Skip to content
This repository has been archived by the owner on Nov 11, 2023. It is now read-only.

Commit

Permalink
introduce option to disable vizhash for paranoid admins, resolves #20
Browse files Browse the repository at this point in the history
…point 2.4
  • Loading branch information
elrido committed Jul 18, 2016
1 parent 20cf678 commit ff0c55c
Show file tree
Hide file tree
Showing 5 changed files with 83 additions and 11 deletions.
6 changes: 6 additions & 0 deletions cfg/conf.ini.sample
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,12 @@ languageselection = false
; the pastes encryption key
; urlshortener = "https://shortener.example.com/api?link="

; (optional) vizhash is a weak mechanism to detect if a comment was from a
; different user when the same username was used in a comment. It is based on
; the IP and might be used to get the posters IP if the server salt is leaked
; and a rainbow table is generated for all IPs. Enabled by default.
; vizhash = false

; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
; sha256 in HMAC for the deletion token
Expand Down
1 change: 1 addition & 0 deletions lib/configuration.php
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ class configuration
'languageselection' => false,
'languagedefault' => '',
'urlshortener' => '',
'vizhash' => true,
'zerobincompatibility' => false,
),
'expire' => array(
Expand Down
21 changes: 12 additions & 9 deletions lib/model/comment.php
Original file line number Diff line number Diff line change
Expand Up @@ -174,16 +174,19 @@ public function setNickname($nickname)
if (!sjcl::isValid($nickname)) throw new Exception('Invalid data.', 66);
$this->_data->meta->nickname = $nickname;

// Generation of the anonymous avatar (Vizhash):
// If a nickname is provided, we generate a Vizhash.
// (We assume that if the user did not enter a nickname, he/she wants
// to be anonymous and we will not generate the vizhash.)
$vh = new vizhash16x16();
$pngdata = $vh->generate(trafficlimiter::getIp());
if ($pngdata != '')
if ($this->_conf->getKey('vizhash'))
{
$this->_data->meta->vizhash = 'data:image/png;base64,' . base64_encode($pngdata);
// Generation of the anonymous avatar (Vizhash):
// If a nickname is provided, we generate a Vizhash.
// (We assume that if the user did not enter a nickname, he/she wants
// to be anonymous and we will not generate the vizhash.)
$vh = new vizhash16x16();
$pngdata = $vh->generate(trafficlimiter::getIp());
if ($pngdata != '')
{
$this->_data->meta->vizhash = 'data:image/png;base64,' . base64_encode($pngdata);
}
// Once the avatar is generated, we do not keep the IP address, nor its hash.
}
// Once the avatar is generated, we do not keep the IP address, nor its hash.
}
}
11 changes: 9 additions & 2 deletions lib/privatebin/db.php
Original file line number Diff line number Diff line change
Expand Up @@ -325,6 +325,13 @@ public function exists($pasteid)
*/
public function createComment($pasteid, $parentid, $commentid, $comment)
{
foreach (array('nickname', 'vizhash') as $key)
{
if (!array_key_exists($key, $comment['meta']))
{
$comment['meta'][$key] = null;
}
}
return self::_exec(
'INSERT INTO ' . self::_sanitizeIdentifier('comment') .
' VALUES(?,?,?,?,?,?,?)',
Expand Down Expand Up @@ -367,9 +374,9 @@ public function readComments($pasteid)
$comments[$i]->data = $row['data'];
$comments[$i]->meta = new stdClass;
$comments[$i]->meta->postdate = (int) $row['postdate'];
if (array_key_exists('nickname', $row))
if (array_key_exists('nickname', $row) && !empty($row['nickname']))
$comments[$i]->meta->nickname = $row['nickname'];
if (array_key_exists('vizhash', $row))
if (array_key_exists('vizhash', $row) && !empty($row['vizhash']))
$comments[$i]->meta->vizhash = $row['vizhash'];
}
ksort($comments);
Expand Down
55 changes: 55 additions & 0 deletions tst/model.php
Original file line number Diff line number Diff line change
Expand Up @@ -208,4 +208,59 @@ public function testCommentDeletion()
$paste->store();
$paste->getComment(helper::getPasteId())->delete();
}

public function testCommentWithDisabledVizhash()
{
$options = parse_ini_file(CONF, true);
$options['main']['vizhash'] = false;
$options['model'] = array(
'class' => 'privatebin_db',
);
$options['model_options'] = array(
'dsn' => 'sqlite::memory:',
'usr' => null,
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
helper::confBackup();
helper::createIniFile(CONF, $options);
$model = new model(new configuration);

$pasteData = helper::getPaste();
$this->_model->getPaste(helper::getPasteId())->delete();
$paste = $model->getPaste(helper::getPasteId());
$this->assertFalse($paste->exists(), 'paste does not yet exist');

$paste = $model->getPaste();
$paste->setData($pasteData['data']);
$paste->setOpendiscussion();
$paste->setFormatter($pasteData['meta']['formatter']);
$paste->store();

$paste = $model->getPaste(helper::getPasteId());
$this->assertTrue($paste->exists(), 'paste exists after storing it');
$paste = $paste->get();
$this->assertEquals($pasteData['data'], $paste->data);
foreach (array('opendiscussion', 'formatter') as $key) {
$this->assertEquals($pasteData['meta'][$key], $paste->meta->$key);
}

// storing comments
$commentData = helper::getComment();
$paste = $model->getPaste(helper::getPasteId());
$comment = $paste->getComment(helper::getPasteId(), helper::getCommentId());
$this->assertFalse($comment->exists(), 'comment does not yet exist');

$comment = $paste->getComment(helper::getPasteId());
$comment->setData($commentData['data']);
$comment->setNickname($commentData['meta']['nickname']);
$comment->store();

$comment = $paste->getComment(helper::getPasteId(), helper::getCommentId());
$this->assertTrue($comment->exists(), 'comment exists after storing it');
$comment = $comment->get();
$this->assertEquals($commentData['data'], $comment->data);
$this->assertEquals($commentData['meta']['nickname'], $comment->meta->nickname);
$this->assertFalse(property_exists($comment->meta, 'vizhash'), 'vizhash was not generated');
}
}

0 comments on commit ff0c55c

Please sign in to comment.