recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Remove the "PhabricatorRepositoryVCSPassword" class and table

Summary:
Ref T13043. After D18898, this has been migrated to new, more modern storage and no longer has any readers or writers.

One migration from long ago (early 2014) is affected. Since this is ancient and the cost of dropping this is small (see inline), I just dropped it.

I'll note this in the changelog.

Test Plan: Ran migrations, got a clean bill of health from `storage status`. Grepped for removed symbol.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18899

epriestley 753c4c5f dd8f588a

+10 -85
+9 -23
resources/sql/autopatches/20140218.passwords.4.vcs.php
··· 1 1 <?php 2 2 3 - $table = new PhabricatorRepositoryVCSPassword(); 4 - $conn_w = $table->establishConnection('w'); 5 - 6 - echo pht('Upgrading password hashing for VCS passwords.')."\n"; 7 - 8 - $best_hasher = PhabricatorPasswordHasher::getBestHasher(); 9 - foreach (new LiskMigrationIterator($table) as $password) { 10 - $id = $password->getID(); 11 - 12 - echo pht('Migrating VCS password %d...', $id)."\n"; 13 - 14 - $input_hash = $password->getPasswordHash(); 15 - $input_envelope = new PhutilOpaqueEnvelope($input_hash); 16 - 17 - $storage_hash = $best_hasher->getPasswordHashForStorage($input_envelope); 3 + // This migration once upgraded VCS password hashing, but the table was 4 + // later removed in 2018 (see T13043). 18 5 19 - queryfx( 20 - $conn_w, 21 - 'UPDATE %T SET passwordHash = %s WHERE id = %d', 22 - $table->getTableName(), 23 - $storage_hash->openEnvelope(), 24 - $id); 25 - } 6 + // Since almost four years have passed since this migration, the cost of 7 + // losing this data is very small (users just need to reset their passwords), 8 + // and a version of this migration against the modern schema isn't easy to 9 + // implement or test, just skip the migration. 26 10 27 - echo pht('Done.')."\n"; 11 + // This means that installs which upgrade from a version of Phabricator 12 + // released prior to Feb 2014 to a version of Phabricator relased after 13 + // Jan 2018 will need to have users reset VCS passwords.
+1
resources/sql/autopatches/20180121.auth.01.vcsnuke.sql
··· 1 + DROP TABLE {$NAMESPACE}_repository.repository_vcspassword;
-2
src/__phutil_library_map__.php
··· 3944 3944 'PhabricatorRepositoryURITestCase' => 'applications/repository/storage/__tests__/PhabricatorRepositoryURITestCase.php', 3945 3945 'PhabricatorRepositoryURITransaction' => 'applications/repository/storage/PhabricatorRepositoryURITransaction.php', 3946 3946 'PhabricatorRepositoryURITransactionQuery' => 'applications/repository/query/PhabricatorRepositoryURITransactionQuery.php', 3947 - 'PhabricatorRepositoryVCSPassword' => 'applications/repository/storage/PhabricatorRepositoryVCSPassword.php', 3948 3947 'PhabricatorRepositoryWorkingCopyVersion' => 'applications/repository/storage/PhabricatorRepositoryWorkingCopyVersion.php', 3949 3948 'PhabricatorRequestExceptionHandler' => 'aphront/handler/PhabricatorRequestExceptionHandler.php', 3950 3949 'PhabricatorResourceSite' => 'aphront/site/PhabricatorResourceSite.php', ··· 9593 9592 'PhabricatorRepositoryURITestCase' => 'PhabricatorTestCase', 9594 9593 'PhabricatorRepositoryURITransaction' => 'PhabricatorApplicationTransaction', 9595 9594 'PhabricatorRepositoryURITransactionQuery' => 'PhabricatorApplicationTransactionQuery', 9596 - 'PhabricatorRepositoryVCSPassword' => 'PhabricatorRepositoryDAO', 9597 9595 'PhabricatorRepositoryWorkingCopyVersion' => 'PhabricatorRepositoryDAO', 9598 9596 'PhabricatorRequestExceptionHandler' => 'AphrontRequestExceptionHandler', 9599 9597 'PhabricatorResourceSite' => 'PhabricatorSite',
-60
src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php
··· 1 - <?php 2 - 3 - final class PhabricatorRepositoryVCSPassword extends PhabricatorRepositoryDAO { 4 - 5 - protected $id; 6 - protected $userPHID; 7 - protected $passwordHash; 8 - 9 - protected function getConfiguration() { 10 - return array( 11 - self::CONFIG_COLUMN_SCHEMA => array( 12 - 'passwordHash' => 'text128', 13 - ), 14 - self::CONFIG_KEY_SCHEMA => array( 15 - 'key_phid' => array( 16 - 'columns' => array('userPHID'), 17 - 'unique' => true, 18 - ), 19 - ), 20 - ) + parent::getConfiguration(); 21 - } 22 - 23 - public function setPassword( 24 - PhutilOpaqueEnvelope $password, 25 - PhabricatorUser $user) { 26 - $hash_envelope = $this->hashPassword($password, $user); 27 - return $this->setPasswordHash($hash_envelope->openEnvelope()); 28 - } 29 - 30 - public function comparePassword( 31 - PhutilOpaqueEnvelope $password, 32 - PhabricatorUser $user) { 33 - 34 - return PhabricatorPasswordHasher::comparePassword( 35 - $this->getPasswordHashInput($password, $user), 36 - new PhutilOpaqueEnvelope($this->getPasswordHash())); 37 - } 38 - 39 - private function getPasswordHashInput( 40 - PhutilOpaqueEnvelope $password, 41 - PhabricatorUser $user) { 42 - if ($user->getPHID() != $this->getUserPHID()) { 43 - throw new Exception(pht('User does not match password user PHID!')); 44 - } 45 - 46 - $raw_input = PhabricatorHash::digestPassword($password, $user->getPHID()); 47 - return new PhutilOpaqueEnvelope($raw_input); 48 - } 49 - 50 - private function hashPassword( 51 - PhutilOpaqueEnvelope $password, 52 - PhabricatorUser $user) { 53 - 54 - $input_envelope = $this->getPasswordHashInput($password, $user); 55 - 56 - $best_hasher = PhabricatorPasswordHasher::getBestHasher(); 57 - return $best_hasher->getPasswordHashForStorage($input_envelope); 58 - } 59 - 60 - }