Open Bug 1755524 Opened 3 years ago Updated 1 year ago

Proxy tests: failing TLS connection to an origin server through an HTTP proxy

Tracking

()

Status:

NEW

People

(Reporter: dragana, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Dragana Damjanovic [:dragana]

Reporter

Description

•

3 years ago

•

Edited

The poxy should be:

insecure HTTP proxy
secure HTTP/1.1 proxy
HTTP/2 proxy

The tests should include TLS failures:

the proxy rejects the client ClientHello.
the proxy sends malformed ServerHello that will be rejected by the client.
the proxy sends certificates that will be rejected by the client.
NSS tolerates some errors and triggers a new connection in necko. We should have a server that would produce such behavior. There are multiple ways to get in such a situation, but a server that produces one such situation would be enough.

Valentin Gosu [:valentin] (he/him)

Comment 1

•

3 years ago

There's the node-tls package we could potentially use. Unfortunately it only supports TLS 1.1. There is a PR for TLS 1.2 though which we could try using to generate the TLS errors.

BMO Automation

Comment 2

•

1 year ago

Moving bug to Core/Networking: Proxy.

Component: Networking: HTTP → Networking: Proxy

BMO Automation

Comment 3

•

1 year ago

Moving bug to Core/Networking: Proxy

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Proxy tests: failing TLS connection to an origin server through an HTTP proxy

Categories

(Core :: Networking: Proxy, task, P2)

Tracking

()

People

(Reporter: dragana, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Comment 3