Closed Bug 1781075 Opened 2 years ago Closed 2 years ago

Firefox does not correctly use ALPN data from HTTPS RR records

Categories

(Core :: Networking: DNS, defect, P1)

Product:
Core
Component:
Networking: DNS
Version:
Firefox 105
Platform:
All
Unspecified
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
105 Branch
Tracking Flags:
Tracking Status
firefox105 --- fixed

People

(Reporter: djackson, Assigned: djackson)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Attachments

(2 files)

Bug 1781075: Always offer http/1.1 in ALPN extension for TLS over TCP. r=dragana.
48 bytes, text/x-phabricator-request
Details | Review
Bug 1781075 - Add test cases for ECH connections with incorrect ALPN advertisements. r=dragana
48 bytes, text/x-phabricator-request
Details | Review

draft-ietf-dnsop-svcb-https-10 specifies how the ALPN protocols should be set in section 7.1.2:

To establish a connection to the endpoint, clients MUST

  1. Let SVCB-ALPN-Intersection be the set of protocols in the SVCB
    ALPN set that the client supports.

  2. Let Intersection-Transports be the set of transports (e.g. TLS,
    DTLS, QUIC) implied by the protocols in SVCB-ALPN-Intersection.

  3. For each transport in Intersection-Transports, construct a
    ProtocolNameList containing the Identification Sequences of all
    the client's supported ALPN protocols for that transport, without
    regard to the SVCB ALPN set.

For example, if the SVCB ALPN set is ["http/1.1", "h3"], and the
client supports HTTP/1.1, HTTP/2, and HTTP/3, the client could
attempt to connect using TLS over TCP with a ProtocolNameList of
["http/1.1", "h2"], and could also attempt a connection using QUIC,
with a ProtocolNameList of ["h3"].

When Firefox is making a TLS connection without a HTTPS RR it sets ALPN list (code) to include http/1.1 and also h2 if enabled and not excluded for this connection.

However, If a HTTPS RR is available, then Firefox uses its own logic to select the best single ALPN value and send that (see GetServiceModeRecordInternal and GetAllRecordsWithEchConfigInternal).

The correct behaviour is for Firefox to include the ALPN entries for any protocol it is willing to negotiate on that transport.

Whiteboard: [necko-triaged]

This change ensures that when Firefox is connecting over TCP, its ALPN extension always includes
http/1.1 and (if suitable) h2. Previously Firefox was overly restrictive and only included a
single ALPN value if the connection was informed by a HTTPS DNS resource record.

These tests set up an ECH server which will only negotiate http/1.1 in the TLS ALPN extension.
If the client doesn't send an ALPN offering at least http/1.1 the connection will fail with
SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL.

Depends on D153367

Blocks: httpssvc
Pushed by djackson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f0c3bba6383d
Always offer http/1.1 in ALPN extension for TLS over TCP. r=necko-reviewers,kershaw.
https://hg.mozilla.org/integration/autoland/rev/8badf082001c
Add test cases for ECH connections with incorrect ALPN advertisements. r=necko-reviewers,kershaw

https://hg.mozilla.org/mozilla-central/rev/f0c3bba6383d
https://hg.mozilla.org/mozilla-central/rev/8badf082001c

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox105: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 105 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: