]> git.ipfire.org Git - thirdparty/FORT-validator.git/tag
projects / thirdparty / FORT-validator.git / tag
? search:
summary | shortlog | log | commit | commitdiff | tree

1.5.3
object 8f333929d55117db8ab85c08ed705a76119d4498 commit
authorAlberto Leiva Popper <ydahhrk@gmail.com>
Tue, 9 Nov 2021 06:03:29 +0000 (00:03 -0600)
This is the "NCSC release."

Patches:

> E: Repository keeps the connection for a long time before a response
> is returned, but does keep drip feeding new bytes to keep the
> connection alive.
> The idea is to DoS the RP by keeping the validation stuck, and thus,
> the cache outdated.

FORT used to have a buggy defense against this.

`--http.idle-timeout` simultaneously controlled both
CURLOPT_LOW_SPEED_LIMIT [0] and CURLOPT_LOW_SPEED_TIME [1], but it did
so clumsily. In pseudocode,

CURLOPT_LOW_SPEED_LIMIT = --http.idle-timeout
CURLOPT_LOW_SPEED_TIME = (--http.idle-timeout != 0) ? 1 : 0

The new code introduces two new flags. In pseudocode:

CURLOPT_LOW_SPEED_LIMIT = --http.low-speed-limit [2]
CURLOPT_LOW_SPEED_TIME = --http.low-speed-time [3]

`--http.low-speed-limit` defaults to 100 KB/s, and
`--http.low-speed-time` defaults to 10 s.

> L: Repository serves extremely large files.
> This causes disk exhaustion and cripplingly long synchronization.

rsync calls now include `--max-size=20MB` by default. [4]

For RRDP, FORT introduces `--http.max-file-size`. [5] It defaults to 1
GB. (Because of large and growing legitimate RRDP snapshots.)

> O: Manifest references a file that will be written outside of the
> cache's directory.
> This is done to trojan the RP's machine.

Fixed by implementing RFC 6486bis, section 4.2.2. [6]

Files can no longer be written anywhere other than the Manifest's own
directory.

------------------------------------------------------------------------

[0] https://curl.se/libcurl/c/CURLOPT_LOW_SPEED_LIMIT.html
[1] https://curl.se/libcurl/c/CURLOPT_LOW_SPEED_TIME.html
[2] https://nicmx.github.io/FORT-validator/usage.html#--httplow-speed-limit
[3] https://nicmx.github.io/FORT-validator/usage.html#--httplow-speed-time
[4] https://nicmx.github.io/FORT-validator/usage.html#rsyncarguments-recursive
[5] https://nicmx.github.io/FORT-validator/usage.html#--httpmax-file-size
[6] https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-6486bis-07#section-4.2.2
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEj5q8fvO6Vl+d8VeMchYP1XskKWcFAmGKD0cACgkQchYP1Xsk
KWdnkw//TlV3LbJSvt1dVCXLp6nizD1LJJOFFk4CpTScsg2y3XK4zXo26yrTcy85
rxgqdY8vpaMrmMnmm2haUQaaxMqqikg7Rek1t7/LXmZBF9Xw+vOhdf9cmGkeKnoJ
2/pWRn3ZCy1v9G5NdaRcTajE6EFXcd59g5nwPmElfw7nWcKsAFS0fuzj+eb3yCZc
H09X4rgKhC1DdP0D02YlWa93wz2hBiAu6DXNdyNJP6Aks/EuRKP3KhraueznRrH/
olyZPa8lYdrnHhSXoQPTDA3D3gGScHuUCxYFJldxx5ZFVdY0289n+OZGkK38dOtL
VP7FHdsCuPKeyiGfVmykBy5SRlEUmJhxAZM25qVEAkcfyQQRke/Uf9G/j5YNv5bu
yiDytO66XCqlqcNPp8Nedz4C4KeC0OIr0geZ2LTqAEmf1z1NCBz3pQJOgDXuiEDR
W0gkLy2MlZzi++G6G125aa1TQyTO36TUYydvqhrMWhQmbmIAfceZVQenWTB20osd
KRDZaeoShGgtM6YjXxj2p+uHxsLxz3DeKQxykkGmcTagWfng3+MJw4efO1rcrBx9
5z8c4oJkvBHBpCJEXWGH85hzfOhi4lG3NbJJeJbKigIPH0DeBowA3K+g223vIqXL
fLGiPQCMzuU4OxWIGktkk6EythJNa4+YzfleyKlaMEFueD2pPwI=
=lzy8
-----END PGP SIGNATURE-----
Mirror of https://github.com/NICMx/FORT-validator.git