ensure uplink is sending correct size with PieceHash (#2555)

If we verify that the size matches reality, we can then expect to use
the filesystem to store the piece size as used in the signed PieceHash
from the uplink. Otherwise, the uplink might send a garbage size value,
leaving the storagenode with no good way to verify the uplink signature
on the piece at a later date.

Also fix the code in uplink/piecestore/ so that it sends a valid size,
because it was being rude and sending 0.
This commit is contained in:
paul cannon 2019-07-15 11:26:18 -04:00 committed by GitHub
parent 5bec820145
commit 0d1dce508e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 2 deletions

View File

@ -282,6 +282,10 @@ func (endpoint *Endpoint) Upload(stream pb.Piecestore_UploadServer) (err error)
if err := endpoint.VerifyPieceHash(ctx, limit, message.Done, expectedHash); err != nil {
return err // TODO: report grpc status internal server error
}
if message.Done.PieceSize != pieceWriter.Size() {
return ErrProtocol.New("Size of finished piece does not match size declared by uplink! %d != %d",
message.Done.GetPieceSize(), pieceWriter.Size())
}
if err := pieceWriter.Commit(ctx); err != nil {
return ErrInternal.Wrap(err) // TODO: report grpc status internal server error

View File

@ -181,8 +181,10 @@ func (client *Upload) Commit(ctx context.Context) (_ *pb.PieceHash, err error) {
// sign the hash for storage node
uplinkHash, err := signing.SignUplinkPieceHash(ctx, client.privateKey, &pb.PieceHash{
PieceId: client.limit.PieceId,
Hash: client.hash.Sum(nil),
PieceId: client.limit.PieceId,
PieceSize: client.offset,
Hash: client.hash.Sum(nil),
Timestamp: client.limit.OrderCreation,
})
if err != nil {
// failed to sign, let's close the sending side, no need to wait for a response