Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15431325
D18899.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D18899.diff
View Options
diff --git a/resources/sql/autopatches/20140218.passwords.4.vcs.php b/resources/sql/autopatches/20140218.passwords.4.vcs.php
--- a/resources/sql/autopatches/20140218.passwords.4.vcs.php
+++ b/resources/sql/autopatches/20140218.passwords.4.vcs.php
@@ -1,27 +1,13 @@
<?php
-$table = new PhabricatorRepositoryVCSPassword();
-$conn_w = $table->establishConnection('w');
+// This migration once upgraded VCS password hashing, but the table was
+// later removed in 2018 (see T13043).
-echo pht('Upgrading password hashing for VCS passwords.')."\n";
+// Since almost four years have passed since this migration, the cost of
+// losing this data is very small (users just need to reset their passwords),
+// and a version of this migration against the modern schema isn't easy to
+// implement or test, just skip the migration.
-$best_hasher = PhabricatorPasswordHasher::getBestHasher();
-foreach (new LiskMigrationIterator($table) as $password) {
- $id = $password->getID();
-
- echo pht('Migrating VCS password %d...', $id)."\n";
-
- $input_hash = $password->getPasswordHash();
- $input_envelope = new PhutilOpaqueEnvelope($input_hash);
-
- $storage_hash = $best_hasher->getPasswordHashForStorage($input_envelope);
-
- queryfx(
- $conn_w,
- 'UPDATE %T SET passwordHash = %s WHERE id = %d',
- $table->getTableName(),
- $storage_hash->openEnvelope(),
- $id);
-}
-
-echo pht('Done.')."\n";
+// This means that installs which upgrade from a version of Phabricator
+// released prior to Feb 2014 to a version of Phabricator relased after
+// Jan 2018 will need to have users reset VCS passwords.
diff --git a/resources/sql/autopatches/20180121.auth.01.vcsnuke.sql b/resources/sql/autopatches/20180121.auth.01.vcsnuke.sql
new file mode 100644
--- /dev/null
+++ b/resources/sql/autopatches/20180121.auth.01.vcsnuke.sql
@@ -0,0 +1 @@
+DROP TABLE {$NAMESPACE}_repository.repository_vcspassword;
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -3944,7 +3944,6 @@
'PhabricatorRepositoryURITestCase' => 'applications/repository/storage/__tests__/PhabricatorRepositoryURITestCase.php',
'PhabricatorRepositoryURITransaction' => 'applications/repository/storage/PhabricatorRepositoryURITransaction.php',
'PhabricatorRepositoryURITransactionQuery' => 'applications/repository/query/PhabricatorRepositoryURITransactionQuery.php',
- 'PhabricatorRepositoryVCSPassword' => 'applications/repository/storage/PhabricatorRepositoryVCSPassword.php',
'PhabricatorRepositoryWorkingCopyVersion' => 'applications/repository/storage/PhabricatorRepositoryWorkingCopyVersion.php',
'PhabricatorRequestExceptionHandler' => 'aphront/handler/PhabricatorRequestExceptionHandler.php',
'PhabricatorResourceSite' => 'aphront/site/PhabricatorResourceSite.php',
@@ -9593,7 +9592,6 @@
'PhabricatorRepositoryURITestCase' => 'PhabricatorTestCase',
'PhabricatorRepositoryURITransaction' => 'PhabricatorApplicationTransaction',
'PhabricatorRepositoryURITransactionQuery' => 'PhabricatorApplicationTransactionQuery',
- 'PhabricatorRepositoryVCSPassword' => 'PhabricatorRepositoryDAO',
'PhabricatorRepositoryWorkingCopyVersion' => 'PhabricatorRepositoryDAO',
'PhabricatorRequestExceptionHandler' => 'AphrontRequestExceptionHandler',
'PhabricatorResourceSite' => 'PhabricatorSite',
diff --git a/src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php b/src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php
deleted file mode 100644
--- a/src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php
+++ /dev/null
@@ -1,60 +0,0 @@
-<?php
-
-final class PhabricatorRepositoryVCSPassword extends PhabricatorRepositoryDAO {
-
- protected $id;
- protected $userPHID;
- protected $passwordHash;
-
- protected function getConfiguration() {
- return array(
- self::CONFIG_COLUMN_SCHEMA => array(
- 'passwordHash' => 'text128',
- ),
- self::CONFIG_KEY_SCHEMA => array(
- 'key_phid' => array(
- 'columns' => array('userPHID'),
- 'unique' => true,
- ),
- ),
- ) + parent::getConfiguration();
- }
-
- public function setPassword(
- PhutilOpaqueEnvelope $password,
- PhabricatorUser $user) {
- $hash_envelope = $this->hashPassword($password, $user);
- return $this->setPasswordHash($hash_envelope->openEnvelope());
- }
-
- public function comparePassword(
- PhutilOpaqueEnvelope $password,
- PhabricatorUser $user) {
-
- return PhabricatorPasswordHasher::comparePassword(
- $this->getPasswordHashInput($password, $user),
- new PhutilOpaqueEnvelope($this->getPasswordHash()));
- }
-
- private function getPasswordHashInput(
- PhutilOpaqueEnvelope $password,
- PhabricatorUser $user) {
- if ($user->getPHID() != $this->getUserPHID()) {
- throw new Exception(pht('User does not match password user PHID!'));
- }
-
- $raw_input = PhabricatorHash::digestPassword($password, $user->getPHID());
- return new PhutilOpaqueEnvelope($raw_input);
- }
-
- private function hashPassword(
- PhutilOpaqueEnvelope $password,
- PhabricatorUser $user) {
-
- $input_envelope = $this->getPasswordHashInput($password, $user);
-
- $best_hasher = PhabricatorPasswordHasher::getBestHasher();
- return $best_hasher->getPasswordHashForStorage($input_envelope);
- }
-
-}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Tue, Mar 25, 11:45 AM (2 w, 4 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7713609
Default Alt Text
D18899.diff (5 KB)
Attached To
Mode
D18899: Remove the "PhabricatorRepositoryVCSPassword" class and table
Attached
Detach File
Event Timeline
Log In to Comment