Package: tlswrapper (0~20250201-2 and others)
Links for tlswrapper
Debian Resources:
Download Source Package tlswrapper:
- [tlswrapper_0~20250201-2.dsc]
- [tlswrapper_0~20250201.orig.tar.gz]
- [tlswrapper_0~20250201.orig.tar.gz.asc]
- [tlswrapper_0~20250201-2.debian.tar.xz]
Maintainer:
External Resources:
- Homepage [github.com]
Similar packages:
TLS-krypteringsomslag
Tlswrapper er et TLS-krypteringsomslag mellem ekstern klient og lokale programmer.
Internet <--> tcpserver/inetd/systemd.socket/... <--> tlswrapper <--> prog
Adskilt proces for hver forbindelse.
Tlswrapper afvikles fra systemd.socket/inetd/tcpserver/... der afvikler en separat instans af tlswrapper for hver TLS-forbindelse. Det sikrer, at en sårbarhed i koden (f.eks. en fejl i TLS-bibliotektet) ikke kan bruges til at kompromittere hukommelsen for en anden forbindelse.
Separat proces for netværksoforbindelse og for secret-key-operation
For at beskytte mod læk af hemmelig information til netværksforbindelsen (såsom Heartbleed) afvikler tlswrapper to uafhængige processer for hver TLS-forbindelse. En indeholder secret-keys og afvikler secret-keys-operationer og den anden kommunikerer med netværket. Processer kommunikerer med hinanden via Unix-datakanaler.
Privilegie-separation, filsystem-isolering, begrænsninger
Tlswrapper-processerne afvikles under dedikeret ikke-nul uid for at forhindre kill, ptrace, etc. Er chrootet i en tom, skrivebeskyttet mappe for at forhindre filsystemadgang. Sætter ulimits for at forhindre nye filer, sokler etc. Sætter ulimits for at forhindre forgreninger.
TLS-bibliotek
Tlswrapper bruger BearSSL-biblioteket, der kun implementerer sikre versioner af tLS-protokollen (TLS1.0 - TLS1.2). Og implementerer sikre og konstant-tid algoritmer.
Other Packages Related to tlswrapper
|
|
|
|
-
- dep: lib25519-1 (>= 0~20230630)
- Mikrobibliotek X25519/Ed25519 - delt bibliotek
-
- dep: libbearssl0 (>= 0.6) [amd64]
- BearSSL - shared libraries
- dep: libbearssl0 (>= 0.6+dfsg.1) [not amd64]
-
- dep: libc6 (>= 2.34) [not alpha, ia64, loong64, sh4]
- GNU C-bibliotek: Delte biblioteker
also a virtual package provided by libc6-udeb
- dep: libc6 (>= 2.41) [loong64, sh4]
-
- dep: libc6.1 (>= 2.34) [alpha]
- GNU C-bibliotek: Delte biblioteker
also a virtual package provided by libc6.1-udeb
- dep: libc6.1 (>= 2.37) [ia64]
-
- dep: librandombytes1 (>= 0~20230919) [not ia64]
- Library generating fresh randomness - shared library
Download tlswrapper
| Architecture | Version | Package Size | Installed Size | Files |
|---|---|---|---|---|
| alpha (unofficial port) | 0~20250201-2 | 49.6 kB | 205.0 kB | [list of files] |
| amd64 | 0~20250201-2 | 58.8 kB | 228.0 kB | [list of files] |
| arm64 | 0~20250201-2 | 50.0 kB | 203.0 kB | [list of files] |
| armel | 0~20250201-2 | 50.5 kB | 200.0 kB | [list of files] |
| armhf | 0~20250201-2 | 50.1 kB | 200.0 kB | [list of files] |
| hppa (unofficial port) | 0~20250201-2 | 57.2 kB | 218.0 kB | [list of files] |
| i386 | 0~20250201-2 | 52.5 kB | 184.0 kB | [list of files] |
| ia64 (unofficial port) | 0~20230101-2 | 59.4 kB | 274.0 kB | [list of files] |
| loong64 (unofficial port) | 0~20250201-2 | 47.8 kB | 203.0 kB | [list of files] |
| m68k (unofficial port) | 0~20250201-2 | 49.7 kB | 184.0 kB | [list of files] |
| mips64el | 0~20250201-2 | 51.1 kB | 213.0 kB | [list of files] |
| ppc64 (unofficial port) | 0~20250201-2 | 49.5 kB | 267.0 kB | [list of files] |
| ppc64el | 0~20250201-2 | 48.9 kB | 203.0 kB | [list of files] |
| riscv64 | 0~20250201-2 | 50.1 kB | 175.0 kB | [list of files] |
| s390x | 0~20250201-2 | 47.6 kB | 203.0 kB | [list of files] |
| sh4 (unofficial port) | 0~20250201-2 | 62.0 kB | 201.0 kB | [list of files] |
| sparc64 (unofficial port) | 0~20250201-2 | 43.5 kB | 1,103.0 kB | [list of files] |
| x32 (unofficial port) | 0~20250201-2 | 51.0 kB | 189.0 kB | [list of files] |