| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
servant broke backwards compatibility; did not try to maintain
back-compat (would be possible).
New http-client exported some stuff I need; simplified code; did not try
to maintain back-compat, although it would not be hard.
Test suite passes.
This commit was sponsored by Øyvind Andersen Holm.
|
| |
|
| |
|
|
|
|
| |
This commit was sponsored by John Peloquin on Patreon.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
However, the stack.yaml is still using an old LTS version to avoid
polynomial's failure to build with ghc 8.0
(https://github.com/mokus0/polynomial/issues/8)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
script, and contains configuration for the keysafe server.
This commit was sponsored by Ole-Morten Duesund on Patreon.
|
|
|
|
|
|
|
| |
(It currently uses Debian's start-stop-daemon, so would need porting for
other distributions.)
This commit was sponsored by Fernando Jimenez on Patreon.
|
|
|
|
|
|
|
|
| |
Use raaz for random bytestring generation exclusively. It was already used
in all important places, but chaffing was using crypto-random.
Note that System.Random is used for delays during chaffing and
by random-shuffle.
|
| |
|
|
|
|
|
|
| |
Test suite passes.
This commit was sponsored by Ignacio on Patreon
|
| |
|
|
|
|
|
|
|
| |
all messages to the console.
This should protect against all attacks where the server sends back a
malicious message.
|
|
|
|
|
|
|
| |
May help avoid some correlations. Once there are many servers, will spread
the load out amoung them.
This commit was sponsored by Ethan Aubin.
|
| |
|
|
|
|
|
|
|
|
| |
This will be used later when keysafe --autostart prompts if the user wants
to back up their gpg key. Making the change now before the backup log
format gets frozen.
This commit was sponsored by Josh Taylor on Patreon.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--autostart mode currently only uploads queued keys, but it will later
be expanded to do more. Including checking the BackupRecord for problems
when necessary.
The autostart file is installed by keysafe --backup, so that when keysafe
is installed with stack, and used, it will make sure it autostarts in the
future.
The autostart file is installed by the Makefile too. This will later
let --autostart check for keys that have not been backed up and prompt
about backing them up. This way, the user won't need to remember to run
keysafe to back things up.
Reused Utility.FreeDesktop from git-annex, and had to add some stuff it
depends on.
This commit was sponsored by Fernando Jimenez on Patreon.
|
|
|
|
|
|
| |
To aid in backing up keysafe servers with minimal information leakage.
This commit was sponsored by Andrea Rota.
|
| |
|
|
|
|
|
|
|
|
| |
This can be deleted by the user at any time, but it's useful in case a
server is known to be compromised, or a problem is found with keysafe's
implementation that makes a backup insecure.
This commit was sponsored by Nick Daly on Patreon.
|
| |
|
|
|
|
|
|
|
|
| |
This is useful both to test the server throttling of uploads, and to make
it harder for servers to know if an object actually contains secret key
information.
This commit was sponsored by Brock Spratlen on Patreon.
|
|
|
|
|
|
|
|
| |
Once on the queue, requests should not need to contend with other requests
that are not on the queue, so added a fallback request bucket.
tokenBucketWait is not fair, so ensure FIFO processing of the queue by
using a FairRWLock.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Now caps total request rate even if attacker is willing to burn infinite
CPU on PoW.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:
* Using a keysafe server for general file storage, by storing a whole
lot of chunks.
* An attacker guessing names that people will use, and uploading junk
to keysafe servers under those names, to make it harder for others to use
keysafe later.
* An attacker trying to guess the names used for objects on keysafe
servers in order to download them and start password cracking.
(As a second level of defense, since the name generation hash
is expensive already.)
Completely untested, but it builds!
This commit was sponsored by Andreas on Patreon.
|
| |
|
|
|
|
| |
controlling terminal and zenity was not installed.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
supports prime fields.
This caused shares to double in size.
|
|
|
|
|
|
| |
0.8 also works ok. What does not work is leaving it unpinned and letting
servant-0.7 be used with servant-server-0.8. That produces strange compile
errors, so pin to avoid.
|
| |
|
| |
|