roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-06-14 04:19:46 +00:00
Code Issues Projects Releases Wiki Activity
1,618 Commits 9 Branches 1 Tag
9c1bc3096594de84b6847d3edcfcda3462457d8a
Commit Graph

14 Commits

Author SHA1 Message Date
Pale Moon f543949da5 Remove duplicate callback case statements. 2018-07-25 06:59:05 +08:00
Pale Moon c9ad97a8f5 Add support for RSA+AES+SHA256/384 suites for web compatibility. 
This adds the following suites for web compatibility despite the
deprecated RSA key exchange that makes little sense with a
very strong HMAC or GCM:

TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256

Only the 256-bit ones are enabled by default.
 2018-07-25 06:58:58 +08:00
Pale Moon c9c81ca7c3 Restore missing RSA+Camellia suites. 2018-07-25 06:58:56 +08:00
Pale Moon e4f0d12b2c Enable AES256-GCM for accessibility to overly-strict sites that do not offer ChaCha20. 2018-07-25 06:50:59 +08:00
Pale Moon 348757ed67 Extend {EnabledWeakCiphers} bit field to allow more cipher suites. 2018-07-25 06:50:53 +08:00
Pale Moon 36fc143339 Add AES256-GCM suites to secmanager. 
Disabled by default for known wasted performance (40%) on a suite weaker to key attacks than AES128.
 2018-07-25 06:50:51 +08:00
Pale Moon 8df1603dfd Enable ChaCha20-Poly1305 suites. 2018-07-25 06:50:49 +08:00
Pale Moon 5546cc421e Temporarily disable Camellia-GCM suites in secmanager. 2018-07-25 06:50:45 +08:00
wolfbeast 131363dc30 Fix SSL status ambiguity. 
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.

This is a reimplementation of 811ce3ff4939b7ece26ad5f99878fc58b92edf7c for Tycho.
 2018-07-25 00:55:11 +08:00
wolfbeast edcc56de80 Hook up less common cipher suites + move RC4 to disabled section. 2018-07-24 23:11:55 +08:00
wolfbeast f1ad132236 Update TLS intolerant fallback handling: 
- Disable false starts
- Disable fallback to RC4
- Update whitelist that should override the default for insecure fallbacks
 2018-07-24 23:11:55 +08:00
wolfbeast e52817d90a Security: Hook up Camellia ciphers, disable RC4. 2018-07-24 23:11:54 +08:00
wolfbeast 5ee6187aad Prep tree for forward-porting Goanna, stage 1 2018-07-24 23:10:50 +08:00
Moonchild baf46a6bf1 Merge pull request #1 from mozilla/esr38: Esr38 upstream pull 2018-07-24 23:04:07 +08:00