Bug 1310338 - TLS 1.3 telemetry experiment. r=bsmedberg
authorEKR <ekr@rtfm.com>
Fri, 14 Oct 2016 15:00:03 -0700
changeset 94 2efaab39bba4114ffc3f6f257e9f11f900c68701
parent 93 82bcba19e75d7064bdd97fd335537800b93cca9b
child 95 82e8c33d6647b9a6cb13674aab48079bcb6e67b5
push id71
push userekr@mozilla.com
push dateWed, 26 Oct 2016 06:17:20 +0000
reviewersbsmedberg
bugs1310338
Bug 1310338 - TLS 1.3 telemetry experiment. r=bsmedberg
experiments/tls13-compat-nightly52/README.md
experiments/tls13-compat-nightly52/code/bootstrap.js
experiments/tls13-compat-nightly52/code/install.rdf
experiments/tls13-compat-nightly52/experiment.xpi
experiments/tls13-compat-nightly52/manifest.json
new file mode 100644
--- /dev/null
+++ b/experiments/tls13-compat-nightly52/README.md
@@ -0,0 +1,18 @@
+This experiment compares performance/behavior of various TLS servers
+(which can be configured differently) by doing a GET to each URL and
+then reporting the results.
+
+The report payload is a JSON list with each entry in the list consisting
+of a dictionary with the following values:
+
+* url -- the URL being tested
+* index -- the order in which the URL was tested
+* start_time -- the time when the request was started in milliseconds since the epoch
+* status -- the HTTP status code
+* secure -- whether we got TLS
+* prError -- the TLS-level error code if we got a failure
+* certfp -- the certificate fingerprint
+* version -- the TLS version negotiated
+* elapsed -- the time to complete the request in milliseconds
+
+
new file mode 100644
--- /dev/null
+++ b/experiments/tls13-compat-nightly52/code/bootstrap.js
@@ -0,0 +1,133 @@
+let {classes: Cc, interfaces: Ci, utils: Cu} = Components;
+
+Cu.import("resource:///modules/experiments/Experiments.jsm");
+Cu.import("resource://gre/modules/Preferences.jsm");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/TelemetryController.jsm");
+
+const kSELF_ID = "tls-compat-beta51@experiments.mozilla.org";
+const kVERSION_MAX_PREF = "security.tls.version.max";
+// These should be different hosts so that we don't bias any performance test
+// toward 1.2.
+
+const kURLs = [
+   "https://disabled.tls13.com/",
+   "https://enabled.tls13.com/"
+];
+
+// These variables are unreliable for some reason.
+function read(obj, field) {
+  try {
+    return obj[field];
+  } catch (e) {
+    Cu.reportError(e);
+  }
+  return undefined;
+}
+
+// This might help us work out if there was a MitM
+function recordSecInfo(channel, result) {
+  let secInfo = channel.securityInfo;
+  if (secInfo instanceof Ci.nsITransportSecurityInfo) {
+    secInfo.QueryInterface(Ci.nsITransportSecurityInfo);
+    const isSecure = Ci.nsIWebProgressListener.STATE_IS_SECURE;
+    result.secure = !!(read(secInfo, 'securityState') & isSecure);
+    result.prError = read(secInfo, 'errorCode');
+  }
+  if (secInfo instanceof Ci.nsISSLStatusProvider) {
+    let sslStatus = secInfo.QueryInterface(Ci.nsISSLStatusProvider)
+        .SSLStatus.QueryInterface(Ci.nsISSLStatus);
+    let cert = read(sslStatus, 'serverCert');
+    result.certfp = read(cert, 'sha256Fingerprint');  // A hex string
+    result.version = read(sslStatus, 'protocolVersion');
+  }
+}
+
+function makeRequest(index, url, body) {
+  return new Promise(resolve => {
+    let t0 = Date.now();
+    let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
+        .createInstance(Ci.nsIXMLHttpRequest);
+      req.open(
+          body ? "POST" : "GET", url, true);
+    req.setRequestHeader("Content-Type", "application/json");
+
+    var result = {
+      "index" : index,
+      "url" : url,
+      "start_time" : t0
+    };
+    req.timeout = 10000; // 10s is low intentionally
+    req.addEventListener("error", e => {
+      let channel = e.target.channel;
+      let nsireq = channel.QueryInterface(Ci.nsIRequest);
+      result.error= nsireq ? nsireq.status : NS_ERROR_NOT_AVAILABLE;
+      recordSecInfo(channel, result);
+      result.elapsed = Date.now() - t0;
+      resolve(result);
+    });
+    req.addEventListener("load", e => {
+      result.status = e.target.status;
+      recordSecInfo(e.target.channel, result);
+      result.elapsed = Date.now() - t0;
+      resolve(result);
+    });
+
+    if (body) {
+      req.send(JSON.stringify(body));
+    } else {
+      req.send();
+    }
+  });
+}
+
+function report(result) {
+  console.log("Result");
+  console.log(result);
+  
+  return TelemetryController.submitExternalPing(
+    "tls-13-study-v1",
+    {
+      results: result
+    }, {});
+}
+
+function disable() {
+  Experiments.instance().disableExperiment("FROM_API");
+}
+
+// Inefficient shuffle algorithm, but n <= 10
+function shuffleArray(inarr) {
+  var out = [];
+    while(inarr.length > 0) {
+        x = Math.floor(Math.random() * inarr.length);
+        out.push(inarr.splice(x,1)[0])
+  }
+  return out;
+}
+
+// This is a simple experiment:
+// - Install
+// - Connect to a bunch of servers and record the results
+//   (see README.md for details on report format)
+// - Deactivate.
+function install() {
+  let todo = [];
+  let shuffled = shuffleArray(kURLs);
+  
+  for (var i in shuffled) {
+    todo.push(makeRequest(i, shuffled[i], null ));
+  }
+
+  return Promise.all(todo)
+    .then(result => report(result))
+    .catch(e => Cu.reportError(e))
+    .then(_ => {
+      disable();
+    });
+}
+
+function startup() {}
+function shutdown() {}
+function uninstall() {}
+
new file mode 100644
--- /dev/null
+++ b/experiments/tls13-compat-nightly52/code/install.rdf
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8"?>
+<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+  <Description about="urn:mozilla:install-manifest">
+    <em:id>tls13-compat-nightly52@experiments.mozilla.org</em:id>
+    <em:version>1.0.0</em:version>
+    <em:type>128</em:type>
+    <em:bootstrap>true</em:bootstrap>
+    <em:unpack>false</em:unpack>
+
+    <!-- Firefox -->
+    <em:targetApplication>
+      <Description>
+        <em:id>{5428e386-68cf-4283-8ee3-04c12d3f4f4e}</em:id>
+        <em:minVersion>52.0a1</em:minVersion>
+        <em:maxVersion>52.0a1</em:maxVersion>
+      </Description>
+    </em:targetApplication>
+
+    <!-- Front End MetaData -->
+    <em:name>TLS 1.3 Compatibility Testing</em:name>
+    <em:description>Testing compatibility of TLS 1.3.</em:description>
+    <em:aboutURL>https://bugzilla.mozilla.org/show_bug.cgi?id=1310338</em:aboutURL>
+  </Description>
+</RDF>
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..a727f047168b87dd8aed484952ebb40c2b9b4175
GIT binary patch
literal 2248
zc${^Xc{J1u8^?e48C!_5WVv>u2GcawBwLnbCi~9V62>%R&E-;}B>Rxv*sfG`5rfDQ
zSq5XvmMv?Ho#>9tTmQV<dEe*x<2m2+obP|%b3R|BDHAh4zzBeVm>>(|g0w2C6e|F@
za{~Y;008KKfIxg8&J7E_i+^onho469M2=TY>=4T|V4gB*+P3|~DO_=4m5E8VP|^*(
z6jLx5)D4sui_wputrm3~b(hDUUUwY~Fvr8O;=4%S(T`ZZpeXP|2w3W<Un5zlYf~jW
zDg-MzLg1HA*s8aevuj<m5Sp_n_bijt+6r!Zk#IS&@#(YxB*Xs8)*EfMxxn?ev_CqU
zk+xux_47jA>t!e5W#Eb{H1i7<OV5i?O=lGnQge$TSq>@uQ>{lmJ12e!4H-bI<IqiC
zK4t}*DEs>~ZDQxL(Q-k;zH;*2g+tRVrH);Xz##P|!Qb<olH$Cr6T0Lr$W+GE^RG}o
zvIfbq4qw)T-5T|u6=uQ~Rmi;P3^i%ai=_zRTIL!~F26P7cqS(Nxx1iF?(TH`3b-_-
zwGd&Qosxs>q;NR15pEQGT+ODEd>EqY;a;U+!t<}#0hKz#!&&Afukj5ksxVZS(kPP)
z$r&f2Gh$w$Kv~G{8P#MfkKp)1<<TWy#U6c+Zr^ZT8t(Kp6If5Iej(rTw%TWxLhm#M
z27T<}tg&b-lRoiD#=LuzM6sG;?L9GwjKGX$wRLB~6T!2x%3Jkf?BQ9l>6bE?A$tNI
z!id`uY*|9C;04pDj;?n0^JGW(=ChJ`Il*W8l0WVUu}8nt8`oHrRgJT-`kEW112uX8
zTlqF+f5ZMHH6CT@NAb`#I1jp-U4gu_F<8=OrQv{OdGB4mMwGXu%M7%*lZyvy!*v}f
ziOXklT@;NCh==MUtSp394~^&C-o-tBFs<)eV&9&++REY0FVbGxv~ak%A=$W1<m6=G
zp_Ev0i2vqQUd3fb1DF_CCp<#Z9SzkxmPDrYG>j2^_FVhXmNG_AQ1)t4$*KV*-{c;Q
zs#HFE8vPbaS$~Gi>U}%R8kbmvzD68>7@>AiuNq=U%`A0}t(rRx?E1hsW`c5;l?8fd
z7)q(<YKct-7A8YR`6KUc4|f~wDXANSp<}v)37=!pkD-~U=^Y_LUq<%(B65CTXy!xv
z(bQHho?8kdYtv=D<LMmRB5!h}U<>Jd5<Iv?RV*shI}O^ntBtVt49UTL78bZ0UfpcC
z>~#=6>n|GjI2Wb{;VaakZ*+c_L(5a4mUgDwj19UAHq`l(s5A3UE@ow77aksMVAln-
zg$ZNe`!~QC_9q1(Bg+==IHoJ}9bYkzJ}f<YDd0UC10rpy-o1lyv<+U5GEnOtq3JfS
z?$ny#UHg28{gqyWmj%N9B$FvRe<`hW&s-ZVn>;^VJbQinab!f!nPw?7PgY0F=i_sq
zDw6k|I{CYHv1Uh}L9~3u%eWHW2Faj(jKQ9YgvB|do-CI`5lh_~tqf0mcpW_7u(R~V
z$dAhOU7{MZM%Ac0DVH3(xH}da9Cjs-tA*2W^`Xl^+}q^Lzqj43v>bgBj)r-;!Jk<3
z`d$7=`aw)#HzzK_62zr!5M9-imJ`dWgVU#i^Yl4z$eYcY$_0&111cTS(8#%`-Ja@n
z%c`0QC%k5E+q-IANu1Q#W1y<a5k=Kf-CLL2kGi(n@O;^4xN0_J_dna0)r9quv8Hy0
z-y_VdR}VMqs%LZb{HsGlNL$MeeZ}(>z8rBJO%qF>I7QQU@gq5!zUo0I!APF5s+JH$
zOXG8{${Ws2j!;9!v={?&rQiK58L+?3Z!SjJ34Q4rkg=+$0)O!M6h~w9?S;g@1Ipu#
zy+ll$cU0@uzvakCDT*4mqArs8W;;-#&QX_8E-_w0(vHK3rNr8EA7C=8kukEq1V7ie
z%r9>$aSTlbs~yzmIn!3w>YCr1^KQ<{c2bK<e8yzWH=Z3&w1_|0n9N-j=Qoe$<pLXD
z!0$zZ;pF|EJDC%ta=xYq1Y%9DYbFr0i^bko;T)cLovyMue?SLYPO@QsT-kISSBPca
znzA<Ig7>}N-EivfwzWQPZ2m3j(WQpwH>Bo<o0c!<>WAE<tI-M_uAVD*w))3z8H9FV
zG$mjIL?_Ng;Td!z>!+KF@^glay86e<*f4teEW2>MAgxmU>g1Cgv{(N(E6>OojqFDY
zUbpM2A77=)yn3>1sMR>2&*YlAcOLmqn8f~s31;pGw1)uzN|^wF<0njfF!(?>KR+nW
z!^_{o44<RS|Bhx;zI3rAuZ^?o>uA41v$Ri@s1WlfeWQc}c~ai#5rpxq;8A%*lle=}
z9&WvkA*Bj<8hV?#a$5qzZU;kc=W#=F)#83nyDBc8;>O+_G649mhegaaMJ$<Eg|}hq
z_fIGsdarufH=Y78SK@XqDs9+H#&;>8OZ~4Y%8`2#V!K^aZcZXy^aYgPw@pxYNm^4`
zJKabQ)f>awu8w)^Dlq11U}%_=PEf~+>XVYqOaTt-f@qhz1twAZ3R^vvwdKt$)ru7^
z3!a9aw!_VXcrrh!7JjDv!>vs>vAhyyuJ~H@@<jV~Hh7K3Q0kXURiJSxZ$^aF;@PgX
z6b1Vp2Df*l%<}B^)w<<Z63PztY{8u?TBm-C%0v_{X*;c`eT8QsW*9`f#~b5m*=co?
zUWp@Bh{#6XOqz?WG-vFyFZ4wSoqjykslqgiG`XkN4>~LnOMnBb^feI{oV1Sh5NMck
za`=^n1ryUU5iocw;WDYvW`xJWGyG9$e-X~j9Zf`+5(Kg{8m(Ps1yu|E*N#^IJZYYr
z;y)Q3bAO+4Y215~4nJF8J{e7*NwA;D3v0pyCO(&>g{{2rQ>6n)QwBycrvG0ce$CGa
n08!Dvf7OY9cmA)m{L5*^`XAXrnzFF|dNTf8{Lgz0^h^B%&vPXE
new file mode 100644
--- /dev/null
+++ b/experiments/tls13-compat-nightly52/manifest.json
@@ -0,0 +1,18 @@
+{
+  "publish"     : true,
+  "priority"    : 2,
+  "name"        : "TLS 1.3 Compatibility Testing 1",
+  "description" : "Measure the compatibility of TLS 1.3",
+  "info"        : "<p><a href=\"https://bugzilla.mozilla.org/show_bug.cgi?id=1310338\">Related bug</a></p>",
+  "manifest"    : {
+    "id"               : "tls13-compat-nightly52@experiments.mozilla.org",
+    "startTime"        : 1477872000,
+    "endTime"          : 1481760000,
+    "maxActiveSeconds" : 604800,
+    "appName"          : ["Firefox"],
+    "channel"          : ["nightly"],
+    "minVersion"       : "52.0a1*",
+    "maxVersion"       : "52.0a1",
+    "sample"           : 0.1
+  }
+}