alpha
Login
or
Join now
mitchellh.com
/
tack
Star
3
Fork
10
Atom
Configure Feed
Issues
Pull Requests
Commits
Tags
Feed URL
Select the types of activity you want to include in your feed.
Stitch any CI into Tangled
Star
3
Fork
10
Atom
Configure Feed
Issues
Pull Requests
Commits
Tags
Feed URL
Select the types of activity you want to include in your feed.
Overview
Issues
Pulls
Pipelines
tack
/
internal
/
at
c731f142609f795f78e31c59021922c643ea5295
1 folder
Mitchell Hashimoto
buildkite: enforce freshness window on webhook signatures
7w ago
c3035867
buildkite
buildkite: enforce freshness window on webhook signatures VerifySignature previously accepted any cryptographically valid "timestamp=<unix>,signature=<hex>" header regardless of how old the timestamp was. An attacker who captured a single signed delivery could replay it indefinitely, creating duplicate status events and unbounded growth in the events table. Reject signatures whose timestamp is more than MaxSignatureAge (5 minutes) from the local clock in either direction. The symmetric bound also defeats implausibly future-dated stamps that would otherwise mint a long replay window. The clock is read through a package-level timeNow var so tests can pin it deterministically; the existing fixed-timestamp test now stubs the clock and a new stale case covers the rejection path.
1 month ago