search

blindsidenetworks / scalelite

Scalable load balancer for BigBlueButton.
GNU Affero General Public License v3.0
465 stars 249 forks source link

SL-275: Removed hardcoded SHA256 checksum from BBB calls #907

Closed farhatahmad closed 1 year ago

farhatahmad commented 1 year ago

fixes #905

Description

By default, Scalelite was hardcoded to always use SHA256 when making API calls to BBB. The environment variable LOADBALANCER_CHECKSUM_ALGORITHM allowed system admins to specify which algorithms can be used to verify the Scalelite checksum, but not the BBB checksum.

  1. If not set, Scalelite will accept SHA1, SHA256, SHA512 requests and use SHA256 for requests to BBB
  2. If set, Scalelite will accept whatever values are set, and use the most secure option for requests to BBB

Testing Steps

1- Enabled SHA512 on your BBB server 2- Set LOADBALANCER_CHECKSUM_ALGORITHM=SHA512 3- Send a create call to Scalelite, using a SHA512 checksum 4- Ensure the request goes through without failing

Screenshots (if appropriate):

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication