Make IsValidHostname More Robust #24
Loading…
Reference in New Issue
No description provided.
Delete Branch "validation"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
IsValidHostname now rejects public keys that are invalid ed25519
curve points in addition to ed25519 points that contain torsion
components (which are defined to be invalid Tor Hostnames).
Note: The lack of these checks previously would have been unlikely to manifest as an issue further up the
stack because Tor would have prevented Cwtch from connecting to bad curve
points, the Tapir authentication protocol would have failed with invalid curve points,
and the experimental group chats only rely on signatures for voluntary authorship attribution,
rather than e.g. consensus or security.
49c4b0ce76
tobabb3ad1bf
Drone Build Status: failure
https://build.openprivacy.ca/openprivacy/connectivity/57
87dc3a5315
to8fe2974aaa
Drone Build Status: success
https://build.openprivacy.ca/openprivacy/connectivity/59
Drone Build Status: success
https://build.openprivacy.ca/openprivacy/connectivity/61