8198126c39
Be more consistent about decoding IP addresses in PSM.
2020-01-09 21:39:28 +01:00
f71108680b
Issue #1118 - Part 6: Fix various tests that are no longer correct.
...
The behavior change of document.open() requires these tests to be
changed to account for the new spec behavior.
2019-12-22 23:48:40 +01:00
fcea217aac
Issue #447 - Update HSTS preload list
2019-11-19 09:46:25 +00:00
f4cc93fc9e
Issue #1289 - Part 3: Update tests.
2019-11-14 12:17:00 +01:00
d5a604bb89
Issue #1289 - Part 2: Clear out the preload list except for test
...
domains.
2019-11-14 12:16:21 +01:00
0a8dff5256
Issue #1289 - Part 1: Add a pref to disable HPKP header processing.
2019-11-14 12:13:54 +01:00
78e8ad72f9
Issue #447 - Update HSTS preload list.
2019-11-09 11:02:21 +01:00
e3c13af976
Properly implement various HSTS states.
...
Previously, HSTS preload list values could be overridden temporarily due
to counter-intuitive behavior of the API's removeState function.
This adds an explicit flag to the API for writing knockout values to
the Site Security Service, with the default resetting to whatever the
preload list state is.
2019-09-05 18:23:12 +02:00
fc4dc10d0a
Update HSTS preload list
...
Tag #447
2019-06-26 19:31:51 -05:00
c7138e3b92
Update HSTS preload list
...
Tag #447
2019-05-28 08:32:43 +00:00
b10712de87
Remove SecurityUI telemetry.
2019-04-21 13:02:52 -04:00
52be954e59
Fix order of member variables in a couple of initializer lists
2019-03-14 09:52:03 -04:00
a31b9e067c
Update HSTS preload list
...
Tag #447
2019-01-31 08:50:29 -06:00
a74b093471
Fix check for HSTS when service is disabled.
2019-01-17 18:18:49 -05:00
3afb818f20
Add preference for fully disabling HSTS.
2019-01-16 19:33:09 -05:00
acf1406e0e
Remove a pointless switch after telemetry cleanup
2019-01-14 09:32:12 -05:00
5335681cd2
Telemetry: Remove stubs and related code
2019-01-12 06:20:31 -05:00
483267ba97
Update HSTS preload list
...
Tag #447
2019-01-02 16:41:46 -06:00
f0fe6b69db
Update HSTS preload list
...
Tag #447
2018-12-15 17:51:30 -06:00
3eef7ab260
Update HSTS preload list
...
Tag #447
2018-11-27 07:32:12 -06:00
d5a1b34c05
Remove AccumulateCipherSuite()
...
This resolves #858
2018-11-08 11:32:49 +01:00
f42d6c39fe
Remove ancient workaround in client certificate code
...
Apparently a prehistoric server implementation would send a certificate_authorities field
that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and
work around it.
This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo
server bug workaround can be removed.
2018-11-02 11:39:21 +01:00
52b989d535
Make sure nsNSSCertList handling checks for valid certs.
2018-11-02 02:08:44 +01:00
76825544ff
Update HSTS preload list
...
Tag #447
2018-10-27 07:32:12 -05:00
b927e0d5ca
Update HSTS preload list
...
Tag #447
2018-10-12 21:07:35 -05:00
95379e3377
Ensure we got an nsISSLStatus when deserializing in TransportSecurityInfo.
2018-10-04 22:24:52 +02:00
778b3c4d7e
Update HSTS preload list
...
Tag #447
2018-09-29 08:37:22 -05:00
347aea437f
Get rid of the incorrect mechanism to remove insecure fallback hosts.
...
This fixes #797 .
2018-09-29 10:09:13 +02:00
2f64d5eeec
Update HSTS preload list
...
Tag #447
2018-09-11 17:30:37 -05:00
ab961aeb54
Remove all C++ Telemetry Accumulation calls.
...
This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables).
Stub resolution/removal should be a follow-up to this.
2018-09-03 10:11:38 +02:00
1425f020c4
Remove support for TLS session caches in TLSServerSocket.
...
This resolves #738
2018-09-01 23:45:10 +02:00
cc0e6c7ece
Update HSTS preload list
...
Tag #447
2018-08-27 05:43:33 -05:00
bfc5b53cf9
Fix missed in32->int64 in df85212009
...
Tag #709 .
2018-08-17 19:23:37 +02:00
26debee733
Reinstate RC4 and mark 3DES weak.
...
Tag #709
2018-08-17 06:39:04 +02:00
df85212009
Extend {EnabledWeakCiphers} bit field to allow more cipher suites.
...
Tag #709 .
2018-08-17 06:33:23 +02:00
e79f2ee694
Update HSTS preload list
...
Tag #447
2018-08-01 05:42:29 -05:00
bdcae58fa6
replace "certErrorCodePrefix2" with "certErrorCodePrefix"
2018-07-22 15:29:06 +02:00
4d358ef73c
Update HSTS preload list
...
Tag #447
2018-07-17 05:53:04 -05:00
535e9399e6
Remove SSL Error Reporting telemetry
2018-06-29 17:40:01 +02:00
ba241f0825
Update HSTS preload list
...
Tag #447
2018-06-21 05:29:04 -05:00
7d3b69729b
Fix SSL status ambiguity.
...
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
2018-06-20 19:14:58 +02:00
306f3865cc
Merge pull request #461 from trav90/HSTS
...
Improve HSTS preload list generation
2018-06-07 15:03:27 +02:00
b789cbe5c1
Regenerate the HSTS preload list
2018-06-07 07:21:38 -05:00
cef7fcb377
Restore clearly-delimited format for the HSTS preload list
2018-06-06 08:30:34 -05:00
6603359347
Request NSS to use DBM as the storage file format
2018-06-06 15:24:07 +02:00
bd85173562
Remove support and tests for HSTS priming from the tree. Fixes #384
2018-05-26 15:42:45 -04:00
c3ec00a152
moebius#119: (Windows) Security - Certificate Stores - NSSCertDBTrustDomain allows end-entities to be their own trust anchors
...
https://github.com/MoonchildProductions/moebius/pull/119
2018-04-23 09:10:12 +02:00
228d252ab1
DevTools - network - security (improvements)
...
https://github.com/MoonchildProductions/moebius/pull/113
https://github.com/MoonchildProductions/moebius/pull/118
https://github.com/MoonchildProductions/moebius/pull/127
2018-03-01 09:02:37 +01:00
d98565a287
Disable 3DES cipher by default + re-order a few things.
...
Issue #4 point 4
2018-02-02 19:06:52 +01:00
acaf15453c
Add RSA-AES + SHA256/384 suites for web compatibility.
...
Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default.
Issue #4 points 2 and 3
2018-02-02 19:05:37 +01:00
wolfbeast
trav90
adeshkp
Ascrod
wolfbeast
yami
JustOff
Gaming4JC
janekptacijarabaci