8000 Remove randomness from dumped containers · symfony/symfony@14dd5d1 · GitHub
[go: up one dir, main page]
Skip to content

Commit 14dd5d1

Browse files
nicolas-grekasnicolas-grekas
committed
Remove randomness from dumped containers
1 parent a483d37 commit 14dd5d1

File tree

11 files changed

+75
-19
lines changed

11 files changed

+75
-19
lines changed

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@
3636
use Symfony\Component\DependencyInjection\Exception\InvalidArgumentException;
3737
use Symfony\Component\DependencyInjection\Exception\LogicException;
3838
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
39+
use Symfony\Component\DependencyInjection\Parameter;
3940
use Symfony\Component\DependencyInjection\Reference;
4041
use Symfony\Component\DependencyInjection\ServiceSubscriberInterface;
4142
use Symfony\Component\EventDispatcher\ContainerAwareEventDispatcher;
@@ -1626,7 +1627,7 @@ private function registerLockConfiguration(array $config, ContainerBuilder $cont
16261627

16271628
private function registerCacheConfiguration(array $config, ContainerBuilder $container)
16281629
{
1629-
$version = substr(str_replace('/', '-', base64_encode(hash('sha256', uniqid(mt_rand(), true), true))), 0, 22);
1630+
$version = new Parameter('container.build_id');
16301631
$container->getDefinition('cache.adapter.apcu')->replaceArgument(2, $version);
16311632
$container->getDefinition('cache.adapter.system')->replaceArgument(2, $version);
16321633
$container->getDefinition('cache.adapter.filesystem')->replaceArgument(2, $config['directory']);

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1045,6 +1045,9 @@ protected function createContainer(array $data = array())
10451045
'kernel.name' => 'kernel',
10461046
'kernel.root_dir' => __DIR__,
10471047
'kernel.container_class' => 'testContainer',
1048+
'container.build_hash' => 'Abc1234',
1049+
'container.build_id' => hash('crc32', 'Abc123423456789'),
1050+
'container.build_time' => 23456789,
10481051
), $data)));
10491052
}
10501053

src/Symfony/Bundle/FrameworkBundle/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@
2020
"ext-xml": "*",
2121
"symfony/cache": "~3.4|~4.0",
2222
"symfony/class-loader": "~3.2",
23-
"symfony/dependency-injection": "~3.4|~4.0",
23+
"symfony/dependency-injection": "^3.4.3|^4.0.3",
2424
"symfony/config": "~3.4|~4.0",
2525
"symfony/event-dispatcher": "~3.4|~4.0",
2626
"symfony/http-foundation": "^3.3.11|~4.0",

src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -289,7 +289,7 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
289289
->arrayNode('anonymous')
290290
->canBeUnset()
291291
->children()
292-
->scalarNode('secret')->defaultValue(uniqid('', true))->end()
292+
->scalarNode('secret')->defaultNull()->end()
293293
->end()
294294
->end()
295295
->arrayNode('switch_user')

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/UserProvider/InMemoryFactory.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
1515
use Symfony\Component\DependencyInjection\ChildDefinition;
1616
use Symfony\Component\DependencyInjection\ContainerBuilder;
17+
use Symfony\Component\DependencyInjection\Parameter;
1718
use Symfony\Component\DependencyInjection\Reference;
1819

1920
/**
@@ -27,13 +28,14 @@ class InMemoryFactory implements UserProviderFactoryInterface
2728
public function create(ContainerBuilder $container, $id, $config)
2829
{
2930
$definition = $container->setDefinition($id, new ChildDefinition('security.user.provider.in_memory'));
31+
$defaultPassword = new Parameter('container.build_id');
3032

3133
foreach ($config['users'] as $username => $user) {
3234
$userId = $id.'_'.$username;
3335

3436
$container
3537
->setDefinition($userId, new ChildDefinition('security.user.provider.in_memory.user'))
36-
->setArguments(array($username, (string) $user['password'], $user['roles']))
38+
->setArguments(array($username, null !== $user['password'] ? (string) $user['password'] : $defaultPassword, $user['roles']))
3739
;
3840

3941
$definition->addMethodCall('createUser', array(new Reference($userId)));
@@ -55,7 +57,7 @@ public function addConfiguration(NodeDefinition $node)
5557
->normalizeKeys(false)
5658
->prototype('array')
5759
->children()
58-
->scalarNode('password')->defaultValue(uniqid('', true))->end()
60+
->scalarNode('password')->defaultNull()->end()
5961
->arrayNode('roles')
6062
->beforeNormalization()->ifString()->then(function ($v) { return preg_split('/\s*,\s*/', $v); })->end()
6163
->prototype('scalar')->end()

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
2323
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
2424
use Symfony\Component\DependencyInjection\ContainerBuilder;
25+
use Symfony\Component\DependencyInjection\Parameter;
2526
use Symfony\Component\DependencyInjection\Reference;
2627
use Symfony\Component\Config\FileLocator;
2728
use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
@@ -529,6 +530,10 @@ private function createAuthenticationListeners($container, $id, $firewall, &$aut
529530

530531
// Anonymous
531532
if (isset($firewall['anonymous'])) {
533+
if (null === $firewall['anonymous']['secret']) {
534+
$firewall['anonymous']['secret'] = new Parameter('container.build_hash');
535+
}
536+
532537
$listenerId = 'security.authentication.listener.anonymous.'.$id;
533538
$container
534539
->setDefinition($listenerId, new ChildDefinition('security.authentication.listener.anonymous'))

src/Symfony/Bundle/SecurityBundle/composer.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
"php": "^5.5.9|>=7.0.8",
2020
"ext-xml": "*",
2121
"symfony/security": "~3.4|~4.0",
22-
"symfony/dependency-injection": "~3.4|~4.0",
23-
"symfony/http-kernel": "~3.3|~4.0",
22+
"symfony/dependency-injection": "^3.4.3|^4.0.3",
23+
"symfony/http-kernel": "~3.4|~4.0",
2424
"symfony/polyfill-php70": "~1.0"
2525
},
2626
"require-dev": {

src/Symfony/Component/DependencyInjection/ContainerBuilder.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1239,6 +1239,8 @@ private function doResolveServices($value, array &$inlineServices = array())
12391239
$value = $this->doGet((string) $value, $value->getInvalidBehavior(), $inlineServices);
12401240
} elseif ($value instanceof Definition) {
12411241
$value = $this->createService($value, $inlineServices);
1242+
} elseif ($value instanceof Parameter) {
1243+
$value = $this->getParameter((string) $value);
12421244
} elseif ($value instanceof Expression) {
12431245
$value = $this->getExpressionLanguage()->evaluate($value, array('container' => $this));
12441246
}

src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php

Lines changed: 36 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -211,6 +211,8 @@ public function dump(array $options = array())
211211
array_pop($code);
212212
$code["Container{$hash}/{$options['class']}.php"] = substr_replace($files[$options['class'].'.php'], "<?php\n\nnamespace Container{$hash};\n", 0, 6);
213213
$namespaceLine = $this->namespace ? "\nnamespace {$this->namespace};\n" : '';
214+
$time = time();
215+
$id = hash('crc32', $hash.$time);
214216

215217
$code[$options['class'].'.php'] = <<<EOF
216218
<?php
@@ -229,7 +231,11 @@ public function dump(array $options = array())
229231
\\class_alias(\\Container{$hash}\\{$options['class']}::class, {$options['class']}::class, false);
230232
}
231233
232-
return new \\Container{$hash}\\{$options['class']}();
234+
return new \\Container{$hash}\\{$options['class']}(array(
235+
'container.build_hash' => '$hash',
236+
'container.build_id' => '$id',
237+
'container.build_time' => $time,
238+
));
233239
234240
EOF;
235241
} else {
@@ -564,15 +570,15 @@ private function isTrivialInstance(Definition $definition)
564570
}
565571

566572
foreach ($definition->getArguments() as $arg) {
567-
if (!$arg) {
573+
if (!$arg || $arg instanceof Parameter) {
568574
continue;
569575
}
570576
if (is_array($arg) && 3 >= count($arg)) {
571577
foreach ($arg as $k => $v) {
572578
if ($this->dumpValue($k) !== $this->dumpValue($k, false)) {
573579
return false;
574580
}
575-
if (!$v) {
581+
if (!$v || $v instanceof Parameter) {
576582
continue;
577583
}
578584
if ($v instanceof Reference && $this->container->has($id = (string) $v) && $this->container->findDefinition($id)->isSynthetic()) {
@@ -892,10 +898,10 @@ private function addNewInstance(Definition $definition, $return, $instantiation,
892898
}
893899

894900
if (0 === strpos($class, 'new ')) {
895-
return $return.sprintf("(%s)->%s(%s);\n", $this->dumpValue($callable[0]), $callable[1], $arguments ? implode(', ', $arguments) : '');
901+
return $return.sprintf("(%s)->%s(%s);\n", $class, $callable[1], $arguments ? implode(', ', $arguments) : '');
896902
}
897903

898-
return $return.sprintf("\\call_user_func(array(%s, '%s')%s);\n", $this->dumpValue($callable[0]), $callable[1], $arguments ? ', '.implode(', ', $arguments) : '');
904+
return $return.sprintf("\\call_user_func(array(%s, '%s')%s);\n", $class, $callable[1], $arguments ? ', '.implode(', ', $arguments) : '');
899905
}
900906

901907
return $return.sprintf("%s(%s);\n", $this->dumpLiteralClass($this->dumpValue($callable)), $arguments ? implode(', ', $arguments) : '');
@@ -957,6 +963,11 @@ public function __construct()
957963
958964
EOF;
959965
}
966+
if ($this->asFiles) {
967+
$code = str_replace('$parameters', "\$buildParameters;\n private \$parameters", $code);
968+
$code = str_replace('__construct()', '__construct(array $buildParameters = array())', $code);
969+
$code .= " \$this->buildParameters = \$buildParameters;\n";
970+
}
960971

961972
if ($this->container->isCompiled()) {
962973
if ($this->container->getParameterBag()->all()) {
@@ -1283,6 +1294,9 @@ private function addDefaultParametersMethod()
12831294
12841295
public function getParameter($name)
12851296
{
1297+
if (isset($this->buildParameters[$name])) {
1298+
return $this->buildParameters[$name];
1299+
}
12861300
if (!(isset($this->parameters[$name]) || isset($this->loadedDynamicParameters[$name]) || array_key_exists($name, $this->parameters))) {
12871301
$name = $this->normalizeParameterName($name);
12881302
@@ -1299,6 +1313,9 @@ public function getParameter($name)
12991313
13001314
public function hasParameter($name)
13011315
{
1316+
if (isset($this->buildParameters[$name])) {
1317+
return true;
1318+
}
13021319
$name = $this->normalizeParameterName($name);
13031320
13041321
return isset($this->parameters[$name]) || isset($this->loadedDynamicParameters[$name]) || array_key_exists($name, $this->parameters);
@@ -1316,13 +1333,19 @@ public function getParameterBag()
13161333
foreach ($this->loadedDynamicParameters as $name => $loaded) {
13171334
$parameters[$name] = $loaded ? $this->dynamicParameters[$name] : $this->getDynamicParameter($name);
13181335
}
1336+
foreach ($this->buildParameters as $name => $value) {
1337+
$parameters[$name] = $value;
1338+
}
13191339
$this->parameterBag = new FrozenParameterBag($parameters);
13201340
}
13211341
13221342
return $this->parameterBag;
13231343
}
13241344

13251345
EOF;
1346+
if (!$this->asFiles) {
1347+
$code = preg_replace('/^.*buildParameters.*\n.*\n.*\n/m', '', $code);
1348+
}
13261349

13271350
if ($dynamicPhp) {
13281351
$loadedDynamicParameters = $this->exportParameters(array_combine(array_keys($dynamicPhp), array_fill(0, count($dynamicPhp), false)), '', 8);
@@ -1717,16 +1740,21 @@ private function dumpValue($value, $interpolate = true)
17171740
throw new RuntimeException(sprintf('Cannot dump definition because of invalid factory method (%s)', $factory[1] ?: 'n/a'));
17181741
}
17191742

1743+
$class = $this->dumpValue($factory[0]);
17201744
if (is_string($factory[0])) {
1721-
return sprintf('%s::%s(%s)', $this->dumpLiteralClass($this->dumpValue($factory[0])), $factory[1], implode(', ', $arguments));
1745+
return sprintf('%s::%s(%s)', $this->dumpLiteralClass($class), $factory[1], implode(', ', $arguments));
17221746
}
17231747

17241748
if ($factory[0] instanceof Definition) {
1725-
return sprintf("\\call_user_func(array(%s, '%s')%s)", $this->dumpValue($factory[0]), $factory[1], count($arguments) > 0 ? ', '.implode(', ', $arguments) : '');
1749+
if (0 === strpos($class, 'new ')) {
1750+
return sprintf('(%s)->%s(%s)', $class, $factory[1], implode(', ', $arguments));
1751+
}
1752+
1753+
return sprintf("\\call_user_func(array(%s, '%s')%s)", $class, $factory[1], count($arguments) > 0 ? ', '.implode(', ', $arguments) : '');
17261754
}
17271755

17281756
if ($factory[0] instanceof Reference) {
1729-
return sprintf('%s->%s(%s)', $this->dumpValue($factory[0]), $factory[1], implode(', ', $arguments));
1757+
return sprintf('%s->%s(%s)', $class, $factory[1], implode(', 341A ', $arguments));
17301758
}
17311759
}
17321760

src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services9_as_files.txt

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -276,15 +276,17 @@ use Symfony\Component\DependencyInjection\ParameterBag\FrozenParameterBag;
276276
*/
277277
class ProjectServiceContainer extends Container
278278
{
279+
private $buildParameters;
279280
private $parameters;
280281
private $targetDirs = array();
281282

282-
public function __construct()
283+
public function __construct(array $buildParameters = array())
283284
{
284285
$dir = $this->targetDirs[0] = \dirname(__DIR__);
285286
for ($i = 1; $i <= 5; ++$i) {
286287
$this->targetDirs[$i] = $dir = \dirname($dir);
287288
}
289+
$this->buildParameters = $buildParameters;
288290
$this->parameters = $this->getDefaultParameters();
289291

290292
$this->services = array();
@@ -382,6 +384,9 @@ class ProjectServiceContainer extends Container
382384

383385
public function getParameter($name)
384386
{
387+
if (isset($this->buildParameters[$name])) {
388+
return $this->buildParameters[$name];
389+
}
385390
if (!(isset($this->parameters[$name]) || isset($this->loadedDynamicParameters[$name]) || array_key_exists($name, $this->parameters))) {
386391
$name = $this->normalizeParameterName($name);
387392

@@ -398,6 +403,9 @@ class ProjectServiceContainer extends Container
398403

399404
public function hasParameter($name)
400405
{
406+
if (isset($this->buildParameters[$name])) {
407+
return true;
408+
}
401409
$name = $this->normalizeParameterName($name);
402410

403411
return isset($this->parameters[$name]) || isset($this->loadedDynamicParameters[$name]) || array_key_exists($name, $this->parameters);
@@ -415,6 +423,9 @@ class ProjectServiceContainer extends Container
415423
foreach ($this->loadedDynamicParameters as $name => $loaded) {
416424
$parameters[$name] = $loaded ? $this->dynamicParameters[$name] : $this->getDynamicParameter($name);
417425
}
426+
foreach ($this->buildParameters as $name => $value) {
427+
$parameters[$name] = $value;
428+
}
418429
$this->parameterBag = new FrozenParameterBag($parameters);
419430
}
420431

@@ -485,6 +496,10 @@ if (!\class_exists(ProjectServiceContainer::class, false)) {
485496
\class_alias(\Container%s\ProjectServiceContainer::class, ProjectServiceContainer::class, false);
486497
}
487498

488-
return new \Container%s\ProjectServiceContainer();
499+
return new \Container%s\ProjectServiceContainer(array(
500+
'container.build_hash' => '%s',
501+
'container.build_id' => '%s',
502+
'container.build_time' => %d,
503+
));
489504

490505
)

src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services_subscriber.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,15 +83,15 @@ protected function getTestServiceSubscriberService()
8383
*/
8484
protected function getFooServiceService()
8585
{
86-
return $this->services['foo_service'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber(\call_user_func(array(new \Symfony\Component\DependencyInjection\ServiceLocator(array('Symfony\\Component\\DependencyInjection\\Tests\\Fixtures\\CustomDefinition' => function () {
86+
return $this->services['foo_service'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber((new \Symfony\Component\DependencyInjection\ServiceLocator(array('Symfony\\Component\\DependencyInjection\\Tests\\Fixtures\\CustomDefinition' => function () {
8787
$f = function (\Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition $v = null) { return $v; }; return $f(${($_ = isset($this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition']) ? $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition'] : $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition()) && false ?: '_'});
8888
}, 'Symfony\\Component\\DependencyInjection\\Tests\\Fixtures\\TestServiceSubscriber' => function () {
8989
$f = function (\Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber $v) { return $v; }; return $f(${($_ = isset($this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber']) ? $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber'] : $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber()) && false ?: '_'});
9090
}, 'bar' => function () {
9191
$f = function (\Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition $v) { return $v; }; return $f(${($_ = isset($this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber']) ? $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber'] : $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\TestServiceSubscriber()) && false ?: '_'});
9292
}, 'baz' => function () {
9393
$f = function (\Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition $v = null) { return $v; }; return $f(${($_ = isset($this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition']) ? $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition'] : $this->services['Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition'] = new \Symfony\Component\DependencyInjection\Tests\Fixtures\CustomDefinition()) && false ?: '_'});
94-
})), 'withContext'), 'foo_service', $this));
94+
})))->withContext('foo_service', $this));
9595
}
9696

9797
/**

0 commit comments

Comments
 (0)
0