01tonythomas has uploaded a new change for review.
https://gerrit.wikimedia.org/r/153450
Change subject: Improved the VERP generation by cutting down the hmac hash
......................................................................
Improved the VERP generation by cutting down the hmac hash
The $local_part of a standard email should be < 64 which was not
taken care of earlier, and there was high chances of crossing it.
Cutting down securely the hmac hash looks fine, as per security
experts.
Added a prefix such as 'wiki-' so that the email-id looks good, and
easy to parse by exim
Change-Id: I167c018be679f6f1535824e94d5aa380dda069a7
---
M BounceHandler.php
M BounceHandlerHooks.php
M includes/ProcessBounceEmails.php
M includes/VerpAddressGenerator.php
M tests/VERPEncodeDecodeTest.php
5 files changed, 23 insertions(+), 14 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BounceHandler
refs/changes/50/153450/1
diff --git a/BounceHandler.php b/BounceHandler.php
index 9e34cd2..f3f6b0a 100644
--- a/BounceHandler.php
+++ b/BounceHandler.php
@@ -49,11 +49,12 @@
/**
* VERP Configurations
- * wgEnableVERP - Engales VERP for bounce handling
- * wgVERPalgo - Algorithm to hash the return path address.Possible algorithms
are
+ * wgVERPprefix - The prefix of the VERP address.
+ * wgVERPalgorithm - Algorithm to hash the return path address.Possible
algorithms are
* md2. md4, md5, sha1, sha224, sha256, sha384, ripemd128, ripemd160,
whirlpool and more.
* wgVERPsecret - The secret key to hash the return path address
*/
+$wgVERPprefix = 'wiki';
$wgVERPalgorithm = 'md5';
$wgVERPsecret = 'MediawikiVERP';
$wgVERPAcceptTime = 259200; //3 days time
diff --git a/BounceHandlerHooks.php b/BounceHandlerHooks.php
index 3817cb9..6f55bcb 100644
--- a/BounceHandlerHooks.php
+++ b/BounceHandlerHooks.php
@@ -12,7 +12,7 @@
* @return bool true
*/
public static function onVERPAddressGenerate( $recip, &$returnPath ) {
- global $wgVERPalgorithm, $wgVERPsecret, $wgServer, $wgSMTP;
+ global $wgVERPprefix, $wgVERPalgorithm, $wgVERPsecret,
$wgServer, $wgSMTP;
$user = User::newFromName( $recip[0]->name );
if ( !$user ) {
return true;
@@ -23,7 +23,7 @@
} else {
return true;
}
- $verpAddress = new VerpAddressGenerator( $wgVERPalgorithm,
$wgVERPsecret, $wgServer, $wgSMTP );
+ $verpAddress = new VerpAddressGenerator( $wgVERPprefix,
$wgVERPalgorithm, $wgVERPsecret, $wgServer, $wgSMTP );
$returnPath = $verpAddress->generateVERP( $uid );
return true;
diff --git a/includes/ProcessBounceEmails.php b/includes/ProcessBounceEmails.php
index 6159313..5769a4a 100644
--- a/includes/ProcessBounceEmails.php
+++ b/includes/ProcessBounceEmails.php
@@ -61,12 +61,12 @@
$failedUser = array();
preg_match( '~(.*?)@~', $hashedEmail, $hashedPart );
$hashedVERPPart = explode( '-', $hashedPart[1] );
- $hashedData = $hashedVERPPart[0]. '-'. $hashedVERPPart[1]. '-'.
$hashedVERPPart[2];
- $bounceTime = base_convert( $hashedVERPPart[2], 36, 10 );
- if ( base64_encode( hash_hmac( $wgVERPalgorithm, $hashedData,
$wgVERPsecret, true ) ) === $hashedVERPPart[3] &&
- $currentTime - $bounceTime < $wgVERPAcceptTime ) {
- $failedUser[ 'wikiId' ] = str_replace( '.', '-',
$hashedVERPPart[0] );
- $failedUser[ 'rawUserId' ] = base_convert(
$hashedVERPPart[1], 36, 10 );
+ $hashedData = $hashedVERPPart[0]. '-'. $hashedVERPPart[1]. '-'.
$hashedVERPPart[2]. '-'. $hashedVERPPart[3];
+ $bounceTime = base_convert( $hashedVERPPart[3], 36, 10 );
+ if ( base64_encode( substr( hash_hmac( $wgVERPalgorithm,
$hashedData, $wgVERPsecret, true ), 0, 12 ) ) === $hashedVERPPart[4]
+ && $currentTime - $bounceTime < $wgVERPAcceptTime ) {
+ $failedUser[ 'wikiId' ] = str_replace( '.', '-',
$hashedVERPPart[1] );
+ $failedUser[ 'rawUserId' ] = base_convert(
$hashedVERPPart[2], 36, 10 );
$failedUser[ 'rawEmail' ] = self::getOriginalEmail(
$failedUser );
$failedUser[ 'bounceTime' ] = $bounceTime;
return $failedUser;
diff --git a/includes/VerpAddressGenerator.php
b/includes/VerpAddressGenerator.php
index db76ebc..d8d916b 100644
--- a/includes/VerpAddressGenerator.php
+++ b/includes/VerpAddressGenerator.php
@@ -33,6 +33,10 @@
/**
* @var string
*/
+ protected $prefix;
+ /**
+ * @var string
+ */
protected $algorithm;
/**
@@ -51,12 +55,14 @@
protected $smtp;
/**
+ * @param string $prefix
* @param string $algorithm
* @param string $secretKey
* @param string $server
* @param array $smtp The SMTP setting configurations
*/
- public function __construct( $algorithm, $secretKey, $server, $smtp ) {
+ public function __construct( $prefix, $algorithm, $secretKey, $server,
$smtp ) {
+ $this->prefix = $prefix;
$this->algorithm = $algorithm;
$this->secretKey = $secretKey;
$this->server = $server;
@@ -83,8 +89,8 @@
// wikiId-base36( $UserID )-base36( $Timestamp )-hash(
$algorithm, $key, $prefix )@$email_domain
// We dont want repeating '-' in our WikiId
$wikiId = str_replace( '-', '.', wfWikiID() );
- $email_prefix = $wikiId. '-'. base_convert( $uid, 10, 36). '-'.
base_convert( $timeNow, 10, 36);
- $verp_hash = base64_encode( hash_hmac( $this->algorithm,
$email_prefix, $this->secretKey, true ) );
+ $email_prefix = $this->prefix. '-'. $wikiId. '-'. base_convert(
$uid, 10, 36). '-'. base_convert( $timeNow, 10, 36);
+ $verp_hash = base64_encode( substr( hash_hmac(
$this->algorithm, $email_prefix, $this->secretKey, true ), 0, 12 ) );
$returnPath = $email_prefix. '-' .$verp_hash. '@'
.$email_domain;
return $returnPath;
}
diff --git a/tests/VERPEncodeDecodeTest.php b/tests/VERPEncodeDecodeTest.php
index 2d4555b..ea5299b 100644
--- a/tests/VERPEncodeDecodeTest.php
+++ b/tests/VERPEncodeDecodeTest.php
@@ -18,12 +18,14 @@
$uid = $user->getId();
+ $prefix = 'wiki';
$algorithm = 'md5';
$secretKey = 'mySecret';
$server = 'http://testwiki.org';
$smtp = array();
$this->setMwGlobals( array(
+ 'wgVERPprefix' => $prefix,
'wgVERPalgorithm' => $algorithm,
'wgVERPsecret' => $secretKey,
'wgServer' => $server,
@@ -32,7 +34,7 @@
);
$this->setMwGlobals( 'wgVERPAcceptTime', 259200 );
- $encodeVERP = new VerpAddressGenerator( $algorithm, $secretKey,
$server, $smtp );
+ $encodeVERP = new VerpAddressGenerator( $prefix, $algorithm,
$secretKey, $server, $smtp );
$encodedAddress = $encodeVERP->generateVERP( $uid );
$decodeVERPwithRegex = new ProcessBounceWithRegex();
--
To view, visit https://gerrit.wikimedia.org/r/153450
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I167c018be679f6f1535824e94d5aa380dda069a7
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/BounceHandler
Gerrit-Branch: master
Gerrit-Owner: 01tonythomas <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
