net: expect MITM attacks with HTTP proxies and command line flag.

With r51258 we started requiring the TLS renegotiation extension from a
whitelist of servers that we knew supported it. When Chrome is getting MITM
attacked, this extension can be removed and this broke some debugging tools
(which intercept SSL connections) and some proxies which do the same.

This patch causes us to expect to be MITM attacked when tunneling via an HTTP
proxy and when the --allow-ssl-mitm-proxies command line flag is given.

BUG=48485
TEST=Can't really test without one of these MITM proxy machines.

http://codereview.chromium.org/3111019

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56727 0039d316-1c4b-4281-b951-d872f2087c98

11 files changed, 54 insertions, 10 deletions

diff --git a/chrome/browser/browser_main.cc b/chrome/browser/browser_main.cc
index dad1cec..5f518a4 100644
--- a/chrome/browser/browser_main.cc
+++ b/chrome/browser/browser_main.cc
@@ -180,6 +180,8 @@ void BrowserMainParts::EarlyInitialization() {
     net::SSLConfigService::EnableDNSSEC();
   if (parsed_command_line().HasSwitch(switches::kDisableSSLFalseStart))
     net::SSLConfigService::DisableFalseStart();
+  if (parsed_command_line().HasSwitch(switches::kAllowSSLMITMProxies))
+    net::SSLConfigService::AllowMITMProxies();
 
   PostEarlyInitialization();
 }
diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc
index 23954c1..ab81ea3 100644
--- a/chrome/browser/net/ssl_config_service_manager_pref.cc
+++ b/chrome/browser/net/ssl_config_service_manager_pref.cc
@@ -145,8 +145,7 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
   config->ssl2_enabled = ssl2_enabled_.GetValue();
   config->ssl3_enabled = ssl3_enabled_.GetValue();
   config->tls1_enabled = tls1_enabled_.GetValue();
-  config->dnssec_enabled = net::SSLConfigService::dnssec_enabled();
-  config->false_start_enabled = net::SSLConfigService::false_start_enabled();
+  net::SSLConfigService::SetSSLConfigFlags(config);
 }
 
 ////////////////////////////////////////////////////////////////////////////////
diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc
index bc00a4ef..529e7a4 100644
--- a/chrome/common/chrome_switches.cc
+++ b/chrome/common/chrome_switches.cc
@@ -22,6 +22,12 @@ const char kActivateOnLaunch[]              = "activate-on-launch";
 // override for developers who need the old behavior for testing.
 const char kAllowFileAccessFromFiles[]      = "allow-file-access-from-files";
 
+// Disable checking of the renegotiation extension and any future checks over
+// and above what a "traditional" SSL stack might do. This has been requested
+// in order to support some web development tools that intercept SSL
+// connections.
+const char kAllowSSLMITMProxies[]           = "allow-ssl-mitm-proxies";
+
 // Allows debugging of sandboxed processes (see zygote_main_linux.cc).
 const char kAllowSandboxDebugging[]         = "allow-sandbox-debugging";
 
diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h
index 6f0ce67..86eba94 100644
--- a/chrome/common/chrome_switches.h
+++ b/chrome/common/chrome_switches.h
@@ -22,6 +22,7 @@ namespace switches {
 // alongside the definition of their values in the .cc file.
 extern const char kActivateOnLaunch[];
 extern const char kAllowFileAccessFromFiles[];
+extern const char kAllowSSLMITMProxies[];
 extern const char kAllowSandboxDebugging[];
 extern const char kAllowScriptingGallery[];
 extern const char kAlwaysEnableDevTools[];
diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service.cc
index 1b367ed..226798d 100644
--- a/net/base/ssl_config_service.cc
+++ b/net/base/ssl_config_service.cc
@@ -75,6 +75,14 @@ bool SSLConfigService::IsKnownFalseStartIncompatibleServer(
 
 static bool g_dnssec_enabled = false;
 static bool g_false_start_enabled = true;
+static bool g_mitm_proxies_allowed = false;
+
+// static
+void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) {
+  ssl_config->dnssec_enabled = g_dnssec_enabled;
+  ssl_config->false_start_enabled = g_false_start_enabled;
+  ssl_config->mitm_proxies_allowed = g_mitm_proxies_allowed;
+}
 
 // static
 void SSLConfigService::EnableDNSSEC() {
@@ -96,4 +104,14 @@ bool SSLConfigService::false_start_enabled() {
   return g_false_start_enabled;
 }
 
+// static
+void SSLConfigService::AllowMITMProxies() {
+  g_mitm_proxies_allowed = true;
+}
+
+// static
+bool SSLConfigService::mitm_proxies_allowed() {
+  return g_mitm_proxies_allowed;
+}
+
 }  // namespace net
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h
index 75a4f74..748d8e4 100644
--- a/net/base/ssl_config_service.h
+++ b/net/base/ssl_config_service.h
@@ -20,7 +20,7 @@ struct SSLConfig {
   SSLConfig()
       : rev_checking_enabled(true),  ssl2_enabled(false), ssl3_enabled(true),
         tls1_enabled(true), ssl3_fallback(false), dnssec_enabled(false),
-        false_start_enabled(true),
+        mitm_proxies_allowed(false), false_start_enabled(true),
         send_client_cert(false), verify_ev_cert(false) {
   }
 
@@ -33,6 +33,15 @@ struct SSLConfig {
                        // needs to clear tls1_enabled).
   bool dnssec_enabled;  // True if we'll accept DNSSEC chains in certificates.
 
+  // True if we believe that this connection might be MITM attacked. This
+  // sounds a little worse than it is: large networks sometimes MITM attack all
+  // SSL connections on egress. We want to know this because we might not have
+  // the end-to-end connection that we believe that we have based on the
+  // hostname. Therefore, certain certificate checks can't be performed and we
+  // can't use outside knowledge about whether the server has the renegotiation
+  // extension.
+  bool mitm_proxies_allowed;
+
   bool false_start_enabled;  // True if we'll use TLS False Start.
 
   // TODO(wtc): move the following members to a new SSLParams structure.  They
@@ -109,12 +118,20 @@ class SSLConfigService : public base::RefCountedThreadSafe<SSLConfigService> {
   static void EnableDNSSEC();
   static bool dnssec_enabled();
 
+  // Enables the |may_be_manipulated| flag in SSLConfig objects. See the
+  // comment about this flag in |SSLConfig|.
+  static void AllowMITMProxies();
+  static bool mitm_proxies_allowed();
+
   // Disables False Start in SSL connections.
   static void DisableFalseStart();
   // True if we use False Start for SSL and TLS.
   static bool false_start_enabled();
 
  protected:
+  // SetFlags sets the values of several flags based on global configuration.
+  static void SetSSLConfigFlags(SSLConfig*);
+
   friend class base::RefCountedThreadSafe<SSLConfigService>;
 
   virtual ~SSLConfigService() {}
diff --git a/net/base/ssl_config_service_defaults.h b/net/base/ssl_config_service_defaults.h
index 04eff1c..58d0f2d 100644
--- a/net/base/ssl_config_service_defaults.h
+++ b/net/base/ssl_config_service_defaults.h
@@ -20,8 +20,7 @@ class SSLConfigServiceDefaults : public SSLConfigService {
   // Store default SSL config settings in |config|.
   virtual void GetSSLConfig(SSLConfig* config) {
     *config = default_config_;
-    config->dnssec_enabled = SSLConfigService::dnssec_enabled();
-    config->false_start_enabled = SSLConfigService::false_start_enabled();
+    SetSSLConfigFlags(config);
   }
 
  private:
diff --git a/net/base/ssl_config_service_mac.cc b/net/base/ssl_config_service_mac.cc
index 63fc017..492312c 100644
--- a/net/base/ssl_config_service_mac.cc
+++ b/net/base/ssl_config_service_mac.cc
@@ -95,8 +95,7 @@ bool SSLConfigServiceMac::GetSSLConfigNow(SSLConfig* config) {
                                              kSSL3EnabledDefaultValue);
   config->tls1_enabled = SSLVersionIsEnabled(kTLS1EnabledKey,
                                              kTLS1EnabledDefaultValue);
-  config->dnssec_enabled = SSLConfigService::dnssec_enabled();
-  config->false_start_enabled = SSLConfigService::false_start_enabled();
+  SSLConfigService::SetSSLConfigFlags(config);
 
   return true;
 }
diff --git a/net/base/ssl_config_service_win.cc b/net/base/ssl_config_service_win.cc
index 646e264..b4232aa 100644
--- a/net/base/ssl_config_service_win.cc
+++ b/net/base/ssl_config_service_win.cc
@@ -75,8 +75,7 @@ bool SSLConfigServiceWin::GetSSLConfigNow(SSLConfig* config) {
   config->ssl2_enabled = ((protocols & SSL2) != 0);
   config->ssl3_enabled = ((protocols & SSL3) != 0);
   config->tls1_enabled = ((protocols & TLS1) != 0);
-  config->dnssec_enabled = SSLConfigService::dnssec_enabled();
-  config->false_start_enabled = SSLConfigService::false_start_enabled();
+  SSLConfigService::SetSSLConfigFlags(config);
 
   return true;
 }
diff --git a/net/http/http_stream_request.cc b/net/http/http_stream_request.cc
index f50c3c2..b3310a8 100644
--- a/net/http/http_stream_request.cc
+++ b/net/http/http_stream_request.cc
@@ -520,6 +520,9 @@ int HttpStreamRequest::DoInitConnection() {
     if (request_info().load_flags & LOAD_VERIFY_EV_CERT)
       ssl_config()->verify_ev_cert = true;
 
+    if (proxy_info()->proxy_server().scheme() == ProxyServer::SCHEME_HTTP)
+      ssl_config()->mitm_proxies_allowed = true;
+
     scoped_refptr<SSLSocketParams> ssl_params =
         new SSLSocketParams(tcp_params, http_proxy_params, socks_params,
                             proxy_info()->proxy_server().scheme(),
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index b02eb2b..c676c08 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -513,7 +513,8 @@ int SSLClientSocketNSS::InitializeSSLOptions() {
 #endif
 
 #ifdef SSL_ENABLE_RENEGOTIATION
-  if (SSLConfigService::IsKnownStrictTLSServer(hostname_)) {
+  if (SSLConfigService::IsKnownStrictTLSServer(hostname_) &&
+      !ssl_config_.mitm_proxies_allowed) {
     rv = SSL_OptionSet(nss_fd_, SSL_REQUIRE_SAFE_NEGOTIATION, PR_TRUE);
     if (rv != SECSuccess)
        LOG(INFO) << "SSL_REQUIRE_SAFE_NEGOTIATION failed.";