diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-05-20 15:16:40 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-05-20 15:16:40 -0400 |
commit | 34b0151e125a6698f57ea476ccfa922c6275edf1 (patch) | |
tree | c4c7f57421ae1e7b87bb0f8b82ff97a1cec93222 /Hash.hs | |
parent | 2e16195d151d401a664fa929604413aa613aa9f5 (diff) | |
download | debug-me-34b0151e125a6698f57ea476ccfa922c6275edf1.tar.gz |
move unsafe hashing out of instance to avoid misuse
Avoids breaking backwards compat and should avoid future foot-shooting.
Diffstat (limited to 'Hash.hs')
-rw-r--r-- | Hash.hs | 22 |
1 files changed, 18 insertions, 4 deletions
@@ -41,7 +41,7 @@ instance Hashable a => Hashable (Tagged a) where instance Hashable a => Hashable (Activity a) where hash (Activity a mps mpe mt s) = hash $ Tagged "Activity" - [hash a, hash mps, hash mpe, hash mt, hash s] + [hash a, hashOfMaybeUnsafe mps, hashOfMaybeUnsafe mpe, hash mt, hash s] instance Hashable Entered where hash v = hash $ Tagged "Entered" @@ -52,7 +52,7 @@ instance Hashable Seen where instance Hashable ControlAction where hash (EnteredRejected h1 h2) = hash $ Tagged "EnteredRejected" - [hash h1, hash h2] + [hash h1, hashOfMaybeUnsafe h2] hash (SessionKey pk v) = hash $ Tagged "SessionKey" [hash pk, hash v] hash (SessionKeyAccepted pk) = hash $ Tagged "SessionKeyAccepted" pk hash (SessionKeyRejected pk) = hash $ Tagged "SessionKeyRejected" pk @@ -83,7 +83,21 @@ instance Hashable ElapsedTime where instance Hashable [Hash] where hash = hash . B.concat . map (val . hashValue) --- | Hash empty string for Nothing +-- | Hash a Maybe Hash, such that +-- hash Nothing /= hash (Just (hash (mempty :: B.ByteString))) instance Hashable (Maybe Hash) where + hash (Just v) = hash (val (hashValue v)) hash Nothing = hash (mempty :: B.ByteString) - hash (Just v) = hash v + +-- | Hash a Maybe Hash using the Hash value as-is, or the hash of the empty +-- string for Nothing. +-- +-- Note that this is only safe to use when the input value can't possibly +-- itself be the hash of an empty string. For example, the hash of an +-- Activity is safe, because it's the hash of a non-empty string. +-- +-- This is only used to avoid breaking backwards compatability; the +-- above instance for Maybe Hash should be used for anything new. +hashOfMaybeUnsafe :: Maybe Hash -> Hash +hashOfMaybeUnsafe (Just v) = hash v +hashOfMaybeUnsafe Nothing = hash (mempty :: B.ByteString) |