1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-26 16:52:41 +01:00

random cleanup from long ago

Summary: was doing some work in here and noticed this old crap lying around. T547 was last updated in December 2011 so I think its okay to delete these old mail hashes now.

Test Plan: careful code inspection, though I will be testing mail like whoa for the rest of the day probably

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T547

Differential Revision: https://secure.phabricator.com/D4650
This commit is contained in:
Bob Trahan 2013-01-25 13:11:20 -08:00
parent b7f7b8aff0
commit 9d23a49c91

View file

@ -276,10 +276,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
$expect_hash = self::computeMailHash($receiver->getMailKey(), $check_phid); $expect_hash = self::computeMailHash($receiver->getMailKey(), $check_phid);
// See note at computeOldMailHash(). if ($expect_hash != $hash) {
$old_hash = self::computeOldMailHash($receiver->getMailKey(), $check_phid);
if ($expect_hash != $hash && $old_hash != $hash) {
return $this->setMessage("Invalid mail hash!")->save(); return $this->setMessage("Invalid mail hash!")->save();
} }
@ -348,20 +345,6 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
return substr($hash, 0, 16); return substr($hash, 0, 16);
} }
public static function computeOldMailHash($mail_key, $phid) {
// TODO: Remove this method entirely in a couple of months. We've moved from
// plain sha1 to sha1+hmac to make the codebase more auditable for good uses
// of hash functions, but still accept the old hashes on email replies to
// avoid breaking things. Once we've been sending only hmac hashes for a
// while, remove this and start rejecting old hashes. See T547.
$global_mail_key = PhabricatorEnv::getEnvConfig('phabricator.mail-key');
$hash = sha1($mail_key.$global_mail_key.$phid);
return substr($hash, 0, 16);
}
/** /**
* Strip an email address down to the actual user@domain.tld part if * Strip an email address down to the actual user@domain.tld part if
* necessary, since sometimes it will have formatting like * necessary, since sometimes it will have formatting like