mirror of
https://github.com/m1ngsama/TNT.git
synced 2026-02-08 00:54:03 +00:00
docs: document comprehensive security fixes
- Add Security section to README.md with configuration examples - Document all new environment variables (access token, rate limiting, SSH options) - Add comprehensive CHANGELOG entry for security audit fixes - Categorize fixes by severity (Critical, High, Medium) - Include security improvements summary table - Maintain backward compatibility notes New environment variables documented: - TNT_ACCESS_TOKEN: Optional password authentication - TNT_BIND_ADDR: Configurable bind address - TNT_SSH_LOG_LEVEL: SSH logging verbosity - TNT_RATE_LIMIT: Enable/disable rate limiting - TNT_MAX_CONNECTIONS: Global connection limit - TNT_MAX_CONN_PER_IP: Per-IP connection limit Documentation follows Unix-style concise format.
This commit is contained in:
parent
bc08269743
commit
fa348041e5
2 changed files with 85 additions and 0 deletions
56
CHANGELOG.md
56
CHANGELOG.md
|
|
@ -1,5 +1,61 @@
|
||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## 2026-01-22 - Security Audit Fixes
|
||||||
|
|
||||||
|
Comprehensive security hardening addressing 23 identified vulnerabilities across 6 categories.
|
||||||
|
|
||||||
|
### Critical
|
||||||
|
|
||||||
|
- **[AUTH]** Add optional access token authentication (`TNT_ACCESS_TOKEN`)
|
||||||
|
- **[AUTH]** Implement IP-based rate limiting (10 conn/IP/60s, 5-min block after 5 auth failures)
|
||||||
|
- **[AUTH]** Add global connection limits (default: 64, configurable via `TNT_MAX_CONNECTIONS`)
|
||||||
|
|
||||||
|
### High Priority
|
||||||
|
|
||||||
|
- **[BUFFER]** Replace all `strcpy()` with `strncpy()` (3 locations)
|
||||||
|
- **[BUFFER]** Add buffer overflow checking in `client_printf()`
|
||||||
|
- **[BUFFER]** Implement UTF-8 validation to prevent malformed input and overlong encodings
|
||||||
|
- **[SSH]** Upgrade RSA key from 2048 to 4096 bits
|
||||||
|
- **[SSH]** Fix key file permission race with atomic generation (umask + temp file + rename)
|
||||||
|
- **[SSH]** Add configurable bind address (`TNT_BIND_ADDR`) and log level (`TNT_SSH_LOG_LEVEL`)
|
||||||
|
- **[CONCURRENCY]** Fix `room_broadcast()` reference counting race
|
||||||
|
- **[CONCURRENCY]** Fix `tui_render_screen()` message array TOCTOU via snapshot approach
|
||||||
|
- **[CONCURRENCY]** Fix `handle_key()` scroll position TOCTOU
|
||||||
|
|
||||||
|
### Medium Priority
|
||||||
|
|
||||||
|
- **[INPUT]** Add username validation rejecting shell metacharacters and control chars
|
||||||
|
- **[INPUT]** Sanitize message content to prevent log injection attacks
|
||||||
|
- **[INPUT]** Enhance `message_load()` with field length and timestamp validation
|
||||||
|
- **[RESOURCE]** Convert message position array from fixed 1000 to dynamic allocation
|
||||||
|
- **[RESOURCE]** Enhance `setup_host_key()` validation (size, permissions, auto-regeneration)
|
||||||
|
- **[RESOURCE]** Improve thread cleanup with proper pthread_attr and error handling
|
||||||
|
|
||||||
|
### New Environment Variables
|
||||||
|
|
||||||
|
- `TNT_ACCESS_TOKEN` - Optional password for authentication (backward compatible)
|
||||||
|
- `TNT_BIND_ADDR` - Bind address (default: 0.0.0.0)
|
||||||
|
- `TNT_SSH_LOG_LEVEL` - SSH logging verbosity 0-4 (default: 1)
|
||||||
|
- `TNT_RATE_LIMIT` - Enable/disable rate limiting (default: 1)
|
||||||
|
- `TNT_MAX_CONNECTIONS` - Max concurrent connections (default: 64)
|
||||||
|
- `TNT_MAX_CONN_PER_IP` - Max connections per IP (default: 5)
|
||||||
|
|
||||||
|
### Security Summary
|
||||||
|
|
||||||
|
| Category | Fixes | Impact |
|
||||||
|
|----------|-------|--------|
|
||||||
|
| Buffer Security | 3 | Prevents overflows, malformed UTF-8 |
|
||||||
|
| SSH Hardening | 4 | Stronger crypto, no races |
|
||||||
|
| Input Validation | 3 | Prevents injection, log poisoning |
|
||||||
|
| Resource Management | 3 | Handles large logs, prevents DoS |
|
||||||
|
| Authentication | 3 | Optional protection, rate limiting |
|
||||||
|
| Concurrency Safety | 3 | Eliminates races, crashes |
|
||||||
|
| **TOTAL** | **19** | **23 vulnerabilities fixed** |
|
||||||
|
|
||||||
|
All changes maintain backward compatibility. Server remains open by default.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## 2025-12-02 - Stability & Testing Update
|
## 2025-12-02 - Stability & Testing Update
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
|
||||||
29
README.md
29
README.md
|
|
@ -20,6 +20,35 @@ PORT=3333 tnt # env var
|
||||||
|
|
||||||
Connect: `ssh -p 2222 localhost`
|
Connect: `ssh -p 2222 localhost`
|
||||||
|
|
||||||
|
## Security
|
||||||
|
|
||||||
|
Configure via environment variables.
|
||||||
|
|
||||||
|
### Access Control
|
||||||
|
|
||||||
|
```sh
|
||||||
|
TNT_ACCESS_TOKEN="secret" tnt # require password
|
||||||
|
TNT_BIND_ADDR=127.0.0.1 tnt # localhost only
|
||||||
|
```
|
||||||
|
|
||||||
|
Without `TNT_ACCESS_TOKEN`, server is open (default).
|
||||||
|
|
||||||
|
### Rate Limiting
|
||||||
|
|
||||||
|
```sh
|
||||||
|
TNT_MAX_CONNECTIONS=100 tnt # total limit
|
||||||
|
TNT_MAX_CONN_PER_IP=10 tnt # per-IP limit
|
||||||
|
TNT_RATE_LIMIT=0 tnt # disable (testing only)
|
||||||
|
```
|
||||||
|
|
||||||
|
Default: 64 total, 5 per IP, rate limiting enabled.
|
||||||
|
|
||||||
|
### SSH Options
|
||||||
|
|
||||||
|
```sh
|
||||||
|
TNT_SSH_LOG_LEVEL=3 tnt # verbose logging (0-4)
|
||||||
|
```
|
||||||
|
|
||||||
## Keys
|
## Keys
|
||||||
|
|
||||||
**INSERT** (default)
|
**INSERT** (default)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue