commit af4d54f136dd57d3deecc0b44beeee7ece97b0c2
parent 221ebfd9d6cea8ab13af82e1709964fab681ea75
Author: hackademix <giorgio@maone.net>
Date: Tue, 18 Apr 2023 22:50:11 +0200
TB 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key
Diffstat:
1 file changed, 9 insertions(+), 0 deletions(-)
diff --git a/security/manager/ssl/StaticHPKPins.h b/security/manager/ssl/StaticHPKPins.h
@@ -279,6 +279,14 @@ static const StaticFingerprints kPinset_google = {
kPinset_google_Data
};
+static const char* const kPinset_tor_browser_Data[] = {
+ kISRG_Root_X1Fingerprint,
+};
+static const StaticFingerprints kPinset_tor_browser = {
+ sizeof(kPinset_tor_browser_Data) / sizeof(const char*),
+ kPinset_tor_browser_Data
+};
+
/* Domainlist */
struct TransportSecurityPreload {
// See bug 1338873 about making these fields const.
@@ -307,6 +315,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
{ "aus5.mozilla.org", true, true, true, 7, &kPinset_mozilla_services },
{ "blogger.com", true, false, false, -1, &kPinset_google_root_pems },
{ "blogspot.com", true, false, false, -1, &kPinset_google_root_pems },
+ { "bridges.torproject.org", false, false, false, -1, &kPinset_tor_browser },
{ "bugs.chromium.org", true, false, false, -1, &kPinset_google_root_pems },
{ "build.chromium.org", true, false, false, -1, &kPinset_google_root_pems },
{ "calendar.google.com", true, false, false, -1, &kPinset_google_root_pems },
