Closed Bug 898431 Opened 11 years ago Closed 10 years ago

Update Mozilla to use NSS that support false start and OCSP GET (likely 3.15.4) (once it's ready)

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
25 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla29
Tracking Flags:
Tracking Status
firefox25 - wontfix
firefox26 - wontfix
firefox27 + fixed
firefox28 --- verified
firefox29 --- fixed
firefox-esr24 27+ fixed
b2g18 --- fixed
b2g-v1.1hd --- fixed
b2g-v1.2 --- fixed
b2g-v1.3 --- fixed
b2g-v1.4 --- fixed

People

(Reporter: KaiE, Assigned: briansmith)

References

Details

Attachments

(4 files)

NSS_3_15_4_BETA2-with-configure.in-bump.patch
976 bytes, patch
briansmith
: review+
bajaj
: approval-mozilla-aurora+
lsblakk
: approval-mozilla-esr24+
praghunath
: approval-mozilla-b2g18+
praghunath
: approval-mozilla-b2g26+
Details | Diff | Splinter Review
NSS 3.15.4 for esr24 (with configure.in bump)
1.11 MB, patch
briansmith
: review+
Details | Diff | Splinter Review
NSS 3.15.4 for b2g18 (with configure.in bump)
3.99 MB, patch
briansmith
: review+
Details | Diff | Splinter Review
patch to update client.py to rev. b20eab2be2dc
5.08 KB, patch
Details | Diff | Splinter Review 
Update Mozilla 25 to use NSS 3.15.2 (once it's ready)

The NSS 3.15.2 release is apparently required to support bug 658222, which currently relies on a non-released patch, applied locally in mozilla-central.
Blocks: tls-false-start
Depends on: 713933
Just created a NSS_3_15_2_BETA2 tag.
Should be pushed to mozilla-central.
We'd like to create a final release of NSS 3.15.2 in the next few days, ideally early next week.

The driver for the release is bug 713933, which is currently waiting for Wan-Teh's review. The hope is to get that done and released, prior to next Tuesday, prior to having Mozilla's patched version of NSS being escalated into mozilla-beta.

Optionally bug 909162 and bug 915408 might get included, if they happen to be ready in time, too.
This affects mozilla25, the upgrade to a released version of NSS 3.15.2 is mandatory, so I'm requesting approval for aurora, which currently is mozilla25.

(In case this work cannot be done prior to Tuesday (Sep 16), we'll have to ask for beta approval, too.)
status-firefox25: --- → affected
tracking-firefox25: --- → ?
This won't make it onto Aurora 25, so we'll have to take this on Beta (for next week) if we agree on risk/reward. Please expedite as much as possible.
Assignee: nobody → kaie
tracking-firefox25: ?+
Please take it on Beta, reward is high as 3.15.2 also includes more secure AES-GCM ciphers.
NSS_3_15_2_BETA2 pushed to mozilla-inbound:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0800319e3694
Whiteboard: [leave open]
For mozilla-beta, see the patch in bug 920248 that reverts NSS to an unmodified NSS 3.15.1 RTM. We won't need to uplift NSS 3.15.2 to Firefox 25 once we check in that patch.
tracking-firefox25: +?
Kai: given the new plan, I propose that you change the version strings on
the NSS trunk to final and create the NSS_3_15_2_RTM hg tag. The only change
since NSS_3_15_2_BETA2 should be this checkin:
https://hg.mozilla.org/projects/nss/rev/141fae8fb2e8

I'll be happy to review your NSS_3_15_2_RTM hg tag before you announce or
use it. Thanks.
Sure, let's release 3.15.2 now - without false start fixes.

However, what's the plan for mozilla 26 (currently aurora) ?

According to bug 920248, at this time, you propose to simply disable the pref in mozilla 26, but keep the code checked in?

This means, the target of this bug changes to aurora 26, I'm updating the subject.

Since you keep the code on aurora 26 (instead of backing out like on beta 25),
we will still require an updated NSS.

Since you propose to release NSS 3.15.2 without the needed code, you'll require NSS 3.15.3 containing a fixed bug 713933 within the next 4 weeks. Is that your updated plan?
Summary: Update Mozilla 25 to use NSS 3.15.2 (once it's ready) → Update Mozilla 26 to use NSS 3.15.3 (once it's ready)
Bug 920248 is now intended to cleanup mozilla beta 25,
and this bug should get flags for mozilla 26
status-firefox26: --- → affected
tracking-firefox26: --- → ?
(In reply to Brian Smith (:briansmith, was :bsmith@mozilla.com) from comment #8)
> For mozilla-beta, see the patch in bug 920248 that reverts NSS to an
> unmodified NSS 3.15.1 RTM. We won't need to uplift NSS 3.15.2 to Firefox 25
> once we check in that patch.

Thanks, no longer tracking for FF25.
tracking-firefox25: ?-
tracking-firefox26: ?+
(In reply to Alex Keybl [:akeybl] from comment #12)
> (In reply to Brian Smith (:briansmith, was :bsmith@mozilla.com) from comment
> #8)
> > For mozilla-beta, see the patch in bug 920248 that reverts NSS to an
> > unmodified NSS 3.15.1 RTM. We won't need to uplift NSS 3.15.2 to Firefox 25
> > once we check in that patch.
> 
> Thanks, no longer tracking for FF25.

Right, for the original motiviation cited in this bug, it's no longer necessary. This bug here only tracks FF26 and newer.

However, please see bug 921090 which now tracks FF25.
See Also: → 928142
Since false start is disabled in mozilla-central, this doesn't depend on bug 713933 any more. However, we either need to land bug 932176 at the same time as we land NSS 3.15.3, or we need to write the tests for bug 871954. It seems like the tests for bug 871954 are going to take longer to do than it will take to land bug 932176.
Blocks: 861266
Depends on: 932176
No longer depends on: 713933
Removing target version from bug summary.
Summary: Update Mozilla 26 to use NSS 3.15.3 (once it's ready) → Update Mozilla to use NSS 3.15.3 (once it's ready)
I believe this bug no longer targets Mozilla 26. Should the tracking26 flags be cleared?
Depends on: 934378
status-firefox28: --- → fixed
Target Milestone: mozilla25 → mozilla28
Summary: Update Mozilla to use NSS 3.15.3 (once it's ready) → Update Mozilla to use NSS that support false start and OCSP GET (likely 3.15.4) (once it's ready)
It's not clear if this targets mozilla27 or mozilla28.

It might target mozilla27, as Brian hasn't yet backed out the false start work from mozilla27.
We'll see if it gets ready in time.
removing 26 tracking in that case, will see if this makes 27.
status-firefox27: --- → affected
tracking-firefox26: +-
tracking-firefox27: --- → ?
We must test the new alternative NSS version 3.15.3, a NSS_3_15_3_BETA3 tag already exists. This update be tracked in bug 935959.

However, current mozilla-central uses an alternative branch, with different work, that's also named 3.15.3, beta2. That work has been renumbered and will become 3.15.4.

We should clean up potential confusion.

One of the patches going into the NEW 3.15.3 is NOT YET being tested on mozilla-central.

Ideally, the least confusing approach would be: Test the new 3.15.3 on mozilla-central.

Unfortunately, this least confusing approach would require us to back out several application level changes from PSM in mozilla-central...

Therefore I propose:

- create a NSS 3.15.4 Beta1 tag, which includes all the patches going into 3.15.3,
  and land it into mozilla-central ASAP

- land the NEW 3.15.3 into mozilla-aurora, allowing this combination of patches
  to get some testing, prior to uplifting it to the stable branches like 26 and ESR 24.
> One of the patches going into the NEW 3.15.3 is NOT YET being tested on
> mozilla-central.
> ...
> - create a NSS 3.15.4 Beta1 tag, which includes all the patches going into
>   3.15.3, and land it into mozilla-central ASAP

https://hg.mozilla.org/integration/mozilla-inbound/rev/f396166fb1a5
[Approval Request Comment]
Bug caused by (feature/regressing bug #): 

User impact if declined: Cannot uplift TLS 1.2 (bug 861266), TLS False Start (bug 920248, perf), or new cipher suite list (bug 934663, perf). Possibly problems on Linux systems that use system NSS due to changes in the default OCSP logic that are disabled in the patch for bug 928142. All of those bugs depend on NSS 3.15.4.

Testing completed (on m-c, etc.): Most of NSS 3.15.4 has been on mozilla-central since 2013-11-01. Some of the changes (false start) were even on mozilla-aurora until we switched mozilla-aurora to NSS 3.15.3 last week.

Risk to taking this patch (and alternatives if risky): There were changes to NSS's OCSP behavior that are only partially tested in Gecko's test suite. Unfortunately, this is a catch-22: in order to disable the new behavior until we've tested it, we need to update to the new version that actually makes the change, because that new version is the only version that allows us to disable the new behavior.

String or IDL/UUID changes made by this patch: None

This uplift is very important because of the OCSP GET issue and also because we'd like to uplift at least some of the functionality mentioned above to mozilla-aurora this week as well. The sooner we uplift NSS 3.15.4, the less risk there will be to doing the other changes.

Please approve bug 928142 for uplift at the same time.
Attachment #830023 - Flags: review+
Attachment #830023 - Flags: approval-mozilla-aurora?
BTW, the NSS update command sequence is:

hg pull m-c
hg pull -u m-a
python client.py update_nss NSS_3_15_4_BETA2
hg add security/nss/tests/chains/scenarios/method.cfg
hg commit -m "Bug 898431: Update to NSS 3.15.4 beta 2 (NSS_3_15_4_BETA2), r=me, a=?"
<apply the patch in this bug to bump the required version number in configure.in>
hg graft 8dbd3f432835

> Please approve bug 928142 for uplift at the same time.

I meant bug 932176. (Bug 928142 is the NSS bug for adding the option; bug 932176 is the bug for using that option in Gecko.)
Depends on: 935831
(In reply to Kai Engert (:kaie) from comment #22)
> > One of the patches going into the NEW 3.15.3 is NOT YET being tested on
> > mozilla-central.
> > ...
> > - create a NSS 3.15.4 Beta1 tag, which includes all the patches going into
> >   3.15.3, and land it into mozilla-central ASAP
> 
> https://hg.mozilla.org/integration/mozilla-inbound/rev/f396166fb1a5

<briansmith> BTW, there is a step three: back out NSS 3.15.4 beta 1

https://hg.mozilla.org/integration/mozilla-inbound/rev/9f5ebea82f7e

security/nss/TAG-INFO is now NSS_3_15_3_BETA2 on mozilla-inbound.
Relanded NSS_3_15_4_BETA2:
https://hg.mozilla.org/integration/mozilla-inbound/rev/a7c14ac087de

The conclusion from bug-hunting that we did that caused us to back out NSS_3_15_4 turned out to be incorrect, after further review. Further, backing out NSS_3_15_4_BETA2 re-introduced bug 935847 and other significant bugs. So, the cure was worse than the disease, especially since the cure doesn't seem likely to cure anything.
(In reply to Brian Smith (:briansmith, was :bsmith; Please NEEDINFO? me if you want a response) from comment #25)
> Created attachment 830023 [details] [diff] [review]
> NSS_3_15_4_BETA2-with-configure.in-bump.patch
> 
> [Approval Request Comment]
> Bug caused by (feature/regressing bug #): 
> 
> User impact if declined: Cannot uplift TLS 1.2 (bug 861266), TLS False Start
> (bug 920248, perf), or new cipher suite list (bug 934663, perf). Possibly
> problems on Linux systems that use system NSS due to changes in the default
> OCSP logic that are disabled in the patch for bug 928142. All of those bugs
> depend on NSS 3.15.4.
> 
> Testing completed (on m-c, etc.): Most of NSS 3.15.4 has been on
> mozilla-central since 2013-11-01. Some of the changes (false start) were
> even on mozilla-aurora until we switched mozilla-aurora to NSS 3.15.3 last
> week.
> 
> Risk to taking this patch (and alternatives if risky): There were changes to
> NSS's OCSP behavior that are only partially tested in Gecko's test suite.
> Unfortunately, this is a catch-22: in order to disable the new behavior
> until we've tested it, we need to update to the new version that actually
> makes the change, because that new version is the only version that allows
> us to disable the new behavior.
> 
> String or IDL/UUID changes made by this patch: None
> 
> This uplift is very important because of the OCSP GET issue and also because
> we'd like to uplift at least some of the functionality mentioned above to
> mozilla-aurora this week as well. The sooner we uplift NSS 3.15.4, the less
> risk there will be to doing the other changes.
> 
> Please approve bug 928142 for uplift at the same time.

Don't see any nomination in 928142 yet. That is needed for this to land, correct ?
tracking-firefox27: ?+
(In reply to bhavana bajaj [:bajaj] from comment #30)
> (In reply to Brian Smith (:briansmith, was :bsmith; Please NEEDINFO? me if
> you want a response) from comment #25)
> > Created attachment 830023 [details] [diff] [review]
> > NSS_3_15_4_BETA2-with-configure.in-bump.patch
> > 
> > [Approval Request Comment]
> > Bug caused by (feature/regressing bug #): 
> > 
> > User impact if declined: Cannot uplift TLS 1.2 (bug 861266), TLS False Start
> > (bug 920248, perf), or new cipher suite list (bug 934663, perf). Possibly
> > problems on Linux systems that use system NSS due to changes in the default
> > OCSP logic that are disabled in the patch for bug 928142. All of those bugs
> > depend on NSS 3.15.4.
> > 
> > Testing completed (on m-c, etc.): Most of NSS 3.15.4 has been on
> > mozilla-central since 2013-11-01. Some of the changes (false start) were
> > even on mozilla-aurora until we switched mozilla-aurora to NSS 3.15.3 last
> > week.
> > 
> > Risk to taking this patch (and alternatives if risky): There were changes to
> > NSS's OCSP behavior that are only partially tested in Gecko's test suite.
> > Unfortunately, this is a catch-22: in order to disable the new behavior
> > until we've tested it, we need to update to the new version that actually
> > makes the change, because that new version is the only version that allows
> > us to disable the new behavior.
> > 
> > String or IDL/UUID changes made by this patch: None
> > 
> > This uplift is very important because of the OCSP GET issue and also because
> > we'd like to uplift at least some of the functionality mentioned above to
> > mozilla-aurora this week as well. The sooner we uplift NSS 3.15.4, the less
> > risk there will be to doing the other changes.
> > 
> > Please approve bug 928142 for uplift at the same time.
> 
> Don't see any nomination in 928142 yet. That is needed for this to land,
> correct ?

whoops, just saw comment #26, nvm
Attachment #830023 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Brian, are you sure you want to update aurora to 3.15.4-beta? Wouldn't it be better to wait until 3.15.4-rtm?
https://hg.mozilla.org/integration/mozilla-inbound/rev/35c1e12a0772

(In reply to Kai Engert (:kaie) from comment #32)
> Brian, are you sure you want to update aurora to 3.15.4-beta? Wouldn't it be
> better to wait until 3.15.4-rtm?

Yes, because we need to get as much testing of TLS 1.2 on beta as we can, and 3.15.4 RTM won't be ready for at least another week, I think.
NSS 3.15.4 BETA 3 (NSS_3_15_4_BETA3):
https://hg.mozilla.org/integration/mozilla-inbound/rev/35c1e12a0772
https://hg.mozilla.org/releases/mozilla-aurora/rev/7c8ba61dabfe

Note that I updated configure.in on mozilla-aurora to refer to NSS 3.15.4
My patch for mozilla-central did not remove the references to the private false start patch in security/patches. I removed them with this checkin:
https://hg.mozilla.org/integration/mozilla-inbound/rev/270522e6c504
No longer blocks: 920248
beta 5, removing the private patch for bug 935831 since a proper fix for that bug was added to NSS.
https://hg.mozilla.org/integration/mozilla-inbound/rev/c3b13e75034a
3.15.4 is not yet released, it got delayed by bug 942152 (because it wasn't clear how to deal with it).

You should probably back out the NSS beta from aurora 27, which will turn into beta 27 tomorrow.
Brian, what are the implications of this change for our users? Is there anything QA should be looking out for in Firefox 28?
Flags: needinfo?(brian)
(In reply to Kai Engert (:kaie) from comment #49)
> 3.15.4 is not yet released, it got delayed by bug 942152 (because it wasn't
> clear how to deal with it).
> 
> You should probably back out the NSS beta from aurora 27, which will turn
> into beta 27 tomorrow.

Yes, as of now it's impossible to build 27.0b2 using --with-system-nss, because 3.15.4 is still unavailable.

configure:15076: checking for NSS - version >= 3.15.4
configure: error: you don't have NSS installed or your version is too old

It's not the first time it happens, and is annoying for distributors. Please stop depending on unreleased versions...
Assignee: kaie → nobody
(In reply to Landry Breuil (:gaston) from comment #51)
> Yes, as of now it's impossible to build 27.0b2 using --with-system-nss,
> because 3.15.4 is still unavailable.
> 
> It's not the first time it happens, and is annoying for distributors. Please
> stop depending on unreleased versions...

Let's take this discussion to dev-tech-crypto, instead of having it here.
Flags: needinfo?(brian)
(In reply to Anthony Hughes, QA Mentor (:ashughes) from comment #50)
> Brian, what are the implications of this change for our users? Is there
> anything QA should be looking out for in Firefox 28?

The main risk is that some compatibility issue will cause some SSL websites to stop working. See bug 946147 for example. Last week, I met with mwobensmith about doing a semi-automatic compatibility verification across a very large number of SSL servers, to verify that we haven't regressed compatibility. I am going to be talking to him again today. I suggest you follow up with mwobensmith tomorrow.
Thanks Brian, for now I'm flagging this to be verified as you suggested, exploratory testing of many SSL websites.
Keywords: verifyme
We performed further exploratory testing around some SSL websites starting with the list provided by Brian in bug 946147 in comment 7, using latest Aurora 28.0a2 under different OS`s. No new issues were found except some warnings related to RFC 5746. For more details please take a look at https://etherpad.mozilla.org/Fx28-0a2-TLS-SSL. 
Based on the above I`m marking this as verified fixed on 28.0a2.
status-firefox28: fixedverified
Keywords: verifyme
Depends on: 952492
NSS_3_15_4_BETA9 pushed to mozilla-inbound:
https://hg.mozilla.org/integration/mozilla-inbound/rev/81ab8a7cca29

I expect NSS_3_15_4_BETA9 to be the last NSS 3.15.4 Beta. Because of the upcoming
holidays, I want to wait until we come back to work on January 2nd to release
NSS_3_15_4_RTM.
The release notes aren't ready yet, but the 3.15.4 RTM has been tagged. You probably want to update the mozilla-beta and mozilla-aurora branches to pick it up ASAP. Brian, do you want to work on that?
Assignee: nobody → brian
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Whiteboard: [leave open]
Target Milestone: mozilla28 → mozilla29
Depends on: 958129
Comment on attachment 830023 [details] [diff] [review]
NSS_3_15_4_BETA2-with-configure.in-bump.patch

[Approval Request Comment]
User impact if declined: Security bugs fixed in NSS 3.15.4 will be present in ESR 24, and/or the various B2G versions.
Testing completed: Landed on mozilla-central, mozilla-aurora, and mozilla-beta incrementally over the last few weeks with no regressions. Final version has been on all three of those channels since Monday, and on mozilla-central since last week.

Risk to taking this patch (and alternatives if risky): There are changes in NSS 3.15.4 other than the security bug fixes. The changes to OCSP and cipher suite configuration are still undergoing more widespread compatibility testing now. Also, see bug 958129.

An alternative to taking this patch would be to pull out the security fixes into a special NSS release. However, the problem with doing that is that we wouldn't be running the full suite of NSS tests on that special version of NSS. This adds its own risks. Also, we've not created such special security-fix-only releases of NSS, at least in the last three years, IIRC.

String or UUID changes made by this patch: None.
Attachment #830023 - Flags: approval-mozilla-esr24?
Attachment #830023 - Flags: approval-mozilla-b2g28?
Attachment #830023 - Flags: approval-mozilla-b2g26?
Attachment #830023 - Flags: approval-mozilla-b2g18?
Comment on attachment 830023 [details] [diff] [review]
NSS_3_15_4_BETA2-with-configure.in-bump.patch

b2g28 = aurora for this cycle :)
Attachment #830023 - Flags: approval-mozilla-b2g28?
Attachment #830023 - Flags: approval-mozilla-esr24? → approval-mozilla-esr24+
Here's what I did to generate this:

python client.py update_nss NSS_3_15_4_RTM
hg addremove
vi configure.in
hg commit -m "bug 898431 - Update NSS to NSS 3.15.4 (NSS_3_15_4_RTM) r=me a=lsblakk"

There were no patches in security/patches, so nothing needed to be applied after updating NSS (as far as I understand).
Attachment #8363126 - Flags: review?(brian)
Comment on attachment 8363126 [details] [diff] [review]
NSS 3.15.4 for esr24 (with configure.in bump)

Review of attachment 8363126 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks. I reviewed only configure.in and the sequence of commands you listed in your comment.
Attachment #8363126 - Flags: review?(brian) → review+
Attachment #830023 - Flags: approval-mozilla-b2g26?
Attachment #830023 - Flags: approval-mozilla-b2g26+
Attachment #830023 - Flags: approval-mozilla-b2g18?
Attachment #830023 - Flags: approval-mozilla-b2g18+
The esr24 patch applied cleanly to b2g26, so I went ahead and pushed it there too. That leaves just b2g18 to fix.

https://hg.mozilla.org/releases/mozilla-b2g26_v1_2/rev/80dace8b6ddb
status-b2g-v1.2: affectedfixed
status-b2g-v1.4: --- → fixed
On b2g18, NSS is carrying local patches for bug 834091 and bug 827543.
* Bug 834091 was fixed in upstream NSS by bug 842856, so that should be OK.
* It appears that bug 826666 was intended to be the upstream solution for bug 827543, but that was eventually WONTFIXed, so vanilla NSS 3.15.4 will be effectively reverting bug 827543. Based on the outcome of bug 826666, I think that's OK as well?
I generated this by first cherry-picking rev. b20eab2be2dc of client.py from mozilla-central (and putting it in a separate patch - not sure if we want to check it in or what). Then, I followed the same steps as before. I didn't check in the private patches (see the reasoning from Ryan and me, above).
Try was basically useless, so I just ran the xpcshell suite locally. The only tests that failed were ones that fail without the patch.
Attachment #8365171 - Flags: review?(brian)
Comment on attachment 8365171 [details] [diff] [review]
NSS 3.15.4 for b2g18 (with configure.in bump)

I wouldn't be surprised if we need to make changes to security/build to deal with the much-newer NSS. The only way to know would be to build and run the tests, which I guess will happen at checkin.

Please check in the client.py update along with this.
Attachment #8365171 - Flags: review?(brian) → review+
No longer blocks: 871954
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: