trav90
ba241f0825
Update HSTS preload list
...
Tag #447
2018-06-21 05:29:04 -05:00
wolfbeast
7d3b69729b
Fix SSL status ambiguity.
...
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
2018-06-20 19:14:58 +02:00
JustOff
f83f62e1bf
Update NSS to 3.36.4-RTM
2018-06-11 16:42:50 +03:00
JustOff
b1ddd8a8af
[PALEMOON] Add missed strings required by page info
2018-06-08 19:10:23 +03:00
Moonchild
306f3865cc
Merge pull request #461 from trav90/HSTS
...
Improve HSTS preload list generation
2018-06-07 15:03:27 +02:00
trav90
b789cbe5c1
Regenerate the HSTS preload list
2018-06-07 07:21:38 -05:00
trav90
cef7fcb377
Restore clearly-delimited format for the HSTS preload list
2018-06-06 08:30:34 -05:00
JustOff
6603359347
Request NSS to use DBM as the storage file format
2018-06-06 15:24:07 +02:00
wolfbeast
6f84242a35
Revert "Restore NSS default storage file format to DBM when no prefix is given."
...
This reverts commit b2c78bbf83 .
2018-06-06 15:23:14 +02:00
trav90
3b7938d7a1
Increase concurrent lookups to 15 when generating HSTS preload list
2018-06-05 22:25:18 -05:00
trav90
a32e0cb8c7
Update HSTS preload list generation script
...
Previous behavior: if an entry was in the previously-used list, and there would be an error connecting to or processing the host, it would adopt it using the previous status, with a new minimum required max age TTL.
New behavior: if an entry is in the previously-used list, and there is an error connecting to or processing the host, it will be dropped from the preload list.
The old behavior would allow entries to persist on the HSTS preload list when they drop off the 'net. Considering domain churn, it would cause issues for new owners for having a persisted HSTS entry preloaded in the browser.
Bonus: it keeps our HSTS preload list lean.
2018-06-05 22:23:30 -05:00
wolfbeast
b2c78bbf83
Restore NSS default storage file format to DBM when no prefix is given.
2018-06-05 22:38:40 +02:00
wolfbeast
e10349ab8d
Update NSS to 3.35-RTM
2018-06-05 22:24:08 +02:00
Gaming4JC
bd85173562
Remove support and tests for HSTS priming from the tree. Fixes #384
2018-05-26 15:42:45 -04:00
wolfbeast
6571d2ceb4
Remove MOZ_WIDGET_GONK [1/2]
...
Tag #288
2018-05-12 16:19:58 +02:00
wolfbeast
43f7a588f9
Nuke the sandbox
2018-05-03 05:55:15 +02:00
wolfbeast
4613b91eca
Remove sandbox ductwork conditional code.
2018-05-03 01:24:31 +02:00
wolfbeast
e1490c07e2
Remove GMP sandbox code.
2018-05-02 23:30:36 +02:00
wolfbeast
755e102078
Remove content process sandbox code.
2018-05-02 21:58:04 +02:00
janekptacijarabaci
3442ae7718
Fix unsafe "instanceof" negations
...
https://github.com/MoonchildProductions/Pale-Moon/pull/1173
2018-05-02 06:57:57 +02:00
Matt A. Tobin
69ac2db129
Partially revert 1ef526f0f - sftkpwd.c
...
#82 #265
2018-04-26 19:23:01 -04:00
wolfbeast
fba28f1975
Revert "Update NSS to 3.35-RTM"
...
This reverts commit f1a0f0a56f .
2018-04-25 21:33:33 +02:00
janekptacijarabaci
c3ec00a152
moebius#119: (Windows) Security - Certificate Stores - NSSCertDBTrustDomain allows end-entities to be their own trust anchors
...
https://github.com/MoonchildProductions/moebius/pull/119
2018-04-23 09:10:12 +02:00
wolfbeast
1ef526f0f0
Strengthen the use of the Master Password.
...
- Use 30k iterations instead of 1.
- Enforce minimum password length of 8 characters.
- Adjust strength meter accordingly.
This resolves #82 .
2018-04-18 14:05:21 +02:00
janekptacijarabaci
374231de93
moebius#126: [very minor fix] Fix typo in a comment in NSSCertDBTrustDomain.cpp
...
https://github.com/MoonchildProductions/moebius/pull/126
2018-04-13 20:53:27 +02:00
wolfbeast
4e368f8199
Remove base conditional code for crash reporter and injector.
2018-03-30 08:50:58 +02:00
trav90
daab331cf5
Disable -Wimplicit-fallthrough for a chromium file
...
GCC 7 supports the clang option -Wimplicit-fallthrough.
2018-03-04 15:26:51 -06:00
wolfbeast
2998d0f5e2
Fix build system translation errors.
...
Follow-up to 11a8a39f6d
2018-03-04 10:13:33 +01:00
Moonchild
e272829137
Merge pull request #34 from janekptacijarabaci/devtools_import-from-moebius_1
...
Port across devtools enhancements
2018-03-02 10:32:45 +01:00
Matt A. Tobin
11a8a39f6d
Use MOZ_FENNEC and MOZ_XULRUNNER instead of checking MOZ_BUILD_APP in most places
2018-03-01 14:26:41 -05:00
janekptacijarabaci
228d252ab1
DevTools - network - security (improvements)
...
https://github.com/MoonchildProductions/moebius/pull/113
https://github.com/MoonchildProductions/moebius/pull/118
https://github.com/MoonchildProductions/moebius/pull/127
2018-03-01 09:02:37 +01:00
wolfbeast
f1a0f0a56f
Update NSS to 3.35-RTM
2018-02-23 11:04:39 +01:00
wolfbeast
f017b749ea
Update NSS to 3.32.1-RTM
2018-02-06 11:46:26 +01:00
wolfbeast
d98565a287
Disable 3DES cipher by default + re-order a few things.
...
Issue #4 point 4
2018-02-02 19:06:52 +01:00
wolfbeast
acaf15453c
Add RSA-AES + SHA256/384 suites for web compatibility.
...
Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default.
Issue #4 points 2 and 3
2018-02-02 19:05:37 +01:00
wolfbeast
3b70762534
Add Camellia to the active cipher suites.
...
Issue #4 point 1.
Camellia is a strong, modern, safe cipher with no known weaknesses or reduced strength attacks.
The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project.
2018-02-02 19:04:33 +01:00
Matt A. Tobin
c0c702a5e3
Use UTC where appropriate in python files
2018-02-02 12:00:37 -05:00
Matt A. Tobin
9627f18ceb
Remove kinto client, Firefox kinto storage adapter, blocklist update client and integration with sync, OneCRL and the custom time check for derives system time.
2018-02-02 09:21:33 -05:00
Matt A. Tobin
5f8de423f1
Add m-esr52 at 52.6.0
2018-02-02 04:16:08 -05:00