Closed Bug 1927797 Opened 1 year ago Closed 8 months ago

Certificate Compression for QUIC

Categories

(NSS :: Libraries, task, P2)

Product:

Component:

Type:

task

Priority:

P2

Severity:

N/A

Tracking

(firefox143 affected)

Status:

RESOLVED FIXED

Tracking Flags:

Tracking

Status

firefox143

---

affected

People

(Reporter: dexgerig, Assigned: anna.weine)

References

(Blocks 1 open bug)

Details

Attachments

(3 files, 3 obsolete files)

WIP: Bug 1927797 - Example exposing zlib in neqo_glue 1 year ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1927797 - Enable zlib in neqo_glue 9 months ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review
WIP: Bug 1927797 - Enable zstd in neqo_glue 9 months ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review
WIP: Bug 1927797 - Enable brotli in neqo_glue 9 months ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1927797 - Enable zstd in neqo_glue using c zstd implementation 8 months ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1927797 - Enable brotli in neqo_glue 8 months ago Anna Weine 48 bytes, text/x-phabricator-request		Details \| Review

Reporter

Description

•

1 year ago

Steps to reproduce:

Run Firefox 132 and attempt to make a connection to any site that supports QUIC.

Actual results:

A TLS ClientHello is sent without a compress_certificate extension leading to the server sending an uncompressed certificate for the QUIC connection.

Expected results:

The compress_certificate extension is sent and a compressed certificate is allowed to be used.

Reporter

Comment 1

•

1 year ago

Filing this as a defect because as far as I can tell the original certificate compression bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1548723) seems to indicate that QUIC was intended to work with certificate compression "... most certificate chains are cut in size by enough to matter. Especially for QUIC."

I couldn't find anything in the code or any other bug reports indicating that this intent had changed to not have it work with QUIC so I am putting this more in the bug category.

Assignee

Updated

•

1 year ago

Severity: -- → S2

Priority: -- → P2

Assignee

Updated

•

1 year ago

Blocks: QUIC

Assignee

Updated

•

1 year ago

Blocks: 1548723

Lars Eggert [:lars]

Comment 2

•

1 year ago

•

This is something we're currently not doing, and we should. The neqo_glue code should hook in the same functions we use for TCP/TLS.

See https://github.com/mozilla/neqo/issues/2213

Assignee

Comment 3

•

1 year ago

Attached file WIP: Bug 1927797 - Example exposing zlib in neqo_glue (obsolete) — Details

Assignee

Updated

•

1 year ago

Depends on: 1961162

Assignee

Updated

•

11 months ago

Type: defect → task

Christoph Kerschbaumer [:ckerschb}

Updated

•

11 months ago

Assignee: nobody → anna.weine

Severity: S2 → N/A

Phabricator Automation

Updated

•

9 months ago

Attachment #9479645 - Attachment is obsolete: true

Assignee

Updated

•

9 months ago

See Also: → https://github.com/mozilla/neqo/pull/2592

Assignee

Comment 4

•

9 months ago

Attached file Bug 1927797 - Enable zlib in neqo_glue — Details

Assignee

Comment 5

•

9 months ago

Attached file WIP: Bug 1927797 - Enable zstd in neqo_glue (obsolete) — Details

Assignee

Comment 6

•

9 months ago

Attached file WIP: Bug 1927797 - Enable brotli in neqo_glue (obsolete) — Details

Updated

•

9 months ago

Depends on: 1975873

Phabricator Automation

Updated

•

9 months ago

Attachment #9497889 - Attachment description: WIP: Bug 1927797 - Enable Zlib in neqo_glue → WIP: Bug 1927797 - Enable zlib in neqo_glue

Phabricator Automation

Updated

•

9 months ago

Attachment #9497889 - Attachment description: WIP: Bug 1927797 - Enable zlib in neqo_glue → Bug 1927797 - Enable zlib in neqo_glue

Comment 7

•

8 months ago

Pushed by nkulatova@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/b7fb637f7a0d https://hg.mozilla.org/integration/autoland/rev/0eab70f2e6d8 Enable zlib in neqo_glue r=necko-reviewers,kershaw,mxinden

Sandor Molnar[:smolnar]

Comment 8

•

8 months ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/0eab70f2e6d8

Status: UNCONFIRMED → RESOLVED

Closed: 8 months ago

status-firefox143: --- → fixed

Resolution: --- → FIXED

Updated

•

8 months ago

Depends on: 1979279

Updated

•

8 months ago

No longer depends on: 1979279

Takanori MATSUURA

Comment 9

•

8 months ago

Reopened for unpublished patches.

Status: RESOLVED → REOPENED

Ever confirmed: true

Keywords: leave-open

Resolution: FIXED → ---

BugBot [:suhaib / :marco/ :calixte]

Updated

•

8 months ago

status-firefox143: fixed → affected

Comment 10

•

8 months ago

I accidentally added a dependency to Bug 1979279 here. I don't think this Bug needs to be reopened.

Phabricator Automation

Updated

•

8 months ago

Attachment #9498577 - Attachment description: WIP: Bug 1927797 - Enable zstd in neqo_glue → Bug 1927797 - Enable zstd in neqo_glue

Phabricator Automation

Updated

•

8 months ago

Attachment #9498577 - Attachment description: Bug 1927797 - Enable zstd in neqo_glue → WIP: Bug 1927797 - Enable zstd in neqo_glue

Assignee

Comment 11

•

8 months ago

Attached file Bug 1927797 - Enable zstd in neqo_glue using c zstd implementation — Details

Phabricator Automation

Updated

•

8 months ago

Attachment #9505172 - Attachment description: WIP: Bug 1927797 - Enable zstd in neqo_glue using c zstd implementation → Bug 1927797 - Enable zstd in neqo_glue using c zstd implementation

Assignee

Comment 12

•

8 months ago

Attached file Bug 1927797 - Enable brotli in neqo_glue — Details

Phabricator Automation

Updated

•

8 months ago

Attachment #9505751 - Attachment description: WIP: Bug 1927797 - Enable brotli in neqo_glue → Bug 1927797 - Enable brotli in neqo_glue

Comment 13

•

8 months ago

Pushed by nkulatova@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/0cfb08009948 https://hg.mozilla.org/integration/autoland/rev/e0e6fc39ba72 Enable zstd in neqo_glue using c zstd implementation r=necko-reviewers,jesup,keeler https://github.com/mozilla-firefox/firefox/commit/bc7e1c135a52 https://hg.mozilla.org/integration/autoland/rev/ab39f564b2e0 Enable brotli in neqo_glue r=necko-reviewers,jesup,keeler

Comment 14

•

8 months ago

Pushed by ctodea@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/cae0d3cf60a5 https://hg.mozilla.org/integration/autoland/rev/42d31161aaa1 Revert "Bug 1927797 - Enable brotli in neqo_glue r=necko-reviewers,jesup,keeler" for causing build bustages

ctodea@mozilla.com

Comment 15

•

8 months ago

Backed out for causing build bustages

- Backout link
- Push with failures
- Failure log

Flags: needinfo?(anna.weine)

Comment 16

•

8 months ago

Pushed by nkulatova@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/a50c89cb6bf4 https://hg.mozilla.org/integration/autoland/rev/7925b8e5ef36 Enable zstd in neqo_glue using c zstd implementation r=necko-reviewers,jesup,keeler

Comment 17

•

8 months ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/7925b8e5ef36

Comment 18

•

8 months ago

Pushed by nkulatova@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/82a36439ae3e https://hg.mozilla.org/integration/autoland/rev/992c0c5e28b7 Enable brotli in neqo_glue r=necko-reviewers,jesup,keeler

Phabricator Automation

Updated

•

8 months ago

Attachment #9498577 - Attachment is obsolete: true

Phabricator Automation

Updated

•

8 months ago

Attachment #9498587 - Attachment is obsolete: true

Narcis Beleuzu [:NarcisB]

Comment 19

•

8 months ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/992c0c5e28b7

Assignee

Updated

•

8 months ago

Status: REOPENED → RESOLVED

Closed: 8 months ago → 8 months ago

Flags: needinfo?(anna.weine)

Resolution: --- → FIXED

BugBot (nomail) [:suhaib / :marco/ :calixte]

Updated

•

8 months ago

Keywords: leave-open

You need to log in before you can comment on or make changes to this bug.