From deb9e1c43e15c18b082f229646018f07ca4686a0 Mon Sep 17 00:00:00 2001 From: Michael Kaply Date: Thu, 14 Mar 2019 14:59:23 -0500 Subject: [PATCH] Add support for SSLVersionMin and SSLVersionMax --- README.md | 19 +++++++++++ mac/org.mozilla.firefox.plist | 4 +++ windows/de-DE/firefox.adml | 18 +++++++++- windows/en-US/firefox.adml | 18 +++++++++- windows/es-ES/firefox.adml | 18 +++++++++- windows/firefox.admx | 63 +++++++++++++++++++++++++++++++++-- windows/fr-FR/firefox.adml | 18 +++++++++- windows/it-IT/firefox.adml | 18 +++++++++- 8 files changed, 169 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 96ec640..ee137d0 100644 --- a/README.md +++ b/README.md @@ -630,4 +630,23 @@ This policy allows you to add PKCS #11 Modules } } } +### SSLVersionMin +This policy allows you to set the minimum TLS version. +``` +{ + "policies": { + "SSSLVersionMin": ["tls1", "tls1.1", "tls1.2",. "tls1.3"] + } +} + +``` +### SSLVersionMax +This policy allows you to set the maximum TLS version. +``` +{ + "policies": { + "SSSLVersionMax": ["tls1", "tls1.1", "tls1.2",. "tls1.3"] + } +} + ``` diff --git a/mac/org.mozilla.firefox.plist b/mac/org.mozilla.firefox.plist index 36fde9e..2195d4d 100644 --- a/mac/org.mozilla.firefox.plist +++ b/mac/org.mozilla.firefox.plist @@ -335,5 +335,9 @@ NAME_OF_DEVICE PATH_TO_LIBRARY_FOR_DEVICE + SSLMinVersion + tls1.2 + SSLMaxVersion + tls1.3 diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml index d4a68b5..5cae7d6 100644 --- a/windows/de-DE/firefox.adml +++ b/windows/de-DE/firefox.adml @@ -1,5 +1,5 @@ - + @@ -9,6 +9,7 @@ Firefox 62 oder höher, Firefox 60.2 ESR oder höher Firefox 63 oder höher Firefox 64 oder höher, Firefox 60.4 ESR oder höher + Firefox 66 oder höher, Firefox 60.6 ESR oder höher Firefox 60 ESR oder höher Firefox Berechtigungen @@ -475,6 +476,18 @@ Wenn Sie die Richtlinieneinstellung deaktivieren oder nicht konfigurieren, könn If this policy is enabled, you can specify the names of engines to be removed or hidden. If this policy is disabled or not configured, search engines will not be removed or hidden. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 @@ -626,6 +639,9 @@ If this policy is disabled or not configured, search engines will not be removed Enable DNS over HTTPS. Don't allow DNS over HTTPS preferences to be changed. + + + diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 74bc1f7..280cba4 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -1,5 +1,5 @@ - + @@ -9,6 +9,7 @@ Firefox 62 or later, Firefox 60.2 ESR or later Firefox 63 or later Firefox 64 or later, Firefox 60.4 ESR or later + Firefox 66 or later, Firefox 60.6 ESR or later Firefox 60 ESR or later Firefox Permissions @@ -475,6 +476,18 @@ If this policy is disabled or not configured, search engines can be installed fr If this policy is enabled, you can specify the names of engines to be removed or hidden. If this policy is disabled or not configured, search engines will not be removed or hidden. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 @@ -626,6 +639,9 @@ If this policy is disabled or not configured, search engines will not be removed Enable DNS over HTTPS. Don't allow DNS over HTTPS preferences to be changed. + + + diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml index 0202374..20e0f61 100644 --- a/windows/es-ES/firefox.adml +++ b/windows/es-ES/firefox.adml @@ -1,5 +1,5 @@ - + @@ -9,6 +9,7 @@ Firefox 62 o posterior, Firefox 60.2 ESR o posterior Firefox 63 o posterior Firefox 64 o posterior, Firefox 60.4 ESR o posterior + Firefox 66 o posterior, Firefox 60.6 ESR o posterior Firefox 60 ESR o posterior Firefox Permisos @@ -475,6 +476,18 @@ Si esta política está deshabilitada o no está configurada, los motores de bú Si esta política está habilitada, puede especificar los nombres de los motores que se borrarán u ocultarán. Si esta política está deshabilitada o no configurada, los motores de búsqueda no se borrarán ni se ocultarán. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 @@ -626,6 +639,9 @@ Si esta política está deshabilitada o no configurada, los motores de búsqueda Habilitar DNS sobre HTTPS. No permitir que se cambien las preferencias de DNS sobre HTTPS. + + + diff --git a/windows/firefox.admx b/windows/firefox.admx index 7586726..c6caf2c 100644 --- a/windows/firefox.admx +++ b/windows/firefox.admx @@ -1,10 +1,10 @@  - + - + @@ -12,6 +12,8 @@ + + @@ -2235,5 +2237,62 @@ + + + + + + + + tls1 + + + + + tls1.1 + + + + + tls1.2 + + + + + tls1.3 + + + + + + + + + + + + + tls1 + + + + + tls1.1 + + + + + tls1.2 + + + + + tls1.3 + + + + + + diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml index 7b1c09b..db994d7 100644 --- a/windows/fr-FR/firefox.adml +++ b/windows/fr-FR/firefox.adml @@ -1,5 +1,5 @@ - + @@ -9,6 +9,7 @@ Firefox 62 ou superieur, Firefox 60.2 ESR ou superieur Firefox 63 ou superieur Firefox 64 ou superieur, Firefox 60.4 ESR ou superieur + Firefox 66 ou superieur, Firefox 60.6 ESR ou superieur Firefox 60 ESR ou superieur Firefox Permissions @@ -475,6 +476,18 @@ Si cette stratégie est désactivée ou non configurée, les moteurs de recherch Si cette stratégie est activée, vous pouvez spécifier les noms des moteurs à supprimer ou à masquer. Si cette stratégie est désactivée ou non configurée, les moteurs de recherche ne seront ni supprimés ni masqués. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 @@ -626,6 +639,9 @@ Si cette stratégie est désactivée ou non configurée, les moteurs de recherch Activer DNS sur HTTPS. Ne pas autoriser la modification des préférences DNS sur HTTPS. + + + diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml index d0daeff..d8e3a6d 100644 --- a/windows/it-IT/firefox.adml +++ b/windows/it-IT/firefox.adml @@ -1,5 +1,5 @@ - + @@ -9,6 +9,7 @@ Firefox 62 o versione successiva, Firefox 60.2 ESR o versione successiva Firefox 63 o versione successiva Firefox 64 o versione successiva, Firefox 60.4 ESR o versione successiva + Firefox 66 o versione successiva, Firefox 60.6 ESR o versione successiva Firefox 60 ESR o versione successiva Firefox Permessi @@ -475,6 +476,18 @@ Se questo criterio è disabilitato o non configurato, i motori di ricerca potran Se questo criterio è abilitato, è possibile specificare i nomi dei motori di ricerca da rimuovere o nascondere. Se questo criterio è disabilitato o non configurato, i motori di ricerca non saranno né rimossi né nascosti. + Minimum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions less than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a minimum of TLS 1.0. + Maximum SSL version enabled + If this policy is enabled, Firefox will not use SSL/TLS versions greater than the value specified. + +If this policy is disabled or not configured, Firefox defaults to a maximum of TLS 1.3. + TLS 1.0 + TLS 1.1 + TLS 1.2 + TLS 1.3 @@ -626,6 +639,9 @@ Se questo criterio è disabilitato o non configurato, i motori di ricerca non sa Abilita DNS su HTTPS. Non consentire la modifica delle preferenze relative a DNS su HTTPS. + + + -- 2.34.1