Brian Warner [Sun, 23 Mar 2008 22:35:54 +0000 (15:35 -0700)]
UNDO: upload: stop putting plaintext and ciphertext hashes in shares.
This removes the guess-partial-information attack vector, and reduces
the amount of overhead that we consume with each file. It also introduces
a forwards-compability break: older versions of the code (before the
previous download-time "make hashes optional" patch) will be unable
to read files uploaded by this version, as they will complain about the
missing hashes. This patch is experimental, and is being pushed into
trunk to obtain test coverage. We may undo it before releasing 1.0.
Zooko O'Whielacronx [Tue, 25 Mar 2008 18:47:39 +0000 (11:47 -0700)]
CREDITS: add Paul Gerhardt, who submitted a small patch for make check-deps to be more newbie-friendly
Zooko O'Whielacronx [Tue, 25 Mar 2008 18:45:55 +0000 (11:45 -0700)]
setup: don't echo "signal-error" to stdout when testing for errors
This patch is thanks to Paul Gerhardt.
Zooko O'Whielacronx [Tue, 25 Mar 2008 18:22:41 +0000 (11:22 -0700)]
docs: document the private/convergence configuration file
Zooko O'Whielacronx [Mon, 24 Mar 2008 22:28:04 +0000 (15:28 -0700)]
fix check-memory to use new upload API (which requires a "convergence" argument), and change it to measure convergence instead of random-key, since convergence is the use case we care about more
Zooko O'Whielacronx [Mon, 24 Mar 2008 16:46:06 +0000 (09:46 -0700)]
use added secret to protect convergent encryption
Now upload or encode methods take a required argument named "convergence" which can be either None, indicating no convergent encryption at all, or a string, which is the "added secret" to be mixed in to the content hash key. If you want traditional convergent encryption behavior, set the added secret to be the empty string.
This patch also renames "content hash key" to "convergent encryption" in a argument names and variable names. (A different and larger renaming is needed in order to clarify that Tahoe supports immutable files which are not encrypted content-hash-key a.k.a. convergent encryption.)
This patch also changes a few unit tests to use non-convergent encryption, because it doesn't matter for what they are testing and non-convergent encryption is slightly faster.
Brian Warner [Sun, 23 Mar 2008 22:35:54 +0000 (15:35 -0700)]
upload: stop putting plaintext and ciphertext hashes in shares.
This removes the guess-partial-information attack vector, and reduces
the amount of overhead that we consume with each file. It also introduces
a forwards-compability break: older versions of the code (before the
previous download-time "make hashes optional" patch) will be unable
to read files uploaded by this version, as they will complain about the
missing hashes. This patch is experimental, and is being pushed into
trunk to obtain test coverage. We may undo it before releasing 1.0.
Brian Warner [Sun, 23 Mar 2008 21:46:49 +0000 (14:46 -0700)]
download: make plaintext and ciphertext hashes in the UEB optional.
Removing the plaintext hashes can help with the guess-partial-information
attack. This does not affect compatibility, but if and when we actually
remove any hashes from the share, that will introduce a
forwards-compatibility break: tahoe-0.9 will not be able to read such files.
Peter Secor [Thu, 20 Mar 2008 22:30:26 +0000 (15:30 -0700)]
native client - adding support for special icons for shared and recycling directories
Brian Warner [Thu, 20 Mar 2008 19:18:41 +0000 (12:18 -0700)]
docs: add some accounting proposals
robk-tahoe [Wed, 19 Mar 2008 00:38:44 +0000 (17:38 -0700)]
resolve conflict in windows installer conf
robk-tahoe [Wed, 19 Mar 2008 00:06:47 +0000 (17:06 -0700)]
confwiz: refine the descriptive text on the conf wiz pages
robk-tahoe [Tue, 18 Mar 2008 23:18:07 +0000 (16:18 -0700)]
windows installer: use an allmydata logo in setup wizard
robk-tahoe [Tue, 18 Mar 2008 23:15:36 +0000 (16:15 -0700)]
confwiz: reworked confwiz look and feel
this changes the confwiz to have a look and feel much more consistent
with that of the innosetup installer it is launched within the context
of. this applies, naturally, primarily to windows.
robk-tahoe [Tue, 18 Mar 2008 23:13:38 +0000 (16:13 -0700)]
macapp: updated icon for mac build
Peter Secor [Tue, 18 Mar 2008 22:12:59 +0000 (15:12 -0700)]
native client - adding checks for elevating and managing privileges on Vista
robk-tahoe [Tue, 18 Mar 2008 20:11:08 +0000 (13:11 -0700)]
webish mkdir-p: added unit test
added a test for the simple mkdir-p hack I added yesterday
checks that mkdir-p can create a directory hierarchy, and that resubmitting
a request for the same path yields the existing dir's uri
Peter Secor [Tue, 18 Mar 2008 17:44:43 +0000 (10:44 -0700)]
windows installer - changed to reflect the new StartAllmydata.exe executable that is used to launch the various pieces of the native client. Also verified that the SMB service was stopped when uninstalling.
Peter Secor [Tue, 18 Mar 2008 17:18:47 +0000 (10:18 -0700)]
native client - added StartAllmydata.exe so that we can start/stop processes in Vista
robk-tahoe [Tue, 18 Mar 2008 01:13:01 +0000 (18:13 -0700)]
add a mkdir-p POST handler
this adds a t=mkdir-p call to directories (accessed by their uri as
/uri/<URI>?t=mkdir=p&path=/some/path) which returns the uri for a
directory at a specified path before the given uri, regardless of
whether the directory exists or whether intermediate directories
need to be created to satisfy the request.
this is used by the migration code in MV to optimise the work of
path traversal which was other wise done on every file PUT
Peter Secor [Mon, 17 Mar 2008 21:22:03 +0000 (14:22 -0700)]
native client - fixes for drive size (now 1TB), running service as adminstrator to allow client stopping and starting in Vista, large number of files fix
Brian Warner [Mon, 17 Mar 2008 20:31:10 +0000 (13:31 -0700)]
web/status.py: guard against file_size=None, closes #354
Zooko O'Whielacronx [Thu, 20 Mar 2008 19:11:09 +0000 (12:11 -0700)]
refactor one of the dispatch routines in webish.py
The behavior is intended to be unchanged by this refactoring. Unit tests show no change in behavior.
Zooko O'Whielacronx [Thu, 13 Mar 2008 20:02:37 +0000 (13:02 -0700)]
docs: link from install.html to the (imminent) location of allmydata-tahoe-0.9.0.tar.gz
Zooko O'Whielacronx [Thu, 13 Mar 2008 19:09:58 +0000 (12:09 -0700)]
TAG allmydata-tahoe-0.9.0
Peter Secor [Thu, 13 Mar 2008 18:22:54 +0000 (11:22 -0700)]
native client - fixed icon for system tray, improved link batching
Zooko O'Whielacronx [Thu, 13 Mar 2008 19:13:26 +0000 (12:13 -0700)]
docs: small edit to relnotes.txt
Zooko O'Whielacronx [Thu, 13 Mar 2008 19:04:20 +0000 (12:04 -0700)]
docs: link to the current CREDITS file from relnotes.txt
Zooko O'Whielacronx [Thu, 13 Mar 2008 19:01:47 +0000 (12:01 -0700)]
docs: fix typo in relnotes.txt
Zooko O'Whielacronx [Thu, 13 Mar 2008 18:56:55 +0000 (11:56 -0700)]
docs: small edit to relnotes.txt
Zooko O'Whielacronx [Thu, 13 Mar 2008 18:43:26 +0000 (11:43 -0700)]
docs: update relnotes.txt for allmydata.org "Tahoe" v0.9.0 !
Whee!
Brian Warner [Thu, 13 Mar 2008 01:00:43 +0000 (18:00 -0700)]
mutable.py: split replace() into update() and overwrite(). Addresses #328.
Zooko O'Whielacronx [Thu, 13 Mar 2008 16:10:11 +0000 (09:10 -0700)]
storage servers announce that they will support clients as old as v0.8.0
Not that anyone pays attention to what storage servers claim about what versions they will support.
Zooko O'Whielacronx [Thu, 13 Mar 2008 16:04:44 +0000 (09:04 -0700)]
CREDITS
Brian Warner [Wed, 12 Mar 2008 02:33:19 +0000 (19:33 -0700)]
introducer: record a timestamp with each announcement, and display it on the introducer's web page
Brian Warner [Wed, 12 Mar 2008 02:28:37 +0000 (19:28 -0700)]
introducer: record a timestamp with each subscriber, and display it on the introducer's web page
Brian Warner [Wed, 12 Mar 2008 02:21:29 +0000 (19:21 -0700)]
introweb: combine announcement and subscriber information to show version+nickname for each client
Brian Warner [Wed, 12 Mar 2008 02:20:10 +0000 (19:20 -0700)]
client: publish a 'stub client' announcement to the introducer, to provide version/nickname information for each client
Brian Warner [Wed, 12 Mar 2008 02:01:18 +0000 (19:01 -0700)]
webish: put a trailing slash in the node.url file, since our unit tests use it, and some versions of twisted or nevow don't automatically add one
Brian Warner [Wed, 12 Mar 2008 01:09:13 +0000 (18:09 -0700)]
introweb.py: tolerate non-setLocationed client tubs
Brian Warner [Wed, 12 Mar 2008 00:41:03 +0000 (17:41 -0700)]
oops, add introducer.xhtml
Brian Warner [Wed, 12 Mar 2008 00:36:25 +0000 (17:36 -0700)]
add a webserver for the Introducer, showing service announcements and subscriber lists
Peter Secor [Tue, 11 Mar 2008 20:31:26 +0000 (13:31 -0700)]
native client - updated executables and dll's to have green icon, preference for log levels, and force a link every 100 files when uploading large amounts of files
Peter Secor [Tue, 11 Mar 2008 18:10:38 +0000 (11:10 -0700)]
makefile - unreverted Zooko's change to setup.py, this originally was to see if it was causing the build to create a non-running installer on windows, but it wasn't the problem.
Brian Warner [Tue, 11 Mar 2008 17:50:31 +0000 (10:50 -0700)]
increase remote-interface size limits to 16EiB by not casually using 'int' as a constraint
Brian Warner [Tue, 11 Mar 2008 07:26:00 +0000 (00:26 -0700)]
mutable: tolerate multiple encodings, using whichever version is recoverable first. Closes #312
Brian Warner [Tue, 11 Mar 2008 06:47:35 +0000 (23:47 -0700)]
test_mutable: improve multiple-encodings test coverage
Brian Warner [Tue, 11 Mar 2008 06:16:28 +0000 (23:16 -0700)]
test_mutable: make test-multiple-encodings work
Brian Warner [Tue, 11 Mar 2008 05:15:43 +0000 (22:15 -0700)]
test_mutable: more test coverage, building up a framework to cause reads to occur in a specific order
Peter Secor [Tue, 11 Mar 2008 05:10:50 +0000 (22:10 -0700)]
native client - updated .exe's and .dll's with better caching, using new multi-child upload call, preferences dialog
Brian Warner [Tue, 11 Mar 2008 03:40:39 +0000 (20:40 -0700)]
makefile: clean up pyutil.egg too
Brian Warner [Tue, 11 Mar 2008 03:39:55 +0000 (20:39 -0700)]
mutable: increase max segsize to 3.5MB, to allow dirnodes with about 10k entries
Brian Warner [Tue, 11 Mar 2008 03:32:14 +0000 (20:32 -0700)]
.darcs-boringfile: add pyutil, since it is in setup_requires now
Zooko O'Whielacronx [Tue, 11 Mar 2008 13:18:03 +0000 (06:18 -0700)]
make the nodeurl start with '127.0.0.1' instead of with 'localhost'
This is because there exist in the wild computers that are misconfigured so that 'localhost' doesn't resolve to 127.0.0.1. On those computers, using 'localhost' for the nodeurl is a security problem, because the user commonly sends valuable caps to the nodeurl.
Zooko O'Whielacronx [Tue, 11 Mar 2008 03:15:04 +0000 (20:15 -0700)]
setup: use "-rNN" with NN the "revision number" instead of "-NN" with NN the "build number" in the Windows builds
Zooko O'Whielacronx [Tue, 11 Mar 2008 03:13:21 +0000 (20:13 -0700)]
setup_require pyutil >= 1.3.16, as the Windows installer builder's misc/sub-ver.py relies on it
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:59:30 +0000 (19:59 -0700)]
setup: remove old bundled pyutil-1.3.12
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:59:20 +0000 (19:59 -0700)]
setup: remove old bundled darcsver-1.1.1
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:58:18 +0000 (19:58 -0700)]
setup: bundle pyutil-1.3.16.tar
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:57:07 +0000 (19:57 -0700)]
setup: setup_require darcsver >= 1.1.2
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:56:47 +0000 (19:56 -0700)]
setup: bundle darcsver-1.1.2.tar
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:26:02 +0000 (19:26 -0700)]
setup: generate a unique revision number for each build
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:23:34 +0000 (19:23 -0700)]
setup: remove old bundled darcsver-1.0.1.tar
Zooko O'Whielacronx [Tue, 11 Mar 2008 02:21:16 +0000 (19:21 -0700)]
setup: bundle darcsver-1.1.1.tar
I forgot that we're doing uncompressed misc/deps at the moment. We don't think this is a long-term good approach...
Brian Warner [Tue, 11 Mar 2008 01:53:36 +0000 (18:53 -0700)]
appease some unspecified audience by naming our GNU-extension-using makefile 'GNUmakefile'. Closes #214
Brian Warner [Tue, 11 Mar 2008 01:08:23 +0000 (18:08 -0700)]
test_mutable: exercise short reads too
robk-tahoe [Tue, 11 Mar 2008 00:50:44 +0000 (17:50 -0700)]
confwiz: write accountname to a file
motivated simply by a desire to be able to identify 'noderoot' directories for
debugging and testing, the confwiz now writes an 'accountname' files based on
what account was used when the node was configured. this is not currently read
by or used by any code in the system, but helps identify directories from testing.
Brian Warner [Tue, 11 Mar 2008 00:46:52 +0000 (17:46 -0700)]
test_mutable: test all hash-failure cases except a corrupted encrypted private key
Brian Warner [Mon, 10 Mar 2008 23:14:08 +0000 (16:14 -0700)]
test_mutable: add Roundtrip test, suitable for new share-mangling tests
Brian Warner [Mon, 10 Mar 2008 22:44:05 +0000 (15:44 -0700)]
mutable: cosmetic changes
Brian Warner [Mon, 10 Mar 2008 22:42:56 +0000 (15:42 -0700)]
mutable: minor refactoring of _do_read, to make other tests easier
Zooko O'Whielacronx [Mon, 10 Mar 2008 23:14:03 +0000 (16:14 -0700)]
fix pyflakes warning
Brian Warner [Mon, 10 Mar 2008 19:25:19 +0000 (12:25 -0700)]
architecture.txt: make it clear that accounting/leases are not yet implemented
Peter Secor [Mon, 10 Mar 2008 18:37:49 +0000 (11:37 -0700)]
reverting a change zooko made (2258) to see if it clears up problems in the windows build
Brian Warner [Sat, 8 Mar 2008 02:24:51 +0000 (19:24 -0700)]
lower max_segsize for immutable files to 128KiB, to make download-progress smoother and improve alacrity. Closes #252. Note that mutable files continue to use 1MiB segments.
robk-tahoe [Sat, 8 Mar 2008 01:48:28 +0000 (18:48 -0700)]
macapp: new mac icon
this provides a new icon for the .app bundle
also removes the setting of the dock icon from within wx
(which previously used a different icon)
Brian Warner [Fri, 7 Mar 2008 04:16:38 +0000 (21:16 -0700)]
webish: show storage sizelimit, abbreviate current usage
Zooko O'Whielacronx [Fri, 7 Mar 2008 01:32:30 +0000 (18:32 -0700)]
docs: trivial edit
Zooko O'Whielacronx [Fri, 7 Mar 2008 01:28:20 +0000 (18:28 -0700)]
setup: don't install, just "develop" in setup.py in build target
Zooko O'Whielacronx [Fri, 7 Mar 2008 01:18:56 +0000 (18:18 -0700)]
setup: don't echo the echo of EGGSPATH
robk-tahoe [Fri, 7 Mar 2008 00:43:25 +0000 (17:43 -0700)]
macfuse: fix unicode handling
at one point I'd thrown in a 'str' since fuse api bits required a str instance
but tahoe returns unicode objects from its json parsing. that, naturally
enough should really be a utf8 encoded str of the unicode object...
robk-tahoe [Thu, 6 Mar 2008 22:09:04 +0000 (15:09 -0700)]
macapp: simplify node startup failure reporting
1. changed the node's exit-on-error behaviour. rather than logging debug and
then delegating to self for _abort_process() instead simply delegate to self
_service_startup_failed(failure) to report failures in the startup deferred
chain. subclasses then have complete control of handling and reporting any
failures in node startup.
2. replace the convoluted wx.PostEvent() glue for posting an event into the
gui thread with the simpler expedient of wx.CallAfter() which is much like
foolscap's eventually() but also thread safe for inducing a call back on the
gui thread.
robk-tahoe [Thu, 6 Mar 2008 20:53:21 +0000 (13:53 -0700)]
macapp: report failure of node startup to the user
in certain cases (e.g. the node.pem changed but old .furls are in private/)
the node will abort upon startup. previously it used os.abort() which in these
cases caused the mac gui app to crash on startup with no explanation.
this changes that behaviour from calling os.abort() to calling
node._abort_process(failure) which by default calls os.abort(). this allows
that method to be overridden in subclasses.
the mac app now provides and uses such a subclass of Client, so that failures
are reported to the user in a message dialog before the process exits.
this uses wx.PostEvent() with a custom event type to signal from the reactor
thread into the gui thread.
Zooko O'Whielacronx [Thu, 6 Mar 2008 22:02:15 +0000 (15:02 -0700)]
doc: tiny change about status of mutable.txt
Brian Warner [Thu, 6 Mar 2008 02:51:51 +0000 (19:51 -0700)]
webish: add more share information to upload status, including assisted uploads
Brian Warner [Thu, 6 Mar 2008 01:41:10 +0000 (18:41 -0700)]
webish: add publish status
robk-tahoe [Wed, 5 Mar 2008 23:34:18 +0000 (16:34 -0700)]
confwiz: add nickname determination
the confwiz now uses socket.gethostname() if a 'nickname' file doesn't already
exist, and passes that nickname into the 'record_install' method on the backend,
so that the moniker can be recorded in the system table.
Brian Warner [Wed, 5 Mar 2008 23:54:26 +0000 (16:54 -0700)]
docs/mutable: describe deep-verify-cap scheme, update picture
Brian Warner [Wed, 5 Mar 2008 22:12:42 +0000 (15:12 -0700)]
webish: split out 'unlinked' operations
Brian Warner [Wed, 5 Mar 2008 21:59:56 +0000 (14:59 -0700)]
webish: this file is too big, start breaking it into pieces, beginning with status
Brian Warner [Wed, 5 Mar 2008 04:10:52 +0000 (21:10 -0700)]
mutable-retrieve: only record server response times for queries that we don't ignore
Brian Warner [Wed, 5 Mar 2008 04:08:24 +0000 (21:08 -0700)]
mutable: when retrieving, don't try to grab the encprivkey, to save a roundtrip
Brian Warner [Wed, 5 Mar 2008 04:04:36 +0000 (21:04 -0700)]
webish: add more mutable-retrieve timing status
Brian Warner [Wed, 5 Mar 2008 01:50:44 +0000 (18:50 -0700)]
web: status: add 'started' timestamps to all operations
Zooko O'Whielacronx [Sun, 9 Mar 2008 15:50:46 +0000 (08:50 -0700)]
apply dreid's patch from #335 to fix the provisioning page in zipped distributions
Brian Warner [Tue, 4 Mar 2008 22:11:40 +0000 (15:11 -0700)]
mutable: oops, .download *is* in use, by the speedtest. Restore it and add a test.
Brian Warner [Tue, 4 Mar 2008 21:42:25 +0000 (14:42 -0700)]
test_util.py: get 100% test coverage for hashutil.py
Brian Warner [Tue, 4 Mar 2008 21:27:45 +0000 (14:27 -0700)]
uri.py: get 100% test coverage, fix a few bugs in the process
Brian Warner [Tue, 4 Mar 2008 21:01:55 +0000 (14:01 -0700)]
mutable.py: remove unused 'download' method (we only have download_to_data for now)
Brian Warner [Tue, 4 Mar 2008 21:01:28 +0000 (14:01 -0700)]
test_filenode.py : improve coverage of mutable filenode, fix a bug in __hash__