. Here is a fairly reliable way to reproduce it for me:
- Open Nightly with a new profile.
- Install Firefox Private Network browser extension (FPN) v21.
- Log in to FPN. Activate a session.
- Visit https://www.google.com/ (or any webpage). Let it finish loading.
- Shift-left-click the reload icon on toolbar to reload the page.
Actual result
The padlock icon in the URL bar is replaced by ⓘ. Please refer to the attached screenshot.
Expected result
A padlock is shown.
Workaround
- Toggle
network.ssl_tokens_cache_enabled
tofalse
and reload the page; OR - Pause the FPN session and reload the page.
Notes
I have tried FPN v20 and v21. Both of them exhibit the same bug.
From Mozregression:
Last good Nightly: 2020-03-17
First bad Nightly: 2020-03-18
pushlog: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=7c83f04c82e9ef6c1d2823a64aedd34a79a90eb9&tochange=737aba43bfa1685fa15a9b542636b959397603a8
From autoland build
pushlog: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=8e3cf2cbb2dc2cc4624b65570fffb62c8be164ae&tochange=c5a8b641d9050b73462b24cfea6dd89833e560b6
This should be regressed by bug 1607257.
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 2•5 years ago
•
|
||
The problem here is that we only call SSL_SetResumptionTokenCallback when creating a new nsSocketTransport
, but the same socket transport would be reused when connecting to https proxy. In this case, we only save the resumption token for the connection of secure proxy and the token for www.google.com
is not saved. As a result, the session resumption is failed because the token is missing.
I think we should call SSL_SetResumptionTokenCallback
when a new nsNSSSocketInfo
is created.
Assignee | ||
Comment 3•5 years ago
|
||
Updated•5 years ago
|
Comment 6•5 years ago
|
||
bugherder |
Updated•5 years ago
|
Updated•5 years ago
|
Comment 7•5 years ago
|
||
I have verified that this is no longer reproducible on Firefox Nighlty 78.0a1 (Build ID 20200510212656) using Windows 10 x64 and Mac OS 10.14.6 .
The padlock is shown and active. (checked multiple sites)
Attaching postfix screenshot.
Comment 8•5 years ago
|
||
Description
•