profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/JoaoAndreSa/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Joao Andre Gomes de Sa Sousa JoaoAndreSa

ldsec/drynx 26

Decentralized, Secure, Verifiable System for Statistical Queries and Machine Learning on Distributed Datasets

ga4gh/approval-tracker 2

GitHub repository for tracking the progress of specification approval

JoaoAndreSa/XPIR-iDash 1

New approach to XPIR

hhcho/lattigo 0

A library for lattice-based homomorphic encryption in Go

push eventldsec/lattigo

Joao Sa Sousa

commit sha 1669ac68154f7c71d8485320cefbd9af6380a15e

Added changes to MPC-core to allow for 256Elem

view details

push time in 9 days

push eventldsec/medco

Romain Bouyé

commit sha 283fdd98680555b5fb414e1d1143efe5d7489a02

Update nginx version to 1.20.1 for security (CVE-2021-23017)

view details

Francesco Marino

commit sha ce468cf840ba77c5b378f5a69ec5fc445558ef63

Merge pull request #119 from ldsec/nginx-security-update Update nginx version to 1.20.1 for security (CVE-2021-23017)

view details

Francesco Marino

commit sha 592fb5dcfbe624b4298d31edfb33cca677365145

fixed search api

view details

nfreundl

commit sha 70925f4cacb85a64b2d78eb8cc10f6fc6aab07d9

Merge pull request #120 from ldsec/searchbox-api Fixes to search API

view details

Joao Andre Gomes de Sa Sousa

commit sha f83cf4e4950c5d3a75ab6489535be5cb1d205fc3

Merge branch 'dev' into unlynxReverse

view details

push time in 14 days

created tagldsec/unlynx

tagv1.4.3

A decentralized privacy-preserving data sharing tool

created time in 17 days

release ldsec/unlynx

v1.4.3

released time in 17 days

push eventldsec/unlynx

Joao Andre Gomes de Sa Sousa

commit sha 7d1462076ab6a4b8298b51cf3cf16521ea28babb

Merge pull request #49 from ldsec/dev From PR #48: Aggregation with different sizes

view details

Joao Andre Gomes de Sa Sousa

commit sha c33e231f10caeb7ea9d58d0bc036d55955aa8461

Update README.md

view details

Joao Andre Gomes de Sa Sousa

commit sha 14115765082cbc4c982f3f4c5dff220104525fb4

Update README.md

view details

Joao Andre Gomes de Sa Sousa

commit sha f090128c8c75d28268c99a862e6b91507d1ea0de

Update README.md

view details

Joao Andre Gomes de Sa Sousa

commit sha 684cbb2f847db755d279ac5b98a5262f34be6c4c

Update README.md

view details

Joao Sa Sousa

commit sha e12e031c0c170cb464b80c70b03a025316f6a5ea

Test with go 1.17.x

view details

Joao Andre Gomes de Sa Sousa

commit sha 6257e5a7ede3ca1ad114664c06cf200106207691

Merge pull request #50 from ldsec/go1.17 Test with go 1.17.x

view details

Joao Sa Sousa

commit sha a2bb1bd67ed6089980e0c319f1f3aa335393eb63

go mod tidy to fix gorilla/websocket 1.4.1 version vulnerabilites

view details

Joao Andre Gomes de Sa Sousa

commit sha f001a0b6e97df3972334bab492e5c8a99d7a8694

Merge pull request #51 from ldsec/fixVulnerabilities Fix security vulnerabilites

view details

push time in 17 days

delete branch ldsec/unlynx

delete branch : fixVulnerabilities

delete time in 17 days

push eventldsec/unlynx

Joao Sa Sousa

commit sha a2bb1bd67ed6089980e0c319f1f3aa335393eb63

go mod tidy to fix gorilla/websocket 1.4.1 version vulnerabilites

view details

Joao Andre Gomes de Sa Sousa

commit sha f001a0b6e97df3972334bab492e5c8a99d7a8694

Merge pull request #51 from ldsec/fixVulnerabilities Fix security vulnerabilites

view details

push time in 17 days

PR merged ldsec/unlynx

Fix security vulnerabilites
+25 -93

0 comment

2 changed files

JoaoAndreSa

pr closed time in 17 days

PR opened ldsec/unlynx

Fix security vulnerabilites
+25 -93

0 comment

2 changed files

pr created time in 19 days

create barnchldsec/unlynx

branch : fixVulnerabilities

created branch time in 19 days

delete branch ldsec/unlynx

delete branch : go1.17

delete time in 19 days

push eventldsec/unlynx

Joao Sa Sousa

commit sha e12e031c0c170cb464b80c70b03a025316f6a5ea

Test with go 1.17.x

view details

Joao Andre Gomes de Sa Sousa

commit sha 6257e5a7ede3ca1ad114664c06cf200106207691

Merge pull request #50 from ldsec/go1.17 Test with go 1.17.x

view details

push time in 19 days

PR merged ldsec/unlynx

Test with go 1.17.x

Tested with new version of go 1.17.1 and updated all modules.

+59 -14

0 comment

2 changed files

JoaoAndreSa

pr closed time in 19 days

PR opened ldsec/unlynx

Test with go 1.17.x

Tested with new version of go 1.17.1 and updated all modules.

+59 -14

0 comment

2 changed files

pr created time in 19 days

create barnchldsec/unlynx

branch : go1.17

created branch time in 19 days

Pull request review commentldsec/medco

Unlynx behind reverse-proxy

 set -Eeuo pipefail # apply configuration from environment variables pushd /etc/nginx/conf.d/ +# append stream directive to default configuration of nginx

done in 17410da

JoaoAndreSa

comment created time in 19 days

PullRequestReviewEvent

Pull request review commentldsec/medco

Unlynx behind reverse-proxy

 set -Eeuo pipefail # apply configuration from environment variables pushd /etc/nginx/conf.d/ +# append stream directive to default configuration of nginx+if [[ ${PROD_CONFIG} == "false" ]]; then+  envsubst '${MEDCO_NODE_IDX} ${UNLYNX_PORT_0} ${UNLYNX_PORT_1}' < nginx.conf.template > ../nginx.conf

ok I did it using this include directive that I add directly at the top of nginx.conf. 17410da

JoaoAndreSa

comment created time in 19 days

PullRequestReviewEvent

push eventldsec/medco

Joao Sa Sousa

commit sha 17410da45855839a16f801587a6525d02ecd0feb

Configure nginx.conf with stream using include directive + refactor

view details

push time in 19 days

Pull request review commentldsec/medco

Unlynx behind reverse-proxy

 services:       context: ../       dockerfile: build/package/medco/Dockerfile     command: medco-unlynx-    ports:

done in 830c135

JoaoAndreSa

comment created time in 19 days

PullRequestReviewEvent

push eventldsec/medco

Joao Sa Sousa

commit sha 830c135b8e21fb34dd89069ec31a804e5532aedf

One single nginx for dev-local and test-local & port information in docker-compose

view details

push time in 19 days

Pull request review commentldsec/medco

Unlynx behind reverse-proxy

 openssl x509 -req -days 3650 -in "${CONF_FOLDER}/certificate.csr" -signkey "${CO     -out "${CONF_FOLDER}/certificate.crt" -extensions v3_req -extfile "${SCRIPT_FOLDER}/openssl.cnf" cp "${CONF_FOLDER}/certificate.crt" "${CONF_FOLDER}/srv${NODE_IDX}-certificate.crt" rm "${SCRIPT_FOLDER}/openssl.cnf"-echo "### Certificate generated!"+echo "### Self-signed certificate generated!"++elif [[ $response =~ ^([nN])$ ]]; then++# ===================== HTTPS cert ==========================+read -rp "Full path to *.crt: " path_crt

done in 40a4a7a

JoaoAndreSa

comment created time in 19 days

PullRequestReviewEvent

push eventldsec/medco

Joao Sa Sousa

commit sha 40a4a7aad821e0fbf67f76ff911c5852e8d98d7a

Change inputs for step1.sh and step2.sh to include new *.crt and *.key

view details

push time in 19 days

pull request commentldsec/medco

Unlynx behind reverse-proxy

So I have some doubts over how the nginx is done with these changes, notably for the profiles test-local and dev-local. The docker services nginx-srvX will mount the same nginx config directory from build/package/nginx/conf.d (defined in docker-compose-definitions.yml). Which means that having multiple nginx running on the same server, they will all share this configuration folder at the runtime.

I think trouble is to be expected with this setup. One issue I already see is that the template config file containing the port numbers is the same for all 3 instances of nginx. At start time the template will be evaluated to write the config files, and which is taken into account for which container is probably random. It works probably because the unlynx instances actually ignore nginx and just talk together, but then it means the changes to those profiles are not useful.

What could probably make sense is to forget using this nginx proxy for unlynx in the dev-local and test-local deployment profiles, and only set it up for the network deployments. This would allow keeping a single nginx instance no matter the number of nodes. Otherwise, a refactor of how the nginx configuration is done may be needed.

One thing that I can do is to keep only one instance of nginx that acts as a reverse proxy for node 0 (much like it was before, but wrapping unlynx too). For the other two nodes they communicate directly between them. Do you think it's better like this @mickmis ?

JoaoAndreSa

comment created time in 20 days

pull request commentldsec/medco

Unlynx behind reverse-proxy

TODOS:

  • [ ] Receive *.crt and *.key directly as parameter of step1.sh
  • [ ] Re-add medco-unlynx ports (just to give an idea....)
  • [ ] Configure nginx.conf with stream without copying the file
  • [ ] Merge append-stream to the other block in the entrypoint
JoaoAndreSa

comment created time in 20 days

PullRequestReviewEvent

Pull request review commentldsec/medco

Unlynx behind reverse-proxy

 openssl x509 -req -days 3650 -in "${CONF_FOLDER}/certificate.csr" -signkey "${CO     -out "${CONF_FOLDER}/certificate.crt" -extensions v3_req -extfile "${SCRIPT_FOLDER}/openssl.cnf" cp "${CONF_FOLDER}/certificate.crt" "${CONF_FOLDER}/srv${NODE_IDX}-certificate.crt" rm "${SCRIPT_FOLDER}/openssl.cnf"-echo "### Certificate generated!"+echo "### Self-signed certificate generated!"++elif [[ $response =~ ^([nN])$ ]]; then++# ===================== HTTPS cert ==========================+read -rp "Full path to *.crt: " path_crt

Ok I can do this

JoaoAndreSa

comment created time in 20 days