[proposed fix] tinc has a security hole
Guus Sliepen
guus at sliepen.warande.net
Tue Aug 29 11:57:25 CEST 2000
On Sun, 27 Aug 2000, Ivo Timmermans wrote:
> And while we're at it, why not just encrypt everything?
Yes :)
> client server
> 1 connects to server
> 2 accepts connection, send HELLO
HELLO? overhead. Just start directly sending a public key.
2 send PUBLIC_KEY
3 send PUBLIC KEY
> From now on, everything can be encrypted.
> 5 send BASIC INFO
Yes, but BASIC_INFO still contains to much data. We should also use a
"hostname" for each tinc daemon, exchange those names, then the
passphrases to validate the names.
4 send hostname
5 send hostname
6 send passhprase encrypted w. public key
7 idem
Then verify, if something is wrong, close connection. Ofcourse, 6 and 7
might look a bit different if we use private/public keypairs instead of
passphrases.
8 send BASIC_INFO
9 idem
10 connected connected
-------------------------------------------
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.warande.net>
-------------------------------------------
See also: http://tinc.nl.linux.org/
http://www.kernelbench.org/
-------------------------------------------
---
TINC development list, tinc-devel at nl.linux.org
Archive: http://mail.nl.linux.org/tinc-devel/
More information about the Tinc-devel
mailing list