Closed Bug 1651738 Opened 4 years ago Closed 4 years ago

Enable deprecated TLS in 79

Categories

(GeckoView :: General, defect, P1)

Product:
GeckoView
Component:
General
Version:
79 Branch
Platform:
Unspecified
All
Type:
defect

Tracking

(firefox79 fixed, firefox80 wontfix)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox79 --- fixed
firefox80 --- wontfix

People

(Reporter: snorp, Assigned: snorp)

Details

Attachments

(1 file)

Bug 1651738 - Enable deprecated TLS for GeckoView 79
47 bytes, text/x-phabricator-request
RyanVM
: approval-mozilla-beta+
Details | Review

We don't have the proper error page support for this in Fenix, so we need to delay the deprecation until 80.

Assignee: nobody → snorp
Status: NEW → ASSIGNED

Comment on attachment 9163210 [details]
Bug 1651738 - Enable deprecated TLS for GeckoView 79

Beta/Release Uplift Approval Request

  • User impact if declined: Unable to access sites that use TLS 1.0/1.1
  • Is this code covered by automated tests?: No
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: Yes
  • If yes, steps to reproduce: Navigate to https://tls-v1-0.badssl.com:1010/

It should load successfully.

  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): While it's not ideal to allow TLS 1.0/1.1 to continue to function, this is the status quo.
  • String changes made/needed: None
Attachment #9163210 - Flags: approval-mozilla-beta?
Flags: qe-verify+

Comment on attachment 9163210 [details]
Bug 1651738 - Enable deprecated TLS for GeckoView 79

Approved for 79.0b8/GV79.

Attachment #9163210 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

https://hg.mozilla.org/releases/mozilla-beta/rev/4876f856bb07

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox79: --- → fixed
status-firefox80: --- → wontfix
Resolution: --- → FIXED
QA Whiteboard: [qa-triaged]

I verified the issue using Firefox 79.0b8 on Win 8.1 x64, macOS 10.15 and Ubuntu 18.04 x64. Navigating to https://tls-v1-0.badssl.com:1010/ first prompted the error page: "Secure Connection Failed", then clicking on the button "Enable TLS 1.0 and 1.1", the red page was loaded.
Is this the expected flow or should the red page load without enabling TLS by clicking on button?

Flags: needinfo?(snorp)
Flags: needinfo?(snorp)
Flags: needinfo?(snorp)

(In reply to Timea Zsoldos [:zstimi/tzsoldos], Desktop Release QA from comment #5)

I verified the issue using Firefox 79.0b8 on Win 8.1 x64, macOS 10.15 and Ubuntu 18.04 x64. Navigating to https://tls-v1-0.badssl.com:1010/ first prompted the error page: "Secure Connection Failed", then clicking on the button "Enable TLS 1.0 and 1.1", the red page was loaded.
Is this the expected flow or should the red page load without enabling TLS by clicking on button?

No. This change only affects GeckoView (not desktop). To test, you'd need to install the example app on a phone. You should be able to navigate to the URL above without any error pages appearing.

Flags: needinfo?(snorp)
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: