New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
enforce password on new share #866
Conversation
cf9576c
to
3fd1b51
Compare
9398559
to
0588815
Compare
|
/backport to stable23 |
|
/backport to stable22 |
0774f10
to
03a386a
Compare
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
8de6e9e
to
2cf4806
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My comments are rather cosmetic - feel free to ignore them if you're in a rush.
I have to admit that I don't fully understand all aspects of these code changes yet, but as far as I got it (from your explanations and reading the code), this looks good to me
So, the hard part was to keep the clear password on the master instance while creating shares on slaves (in global scale setup)
When a new member is added, or a new share is created, the main instance will generate a list of Clean Passwords and their Hash. Hash will be shared to slaves to be used when generating the share token,
Each slave will use a different hashed password for each members and inherited members of the circle. And will returns the list of generate share,
Main instance get informations about the generate shares, and generate a mail per members and inherited members with the right password from the list.
test in large global scale env,
test in single instance with mass member add,
create password the same way that shared by mail,
check local settings for enforcing password, add also an option in the apps itself