summaryrefslogtreecommitdiffhomepage
path: root/Storage
Commit message (Collapse)AuthorAge
* implement client-server Proof Of WorkJoey Hess2016-09-12
| | | | | | | | | | | | | | | | | | | Mashed up a argon2-based PoW with token buckets and bloom filters. This is intended to prevent a few abuses including: * Using a keysafe server for general file storage, by storing a whole lot of chunks. * An attacker guessing names that people will use, and uploading junk to keysafe servers under those names, to make it harder for others to use keysafe later. * An attacker trying to guess the names used for objects on keysafe servers in order to download them and start password cracking. (As a second level of defense, since the name generation hash is expensive already.) Completely untested, but it builds! This commit was sponsored by Andreas on Patreon.
* new moduleJoey Hess2016-09-12
|
* Fix bug that prevented keysafe --server from running when there was no ↵Joey Hess2016-09-01
| | | | controlling terminal and zenity was not installed.
* added --store-directoryJoey Hess2016-08-31
|
* Added basic test suite.Joey Hess2016-08-30
|
* commentsJoey Hess2016-08-29
|
* minorJoey Hess2016-08-29
|
* support .onion addresses for serversJoey Hess2016-08-29
|
* belt and suspenders path injection checkJoey Hess2016-08-28
| | | | | | | | | This does not seem to be necessary for the HTTP server, because servant parses the StorableObjectIdent out of query path, so it can't contain `/`. But, what if the HTTP server were running on windows? Then, `\` could be embedded in the StorableObjectIdent or perhaps a drive letter, etc. So, best to have a second level of defense against path injection.
* temporary test servers: 3x localhostJoey Hess2016-08-22
| | | | At this point, storage and retrival to servers basically works!
* wire up client to Storage.NetworkJoey Hess2016-08-22
|
* --server needs a portJoey Hess2016-08-22
|
* rename shard -> shareJoey Hess2016-08-19
| | | | This makes it clearer that it's not a chunk of data, but a Shamir share.
* minor prompt flowJoey Hess2016-08-18
|
* untested moving of upload queues on to serversJoey Hess2016-08-18
| | | | | | | | | | | There needs to be a 1:1 mapping between upload queues and servers, otherwise using the upload queue risks two shards for the same object being uploaded to the same server. Also, fixed storeShards to give up on StoreAlreadyExists, rather than trying another storage location. Otherwise, on a name collision, the shards would be rejected by the servers, and be stored to their upload queues.
* add support for multiple storage locattionsJoey Hess2016-08-18
| | | | also, server upload queues in ~/.keysafe
* save restored secret key to gpg or fileJoey Hess2016-08-17
|
* store files mode 400Joey Hess2016-08-17
|
* make storage to use configurable on command lineJoey Hess2016-08-17
|
* separate error code for already exsisting object storeJoey Hess2016-08-12
|
* don't allow overwrite of object fileJoey Hess2016-08-12
|
* add shardCountJoey Hess2016-08-11
|
* write via temp fileJoey Hess2016-08-11
| | | | | avoids short reads, and also if a backup program came along while the write was happening, avoids short backups
* obscure shard timestampsJoey Hess2016-08-11
|
* catch IO exceptionsJoey Hess2016-08-11
|
* pluggable object storage layerJoey Hess2016-08-11
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 20:28:06 +0000