diff options
| author | Stefan Boberg <[email protected]> | 2021-05-25 12:53:55 +0200 |
|---|---|---|
| committer | Stefan Boberg <[email protected]> | 2021-05-25 12:53:55 +0200 |
| commit | a37804f338454f4ec22b4c74bc7608e6eec95923 (patch) | |
| tree | fe72120f894e383360db10c64fed86b9f83cb0e1 /zenserver/cache/structuredcache.cpp | |
| parent | Bumped large object threshold to 64k, improved disk bucket replay mutex logic (diff) | |
| download | zen-a37804f338454f4ec22b4c74bc7608e6eec95923.tar.xz zen-a37804f338454f4ec22b4c74bc7608e6eec95923.zip | |
Structured cache now verifies attachment payloads
Diffstat (limited to 'zenserver/cache/structuredcache.cpp')
| -rw-r--r-- | zenserver/cache/structuredcache.cpp | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/zenserver/cache/structuredcache.cpp b/zenserver/cache/structuredcache.cpp index 792d764cb..b244c881c 100644 --- a/zenserver/cache/structuredcache.cpp +++ b/zenserver/cache/structuredcache.cpp @@ -214,7 +214,7 @@ void HttpStructuredCacheService::HandleCachePayloadRequest(zen::HttpServerRequest& Request, CacheRef& Ref) { // Note: the URL references the uncompressed payload hash - so this maintains the mapping - // from uncompressed CAS identity to the stored payload hash + // from uncompressed CAS identity (aka CID/Content ID) to the stored payload hash // // this is a PITA but a consequence of the fact that the client side code is not able to // address data by compressed hash @@ -251,30 +251,38 @@ HttpStructuredCacheService::HandleCachePayloadRequest(zen::HttpServerRequest& Re { if (Body.Size() == 0) { - return Request.WriteResponse(zen::HttpResponse::BadRequest); + return Request.WriteResponse(zen::HttpResponse::BadRequest, HttpContentType::kText, "Empty payload not permitted"); } zen::IoHash ChunkHash = zen::IoHash::HashMemory(Body); zen::CompressedBuffer Compressed = zen::CompressedBuffer::FromCompressed(SharedBuffer(Body)); - if (IoHash::FromBLAKE3(Compressed.GetRawHash()) != Ref.PayloadId) + if (!Compressed) { - // the URL specified content id and content hashes don't match! - return Request.WriteResponse(HttpResponse::BadRequest); + // All attachment payloads need to be in compressed buffer format + return Request.WriteResponse(zen::HttpResponse::BadRequest, HttpContentType::kText, "Attachments must be compressed"); } + else + { + if (IoHash::FromBLAKE3(Compressed.GetRawHash()) != Ref.PayloadId) + { + // the URL specified content id and content hashes don't match! + return Request.WriteResponse(HttpResponse::BadRequest); + } - zen::CasStore::InsertResult Result = m_CasStore.InsertChunk(Body, ChunkHash); + zen::CasStore::InsertResult Result = m_CasStore.InsertChunk(Body, ChunkHash); - m_CidStore.AddCompressedCid(Ref.PayloadId, ChunkHash); + m_CidStore.AddCompressedCid(Ref.PayloadId, ChunkHash); - if (Result.New) - { - return Request.WriteResponse(zen::HttpResponse::Created); - } - else - { - return Request.WriteResponse(zen::HttpResponse::OK); + if (Result.New) + { + return Request.WriteResponse(zen::HttpResponse::Created); + } + else + { + return Request.WriteResponse(zen::HttpResponse::OK); + } } } } |