net: add histogram to measure how often we do SSLv3 fallback to renego patched servers.

We would like to do something about a network attacker's ability to trigger SSLv3 fallback. Yngve from Opera suggested taking the renegotiation extension as a signal that we should not have fallen back and so this change adds a histogram to measure how often we see renego when doing a fallback connection. BUG=none Review URL: https://chromiumcodereview.appspot.com/11348132 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169531 0039d316-1c4b-4281-b951-d872f2087c98
author: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-11-26 23:41:28 +0000
committer: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-11-26 23:41:28 +0000
commit: a1590f1ffdd6b61016426abffb33b27045da3308 (patch)
tree: 4afb4fe58a62f939854e6f6331c02e80ff7d4106 /net/socket
parent: ac0bef0efdfac595503cae5b7553bb3c38ddd164 (diff)
download: chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.zip
chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.tar.gz
chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.tar.bz2
1 files changed, 18 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index 5fba60a..be4f366 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -2421,6 +2421,24 @@ void SSLClientSocketNSS::Core::UpdateConnectionStatus() {
     }
     UMA_HISTOGRAM_ENUMERATION("Net.RenegotiationExtensionSupported",
                               peer_supports_renego_ext, 2);
+
+    // We would like to eliminate fallback to SSLv3 for non-buggy servers
+    // because of security concerns. For example, Google offers forward
+    // secrecy with ECDHE but that requires TLS 1.0. An attacker can block
+    // TLSv1 connections and force us to downgrade to SSLv3 and remove forward
+    // secrecy.
+    //
+    // Yngve from Opera has suggested using the renegotiation extension as an
+    // indicator that SSLv3 fallback was mistaken:
+    // tools.ietf.org/html/draft-pettersen-tls-version-rollback-removal-00 .
+    //
+    // As a first step, measure how often clients perform version fallback
+    // while the server advertises support secure renegotiation.
+    if (ssl_config_.version_fallback &&
+        channel_info.protocolVersion == SSL_LIBRARY_VERSION_3_0) {
+      UMA_HISTOGRAM_BOOLEAN("Net.SSLv3FallbackToRenegoPatchedServer",
+                            peer_supports_renego_ext == PR_TRUE);
+    }
   }
 #endif
author	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-11-26 23:41:28 +0000
committer	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-11-26 23:41:28 +0000
commit	a1590f1ffdd6b61016426abffb33b27045da3308 (patch)
tree	4afb4fe58a62f939854e6f6331c02e80ff7d4106 /net/socket
parent	ac0bef0efdfac595503cae5b7553bb3c38ddd164 (diff)
download	chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.zip chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.tar.gz chromium_src-a1590f1ffdd6b61016426abffb33b27045da3308.tar.bz2