1 files changed, 12 insertions, 109 deletions
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 1b7f06a47..f78be1bad 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -29,15 +29,6 @@
 #include "ScopedNSSTypes.h"
 #include "SharedCertVerifier.h"
 
-// A note about the preload list:
-// When a site specifically disables HSTS by sending a header with
-// 'max-age: 0', we keep a "knockout" value that means "we have no information
-// regarding the HSTS state of this host" (any ancestor of "this host" can still
-// influence its HSTS status via include subdomains, however).
-// This prevents the preload list from overriding the site's current
-// desired HSTS status.
-#include "nsSTSPreloadList.inc"
-
 using namespace mozilla;
 using namespace mozilla::psm;
 
@@ -209,7 +200,6 @@ const uint64_t kSixtyDaysInSeconds = 60 * 24 * 60 * 60;
 
 nsSiteSecurityService::nsSiteSecurityService()
   : mMaxMaxAge(kSixtyDaysInSeconds)
-  , mUsePreloadList(true)
   , mUseStsService(true)
   , mPreloadListTimeOffset(0)
   , mHPKPEnabled(false)
@@ -237,10 +227,6 @@ nsSiteSecurityService::Init()
     "security.cert_pinning.max_max_age_seconds", kSixtyDaysInSeconds);
   mozilla::Preferences::AddStrongObserver(this,
     "security.cert_pinning.max_max_age_seconds");
-  mUsePreloadList = mozilla::Preferences::GetBool(
-    "network.stricttransportsecurity.preloadlist", true);
-  mozilla::Preferences::AddStrongObserver(this,
-    "network.stricttransportsecurity.preloadlist");
   mHPKPEnabled = mozilla::Preferences::GetBool(
      "security.cert_pinning.hpkp.enabled", false);
   mozilla::Preferences::AddStrongObserver(this,
@@ -262,19 +248,14 @@ nsSiteSecurityService::Init()
   mPreloadStateStorage =
     mozilla::DataStorage::Get(NS_LITERAL_STRING("SecurityPreloadState.txt"));
   bool storageWillPersist = false;
-  bool preloadStorageWillPersist = false;
   nsresult rv = mSiteStateStorage->Init(storageWillPersist);
   if (NS_WARN_IF(NS_FAILED(rv))) {
     return rv;
   }
-  rv = mPreloadStateStorage->Init(preloadStorageWillPersist);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return rv;
-  }
   // This is not fatal. There are some cases where there won't be a
   // profile directory (e.g. running xpcshell). There isn't the
   // expectation that site information will be presisted in those cases.
-  if (!storageWillPersist || !preloadStorageWillPersist) {
+  if (!storageWillPersist) {
     NS_WARNING("site security information will not be persisted");
   }
 
@@ -340,11 +321,9 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
     return NS_OK;
   }
 
-  // If max-age is zero, the host is no longer considered HSTS. If the host was
-  // preloaded, we store an entry indicating that this host is not HSTS, causing
-  // the preloaded information to be ignored.
+  // If max-age is zero, the host is no longer considered HSTS.
   if (maxage == 0) {
-    return RemoveState(aType, aSourceURI, flags, true);
+    return RemoveState(aType, aSourceURI, flags);
   }
 
   MOZ_ASSERT((aHSTSState == SecurityPropertySet ||
@@ -372,8 +351,7 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
 }
 
 NS_IMETHODIMP
-nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI,
-                                   uint32_t aFlags, bool force = false)
+nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, uint32_t aFlags)
 {
    // Child processes are not allowed direct access to this.
    if (!XRE_IsParentProcess()) {
@@ -393,23 +371,10 @@ nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI,
   mozilla::DataStorageType storageType = isPrivate
                                          ? mozilla::DataStorage_Private
                                          : mozilla::DataStorage_Persistent;
-  // If this host is in the preload list, we have to store a knockout entry
-  // if it's explicitly forced to not be HSTS anymore
-  if (force && GetPreloadListEntry(hostname.get())) {
-    SSSLOG(("SSS: storing knockout entry for %s", hostname.get()));
-    SiteHSTSState siteState(0, SecurityPropertyKnockout, false);
-    nsAutoCString stateString;
-    siteState.ToString(stateString);
-    nsAutoCString storageKey;
-    SetStorageKey(storageKey, hostname, aType);
-    rv = mSiteStateStorage->Put(storageKey, stateString, storageType);
-    NS_ENSURE_SUCCESS(rv, rv);
-  } else {
-    SSSLOG(("SSS: removing entry for %s", hostname.get()));
-    nsAutoCString storageKey;
-    SetStorageKey(storageKey, hostname, aType);
-    mSiteStateStorage->Remove(storageKey, storageType);
-  }
+  SSSLOG(("SSS: removing entry for %s", hostname.get()));
+  nsAutoCString storageKey;
+  SetStorageKey(storageKey, hostname, aType);
+  mSiteStateStorage->Remove(storageKey, storageType);
 
   return NS_OK;
 }
@@ -969,31 +934,6 @@ nsSiteSecurityService::IsSecureURI(uint32_t aType, nsIURI* aURI,
   return IsSecureHost(aType, hostname.get(), aFlags, aCached, aResult);
 }
 
-int STSPreloadCompare(const void *key, const void *entry)
-{
-  const char *keyStr = (const char *)key;
-  const nsSTSPreload *preloadEntry = (const nsSTSPreload *)entry;
-  return strcmp(keyStr, preloadEntry->mHost);
-}
-
-// Returns the preload list entry for the given host, if it exists.
-// Only does exact host matching - the user must decide how to use the returned
-// data. May return null.
-const nsSTSPreload *
-nsSiteSecurityService::GetPreloadListEntry(const char *aHost)
-{
-  PRTime currentTime = PR_Now() + (mPreloadListTimeOffset * PR_USEC_PER_SEC);
-  if (mUsePreloadList && currentTime < gPreloadListExpirationTime) {
-    return (const nsSTSPreload *) bsearch(aHost,
-                                          kSTSPreloadList,
-                                          mozilla::ArrayLength(kSTSPreloadList),
-                                          sizeof(nsSTSPreload),
-                                          STSPreloadCompare);
-  }
-
-  return nullptr;
-}
-
 NS_IMETHODIMP
 nsSiteSecurityService::IsSecureHost(uint32_t aType, const char* aHost,
                                     uint32_t aFlags, bool* aCached,
@@ -1053,8 +993,6 @@ nsSiteSecurityService::IsSecureHost(uint32_t aType, const char* aHost,
     return NS_OK;
   }
 
-  const nsSTSPreload *preload = nullptr;
-
   // First check the exact host. This involves first checking for an entry in
   // site security storage. If that entry exists, we don't want to check
   // in the preload list. We only want to use the stored value if it is not a
@@ -1086,21 +1024,11 @@ nsSiteSecurityService::IsSecureHost(uint32_t aType, const char* aHost,
       }
     }
 
-    // If the entry is expired and not in the preload list, we can remove it.
-    if (expired && !GetPreloadListEntry(host.get())) {
+    // If the entry is expired we can remove it.
+    if (expired) {
       mSiteStateStorage->Remove(storageKey, storageType);
     }
   }
-  // Finally look in the preloaded list. This is the exact host,
-  // so if an entry exists at all, this host is HSTS.
-  else if (GetPreloadListEntry(host.get())) {
-    SSSLOG(("%s is a preloaded STS host", host.get()));
-    *aResult = true;
-    if (aCached) {
-      *aCached = true;
-    }
-    return NS_OK;
-  }
 
   SSSLOG(("no HSTS data for %s found, walking up domain", host.get()));
   const char *subdomain;
@@ -1144,23 +1072,11 @@ nsSiteSecurityService::IsSecureHost(uint32_t aType, const char* aHost,
         }
       }
 
-      // If the entry is expired and not in the preload list, we can remove it.
-      if (expired && !GetPreloadListEntry(subdomain)) {
+      // If the entry is expired we can remove it.
+      if (expired) {
         mSiteStateStorage->Remove(storageKey, storageType);
       }
     }
-    // This is an ancestor, so if we get a match, we have to check if the
-    // preloaded entry includes subdomains.
-    else if ((preload = GetPreloadListEntry(subdomain)) != nullptr) {
-      if (preload->mIncludeSubdomains) {
-        SSSLOG(("%s is a preloaded STS host", subdomain));
-        *aResult = true;
-        if (aCached) {
-          *aCached = true;
-        }
-        break;
-      }
-    }
 
     SSSLOG(("no HSTS data for %s found, walking up domain", subdomain));
   }
@@ -1180,17 +1096,6 @@ nsSiteSecurityService::ClearAll()
   return mSiteStateStorage->Clear();
 }
 
-NS_IMETHODIMP
-nsSiteSecurityService::ClearPreloads()
-{
-  // Child processes are not allowed direct access to this.
-  if (!XRE_IsParentProcess()) {
-    MOZ_CRASH("Child process: no direct access to nsISiteSecurityService::ClearPreloads");
-  }
-
-  return mPreloadStateStorage->Clear();
-}
-
 bool entryStateNotOK(SiteHPKPState& state, mozilla::pkix::Time& aEvalTime) {
   return state.mState != SecurityPropertySet || state.IsExpired(aEvalTime) ||
          state.mSHA256keys.Length() < 1;
@@ -1337,8 +1242,6 @@ nsSiteSecurityService::Observe(nsISupports *subject,
   }
 
   if (strcmp(topic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
-    mUsePreloadList = mozilla::Preferences::GetBool(
-      "network.stricttransportsecurity.preloadlist", true);
     mUseStsService = mozilla::Preferences::GetBool(
       "network.stricttransportsecurity.enabled", true);
     mPreloadListTimeOffset =