-
- Downloads
gluon-autoupdater: add support for HTTPS and protocol-less URLs
The autoupdater supports HTTPS when a ustream TLS backend is installed,
but we did not allow this in site.conf. However, just allowing HTTPS
URLs unconditionally is also a bad idea, as it might result in nodes
being unable to reach the mirror, in particular if the `tls` feature is
enabled only for some devices.
Solve this by allowing https:// URLs only if the marker file installed
by gluon-tls is found, failing the site check with an error message like
the following otherwise:
*** All of the following alternatives have failed:
1) site.conf error: expected autoupdater.branches.test.mirrors.1 to match pattern 'http://', but it is "https://..." (a string value)
2) site.conf error: expected autoupdater.branches.test.mirrors.1 to use HTTPS only if the 'tls' feature is enabled, but it is "https://..." (a string value)
3) site.conf error: expected autoupdater.branches.test.mirrors.1 to match pattern '^//', but it is "https://..." (a string value)
In addition, introduce support for protocol-less //server/path URLs,
which will use either HTTP or HTTPS depending on the availablility of
the `tls` feature. No fallback happens when `tls` is available, but the
HTTPS connection fails, preventing downgrade attack.
Based-on-patch-by: 
Kevin Olbrich <ko@sv01.de>
Showing
- docs/multidomain-site-example/site.conf 9 additions, 1 deletiondocs/multidomain-site-example/site.conf
- docs/site-example/site.conf 9 additions, 1 deletiondocs/site-example/site.conf
- docs/user/site.rst 14 additions, 1 deletiondocs/user/site.rst
- package/gluon-autoupdater/check_site.lua 20 additions, 1 deletionpackage/gluon-autoupdater/check_site.lua
- package/gluon-autoupdater/luasrc/lib/gluon/upgrade/500-autoupdater 17 additions, 1 deletion...luon-autoupdater/luasrc/lib/gluon/upgrade/500-autoupdater
Loading
Please register or sign in to comment