SSL Key exchange, Signature info is unavailable for addons after the last update

Board for discussions around the Basilisk web browser.

Moderator: satrow

bitairy
Moongazer
Moongazer
Posts: 9
Joined: 2017-12-31, 06:37

SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by bitairy » 2018-07-23, 04:59

Hello,
I would like to know how to solve the problem , after the last update, all add-ons can not get information about Cipher Suite
Key exchange , Signature, etc unavailable in addons like SSleuth https://addons.mozilla.org/en-US/firefox/addon/ssleuth/ and Calomel SSL Validation https://addons.mozilla.org/en-US/firefo ... alidation/
Probably I need to change some options in the about:config ?
The previous version of the Basilisk worked perfectly, I do not want to roll back but apparently I'll have to if I do not find a solution.
Please, help.
Thanks

GMforker
Astronaut
Astronaut
Posts: 537
Joined: 2015-08-27, 06:29
Location: Czech Republic

Re: SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by GMforker » 2018-07-23, 05:27

See https://www.basilisk-browser.org/releasenotes.shtml
Fixed Firefox-inherited SSL status ambiguity. SSLStatus.CipherName now actually displays the name. The full suite is still available in the (new) property CipherSuite.
and:
https://github.com/MoonchildProductions ... 68e13cc133

The difference is in the strings that are created:
nsISSLStatus.cipherName (it is used - but this is not a full string now)
and
nsISSLStatus.cipherSuite (this is the original string)

An example:
_old_new.png
See also https://forum.palemoon.org/viewtopic.php?f=1&t=19727
Last edited by GMforker on 2018-07-23, 05:51, edited 4 times in total.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24449
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by Moonchild » 2018-07-23, 11:34

Extensions need to be aware of the (proper!) handling of SSL statuses in UXP.
Plastering the raw suite in the cipherName field was a Mozilla bug (typo) but due to peer pressure from people who wanted to see this raw string in the Page Info -> Security dialog in the relevant bug, Mozilla never fixed this. We did.
If extensions want to be compatible with the originally intended implementation as carried in UXP and all its applications, they need to check cipherSuite to get the suite string for analysis.
"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

bitairy
Moongazer
Moongazer
Posts: 9
Joined: 2017-12-31, 06:37

Re: SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by bitairy » 2018-07-24, 04:00

I'm not an addons developer and I do not seem to be able to make changes to their code.
If I correctly understood that I will not be able to force to work any of addons because of changes in the Basilisk last update.
There is no chance?

GMforker
Astronaut
Astronaut
Posts: 537
Joined: 2015-08-27, 06:29
Location: Czech Republic

Re: SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by GMforker » 2018-07-24, 04:47

For "Calomel SSL Validation", just fix one line of code:
chrome/content/calomelsslvalidation.js - line: 560:

From:

Code: Select all

var symetricCipher = status.cipherName;
To (backward compatible):

Code: Select all

var symetricCipher = ("cipherSuite" in status) ? status.cipherSuite : status.cipherName;
You can ask someone for help. Or you can try it yourself - e.g.
https://forum.palemoon.org/viewtopic.ph ... 39#p138139
Last edited by GMforker on 2018-07-24, 05:19, edited 2 times in total.

bitairy
Moongazer
Moongazer
Posts: 9
Joined: 2017-12-31, 06:37

Re: SSL Key exchange, Signature info is unavailable for addons after the last update

Unread post by bitairy » 2018-07-24, 05:30

Thank you for your patch!
All working perfect. :D
GMforker wrote:For "Calomel SSL Validation", just fix one line of code:
chrome/content/calomelsslvalidation.js - line: 560:
From:

Code: Select all

var symetricCipher = status.cipherName;
To (backward compatible):

Code: Select all

var symetricCipher = ("cipherSuite" in status) ? status.cipherSuite : status.cipherName;
You can ask someone for help. Or you can try it yourself - e.g.
https://forum.palemoon.org/viewtopic.ph ... 39#p138139
Last edited by bitairy on 2018-07-24, 05:30, edited 1 time in total.

Locked