Disable TLSv1.1 and TLSv1.2 in the Firefox helper
With #11253 (closed), Tor Browser's Firefox config has TLSv1.1 and TLSv1.2 turned on. If meek-http-helper (browser TLS camouflage) sends Firefox 24 ciphersuites but uses TLSv1.1 or TLSv1.2, then it will look weird, because as I understand it, mainline Firefox 24 has TLSv1.1 and TLSv1.2 disabled. ([[doc/meek#Sampleclienthellos]] corroborates that ordinary Firefox 24 uses TLSv1.0 when connecting to Google.)
We also need to remember to turn TLSv1.1 and TLSv1.2 back on when they get enabled in the next ESR...
Activity
0001-Set-security.tls.version.max-1-in-meek-http-helper.patch disables TLSv1.1 and TLSv1.2 in the helper, by setting security.tls.version.max=1.
Before the patch (i.e., the status quo with 4.0-alpha-1), the TLS fingerprint stands out from ordinary Firefox 24 in the TLS version and in an extra extension:
SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) - Length: 169 + Length: 191 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) - Length: 165 - Version: TLS 1.0 (0x0301) + Length: 187 + Version: TLS 1.2 (0x0303) Random - gmt_unix_time: Jul 12, 2089 08:23:06.000000000 PDT - random_bytes: f0b149a04ac4a554c5bda57030b17342cc1c0ab59c925cc8... + gmt_unix_time: Nov 29, 2031 00:35:52.000000000 PST + random_bytes: 4856792ce5d7e72f3255fef9792ed37d14124c402ed8dfb1... Session ID Length: 0 Cipher Suites Length: 70 Cipher Suites (35 suites) @@ -51,7 +51,7 @@ Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) - Extensions Length: 54 + Extensions Length: 76 Extension: server_name Type: server_name (0x0000) Length: 19 @@ -86,3 +86,7 @@ Extension: next_protocol_negotiation Type: next_protocol_negotiation (0x3374) Length: 0 + Extension: signature_algorithms + Type: signature_algorithms (0x000d) + Length: 18 + Data (18 bytes)After the patch, we're back to differing only in the client randomness:
Length: 165 Version: TLS 1.0 (0x0301) Random - gmt_unix_time: Jul 12, 2089 08:23:06.000000000 PDT - random_bytes: f0b149a04ac4a554c5bda57030b17342cc1c0ab59c925cc8... + gmt_unix_time: Sep 24, 1976 08:40:40.000000000 PDT + random_bytes: 52240b209956653bf5fd16b29aeb040d7a81d3358f86dd19... Session ID Length: 0 Cipher Suites Length: 70 Cipher Suites (35 suites)Trac:
Keywords: N/A deleted, TorBrowserTeam201408 added
Status: new to needs_reviewI made #12873 (moved) so as not to forget to undo this change once rebased on Firefox 31.
Replying to mikeperry:
Hrmm. I think you probably want to blend in with Firefox 31 regardless. It is more common than FF24ESR. Though, I'm not sure if security.tls.version.max=3 looked like Firefox 31 if it was done from a Firefox 24 build. It may not.
It's a nice idea, but the ciphersuites, at least, offered by Firefox 31 are different than those offered by 24:
- https://bugzilla.mozilla.org/show_bug.cgi?id=936828
- https://bugzilla.mozilla.org/show_bug.cgi?id=946147#c1 amusing followup about broken servers ignoring the MSB of the ciphersuite ID See https://www.ssllabs.com/ssltest/viewMyClient.html for an online test. I don't think we'll win in the long run making Firefox try to look like anything other than its true version; there are too many dead-parrot issues. Firefox 24 is less common than Firefox 31, but Firefox 24 ciphersuites with TLSv1.2 is likely to be less common than both.
mentioned in issue #12873 (moved)
mentioned in issue tpo/anti-censorship/pluggable-transports/meek#12873 (closed)
