Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix config set private key protection #3147

Closed
wants to merge 1 commit into from
Closed

Fix config set private key protection #3147

wants to merge 1 commit into from

Conversation

whyrusleeping
Copy link
Member

@whyrusleeping
config: guard against privkey being overwritten in fsrepo setConfig
d290d56 
License: MIT
Signed-off-by: Jeromy <why@ipfs.io>
@whyrusleeping whyrusleeping added the status/in-progress In progress label Aug 29, 2016
@whyrusleeping whyrusleeping changed the base branch from master to version/0.4.3-rc4 August 29, 2016 22:25
@whyrusleeping whyrusleeping added need/review Needs a review and removed status/in-progress In progress labels Aug 29, 2016
@jbenet
Copy link
Member

jbenet commented Aug 29, 2016

@whyrusleeping -- @lgierth and i were discussing that it's likely much easier to solve this problem by just moving the key out of the config entirely for good, and at this point we keep sinking energy into making the hack work when there's likely all these complicated edge cases to cover.

We could move it out in a 4-5 migration, put it in a file in $repo/keys/id for now, and deal with future migrations to move to the proper keystore later. Our migrations work pretty reliably (yay!).

jbenet
jbenet reviewed Aug 29, 2016
View reviewed changes
repo/fsrepo/fsrepo.go
// Load private key to guard against it being overwritten.
// NOTE: this is a temporary measure to secure this field until we move
// keys out of the config file.
pkval, err := common.MapGetKV(mapconf, "Identity.PrivKey")
Copy link
Member

@jbenet jbenet Aug 29, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • What if the name of the fields in the structs changes and people forget to change it here? should be a const in the relevant config.go file.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would merge a PR that cleanly moves the private key out of the config if
paired with a migration. I do not have time to work on that.

On Mon, Aug 29, 2016, 16:41 Juan Benet notifications@github.com wrote:

In repo/fsrepo/fsrepo.go
#3147 (comment):

@@ -482,6 +482,14 @@ func (r *FSRepo) SetConfigKey(key string, value interface{}) error {
return err
}

  • // Load private key to guard against it being overwritten.
  • // NOTE: this is a temporary measure to secure this field until we move
  • // keys out of the config file.
  • pkval, err := common.MapGetKV(mapconf, "Identity.PrivKey")
  • What if the name of the fields in the structs changes and people
    forget to change it here? should be a const.


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/ipfs/go-ipfs/pull/3147/files/d290d567fc5ced87bb6dd7634d80b697272d42ff#r76708163,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABL4HGKfwgzdeG15CckDMgcf7McbFFyFks5qk24TgaJpZM4Jv9id
.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jbenet as we will be moving the key out of config in the nearest future, can we accept current hack (it is hack) and release keymigrations in 0.4.4 or 0.5.

This isn't long term strategy, it is a way to keep things running for till next release.

@whyrusleeping whyrusleeping added this to the ipfs-0.4.3-rc4 milestone Aug 31, 2016
@whyrusleeping
Copy link
Member Author

closing, moved the changes here to #3141

@whyrusleeping whyrusleeping deleted the fix/config-race-err branch September 2, 2016 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
need/review Needs a review
Projects
None yet
Milestone
ipfs-0.4.3-rc4
Development

Successfully merging this pull request may close these issues.
3 participants
@whyrusleeping @jbenet @Kubuxu