Bug 1576790 - Enable version downgrade sentinel in TLS, r=keeler

This change enables the version downgrade sentinel across all channels.  We
don't have good telemetry on this, but Chrome reports 0.02%, which is low enough
to just make the change without additional validation on our end.

This only really affects intercepting middleboxes that forward the real server's
ServerHello.random.  That's a terrible idea, and, as above, the evidence
suggests that this is now rare enough to have those boxes break connections.
The pref will remain for those cases where problems persist.

Differential Revision: https://phabricator.services.mozilla.com/D50387

--HG--
extra : moz-landing-system : lando

modules/libpref/init/all.js

@@ -32,11 +32,7 @@ pref("security.tls.insecure_fallback_hosts", "");
 // until the incompatibility with HTTP/2 is resolved:
 // https://tools.ietf.org/html/draft-davidben-http2-tls13-00
 pref("security.tls.enable_post_handshake_auth", false);
-#ifdef RELEASE_OR_BETA
-  pref("security.tls.hello_downgrade_check", false);
-#else
-  pref("security.tls.hello_downgrade_check", true);
-#endif
+pref("security.tls.hello_downgrade_check", true);
 pref("security.tls.enable_delegated_credentials", false);
 
 pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

security/manager/ssl/nsNSSComponent.cpp

@@ -1000,7 +1000,7 @@ static const bool REQUIRE_SAFE_NEGOTIATION_DEFAULT = false;
 static const bool FALSE_START_ENABLED_DEFAULT = true;
 static const bool ALPN_ENABLED_DEFAULT = false;
 static const bool ENABLED_0RTT_DATA_DEFAULT = false;
-static const bool HELLO_DOWNGRADE_CHECK_DEFAULT = false;
+static const bool HELLO_DOWNGRADE_CHECK_DEFAULT = true;
 static const bool ENABLED_POST_HANDSHAKE_AUTH_DEFAULT = false;
 static const bool DELEGATED_CREDENTIALS_ENABLED_DEFAULT = false;