wolfbeast
c7138e3b92
Update HSTS preload list
...
Tag #447
2019-05-28 08:32:43 +00:00
Matt A. Tobin
325b204d26
Issue #1053 - Drop support Android and remove Fennec - Part 1b: Remove MOZ_FENNEC
2019-04-23 15:56:35 -04:00
adeshkp
b10712de87
Remove SecurityUI telemetry.
2019-04-21 13:02:52 -04:00
adeshkp
52be954e59
Fix order of member variables in a couple of initializer lists
2019-03-14 09:52:03 -04:00
trav90
a31b9e067c
Update HSTS preload list
...
Tag #447
2019-01-31 08:50:29 -06:00
Ascrod
a74b093471
Fix check for HSTS when service is disabled.
2019-01-17 18:18:49 -05:00
Ascrod
3afb818f20
Add preference for fully disabling HSTS.
2019-01-16 19:33:09 -05:00
adeshkp
acf1406e0e
Remove a pointless switch after telemetry cleanup
2019-01-14 09:32:12 -05:00
adeshkp
5335681cd2
Telemetry: Remove stubs and related code
2019-01-12 06:20:31 -05:00
trav90
483267ba97
Update HSTS preload list
...
Tag #447
2019-01-02 16:41:46 -06:00
trav90
f0fe6b69db
Update HSTS preload list
...
Tag #447
2018-12-15 17:51:30 -06:00
trav90
3eef7ab260
Update HSTS preload list
...
Tag #447
2018-11-27 07:32:12 -06:00
wolfbeast
d5a1b34c05
Remove AccumulateCipherSuite()
...
This resolves #858
2018-11-08 11:32:49 +01:00
wolfbeast
f42d6c39fe
Remove ancient workaround in client certificate code
...
Apparently a prehistoric server implementation would send a certificate_authorities field
that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and
work around it.
This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo
server bug workaround can be removed.
2018-11-02 11:39:21 +01:00
wolfbeast
52b989d535
Make sure nsNSSCertList handling checks for valid certs.
2018-11-02 02:08:44 +01:00
trav90
76825544ff
Update HSTS preload list
...
Tag #447
2018-10-27 07:32:12 -05:00
trav90
b927e0d5ca
Update HSTS preload list
...
Tag #447
2018-10-12 21:07:35 -05:00
wolfbeast
95379e3377
Ensure we got an nsISSLStatus when deserializing in TransportSecurityInfo.
2018-10-04 22:24:52 +02:00
trav90
778b3c4d7e
Update HSTS preload list
...
Tag #447
2018-09-29 08:37:22 -05:00
wolfbeast
347aea437f
Get rid of the incorrect mechanism to remove insecure fallback hosts.
...
This fixes #797 .
2018-09-29 10:09:13 +02:00
trav90
2f64d5eeec
Update HSTS preload list
...
Tag #447
2018-09-11 17:30:37 -05:00
wolfbeast
ab961aeb54
Remove all C++ Telemetry Accumulation calls.
...
This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables).
Stub resolution/removal should be a follow-up to this.
2018-09-03 10:11:38 +02:00
wolfbeast
1425f020c4
Remove support for TLS session caches in TLSServerSocket.
...
This resolves #738
2018-09-01 23:45:10 +02:00
trav90
cc0e6c7ece
Update HSTS preload list
...
Tag #447
2018-08-27 05:43:33 -05:00
wolfbeast
bfc5b53cf9
Fix missed in32->int64 in df85212009
...
Tag #709 .
2018-08-17 19:23:37 +02:00
wolfbeast
26debee733
Reinstate RC4 and mark 3DES weak.
...
Tag #709
2018-08-17 06:39:04 +02:00
wolfbeast
df85212009
Extend {EnabledWeakCiphers} bit field to allow more cipher suites.
...
Tag #709 .
2018-08-17 06:33:23 +02:00
trav90
e79f2ee694
Update HSTS preload list
...
Tag #447
2018-08-01 05:42:29 -05:00
yami
bdcae58fa6
replace "certErrorCodePrefix2" with "certErrorCodePrefix"
2018-07-22 15:29:06 +02:00
trav90
4d358ef73c
Update HSTS preload list
...
Tag #447
2018-07-17 05:53:04 -05:00
wolfbeast
535e9399e6
Remove SSL Error Reporting telemetry
2018-06-29 17:40:01 +02:00
trav90
ba241f0825
Update HSTS preload list
...
Tag #447
2018-06-21 05:29:04 -05:00
wolfbeast
7d3b69729b
Fix SSL status ambiguity.
...
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
2018-06-20 19:14:58 +02:00
JustOff
b1ddd8a8af
[PALEMOON] Add missed strings required by page info
2018-06-08 19:10:23 +03:00
Moonchild
306f3865cc
Merge pull request #461 from trav90/HSTS
...
Improve HSTS preload list generation
2018-06-07 15:03:27 +02:00
trav90
b789cbe5c1
Regenerate the HSTS preload list
2018-06-07 07:21:38 -05:00
trav90
cef7fcb377
Restore clearly-delimited format for the HSTS preload list
2018-06-06 08:30:34 -05:00
JustOff
6603359347
Request NSS to use DBM as the storage file format
2018-06-06 15:24:07 +02:00
trav90
3b7938d7a1
Increase concurrent lookups to 15 when generating HSTS preload list
2018-06-05 22:25:18 -05:00
trav90
a32e0cb8c7
Update HSTS preload list generation script
...
Previous behavior: if an entry was in the previously-used list, and there would be an error connecting to or processing the host, it would adopt it using the previous status, with a new minimum required max age TTL.
New behavior: if an entry is in the previously-used list, and there is an error connecting to or processing the host, it will be dropped from the preload list.
The old behavior would allow entries to persist on the HSTS preload list when they drop off the 'net. Considering domain churn, it would cause issues for new owners for having a persisted HSTS entry preloaded in the browser.
Bonus: it keeps our HSTS preload list lean.
2018-06-05 22:23:30 -05:00
Gaming4JC
bd85173562
Remove support and tests for HSTS priming from the tree. Fixes #384
2018-05-26 15:42:45 -04:00
wolfbeast
6571d2ceb4
Remove MOZ_WIDGET_GONK [1/2]
...
Tag #288
2018-05-12 16:19:58 +02:00
janekptacijarabaci
3442ae7718
Fix unsafe "instanceof" negations
...
https://github.com/MoonchildProductions/Pale-Moon/pull/1173
2018-05-02 06:57:57 +02:00
janekptacijarabaci
c3ec00a152
moebius#119: (Windows) Security - Certificate Stores - NSSCertDBTrustDomain allows end-entities to be their own trust anchors
...
https://github.com/MoonchildProductions/moebius/pull/119
2018-04-23 09:10:12 +02:00
wolfbeast
2998d0f5e2
Fix build system translation errors.
...
Follow-up to 11a8a39f6d
2018-03-04 10:13:33 +01:00
Moonchild
e272829137
Merge pull request #34 from janekptacijarabaci/devtools_import-from-moebius_1
...
Port across devtools enhancements
2018-03-02 10:32:45 +01:00
Matt A. Tobin
11a8a39f6d
Use MOZ_FENNEC and MOZ_XULRUNNER instead of checking MOZ_BUILD_APP in most places
2018-03-01 14:26:41 -05:00
janekptacijarabaci
228d252ab1
DevTools - network - security (improvements)
...
https://github.com/MoonchildProductions/moebius/pull/113
https://github.com/MoonchildProductions/moebius/pull/118
https://github.com/MoonchildProductions/moebius/pull/127
2018-03-01 09:02:37 +01:00
wolfbeast
d98565a287
Disable 3DES cipher by default + re-order a few things.
...
Issue #4 point 4
2018-02-02 19:06:52 +01:00
wolfbeast
acaf15453c
Add RSA-AES + SHA256/384 suites for web compatibility.
...
Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default.
Issue #4 points 2 and 3
2018-02-02 19:05:37 +01:00