[tbb-commits] [tor-browser-bundle/master] Set security.tls.version.max=1 in meek-http-helper.
gk at torproject.org
gk at torproject.org
Thu Aug 21 09:03:55 UTC 2014
commit 3c581f8426f4fd477eb26d2893dbdec42d76e23d
Author: David Fifield <david at bamsoftware.com>
Date: Fri Aug 15 18:02:53 2014 -0700
Set security.tls.version.max=1 in meek-http-helper.
#11253 set security.tls.version.max=3 (i.e., TLSv1.2).
We need to set it back to 1 (TLSv1.0) in the helper, or else we look
unlike an ordinary installation of Firefox 24.
https://trac.torproject.org/projects/tor/ticket/12766
---
Bundle-Data/PTConfigs/meek-http-helper-user.js | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/Bundle-Data/PTConfigs/meek-http-helper-user.js b/Bundle-Data/PTConfigs/meek-http-helper-user.js
index cddc237..26fd819 100644
--- a/Bundle-Data/PTConfigs/meek-http-helper-user.js
+++ b/Bundle-Data/PTConfigs/meek-http-helper-user.js
@@ -4,6 +4,14 @@
// to stdout.
user_pref("browser.dom.window.dump.enabled", true);
+// Make TLSv1.0 the maximum TLS version, as in stock Firefox 24. Since #11253,
+// Tor Browser overrides the maximum to TLSv1.2, which would cause us to look
+// unlike ordinary Firefox 24.
+// https://trac.torproject.org/projects/tor/ticket/11253
+// https://trac.torproject.org/projects/tor/ticket/12766
+// http://kb.mozillazine.org/Security.tls.version.*
+user_pref("security.tls.version.max", 1);
+
// Enable TLS session tickets (disabled by default in Tor Browser). Otherwise
// there is a missing TLS extension.
// https://trac.torproject.org/projects/tor/ticket/11183#comment:9
More information about the tbb-commits
mailing list