From: Brian Warner Date: Mon, 24 Mar 2008 20:39:51 +0000 (-0700) Subject: disable plaintext hashes in shares, but leave a switch to turn it back on X-Git-Tag: allmydata-tahoe-1.0.0~11 X-Git-Url: https://git.rkrishnan.org/pf/content/en/service/module-simplejson.encoder.html?a=commitdiff_plain;h=1e097766c9b4c8734a311bc09c5360e8550876a4;p=tahoe-lafs%2Ftahoe-lafs.git disable plaintext hashes in shares, but leave a switch to turn it back on --- diff --git a/src/allmydata/encode.py b/src/allmydata/encode.py index a815a5d7..2a95cabb 100644 --- a/src/allmydata/encode.py +++ b/src/allmydata/encode.py @@ -74,6 +74,7 @@ PiB=1024*TiB class Encoder(object): implements(IEncoder) + USE_PLAINTEXT_HASHES = False def __init__(self, log_parent=None, upload_status=None): object.__init__(self) @@ -239,8 +240,9 @@ class Encoder(object): d.addCallback(lambda res: self.finish_hashing()) - d.addCallback(lambda res: - self.send_plaintext_hash_tree_to_all_shareholders()) + if self.USE_PLAINTEXT_HASHES: + d.addCallback(lambda res: + self.send_plaintext_hash_tree_to_all_shareholders()) d.addCallback(lambda res: self.send_crypttext_hash_tree_to_all_shareholders()) d.addCallback(lambda res: self.send_all_subshare_hash_trees()) @@ -512,19 +514,21 @@ class Encoder(object): self.set_encode_and_push_progress(extra=0.0) crypttext_hash = self._crypttext_hasher.digest() self.uri_extension_data["crypttext_hash"] = crypttext_hash - d = self._uploadable.get_plaintext_hash() - def _got(plaintext_hash): - self.uri_extension_data["plaintext_hash"] = plaintext_hash - return self._uploadable.get_plaintext_hashtree_leaves(0, self.num_segments, self.num_segments) - d.addCallback(_got) - def _got_hashtree_leaves(leaves): - self.log("Encoder: got plaintext_hashtree_leaves: %s" % - (",".join([base32.b2a(h) for h in leaves]),), - level=log.NOISY) - ht = list(HashTree(list(leaves))) - self.uri_extension_data["plaintext_root_hash"] = ht[0] - self._plaintext_hashtree_nodes = ht - d.addCallback(_got_hashtree_leaves) + d = defer.succeed(None) + if self.USE_PLAINTEXT_HASHES: + d.addCallback(lambda res: self._uploadable.get_plaintext_hash()) + def _got(plaintext_hash): + self.uri_extension_data["plaintext_hash"] = plaintext_hash + return self._uploadable.get_plaintext_hashtree_leaves(0, self.num_segments, self.num_segments) + d.addCallback(_got) + def _got_hashtree_leaves(leaves): + self.log("Encoder: got plaintext_hashtree_leaves: %s" % + (",".join([base32.b2a(h) for h in leaves]),), + level=log.NOISY) + ht = list(HashTree(list(leaves))) + self.uri_extension_data["plaintext_root_hash"] = ht[0] + self._plaintext_hashtree_nodes = ht + d.addCallback(_got_hashtree_leaves) d.addCallback(lambda res: self._uploadable.close()) return d @@ -630,9 +634,12 @@ class Encoder(object): self.set_status("Sending URI Extensions") self.set_encode_and_push_progress(extra=0.8) for k in ('crypttext_root_hash', 'crypttext_hash', - 'plaintext_root_hash', 'plaintext_hash', ): assert k in self.uri_extension_data + if self.USE_PLAINTEXT_HASHES: + for k in ('plaintext_root_hash', 'plaintext_hash', + ): + assert k in self.uri_extension_data uri_extension = uri.pack_extension(self.uri_extension_data) ed = {} for k,v in self.uri_extension_data.items(): diff --git a/src/allmydata/test/test_encode.py b/src/allmydata/test/test_encode.py index 67b7e15b..cf2ab20b 100644 --- a/src/allmydata/test/test_encode.py +++ b/src/allmydata/test/test_encode.py @@ -521,7 +521,7 @@ class Roundtrip(unittest.TestCase): d.addCallback(self.assertFetchFailureIn, "uri_extension") return d - def test_bad_plaintext_hashroot(self): + def OFF_test_bad_plaintext_hashroot(self): # the first server has a bad plaintext hashroot, so we will fail over # to a different server. modemap = dict([(i, "bad plaintext hashroot") for i in range(1)] + @@ -539,7 +539,7 @@ class Roundtrip(unittest.TestCase): d.addCallback(self.assertFetchFailureIn, "crypttext_hashroot") return d - def test_bad_plaintext_hashes(self): + def OFF_test_bad_plaintext_hashes(self): # the first server has a bad plaintext hash block, so we will fail # over to a different server. modemap = dict([(i, "bad plaintext hash") for i in range(1)] + @@ -576,7 +576,7 @@ class Roundtrip(unittest.TestCase): return d - def test_bad_plaintext(self): + def OFF_test_bad_plaintext(self): # faking a decryption failure is easier: just corrupt the key modemap = dict([(i, "good") for i in range(0, 10)]) d = self.send_and_recover((4,8,10), bucket_modes=modemap, diff --git a/src/allmydata/test/test_system.py b/src/allmydata/test/test_system.py index 3fa9441e..6800bab5 100644 --- a/src/allmydata/test/test_system.py +++ b/src/allmydata/test/test_system.py @@ -1303,7 +1303,7 @@ class SystemTest(testutil.SignalMixin, testutil.PollMixin, unittest.TestCase): for key in ("size", "num_segments", "segment_size", "needed_shares", "total_shares", "codec_name", "codec_params", "tail_codec_params", - "plaintext_hash", "plaintext_root_hash", + #"plaintext_hash", "plaintext_root_hash", "crypttext_hash", "crypttext_root_hash", "share_root_hash", "UEB_hash"): self.failUnless("%s: " % key in output, key)