This repository has been archived by the owner on Jul 15, 2019. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
lookup.go: check realm name. For a unused case, this is a [security fix]
The security fix in this commit affects clients whose trusted verifiers use the same signing key and monitor colluding malicious keyservers. The issue does NOT affect clients whose verifiers use different signing keys for different keyservers. I am not aware of any verifiers who reuse signing keys, so hopefully nobody is affected. coname.VerifyLookup used to ignore the realm name in signed epoch heads. This means that a malicious keyserver may have been able to have verifiers verify two copies of itself (with different contents and different realm names) and then present whichever view it chooses. The client configuration file now includes the canonical realm name for each name and VerifyLookup considers all SignedEpochHeads that do not match that name to be invalid. I changed the protobuf field numbers in config.proto. This should not matter because this file is only used as a JSON schema; no actual protobufs adhering to this spec are used anywhere in this codebase. This change should be ported to the JS implementation of VerifyLookup.
- Loading branch information
1 parent
d010089
commit 59332ee
Showing
4 changed files
with
92 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters