Opened 8 years ago

Closed 6 years ago

#7657 closed defect (fixed)

TLS connections may timeout early?

Reported by: cypherpunks Owned by: mikeperry
Priority: Medium Milestone:
Component: Firefox Patch Issues Version:
Severity: Keywords: tbb-usability
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Firefox implements hard coded timeout for handshake with TLS servers that never answer. Right now it's 25 second without chance to change. Every timeout leads to msg about connection reset. Firefox resets itself and happily report about connection reset. Moreover logic of timeout broken completely and incompatible with Tor. See source code, file nsNSSIOLayer.cpp
Suggested fixes proposed at https://bugzilla.mozilla.org/show_bug.cgi?id=754356
Only solution is to remove timeout.

What happen if really connect to server that never answer ServerHello? It's another story incompatible with current timeouts. Lets to remove and to code something new.

Child Tickets

Change History (6)

comment:1 Changed 8 years ago by cypherpunks

Resolution: invalid
Status: newclosed

comment:2 Changed 8 years ago by rransom

Resolution: invalid
Status: closedreopened

comment:3 Changed 8 years ago by arma

Priority: majornormal
Summary: Save users, remove TLS timeout logicWe could apply a Firefox patch to remove the hard-coded 25s TLS timeout

comment:4 Changed 8 years ago by cypherpunks

Can't reproduce it with TBB's Firefox 10ESR.

comment:5 Changed 8 years ago by mikeperry

Keywords: tbb-usability added
Status: reopenedneeds_information
Summary: We could apply a Firefox patch to remove the hard-coded 25s TLS timeoutTLS connections may timeout early?

Do we hit this or not?

comment:6 Changed 6 years ago by cypherpunks

Resolution: fixed
Status: needs_informationclosed

Bug ​https://bugzilla.mozilla.org/show_bug.cgi?id=754356 was fixed.
Target Milestone: mozilla27.
Closing.

Note: See TracTickets for help on using tickets.