You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@subversion.apache.org by as...@apache.org on 2017/02/24 21:29:05 UTC

svn commit: r1784336 - /subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh

Author: astieger
Date: Fri Feb 24 21:29:04 2017
New Revision: 1784336

URL: http://svn.apache.org/viewvc?rev=1784336&view=rev
Log:
Add pre-commit hook script that can reject known SHA-1 collisions

* tools/hook-scripts/reject-known-sha1-collisions.sh:
  Script tested on Linux, OpenBSD

Added:
    subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh   (with props)

Added: subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh
URL: http://svn.apache.org/viewvc/subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh?rev=1784336&view=auto
==============================================================================
--- subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh (added)
+++ subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh Fri Feb 24 21:29:04 2017
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+# $Id$
+#
+# Prevents some SHA-1 collisions to be commited
+# Test fo the 320 byte prefix found on https://shattered.io/
+# If the files are committed in the same transaction, svnlook
+# will error out itself due to the apparent corruption in the
+# candidate revision
+
+REPOS="$1"
+TXN="$2"
+SVNLOOK=/usr/bin/svnlook
+
+$SVNLOOK changed -t "$TXN" "$REPOS"
+if [ $? -ne 0 ]; then
+  echo $FILES >&2
+  echo "svnlook failed, possible SHA-1 collision" >&2
+  exit 2
+fi
+
+FILES=`$SVNLOOK changed -t "$TXN" "$REPOS" | /usr/bin/grep -Ev '^D ' | /usr/bin/awk '{print $2}'`
+for FILE in $FILES; do
+  PREFIX=`$SVNLOOK cat -t "$TXN" "$REPOS" "$FILE" | head -c320 | /usr/bin/sha1sum | cut -c-40`
+  if [ "$PREFIX" == 'f92d74e3874587aaf443d1db961d4e26dde13e9c' ]; then
+        echo "known SHA-1 collision rejected" >&2
+        exit 3
+  fi
+done

Propchange: subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh
------------------------------------------------------------------------------
    svn:executable = *

Propchange: subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh
------------------------------------------------------------------------------
    svn:keywords = Id

Re: svn commit: r1784336 - /subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh

Posted by Greg Stein <gs...@gmail.com>.

On Fri, Feb 24, 2017 at 3:29 PM, <as...@apache.org> wrote:
>...

> +++ subversion/trunk/tools/hook-scripts/reject-known-sha1-collisions.sh
> Fri Feb 24 21:29:04 2017
>
>...

> +$SVNLOOK changed -t "$TXN" "$REPOS"
> +if [ $? -ne 0 ]; then
> +  echo $FILES >&2
> +  echo "svnlook failed, possible SHA-1 collision" >&2
> +  exit 2
> +fi
> +
> +FILES=`$SVNLOOK changed -t "$TXN" "$REPOS" | /usr/bin/grep -Ev '^D ' |
> /usr/bin/awk '{print $2}'`
>

FILES is not defined before the upper block.

>...

Cheers,
-g