[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] gzz/lava gzz/storm/BlockId.java gzz/storm/Block...
From: |
Benja Fallenstein |
Subject: |
[Gzz-commits] gzz/lava gzz/storm/BlockId.java gzz/storm/Block... |
Date: |
Sat, 16 Nov 2002 00:03:41 -0500 |
CVSROOT: /cvsroot/gzz
Module name: gzz
Changes by: Benja Fallenstein <address@hidden> 02/11/16 00:03:40
Modified files:
lava/gzz/storm : BlockId.java BlockOutputStream.java
lava/gzz/storm/impl: DirPool.java
lava/test/gzz/storm/impl: DirPool.test
Log message:
Check ids when reading in files
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/BlockId.java.diff?tr1=1.3&tr2=1.4&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/BlockOutputStream.java.diff?tr1=1.8&tr2=1.9&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/impl/DirPool.java.diff?tr1=1.9&tr2=1.10&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/test/gzz/storm/impl/DirPool.test.diff?tr1=1.5&tr2=1.6&r1=text&r2=text
Patches:
Index: gzz/lava/gzz/storm/BlockId.java
diff -u gzz/lava/gzz/storm/BlockId.java:1.3 gzz/lava/gzz/storm/BlockId.java:1.4
--- gzz/lava/gzz/storm/BlockId.java:1.3 Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/BlockId.java Sat Nov 16 00:03:40 2002
@@ -29,6 +29,10 @@
private static String PREFIX = "storm:block:";
private static int PREFIX_LEN = PREFIX.length();
+ public static class WrongIdException extends IOException {
+ public WrongIdException(String s) { super(s); }
+ }
+
private byte[] bytes;
private String uri;
@@ -64,14 +68,33 @@
* underlying input stream, but at the same time puts the data
* into a <code>MessageDigest</code> object to generate its
* hash. When <code>close()</code> is called, the stream checks
- * whether the hash matches this id, and throws an exception
- * if it doesn't.
+ * whether the hash matches this id, and throws a
+ * <code>WrongIdException</code> if it doesn't.
* <p>
* <strong>Do not forget to call <code>close()</code>!</strong>
*/
public InputStream getCheckedInputStream(InputStream in)
throws IOException {
- throw new UnsupportedOperationException("XXX!");
+ final MessageDigest my_digest = makeMessageDigest();
+
+ if(bytes[0] == 0x00) {
+ my_digest.update(bytes, 1, bytes.length-21);
+ }
+
+ InputStream dis = new DigestInputStream(in, my_digest) {
+ public void close() throws IOException {
+ super.close();
+
+ byte[] dig = my_digest.digest();
+ for(int i=0; i<20; i++)
+ if(dig[i] != bytes[bytes.length-20+i])
+ throw new WrongIdException("Hash doesn't match");
+ }
+ };
+
+ // Wrap in a FilterInputStream, so that the security-relevant
+ // methods in DigestInputStream are not accessible
+ return new FilterInputStream(dis) {};
}
public boolean equals(Object o) {
@@ -97,16 +120,7 @@
* The byte array must contain the bytes in a block.
*/
public static BlockId getIdForData(byte[] bytes) {
- MessageDigest digest;
- try {
- digest = MessageDigest.getInstance("SHA");
- } catch(NoSuchAlgorithmException e) {
- throw new Error("Fatal error: The SHA-1 algorithm "+
- "is not supported by this version "+
- "of the Java libraries. "+
- "Storm cannot operate without "+
- "an SHA-1 implementation.");
- }
+ MessageDigest digest = makeMessageDigest();
digest.reset();
digest.update(bytes);
@@ -122,5 +136,20 @@
}
return new BlockId(id);
+ }
+
+ /** Create a new SHA message digest; throw an error
+ * if this algorithm isn't available.
+ */
+ static MessageDigest makeMessageDigest() {
+ try {
+ return MessageDigest.getInstance("SHA");
+ } catch(NoSuchAlgorithmException e) {
+ throw new Error("Fatal error: The SHA-1 algorithm "+
+ "is not supported by this version "+
+ "of the Java libraries. "+
+ "Storm cannot operate without "+
+ "an SHA-1 implementation.");
+ }
}
}
Index: gzz/lava/gzz/storm/BlockOutputStream.java
diff -u gzz/lava/gzz/storm/BlockOutputStream.java:1.8
gzz/lava/gzz/storm/BlockOutputStream.java:1.9
--- gzz/lava/gzz/storm/BlockOutputStream.java:1.8 Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/BlockOutputStream.java Sat Nov 16 00:03:40 2002
@@ -50,15 +50,8 @@
protected BlockOutputStream(OutputStream out) {
super(out);
- try {
- this.digest = MessageDigest.getInstance("SHA");
- } catch(NoSuchAlgorithmException e) {
- throw new Error("Fatal error: The SHA-1 algorithm "+
- "is not supported by this version "+
- "of the Java libraries. "+
- "Storm cannot operate without "+
- "an SHA-1 implementation.");
- }
+
+ digest = BlockId.makeMessageDigest();
digest.reset();
}
Index: gzz/lava/gzz/storm/impl/DirPool.java
diff -u gzz/lava/gzz/storm/impl/DirPool.java:1.9
gzz/lava/gzz/storm/impl/DirPool.java:1.10
--- gzz/lava/gzz/storm/impl/DirPool.java:1.9 Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/impl/DirPool.java Sat Nov 16 00:03:40 2002
@@ -28,8 +28,6 @@
/** A StormPool storing blocks in individual files in a directory.
* File names have the form <code>b_</code><i>idstring</i>.
- * <p>
- * XXX check id on reading blocks in (use id-checking input stream)
*/
public class DirPool extends AbstractPool {
@@ -49,8 +47,8 @@
* corresponding to the given id.
*/
protected Header822 getFileHeader(BlockId id) throws IOException {
- InputStream is =
- new BufferedInputStream(new FileInputStream(getFile(id)));
+ InputStream is = new BufferedInputStream(
+ id.getCheckedInputStream(new FileInputStream(getFile(id))));
Header822 header = Headers822.readHeader(is);
is.close();
return header;
@@ -92,7 +90,8 @@
}
public InputStream getRawInputStream() throws IOException {
- return new BufferedInputStream(new FileInputStream(file));
+ return new BufferedInputStream(
+ id.getCheckedInputStream(new FileInputStream(file)));
}
}
Index: gzz/lava/test/gzz/storm/impl/DirPool.test
diff -u gzz/lava/test/gzz/storm/impl/DirPool.test:1.5
gzz/lava/test/gzz/storm/impl/DirPool.test:1.6
--- gzz/lava/test/gzz/storm/impl/DirPool.test:1.5 Fri Nov 15 23:38:04 2002
+++ gzz/lava/test/gzz/storm/impl/DirPool.test Sat Nov 16 00:03:40 2002
@@ -33,6 +33,29 @@
def testAddBlock(): s.testAddBlock(p)
def testGetNonexistent(): s.testGetNonexistent(p)
+def testGetBlockWithBadId():
+ """
+ Put a block with a bad id into the directory, then load it
+ and check that an exception is thrown.
+ """
+
+ id = gzz.storm.BlockId('storm:block:01' + 40*'A')
+
+ file = java.io.File(dir, "b_01" + 40*"A")
+ f = open(file.getPath(), 'w')
+ f.write("Content-Type: text/plain\r\n\r\nFOO");
+ f.close()
+
+ try:
+ block = p.get(id)
+ i = block.getInputStream()
+ while i.read() >= 0: pass
+ i.close()
+ except gzz.storm.BlockId.WrongIdException:
+ pass
+ else:
+ assert 0, "Id not checked"
+
def tearDown():
gzz.util.TempFileUtil.deltree(dir)
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gzz-commits] gzz/lava gzz/storm/BlockId.java gzz/storm/Block...,
Benja Fallenstein <=