FF52_NETWORK_AUDIT 8.88 KB
Newer Older
Mike Perry's avatar
Mike Perry committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
Lowest level resolver calls:
 + PR_GetHostByName
   + security/nss/cmd/libpkix/pkix_pl/pki/test_socket.c (just tests)
   + security/nss/cmd/vfyserv/vfyserv.c (test)
   - security/nss/lib/certhigh/ocsp.c
   + ./netwerk/protocol/rtsp/rtsp/RTSPConnectionHandler.h
     - MOZ_RTSP -> Only on android. XXX: Verify disabled
   + ./netwerk/protocol/rtsp/rtsp/ARTSPConnection.cpp
     - MOZ_RTSP -> Only on android. XXX: Verify disabled
   + ./security/nss/lib/certhigh/ocsp.c:
     - Patched (XXX: Verify application)
   + ./security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
     + pkix_pl_Socket_CreateByName()
       - Patched (XXX: Verify application)
     + pkix_pl_Socket_CreateByHostAndPort()
       - Patched (XXX: Verify application)
   - ./toolkit/profile/nsProfileLock.cpp
     - nsProfileLock::LockWithSymlink() looks up 127.0.0.1..
     - XXX: verify patch
   - Verify DNS patch (esp with e10s)
 + PR_GetAddrInfoByName
 + PR_GetIPNodeByName

UDPSockets
+ security/nss/cmd/certutil/certext.c

FlyWeb: XXX: Disable?? Might be off already. Seems incomplete.
 - dom/flyweb/FlyWebService.cpp
   - https://wiki.mozilla.org/FlyWeb

MDNS: (./netwerk/dns/mdns/libmdns/) verify againXXX
 - @mozilla.org/toolkit/components/mdnsresponder/dns-sd;1
 - DNSSERVICEDISCOVERY_CONTRACT_ID
   - ./dom/presentation/provider/MulticastDNSDeviceProvider.cpp
   - XXX-old: Presentation API?
     https://developer.mozilla.org/en-US/docs/Web/API/Presentation_API
 - DNSSERVICEINFO_CONTRACT_ID
   - ./dom/presentation/provider/MulticastDNSDeviceProvider.cpp
 - @mozilla.org/toolkit/components/mdnsresponder/dns-info;1

Direct paths to DNS resolution:
 + nsHostResolver::ResolveHost
   + Only used by nsDNSService
 + nsDNSService::Resolve
   - Patched for safety (XXX: Verify application)
 + nsDNSService::AsyncResolve
   - Patched for safety (XXX: Verify application)
 - ChildDNSService::AsyncResolve and ChildDNSService::Resolve
   - Possibly only active if MOZILLA_XPCOMRT_API is defined.. But it seems to
     be.
   - ./netwerk/dns/ChildDNSService.cpp
     - XXX: Should patch AsyncResolve and Resolve here, as we do in
       nsDNSService.
 - XXX: New parent/child interfaces DNSRequestParent and DNSRequestChild
   + ./netwerk/ipc/NeckoParent.cpp
     + Calls into DNS service via DNSRequestParent::DoAsyncResolve()
   + ./netwerk/ipc/NeckoChild.cpp

XXX Strange things doing DNS:
 - mtransport (media/mtransport/test/ice_unittest.cpp)
   - XXX Bleh rolls its own Resolve() using getaddirinfo (not PR_GetAddrInfo)
   - Pretty sure is disabled.
 - XXX: StreamingListener::SocketWriter::MakeConnection goes getaddrinfo()
   - Pretty sure this is just a unit test though.
 + third_party/rust/libc/src/unix/mod.rs (exports but doens't use getaddrinfo)

SOCK_:
 - netwerk/base/NetworkInfoServiceCocoa.cpp (SOCK_DGRAM)
 - netwerk/base/NetworkInfoServiceLinux.cpp
   - Internal code, possibly for ICE?
   - nsNetworkInfoService::ListNetworkAddresses
     - XXX: Used by mDNS and the presentation API (dom/presentation/*)
 + netwerk/sctp/datachannel/DataChannel.cpp
   + Disabled via WebRTC
 - StreamingListener::SocketWriter::MakeConnection
   - Pretty sure this is just a unit test though.

SOCKET_:
 + devtools/shared/webconsole/network-monitor.js
   + Just an observer
 - dom/network/TCPSocketParent.cpp
   - Probably OK. Disable via DOM prefs
 - dom/network/UDPSocketParent.cpp
   - Probably OK. Disable via DOM prefs
 - media/mtransport/nr_socket_prsock.cpp
   - NrUdpSocketIpc::connect_i
   - NrSocket::connect(nr_transport_addr *addr) {
     - NrSocket(), NrSocketBase, CreateSocket()
   - Probably disabled with webrtc? XXX: Check.
 + nsSocketTransportService
   + None of the new stuff actually makes new sockets
 + nsUDPSocket
 - third_party/rust/url/src/host.rs
   - XXX: Hrmm.. Fuck to_socket_addrs

UDPSocket:
 - dom/network/UDPSocket*
   - Same deal. Disable.
 + media/mtransport/nr_socket_prsock.cpp
   + Webrtc again.
 - netwerk/dns/mdns/libmdns/fallback/MulticastDNS.jsm (XXX: Yikes)
   - XXX: Ensure mdns is disabled

TCPSocket:
 - dom/base/Navigator.cpp (hook for MozTcpSocket)
   - disable
 - dom/media/bridge/MediaModule.cpp
   - PeerConnection stuff.
 - media/mtransport/*
   - Disable
 - netwerk/ipc/PNecko.ipdl (hrmm... check full source?)

Rust:
 + media/libstagefright/binding
 + netwerk/base/rust-url-capi

-socket: (XPCOM)
 - dom/flyweb/HttpServer.cpp
   - Ensure flyweb is disabled
 - dom/presentation/provider/PresentationControlService.js
   - Opens local listening sockets. We probably don't want it.
   - Also appears to do ICE and unproxied TCP..
 - dom/presentation/provider/LegacyPresentationControlService.js

_SOCKET:
 - devtools/client/debugger/new/bundle.js
   - Pretty sure we disable the remote case, yes?
 - dom/presentation/PresentationTCPSessionTransport.cpp
   - More listener sockets
 - netwerk/base/ThrottleQueue.cpp
   - Seems just to be for timer notification

Android XXX leaks:
 - HttpUrlConnection
   - XXX: mobile/android/base/java/org/mozilla/gecko/feeds/FeedFetcher.java
     (fetchAndParseFeedIfModified)
   - XXX: mobile/android/base/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
   - XXX: mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
   - XXX: mobile/android/thirdparty/com/keepsafe/switchboard/SwitchBoard.java
 - Uses ch.boye.httpclientandroidlib.impl.client.*:
   - I think this is ok?
 - /android/

Android Java calls:
  + Uses HttpURLConnection:
    + mobile/android/base/java/org/mozilla/gecko/CrashReporter.java
    + mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
    + mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
    + mobile/android/search/java/org/mozilla/search/providers/SearchEngineManager.java
    + mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
    + mobile/android/tests/browser/robocop/src/org/mozilla/gecko/tests/BaseRobocopTest.java
    + mobile/android/tests/browser/robocop/src/org/mozilla/gecko/tests/testDistribution.java
    + mobile/android/thirdparty/com/keepsafe/switchboard/SwitchBoard.java
    + mobile/android/thirdparty/com/squareup/picasso/UrlConnectionDownloader.java
  + Uses ch.boye.httpclientandroidlib.impl.client.*:
    + mobile/android/base/java/org/mozilla/gecko/dlc/DownloadContentHelper.java
    + mobile/android/base/java/org/mozilla/gecko/favicons/LoadFaviconTask.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/background/fxa/FxAccountClient10.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/background/fxa/oauth/FxAccountAbstractClient.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/reading/ReadingListClient.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/jpake/stage/DeleteChannel.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/jpake/stage/GetChannelStage.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/jpake/stage/GetRequestStage.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/jpake/stage/PutRequestStage.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/AbstractBearerTokenAuthHeaderProvider.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/AuthHeaderProvider.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/BaseResource.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/BaseResourceDelegate.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/BasicAuthHeaderProvider.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/HMACAuthHeaderProvider.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/HawkAuthHeaderProvider.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/ResourceDelegate.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/SyncStorageCollectionRequest.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/SyncStorageRequest.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/sync/setup/auth/AuthenticateAccountStage.java
    + mobile/android/services/src/main/java/org/mozilla/gecko/tokenserver/TokenServerClient.java
    + mobile/android/tests/background/junit4/src/org/mozilla/android/sync/test/helpers/MockResourceDelegate.java
    + mobile/android/tests/background/junit4/src/org/mozilla/gecko/sync/net/test/TestHawkAuthHeaderProvider.java
    + mobile/android/tests/background/junit4/src/org/mozilla/gecko/sync/net/test/TestLiveHawkAuth.java
    + mobile/android/thirdparty/ch/boye/httpclientandroidlib/client/protocol/ResponseAuthCache.java
    + mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/client/cache/CachingHttpClientBuilder.java
    + mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/client/cache/CachingHttpClients.java
    + mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/execchain/ProtocolExec.java
    + mobile/android/thirdparty/com/adjust/sdk/AdjustFactory.java