| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:
* Using a keysafe server for general file storage, by storing a whole
lot of chunks.
* An attacker guessing names that people will use, and uploading junk
to keysafe servers under those names, to make it harder for others to use
keysafe later.
* An attacker trying to guess the names used for objects on keysafe
servers in order to download them and start password cracking.
(As a second level of defense, since the name generation hash
is expensive already.)
Completely untested, but it builds!
This commit was sponsored by Andreas on Patreon.
|
| |
|
|
|
|
| |
controlling terminal and zenity was not installed.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This does not seem to be necessary for the HTTP server, because servant
parses the StorableObjectIdent out of query path, so it can't contain `/`.
But, what if the HTTP server were running on windows? Then, `\` could be
embedded in the StorableObjectIdent or perhaps a drive letter, etc. So,
best to have a second level of defense against path injection.
|
|
|
|
| |
At this point, storage and retrival to servers basically works!
|
| |
|
| |
|
|
|
|
| |
This makes it clearer that it's not a chunk of data, but a Shamir share.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There needs to be a 1:1 mapping between upload queues and servers,
otherwise using the upload queue risks two shards for the same object
being uploaded to the same server.
Also, fixed storeShards to give up on StoreAlreadyExists, rather than
trying another storage location. Otherwise, on a name collision,
the shards would be rejected by the servers, and be stored to their upload
queues.
|
|
|
|
| |
also, server upload queues in ~/.keysafe
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
avoids short reads, and also if a backup program came along while the write
was happening, avoids short backups
|
| |
|
| |
|
|
|