mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
git-annex/Utility
History
Joey Hess bd5affa362
use hmac in balanced preferred content 
This deals with the possible security problem that someone could make an
unusually low UUID and generate keys that are all constructed to hash to
a number that, mod the number of repositories in the group, == 0.
So balanced preferred content would always put those keys in the
repository with the low UUID as long as the group contains the
number of repositories that the attacker anticipated.
Presumably the attacker than holds the data for ransom? Dunno.

Anyway, the partial solution is to use HMAC (sha256) with all the UUIDs
combined together as the "secret", and the key as the "message". Now any
change in the set of UUIDs in a group will invalidate the attacker's
constructed keys from hashing to anything in particular.

Given that there are plenty of other things someone can do if they can
write to the repository -- including modifying preferred content so only
their repository wants files, and numcopies so other repositories drom
them -- this seems like safeguard enough.

Note that, in balancedPicker, combineduuids is memoized.
2024-08-10 16:32:54 -04:00
..
Directory improve createDirectoryUnder to allow alternate top directories 2022-08-12 12:52:37 -04:00
DirWatcher fix empty tree import when directory does not exist 2023-08-15 12:57:41 -04:00
Env fix a annex.pidlock issue 2020-06-17 15:30:59 -04:00
LockFile Fix Windows build with Win32 2.13.4+ 2024-06-03 13:04:15 -04:00
LockPool avoid annexFileMode special case 2023-04-27 15:58:37 -04:00
Path run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
Process fix missing new lines in processTranscript 2021-08-02 13:42:27 -04:00
Scheduled Typo: recurrance -> recurrence 2023-03-17 15:14:54 -04:00
Tmp avoid using removePathForcibly everywhere, it is unsafe 2022-05-02 14:06:20 -04:00
Url fix build on windows 2023-08-18 13:03:47 -04:00
Aeson.hs support aeson for Map 2023-05-10 13:51:37 -04:00
Android.hs
Applicative.hs
Attoparsec.hs
AuthToken.hs filter out control characters in error messages 2023-04-10 13:50:51 -04:00
Base64.hs simplify base64 to only use ByteString 2023-10-26 13:10:05 -04:00
Batch.hs add searchPathContents 2021-02-02 19:06:15 -04:00
Bloom.hs Apply codespell -w throughout 2023-03-17 15:14:58 -04:00
CoProcess.hs make commitMigration interuption safe 2023-12-06 16:29:58 -04:00
CopyFile.hs fix comment 2023-03-28 12:40:08 -04:00
Daemon.hs fix build with unix-2.8.0 2023-08-01 18:41:27 -04:00
Data.hs eliminate s2w8 and w82s 2023-10-26 13:12:57 -04:00
DataUnits.hs improve attribution armoring 2023-11-21 11:34:21 -04:00
DBus.hs
Debug.hs Revert "use existing debug machinery for explain" 2023-07-25 15:53:50 -04:00
DebugLocks.hs
Directory.hs fix empty tree import when directory does not exist 2023-08-15 12:57:41 -04:00
DirWatcher.hs
DiskFree.hs
Dot.hs
DottedVersion.hs more RawFilePath conversion 2020-10-29 12:03:50 -04:00
Env.hs
Exception.hs avoid displaying ExitCode exceptions 2023-04-12 17:04:57 -04:00
FileMode.hs Fix crash of enableremote when the special remote has embedcreds=yes 2023-10-20 13:19:12 -04:00
FileSize.hs fix build warnings on windows 2023-03-21 18:41:23 -04:00
FileSystemEncoding.hs clean up windows build warnings about unused imports 2024-03-26 13:06:52 -04:00
Format.hs find, findkeys, examinekey: escape output to terminal when --format is not used 2023-04-11 15:27:07 -04:00
FreeDesktop.hs
Glob.hs Typo: sansative -> sensitive 2023-03-17 15:14:50 -04:00
Gpg.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
Hash.hs use hmac in balanced preferred content 2024-08-10 16:32:54 -04:00
HtmlDetect.hs improve attribution armoring 2023-11-21 11:34:21 -04:00
HumanNumber.hs Fix a rounding bug in display of data sizes 2021-07-30 09:56:04 -04:00
HumanTime.hs avoid parseDuration succeeding on empty string 2020-12-08 12:51:56 -04:00
InodeCache.hs fix build warnings on windows 2023-03-21 18:41:23 -04:00
IPAddress.hs Apply codespell -w throughout 2023-03-17 15:14:58 -04:00
libkqueue.c
libkqueue.h
LinuxMkLibs.hs work around ldd crash on arm64 autobuilder 2023-01-28 14:26:01 -04:00
LockFile.hs
LockPool.hs
LogFile.hs avoid unix-compat's rename 2022-07-12 14:55:02 -04:00
Lsof.hs filter out control characters in error messages 2023-04-10 13:50:51 -04:00
MagicWormhole.hs fix breakage in wormhole's sendFile 2022-09-26 15:26:29 -04:00
Matcher.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
MD5.hs
Metered.hs RawFilePath conversion 2024-01-19 14:26:21 -04:00
Misc.hs Apply codespell -w throughout 2023-03-17 15:14:58 -04:00
Monad.hs Add git-annex remote refs that are not newer to the merged refs list 2023-08-09 13:31:36 -04:00
MonotonicClock.hs use REMOVE-BEFORE in P2P protocol 2024-07-04 13:47:38 -04:00
Mounts.hs
MoveFile.hs windows build fix 2024-03-26 13:51:51 -04:00
Network.hs
NotificationBroadcaster.hs
OpenFd.hs avoid cpp failure on windows 2023-08-02 10:08:00 -04:00
OptParse.hs
OSX.hs
PartialPrelude.hs
Path.hs improve attribution armoring 2023-11-21 11:34:21 -04:00
Percentage.hs
PID.hs
Process.hs add git config debugging 2023-05-15 15:35:29 -04:00
QuickCheck.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
RawFilePath.hs Windows: Support long filenames in more (possibly all) of the code 2023-03-01 15:55:58 -04:00
ResourcePool.hs use ResourcePool for hash-object handles 2022-07-25 17:32:39 -04:00
Rsync.hs Parse youtube-dl progress output 2020-09-29 17:53:48 -04:00
SafeCommand.hs add newtypes for QuickCheck to avoid LANG=C issues 2020-11-09 20:21:18 -04:00
SafeOutput.hs remove unused imports 2023-04-12 16:48:18 -04:00
Scheduled.hs Typo: recurrance -> recurrence 2023-03-17 15:14:54 -04:00
Shell.hs add searchPathContents 2021-02-02 19:06:15 -04:00
ShellEscape.hs improve attribution armoring 2023-11-21 11:34:21 -04:00
SimpleProtocol.hs P2P protocol version 2, adding SUCCESS-PLUS and ALREADY-HAVE-PLUS 2024-06-18 16:21:40 -04:00
Split.hs
SshConfig.hs Windows: Support long filenames in more (possibly all) of the code 2023-03-01 15:55:58 -04:00
SshHost.hs
StatelessOpenPGP.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
Su.hs fix build warning 2022-10-27 10:21:24 -04:00
SystemDirectory.hs small RawFilePath optimisation 2023-03-02 10:53:12 -04:00
Tense.hs
Terminal.hs Windows: Fix escaping output to terminal when using old versions of MinTTY 2024-03-26 13:09:21 -04:00
ThreadLock.hs
ThreadScheduler.hs fix build warnings on windows 2024-03-26 13:11:53 -04:00
TimeStamp.hs Revert "import Data.Time.Clock to build with time-1.9.1" 2023-12-27 19:11:15 -04:00
TList.hs further change to support dlist-1.0 2020-08-05 10:37:14 -04:00
Tmp.hs remove debug print 2023-12-05 15:56:58 -04:00
Tor.hs Windows: Support long filenames in more (possibly all) of the code 2023-03-01 15:55:58 -04:00
Touch.hs fix build on windows 2020-11-16 09:31:45 -04:00
Tuple.hs
Url.hs split out Utility.Url.Parse 2023-08-14 12:28:10 -04:00
UserInfo.hs fix build on windows 2023-08-02 10:43:20 -04:00
Verifiable.hs use hmac in balanced preferred content 2024-08-10 16:32:54 -04:00
WebApp.hs webapp: Added --port option, and annex.port config 2024-01-25 14:08:36 -04:00
Yesod.hs Apply codespell -w throughout 2023-03-17 15:14:58 -04:00