| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
| |
Needed for slightly old lts, needed by debian since their stack is well
out of date.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Updated many dependencies, notably secret-sharing which dropped the dep on
polynomial, and so allows building with ghc 8.x.
Did not try to support building with older ghc because the semigroup-monid
transition would make it nontrivial.
Stackage lts-14.25 is a compromise, since the stack shipped in debian (even
unstable) is not able to handle newer ones.
This commit was sponsored by Eric Drechsel on Patreon.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
servant broke backwards compatibility; did not try to maintain
back-compat (would be possible).
New http-client exported some stuff I need; simplified code; did not try
to maintain back-compat, although it would not be hard.
Test suite passes.
This commit was sponsored by Øyvind Andersen Holm.
|
| |
|
|
|
|
|
|
| |
* New --add-storage-directory and --add-server options, which can be used
to make keysafe backup/restore using additional locations.
* Removed --store-local option; use --add-storage-directory instead.
This commit was sponsored by Thomas Hochstein on Patreon.
|
| |
|
|
|
|
|
| |
This allows local storage locations to have levels too, and also get
shuffled nicely.
This commit was sponsored by Ethan Aubin.
|
| |
|
|
|
|
| |
what servers keysafe knows about, and as a cron job.
This commit was sponsored by Jake Vosloo on Patreon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the server list to contain 3 servers although only 1 is running
so far; uploads to the others will be queued.
It also allows a server to be spread amoung multiple addresses, which may
be useful later for scaling.
This changes BackupRecord serialization, but it's not been in a keysafe
release yet, so that's not a problem.
This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
|
| |
|
|
|
|
| |
Socks can throw exceptions at connection time, and these are not caught
by the ExceptT, so catch at a higher level, and catch all exceptions to
prevent the client crashing.
|
| |
|
|
|
|
|
|
| |
This can be deleted by the user at any time, but it's useful in case a
server is known to be compromised, or a problem is found with keysafe's
implementation that makes a backup insecure.
This commit was sponsored by Nick Daly on Patreon.
|
| | |
|
| |
|
|
| |
In this case, an empty string is hashed to generate the PoW.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:
* Using a keysafe server for general file storage, by storing a whole
lot of chunks.
* An attacker guessing names that people will use, and uploading junk
to keysafe servers under those names, to make it harder for others to use
keysafe later.
* An attacker trying to guess the names used for objects on keysafe
servers in order to download them and start password cracking.
(As a second level of defense, since the name generation hash
is expensive already.)
Completely untested, but it builds!
This commit was sponsored by Andreas on Patreon.
|
| | |
|
| |
|
|
| |
Not needed since all routes are tagged with the api version.
|
| | |
|
| |
|
|
| |
This way the requirement can be varied for different operations.
|
| |
|
