Sorry to say, but this patch is plain rubbish! SSL already implements *everything* required for ...
15 years, 12 months ago
(2010-03-01 14:19:35 UTC)
#3
Sorry to say, but this patch is plain rubbish! SSL already implements
*everything* required for checking the identify of remote side. Use the
standards instead of implementing you own system.
Rule of thumb in security: do not implement you own stuff if there is tested and
reliable solution available.
On 2010/03/01 14:19:35, h.goebel wrote: > Sorry to say, but this patch is plain rubbish! ...
15 years, 12 months ago
(2010-03-01 15:47:35 UTC)
#4
On 2010/03/01 14:19:35, h.goebel wrote:
> Sorry to say, but this patch is plain rubbish! SSL already implements
> *everything* required for checking the identify of remote side. Use the
> standards instead of implementing you own system.
>
> Rule of thumb in security: do not implement you own stuff if there is tested
and
> reliable solution available.
You can keep for your-self this kind of non-constructive remarks.
I guess you want that we use CA check but it is not workable for SMB.
Or if you have an other way, explain it instead of just critic.
On 2010/03/01 15:47:35, ced wrote: > You can keep for your-self this kind of non-constructive ...
15 years, 12 months ago
(2010-03-01 16:19:31 UTC)
#5
On 2010/03/01 15:47:35, ced wrote:
> You can keep for your-self this kind of non-constructive remarks.
> I guess you want that we use CA check but it is not workable for SMB.
> Or if you have an other way, explain it instead of just critic.
Why should I spend my time giving ideas an advice where you simply ignore it?
See the fruitless discussion about SSL implementation where you not even took
the time to answer whether you agree on the concept?
No, I'm not talking about "CA check", but about using certificate to verify the
remote identify. This can be implemented in a single line of code and is usable
fro SMB quite well.
But I'm not discussing concepts here. If you are interested in my experience
start a thread on tryton-dev wo others can discuss, too.
On 2010/03/01 16:19:31, h.goebel wrote: > On 2010/03/01 15:47:35, ced wrote: > > > You ...
15 years, 12 months ago
(2010-03-01 16:37:51 UTC)
#6
On 2010/03/01 16:19:31, h.goebel wrote:
> On 2010/03/01 15:47:35, ced wrote:
>
> > You can keep for your-self this kind of non-constructive remarks.
> > I guess you want that we use CA check but it is not workable for SMB.
> > Or if you have an other way, explain it instead of just critic.
>
> Why should I spend my time giving ideas an advice where you simply ignore it?
I don't care. But it seems to care about having a specific implementation so
explain it.
> See the fruitless discussion about SSL implementation where you not even took
> the time to answer whether you agree on the concept?
It was already answered a long time ago. And nobody will answer negatively to
your questions because they are trivial.
>
> No, I'm not talking about "CA check", but about using certificate to verify
the
> remote identify.
Which certificate? You mean a client side certificate?
> This can be implemented in a single line of code and is usable
> fro SMB quite well.
If it is a single line of code, why do you show it?
>
> But I'm not discussing concepts here. If you are interested in my experience
> start a thread on tryton-dev wo others can discuss, too.
You started the discussion.
http://codereview.appspot.com/223066/diff/5001/6001 File tryton/common/common.py (right): http://codereview.appspot.com/223066/diff/5001/6001#newcode810 tryton/common/common.py:810: sys.exit() You should be nice to the user. Quitting ...
15 years, 11 months ago
(2010-03-14 18:14:17 UTC)
#11
http://codereview.appspot.com/223066/diff/5001/6001 File tryton/common/common.py (right): http://codereview.appspot.com/223066/diff/5001/6001#newcode810 tryton/common/common.py:810: sys.exit() On 2010/03/14 18:14:17, h.goebel wrote: > You should ...
15 years, 11 months ago
(2010-03-14 19:46:26 UTC)
#13
http://codereview.appspot.com/223066/diff/5001/6001
File tryton/common/common.py (right):
http://codereview.appspot.com/223066/diff/5001/6001#newcode810
tryton/common/common.py:810: sys.exit()
On 2010/03/14 18:14:17, h.goebel wrote:
> You should be nice to the user. Quitting the application is not nice.
>
> Untested: Additionally the current implementation will take the chance of
> changing the server at all: Client starts, connects to server
> (server_version()), exception is raised, client quits.
It doesn't happen in login windows.
http://codereview.appspot.com/223066/diff/5001/6003
File tryton/pysocket.py (right):
http://codereview.appspot.com/223066/diff/5001/6003#newcode54
tryton/pysocket.py:54: self.ca_certs = None
On 2010/03/14 18:14:17, h.goebel wrote:
> This is bad! This falls back *silently*. If the file is gone, security is
gone,
> too. Prefer to put the filename (or a bool option) into the config file.
> *If* the certs-file is optional, it should be decided on a higher level
(rpc.py)
> Making security-relevant decisions in a low-level module is not a good thing.
It doesn't chance anything to put a flag in config file or making duck-typing on
ca file.
http://codereview.appspot.com/223066/diff/5001/6003#newcode108
tryton/pysocket.py:108: peercert = self.ssl_sock.getpeercert(True)
On 2010/03/14 18:14:17, h.goebel wrote:
> a) May return None if the server did not present a certificate.
> b) Certificate is not validated, not even the date valid.
Validation is done when certfile is provided.
http://codereview.appspot.com/223066/diff/5001/6003#newcode109
tryton/pysocket.py:109: def format_hash(value):
On 2010/03/14 18:14:17, h.goebel wrote:
> remove this, this is ugly, very hard to understand and undocumented (and
> unnecessary when using digest())
digest is not readable and format_hash format the hash with a common
representation.
looks good, but a few minor comments http://codereview.appspot.com/223066/diff/22001/23001 File tryton/common/common.py (right): http://codereview.appspot.com/223066/diff/22001/23001#newcode808 tryton/common/common.py:808: from tryton.gui.main ...
15 years, 11 months ago
(2010-03-16 22:30:57 UTC)
#18
Other comments are not linked to this patch. http://codereview.appspot.com/223066/diff/22001/23001 File tryton/common/common.py (right): http://codereview.appspot.com/223066/diff/22001/23001#newcode808 tryton/common/common.py:808: from ...
15 years, 11 months ago
(2010-03-16 22:47:48 UTC)
#20
On 2010/03/14 19:46:26, ced wrote: > digest is not readable and format_hash format the hash ...
15 years, 11 months ago
(2010-03-23 16:34:12 UTC)
#23
On 2010/03/14 19:46:26, ced wrote:
> digest is not readable and format_hash format the hash with a common
> representation.
Formating a number is much more efficient than reformatting a string.
Issue 223066: Add fingerprints check to Tryton client
(Closed)
Created 16 years ago by ced
Modified 15 years, 11 months ago
Reviewers: bch, h.goebel, yangoon1, henear000
Base URL:
Comments: 25