Skip to content

feature: v2 authentication request #5537

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 3, 2025
Merged

feature: v2 authentication request #5537

merged 4 commits into from
Mar 3, 2025

Conversation

jstuczyn
Copy link
Contributor

@jstuczyn jstuczyn commented Feb 28, 2025
edited by mmsinclair
Loading

this PR creates new v2 variant of client-gateway authentication message that increases protection against possible connetion hijacking

This change is Reviewable

@jstuczyn jstuczyn added this to the Chokito milestone Feb 28, 2025
@jstuczyn jstuczyn requested a review from octol February 28, 2025 16:32
@vercel Vercel
Copy link

vercel bot commented Feb 28, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments
Name Status Preview Comments Updated (UTC)
docs-nextra ⬜️ Ignored (Inspect) Visit Preview Mar 3, 2025 5:33pm
nym-next-explorer ⬜️ Ignored (Inspect) Visit Preview Mar 3, 2025 5:33pm

@jstuczyn jstuczyn merged commit 155c4d3 into develop Mar 3, 2025
17 of 19 checks passed
@jstuczyn jstuczyn deleted the bugfix/gateway-auth-replay-attack branch March 3, 2025 17:51
jstuczyn added a commit that referenced this pull request Mar 5, 2025
@jstuczyn
feature: v2 authentication request (#5537)
e80aced 
* introduced v2 authentication request between clients and gateways

* client to send v2 auth when possible

* added persistence to last used authentication timestamp

* added clients identity to signed plaintext
jstuczyn added a commit that referenced this pull request Mar 6, 2025
@jstuczyn
feature: v2 authentication request (#5537) (#5563)
698883c 
* introduced v2 authentication request between clients and gateways

* client to send v2 auth when possible

* added persistence to last used authentication timestamp

* added clients identity to signed plaintext
mfahampshire pushed a commit that referenced this pull request Mar 6, 2025
@jstuczyn @mfahampshire
feature: v2 authentication request (#5537) (#5563)
c25c454 
* introduced v2 authentication request between clients and gateways

* client to send v2 auth when possible

* added persistence to last used authentication timestamp

* added clients identity to signed plaintext
@benedettadavico
Copy link
Contributor

Testing Completion Date: [17/03/2025]

Testing Steps Performed:
Regression testing performed on old clients and new clients, connecting to old and new nodes.

Validation:
[x] Test Passed
[] Test Failed

Notes:
The new vpn clients have not been tested against this PR as they were not ready at the time of testing

Attachments:
n/a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neacsu neacsu neacsu approved these changes

@octol octol Awaiting requested review from octol

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Chokito
Development

Successfully merging this pull request may close these issues.
3 participants
@jstuczyn @benedettadavico @neacsu