Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15434160
D17629.id42414.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
14 KB
Referenced Files
None
Subscribers
None
D17629.id42414.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -2810,6 +2810,7 @@
'PhabricatorFilesManagementEncodeWorkflow' => 'applications/files/management/PhabricatorFilesManagementEncodeWorkflow.php',
'PhabricatorFilesManagementEnginesWorkflow' => 'applications/files/management/PhabricatorFilesManagementEnginesWorkflow.php',
'PhabricatorFilesManagementGenerateKeyWorkflow' => 'applications/files/management/PhabricatorFilesManagementGenerateKeyWorkflow.php',
+ 'PhabricatorFilesManagementIntegrityWorkflow' => 'applications/files/management/PhabricatorFilesManagementIntegrityWorkflow.php',
'PhabricatorFilesManagementMigrateWorkflow' => 'applications/files/management/PhabricatorFilesManagementMigrateWorkflow.php',
'PhabricatorFilesManagementPurgeWorkflow' => 'applications/files/management/PhabricatorFilesManagementPurgeWorkflow.php',
'PhabricatorFilesManagementRebuildWorkflow' => 'applications/files/management/PhabricatorFilesManagementRebuildWorkflow.php',
@@ -7941,6 +7942,7 @@
'PhabricatorFilesManagementEncodeWorkflow' => 'PhabricatorFilesManagementWorkflow',
'PhabricatorFilesManagementEnginesWorkflow' => 'PhabricatorFilesManagementWorkflow',
'PhabricatorFilesManagementGenerateKeyWorkflow' => 'PhabricatorFilesManagementWorkflow',
+ 'PhabricatorFilesManagementIntegrityWorkflow' => 'PhabricatorFilesManagementWorkflow',
'PhabricatorFilesManagementMigrateWorkflow' => 'PhabricatorFilesManagementWorkflow',
'PhabricatorFilesManagementPurgeWorkflow' => 'PhabricatorFilesManagementWorkflow',
'PhabricatorFilesManagementRebuildWorkflow' => 'PhabricatorFilesManagementWorkflow',
diff --git a/src/applications/files/engine/PhabricatorFileStorageEngine.php b/src/applications/files/engine/PhabricatorFileStorageEngine.php
--- a/src/applications/files/engine/PhabricatorFileStorageEngine.php
+++ b/src/applications/files/engine/PhabricatorFileStorageEngine.php
@@ -336,7 +336,7 @@
$known_integrity = $file->getIntegrityHash();
if ($known_integrity !== null) {
$new_integrity = $this->newIntegrityHash($formatted_data, $format);
- if ($known_integrity !== $new_integrity) {
+ if (!phutil_hashes_are_identical($known_integrity, $new_integrity)) {
throw new PhabricatorFileIntegrityException(
pht(
'File data integrity check failed. Dark forces have corrupted '.
diff --git a/src/applications/files/management/PhabricatorFilesManagementIntegrityWorkflow.php b/src/applications/files/management/PhabricatorFilesManagementIntegrityWorkflow.php
new file mode 100644
--- /dev/null
+++ b/src/applications/files/management/PhabricatorFilesManagementIntegrityWorkflow.php
@@ -0,0 +1,325 @@
+<?php
+
+final class PhabricatorFilesManagementIntegrityWorkflow
+ extends PhabricatorFilesManagementWorkflow {
+
+ protected function didConstruct() {
+ $this
+ ->setName('integrity')
+ ->setSynopsis(pht('Verify or recalculate file integrity hashes.'))
+ ->setArguments(
+ array(
+ array(
+ 'name' => 'all',
+ 'help' => pht('Affect all files.'),
+ ),
+ array(
+ 'name' => 'strip',
+ 'help' => pht(
+ 'DANGEROUS. Strip integrity hashes from files. This makes '.
+ 'files vulnerable to corruption or tampering.'),
+ ),
+ array(
+ 'name' => 'corrupt',
+ 'help' => pht(
+ 'Corrupt integrity hashes for given files. This is intended '.
+ 'for debugging.'),
+ ),
+ array(
+ 'name' => 'compute',
+ 'help' => pht(
+ 'Compute and update integrity hashes for files which do not '.
+ 'yet have them.'),
+ ),
+ array(
+ 'name' => 'overwrite',
+ 'help' => pht(
+ 'DANGEROUS. Recompute and update integrity hashes, overwriting '.
+ 'invalid hashes. This may mark corrupt or dangerous files as '.
+ 'valid.'),
+ ),
+ array(
+ 'name' => 'force',
+ 'short' => 'f',
+ 'help' => pht(
+ 'Execute dangerous operations without prompting for '.
+ 'confirmation.'),
+ ),
+ array(
+ 'name' => 'names',
+ 'wildcard' => true,
+ ),
+ ));
+ }
+
+ public function execute(PhutilArgumentParser $args) {
+ $modes = array();
+
+ $is_strip = $args->getArg('strip');
+ if ($is_strip) {
+ $modes[] = 'strip';
+ }
+
+ $is_corrupt = $args->getArg('corrupt');
+ if ($is_corrupt) {
+ $modes[] = 'corrupt';
+ }
+
+ $is_compute = $args->getArg('compute');
+ if ($is_compute) {
+ $modes[] = 'compute';
+ }
+
+ $is_overwrite = $args->getArg('overwrite');
+ if ($is_overwrite) {
+ $modes[] = 'overwrite';
+ }
+
+ $is_verify = !$modes;
+ if ($is_verify) {
+ $modes[] = 'verify';
+ }
+
+ if (count($modes) > 1) {
+ throw new PhutilArgumentUsageException(
+ pht(
+ 'You have selected multiple operation modes (%s). Choose a '.
+ 'single mode to operate in.',
+ implode(', ', $modes)));
+ }
+
+ $is_force = $args->getArg('force');
+ if (!$is_force) {
+ $prompt = null;
+ if ($is_strip) {
+ $prompt = pht(
+ 'Stripping integrity hashes is dangerous and makes files '.
+ 'vulnerable to corruption or tampering.');
+ }
+
+ if ($is_corrupt) {
+ $prompt = pht(
+ 'Corrupting integrity hashes will prevent files from being '.
+ 'accessed. This mode is intended only for development and '.
+ 'debugging.');
+ }
+
+ if ($is_overwrite) {
+ $prompt = pht(
+ 'Overwriting integrity hashes is dangerous and may mark files '.
+ 'which have been corrupted or tampered with as safe.');
+ }
+
+ if ($prompt) {
+ $this->logWarn(pht('DANGEROUS'), $prompt);
+
+ if (!phutil_console_confirm(pht('Continue anyway?'))) {
+ throw new PhutilArgumentUsageException(pht('Aborted workflow.'));
+ }
+ }
+ }
+
+ $iterator = $this->buildIterator($args);
+ if (!$iterator) {
+ throw new PhutilArgumentUsageException(
+ pht(
+ 'Either specify a list of files to affect, or use "--all" to '.
+ 'affect all files.'));
+ }
+
+ $failure_count = 0;
+ $total_count = 0;
+
+ foreach ($iterator as $file) {
+ $total_count++;
+ $display_name = $file->getMonogram();
+
+ $old_hash = $file->getIntegrityHash();
+
+ if ($is_strip) {
+ if ($old_hash === null) {
+ $this->logInfo(
+ pht('SKIPPED'),
+ pht(
+ 'File "%s" does not have an integrity hash to strip.',
+ $display_name));
+ } else {
+ $file
+ ->setIntegrityHash(null)
+ ->save();
+
+ $this->logWarn(
+ pht('STRIPPED'),
+ pht(
+ 'Stripped integrity hash for "%s".',
+ $display_name));
+ }
+
+ continue;
+ }
+
+ $need_hash = ($is_verify && $old_hash) ||
+ ($is_compute && ($old_hash === null)) ||
+ ($is_corrupt) ||
+ ($is_overwrite);
+ if ($need_hash) {
+ try {
+ $new_hash = $file->newIntegrityHash();
+ } catch (Exception $ex) {
+ $failure_count++;
+
+ $this->logFail(
+ pht('ERROR'),
+ pht(
+ 'Unable to compute integrity hash for file "%s": %s',
+ $display_name,
+ $ex->getMessage()));
+
+ continue;
+ }
+ } else {
+ $new_hash = null;
+ }
+
+ // NOTE: When running in "corrupt" mode, we only corrupt the hash if
+ // we're able to compute a valid hash. Some files, like chunked files,
+ // do not support integrity hashing so corrupting them would create an
+ // unusual state.
+
+ if ($is_corrupt) {
+ if ($new_hash === null) {
+ $this->logInfo(
+ pht('IGNORED'),
+ pht(
+ 'Storage for file "%s" does not support integrity hashing.',
+ $display_name));
+ } else {
+ $file
+ ->setIntegrityHash('<corrupted>')
+ ->save();
+
+ $this->logWarn(
+ pht('CORRUPTED'),
+ pht(
+ 'Corrupted integrity hash for file "%s".',
+ $display_name));
+ }
+
+ continue;
+ }
+
+ if ($is_verify) {
+ if ($old_hash === null) {
+ $this->logInfo(
+ pht('NONE'),
+ pht(
+ 'File "%s" has no stored integrity hash.',
+ $display_name));
+ } else if ($new_hash === null) {
+ $failure_count++;
+
+ $this->logWarn(
+ pht('UNEXPECTED'),
+ pht(
+ 'Storage for file "%s" does not support integrity hashing, '.
+ 'but the file has an integrity hash.',
+ $display_name));
+ } else if (phutil_hashes_are_identical($old_hash, $new_hash)) {
+ $this->logOkay(
+ pht('VALID'),
+ pht(
+ 'File "%s" has a valid integrity hash.',
+ $display_name));
+ } else {
+ $failure_count++;
+
+ $this->logFail(
+ pht('MISMATCH'),
+ pht(
+ 'File "%s" has an invalid integrity hash!',
+ $display_name));
+ }
+
+ continue;
+ }
+
+ if ($is_compute) {
+ if ($old_hash !== null) {
+ $this->logInfo(
+ pht('SKIP'),
+ pht(
+ 'File "%s" already has an integrity hash.',
+ $display_name));
+ } else if ($new_hash === null) {
+ $this->logInfo(
+ pht('IGNORED'),
+ pht(
+ 'Storage for file "%s" does not support integrity hashing.',
+ $display_name));
+ } else {
+ $file
+ ->setIntegrityHash($new_hash)
+ ->save();
+
+ $this->logOkay(
+ pht('COMPUTE'),
+ pht(
+ 'Computed and stored integrity hash for file "%s".',
+ $display_name));
+ }
+
+ continue;
+ }
+
+ if ($is_overwrite) {
+ $same_hash = ($old_hash !== null) &&
+ ($new_hash !== null) &&
+ phutil_hashes_are_identical($old_hash, $new_hash);
+
+ if ($new_hash === null) {
+ $this->logInfo(
+ pht('IGNORED'),
+ pht(
+ 'Storage for file "%s" does not support integrity hashing.',
+ $display_name));
+ } else if ($same_hash) {
+ $this->logInfo(
+ pht('UNCHANGED'),
+ pht(
+ 'File "%s" already has the correct integrity hash.',
+ $display_name));
+ } else {
+ $file
+ ->setIntegrityHash($new_hash)
+ ->save();
+
+ $this->logOkay(
+ pht('OVERWRITE'),
+ pht(
+ 'Overwrote integrity hash for file "%s".',
+ $display_name));
+ }
+
+ continue;
+ }
+ }
+
+ if ($failure_count) {
+ $this->logFail(
+ pht('FAIL'),
+ pht(
+ 'Processed %s file(s), encountered %s error(s).',
+ new PhutilNumber($total_count),
+ new PhutilNumber($failure_count)));
+ } else {
+ $this->logOkay(
+ pht('DONE'),
+ pht(
+ 'Processed %s file(s) with no errors.',
+ new PhutilNumber($total_count)));
+ }
+
+ return 0;
+ }
+
+}
diff --git a/src/applications/files/storage/PhabricatorFile.php b/src/applications/files/storage/PhabricatorFile.php
--- a/src/applications/files/storage/PhabricatorFile.php
+++ b/src/applications/files/storage/PhabricatorFile.php
@@ -493,9 +493,7 @@
$engine_class = get_class($engine);
- $key = $this->getStorageFormat();
- $format = id(clone PhabricatorFileStorageFormat::requireFormat($key))
- ->setFile($this);
+ $format = $this->newStorageFormat();
$data_iterator = array($data);
$formatted_iterator = $format->newWriteIterator($data_iterator);
@@ -756,9 +754,7 @@
public function getFileDataIterator($begin = null, $end = null) {
$engine = $this->instantiateStorageEngine();
- $key = $this->getStorageFormat();
- $format = id(clone PhabricatorFileStorageFormat::requireFormat($key))
- ->setFile($this);
+ $format = $this->newStorageFormat();
$iterator = $engine->getRawFileDataIterator(
$this,
@@ -1238,6 +1234,21 @@
return idx($this->metadata, self::METADATA_INTEGRITY);
}
+ public function newIntegrityHash() {
+ $engine = $this->instantiateStorageEngine();
+
+ if ($engine->isChunkEngine()) {
+ return null;
+ }
+
+ $format = $this->newStorageFormat();
+
+ $storage_handle = $this->getStorageHandle();
+ $data = $engine->readFile($storage_handle);
+
+ return $engine->newIntegrityHash($data, $format);
+ }
+
/**
* Write the policy edge between this file and some object.
*
@@ -1406,6 +1417,16 @@
return $this->assertAttachedKey($this->transforms, $key);
}
+ public function newStorageFormat() {
+ $key = $this->getStorageFormat();
+ $template = PhabricatorFileStorageFormat::requireFormat($key);
+
+ $format = id(clone $template)
+ ->setFile($this);
+
+ return $format;
+ }
+
/* -( PhabricatorApplicationTransactionInterface )------------------------- */
diff --git a/src/infrastructure/management/PhabricatorManagementWorkflow.php b/src/infrastructure/management/PhabricatorManagementWorkflow.php
--- a/src/infrastructure/management/PhabricatorManagementWorkflow.php
+++ b/src/infrastructure/management/PhabricatorManagementWorkflow.php
@@ -31,4 +31,40 @@
PhabricatorConsoleContentSource::SOURCECONST);
}
+ protected function logInfo($label, $message) {
+ $this->logRaw(
+ tsprintf(
+ "**<bg:blue> %s </bg>** %s\n",
+ $label,
+ $message));
+ }
+
+ protected function logOkay($label, $message) {
+ $this->logRaw(
+ tsprintf(
+ "**<bg:green> %s </bg>** %s\n",
+ $label,
+ $message));
+ }
+
+ protected function logWarn($label, $message) {
+ $this->logRaw(
+ tsprintf(
+ "**<bg:yellow> %s </bg>** %s\n",
+ $label,
+ $message));
+ }
+
+ protected function logFail($label, $message) {
+ $this->logRaw(
+ tsprintf(
+ "**<bg:red> %s </bg>** %s\n",
+ $label,
+ $message));
+ }
+
+ private function logRaw($message) {
+ fprintf(STDERR, '%s', $message);
+ }
+
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Mar 26, 2:20 AM (1 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7705747
Default Alt Text
D17629.id42414.diff (14 KB)
Attached To
Mode
D17629: Provide "bin/files integrity" for debugging, maintaining and backfilling integrity hashes
Attached
Detach File
Event Timeline
Log In to Comment