ensure uplink is sending correct size with PieceHash (#2555)

If we verify that the size matches reality, we can then expect to use the filesystem to store the piece size as used in the signed PieceHash from the uplink. Otherwise, the uplink might send a garbage size value, leaving the storagenode with no good way to verify the uplink signature on the piece at a later date. Also fix the code in uplink/piecestore/ so that it sends a valid size, because it was being rude and sending 0.
2019-07-15 11:26:18 -04:00 · 2019-07-15 11:26:18 -04:00 · 0d1dce508e
commit 0d1dce508e
parent 5bec820145
2 changed files with 8 additions and 2 deletions
--- a/storagenode/piecestore/endpoint.go
+++ b/storagenode/piecestore/endpoint.go
@ -282,6 +282,10 @@ func (endpoint *Endpoint) Upload(stream pb.Piecestore_UploadServer) (err error)
 			if err := endpoint.VerifyPieceHash(ctx, limit, message.Done, expectedHash); err != nil {
 				return err // TODO: report grpc status internal server error
 			}
+			if message.Done.PieceSize != pieceWriter.Size() {
+				return ErrProtocol.New("Size of finished piece does not match size declared by uplink! %d != %d",
+					message.Done.GetPieceSize(), pieceWriter.Size())
+			}

 			if err := pieceWriter.Commit(ctx); err != nil {
 				return ErrInternal.Wrap(err) // TODO: report grpc status internal server error
--- a/uplink/piecestore/upload.go
+++ b/uplink/piecestore/upload.go
@ -181,8 +181,10 @@ func (client *Upload) Commit(ctx context.Context) (_ *pb.PieceHash, err error) {

 	// sign the hash for storage node
 	uplinkHash, err := signing.SignUplinkPieceHash(ctx, client.privateKey, &pb.PieceHash{
-		PieceId: client.limit.PieceId,
-		Hash:    client.hash.Sum(nil),
+		PieceId:   client.limit.PieceId,
+		PieceSize: client.offset,
+		Hash:      client.hash.Sum(nil),
+		Timestamp: client.limit.OrderCreation,
 	})
 	if err != nil {
 		// failed to sign, let's close the sending side, no need to wait for a response