Conversation
14582bd to
a32234d
Compare
3b89576 to
a21bda0
Compare
c26a152 to
9599860
Compare
acaaec2 to
c94b171
Compare
|
Oh, its finally ready! Will try to review tomorrow. |
|
I am concerned that this will confuse users. Why would they need to click this button when they are on this dialog? It's likely in my experience that they will click it and think, "Hey those don't match" to which we will respond "Of course they don't match, they're not supposed to"... and we'll repeat that response until ultimately we remove the button as we tire of this discussion.
TL;DR: People don't read things and will end up wasting our time with questions that don't make sense. |
This comment was marked as resolved.
This comment was marked as resolved.
|
Please make sure your using the newest version . |
With the dialog up there is no way to see your local keys to confirm what is on the screen in the case a new server connecting to a new client both will have the dialog up showing the others keys with no way to view their own. I do not want to add the local keys into dialog as having to see them to compare can happen in cases where you are not needing to see the local ones for example a known client or sever generates new keys. I'd welcome some better tooltip wording for the tooltip Ideally we could tell the app when this needs to happen and have one machine show the dialog with the remote keys while the remote shows it keys on its screen for easier comparison. But since the remote machine is not even aware of the connection status is in a need auth state to show this dialog. so i opted to allow the user to open it from the remote box. |
Which problem are we trying to solve?
In both cases, I see the value of the button but I still think the wording will confuse some people. I also think that the word "this" will cause confusion: Does "this computer" mean the client that is connecting or this current computer that I'm on? To us devs, it's obviously this current computer that I'm on but that's because we know how it works. |
Yes lets word it better |
This comment was marked as resolved.
This comment was marked as resolved.
Edit Solved this by adding a bool to the method that makes the dialog
|
based on barrier: 8bc280e
based on barrier: 5c7d719
based on barrier: 57769cf
based on barrier: 229abab Fixes: CVE-2021-42072, CVE-2021-42073
…client needs to be put in the layout when both tls is enabled and peer key checking is enabled , otherwise show the old dialog asking to allow the client to connect
|
/tip $100 @sithlord48 |
|
🎉🎈 @sithlord48 has been awarded $100! 🎈🎊 |
|
@sithlord48 The milestone set for this PR (2.0.0) may be causing some confusion. We should review what issues/PRs are in 2.0.0 milestone. |
|
This is a goal we need to completed before 2.0.0 can be released.. We don't hold code back for a specific release we just land it when ready and our milestones act as a guide for us to know when we can say we can bump to version ... |
Based on #8195
The final part that fixes: #7806 ( It may solve the sonar hotspot as we have a mode where both clients and server keys are stored so they can say their name is whatever but w/o the key they must be readded again as the key changed)
Recreates : debauchee#1346 (and more)
From that PR
This PR fixes the following security vulnerabilities:
In Addition:
Current local fingerprint dialog header text
Local computer's fingerprints