diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-09-27 20:22:53 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-09-27 20:24:31 -0400 |
commit | 758965d177d75f529bb88e24564a0bdb5e406fc6 (patch) | |
tree | 8632125811610fb7444784d10caf6441dcf792e7 /Storage.hs | |
parent | 40ef6d76d4d50c48f103c2b94cd45c7647a25dbc (diff) | |
download | keysafe-758965d177d75f529bb88e24564a0bdb5e406fc6.tar.gz |
Filter out escape sequences and any other unusual characters when writing all messages to the console.
This should protect against all attacks where the server sends back a
malicious message.
Diffstat (limited to 'Storage.hs')
-rw-r--r-- | Storage.hs | 11 |
1 files changed, 5 insertions, 6 deletions
@@ -11,6 +11,7 @@ import Types import Types.Storage import Types.Server import Types.Cost +import Output import Share import Storage.Local import Storage.Network @@ -19,7 +20,6 @@ import Tunables import Data.Maybe import Data.List import Data.Monoid -import System.IO import System.FilePath import Control.Monad import Crypto.Random @@ -176,8 +176,8 @@ tryUploadQueued d = do storeChaff :: HostName -> Port -> Maybe Seconds -> IO () storeChaff hn port delayseconds = forever $ do - putStrLn $ "Sending chaff to " ++ hn ++ " (press ctrl-c to stop)" - putStrLn "Legend: + = successful upload, ! = upload failure" + say $ "Sending chaff to " ++ hn ++ " (press ctrl-c to stop)" + say "Legend: + = successful upload, ! = upload failure" rng <- (cprgCreate <$> createEntropyPool) :: IO SystemRNG let (randomname, rng') = cprgGenerate 128 rng -- It's ok the use the testModeTunables here because @@ -202,7 +202,6 @@ storeChaff hn port delayseconds = forever $ do let i = S.toList is !! (n - 1) r <- storeShare server i share case r of - StoreSuccess -> putStr "+" - _ -> putStr "!" - hFlush stdout + StoreSuccess -> progress "+" + _ -> progress "!" go sis' rng' n |