summaryrefslogtreecommitdiffstats
path: root/security/manager/tools
diff options
context:
space:
mode:
authorMatt A. Tobin <email@mattatobin.com>2019-11-10 15:43:51 -0500
committerMatt A. Tobin <email@mattatobin.com>2019-11-10 15:43:51 -0500
commitb0e23e79e72b7892b826fabea4f9e02c421d2861 (patch)
tree26f20aea660514c213a3ae942eab222e5ccebde3 /security/manager/tools
parent03590a6711d601ef3ddb48787e9f3f556705b5db (diff)
parentb00601953bade944cd6df9cde6fcdd1f10d76feb (diff)
downloadUXP-b0e23e79e72b7892b826fabea4f9e02c421d2861.tar
UXP-b0e23e79e72b7892b826fabea4f9e02c421d2861.tar.gz
UXP-b0e23e79e72b7892b826fabea4f9e02c421d2861.tar.lz
UXP-b0e23e79e72b7892b826fabea4f9e02c421d2861.tar.xz
UXP-b0e23e79e72b7892b826fabea4f9e02c421d2861.zip
Merge branch 'master' into mailnews-work
Diffstat (limited to 'security/manager/tools')
-rw-r--r--security/manager/tools/getHSTSPreloadList.js28
1 files changed, 16 insertions, 12 deletions
diff --git a/security/manager/tools/getHSTSPreloadList.js b/security/manager/tools/getHSTSPreloadList.js
index 518a9246b..42d4da067 100644
--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -22,12 +22,13 @@ Cu.import("resource://gre/modules/FileUtils.jsm");
Cu.import("resource:///modules/XPCOMUtils.jsm");
const SOURCE = "https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json?format=TEXT";
+const TOOL_IDENTIFIER = "UXP HSTS preload list verifier"
const OUTPUT = "nsSTSPreloadList.inc";
const ERROR_OUTPUT = "nsSTSPreloadList.errors";
const MINIMUM_REQUIRED_MAX_AGE = 60 * 60 * 24 * 7 * 18;
const MAX_CONCURRENT_REQUESTS = 15;
-const MAX_RETRIES = 3;
-const REQUEST_TIMEOUT = 30 * 1000;
+const MAX_RETRIES = 2;
+const REQUEST_TIMEOUT = 10 * 1000;
const ERROR_NONE = "no error";
const ERROR_CONNECTING_TO_HOST = "could not connect to host";
const ERROR_NO_HSTS_HEADER = "did not receive HSTS header";
@@ -189,7 +190,8 @@ function getHSTSStatus(host, resultList) {
.createInstance(Ci.nsIXMLHttpRequest);
var inResultList = false;
var uri = "https://" + host.name + "/";
- req.open("GET", uri, true);
+ req.open("HEAD", uri, true);
+ req.setRequestHeader("X-Automated-Tool", TOOL_IDENTIFIER);
req.timeout = REQUEST_TIMEOUT;
let errorhandler = (evt) => {
@@ -324,6 +326,7 @@ function shouldRetry(response) {
function getHSTSStatuses(inHosts, outStatuses) {
var expectedOutputLength = inHosts.length;
var tmpOutput = [];
+ var procCount = 0;
for (var i = 0; i < MAX_CONCURRENT_REQUESTS && inHosts.length > 0; i++) {
let host = inHosts.shift();
dump("spinning off request to '" + host.name + "' (remaining retries: " +
@@ -332,6 +335,8 @@ function getHSTSStatuses(inHosts, outStatuses) {
}
while (outStatuses.length != expectedOutputLength) {
+ procCount++;
+ if (procCount % 200 == 0) gc();
waitForAResponse(tmpOutput);
var response = tmpOutput.shift();
dump("request to '" + response.name + "' finished\n");
@@ -343,7 +348,7 @@ function getHSTSStatuses(inHosts, outStatuses) {
if (inHosts.length > 0) {
let host = inHosts.shift();
- dump("spinning off request to '" + host.name + "' (remaining retries: " +
+ dump("[" + procCount + "] spinning off request to '" + host.name + "' (remaining retries: " +
host.retries + ")\n");
getHSTSStatus(host, tmpOutput);
}
@@ -381,15 +386,14 @@ function readCurrentList(filename) {
}
function combineLists(newHosts, currentHosts) {
+ let newHostsSet = new Set();
+
+ for (let newHost of newHosts) {
+ newHostsSet.add(newHost.name);
+ }
+
for (let currentHost in currentHosts) {
- let found = false;
- for (let newHost of newHosts) {
- if (newHost.name == currentHost) {
- found = true;
- break;
- }
- }
- if (!found) {
+ if (!newHostsSet.has(currentHost)) {
newHosts.push({ name: currentHost, retries: MAX_RETRIES });
}
}