Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#13586 closed defect (fixed)

Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets

Reported by: dcf Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: meek TorBrowserTeam201410R TorBrowserTeam201410Easy
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


comment:1:ticket:13442 shows that meek-http-helper in Tor Browser 4.0 doesn't match stock Firefox because it is missing the TLS session ticket extension. It's because of #10822 (and upstream Mozilla #917049 and #967977) which replaced one pref with another.

I've tested manually that setting security.ssl.disable_session_identifiers=false restores the missing extension. A test build with this patch has just started, but it's straightforward enough that I'll attach it now.

Child Tickets

Attachments (1)

0001-Use-the-new-security.ssl.disable_session_identifiers.patch (1.8 KB) - added by dcf 2 years ago.

Download all attachments as: .zip

Change History (5)

comment:1 Changed 2 years ago by dcf

  • Status changed from new to needs_review

comment:2 Changed 2 years ago by mikeperry

  • Resolution set to fixed
  • Status changed from needs_review to closed

I merged this for the next 4.0 and also for 4.5-alpha-1 (though gitrw is down right this second, will push later).

comment:3 Changed 2 years ago by gk

comment:4 Changed 2 years ago by dcf

I updated doc/meek#Sampleclienthellos and verified Tor Browser 4.0.2 matches with Firefox 31.

Note: See TracTickets for help on using tickets.