Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

steam: http -> https #104507

Merged
merged 1 commit into from Nov 23, 2020
Merged

steam: http -> https #104507

merged 1 commit into from Nov 23, 2020

Conversation

mwilsoncoding
Copy link

Motivation for this change

Would prefer HTTPS by default

Things done
  • verified the same sha256 is generated by the artifact received via the https endpoint as the one received through the http endpoint

@SuperSandro2000
Copy link
Member

SuperSandro2000 commented Nov 21, 2020
edited

Result of nixpkgs-review pr 104507 run on x86_64-linux 1

Edit: I don't know the command to invalidate the download cache but the size is the same.

@r-burns
Copy link
Contributor

r-burns commented Nov 21, 2020

If the output is hashed, what's the point?

@mwilsoncoding
Copy link
Author

If the output is hashed, what's the point?

Encryption in flight? ¯\_(ツ)_/¯

I'd prefer the encrypted protocol over non, but maybe I'm being too paranoid.

@r-burns
Copy link
Contributor

r-burns commented Nov 21, 2020

Oh that's fair, I guess I was just thinking from a MITM mitigation standpoint. And since this is proprietary, users will be downloading it themselves.

turboMaCk
turboMaCk approved these changes Nov 22, 2020
View reviewed changes
Copy link
Member

@turboMaCk turboMaCk left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's still better to use https. I even think MITM is still a concern if hydra would be a target of such attack. Even though the fact that diff is only in protocol doesn't mean such attack can't happens if the future (only that it has not happened yet). If hydra would be given a fake source (by any type of man in the middle or man on the side) it would happily cash the build result and distribute it via binary cache for given derivation.

  • NIXPKGS_ALLOW_UNFREE=1 nix-build -A steam works locally
  • diff looks ok

@buckley310
Copy link
Contributor

fetchurl ignores certificate errors. It relies on the supplied sha256 hash for validation.

That being said, I still prefer https by default. Http links lying around are, at best, basically the same, and at worst, a footgun.

jonringer
jonringer approved these changes Nov 23, 2020
View reviewed changes
Copy link
Contributor

@jonringer jonringer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Result of nixpkgs-review pr 104507 1

@jonringer jonringer merged commit e82c3b6 into NixOS:master Nov 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turboMaCk turboMaCk turboMaCk approved these changes

@jonringer jonringer jonringer approved these changes

@r-burns r-burns r-burns approved these changes

Assignees
No one assigned
Labels
6.topic: steam 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@mwilsoncoding @SuperSandro2000 @r-burns @buckley310 @turboMaCk @jonringer