Closed
Bug 889749
Opened 11 years ago
Closed 11 years ago
weak cipher (only RC4-SHA) for FF sync for Android
Categories
(Firefox for Android Graveyard :: Android Sync, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: d3bdc6d495, Assigned: nalexander)
References
Details
(Keywords: qawanted, Whiteboard: [qa+][fixed in elm])
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0 (Beta/Release) Build ID: 20130618035212 Steps to reproduce: Using FF Mobile for Android (v22) on Samsung Galaxy S2 with Cyanogenmod 9 (-20121209-Nightly / Android 4.0.4) and my own Mozilla Sync Full-Server, FF Mobile Sync used just one weak cipher: RC4-SHA. I have to enable RC4 ciphers (additionally) in my apache config, that FF Sync works. Here is my apache config: SSLProtocol all -SSLv2 SSLHonorCipherOrder on SSLCipherSuite ALL:!LOW:!ADH:!EXPORT56:!RC2:!DES:!NULL:!eNULL:!MD5:+DHE-RSA-AES256-SHA:+DHE-DSS-AES256-SHA:+RC4 If I remove "+RC4" at the end, sync doesn't work. SSL/TLS handshake will fail with an SSL error from my server, because the client offers only one cipher (RC4-SHA). Here is one log entry from my apache. The request is from my android Dev.: [02/Jul/2013:22:30:53 +0200] 192.168.2.202 TLSv1 RC4-SHA "GET /ffsync/1.1/xxxxxxxx/storage/clients?full=1 HTTP/1.1" 1200 And here from a Windows FF client: [02/Jul/2013:22:28:17 +0200] 192.168.2.11 TLSv1 DHE-RSA-CAMELLIA256-SHA "GET /ffsync/1.1/xxxxxx/storage/tabs?newer=xxxxxxxxxxx&full=1 HTTP/1.1" 1096
Severity: normal → minor
OS: Windows XP → Android
Hardware: x86 → ARM
Updated•11 years ago
|
Component: General → Android Sync
Product: Firefox for Android → Android Background Services
Assignee | ||
Comment 1•11 years ago
|
||
(In reply to mitch from comment #0) > User Agent: Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 > Firefox/22.0 (Beta/Release) > Build ID: 20130618035212 > > Steps to reproduce: > > Using FF Mobile for Android (v22) on Samsung Galaxy S2 with Cyanogenmod 9 > (-20121209-Nightly / Android 4.0.4) and my own Mozilla Sync Full-Server, FF > Mobile Sync used just one weak cipher: RC4-SHA. > > I have to enable RC4 ciphers (additionally) in my apache config, that FF > Sync works. > > Here is my apache config: > > SSLProtocol all -SSLv2 > SSLHonorCipherOrder on > SSLCipherSuite > ALL:!LOW:!ADH:!EXPORT56:!RC2:!DES:!NULL:!eNULL:!MD5:+DHE-RSA-AES256-SHA:+DHE- > DSS-AES256-SHA:+RC4 > > If I remove "+RC4" at the end, sync doesn't work. > SSL/TLS handshake will fail with an SSL error from my server, because the > client offers only one cipher (RC4-SHA). Thanks for this outstanding sleuthing. I see no policy reason to limit Android Sync to just RC4-SHA, so I will investigate what it takes to add additional ciphers to the code base. needsinfo-ing myself as a reminder.
Flags: needinfo?(nalexander)
Comment 2•11 years ago
|
||
We settled on our current cipher list in Jan 2012 after a lengthy period of pain with Zeus + Android versions + consultation with infrasec, IIRC. I don't recall whether it wasn't possible to add stronger ciphers (because Android has issues with cipher names: Bug 717691), whether there was no overlap between a certain Android version and Zeus, or something else. By all means add stronger ciphers, but test exhaustively with different Android versions and our supported Sync service. Adding svc-ops and people who know. Are we still on Zeus? Is Zeus still on 8.0?
Status: UNCONFIRMED → NEW
Ever confirmed: true
replying offline to rnewman's question.
See Also: → 927045
Comment 5•11 years ago
|
||
It *might* be enough for us to attempt to set the cipher list to something good (albeit including RC4-SHA to avoid breaking existing third-party servers), and rely on our fallback code otherwise. If we can test that -- Sync *and* all of our other background ops -- on 2.2.2 (no later!), 2.3.4, and a 4.x, then I'm happy to call it good and ship it. My main concern is that I don't remember exactly the incompatibility that caused us to use this (sad but functional) unit intersection of cipher suites, and thus our testing must be extraordinarily thorough. When we stop supporting SDK 8 (2.2), then we can explore altogether less hacky solutions to this problem.
Comment 6•11 years ago
|
||
See http://op-co.de/blog/posts/android_ssl_downgrade/. I suspect the issue is related to that. I am guessing (don't have time to verify as I am on PTO) that it is possible to configure Android to enable additional cipher suites. Feel free to ping me for help.
Assignee | ||
Comment 7•11 years ago
|
||
This is a stop-gap -- intended for elm only -- to unblock FxAccounts work.
Attachment #820047 -
Flags: review?(rnewman)
Comment 8•11 years ago
|
||
Comment on attachment 820047 [details] [review] Work-around for elm only. Looks good. I'd even be inclined to spin a build against m-c, ask mobile QA to test it for Sync on our supported device ranges, and just ship it in 27 if all is good.
Attachment #820047 -
Flags: review?(rnewman) → review+
Assignee | ||
Comment 9•11 years ago
|
||
https://hg.mozilla.org/projects/elm/rev/589597d28687
Assignee: nobody → nalexander
Status: NEW → ASSIGNED
Flags: needinfo?(nalexander)
Keywords: qawanted
Whiteboard: [qa+][fixed in elm]
Assignee | ||
Comment 10•11 years ago
|
||
I've landed a smaller version of this change in elm. (Smaller because I took ciphersuites also enabled on desktop, which meant only adding 2 suites.) QA, could you take an elm build and verify that Sync works on the full range of Android devices we support? We're especially concerned about 2.2, 2.3, and 3.0. If we get good results here, we'll land this on mozilla-central.
Assignee | ||
Comment 11•11 years ago
|
||
> QA, could you take an elm build and verify that Sync works on the full range > of Android devices we support? We're especially concerned about 2.2, 2.3, > and 3.0. If we get good results here, we'll land this on mozilla-central. elm builds will be available at https://tbpl.mozilla.org/?tree=Elm&rev=589597d28687, although any later build will also work for testing.
Comment 12•11 years ago
|
||
I can help with this. Also adding Tracy and Marc... I have no 3.x Android devices. But I do have 2.2 and 4.x.
Comment 13•11 years ago
|
||
(In reply to James Bonacci [:jbonacci] from comment #12) > I have no 3.x Android devices. In fairness, *nobody* has 3.x Android devices -- they didn't sell well :P (I might have 3.x on my TF-101. I'll check.)
Comment 14•11 years ago
|
||
First successful sync between Android 2.2 device and desktop (very large profile) using the following build: http://ftp.mozilla.org/pub/mozilla.org/mobile/tinderbox-builds/elm-android/1382990738/ Specifically: http://ftp.mozilla.org/pub/mozilla.org/mobile/tinderbox-builds/elm-android/1382990738/fennec-27.0a1.en-US.android-arm.apk
Comment 15•11 years ago
|
||
OK. This looks good to me. Tried out several profiles, from simple to complex - bookmarks, passwords, history, tabs. No issues came up on the desktop side or the Android side.
Reporter | ||
Comment 16•11 years ago
|
||
(In reply to James Bonacci [:jbonacci] from comment #14) > profile) using the following build: > http://ftp.mozilla.org/pub/mozilla.org/mobile/tinderbox-builds/elm-android/ > 1382990738/ > Specifically: > http://ftp.mozilla.org/pub/mozilla.org/mobile/tinderbox-builds/elm-android/ > 1382990738/fennec-27.0a1.en-US.android-arm.apk Hi. I've also testetd your build on my dev (see 1.post, Cyanogenmod 9 (-20121209-Nightly / Android 4.0.4)). Looks great. 30/Oct/2013:07:10:01 +0100] 192.168.x.x TLSv1 DHE-RSA-AES128-SHA "GET /ffsync/1.1/xxxxxxxxxxxxxxxxxxxxxxxxxxx/info/collections HTTP/1.1" 174
Comment 17•11 years ago
|
||
I tried to install the build listed in comment 14, but it crashes at start on android 4.4.
Comment 18•11 years ago
|
||
Bug 934514 tracks the Kitkat crash.
Comment 19•11 years ago
|
||
OK, that might be a 4.4 issue then. I was on < 4.4 I think. I can retest this tomorrow.
Comment 20•11 years ago
|
||
Yep. As it turns out, I was testing on 4.3. I hesitate to flash either of them to 4.4 at the moment since I am still using 4.3 for testing. :nalexander do you want more QA visibility here? I can probably get a mobile QA to try this out...
Comment 21•11 years ago
|
||
I just tried the nightly fennec image from today (10 dec 2013 -> fennec-28.0a1.multi.android-arm.apk), and I still cannot sync with a server configured with FIPS compliant encryption. Did the patch make it into those nightlies?
Comment 22•11 years ago
|
||
(In reply to Renaud Allard from comment #21) > Did the patch make it into those nightlies? No. You'll see this bug change to RESOLVED FIXED, with a Target Milestone, when it lands.
Comment 23•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/589597d28687
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Comment 24•11 years ago
|
||
I just tested nightly 29.0a1 and I confirm it synced correctly from a server without RC4 support.
Comment 25•10 years ago
|
||
Sounds like we are all good then. I will skip my testing based on Comment 24.
Status: RESOLVED → VERIFIED
Comment 27•10 years ago
|
||
The patch only adds support for two more CBC ciphersuites under TLS 1.0. The correct patch would be acceptance of all the cipher suites FF already supports, especially the ones from TLS 1.2 suite B (RFC5288/RFC5289), TLS_(EC)DHE_(ECDSA|RSA)_WITH_AES_(128|256)_GCM_SHA(256|384). Using this https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher as an example, it's clear that CBC cipher suites using TLS 1.0 are not enough for an acceptable security level. Please consider adding support for those before marking this as "resolved".
Comment 28•10 years ago
|
||
N.B., this really isn't anything to do with Firefox in the traditional sense: it's about Android and its interaction with Sync servers. What Gecko supports doesn't have any bearing. Bug 717691 is no longer relevant as of Firefox 31, because we no longer support SDK 8. That might mean we can simply omit cipher specifications altogether, or specify a better set, and rely on the server to do the right thing. That's a follow-up bug, though, which I'll file.
Updated•10 years ago
|
Blocks: tls-everything
Updated•7 years ago
|
Product: Android Background Services → Firefox for Android
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•