Hi,
I'm submitting a patch to perform "on the fly" MD5/SHA1 digest
calculation of a file uploaded via the HTTP POST method. Being
not uncommon for applications to require some digest of a freshly
uploaded file, doing the math directly in the buffer where the file is
being read can save some time.
A similar patch was submitted in August 2004 and raised some interest,
but never got merged.
Digest calculation is triggered by setting the special input fields
COMPUTE_MD5 and/or COMPUTE_SHA1 to a non-zero value:
(note that these assignments must precede the
<input type="file" name=...> field, as in the MAX_FILE_SIZE case.)
The result is found in the special variables
$_FILES[userfile]["md5"] and $_FILES[userfile]["sha1"].
These variables are only defined upon request of the corresponding
digest.
The patch was produced against the php6 CVS version of rfc1867.c
(1.190).
Cheers,
David
David Santinoli
Tieffe Sistemi S.r.l. viale Piceno 21, Milano
www.tieffesistemi.com tel. +39 02 45490882
What purpose does this serve, exactly?...
Seems like anybody who can intercept the upload and send bad file data
can also send a matching MD5 for the bad data...
Actually, re-reading the message clarified for me that you're doing
this only to save the time of whatever it would take to do an MD5 for
the file after its uploaded.
Can you PLEASE make 100% certain that this is specifically documented
to NOT be a "Security Feature" and it is NOT intended to indicate
secure transmission of the file?
Cuz I'm betting dollars to donuts that the masses of PHP scripters are
going to immediately mis-use this for that exact purpose...
Hi,
I'm submitting a patch to perform "on the fly" MD5/SHA1 digest
calculation of a file uploaded via the HTTP POST method. Being
not uncommon for applications to require some digest of a freshly
uploaded file, doing the math directly in the buffer where the file is
being read can save some time.A similar patch was submitted in August 2004 and raised some interest,
but never got merged.Digest calculation is triggered by setting the special input fields
<input type="hidden" name="COMPUTE_SHA1" value="1">
COMPUTE_MD5 and/or COMPUTE_SHA1 to a non-zero value:(note that these assignments must precede the
<input type="file" name=...> field, as in the MAX_FILE_SIZE case.)The result is found in the special variables
$_FILES[userfile]["md5"] and $_FILES[userfile]["sha1"].
These variables are only defined upon request of the corresponding
digest.The patch was produced against the php6 CVS version of rfc1867.c
(1.190).Cheers,
DavidDavid Santinoli
Tieffe Sistemi S.r.l. viale Piceno 21, Milano
www.tieffesistemi.com tel. +39 02 45490882
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
Ditto Richard's comments about false-implications of security, but I'd
also like to add that IF folks decide on the whole that this is worth
adding, it should be done more generically than a setting for md5 and a
setting for sha1.
e.g.
<input type="hidden" name="__COMPUTE_HASH" value="md5"> or <input type="hidden" name="__COMPUTE_HASH" value="sha1"> or <input type="hidden" name="__COMPUTE_HASH" value="whirlpool">or whatever hash algo you're looking for. The implementations in
ext/hash can be used and the resulting code in main/rfc1867.c will wind
up being simpler (since you'll be using the unified hash API rather than
the individual md5/sha1 APIs).
If someone (for some reason) has ext/hash disabled (it's
enabled-by-default since 5.1.2), then they just won't get a hash.
That's what package requirements and documentation are for.
-Sara
P.S. - Suggestions aside, I'm -1 on it.
Richard Lynch wrote:
What purpose does this serve, exactly?...
Seems like anybody who can intercept the upload and send bad file data
can also send a matching MD5 for the bad data...Actually, re-reading the message clarified for me that you're doing
this only to save the time of whatever it would take to do an MD5 for
the file after its uploaded.Can you PLEASE make 100% certain that this is specifically documented
to NOT be a "Security Feature" and it is NOT intended to indicate
secure transmission of the file?Cuz I'm betting dollars to donuts that the masses of PHP scripters are
going to immediately mis-use this for that exact purpose...Hi,
I'm submitting a patch to perform "on the fly" MD5/SHA1 digest
calculation of a file uploaded via the HTTP POST method. Being
not uncommon for applications to require some digest of a freshly
uploaded file, doing the math directly in the buffer where the file is
being read can save some time.A similar patch was submitted in August 2004 and raised some interest,
but never got merged.Digest calculation is triggered by setting the special input fields
<input type="hidden" name="COMPUTE_SHA1" value="1">
COMPUTE_MD5 and/or COMPUTE_SHA1 to a non-zero value:(note that these assignments must precede the
<input type="file" name=...> field, as in the MAX_FILE_SIZE case.)The result is found in the special variables
$_FILES[userfile]["md5"] and $_FILES[userfile]["sha1"].
These variables are only defined upon request of the corresponding
digest.The patch was produced against the php6 CVS version of rfc1867.c
(1.190).Cheers,
DavidDavid Santinoli
Tieffe Sistemi S.r.l. viale Piceno 21, Milano
www.tieffesistemi.com tel. +39 02 45490882
Ditto Richard's comments about false-implications of security, but I'd
also like to add that IF folks decide on the whole that this is
worth adding, it should be done more generically than a setting for
md5 and a setting for sha1.
I appreciate your suggestion.
If someone (for some reason) has ext/hash disabled (it's
enabled-by-default since 5.1.2), then they just won't get a hash.
Or, we could resort to ext/standard/{md5|sha1} to make these two hashes
always available, like the Session extension does. But this double
strategy would complicate the code in rfc1867.c and yield very marginal
gain.
If there's enough interest in this, I will rework the patch according to
Sara's hint.
Cheers,
David
David Santinoli
Tieffe Sistemi S.r.l. viale Piceno 21, Milano
www.tieffesistemi.com tel. +39 02 45490882
If there's enough interest in this, I will rework the patch according
to
Sara's hint.
I'd have to be +1 on making more than just the 2 hashes available for
this feature, though if it's a TON of work...
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
If there's enough interest in this, I will rework the patch according
to
Sara's hint.I'd have to be +1 on making more than just the 2 hashes available for
this feature, though if it's a TON of work...
Could the result be ...
$_FILES[userfile]["hash"]["md5"] / $_FILES[userfile]["hash"]["sha1"]
If you SOMEHOW didn't know what hash had been asked for, you would
have to go through a list to find the one saved in $_FILES. Using a
key for "hash", you know which hash a lot easier.
--
Richard Quadling
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
"Standing on the shoulders of some very clever giants!"
Can you PLEASE make 100% certain that this is specifically documented
to NOT be a "Security Feature" and it is NOT intended to indicate
secure transmission of the file?
It is not meant to be a "security feature". Not in the least.
Instead, my intent was to make hash computation easier and faster for
those (rather common) cases in which signatures are used for duplicate
file detection etc..
Cheers,
David
David Santinoli
Tieffe Sistemi S.r.l. viale Piceno 21, Milano
www.tieffesistemi.com tel. +39 02 45490882