diff options
| author | Jay Mundrawala <jdmundrawala@gmail.com> | 2015-09-28 19:24:30 -0700 |
|---|---|---|
| committer | Jay Mundrawala <jdmundrawala@gmail.com> | 2015-09-28 20:25:07 -0700 |
| commit | 8ff6afc1481fefee2fa8d5cd12e0f97b1cbe05d1 (patch) | |
| tree | 42a2200f47960564fa3b8826cfa14fa0a3236392 | |
| parent | 8f65f75b2ae48ed33cfce1853edcdcc1a949b9c3 (diff) | |
| download | chef-8ff6afc1481fefee2fa8d5cd12e0f97b1cbe05d1.tar.gz | |
Modify remote_file cache_control_data to use sha256 for its name
We want to support a fips mode, and doing MD5 with fips mode enabled
is wrong/hard. In this case, the type of checksum does not
matter, so let's just use sha256 since fips mode will be happy
with that.
For cases where the cache control data exists, we update it
to provide a seamless upgrade.
| -rw-r--r-- | lib/chef/provider/remote_file/cache_control_data.rb | 41 |
1 files changed, 37 insertions, 4 deletions
diff --git a/lib/chef/provider/remote_file/cache_control_data.rb b/lib/chef/provider/remote_file/cache_control_data.rb index f9b729362c..3f39dac625 100644 --- a/lib/chef/provider/remote_file/cache_control_data.rb +++ b/lib/chef/provider/remote_file/cache_control_data.rb @@ -145,18 +145,51 @@ class Chef end def load_json_data - Chef::FileCache.load("remote_file/#{sanitized_cache_file_basename}") + path = sanitized_cache_file_path(sanitized_cache_file_basename) + if Chef::FileCache.has_key?(path) + Chef::FileCache.load(path) + else + old_path = sanitized_cache_file_path(sanitized_cache_file_basename_md5) + if Chef::FileCache.has_key?(old_path) + # We found an old cache control data file. We started using sha256 instead of md5 + # to name these. Upgrade the file to the new name. + Chef::Log.debug("Found old cache control data file at #{old_path}. Moving to #{path}.") + Chef::FileCache.load(old_path).tap do |data| + Chef::FileCache.store(path, data) + Chef::FileCache.delete(old_path) + end + else + raise Chef::Exceptions::FileNotFound + end + end end - def sanitized_cache_file_basename + def sanitized_cache_file_path(basename) + "remote_file/#{basename}" + end + + def scrubbed_uri # Scrub and truncate in accordance with the goals of keeping the name # human-readable but within the bounds of local file system # path length limits - scrubbed_uri = uri.gsub(/\W/, '_')[0..63] + uri.gsub(/\W/, '_')[0..63] + end + + def sanitized_cache_file_basename + uri_sha2 = Chef::Digester.instance.generate_checksum(StringIO.new(uri)) + cache_file_basename(uri_sha2[0,32]) + end + + + def sanitized_cache_file_basename_md5 + # Old way of creating the file basename uri_md5 = Chef::Digester.instance.generate_md5_checksum(StringIO.new(uri)) - "#{scrubbed_uri}-#{uri_md5}.json" + cache_file_basename(uri_md5) end + def cache_file_basename(checksum) + "#{scrubbed_uri}-#{checksum}.json" + end end end end |