Backport - Remove support for SHA-1 HPKP pins

https://bugzilla.mozilla.org/show_bug.cgi?id=1233328

added TorBrowserTeam201606R component::applications/tor browser owner::tbb-team priority::medium resolution::fixed severity::normal status::closed tbb-security type::defect labels

Might be a thing for the alphas to test.

Trac:
Keywords: N/A deleted, TorBrowserTeam201605 added

Trac:
Keywords: TorBrowserTeam201605 deleted, TorBrowserTeam201606 added

We also had to backport the patch from https://bugzilla.mozilla.org/show_bug.cgi?id=1229284 and regenerate security/manager/ssl/StaticHPKPins.h as part of the backport for https://bugzilla.mozilla.org/show_bug.cgi?id=1233328 (Mozilla has an automated process that does that).

The three patches are on the bug19164-01 branch within brade's tor-browser repo. Please review. https://gitweb.torproject.org/user/brade/tor-browser.git/commit/?h=bug19164-01&id=877657a30dd959d33921225260afe73d18aef977

https://gitweb.torproject.org/user/brade/tor-browser.git/commit/?h=bug19164-01&id=cc0fcf624033578259dab28ccaaa90bbd85d3a12

https://gitweb.torproject.org/user/brade/tor-browser.git/commit/?h=bug19164-01&id=3832c89a58e2b526a40e6399dceec3c21524f01a

Trac:
Keywords: TorBrowserTeam201606 deleted, TorBrowserTeam201606R added
Status: new to needs_review

I tested this branch and it built and Tor Browser ran OK. Looks good to me.

Applied to tor-browser-45.2.0esr-6.5-1 as commit 877657a30dd959d33921225260afe73d18aef977, cc0fcf624033578259dab28ccaaa90bbd85d3a12 and 3832c89a58e2b526a40e6399dceec3c21524f01a.

Trac:
Resolution: N/A to fixed
Status: needs_review to closed

closed

moved to tpo/applications/tor-browser#19164 (closed)