summaryrefslogtreecommitdiff
path: root/libre/icecat/vendor.js
diff options
context:
space:
mode:
authorAndré Fabian Silva Delgado <emulatorman@parabola.nu>2015-07-01 09:27:39 -0300
committerAndré Fabian Silva Delgado <emulatorman@parabola.nu>2015-07-01 09:27:39 -0300
commitad66d5b6f55e8f0a397514d6bba092e9d3ee1292 (patch)
tree432123d3ddc9bd14c32d3aeca2ebba24ce087a19 /libre/icecat/vendor.js
parent9c8b93b12a443b508c5bf2279d1d4737febb0cde (diff)
icecat: The logjam attack [https://weakdh.org/] allows an attacker to impersonate servers that support weak keys. This change implements https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/
Diffstat (limited to 'libre/icecat/vendor.js')
-rw-r--r--libre/icecat/vendor.js6
1 files changed, 6 insertions, 0 deletions
diff --git a/libre/icecat/vendor.js b/libre/icecat/vendor.js
index 32fddb8db..e9c424224 100644
--- a/libre/icecat/vendor.js
+++ b/libre/icecat/vendor.js
@@ -26,3 +26,9 @@ pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
pref("security.ssl3.rsa_rc4_128_md5", false);
pref("security.ssl3.rsa_rc4_128_sha", false);
+
+// https://directory.fsf.org/wiki/Disable_DHE
+pref("security.ssl3.dhe_rsa_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_aes_256_sha", false);
+pref("security.ssl3.dhe_dss_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_des_ede3_sha", false);
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-08-29 10:45:56 +0000