From 068053b54e8a6e1762170bfaf08e680a3ee39373 Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Tue, 11 Mar 2014 13:33:18 -0400 Subject: [PATCH] Documentation updates. --- hacking.txt | 3 +++ irkerd.xml | 2 +- security.txt | 17 ++++++----------- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/hacking.txt b/hacking.txt index 3c1b336..82e9447 100644 --- a/hacking.txt +++ b/hacking.txt @@ -52,6 +52,9 @@ Subversion support in irkerhook.py. Since the 1.0 release he has kept as close an eye on the code as the author and has fixed at least as many bugs. +W. Trevor King added SSL/TLS support and did +significant refactoring work. + Daniel Franke performed a security audit of irkerd. Georg Brandl contributed the Mercurial support in diff --git a/irkerd.xml b/irkerd.xml index c14a950..caf36af 100644 --- a/irkerd.xml +++ b/irkerd.xml @@ -75,7 +75,7 @@ override the default irker username. When the to URL uses the ircs scheme (as shown in the fourth and fifth examples), the connection to -the server is made via SSL/TLS (vs. a plaintext connection with the +the IRC server is made via SSL/TLS (vs. a plaintext connection with the irc scheme). To connect via SSL/TLS with Python 2.x, you need to explicitly declare the certificate authority file used to verify server certificates. For example, -c diff --git a/security.txt b/security.txt index e217720..659a3df 100644 --- a/security.txt +++ b/security.txt @@ -184,14 +184,6 @@ issuing messages from within a given intranet is authorized to do so. This fits the assumption that irker instances will run on forge sites receiving requests from instances of irkerhook.py. -If this is *not* the case (e.g. the network between a hook and irkerd -has to be considered hostile) we could hide irkerd behind an instance -of spiped or an instance of -stunnel . These would be far superior to -in-band authentication in that they would leave the job to specialist -code not in any way coupled to irkerd's internals, minimizing -global complexity and failure modes. - One larger issue (not unique to irker) is that because of the insecured nature of IRC it is essentially impossible to secure #commits against commit notifications that are either garbled by @@ -201,10 +193,13 @@ lesson here is that IRC monitoring isn't a good method for that purpose; going direct to the repositories via a toolkit such as Ohloh is a far better idea. -=== Future directions === +When this analysis was originally written, we recommended using spiped +or stunnel to solve the problem of passing notifications from irkerd +to IRC servers over a potentially hostile network that might interfere +with them. Later, SSL/TLS support proved easy to add and is now in +irkerd itself. -There is presently no direct support for spipe or stunnel in -irkerhook.py. We'd take patches for this. +=== Future directions === == Secrecy == -- 2.26.2