Fix bug that prevented resuming of uploads to encrypted special remotes that used chunking. This bug could also expose the names of keys to such remotes.

This is a low-severity security hole.
2016-04-27 12:54:43 -04:00 · 2016-04-27 12:54:43 -04:00 · b890f3a53d
commit b890f3a53d
parent 363b984176
5 changed files with 30 additions and 6 deletions
--- a/doc/bugs/External_special_remote_broken63.mdwn
+++ b/doc/bugs/External_special_remote_broken63.mdwn
@ -61,4 +61,4 @@ upgrade supported from repository versions: 0 1 2 4 5

 ### Have you had any luck using git-annex before? (Sometimes we get tired of reading bug reports all day and a lil' positive end note does wonders)

-
+> [[fixed|done]] --[[Joey]]
--- a/doc/bugs/External_special_remote_broken63/comment_1_904a186a6400506303cad772ac1a6751._comment
+++ b/doc/bugs/External_special_remote_broken63/comment_1_904a186a6400506303cad772ac1a6751._comment
@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2016-04-27T16:23:43Z"
+ content="""
+Reproduced this using a directory special remote.
+
+The first checkpresent is because a file can be present on a remote in
+non-chunked form, since a remote can be reconfigured to add chunking.
+So it's nothing to worry about.
+
+The lack of encryption of the key when checking to resume is definitely a
+bug. A bit of a security bug too, although it only happens when resuming
+uploads. (I double checked the other operations and they all encrypt keys)
+I suppose that if the server was hostile, it could randomly make
+uploads fail, in order to get git-annex to expose content keys via
+this bug when resuming.
+"""]]