disinto-admin/disinto
1
0
Fork 0
Code Issues 24 Pull requests 1 Projects Releases Packages Wiki Activity Actions
disinto/bin
History
dev-qwen2 0243f546da
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/push/nomad-validate Pipeline was successful
Details
fix: edge-control: deregister has no ownership check — any authorized SSH key can take over any project (#1091) 
Require the caller to prove ownership on deregister by providing the
pubkey that was used during registration. The stored pubkey is loaded
from registry.json and compared byte-for-byte against the supplied key.

Changes:
- Add get_pubkey() helper to lib/ports.sh
- Update do_deregister() to verify caller pubkey before removing project
- Update SSH protocol to "deregister <project> <pubkey>"
- Update bin/disinto CLI to read tunnel keypair and pass pubkey
- Return {"error":"pubkey mismatch"} on failure (no pubkey leakage)
- Add unit tests for both success and failure paths

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-20 19:12:31 +00:00
..
disinto fix: edge-control: deregister has no ownership check — any authorized SSH key can take over any project (#1091) 2026-04-20 19:12:31 +00:00