Page MenuHomePhabricator

Upgrade object reply addresses to SHA256 and remove "phabricator.mail-key"
ClosedPublic

Authored by epriestley on Jan 3 2019, 1:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 16, 1:28 PM
Unknown Object (File)
Fri, Dec 13, 12:38 AM
Unknown Object (File)
Dec 5 2024, 9:55 PM
Unknown Object (File)
Nov 28 2024, 4:42 PM
Unknown Object (File)
Nov 28 2024, 4:42 PM
Unknown Object (File)
Nov 28 2024, 4:28 PM
Unknown Object (File)
Nov 25 2024, 11:19 PM
Unknown Object (File)
Nov 24 2024, 12:05 AM
Subscribers
None

Details

Summary

Ref T12509.

  • Upgrade an old SHA1 to SHA256.
  • Replace an old manually configurable HMAC key with an automatically generated one.

This is generally both simpler (less configuration) and more secure (you now get a unique value automatically).

This causes a one-time compatibility break that invalidates old "Reply-To" addresses. I'll note this in the changelog.

If you leaked a bunch of addresses, you could force a change here by mucking around with phabricator_auth.auth_hmackey, but AFAIK no one has ever used this value to react to any sort of security issue.

(I'll note the possibility that we might want to provide/document this "manually force HMAC keys to regenerate" stuff some day in T6994.)

Test Plan

Grepped for removed config. I'll vet this pathway more heavily in upcoming changes.

Diff Detail

Repository
rP Phabricator
Branch
mfa5
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 21469
Build 29240: Run Core Tests
Build 29239: arc lint + arc unit