Page MenuHomePhabricator
Files F18569053

D19945.id47615.diff
No OneTemporary
Actions

D19945.id47615.diff
View Options

diff --git a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
--- a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
+++ b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
@@ -385,6 +385,9 @@
'Mail thread IDs are now generated automatically.'),
'metamta.placeholder-to-recipient' => pht(
'Placeholder recipients are now generated automatically.'),
+
+ 'metamta.mail-key' => pht(
+ 'Mail object address hash keys are now generated automatically.'),
);
return $ancient_config;
diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -169,20 +169,6 @@
'in a vague, mostly theoretical way. But it will take you like 3 '.
'seconds of mashing on your keyboard to set it up so you might '.
'as well.')),
- $this->newOption(
- 'phabricator.mail-key',
- 'string',
- '5ce3e7e8787f6e40dfae861da315a5cdf1018f12')
- ->setHidden(true)
- ->setSummary(
- pht('Hashed with other inputs to generate mail tokens.'))
- ->setDescription(
- pht(
- "This is hashed with other inputs to generate mail tokens. If ".
- "you want, you can change it to some other string which is ".
- "unique to your install. In particular, you will want to do ".
- "this if you accidentally send a bunch of mail somewhere you ".
- "shouldn't have, to invalidate all old reply-to addresses.")),
$this->newOption(
'uri.allowed-protocols',
'set',
diff --git a/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php b/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
--- a/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
+++ b/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
@@ -200,9 +200,9 @@
}
public static function computeMailHash($mail_key, $phid) {
- $global_mail_key = PhabricatorEnv::getEnvConfig('phabricator.mail-key');
-
- $hash = PhabricatorHash::weakDigest($mail_key.$global_mail_key.$phid);
+ $hash = PhabricatorHash::digestWithNamedKey(
+ $mail_key.$phid,
+ 'mail.object-address-key');
return substr($hash, 0, 16);
}
diff --git a/src/docs/user/configuration/configuring_inbound_email.diviner b/src/docs/user/configuration/configuring_inbound_email.diviner
--- a/src/docs/user/configuration/configuring_inbound_email.diviner
+++ b/src/docs/user/configuration/configuring_inbound_email.diviner
@@ -79,9 +79,6 @@
project and need to interact with users whose email accounts you have no control
over).
-If you leak a bunch of reply-to addresses by accident, you can change
-`phabricator.mail-key` in your configuration to invalidate all the old hashes.
-
You can also set `metamta.public-replies`, which will change how Phabricator
delivers email. Instead of sending each recipient a unique mail with a personal
reply-to address, it will send a single email to everyone with a public reply-to

File Metadata

Mime Type
text/plain
Expires
Sep 11 2025, 12:57 AM (5 w, 4 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
8335633
Default Alt Text
D19945.id47615.diff (3 KB)

Event Timeline

Phabricator · Built by Phacility