openprivacy
/
connectivity
3
0
Fork 2
Code Issues 1 Pull Requests 1 Releases 35 Wiki Activity

Make IsValidHostname More Robust #24

Merged
erinn merged 3 commits from validation into master 2021-09-28 21:08:47 +00:00
Conversation 3 Commits 3 Files Changed 4 +107
sarah commented 2021-09-28 20:50:51 +00:00
Owner
Copy Link

IsValidHostname now rejects public keys that are invalid ed25519
curve points in addition to ed25519 points that contain torsion
components (which are defined to be invalid Tor Hostnames).

Note: The lack of these checks previously would have been unlikely to manifest as an issue further up the
stack because Tor would have prevented Cwtch from connecting to bad curve
points, the Tapir authentication protocol would have failed with invalid curve points,
and the experimental group chats only rely on signatures for voluntary authorship attribution,
rather than e.g. consensus or security.

IsValidHostname now rejects public keys that are invalid ed25519 curve points in addition to ed25519 points that contain torsion components (which are defined to be invalid Tor Hostnames). Note: The lack of these checks previously would have been unlikely to manifest as an issue further up the stack because Tor would have prevented Cwtch from connecting to bad curve points, the Tapir authentication protocol would have failed with invalid curve points, and the experimental group chats only rely on signatures for voluntary authorship attribution, rather than e.g. consensus or security.
erinn was assigned by sarah 2021-09-28 20:50:51 +00:00
sarah force-pushed validation from 49c4b0ce76 to babb3ad1bf 2021-09-28 20:58:32 +00:00 Compare
buildbot commented 2021-09-28 21:00:58 +00:00
First-time contributor
Copy Link

Drone Build Status: failure

https://build.openprivacy.ca/openprivacy/connectivity/57

Drone Build Status: failure https://build.openprivacy.ca/openprivacy/connectivity/57
sarah force-pushed validation from 87dc3a5315 to 8fe2974aaa 2021-09-28 21:02:12 +00:00 Compare
buildbot commented 2021-09-28 21:03:06 +00:00
First-time contributor
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/openprivacy/connectivity/59

Drone Build Status: success https://build.openprivacy.ca/openprivacy/connectivity/59
sarah added 1 commit 2021-09-28 21:03:48 +00:00
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/pr Build is passing Details
b36f6dc33f Format
buildbot commented 2021-09-28 21:04:47 +00:00
First-time contributor
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/openprivacy/connectivity/61

Drone Build Status: success https://build.openprivacy.ca/openprivacy/connectivity/61
erinn approved these changes 2021-09-28 21:08:42 +00:00
erinn merged commit a681dd6d57 into master 2021-09-28 21:08:47 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
erinn
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
erinn
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: openprivacy/connectivity#24
No description provided.
Delete Branch "validation"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?