On Tuesday, 13 March 2018 11:15:18 CEST f masood via dev-security wrote: > On Tuesday, January 23, 2018 at 9:39:46 AM UTC+5, f masood wrote: > > 1 I am building Mozilla Firefox and Mozilla Thunderbird 52 versions from > > source code. > > > > 2 By default all the ciphers and hashing algorithms are enabled while > > building those two applications. > > > > 3 How can I disable certain ciphers and hashing algos while building these > > two applications ? Can I specify in the CONF file or something ? > > > > 4 e.g I want to disable ALL other ciphers just one AES to be enabled > > I want to disable ALL other hashing algorithms just one SHA256 to be > > enabled > > > > (I know the above can have issues while communicating with major > > websites/email server) > PING !!!
not when building, but you can do it at runtime using the policy mechanism used by Fedora: https://fedoraproject.org/wiki/Changes/StrongCryptoSettings https://fedoraproject.org/wiki/Changes/CryptoPolicy -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
