dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SECURITY: Do checks on all upload types
[lhc/web/wiklou.git] / includes / UIDGenerator.php
1 <?php
2 /**
3 * This file deals with UID generation.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @author Aaron Schulz
22 */
23
24 /**
25 * Class for getting statistically unique IDs
26 *
27 * @since 1.21
28 */
29 class UIDGenerator {
30 /** @var UIDGenerator */
31 protected static $instance = null;
32
33 protected $nodeId32; // string; node ID in binary (32 bits)
34 protected $nodeId48; // string; node ID in binary (48 bits)
35
36 protected $lockFile88; // string; local file path
37 protected $lockFile128; // string; local file path
38
39 /** @var Array */
40 protected $fileHandles = array(); // cache file handles
41
42 const QUICK_RAND = 1; // get randomness from fast and insecure sources
43
44 protected function __construct() {
45 $idFile = wfTempDir() . '/mw-' . __CLASS__ . '-UID-nodeid';
46 $nodeId = is_file( $idFile ) ? file_get_contents( $idFile ) : '';
47 // Try to get some ID that uniquely identifies this machine (RFC 4122)...
48 if ( !preg_match( '/^[0-9a-f]{12}$/i', $nodeId ) ) {
49 wfSuppressWarnings();
50 if ( wfIsWindows() ) {
51 // http://technet.microsoft.com/en-us/library/bb490913.aspx
52 $csv = trim( wfShellExec( 'getmac /NH /FO CSV' ) );
53 $line = substr( $csv, 0, strcspn( $csv, "\n" ) );
54 $info = str_getcsv( $line );
55 $nodeId = isset( $info[0] ) ? str_replace( '-', '', $info[0] ) : '';
56 } elseif ( is_executable( '/sbin/ifconfig' ) ) { // Linux/BSD/Solaris/OS X
57 // See http://linux.die.net/man/8/ifconfig
58 $m = array();
59 preg_match( '/\s([0-9a-f]{2}(:[0-9a-f]{2}){5})\s/',
60 wfShellExec( '/sbin/ifconfig -a' ), $m );
61 $nodeId = isset( $m[1] ) ? str_replace( ':', '', $m[1] ) : '';
62 }
63 wfRestoreWarnings();
64 if ( !preg_match( '/^[0-9a-f]{12}$/i', $nodeId ) ) {
65 $nodeId = MWCryptRand::generateHex( 12, true );
66 $nodeId[1] = dechex( hexdec( $nodeId[1] ) | 0x1 ); // set multicast bit
67 }
68 file_put_contents( $idFile, $nodeId ); // cache
69 }
70 $this->nodeId32 = wfBaseConvert( substr( sha1( $nodeId ), 0, 8 ), 16, 2, 32 );
71 $this->nodeId48 = wfBaseConvert( $nodeId, 16, 2, 48 );
72 // If different processes run as different users, they may have different temp dirs.
73 // This is dealt with by initializing the clock sequence number and counters randomly.
74 $this->lockFile88 = wfTempDir() . '/mw-' . __CLASS__ . '-UID-88';
75 $this->lockFile128 = wfTempDir() . '/mw-' . __CLASS__ . '-UID-128';
76 }
77
78 /**
79 * @return UIDGenerator
80 */
81 protected static function singleton() {
82 if ( self::$instance === null ) {
83 self::$instance = new self();
84 }
85 return self::$instance;
86 }
87
88 /**
89 * Get a statistically unique 88-bit unsigned integer ID string.
90 * The bits of the UID are prefixed with the time (down to the millisecond).
91 *
92 * These IDs are suitable as values for the shard key of distributed data.
93 * If a column uses these as values, it should be declared UNIQUE to handle collisions.
94 * New rows almost always have higher UIDs, which makes B-TREE updates on INSERT fast.
95 * They can also be stored "DECIMAL(27) UNSIGNED" or BINARY(11) in MySQL.
96 *
97 * UID generation is serialized on each server (as the node ID is for the whole machine).
98 *
99 * @param $base integer Specifies a base other than 10
100 * @return string Number
101 * @throws MWException
102 */
103 public static function newTimestampedUID88( $base = 10 ) {
104 if ( !is_integer( $base ) || $base > 36 || $base < 2 ) {
105 throw new MWException( "Base must an integer be between 2 and 36" );
106 }
107 $gen = self::singleton();
108 $time = $gen->getTimestampAndDelay( 'lockFile88', 1, 1024 );
109 return wfBaseConvert( $gen->getTimestampedID88( $time ), 2, $base );
110 }
111
112 /**
113 * @param array $time (UIDGenerator::millitime(), clock sequence)
114 * @return string 88 bits
115 */
116 protected function getTimestampedID88( array $info ) {
117 list( $time, $counter ) = $info;
118 // Take the 46 MSBs of "milliseconds since epoch"
119 $id_bin = $this->millisecondsSinceEpochBinary( $time );
120 // Add a 10 bit counter resulting in 56 bits total
121 $id_bin .= str_pad( decbin( $counter ), 10, '0', STR_PAD_LEFT );
122 // Add the 32 bit node ID resulting in 88 bits total
123 $id_bin .= $this->nodeId32;
124 // Convert to a 1-27 digit integer string
125 if ( strlen( $id_bin ) !== 88 ) {
126 throw new MWException( "Detected overflow for millisecond timestamp." );
127 }
128 return $id_bin;
129 }
130
131 /**
132 * Get a statistically unique 128-bit unsigned integer ID string.
133 * The bits of the UID are prefixed with the time (down to the millisecond).
134 *
135 * These IDs are suitable as globally unique IDs, without any enforced uniqueness.
136 * New rows almost always have higher UIDs, which makes B-TREE updates on INSERT fast.
137 * They can also be stored as "DECIMAL(39) UNSIGNED" or BINARY(16) in MySQL.
138 *
139 * UID generation is serialized on each server (as the node ID is for the whole machine).
140 *
141 * @param $base integer Specifies a base other than 10
142 * @return string Number
143 * @throws MWException
144 */
145 public static function newTimestampedUID128( $base = 10 ) {
146 if ( !is_integer( $base ) || $base > 36 || $base < 2 ) {
147 throw new MWException( "Base must be an integer between 2 and 36" );
148 }
149 $gen = self::singleton();
150 $time = $gen->getTimestampAndDelay( 'lockFile128', 16384, 1048576 );
151 return wfBaseConvert( $gen->getTimestampedID128( $time ), 2, $base );
152 }
153
154 /**
155 * @param array $info (UIDGenerator::millitime(), counter, clock sequence)
156 * @return string 128 bits
157 */
158 protected function getTimestampedID128( array $info ) {
159 list( $time, $counter, $clkSeq ) = $info;
160 // Take the 46 MSBs of "milliseconds since epoch"
161 $id_bin = $this->millisecondsSinceEpochBinary( $time );
162 // Add a 20 bit counter resulting in 66 bits total
163 $id_bin .= str_pad( decbin( $counter ), 20, '0', STR_PAD_LEFT );
164 // Add a 14 bit clock sequence number resulting in 80 bits total
165 $id_bin .= str_pad( decbin( $clkSeq ), 14, '0', STR_PAD_LEFT );
166 // Add the 48 bit node ID resulting in 128 bits total
167 $id_bin .= $this->nodeId48;
168 // Convert to a 1-39 digit integer string
169 if ( strlen( $id_bin ) !== 128 ) {
170 throw new MWException( "Detected overflow for millisecond timestamp." );
171 }
172 return $id_bin;
173 }
174
175 /**
176 * Return an RFC4122 compliant v4 UUID
177 *
178 * @param $flags integer Bitfield (supports UIDGenerator::QUICK_RAND)
179 * @return string
180 * @throws MWException
181 */
182 public static function newUUIDv4( $flags = 0 ) {
183 $hex = ( $flags & self::QUICK_RAND )
184 ? wfRandomString( 31 )
185 : MWCryptRand::generateHex( 31 );
186
187 return sprintf( '%s-%s-%s-%s-%s',
188 // "time_low" (32 bits)
189 substr( $hex, 0, 8 ),
190 // "time_mid" (16 bits)
191 substr( $hex, 8, 4 ),
192 // "time_hi_and_version" (16 bits)
193 '4' . substr( $hex, 12, 3 ),
194 // "clk_seq_hi_res (8 bits, variant is binary 10x) and "clk_seq_low" (8 bits)
195 dechex( 0x8 | ( hexdec( $hex[15] ) & 0x3 ) ) . $hex[16] . substr( $hex, 17, 2 ),
196 // "node" (48 bits)
197 substr( $hex, 19, 12 )
198 );
199 }
200
201 /**
202 * Return an RFC4122 compliant v4 UUID
203 *
204 * @param $flags integer Bitfield (supports UIDGenerator::QUICK_RAND)
205 * @return string 32 hex characters with no hyphens
206 * @throws MWException
207 */
208 public static function newRawUUIDv4( $flags = 0 ) {
209 return str_replace( '-', '', self::newUUIDv4( $flags ) );
210 }
211
212 /**
213 * Get a (time,counter,clock sequence) where (time,counter) is higher
214 * than any previous (time,counter) value for the given clock sequence.
215 * This is useful for making UIDs sequential on a per-node bases.
216 *
217 * @param string $lockFile Name of a local lock file
218 * @param $clockSeqSize integer The number of possible clock sequence values
219 * @param $counterSize integer The number of possible counter values
220 * @return Array (result of UIDGenerator::millitime(), counter, clock sequence)
221 * @throws MWException
222 */
223 protected function getTimestampAndDelay( $lockFile, $clockSeqSize, $counterSize ) {
224 // Get the UID lock file handle
225 if ( isset( $this->fileHandles[$lockFile] ) ) {
226 $handle = $this->fileHandles[$lockFile];
227 } else {
228 $handle = fopen( $this->$lockFile, 'cb+' );
229 $this->fileHandles[$lockFile] = $handle ?: null; // cache
230 }
231 // Acquire the UID lock file
232 if ( $handle === false ) {
233 throw new MWException( "Could not open '{$this->$lockFile}'." );
234 } elseif ( !flock( $handle, LOCK_EX ) ) {
235 throw new MWException( "Could not acquire '{$this->$lockFile}'." );
236 }
237 // Get the current timestamp, clock sequence number, last time, and counter
238 rewind( $handle );
239 $data = explode( ' ', fgets( $handle ) ); // "<clk seq> <sec> <msec> <counter> <offset>"
240 $clockChanged = false; // clock set back significantly?
241 if ( count( $data ) == 5 ) { // last UID info already initialized
242 $clkSeq = (int) $data[0] % $clockSeqSize;
243 $prevTime = array( (int) $data[1], (int) $data[2] );
244 $offset = (int) $data[4] % $counterSize; // random counter offset
245 $counter = 0; // counter for UIDs with the same timestamp
246 // Delay until the clock reaches the time of the last ID.
247 // This detects any microtime() drift among processes.
248 $time = $this->timeWaitUntil( $prevTime );
249 if ( !$time ) { // too long to delay?
250 $clockChanged = true; // bump clock sequence number
251 $time = self::millitime();
252 } elseif ( $time == $prevTime ) {
253 // Bump the counter if there are timestamp collisions
254 $counter = (int) $data[3] % $counterSize;
255 if ( ++$counter >= $counterSize ) { // sanity (starts at 0)
256 flock( $handle, LOCK_UN ); // abort
257 throw new MWException( "Counter overflow for timestamp value." );
258 }
259 }
260 } else { // last UID info not initialized
261 $clkSeq = mt_rand( 0, $clockSeqSize - 1 );
262 $counter = 0;
263 $offset = mt_rand( 0, $counterSize - 1 );
264 $time = self::millitime();
265 }
266 // microtime() and gettimeofday() can drift from time() at least on Windows.
267 // The drift is immediate for processes running while the system clock changes.
268 // time() does not have this problem. See https://bugs.php.net/bug.php?id=42659.
269 if ( abs( time() - $time[0] ) >= 2 ) {
270 // We don't want processes using too high or low timestamps to avoid duplicate
271 // UIDs and clock sequence number churn. This process should just be restarted.
272 flock( $handle, LOCK_UN ); // abort
273 throw new MWException( "Process clock is outdated or drifted." );
274 }
275 // If microtime() is synced and a clock change was detected, then the clock went back
276 if ( $clockChanged ) {
277 // Bump the clock sequence number and also randomize the counter offset,
278 // which is useful for UIDs that do not include the clock sequence number.
279 $clkSeq = ( $clkSeq + 1 ) % $clockSeqSize;
280 $offset = mt_rand( 0, $counterSize - 1 );
281 trigger_error( "Clock was set back; sequence number incremented." );
282 }
283 // Update the (clock sequence number, timestamp, counter)
284 ftruncate( $handle, 0 );
285 rewind( $handle );
286 fwrite( $handle, "{$clkSeq} {$time[0]} {$time[1]} {$counter} {$offset}" );
287 fflush( $handle );
288 // Release the UID lock file
289 flock( $handle, LOCK_UN );
290
291 return array( $time, ( $counter + $offset ) % $counterSize, $clkSeq );
292 }
293
294 /**
295 * Wait till the current timestamp reaches $time and return the current
296 * timestamp. This returns false if it would have to wait more than 10ms.
297 *
298 * @param array $time Result of UIDGenerator::millitime()
299 * @return Array|bool UIDGenerator::millitime() result or false
300 */
301 protected function timeWaitUntil( array $time ) {
302 do {
303 $ct = self::millitime();
304 if ( $ct >= $time ) { // http://php.net/manual/en/language.operators.comparison.php
305 return $ct; // current timestamp is higher than $time
306 }
307 } while ( ( ( $time[0] - $ct[0] ) * 1000 + ( $time[1] - $ct[1] ) ) <= 10 );
308
309 return false;
310 }
311
312 /**
313 * @param array $time Result of UIDGenerator::millitime()
314 * @return string 46 MSBs of "milliseconds since epoch" in binary (rolls over in 4201)
315 */
316 protected function millisecondsSinceEpochBinary( array $time ) {
317 list( $sec, $msec ) = $time;
318 $ts = 1000 * $sec + $msec;
319 if ( $ts > pow( 2, 52 ) ) {
320 throw new MWException( __METHOD__ .
321 ': sorry, this function doesn\'t work after the year 144680' );
322 }
323 return substr( wfBaseConvert( $ts, 10, 2, 46 ), -46 );
324 }
325
326 /**
327 * @return Array (current time in seconds, milliseconds since then)
328 */
329 protected static function millitime() {
330 list( $msec, $sec ) = explode( ' ', microtime() );
331 return array( (int) $sec, (int) ( $msec * 1000 ) );
332 }
333
334 function __destruct() {
335 array_map( 'fclose', $this->fileHandles );
336 }
337 }
Wiklou, le Wiki du Wiklou