gzz-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gzz-commits] gzz/lava gzz/storm/BlockId.java gzz/storm/Block...

From: Benja Fallenstein
Subject: [Gzz-commits] gzz/lava gzz/storm/BlockId.java gzz/storm/Block...
Date: Sat, 16 Nov 2002 00:03:41 -0500 
CVSROOT:        /cvsroot/gzz
Module name:    gzz
Changes by:     Benja Fallenstein <address@hidden>      02/11/16 00:03:40

Modified files:
        lava/gzz/storm : BlockId.java BlockOutputStream.java 
        lava/gzz/storm/impl: DirPool.java 
        lava/test/gzz/storm/impl: DirPool.test 

Log message:
        Check ids when reading in files

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/BlockId.java.diff?tr1=1.3&tr2=1.4&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/BlockOutputStream.java.diff?tr1=1.8&tr2=1.9&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/gzz/storm/impl/DirPool.java.diff?tr1=1.9&tr2=1.10&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/lava/test/gzz/storm/impl/DirPool.test.diff?tr1=1.5&tr2=1.6&r1=text&r2=text

Patches:
Index: gzz/lava/gzz/storm/BlockId.java
diff -u gzz/lava/gzz/storm/BlockId.java:1.3 gzz/lava/gzz/storm/BlockId.java:1.4
--- gzz/lava/gzz/storm/BlockId.java:1.3 Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/BlockId.java     Sat Nov 16 00:03:40 2002
@@ -29,6 +29,10 @@
     private static String PREFIX = "storm:block:";
     private static int PREFIX_LEN = PREFIX.length();
 
+    public static class WrongIdException extends IOException {
+       public WrongIdException(String s) { super(s); }
+    }
+
     private byte[] bytes;
     private String uri;
 
@@ -64,14 +68,33 @@
      *  underlying input stream, but at the same time puts the data
      *  into a <code>MessageDigest</code> object to generate its
      *  hash. When <code>close()</code> is called, the stream checks
-     *  whether the hash matches this id, and throws an exception
-     *  if it doesn't.
+     *  whether the hash matches this id, and throws a 
+     *  <code>WrongIdException</code> if it doesn't.
      *  <p>
      *  <strong>Do not forget to call <code>close()</code>!</strong>
      */
     public InputStream getCheckedInputStream(InputStream in)
                                                 throws IOException {
-        throw new UnsupportedOperationException("XXX!");
+        final MessageDigest my_digest = makeMessageDigest();
+
+       if(bytes[0] == 0x00) {
+           my_digest.update(bytes, 1, bytes.length-21);
+       }
+
+       InputStream dis = new DigestInputStream(in, my_digest) {
+               public void close() throws IOException {
+                   super.close();
+
+                   byte[] dig = my_digest.digest();
+                   for(int i=0; i<20; i++)
+                       if(dig[i] != bytes[bytes.length-20+i])
+                           throw new WrongIdException("Hash doesn't match");
+               }
+           };
+
+       // Wrap in a FilterInputStream, so that the security-relevant
+       // methods in DigestInputStream are not accessible
+       return new FilterInputStream(dis) {};
     }
 
     public boolean equals(Object o) {
@@ -97,16 +120,7 @@
      *  The byte array must contain the bytes in a block.
      */
     public static BlockId getIdForData(byte[] bytes) {
-       MessageDigest digest;
-       try {
-           digest = MessageDigest.getInstance("SHA");
-       } catch(NoSuchAlgorithmException e) {
-           throw new Error("Fatal error: The SHA-1 algorithm "+
-                           "is not supported by this version "+
-                           "of the Java libraries. "+
-                           "Storm cannot operate without "+
-                           "an SHA-1 implementation.");
-       }
+       MessageDigest digest = makeMessageDigest();
        
        digest.reset();
        digest.update(bytes);
@@ -122,5 +136,20 @@
        }
 
        return new BlockId(id);
+    }
+
+    /** Create a new SHA message digest; throw an error
+     *  if this algorithm isn't available. 
+     */
+    static MessageDigest makeMessageDigest() {
+       try {
+           return MessageDigest.getInstance("SHA");
+       } catch(NoSuchAlgorithmException e) {
+           throw new Error("Fatal error: The SHA-1 algorithm "+
+                           "is not supported by this version "+
+                           "of the Java libraries. "+
+                           "Storm cannot operate without "+
+                           "an SHA-1 implementation.");
+       }
     }
 }
Index: gzz/lava/gzz/storm/BlockOutputStream.java
diff -u gzz/lava/gzz/storm/BlockOutputStream.java:1.8 
gzz/lava/gzz/storm/BlockOutputStream.java:1.9
--- gzz/lava/gzz/storm/BlockOutputStream.java:1.8       Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/BlockOutputStream.java   Sat Nov 16 00:03:40 2002
@@ -50,15 +50,8 @@
 
     protected BlockOutputStream(OutputStream out) {
         super(out);
-       try {
-           this.digest = MessageDigest.getInstance("SHA");
-       } catch(NoSuchAlgorithmException e) {
-           throw new Error("Fatal error: The SHA-1 algorithm "+
-                           "is not supported by this version "+
-                           "of the Java libraries. "+
-                           "Storm cannot operate without "+
-                           "an SHA-1 implementation.");
-       }
+
+       digest = BlockId.makeMessageDigest();
        digest.reset();
     }
 
Index: gzz/lava/gzz/storm/impl/DirPool.java
diff -u gzz/lava/gzz/storm/impl/DirPool.java:1.9 
gzz/lava/gzz/storm/impl/DirPool.java:1.10
--- gzz/lava/gzz/storm/impl/DirPool.java:1.9    Fri Nov 15 23:38:04 2002
+++ gzz/lava/gzz/storm/impl/DirPool.java        Sat Nov 16 00:03:40 2002
@@ -28,8 +28,6 @@
 
 /** A StormPool storing blocks in individual files in a directory.
  *  File names have the form <code>b_</code><i>idstring</i>.
- *  <p>
- *  XXX check id on reading blocks in (use id-checking input stream)
  */
 public class DirPool extends AbstractPool {
 
@@ -49,8 +47,8 @@
      *  corresponding to the given id.
      */
     protected Header822 getFileHeader(BlockId id) throws IOException {
-       InputStream is = 
-           new BufferedInputStream(new FileInputStream(getFile(id)));
+       InputStream is = new BufferedInputStream(
+            id.getCheckedInputStream(new FileInputStream(getFile(id))));
        Header822 header = Headers822.readHeader(is);
        is.close();
        return header;
@@ -92,7 +90,8 @@
        }
 
        public InputStream getRawInputStream() throws IOException {
-           return new BufferedInputStream(new FileInputStream(file));
+           return new BufferedInputStream(
+                id.getCheckedInputStream(new FileInputStream(file)));
        }
     }
 
Index: gzz/lava/test/gzz/storm/impl/DirPool.test
diff -u gzz/lava/test/gzz/storm/impl/DirPool.test:1.5 
gzz/lava/test/gzz/storm/impl/DirPool.test:1.6
--- gzz/lava/test/gzz/storm/impl/DirPool.test:1.5       Fri Nov 15 23:38:04 2002
+++ gzz/lava/test/gzz/storm/impl/DirPool.test   Sat Nov 16 00:03:40 2002
@@ -33,6 +33,29 @@
 def testAddBlock(): s.testAddBlock(p)
 def testGetNonexistent(): s.testGetNonexistent(p)
 
+def testGetBlockWithBadId():
+    """
+    Put a block with a bad id into the directory, then load it
+    and check that an exception is thrown.
+    """
+
+    id = gzz.storm.BlockId('storm:block:01' + 40*'A')
+       
+    file = java.io.File(dir, "b_01" + 40*"A")
+    f = open(file.getPath(), 'w')
+    f.write("Content-Type: text/plain\r\n\r\nFOO");
+    f.close()
+
+    try:
+        block = p.get(id)
+        i = block.getInputStream()
+        while i.read() >= 0: pass
+        i.close()
+    except gzz.storm.BlockId.WrongIdException:
+        pass
+    else:
+        assert 0, "Id not checked"
+
 def tearDown():
     gzz.util.TempFileUtil.deltree(dir)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]