URL: https://github.com/freeipa/freeipa/pull/1599
Author: stlaz
 Title: #1599: Fix FileStore.backup_file() not to backup same file
Action: opened

PR body:
"""
FileStore.backup_file() docstring claimed not to store a
copy of the same file but the behavior of the method did not
match this description.

This commit makes the backed-up file filename derivation
deterministic by hashing its content by SHA-256, thus it
should not back up two files with the same filename and content.
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1599/head:pr1599
git checkout pr1599
From 7913f7596c41800bbe1413af53853359fdab47bb Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Mon, 19 Feb 2018 09:50:41 +0100
Subject: [PATCH] Fix FileStore.backup_file() not to backup same file

FileStore.backup_file() docstring claimed not to store a
copy of the same file but the behavior of the method did not
match this description.

This commit makes the backed-up file filename derivation
deterministic by hashing its content by SHA-256, thus it
should not back up two files with the same filename and content.
---
 ipalib/install/sysrestore.py | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/ipalib/install/sysrestore.py b/ipalib/install/sysrestore.py
index b2e1a00482..446f539174 100644
--- a/ipalib/install/sysrestore.py
+++ b/ipalib/install/sysrestore.py
@@ -40,6 +40,7 @@
 
 from ipaplatform.tasks import tasks
 from ipaplatform.paths import paths
+from hashlib import sha256
 
 if six.PY3:
     unicode = str
@@ -111,7 +112,7 @@ def save(self):
             p.write(f)
 
     def backup_file(self, path):
-        """Create a copy of the file at @path - so long as a copy
+        """Create a copy of the file at @path - as long as an exact copy
         does not already exist - which will be restored to its
         original location by restore_files().
         """
@@ -126,11 +127,11 @@ def backup_file(self, path):
 
         _reldir, backupfile = os.path.split(path)
 
-        filename = ""
-        for _i in range(8):
-            h = "%02x" % self.random.randint(0,255)
-            filename += h
-        filename += "-"+backupfile
+        with open(path, 'rb') as f:
+            cont_hash = sha256(f.read()).hexdigest()
+
+        filename = "{hexhash}-{bcppath}".format(
+                hexhash=cont_hash, bcppath=backupfile)
 
         backup_path = os.path.join(self._path, filename)
         if os.path.exists(backup_path):
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to