Mercurial > mozilla-central / changeset / 86c457d100fdc09f60ca193666ac5ff86e538ba1
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1667743 - Remove unused esni code r=necko-reviewers,dragana
authorKershaw Chang <kershaw@mozilla.com>
Thu, 03 Dec 2020 12:17:12 +0000
changeset 559303 86c457d100fdc09f60ca193666ac5ff86e538ba1
parent 559302 d4ef63a4209417db9d840a576cfa341e9a7adfd9
child 559304 4981e28cbd65b72dad30cb4a86431bdde2c4b555
push id38002
push userrmaries@mozilla.com
push dateFri, 04 Dec 2020 03:34:50 +0000
treeherdermozilla-central@ee7cd95a414c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnecko-reviewers, dragana
bugs1667743
milestone85.0a1
first release with
nightly linux32
b836812230d1 / 85.0a1 / 20201204094005 / files
nightly linux64
b836812230d1 / 85.0a1 / 20201204094005 / files
nightly mac
b836812230d1 / 85.0a1 / 20201204094005 / files
nightly win32
b836812230d1 / 85.0a1 / 20201204094005 / files
nightly win64
b836812230d1 / 85.0a1 / 20201204094005 / files
last release without
nightly linux32
40509c4eae51 / 85.0a1 / 20201202225027 / files
nightly linux64
40509c4eae51 / 85.0a1 / 20201202225027 / files
nightly mac
40509c4eae51 / 85.0a1 / 20201202225027 / files
nightly win32
40509c4eae51 / 85.0a1 / 20201202225027 / files
nightly win64
40509c4eae51 / 85.0a1 / 20201202225027 / files
Bug 1667743 - Remove unused esni code r=necko-reviewers,dragana Differential Revision: https://phabricator.services.mozilla.com/D98023
dom/html/nsHTMLDNSPrefetch.cpp file | annotate | diff | comparison | revisions
dom/media/webrtc/transport/test/webrtcproxychannel_unittest.cpp file | annotate | diff | comparison | revisions
modules/libpref/init/StaticPrefList.yaml file | annotate | diff | comparison | revisions
netwerk/base/Predictor.cpp file | annotate | diff | comparison | revisions
netwerk/base/nsDNSPrefetch.cpp file | annotate | diff | comparison | revisions
netwerk/base/nsDNSPrefetch.h file | annotate | diff | comparison | revisions
netwerk/base/nsISocketTransport.idl file | annotate | diff | comparison | revisions
netwerk/base/nsSocketTransport2.cpp file | annotate | diff | comparison | revisions
netwerk/base/nsSocketTransport2.h file | annotate | diff | comparison | revisions
netwerk/base/nsSocketTransportService2.cpp file | annotate | diff | comparison | revisions
netwerk/base/nsSocketTransportService2.h file | annotate | diff | comparison | revisions
netwerk/protocol/http/HalfOpenSocket.cpp file | annotate | diff | comparison | revisions
netwerk/protocol/http/HttpConnectionBase.cpp file | annotate | diff | comparison | revisions
netwerk/protocol/http/HttpConnectionUDP.cpp file | annotate | diff | comparison | revisions
netwerk/protocol/http/TunnelUtils.cpp file | annotate | diff | comparison | revisions
netwerk/protocol/http/nsHttpConnection.cpp file | annotate | diff | comparison | revisions
netwerk/test/unit/test_dns_by_type_resolve.js file | annotate | diff | comparison | revisions
netwerk/test/unit/test_esni_dns_fetch.js file | annotate | diff | comparison | revisions
netwerk/test/unit/test_httpssvc_iphint.js file | annotate | diff | comparison | revisions
netwerk/test/unit/test_httpssvc_priority.js file | annotate | diff | comparison | revisions
netwerk/test/unit/test_trr_httpssvc.js file | annotate | diff | comparison | revisions
netwerk/test/unit/test_use_httpssvc.js file | annotate | diff | comparison | revisions
netwerk/test/unit/xpcshell.ini file | annotate | diff | comparison | revisions
netwerk/test/unit_ipc/child_dns_by_type_resolve.js file | annotate | diff | comparison | revisions
netwerk/test/unit_ipc/child_esni_dns_fetch1.js file | annotate | diff | comparison | revisions
netwerk/test/unit_ipc/test_dns_by_type_resolve_wrap.js file | annotate | diff | comparison | revisions
netwerk/test/unit_ipc/test_esni_dns_fetch_wrap.js file | annotate | diff | comparison | revisions
netwerk/test/unit_ipc/xpcshell.ini file | annotate | diff | comparison | revisions
testing/xpcshell/moz-http2/moz-http2.js file | annotate | diff | comparison | revisions
toolkit/components/telemetry/Histograms.json file | annotate | diff | comparison | revisions
tools/lint/rejected-words.yml file | annotate | diff | comparison | revisions 
--- a/dom/html/nsHTMLDNSPrefetch.cpp
+++ b/dom/html/nsHTMLDNSPrefetch.cpp
@@ -156,27 +156,17 @@ nsresult nsHTMLDNSPrefetch::Prefetch(
   nsresult rv = sDNSService->AsyncResolveNative(
       NS_ConvertUTF16toUTF8(hostname), nsIDNSService::RESOLVE_TYPE_DEFAULT,
       flags | nsIDNSService::RESOLVE_SPECULATE, nullptr, sDNSListener, nullptr,
       aPartitionedPrincipalOriginAttributes, getter_AddRefs(tmpOutstanding));
   if (NS_FAILED(rv)) {
     return rv;
   }
 
-  // Fetch ESNI keys if needed.
-  if (isHttps && StaticPrefs::network_security_esni_enabled()) {
-    nsAutoCString esniHost;
-    esniHost.Append("_esni.");
-    esniHost.Append(NS_ConvertUTF16toUTF8(hostname));
-    Unused << sDNSService->AsyncResolveNative(
-        esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-        flags | nsIDNSService::RESOLVE_SPECULATE, nullptr, sDNSListener,
-        nullptr, aPartitionedPrincipalOriginAttributes,
-        getter_AddRefs(tmpOutstanding));
-  }
+  // TODO: Fetch HTTPS RRs in bug 1652723.
 
   return NS_OK;
 }
 
 nsresult nsHTMLDNSPrefetch::PrefetchLow(
     const nsAString& hostname, bool isHttps,
     const OriginAttributes& aPartitionedPrincipalOriginAttributes,
     nsIRequest::TRRMode aMode) {
@@ -251,26 +241,18 @@ nsresult nsHTMLDNSPrefetch::CancelPrefet
     return NS_ERROR_NOT_AVAILABLE;
 
   // Forward cancellation to DNS service
   nsresult rv = sDNSService->CancelAsyncResolveNative(
       NS_ConvertUTF16toUTF8(hostname), nsIDNSService::RESOLVE_TYPE_DEFAULT,
       flags | nsIDNSService::RESOLVE_SPECULATE,
       nullptr,  // resolverInfo
       sDNSListener, aReason, aPartitionedPrincipalOriginAttributes);
-  // Cancel fetching ESNI keys if needed.
-  if (StaticPrefs::network_security_esni_enabled() && isHttps) {
-    nsAutoCString esniHost;
-    esniHost.Append("_esni.");
-    esniHost.Append(NS_ConvertUTF16toUTF8(hostname));
-    sDNSService->CancelAsyncResolveNative(
-        esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-        flags | nsIDNSService::RESOLVE_SPECULATE, nullptr, sDNSListener,
-        aReason, aPartitionedPrincipalOriginAttributes);
-  }
+
+  // TODO: Fetch HTTPS RRs in bug 1652723.
   return rv;
 }
 
 nsresult nsHTMLDNSPrefetch::CancelPrefetchLow(Link* aElement,
                                               nsresult aReason) {
   return CancelPrefetch(
       aElement,
       GetDNSFlagsFromLink(aElement) | nsIDNSService::RESOLVE_PRIORITY_LOW,
@@ -405,28 +387,18 @@ void nsHTMLDNSPrefetch::nsDeferrals::Sub
           } else {
             nsCOMPtr<nsICancelable> tmpOutstanding;
 
             rv = sDNSService->AsyncResolveNative(
                 hostName, nsIDNSService::RESOLVE_TYPE_DEFAULT,
                 mEntries[mTail].mFlags | nsIDNSService::RESOLVE_SPECULATE,
                 nullptr, sDNSListener, nullptr, oa,
                 getter_AddRefs(tmpOutstanding));
-            // Fetch ESNI keys if needed.
-            if (NS_SUCCEEDED(rv) &&
-                StaticPrefs::network_security_esni_enabled() && isHttps) {
-              nsAutoCString esniHost;
-              esniHost.Append("_esni.");
-              esniHost.Append(hostName);
-              sDNSService->AsyncResolveNative(
-                  esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-                  mEntries[mTail].mFlags | nsIDNSService::RESOLVE_SPECULATE,
-                  nullptr, sDNSListener, nullptr, oa,
-                  getter_AddRefs(tmpOutstanding));
-            }
+            // TODO: Fetch HTTPS RRs in bug 1652723.
+
             // Tell link that deferred prefetch was requested
             if (NS_SUCCEEDED(rv)) link->OnDNSPrefetchRequested();
           }
         }
       }
     }
 
     mEntries[mTail].mElement = nullptr;
--- a/dom/media/webrtc/transport/test/webrtcproxychannel_unittest.cpp
+++ b/dom/media/webrtc/transport/test/webrtcproxychannel_unittest.cpp
@@ -173,17 +173,17 @@ class FakeSocketTransportProvider : publ
     MOZ_ASSERT(false);
     return NS_OK;
   }
   NS_IMETHOD GetResetIPFamilyPreference(
       bool* aResetIPFamilyPreference) override {
     MOZ_ASSERT(false);
     return NS_OK;
   }
-  NS_IMETHOD GetEsniUsed(bool* aEsniUsed) override {
+  NS_IMETHOD GetEchConfigUsed(bool* aEchConfigUsed) override {
     MOZ_ASSERT(false);
     return NS_OK;
   }
   NS_IMETHOD SetEchConfig(const nsACString& aEchConfig) override {
     MOZ_ASSERT(false);
     return NS_OK;
   }
   NS_IMETHOD ResolvedByTRR(bool* _retval) override {
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -8583,22 +8583,16 @@
   value: true
   mirror: always
 
 - name: network.http.stale_while_revalidate.enabled
   type: RelaxedAtomicBool
   value: true
   mirror: always
 
-# Whether to use sni encryption.
-- name: network.security.esni.enabled
-  type: bool
-  value: false
-  mirror: always
-
 # Whether to cache SSL resumption tokens in necko.
 - name: network.ssl_tokens_cache_enabled
   type: RelaxedAtomicBool
   value: @IS_NIGHTLY_BUILD@
   mirror: always
 
 # Capacity of the above cache, in kilobytes.
 - name: network.ssl_tokens_cache_capacity
--- a/netwerk/base/Predictor.cpp
+++ b/netwerk/base/Predictor.cpp
@@ -1189,30 +1189,17 @@ bool Predictor::RunPredictions(nsIURI* r
     nsCOMPtr<nsICancelable> tmpCancelable;
     mDnsService->AsyncResolveNative(
         hostname, nsIDNSService::RESOLVE_TYPE_DEFAULT,
         (nsIDNSService::RESOLVE_PRIORITY_MEDIUM |
          nsIDNSService::RESOLVE_SPECULATE),
         nullptr, mDNSListener, nullptr, originAttributes,
         getter_AddRefs(tmpCancelable));
 
-    // Fetch esni keys if needed.
-    if (StaticPrefs::network_security_esni_enabled() &&
-        uri->SchemeIs("https")) {
-      nsAutoCString esniHost;
-      esniHost.Append("_esni.");
-      esniHost.Append(hostname);
-      mDnsService->AsyncResolveNative(esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-                                      (nsIDNSService::RESOLVE_PRIORITY_MEDIUM |
-                                       nsIDNSService::RESOLVE_SPECULATE),
-                                      nullptr, mDNSListener, nullptr,
-                                      originAttributes,
-                                      getter_AddRefs(tmpCancelable));
-    }
-
+    // TODO: Fetch HTTPS RRs in bug 1652723.
     predicted = true;
     if (verifier) {
       PREDICTOR_LOG(("    sending preresolve verification"));
       verifier->OnPredictDNS(uri);
     }
   }
 
   return predicted;
--- a/netwerk/base/nsDNSPrefetch.cpp
+++ b/netwerk/base/nsDNSPrefetch.cpp
@@ -12,47 +12,31 @@
 #include "nsIDNSService.h"
 #include "nsIDNSByTypeRecord.h"
 #include "nsICancelable.h"
 #include "nsIURI.h"
 #include "mozilla/Atomics.h"
 #include "mozilla/Preferences.h"
 
 static nsIDNSService* sDNSService = nullptr;
-static mozilla::Atomic<bool, mozilla::Relaxed> sESNIEnabled(false);
-const char kESNIPref[] = "network.security.esni.enabled";
 
 nsresult nsDNSPrefetch::Initialize(nsIDNSService* aDNSService) {
   MOZ_ASSERT(NS_IsMainThread());
 
   NS_IF_RELEASE(sDNSService);
   sDNSService = aDNSService;
   NS_IF_ADDREF(sDNSService);
-  mozilla::Preferences::RegisterCallback(nsDNSPrefetch::PrefChanged, kESNIPref);
-  PrefChanged(nullptr, nullptr);
   return NS_OK;
 }
 
 nsresult nsDNSPrefetch::Shutdown() {
   NS_IF_RELEASE(sDNSService);
-  mozilla::Preferences::UnregisterCallback(nsDNSPrefetch::PrefChanged,
-                                           kESNIPref);
   return NS_OK;
 }
 
-// static
-void nsDNSPrefetch::PrefChanged(const char* aPref, void* aClosure) {
-  if (!aPref || strcmp(aPref, kESNIPref) == 0) {
-    bool enabled = false;
-    if (NS_SUCCEEDED(mozilla::Preferences::GetBool(kESNIPref, &enabled))) {
-      sESNIEnabled = enabled;
-    }
-  }
-}
-
 nsDNSPrefetch::nsDNSPrefetch(nsIURI* aURI,
                              mozilla::OriginAttributes& aOriginAttributes,
                              nsIRequest::TRRMode aTRRMode,
                              nsIDNSListener* aListener, bool storeTiming)
     : mOriginAttributes(aOriginAttributes),
       mStoreTiming(storeTiming),
       mTRRMode(aTRRMode),
       mListener(do_GetWeakReference(aListener)) {
@@ -71,35 +55,20 @@ nsresult nsDNSPrefetch::Prefetch(uint32_
   // If AsyncResolve fails, for example because prefetching is disabled,
   // then our timing will be useless. However, in such a case,
   // mEndTimestamp will be a null timestamp and callers should check
   // TimingsValid() before using the timing.
   nsCOMPtr<nsIEventTarget> target = mozilla::GetCurrentEventTarget();
 
   flags |= nsIDNSService::GetFlagsFromTRRMode(mTRRMode);
 
-  nsresult rv = sDNSService->AsyncResolveNative(
+  return sDNSService->AsyncResolveNative(
       mHostname, nsIDNSService::RESOLVE_TYPE_DEFAULT,
       flags | nsIDNSService::RESOLVE_SPECULATE, nullptr, this, target,
       mOriginAttributes, getter_AddRefs(tmpOutstanding));
-  if (NS_FAILED(rv)) {
-    return rv;
-  }
-
-  // Fetch esni keys if needed.
-  if (sESNIEnabled && mIsHttps) {
-    nsAutoCString esniHost;
-    esniHost.Append("_esni.");
-    esniHost.Append(mHostname);
-    sDNSService->AsyncResolveNative(esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-                                    flags | nsIDNSService::RESOLVE_SPECULATE,
-                                    nullptr, this, target, mOriginAttributes,
-                                    getter_AddRefs(tmpOutstanding));
-  }
-  return NS_OK;
 }
 
 nsresult nsDNSPrefetch::PrefetchLow(bool refreshDNS) {
   return Prefetch(nsIDNSService::RESOLVE_PRIORITY_LOW |
                   (refreshDNS ? nsIDNSService::RESOLVE_BYPASS_CACHE : 0));
 }
 
 nsresult nsDNSPrefetch::PrefetchMedium(bool refreshDNS) {
--- a/netwerk/base/nsDNSPrefetch.h
+++ b/netwerk/base/nsDNSPrefetch.h
@@ -41,18 +41,16 @@ class nsDNSPrefetch final : public nsIDN
 
   // Call one of the following methods to start the Prefetch.
   nsresult PrefetchHigh(bool refreshDNS = false);
   nsresult PrefetchMedium(bool refreshDNS = false);
   nsresult PrefetchLow(bool refreshDNS = false);
 
   nsresult FetchHTTPSSVC(bool aRefreshDNS);
 
-  static void PrefChanged(const char* aPref, void* aClosure);
-
  private:
   nsCString mHostname;
   bool mIsHttps;
   mozilla::OriginAttributes mOriginAttributes;
   bool mStoreTiming;
   nsIRequest::TRRMode mTRRMode;
   mozilla::TimeStamp mStartTimestamp;
   mozilla::TimeStamp mEndTimestamp;
--- a/netwerk/base/nsISocketTransport.idl
+++ b/netwerk/base/nsISocketTransport.idl
@@ -250,19 +250,19 @@ interface nsISocketTransport : nsITransp
     /**
      * If this flag is set then it means that if connecting the preferred ip
      * family has failed, retry with the oppsite one once more.
      */
     const unsigned long RETRY_WITH_DIFFERENT_IP_FAMILY = (1 << 9);
 
     /**
      * If we know that a server speaks only tls <1.3 there is no need to try
-     * to use esni/ech and query dns for esni/echconfig.
+     * to use ech.
      */
-    const unsigned long DONT_TRY_ESNI_OR_ECH = (1 << 10);
+    const unsigned long DONT_TRY_ECH = (1 << 10);
 
     /**
      * These two bits encode the TRR mode of the request.
      * Use the static helper methods convert between the TRR mode and flags.
      */
     const unsigned long TRR_MODE_FLAGS = (1 << 11) | (1 << 12);
 
 %{C++
@@ -321,25 +321,23 @@ interface nsISocketTransport : nsITransp
     /**
      * If true, this socket transport has found out the prefered family
      * according it's connection flags could not be used to establish
      * connections any more.  Hence, the preference should be reset.
      */
     readonly attribute boolean resetIPFamilyPreference;
 
     /**
-     * This attribute holds information whether esni has been used.
+     * This attribute holds information whether echConfig has been used.
      * The value is set after PR_Connect is called.
      */
-   readonly attribute boolean esniUsed;
+   readonly attribute boolean echConfigUsed;
 
     /**
      * Called to set the echConfig to the securityInfo object.
-     * Note that echConfig taks priority over esni, so when this function is
-     * called esni will not be used.
      */
     void setEchConfig(in ACString echConfig);
 
     /**
      * IP address resolved using TRR.
      */
     bool resolvedByTRR();
 };
--- a/netwerk/base/nsSocketTransport2.cpp
+++ b/netwerk/base/nsSocketTransport2.cpp
@@ -707,20 +707,17 @@ nsSocketTransport::nsSocketTransport()
       mResetFamilyPreference(false),
       mTlsFlags(0),
       mReuseAddrPort(false),
       mState(STATE_CLOSED),
       mAttached(false),
       mInputClosed(true),
       mOutputClosed(true),
       mResolving(false),
-      mDNSLookupStatus(NS_OK),
-      mDNSARequestFinished(0),
-      mEsniQueried(false),
-      mEsniUsed(false),
+      mEchConfigUsed(false),
       mResolvedByTRR(false),
       mNetAddrIsSet(false),
       mSelfAddrIsSet(false),
       mLock("nsSocketTransport.mLock"),
       mFD(this),
       mFDref(0),
       mFDconnected(false),
       mFDFastOpenInProgress(false),
@@ -1086,48 +1083,16 @@ nsresult nsSocketTransport::ResolveHost(
   if (!SocketHost().Equals(mOriginHost)) {
     SOCKET_LOG(("nsSocketTransport %p origin %s doing dns for %s\n", this,
                 mOriginHost.get(), SocketHost().get()));
   }
   rv =
       dns->AsyncResolveNative(SocketHost(), nsIDNSService::RESOLVE_TYPE_DEFAULT,
                               dnsFlags, nullptr, this, mSocketTransportService,
                               mOriginAttributes, getter_AddRefs(mDNSRequest));
-  mEsniQueried = false;
-  // NOTE: If we already have echConfig, we don't try ESNI.
-  if (mSocketTransportService->IsEsniEnabled() && NS_SUCCEEDED(rv) &&
-      !(mConnectionFlags & (DONT_TRY_ESNI_OR_ECH | BE_CONSERVATIVE)) &&
-      mEchConfig.IsEmpty()) {
-    bool isSSL = false;
-    for (unsigned int i = 0; i < mTypes.Length(); ++i) {
-      if (mTypes[i].EqualsLiteral("ssl")) {
-        isSSL = true;
-        break;
-      }
-    }
-    if (isSSL) {
-      SOCKET_LOG((" look for esni txt record"));
-      nsAutoCString esniHost;
-      esniHost.Append("_esni.");
-      // This might end up being the SocketHost
-      // see https://github.com/ekr/draft-rescorla-tls-esni/issues/61
-      esniHost.Append(SocketHost());
-      rv = dns->AsyncResolveNative(esniHost, nsIDNSService::RESOLVE_TYPE_TXT,
-                                   dnsFlags, nullptr, this,
-                                   mSocketTransportService, mOriginAttributes,
-                                   getter_AddRefs(mDNSTxtRequest));
-      if (NS_FAILED(rv)) {
-        SOCKET_LOG(("  dns request by type failed."));
-        mDNSTxtRequest = nullptr;
-        rv = NS_OK;
-      } else {
-        mEsniQueried = true;
-      }
-    }
-  }
 
   if (NS_SUCCEEDED(rv)) {
     SOCKET_LOG(("  advancing to STATE_RESOLVING\n"));
     mState = STATE_RESOLVING;
   }
   return rv;
 }
 
@@ -1578,29 +1543,23 @@ nsresult nsSocketTransport::InitiateSock
       return NS_ERROR_FAILURE;
     }
   }
 #endif
 
   nsCOMPtr<nsISSLSocketControl> secCtrl = do_QueryInterface(mSecInfo);
   if (secCtrl) {
     if (!mEchConfig.IsEmpty() &&
-        !(mConnectionFlags & (DONT_TRY_ESNI_OR_ECH | BE_CONSERVATIVE))) {
+        !(mConnectionFlags & (DONT_TRY_ECH | BE_CONSERVATIVE))) {
       SOCKET_LOG(("nsSocketTransport::InitiateSocket set echconfig."));
       rv = secCtrl->SetEchConfig(mEchConfig);
       if (NS_FAILED(rv)) {
         return rv;
       }
-    } else if (!mDNSRecordTxt.IsEmpty() && !mUsingQuic) {
-      SOCKET_LOG(("nsSocketTransport::InitiateSocket set esni keys."));
-      rv = secCtrl->SetEsniTxt(mDNSRecordTxt);
-      if (NS_FAILED(rv)) {
-        return rv;
-      }
-      mEsniUsed = true;
+      mEchConfigUsed = true;
     }
   }
 
   if (mUsingQuic) {
     //
     // we pretend that we are connected!
     //
     if (PR_Connect(fd, &prAddr, NS_SOCKET_CONNECT_TIMEOUT) == PR_SUCCESS) {
@@ -2215,24 +2174,23 @@ void nsSocketTransport::OnSocketEvent(ui
           mCondition = ResolveHost();
 
       } else {
         SOCKET_LOG(("  ignoring redundant event\n"));
       }
       break;
 
     case MSG_DNS_LOOKUP_COMPLETE:
-      if (mDNSRequest ||
-          mDNSTxtRequest) {  // only send this if we actually resolved anything
+      if (mDNSRequest) {  // only send this if we actually resolved anything
         SendStatus(NS_NET_STATUS_RESOLVED_HOST);
       }
 
       SOCKET_LOG(("  MSG_DNS_LOOKUP_COMPLETE\n"));
       mDNSRequest = nullptr;
-      mDNSTxtRequest = nullptr;
+
       if (mDNSRecord) {
         mDNSRecord->GetNextAddr(SocketPort(), &mNetAddr);
         mDNSRecord->IsTRR(&mResolvedByTRR);
       }
       // status contains DNS lookup status
       if (NS_FAILED(status)) {
         // When using a HTTP proxy, NS_ERROR_UNKNOWN_HOST means the HTTP
         // proxy host is not found, so we fixup the error code.
@@ -2495,21 +2453,16 @@ void nsSocketTransport::OnSocketDetached
     mFastOpenCallback = nullptr;
 
     // make sure there isn't any pending DNS request
     if (mDNSRequest) {
       mDNSRequest->Cancel(NS_ERROR_ABORT);
       mDNSRequest = nullptr;
     }
 
-    if (mDNSTxtRequest) {
-      mDNSTxtRequest->Cancel(NS_ERROR_ABORT);
-      mDNSTxtRequest = nullptr;
-    }
-
     //
     // notify input/output streams
     //
     mInput.OnSocketReady(mCondition);
     mOutput.OnSocketReady(mCondition);
   }
 
   // If FastOpen has been used (mFDFastOpenInProgress==true),
@@ -3024,75 +2977,31 @@ nsSocketTransport::SetSendBufferSize(uin
 
 NS_IMETHODIMP
 nsSocketTransport::OnLookupComplete(nsICancelable* request, nsIDNSRecord* rec,
                                     nsresult status) {
   SOCKET_LOG(("nsSocketTransport::OnLookupComplete: this=%p status %" PRIx32
               ".",
               this, static_cast<uint32_t>(status)));
 
-  if (request == mDNSTxtRequest) {
-    if (NS_SUCCEEDED(status)) {
-      nsCOMPtr<nsIDNSTXTRecord> txtResponse = do_QueryInterface(rec);
-      txtResponse->GetRecordsAsOneString(mDNSRecordTxt);
-      mDNSRecordTxt.Trim(" ");
-    }
-    Telemetry::Accumulate(Telemetry::ESNI_KEYS_RECORDS_FOUND,
-                          NS_SUCCEEDED(status));
-    // flag host lookup complete for the benefit of the ResolveHost method.
-    if (!mDNSRequest) {
-      mResolving = false;
-      MOZ_ASSERT(mDNSARequestFinished);
-      Telemetry::Accumulate(
-          Telemetry::ESNI_KEYS_RECORD_FETCH_DELAYS,
-          PR_IntervalToMilliseconds(PR_IntervalNow() - mDNSARequestFinished));
-
-      nsresult rv =
-          PostEvent(MSG_DNS_LOOKUP_COMPLETE, mDNSLookupStatus, nullptr);
-
-      // if posting a message fails, then we should assume that the socket
-      // transport has been shutdown.  this should never happen!  if it does
-      // it means that the socket transport service was shutdown before the
-      // DNS service.
-      if (NS_FAILED(rv)) {
-        NS_WARNING("unable to post DNS lookup complete message");
-      }
-    } else {
-      mDNSTxtRequest = nullptr;
-    }
-    return NS_OK;
-  }
-
-  if (NS_FAILED(status) && mDNSTxtRequest) {
-    mDNSTxtRequest->Cancel(NS_ERROR_ABORT);
-  } else if (NS_SUCCEEDED(status)) {
+  if (NS_SUCCEEDED(status)) {
     mDNSRecord = do_QueryInterface(rec);
     MOZ_ASSERT(mDNSRecord);
   }
 
   // flag host lookup complete for the benefit of the ResolveHost method.
-  if (!mDNSTxtRequest) {
-    if (mEsniQueried) {
-      Telemetry::Accumulate(Telemetry::ESNI_KEYS_RECORD_FETCH_DELAYS, 0);
-    }
-    mResolving = false;
-    nsresult rv = PostEvent(MSG_DNS_LOOKUP_COMPLETE, status, nullptr);
-
-    // if posting a message fails, then we should assume that the socket
-    // transport has been shutdown.  this should never happen!  if it does
-    // it means that the socket transport service was shutdown before the
-    // DNS service.
-    if (NS_FAILED(rv)) {
-      NS_WARNING("unable to post DNS lookup complete message");
-    }
-  } else {
-    mDNSLookupStatus =
-        status;  // remember the status to send it when esni lookup is ready.
-    mDNSRequest = nullptr;
-    mDNSARequestFinished = PR_IntervalNow();
+  mResolving = false;
+  nsresult rv = PostEvent(MSG_DNS_LOOKUP_COMPLETE, status, nullptr);
+
+  // if posting a message fails, then we should assume that the socket
+  // transport has been shutdown.  this should never happen!  if it does
+  // it means that the socket transport service was shutdown before the
+  // DNS service.
+  if (NS_FAILED(rv)) {
+    NS_WARNING("unable to post DNS lookup complete message");
   }
 
   return NS_OK;
 }
 
 // nsIInterfaceRequestor
 NS_IMETHODIMP
 nsSocketTransport::GetInterface(const nsIID& iid, void** result) {
@@ -3657,18 +3566,18 @@ nsSocketTransport::GetFirstRetryError(ns
 
 NS_IMETHODIMP
 nsSocketTransport::GetResetIPFamilyPreference(bool* aReset) {
   *aReset = mResetFamilyPreference;
   return NS_OK;
 }
 
 NS_IMETHODIMP
-nsSocketTransport::GetEsniUsed(bool* aEsniUsed) {
-  *aEsniUsed = mEsniUsed;
+nsSocketTransport::GetEchConfigUsed(bool* aEchConfigUsed) {
+  *aEchConfigUsed = mEchConfigUsed;
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsSocketTransport::SetEchConfig(const nsACString& aEchConfig) {
   mEchConfig = aEchConfig;
   return NS_OK;
 }
--- a/netwerk/base/nsSocketTransport2.h
+++ b/netwerk/base/nsSocketTransport2.h
@@ -322,23 +322,18 @@ class nsSocketTransport final : public n
 
   // this flag is used to determine if the results of a host lookup arrive
   // recursively or not.  this flag is not protected by any lock.
   bool mResolving;
 
   nsCOMPtr<nsICancelable> mDNSRequest;
   nsCOMPtr<nsIDNSAddrRecord> mDNSRecord;
 
-  nsresult mDNSLookupStatus;
-  PRIntervalTime mDNSARequestFinished;
-  nsCOMPtr<nsICancelable> mDNSTxtRequest;
-  nsCString mDNSRecordTxt;
   nsCString mEchConfig;
-  bool mEsniQueried;
-  bool mEsniUsed;
+  bool mEchConfigUsed = false;
   bool mResolvedByTRR;
 
   // mNetAddr/mSelfAddr is valid from GetPeerAddr()/GetSelfAddr() once we have
   // reached STATE_TRANSFERRING. It must not change after that.
   void SetSocketName(PRFileDesc* fd);
   NetAddr mNetAddr;
   NetAddr mSelfAddr;  // getsockname()
   Atomic<bool, Relaxed> mNetAddrIsSet;
--- a/netwerk/base/nsSocketTransportService2.cpp
+++ b/netwerk/base/nsSocketTransportService2.cpp
@@ -52,18 +52,16 @@ static Atomic<PRThread*, Relaxed> gSocke
 #define MAX_TIME_BETWEEN_TWO_POLLS \
   "network.sts.max_time_for_events_between_two_polls"
 #define POLL_BUSY_WAIT_PERIOD "network.sts.poll_busy_wait_period"
 #define POLL_BUSY_WAIT_PERIOD_TIMEOUT \
   "network.sts.poll_busy_wait_period_timeout"
 #define MAX_TIME_FOR_PR_CLOSE_DURING_SHUTDOWN \
   "network.sts.max_time_for_pr_close_during_shutdown"
 #define POLLABLE_EVENT_TIMEOUT "network.sts.pollable_event_timeout"
-#define ESNI_ENABLED "network.security.esni.enabled"
-#define ESNI_DISABLED_MITM "security.pki.mitm_detected"
 
 #define REPAIR_POLLABLE_EVENT_TIME 10
 
 uint32_t nsSocketTransportService::gMaxCount;
 PRCallOnceType nsSocketTransportService::gMaxCountInitOnce;
 
 // Utility functions
 bool OnSocketThread() { return PR_GetCurrentThread() == gSocketThread; }
@@ -146,18 +144,16 @@ nsSocketTransportService::nsSocketTransp
       mNetworkLinkChangeBusyWaitTimeout(PR_SecondsToInterval(7)),
       mSleepPhase(false),
       mProbedMaxCount(false)
 #if defined(XP_WIN)
       ,
       mPolling(false)
 #endif
       ,
-      mEsniEnabled(false),
-      mTrustedMitmDetected(false),
       mNotTrustedMitmDetected(false) {
   NS_ASSERTION(NS_IsMainThread(), "wrong thread");
 
   PR_CallOnce(&gMaxCountInitOnce, DiscoverMaxCount);
   mActiveList =
       (SocketContext*)moz_xmalloc(sizeof(SocketContext) * mActiveListSize);
   mIdleList =
       (SocketContext*)moz_xmalloc(sizeof(SocketContext) * mIdleListSize);
@@ -738,18 +734,16 @@ static const char* gCallbackPrefs[] = {
     SEND_BUFFER_PREF,
     KEEPALIVE_ENABLED_PREF,
     KEEPALIVE_IDLE_TIME_PREF,
     KEEPALIVE_RETRY_INTERVAL_PREF,
     KEEPALIVE_PROBE_COUNT_PREF,
     MAX_TIME_BETWEEN_TWO_POLLS,
     MAX_TIME_FOR_PR_CLOSE_DURING_SHUTDOWN,
     POLLABLE_EVENT_TIMEOUT,
-    ESNI_ENABLED,
-    ESNI_DISABLED_MITM,
     "network.socket.forcePort",
     nullptr,
 };
 
 /* static */
 void nsSocketTransportService::UpdatePrefs(const char* aPref, void* aSelf) {
   static_cast<nsSocketTransportService*>(aSelf)->UpdatePrefs();
 }
@@ -1512,28 +1506,16 @@ nsresult nsSocketTransportService::Updat
 
   int32_t pollableEventTimeout;
   rv = Preferences::GetInt(POLLABLE_EVENT_TIMEOUT, &pollableEventTimeout);
   if (NS_SUCCEEDED(rv) && pollableEventTimeout >= 0) {
     MutexAutoLock lock(mLock);
     mPollableEventTimeout = TimeDuration::FromSeconds(pollableEventTimeout);
   }
 
-  bool esniPref = false;
-  rv = Preferences::GetBool(ESNI_ENABLED, &esniPref);
-  if (NS_SUCCEEDED(rv)) {
-    mEsniEnabled = esniPref;
-  }
-
-  bool esniMitmPref = false;
-  rv = Preferences::GetBool(ESNI_DISABLED_MITM, &esniMitmPref);
-  if (NS_SUCCEEDED(rv)) {
-    mTrustedMitmDetected = esniMitmPref;
-  }
-
   nsAutoCString portMappingPref;
   rv = Preferences::GetCString("network.socket.forcePort", portMappingPref);
   if (NS_SUCCEEDED(rv)) {
     bool rv = UpdatePortRemapPreference(portMappingPref);
     if (!rv) {
       NS_ERROR(
           "network.socket.forcePort preference is ill-formed, this will likely "
           "make everything unexpectedly fail!");
--- a/netwerk/base/nsSocketTransportService2.h
+++ b/netwerk/base/nsSocketTransportService2.h
@@ -117,20 +117,16 @@ class nsSocketTransportService final : p
   uint64_t GetReceivedBytes() { return mReceivedBytesCount; }
 
   // Returns true if keepalives are enabled in prefs.
   bool IsKeepaliveEnabled() { return mKeepaliveEnabledPref; }
 
   bool IsTelemetryEnabledAndNotSleepPhase();
   PRIntervalTime MaxTimeForPrClosePref() { return mMaxTimeForPrClosePref; }
 
-  bool IsEsniEnabled() {
-    return mEsniEnabled && !mTrustedMitmDetected && !mNotTrustedMitmDetected;
-  }
-
   void SetNotTrustedMitmDetected() { mNotTrustedMitmDetected = true; }
 
   // According the preference value of `network.socket.forcePort` this method
   // possibly remaps the port number passed as the arg.
   void ApplyPortRemap(uint16_t* aPort);
 
   // Reads the preference string and updates (rewrites) the mPortRemapping
   // array on the socket thread.  Returns true if the whole pref string was
@@ -338,18 +334,16 @@ class nsSocketTransportService final : p
   void StartPollWatchdog();
   void DoPollRepair();
   void StartPolling();
   void EndPolling();
 #endif
 
   void TryRepairPollableEvent();
 
-  bool mEsniEnabled;
-  bool mTrustedMitmDetected;
   bool mNotTrustedMitmDetected;
 
   CopyableTArray<nsCOMPtr<nsISTSShutdownObserver>> mShutdownObservers;
 };
 
 extern nsSocketTransportService* gSocketTransportService;
 bool OnSocketThread();
 
--- a/netwerk/protocol/http/HalfOpenSocket.cpp
+++ b/netwerk/protocol/http/HalfOpenSocket.cpp
@@ -163,17 +163,17 @@ nsresult HalfOpenSocket::SetupStreams(ns
     tmpFlags |= nsISocketTransport::ANONYMOUS_CONNECT;
   }
 
   if (ci->GetPrivate() || ci->GetIsolated()) {
     tmpFlags |= nsISocketTransport::NO_PERMANENT_STORAGE;
   }
 
   if (ci->GetLessThanTls13()) {
-    tmpFlags |= nsISocketTransport::DONT_TRY_ESNI_OR_ECH;
+    tmpFlags |= nsISocketTransport::DONT_TRY_ECH;
   }
 
   if (((mCaps & NS_HTTP_BE_CONSERVATIVE) || ci->GetBeConservative()) &&
       gHttpHandler->ConnMgr()->BeConservativeIfProxied(ci->ProxyInfo())) {
     LOG(("Setting Socket to BE_CONSERVATIVE"));
     tmpFlags |= nsISocketTransport::BE_CONSERVATIVE;
   }
 
--- a/netwerk/protocol/http/HttpConnectionBase.cpp
+++ b/netwerk/protocol/http/HttpConnectionBase.cpp
@@ -12,21 +12,16 @@
 #define LOG(args) LOG5(args)
 #undef LOG_ENABLED
 #define LOG_ENABLED() LOG5_ENABLED()
 
 #define TLS_EARLY_DATA_NOT_AVAILABLE 0
 #define TLS_EARLY_DATA_AVAILABLE_BUT_NOT_USED 1
 #define TLS_EARLY_DATA_AVAILABLE_AND_USED 2
 
-#define ESNI_SUCCESSFUL 0
-#define ESNI_FAILED 1
-#define NO_ESNI_SUCCESSFUL 2
-#define NO_ESNI_FAILED 3
-
 #include "mozilla/Telemetry.h"
 #include "HttpConnectionBase.h"
 #include "nsHttpHandler.h"
 #include "nsIClassOfService.h"
 #include "nsIOService.h"
 #include "nsISocketTransport.h"
 
 namespace mozilla {
--- a/netwerk/protocol/http/HttpConnectionUDP.cpp
+++ b/netwerk/protocol/http/HttpConnectionUDP.cpp
@@ -12,21 +12,16 @@
 #define LOG(args) LOG5(args)
 #undef LOG_ENABLED
 #define LOG_ENABLED() LOG5_ENABLED()
 
 #define TLS_EARLY_DATA_NOT_AVAILABLE 0
 #define TLS_EARLY_DATA_AVAILABLE_BUT_NOT_USED 1
 #define TLS_EARLY_DATA_AVAILABLE_AND_USED 2
 
-#define ESNI_SUCCESSFUL 0
-#define ESNI_FAILED 1
-#define NO_ESNI_SUCCESSFUL 2
-#define NO_ESNI_FAILED 3
-
 #include "ASpdySession.h"
 #include "mozilla/ChaosMode.h"
 #include "mozilla/Telemetry.h"
 #include "HttpConnectionUDP.h"
 #include "nsHttpHandler.h"
 #include "nsHttpRequestHead.h"
 #include "nsHttpResponseHead.h"
 #include "nsIClassOfService.h"
--- a/netwerk/protocol/http/TunnelUtils.cpp
+++ b/netwerk/protocol/http/TunnelUtils.cpp
@@ -2054,19 +2054,19 @@ NS_IMETHODIMP
 SocketTransportShim::GetFirstRetryError(nsresult* aFirstRetryError) {
   if (mIsWebsocket) {
     LOG3(("WARNING: SocketTransportShim::GetFirstRetryError %p", this));
   }
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
-SocketTransportShim::GetEsniUsed(bool* aEsniUsed) {
+SocketTransportShim::GetEchConfigUsed(bool* aEchConfigUsed) {
   if (mIsWebsocket) {
-    LOG3(("WARNING: SocketTransportShim::GetEsniUsed %p", this));
+    LOG3(("WARNING: SocketTransportShim::GetEchConfigUsed %p", this));
   }
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
 SocketTransportShim::SetEchConfig(const nsACString& aEchConfig) {
   if (mIsWebsocket) {
     LOG3(("WARNING: SocketTransportShim::SetEchConfig %p", this));
--- a/netwerk/protocol/http/nsHttpConnection.cpp
+++ b/netwerk/protocol/http/nsHttpConnection.cpp
@@ -12,21 +12,16 @@
 #define LOG(args) LOG5(args)
 #undef LOG_ENABLED
 #define LOG_ENABLED() LOG5_ENABLED()
 
 #define TLS_EARLY_DATA_NOT_AVAILABLE 0
 #define TLS_EARLY_DATA_AVAILABLE_BUT_NOT_USED 1
 #define TLS_EARLY_DATA_AVAILABLE_AND_USED 2
 
-#define ESNI_SUCCESSFUL 0
-#define ESNI_FAILED 1
-#define NO_ESNI_SUCCESSFUL 2
-#define NO_ESNI_FAILED 3
-
 #include "ASpdySession.h"
 #include "mozilla/ChaosMode.h"
 #include "mozilla/Telemetry.h"
 #include "nsHttpConnection.h"
 #include "nsHttpHandler.h"
 #include "nsHttpRequestHead.h"
 #include "nsHttpResponseHead.h"
 #include "nsIClassOfService.h"
@@ -438,18 +433,16 @@ bool nsHttpConnection::EnsureNPNComplete
     return true;
   }
 
   nsresult rv = NS_OK;
   nsCOMPtr<nsISupports> securityInfo;
   nsCOMPtr<nsITransportSecurityInfo> info;
   nsCOMPtr<nsISSLSocketControl> ssl;
   nsAutoCString negotiatedNPN;
-  // This is neede for telemetry
-  bool handshakeSucceeded = false;
 
   GetSecurityInfo(getter_AddRefs(securityInfo));
   if (!securityInfo) {
     goto npnComplete;
   }
 
   ssl = do_QueryInterface(securityInfo, &rv);
   if (NS_FAILED(rv)) goto npnComplete;
@@ -556,18 +549,16 @@ bool nsHttpConnection::EnsureNPNComplete
     return false;
   }
 
   if (NS_SUCCEEDED(rv)) {
     LOG1(("nsHttpConnection::EnsureNPNComplete %p [%s] negotiated to '%s'%s\n",
           this, mConnInfo->HashKey().get(), negotiatedNPN.get(),
           mTLSFilter ? " [Double Tunnel]" : ""));
 
-    handshakeSucceeded = true;
-
     int16_t tlsVersion;
     ssl->GetSSLVersionUsed(&tlsVersion);
     mConnInfo->SetLessThanTls13(
         (tlsVersion < nsISSLSocketControl::TLS_VERSION_1_3) &&
         (tlsVersion != nsISSLSocketControl::SSL_VERSION_UNKNOWN));
 
     bool earlyDataAccepted = false;
     if (mWaitingFor0RTTResponse) {
@@ -696,28 +687,16 @@ npnComplete:
     mUsingSpdyVersion = SpdyVersion::NONE;
     mTransaction = nullptr;
     mSpdySession = nullptr;
     // We have to reset this here, just in case we end up starting spdy again,
     // so it can actually do everything it needs to do.
     mDid0RTTSpdy = false;
   }
 
-  if (ssl) {
-    // Telemetry for tls failure rate with and without esni;
-    bool esni = false;
-    if (NS_SUCCEEDED(mSocketTransport->GetEsniUsed(&esni))) {
-      Telemetry::Accumulate(
-          Telemetry::ESNI_NOESNI_TLS_SUCCESS_RATE,
-          (esni)
-              ? ((handshakeSucceeded) ? ESNI_SUCCESSFUL : ESNI_FAILED)
-              : ((handshakeSucceeded) ? NO_ESNI_SUCCESSFUL : NO_ESNI_FAILED));
-    }
-  }
-
   if (rv == psm::GetXPCOMFromNSSError(
                 mozilla::pkix::MOZILLA_PKIX_ERROR_MITM_DETECTED)) {
     gSocketTransportService->SetNotTrustedMitmDetected();
   }
   return true;
 }
 
 nsresult nsHttpConnection::OnTunnelNudged(TLSFilterTransaction* trans) {
rename from netwerk/test/unit/test_esni_dns_fetch.js
rename to netwerk/test/unit/test_dns_by_type_resolve.js
--- a/netwerk/test/unit/test_esni_dns_fetch.js
+++ b/netwerk/test/unit/test_dns_by_type_resolve.js
@@ -27,17 +27,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -56,17 +55,16 @@ function setup() {
   const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u");
 }
 
 setup();
 registerCleanupFunction(() => {
-  prefs.clearUserPref("network.security.esni.enabled");
   prefs.clearUserPref("network.http.spdy.enabled");
   prefs.clearUserPref("network.http.spdy.enabled.http2");
   prefs.clearUserPref("network.dns.localDomains");
   prefs.clearUserPref("network.dns.native-is-localhost");
   prefs.clearUserPref("network.trr.mode");
   prefs.clearUserPref("network.trr.uri");
   prefs.clearUserPref("network.trr.credentials");
   prefs.clearUserPref("network.trr.wait-for-portal");
@@ -96,17 +94,17 @@ class DNSListener {
     return this.promise.then.apply(this.promise, arguments);
   }
 }
 
 DNSListener.prototype.QueryInterface = ChromeUtils.generateQI([
   "nsIDNSListener",
 ]);
 
-add_task(async function testEsniRequest() {
+add_task(async function testTXTResolve() {
   // use the h2 server as DOH provider
   prefs.setCharPref(
     "network.trr.uri",
     "https://foo.example.com:" + h2Port + "/doh"
   );
 
   let listenerEsni = new DNSListener();
   let request = dns.asyncResolve(
@@ -123,21 +121,21 @@ add_task(async function testEsniRequest(
   Assert.equal(inRequest, request, "correct request was used");
   Assert.equal(inStatus, Cr.NS_OK, "status OK");
   let answer = inRecord
     .QueryInterface(Ci.nsIDNSTXTRecord)
     .getRecordsAsOneString();
   Assert.equal(answer, test_answer, "got correct answer");
 });
 
-// verify esni record pushed on a A record request
-add_task(async function testEsniPushPart1() {
+// verify TXT record pushed on a A record request
+add_task(async function testTXTRecordPushPart1() {
   prefs.setCharPref(
     "network.trr.uri",
-    "https://foo.example.com:" + h2Port + "/esni-dns-push"
+    "https://foo.example.com:" + h2Port + "/txt-dns-push"
   );
   let listenerAddr = new DNSListener();
   let request = dns.asyncResolve(
     "_esni_push.example.com",
     dns.RESOLVE_TYPE_DEFAULT,
     0,
     null, // resolverInfo
     listenerAddr,
@@ -148,18 +146,18 @@ add_task(async function testEsniPushPart
   let [inRequest, inRecord, inStatus] = await listenerAddr;
   Assert.equal(inRequest, request, "correct request was used");
   Assert.equal(inStatus, Cr.NS_OK, "status OK");
   inRecord.QueryInterface(Ci.nsIDNSAddrRecord);
   let answer = inRecord.getNextAddrAsString();
   Assert.equal(answer, test_answer_addr, "got correct answer");
 });
 
-// verify the esni pushed record
-add_task(async function testEsniPushPart2() {
+// verify the TXT pushed record
+add_task(async function testTXTRecordPushPart2() {
   // At this point the second host name should've been pushed and we can resolve it using
   // cache only. Set back the URI to a path that fails.
   prefs.setCharPref(
     "network.trr.uri",
     "https://foo.example.com:" + h2Port + "/404"
   );
   let listenerEsni = new DNSListener();
   let request = dns.asyncResolve(
@@ -176,17 +174,17 @@ add_task(async function testEsniPushPart
   Assert.equal(inRequest, request, "correct request was used");
   Assert.equal(inStatus, Cr.NS_OK, "status OK");
   let answer = inRecord
     .QueryInterface(Ci.nsIDNSTXTRecord)
     .getRecordsAsOneString();
   Assert.equal(answer, test_answer, "got correct answer");
 });
 
-add_task(async function testEsniHTTPSSVC() {
+add_task(async function testHTTPSSVCResolve() {
   prefs.setCharPref(
     "network.trr.uri",
     "https://foo.example.com:" + h2Port + "/doh"
   );
   let listenerEsni = new DNSListener();
   let request = dns.asyncResolve(
     "httpssvc_esni.example.com",
     dns.RESOLVE_TYPE_HTTPSSVC,
--- a/netwerk/test/unit/test_httpssvc_iphint.js
+++ b/netwerk/test/unit/test_httpssvc_iphint.js
@@ -30,17 +30,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -62,17 +61,16 @@ function setup() {
   const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u");
 }
 
 setup();
 registerCleanupFunction(() => {
-  prefs.clearUserPref("network.security.esni.enabled");
   prefs.clearUserPref("network.http.spdy.enabled");
   prefs.clearUserPref("network.http.spdy.enabled.http2");
   prefs.clearUserPref("network.dns.localDomains");
   prefs.clearUserPref("network.dns.native-is-localhost");
   prefs.clearUserPref("network.trr.mode");
   prefs.clearUserPref("network.trr.uri");
   prefs.clearUserPref("network.trr.credentials");
   prefs.clearUserPref("network.trr.wait-for-portal");
--- a/netwerk/test/unit/test_httpssvc_priority.js
+++ b/netwerk/test/unit/test_httpssvc_priority.js
@@ -29,17 +29,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -58,17 +57,16 @@ function setup() {
   const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u");
 }
 
 setup();
 registerCleanupFunction(() => {
-  prefs.clearUserPref("network.security.esni.enabled");
   prefs.clearUserPref("network.http.spdy.enabled");
   prefs.clearUserPref("network.http.spdy.enabled.http2");
   prefs.clearUserPref("network.dns.localDomains");
   prefs.clearUserPref("network.dns.native-is-localhost");
   prefs.clearUserPref("network.trr.mode");
   prefs.clearUserPref("network.trr.uri");
   prefs.clearUserPref("network.trr.credentials");
   prefs.clearUserPref("network.trr.wait-for-portal");
--- a/netwerk/test/unit/test_trr_httpssvc.js
+++ b/netwerk/test/unit/test_trr_httpssvc.js
@@ -34,17 +34,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -64,17 +63,16 @@ function setup() {
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u");
 }
 
 if (!inChildProcess()) {
   setup();
   registerCleanupFunction(() => {
-    prefs.clearUserPref("network.security.esni.enabled");
     prefs.clearUserPref("network.http.spdy.enabled");
     prefs.clearUserPref("network.http.spdy.enabled.http2");
     prefs.clearUserPref("network.dns.localDomains");
     prefs.clearUserPref("network.dns.native-is-localhost");
     prefs.clearUserPref("network.trr.mode");
     prefs.clearUserPref("network.trr.uri");
     prefs.clearUserPref("network.trr.credentials");
     prefs.clearUserPref("network.trr.wait-for-portal");
--- a/netwerk/test/unit/test_use_httpssvc.js
+++ b/netwerk/test/unit/test_use_httpssvc.js
@@ -30,17 +30,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -62,17 +61,16 @@ function setup() {
   const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u");
 }
 
 setup();
 registerCleanupFunction(() => {
-  prefs.clearUserPref("network.security.esni.enabled");
   prefs.clearUserPref("network.http.spdy.enabled");
   prefs.clearUserPref("network.http.spdy.enabled.http2");
   prefs.clearUserPref("network.dns.localDomains");
   prefs.clearUserPref("network.dns.native-is-localhost");
   prefs.clearUserPref("network.trr.mode");
   prefs.clearUserPref("network.trr.uri");
   prefs.clearUserPref("network.trr.credentials");
   prefs.clearUserPref("network.trr.wait-for-portal");
--- a/netwerk/test/unit/xpcshell.ini
+++ b/netwerk/test/unit/xpcshell.ini
@@ -403,17 +403,17 @@ run-sequentially = node server exception
 skip-if = appname == "thunderbird"
 [test_ioservice.js]
 [test_substituting_protocol_handler.js]
 [test_proxyconnect.js]
 skip-if = tsan || socketprocess_networking # Bug 1614708
 [test_captive_portal_service.js]
 run-sequentially = node server exceptions dont replay well
 skip-if = socketprocess_networking
-[test_esni_dns_fetch.js]
+[test_dns_by_type_resolve.js]
 [test_network_connectivity_service.js]
 [test_suspend_channel_on_authRetry.js]
 [test_suspend_channel_on_examine_merged_response.js]
 [test_bug1527293.js]
 [test_stale-while-revalidate_negative.js]
 [test_stale-while-revalidate_positive.js]
 [test_stale-while-revalidate_loop.js]
 [test_stale-while-revalidate_max-age-0.js]
rename from netwerk/test/unit_ipc/child_esni_dns_fetch1.js
rename to netwerk/test/unit_ipc/child_dns_by_type_resolve.js
--- a/netwerk/test/unit_ipc/child_esni_dns_fetch1.js
+++ b/netwerk/test/unit_ipc/child_dns_by_type_resolve.js
@@ -27,17 +27,17 @@ class DNSListener {
     return this.promise.then.apply(this.promise, arguments);
   }
 }
 
 DNSListener.prototype.QueryInterface = ChromeUtils.generateQI([
   "nsIDNSListener",
 ]);
 
-add_task(async function testEsniRequest() {
+add_task(async function testTXTResolve() {
   // use the h2 server as DOH provider
   let listenerEsni = new DNSListener();
   let request = dns.asyncResolve(
     "_esni.example.com",
     dns.RESOLVE_TYPE_TXT,
     0,
     null, // resolverInfo
     listenerEsni,
@@ -49,17 +49,17 @@ add_task(async function testEsniRequest(
   Assert.equal(inStatus, Cr.NS_OK, "status OK");
   Assert.equal(inRequest, request, "correct request was used");
   let answer = inRecord
     .QueryInterface(Ci.nsIDNSTXTRecord)
     .getRecordsAsOneString();
   Assert.equal(answer, test_answer, "got correct answer");
 });
 
-add_task(async function testEsniHTTPSSVC() {
+add_task(async function testHTTPSSVCResolve() {
   // use the h2 server as DOH provider
   let listenerEsni = new DNSListener();
   let request = dns.asyncResolve(
     "httpssvc_esni.example.com",
     dns.RESOLVE_TYPE_HTTPSSVC,
     0,
     null, // resolverInfo
     listenerEsni,
rename from netwerk/test/unit_ipc/test_esni_dns_fetch_wrap.js
rename to netwerk/test/unit_ipc/test_dns_by_type_resolve_wrap.js
--- a/netwerk/test/unit_ipc/test_esni_dns_fetch_wrap.js
+++ b/netwerk/test/unit_ipc/test_dns_by_type_resolve_wrap.js
@@ -10,17 +10,16 @@ function setup() {
   h2Port = env.get("MOZHTTP2_PORT");
   Assert.notEqual(h2Port, null);
   Assert.notEqual(h2Port, "");
 
   // Set to allow the cert presented by our H2 server
   do_get_profile();
   prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 
-  prefs.setBoolPref("network.security.esni.enabled", false);
   prefs.setBoolPref("network.http.spdy.enabled", true);
   prefs.setBoolPref("network.http.spdy.enabled.http2", true);
   // the TRR server is on 127.0.0.1
   prefs.setCharPref("network.trr.bootstrapAddress", "127.0.0.1");
 
   // make all native resolve calls "secretly" resolve localhost instead
   prefs.setBoolPref("network.dns.native-is-localhost", true);
 
@@ -39,17 +38,16 @@ function setup() {
   const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
     Ci.nsIX509CertDB
   );
   addCertFromFile(certdb, "../unit/http2-ca.pem", "CTu,u,u");
 }
 
 setup();
 registerCleanupFunction(() => {
-  prefs.clearUserPref("network.security.esni.enabled");
   prefs.clearUserPref("network.http.spdy.enabled");
   prefs.clearUserPref("network.http.spdy.enabled.http2");
   prefs.clearUserPref("network.dns.localDomains");
   prefs.clearUserPref("network.dns.native-is-localhost");
   prefs.clearUserPref("network.trr.mode");
   prefs.clearUserPref("network.trr.uri");
   prefs.clearUserPref("network.trr.credentials");
   prefs.clearUserPref("network.trr.wait-for-portal");
@@ -62,10 +60,10 @@ registerCleanupFunction(() => {
   prefs.clearUserPref("network.trr.clear-cache-on-pref-change");
 });
 
 function run_test() {
   prefs.setCharPref(
     "network.trr.uri",
     "https://foo.example.com:" + h2Port + "/doh"
   );
-  run_test_in_child("child_esni_dns_fetch1.js");
+  run_test_in_child("child_dns_by_type_resolve.js");
 }
--- a/netwerk/test/unit_ipc/xpcshell.ini
+++ b/netwerk/test/unit_ipc/xpcshell.ini
@@ -56,17 +56,17 @@ support-files =
   !/netwerk/test/unit/test_alt-data_closeWithStatus.js
   !/netwerk/test/unit/test_channel_priority.js
   !/netwerk/test/unit/test_multipart_streamconv.js
   !/netwerk/test/unit/test_original_sent_received_head.js
   !/netwerk/test/unit/test_alt-data_cross_process.js
   !/netwerk/test/unit/test_httpcancel.js
   !/netwerk/test/unit/test_trr_httpssvc.js
   child_cookie_header.js
-  child_esni_dns_fetch1.js
+  child_dns_by_type_resolve.js
 
 [test_cookie_header_stripped.js]
 [test_cacheflags_wrap.js]
 [test_cache-entry-id_wrap.js]
 [test_cache_jar_wrap.js]
 [test_channel_close_wrap.js]
 [test_cookiejars_wrap.js]
 [test_dns_cancel_wrap.js]
@@ -103,11 +103,11 @@ skip-if = true
 [test_original_sent_received_head_wrap.js]
 [test_channel_id.js]
 [test_trackingProtection_annotateChannels_wrap1.js]
 [test_trackingProtection_annotateChannels_wrap2.js]
 [test_channel_priority_wrap.js]
 [test_multipart_streamconv_wrap.js]
 [test_alt-data_cross_process_wrap.js]
 [test_httpcancel_wrap.js]
-[test_esni_dns_fetch_wrap.js]
+[test_dns_by_type_resolve_wrap.js]
 [test_trr_httpssvc_wrap.js]
 skip-if = os == "android"
--- a/testing/xpcshell/moz-http2/moz-http2.js
+++ b/testing/xpcshell/moz-http2/moz-http2.js
@@ -717,17 +717,17 @@ function handleRequest(req, res) {
           name: u.query.hostname ? u.query.hostname : packet.questions[0].name,
           ttl: 55,
           type: responseType(),
           flush: false,
           data: responseData(),
         });
       }
 
-      // for use with test_esni_dns_fetch.js
+      // for use with test_dns_by_type_resolve.js
       if (packet.questions[0].type == "TXT") {
         answers.push({
           name: packet.questions[0].name,
           type: packet.questions[0].type,
           ttl: 55,
           class: "IN",
           flush: false,
           data: Buffer.from(
@@ -1031,18 +1031,18 @@ function handleRequest(req, res) {
     res.writeHead(200);
     res.write(rContent);
     res.end("");
     return;
   } else if (u.pathname === "/dns-750ms") {
     // it's just meant to be this slow - the test doesn't care about the actual response
     return;
   }
-  // for use with test_esni_dns_fetch.js
-  else if (u.pathname === "/esni-dns-push") {
+  // for use with test_dns_by_type_resolve.js
+  else if (u.pathname === "/txt-dns-push") {
     // _esni_push.example.com has A entry 127.0.0.1
     let rContent = Buffer.from(
       "0000010000010001000000000A5F65736E695F70757368076578616D706C6503636F6D0000010001C00C000100010000003700047F000001",
       "hex"
     );
 
     // _esni_push.example.com has TXT entry 2062586B67646D39705932556761584D6762586B676347467A63336476636D513D
     var pcontent = Buffer.from(
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -2632,49 +2632,16 @@
     "kind": "exponential",
     "high": 60000,
     "n_buckets": 100,
     "description": "Amount of bytes sent using TLS early data at the start of a TLS connection for a given channel.",
     "alert_emails": ["necko@mozilla.com", "ddamjanovic@mozilla.com"],
     "bug_numbers": [1296288, 1654309],
     "releaseChannelCollection": "opt-out"
   },
-  "ESNI_KEYS_RECORD_FETCH_DELAYS": {
-    "record_in_processes": ["main"],
-    "products": ["firefox", "fennec"],
-    "expires_in_version": "70",
-    "kind": "exponential",
-    "high": 60000,
-    "n_buckets": 100,
-    "description": "Added delays caused the esni keys fetching.(ms)",
-    "alert_emails": ["necko@mozilla.com", "ddamjanovic@mozilla.com"],
-    "bug_numbers": [1473736],
-    "releaseChannelCollection": "opt-out"
-  },
-  "ESNI_KEYS_RECORDS_FOUND": {
-    "record_in_processes": ["main"],
-    "products": ["firefox", "fennec"],
-    "expires_in_version": "70",
-    "kind": "boolean",
-    "description": "ESNI Keys found rate.",
-    "alert_emails": ["necko@mozilla.com", "ddamjanovic@mozilla.com"],
-    "bug_numbers": [1473736],
-    "releaseChannelCollection": "opt-out"
-  },
-  "ESNI_NOESNI_TLS_SUCCESS_RATE": {
-    "record_in_processes": ["main"],
-    "products": ["firefox", "fennec"],
-    "expires_in_version": "70",
-    "kind": "categorical",
-    "labels": ["EsniTLSSucceeded", "EsniTLSFailed", "NoEsniTLSSucceeded", "NoEsniTLSFailed"],
-    "description": "TLS handshake with and without esni success rate.",
-    "alert_emails": ["necko@mozilla.com", "ddamjanovic@mozilla.com"],
-    "bug_numbers": [1473736],
-    "releaseChannelCollection": "opt-out"
-  },
   "SSL_HANDSHAKE_VERSION": {
     "record_in_processes": ["main", "content"],
     "products": ["firefox", "fennec"],
     "alert_emails": ["seceng-telemetry@mozilla.com"],
     "bug_numbers": [1250568,1340021],
     "releaseChannelCollection": "opt-out",
     "expires_in_version": "never",
     "kind": "enumerated",
--- a/tools/lint/rejected-words.yml
+++ b/tools/lint/rejected-words.yml
@@ -237,24 +237,24 @@ avoid-blacklist-and-whitelist:
         - netwerk/protocol/http/nsHttpHandler.h
         - netwerk/protocol/http/TRRServiceChannel.cpp
         - netwerk/protocol/res/ExtensionProtocolHandler.cpp
         - netwerk/protocol/viewsource/nsViewSourceChannel.cpp
         - netwerk/protocol/websocket/BaseWebSocketChannel.cpp
         - netwerk/socket/nsSOCKSSocketProvider.cpp
         - netwerk/test/gtest/TestCookie.cpp
         - netwerk/test/unit/head_trr.js
-        - netwerk/test/unit_ipc/test_esni_dns_fetch_wrap.js
+        - netwerk/test/unit_ipc/test_dns_by_type_resolve_wrap.js
         - netwerk/test/unit_ipc/test_trr_httpssvc_wrap.js
         - netwerk/test/unit/test_bug396389.js
         - netwerk/test/unit/test_bug427957.js
         - netwerk/test/unit/test_bug464591.js
         - netwerk/test/unit/test_bug479413.js
         - netwerk/test/unit/test_cookie_blacklist.js
-        - netwerk/test/unit/test_esni_dns_fetch.js
+        - netwerk/test/unit/test_dns_by_type_resolve.js
         - netwerk/test/unit/test_idn_blacklist.js
         - netwerk/test/unit/test_idn_urls.js
         - netwerk/test/unit/test_trr_httpssvc.js
         - netwerk/test/unit/test_trr.js
         - netwerk/test/unit/test_use_httpssvc.js
         - netwerk/url-classifier/AsyncUrlChannelClassifier.cpp
         - netwerk/url-classifier/nsChannelClassifier.cpp
         - netwerk/url-classifier/nsChannelClassifier.h
mozilla-central
Deployed from 18d8b634a3eb at 2022-06-27T19:41:43Z.