add a UUID to pair requests
Pair requests the the same UUID are part of the same pairing session, which allows us to detect attempts to brute force the shared secret, as that will result in pair requests with the same UUID that are not verified with the right secret.
This commit is contained in:
Joey Hess
parent
b3f4c6eb68
commit
0208d6aa82
3 changed files with 26 additions and 7 deletions
|
|
@ -24,6 +24,7 @@ import Assistant.Alert
|
|||
import Assistant.DaemonStatus
|
||||
import Utility.Verifiable
|
||||
import Utility.Network
|
||||
import Annex.UUID
|
||||
#endif
|
||||
|
||||
import Yesod
|
||||
|
|
@ -91,6 +92,7 @@ startPairing stage oncancel displaysecret secret = do
|
|||
<*> liftIO getUserName
|
||||
<*> (fromJust . relDir <$> lift getYesod)
|
||||
<*> pure (sshPubKey keypair)
|
||||
<*> liftIO genUUID
|
||||
liftIO $ do
|
||||
let sender = multicastPairMsg Nothing secret stage pairdata
|
||||
let pip = PairingInProgress secret Nothing keypair pairdata
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue