]> git.rkrishnan.org Git - tahoe-lafs/tahoe-lafs.git/log
tahoe-lafs/tahoe-lafs.git
15 years agotrivial: a few improvements to in-line doc and code, and renaming of test/test_immuta...
Zooko O'Whielacronx [Fri, 2 Jan 2009 23:49:41 +0000 (16:49 -0700)]
trivial: a few improvements to in-line doc and code, and renaming of test/test_immutable_checker.py to test/test_immutable.py
That file currently tests checker and verifier and repairer, and will soon also test downloader.

15 years agoimmutable: fix name change from BadOrMissingShareHash to BadOrMissingHash
Zooko O'Whielacronx [Fri, 2 Jan 2009 20:27:09 +0000 (13:27 -0700)]
immutable: fix name change from BadOrMissingShareHash to BadOrMissingHash
One of the instances of the name accidentally didn't get changed, and pyflakes noticed.  The new downloader/checker/verifier/repairer unit tests would also have noticed, but those tests haven't been rolled into a patch and applied to this repo yet...

15 years agotrivial: remove unused import -- thanks, pyflakes
Zooko O'Whielacronx [Fri, 2 Jan 2009 20:21:28 +0000 (13:21 -0700)]
trivial: remove unused import -- thanks, pyflakes

15 years agoimmutable: download.py: Raise the appropriate type of exception to indicate the cause...
Zooko O'Whielacronx [Fri, 2 Jan 2009 19:58:58 +0000 (12:58 -0700)]
immutable: download.py: Raise the appropriate type of exception to indicate the cause of failure, e.g. BadOrMissingHash, ServerFailure, IntegrityCheckReject (which is a supertype of BadOrMissingHash).  This helps users (such as verifier/repairer) catch certain classes of reasons for "why did this download not work".  The tests of verifier/repairer test this code and rely on this code.

15 years agoimmutable: ReadBucketProxy defines classes of exception: LayoutInvalid and its two...
Zooko O'Whielacronx [Fri, 2 Jan 2009 19:15:54 +0000 (12:15 -0700)]
immutable: ReadBucketProxy defines classes of exception: LayoutInvalid and its two subtypes RidiculouslyLargeURIExtensionBlock and ShareVersionIncompatible.  This helps users (such as verifier/repairer) catch certain classes of reasons for "why did this download not work".  This code gets exercised by the verifier/repairer unit tests, which corrupt the shares on disk in order to trigger problems like these.

15 years agoimmutable: ValidatedExtendedURIProxy computes and stores block_size and share_size...
Zooko O'Whielacronx [Fri, 2 Jan 2009 18:43:17 +0000 (11:43 -0700)]
immutable: ValidatedExtendedURIProxy computes and stores block_size and share_size for the convenience of its users

15 years agoremove_sumo_install.patch
cgalvan [Fri, 2 Jan 2009 17:23:47 +0000 (10:23 -0700)]
remove_sumo_install.patch

15 years agodoc: remove notes to self that I accidentally included in a recent patch
Zooko O'Whielacronx [Fri, 2 Jan 2009 05:14:57 +0000 (22:14 -0700)]
doc: remove notes to self that I accidentally included in a recent patch

15 years agodocs: remove caveat about Nevow incompatibility with Python 2.6 since the latest...
Zooko O'Whielacronx [Fri, 2 Jan 2009 04:41:35 +0000 (21:41 -0700)]
docs: remove caveat about Nevow incompatibility with Python 2.6 since the latest version of Nevow has fixed it

15 years agoimmutable: make the test of large files more likely to work by requesting to allocate...
Zooko O'Whielacronx [Wed, 31 Dec 2008 22:59:42 +0000 (15:59 -0700)]
immutable: make the test of large files more likely to work by requesting to allocate space for only one huge share, not three

15 years agotrivial: "M-x whitespace-cleanup", and also remove an unused variable
Zooko O'Whielacronx [Wed, 31 Dec 2008 22:42:33 +0000 (15:42 -0700)]
trivial: "M-x whitespace-cleanup", and also remove an unused variable

15 years agoimmutable: storage servers accept any size shares now
Zooko O'Whielacronx [Wed, 31 Dec 2008 22:42:26 +0000 (15:42 -0700)]
immutable: storage servers accept any size shares now
Nathan Wilcox observed that the storage server can rely on the size of the share file combined with the count of leases to unambiguously identify the location of the leases.  This means that it can hold any size share data, even though the field nominally used to hold the size of the share data is only 32 bits wide.

With this patch, the storage server still writes the "size of the share data" field (just in case the server gets downgraded to an earlier version which requires that field, or the share file gets moved to another server which is of an earlier vintage), but it doesn't use it.  Also, with this patch, the server no longer rejects requests to write shares which are >= 2^32 bytes in size, and it no longer rejects attempts to read such shares.

This fixes http://allmydata.org/trac/tahoe/ticket/346 (increase share-size field to 8 bytes, remove 12GiB filesize limit), although there remains open a question of how clients know that a given server can handle large shares (by using the new versioning scheme, probably).

Note that share size is also limited by another factor -- how big of a file we can store on the local filesystem on the server.  Currently allmydata.com typically uses ext3 and I think we typically have block size = 4 KiB, which means that the largest file is about 2 TiB.  Also, the hard drives themselves are only 1 TB, so the largest share is definitely slightly less than 1 TB, which means (when K == 3), the largest file is less than 3 TB.

This patch also refactors the creation of new sharefiles so that only a single fopen() is used.

This patch also helps with the unit-testing of repairer, since formerly it was unclear what repairer should expect to find if the "share data size" field was corrupted (some corruptions would have no effect, others would cause failure to download).  Now it is clear that repairer is not required to notice if this field is corrupted since it has no effect on download.  :-)

15 years agotrivial: "M-x whitespace-cleanup" on immutable/layout.py
Zooko O'Whielacronx [Wed, 31 Dec 2008 22:07:02 +0000 (15:07 -0700)]
trivial: "M-x whitespace-cleanup" on immutable/layout.py

15 years agotrivial: remove unused import -- thanks, pyflakes
Zooko O'Whielacronx [Wed, 31 Dec 2008 22:25:56 +0000 (15:25 -0700)]
trivial: remove unused import -- thanks, pyflakes

15 years agorrefutil: generically wrap any errback from callRemote() in a ServerFailure instance
Zooko O'Whielacronx [Wed, 31 Dec 2008 21:28:30 +0000 (14:28 -0700)]
rrefutil: generically wrap any errback from callRemote() in a ServerFailure instance
This facilitates client code to easily catch ServerFailures without also catching exceptions arising from client-side code.
See also:
http://foolscap.lothar.com/trac/ticket/105 # make it easy to distinguish server-side failures/exceptions from client-side

15 years agoimmutable: more detailed tests for checker/verifier/repairer
Zooko O'Whielacronx [Wed, 31 Dec 2008 21:18:38 +0000 (14:18 -0700)]
immutable: more detailed tests for checker/verifier/repairer
There are a lot of different ways that a share could be corrupted, or that attempting to download it might fail.  These tests attempt to exercise many of those ways and require the checker/verifier/repairer to handle each kind of failure well.

15 years agodocs: add note about non-ascii chars in cli to NEWS
Zooko O'Whielacronx [Tue, 30 Dec 2008 09:17:28 +0000 (02:17 -0700)]
docs: add note about non-ascii chars in cli to NEWS

15 years agocli: make startstop_node wait 20 seconds instead of 5 for a process to go away after...
Zooko O'Whielacronx [Tue, 30 Dec 2008 08:20:22 +0000 (01:20 -0700)]
cli: make startstop_node wait 20 seconds instead of 5 for a process to go away after we signalled it to go away
Because the unit tests on the VirtualZooko buildslave failed when it took 16 seconds for a process to go away.
Perhaps getting notification after only 5 seconds instead of 20 seconds is desirable, and we should change the unit tests and set this back to 5, but I don't know exactly how to change the unit tests.  Perhaps match this particular warning message about the shutdown taking a while and allow the code under test to pass if the only stderr that it emits is this warning.

15 years agodocs: editing changes and updated news in known_issues.txt
Zooko O'Whielacronx [Tue, 30 Dec 2008 08:01:16 +0000 (01:01 -0700)]
docs: editing changes and updated news in known_issues.txt

15 years agodocs: split historical/historical_known_issues.txt out of known_issues.txt
Zooko O'Whielacronx [Tue, 30 Dec 2008 07:52:26 +0000 (00:52 -0700)]
docs: split historical/historical_known_issues.txt out of known_issues.txt
All issues which are relevant to users of v1.1, v1.2, or v1.3 go in known_issues.txt.  All issues which are relevant to users of v1.0 go in historical/historical_known_issues.txt.

15 years agodoc: sundry amendments to docs and in-line code comments
Zooko O'Whielacronx [Sun, 28 Dec 2008 23:59:54 +0000 (16:59 -0700)]
doc: sundry amendments to docs and in-line code comments

15 years agodoc: add mention of "tahoe create-alias" in the security-warning section of CLI.txt
Zooko O'Whielacronx [Wed, 24 Dec 2008 22:16:46 +0000 (15:16 -0700)]
doc: add mention of "tahoe create-alias" in the security-warning section of CLI.txt

15 years agodoc: trivial: remove trailing whitespace
Zooko O'Whielacronx [Wed, 24 Dec 2008 22:16:34 +0000 (15:16 -0700)]
doc: trivial: remove trailing whitespace

15 years agodoc: warn that unicode might not work, in CLI.txt
Zooko O'Whielacronx [Wed, 24 Dec 2008 22:16:18 +0000 (15:16 -0700)]
doc: warn that unicode might not work, in CLI.txt

15 years agodoc: use the term "filesystem" rather than "virtual drive" in CLI.txt
Zooko O'Whielacronx [Wed, 24 Dec 2008 22:16:14 +0000 (15:16 -0700)]
doc: use the term "filesystem" rather than "virtual drive" in CLI.txt

15 years agocli: mark unicode filenames as unsupported -- see #534 for details
Zooko O'Whielacronx [Wed, 24 Dec 2008 20:28:02 +0000 (13:28 -0700)]
cli: mark unicode filenames as unsupported -- see #534 for details

15 years agocli: undo the effects of [http://allmydata.org/trac/tahoe/changeset/20081222235453...
Zooko O'Whielacronx [Wed, 24 Dec 2008 16:53:17 +0000 (09:53 -0700)]
cli: undo the effects of [http://allmydata.org/trac/tahoe/changeset/20081222235453-92b7f-f841e18afb94e1fd95e6dafb799a3d876dd85c69]
We're just going to mark unicode in the cli as unsupported for tahoe-lafs-1.3.0.  Unicode filenames on the command-line do actually work for some platforms and probably only if the platform encoding is utf-8, but I'm not sure, and in any case for it to be marked as "supported" it would have to work on all platforms, be thoroughly tested, and also we would have to understand why it worked.  :-)

15 years agotest: extend timeout on the hotline file that prevents the client from stopping itself
Zooko O'Whielacronx [Mon, 22 Dec 2008 04:06:29 +0000 (21:06 -0700)]
test: extend timeout on the hotline file that prevents the client from stopping itself
The 20-second timeout was apparently tripped on my Powerbook G4 "draco".

15 years agocli: decode all cli arguments, assuming that they are utf-8 encoded
Zooko O'Whielacronx [Tue, 23 Dec 2008 00:54:53 +0000 (17:54 -0700)]
cli: decode all cli arguments, assuming that they are utf-8 encoded
Also encode all args to urllib as utf-8 because urllib doesn't handle unicode objects.
I'm not sure if it is appropriate to *assume* utf-8 encoding of cli args.  Perhaps the Right thing to do is to detect the platform encoding.  Any ideas?
This patch is mostly due to François Deppierraz.

15 years agoutil/base32: the identity trans table needn't have any contents -- we are using strin...
Zooko O'Whielacronx [Tue, 23 Dec 2008 00:48:08 +0000 (17:48 -0700)]
util/base32: the identity trans table needn't have any contents -- we are using string.translate solely to delete known chars

15 years agoutil/base32: allow unicode inputs to a2b() or could_be_base32_encoded(), and encode...
Zooko O'Whielacronx [Tue, 23 Dec 2008 00:47:13 +0000 (17:47 -0700)]
util/base32: allow unicode inputs to a2b() or could_be_base32_encoded(), and encode them with utf-8 before processing them

15 years agoutil/base32: loosen the precondition forbidding unicode and requiring str -- now...
Zooko O'Whielacronx [Mon, 22 Dec 2008 23:22:37 +0000 (16:22 -0700)]
util/base32: loosen the precondition forbidding unicode and requiring str -- now it requires either unicode or str
Hopefully this will make it so that tests pass with François Deppierraz's patch to fix the tahoe cli's handling of unicode argument.

15 years agoimmutable: don't catch all exception when downloading, catch only DeadReferenceError...
Zooko O'Whielacronx [Mon, 22 Dec 2008 00:41:35 +0000 (17:41 -0700)]
immutable: don't catch all exception when downloading, catch only DeadReferenceError and IntegrityCheckReject

15 years agoimmutable: invent download.BadOrMissingHashError which is raised if either hashtree...
Zooko O'Whielacronx [Mon, 22 Dec 2008 00:41:30 +0000 (17:41 -0700)]
immutable: invent download.BadOrMissingHashError which is raised if either hashtree.BadHashError, hashtree.NotEnoughHashesError, and which is a subclass of IntegrityCheckReject

15 years agodirnode: don't check MAC on entries in dirnodes
Zooko O'Whielacronx [Mon, 22 Dec 2008 00:35:18 +0000 (17:35 -0700)]
dirnode: don't check MAC on entries in dirnodes
In an ancient version of directories, we needed a MAC on each entry.  In modern times, the entire dirnode comes with a digital signature, so the MAC on each entry is redundant.
With this patch, we no longer check those MACs when reading directories, but we still produce them so that older readers will accept directories that we write.

15 years agoimmutable, checker, and tests: improve docstrings, assertions, tests
Zooko O'Whielacronx [Sun, 21 Dec 2008 22:07:52 +0000 (15:07 -0700)]
immutable, checker, and tests: improve docstrings, assertions, tests
No functional changes, but remove unused code, improve or fix docstrings, etc.

15 years agocli: if response code from wapi server is not 200 then stop instead of proceeding
Zooko O'Whielacronx [Sat, 20 Dec 2008 14:49:18 +0000 (07:49 -0700)]
cli: if response code from wapi server is not 200 then stop instead of proceeding
Also, include the data that failed to json parse in an exception raised by the json parser.

15 years agoimmutable: when downloading an immutable file, use primary shares if they are available
Zooko O'Whielacronx [Sat, 20 Dec 2008 14:14:56 +0000 (07:14 -0700)]
immutable: when downloading an immutable file, use primary shares if they are available
Primary shares require no erasure decoding so the more primary shares you have, the less CPU is used.

15 years agotrivial: remove unused import (thanks, pyflakes)
Zooko O'Whielacronx [Fri, 19 Dec 2008 20:46:29 +0000 (13:46 -0700)]
trivial: remove unused import (thanks, pyflakes)

15 years agotry to tidy up uri-as-string vs. uri-as-object
Zooko O'Whielacronx [Fri, 19 Dec 2008 15:39:24 +0000 (08:39 -0700)]
try to tidy up uri-as-string vs. uri-as-object
I get confused about whether a given argument or return value is a uri-as-string or uri-as-object.  This patch adds a lot of assertions that it is one or the other, and also changes CheckerResults to take objects not strings.
In the future, I hope that we generally use Python objects except when importing into or exporting from the Python interpreter e.g. over the wire, the UI, or a stored file.

15 years agoimmutable: remove the last bits of code (only test code or unused code) which did...
Zooko O'Whielacronx [Fri, 19 Dec 2008 15:18:07 +0000 (08:18 -0700)]
immutable: remove the last bits of code (only test code or unused code) which did something with plaintext hashes or plaintext hash trees

15 years agoimmutable: use new logging mixins to simplify logging
Zooko O'Whielacronx [Wed, 17 Dec 2008 01:04:50 +0000 (18:04 -0700)]
immutable: use new logging mixins to simplify logging

15 years agoimmutable: refactor ReadBucketProxy a little
Zooko O'Whielacronx [Wed, 17 Dec 2008 00:53:25 +0000 (17:53 -0700)]
immutable: refactor ReadBucketProxy a little

15 years agodebug: pass empty optional arguments to ReadBucketProxy
Zooko O'Whielacronx [Wed, 17 Dec 2008 00:51:45 +0000 (17:51 -0700)]
debug: pass empty optional arguments to ReadBucketProxy
because those arguments are about to become non-optional (for other code than test/debug code)

15 years agouri: generalize regexp that recognizes tahoe URLs to work for any host and port
Zooko O'Whielacronx [Wed, 17 Dec 2008 00:49:30 +0000 (17:49 -0700)]
uri: generalize regexp that recognizes tahoe URLs to work for any host and port

15 years agoutil: logging: refactor some common logging behavior into mixins
Zooko O'Whielacronx [Wed, 17 Dec 2008 00:38:07 +0000 (17:38 -0700)]
util: logging: refactor some common logging behavior into mixins

15 years agopyutil: assertutil: copy in simplified assertutil from pyutil
Zooko O'Whielacronx [Wed, 17 Dec 2008 00:37:45 +0000 (17:37 -0700)]
pyutil: assertutil: copy in simplified assertutil from pyutil

15 years agopyutil: assertutil: simplify handling of exception during formatting of precondition...
Zooko O'Whielacronx [Wed, 10 Dec 2008 14:10:57 +0000 (07:10 -0700)]
pyutil: assertutil: simplify handling of exception during formatting of precondition message, and reduce dependency to just the Python Standard Library's logging module

15 years agoclient: add get_servers()
Zooko O'Whielacronx [Tue, 9 Dec 2008 00:04:00 +0000 (17:04 -0700)]
client: add get_servers()

15 years agomutable publish: if we are surprised by shares that match what we would have written...
Brian Warner [Wed, 10 Dec 2008 05:44:49 +0000 (22:44 -0700)]
mutable publish: if we are surprised by shares that match what we would have written anyways, don't be surprised. This should fix one of the two #546 problems, in which we re-use a server and forget that we already sent them a share.

15 years agoNEWS: updated to most recent user-visible changes, including the 8123-to-3456 change
Brian Warner [Wed, 10 Dec 2008 00:11:46 +0000 (17:11 -0700)]
NEWS: updated to most recent user-visible changes, including the 8123-to-3456 change

15 years agoimmutable: remove unused code to produce plaintext hashes
Zooko O'Whielacronx [Tue, 9 Dec 2008 23:45:46 +0000 (16:45 -0700)]
immutable: remove unused code to produce plaintext hashes

15 years agofinish renaming 'subshare' to 'block' in immutable/encode.py and in docs/
Zooko O'Whielacronx [Tue, 9 Dec 2008 23:33:18 +0000 (16:33 -0700)]
finish renaming 'subshare' to 'block' in immutable/encode.py and in docs/

15 years agointroducer: fix bug in recent simplification caught by Brian's sharp code-reviewing eye
Zooko O'Whielacronx [Tue, 9 Dec 2008 00:16:34 +0000 (17:16 -0700)]
introducer: fix bug in recent simplification caught by Brian's sharp code-reviewing eye

15 years agointroducer: simplify get_permuted_peers() implementation and add get_peers()
Zooko O'Whielacronx [Mon, 8 Dec 2008 23:57:25 +0000 (16:57 -0700)]
introducer: simplify get_permuted_peers() implementation and add get_peers()

15 years agowebapi.txt: minor edits
Brian Warner [Mon, 8 Dec 2008 22:32:56 +0000 (15:32 -0700)]
webapi.txt: minor edits

15 years agorename "get_verifier()" to "get_verify_cap()"
Zooko O'Whielacronx [Mon, 8 Dec 2008 19:44:11 +0000 (12:44 -0700)]
rename "get_verifier()" to "get_verify_cap()"

15 years agosetup: try depending on setuptools >= 0.6c6 instead of >= 0.6c7 at run-time, to be...
Zooko O'Whielacronx [Mon, 8 Dec 2008 18:47:25 +0000 (11:47 -0700)]
setup: try depending on setuptools >= 0.6c6 instead of >= 0.6c7 at run-time, to be able to use the setuptools that came with Ubuntu Gutsy

15 years agosetup: loosen requirement on simplejson to >= 1.4
Zooko O'Whielacronx [Mon, 8 Dec 2008 15:35:37 +0000 (08:35 -0700)]
setup: loosen requirement on simplejson to >= 1.4
That's the version of simplejson that comes with ubuntu feisty, and the one that we've required for most of our history.  Currently the Ubuntu dapper buildslave fails (see issue #534), and setting the simplejson requirement to be >= 2.0 would fix that failure, but I don't understand why.

15 years agosetup: require simplejson >= 1.7.1
Zooko O'Whielacronx [Mon, 8 Dec 2008 05:34:12 +0000 (22:34 -0700)]
setup: require simplejson >= 1.7.1
That's the version that comes with gutsy, and we don't really understand why increasing the required version number helped with issue #553.

15 years agomutable: merge renaming with test patches
Zooko O'Whielacronx [Sun, 7 Dec 2008 15:45:19 +0000 (08:45 -0700)]
mutable: merge renaming with test patches

15 years agomutable: rename mutable/node.py to mutable/filenode.py and mutable/repair.py to mutab...
Zooko O'Whielacronx [Sun, 7 Dec 2008 15:20:08 +0000 (08:20 -0700)]
mutable: rename mutable/node.py to mutable/filenode.py and mutable/repair.py to mutable/repairer.py
To be more consistent with the immutable layout that I am working on.

15 years agoweb/directory.py: really really fix #553. Unfortunately it's tricky to simulate the...
Brian Warner [Sat, 6 Dec 2008 06:14:12 +0000 (23:14 -0700)]
web/directory.py: really really fix #553. Unfortunately it's tricky to simulate the behavior of a brower's relative-url handling in a unit test.

16 years agofilenode.py: Fix partial HTTP Range header handling according to RFC2616
francois [Tue, 18 Nov 2008 14:41:35 +0000 (07:41 -0700)]
filenode.py: Fix partial HTTP Range header handling according to RFC2616

Tahoe webapi was failing on HTTP request containing a partial Range header.
This change allows movies players like mplayer to seek in movie files stored in
tahoe.

Associated tests for GET and HEAD methods are also included

15 years agomutable.modify(): after UCWE, publish even if the second invocation of the modifier...
Brian Warner [Sat, 6 Dec 2008 05:49:23 +0000 (22:49 -0700)]
mutable.modify(): after UCWE, publish even if the second invocation of the modifier didn't modify anything. For #551.

15 years agodirnode.py: dirnode.delete which hits UCWE should not fail with NoSuchChildError...
Brian Warner [Sat, 6 Dec 2008 05:08:37 +0000 (22:08 -0700)]
dirnode.py: dirnode.delete which hits UCWE should not fail with NoSuchChildError. Fixes #550.

15 years agoMutableFileNode.modify: pass first_time= and servermap= to the modifier callback
Brian Warner [Sat, 6 Dec 2008 05:07:10 +0000 (22:07 -0700)]
MutableFileNode.modify: pass first_time= and servermap= to the modifier callback

15 years agomisc/cpu-watcher.tac: tolerate disk-full errors when writing the pickle, and pickle...
Brian Warner [Fri, 5 Dec 2008 22:54:12 +0000 (15:54 -0700)]
misc/cpu-watcher.tac: tolerate disk-full errors when writing the pickle, and pickle corruption from earlier disk-full errors

15 years agoweb: fix more info links again
Zooko O'Whielacronx [Fri, 5 Dec 2008 22:39:39 +0000 (15:39 -0700)]
web: fix more info links again
Really, *really* closes #553.

15 years agoweb: fix moreinfo link
Zooko O'Whielacronx [Fri, 5 Dec 2008 22:29:39 +0000 (15:29 -0700)]
web: fix moreinfo link

15 years agoweb: "More Info" link describes the same file that the "file" link points to, rather...
Zooko O'Whielacronx [Fri, 5 Dec 2008 22:05:02 +0000 (15:05 -0700)]
web: "More Info" link describes the same file that the "file" link points to, rather than to the file under the same name in this directory
It's a subtle but real difference.
Fixes #553 -- "More Info" link should point to a file/dir, not a dir+childname .

15 years agominor: fix unused imports -- thanks, pyflakes
Zooko O'Whielacronx [Fri, 5 Dec 2008 20:07:23 +0000 (13:07 -0700)]
minor: fix unused imports -- thanks, pyflakes

15 years agodownload: refactor handling of URI Extension Block and crypttext hash tree, simplify...
Zooko O'Whielacronx [Fri, 5 Dec 2008 15:17:54 +0000 (08:17 -0700)]
download: refactor handling of URI Extension Block and crypttext hash tree, simplify things

Refactor into a class the logic of asking each server in turn until one of them gives an answer
that validates.  It is called ValidatedThingObtainer.

Refactor the downloading and verification of the URI Extension Block into a class named
ValidatedExtendedURIProxy.

The new logic of validating UEBs is minimalist: it doesn't require the UEB to contain any
unncessary information, but of course it still accepts such information for backwards
compatibility (so that this new download code is able to download files uploaded with old, and
for that matter with current, upload code).

The new logic of validating UEBs follows the practice of doing all validation up front.  This
practice advises one to isolate the validation of incoming data into one place, so that all of
the rest of the code can assume only valid data.

If any redundant information is present in the UEB+URI, the new code cross-checks and asserts
that it is all fully consistent.  This closes some issues where the uploader could have
uploaded inconsistent redundant data, which would probably have caused the old downloader to
simply reject that download after getting a Python exception, but perhaps could have caused
greater harm to the old downloader.

I removed the notion of selecting an erasure codec from codec.py based on the string that was
passed in the UEB.  Currently "crs" is the only such string that works, so
"_assert(codec_name == 'crs')" is simpler and more explicit.  This is also in keeping with the
"validate up front" strategy -- now if someone sets a different string than "crs" in their UEB,
the downloader will reject the download in the "validate this UEB" function instead of in a
separate "select the codec instance" function.

I removed the code to check plaintext hashes and plaintext Merkle Trees.  Uploaders do not
produce this information any more (since it potentially exposes confidential information about
the file), and the unit tests for it were disabled.  The downloader before this patch would
check that plaintext hash or plaintext merkle tree if they were present, but not complain if
they were absent.  The new downloader in this patch complains if they are present and doesn't
check them.  (We might in the future re-introduce such hashes over the plaintext, but encrypt
the hashes which are stored in the UEB to preserve confidentiality.  This would be a double-
check on the correctness of our own source code -- the current Merkle Tree over the ciphertext
is already sufficient to guarantee the integrity of the download unless there is a bug in our
Merkle Tree or AES implementation.)

This patch increases the lines-of-code count by 8 (from 17,770 to 17,778), and reduces the
uncovered-by-tests lines-of-code count by 24 (from 1408 to 1384).  Those numbers would be more
meaningful if we omitted src/allmydata/util/ from the test-coverage statistics.

15 years agotest_web: add get_permuted_peers, to unbreak recent checker_results change
Brian Warner [Fri, 5 Dec 2008 09:12:10 +0000 (02:12 -0700)]
test_web: add get_permuted_peers, to unbreak recent checker_results change

15 years agoweb checker_results: include a table of servers in permuted order, so you can see...
Brian Warner [Fri, 5 Dec 2008 09:03:09 +0000 (02:03 -0700)]
web checker_results: include a table of servers in permuted order, so you can see the places where new servers have been inserted

15 years agotest_system.py: assert less about the stats we get, since shares (and thus allocate...
Brian Warner [Fri, 5 Dec 2008 00:27:04 +0000 (17:27 -0700)]
test_system.py: assert less about the stats we get, since shares (and thus allocate() calls) are distributed randomly

15 years agostats: don't return booleans: it violates the schema. Add a test.
Brian Warner [Thu, 4 Dec 2008 22:01:24 +0000 (15:01 -0700)]
stats: don't return booleans: it violates the schema. Add a test.

15 years agotest_system.py: don't ask the stats-gatherer to poll: it tolerates failures, so it...
Brian Warner [Thu, 4 Dec 2008 22:00:53 +0000 (15:00 -0700)]
test_system.py: don't ask the stats-gatherer to poll: it tolerates failures, so it isn't really giving us enough test coverage. Removing the call will make it more clear that we need to improve the tests later

15 years agoconfwiz.py - removing hardcoded version number
Peter Secor [Wed, 3 Dec 2008 03:38:31 +0000 (20:38 -0700)]
confwiz.py - removing hardcoded version number

15 years agoCLI: check for pre-existing aliases in 'tahoe create-alias' and 'tahoe add-alias'
Brian Warner [Wed, 3 Dec 2008 03:20:22 +0000 (20:20 -0700)]
CLI: check for pre-existing aliases in 'tahoe create-alias' and 'tahoe add-alias'

15 years agotest_cli: pass rc out of do_cli() too
Brian Warner [Wed, 3 Dec 2008 03:08:28 +0000 (20:08 -0700)]
test_cli: pass rc out of do_cli() too

15 years agosetup: one more address to send release announcements to
Zooko O'Whielacronx [Wed, 3 Dec 2008 02:50:40 +0000 (19:50 -0700)]
setup: one more address to send release announcements to

15 years agosetup: another note about the process of making a tahoe release: mail to duplicity...
Zooko O'Whielacronx [Wed, 3 Dec 2008 02:44:14 +0000 (19:44 -0700)]
setup: another note about the process of making a tahoe release: mail to duplicity-talk@nongnu.org

15 years agotest_storage.py: more windows-vs-readonly-storage fixes
Brian Warner [Wed, 3 Dec 2008 02:41:02 +0000 (19:41 -0700)]
test_storage.py: more windows-vs-readonly-storage fixes

15 years agodocs/webapi.txt: update helper section to discuss tahoe.cfg
Brian Warner [Wed, 3 Dec 2008 02:07:26 +0000 (19:07 -0700)]
docs/webapi.txt: update helper section to discuss tahoe.cfg

15 years agodocs/webapi.txt: update to discuss tahoe.cfg, not BASEDIR/webport
Brian Warner [Wed, 3 Dec 2008 02:06:12 +0000 (19:06 -0700)]
docs/webapi.txt: update to discuss tahoe.cfg, not BASEDIR/webport

15 years agostorage.py: oops, fix windows again, readonly_storage wasn't getting picked up properly
Brian Warner [Wed, 3 Dec 2008 02:03:17 +0000 (19:03 -0700)]
storage.py: oops, fix windows again, readonly_storage wasn't getting picked up properly

15 years agotest_download.py: remove extra base32 import
Brian Warner [Wed, 3 Dec 2008 01:31:26 +0000 (18:31 -0700)]
test_download.py: remove extra base32 import

15 years agotest_download: test both mutable and immutable pre-generated shares
Brian Warner [Wed, 3 Dec 2008 01:30:07 +0000 (18:30 -0700)]
test_download: test both mutable and immutable pre-generated shares

15 years agotest_download.py: added 'known-answer-tests', to make sure current code can download...
Brian Warner [Wed, 3 Dec 2008 01:22:08 +0000 (18:22 -0700)]
test_download.py: added 'known-answer-tests', to make sure current code can download a file that was created by earlier code

15 years agodocs/configuration.txt: fix minor typo
Brian Warner [Tue, 2 Dec 2008 22:51:01 +0000 (15:51 -0700)]
docs/configuration.txt: fix minor typo

15 years agostorage.py: unbreak readonly_storage=True on windows
Brian Warner [Tue, 2 Dec 2008 02:49:46 +0000 (19:49 -0700)]
storage.py: unbreak readonly_storage=True on windows

15 years ago#542 'tahoe create-key-generator': fix the .tac file this creates to be compatible...
Brian Warner [Tue, 2 Dec 2008 00:47:21 +0000 (17:47 -0700)]
#542 'tahoe create-key-generator': fix the .tac file this creates to be compatible with modern code, add a test

15 years agostorage.py: fix minor typo in comment
Brian Warner [Tue, 2 Dec 2008 00:25:40 +0000 (17:25 -0700)]
storage.py: fix minor typo in comment

15 years agostorage: replace sizelimit with reserved_space, make the stats 'disk_avail' number...
Brian Warner [Tue, 2 Dec 2008 00:24:21 +0000 (17:24 -0700)]
storage: replace sizelimit with reserved_space, make the stats 'disk_avail' number incorporate this reservation

15 years agoutil/abbreviate: add abbreviated-size parser
Brian Warner [Tue, 2 Dec 2008 00:24:12 +0000 (17:24 -0700)]
util/abbreviate: add abbreviated-size parser

16 years agowui/wapi: change the default port number from 8123 to 3456 to avoid conflict with...
Zooko O'Whielacronx [Wed, 26 Nov 2008 00:57:37 +0000 (17:57 -0700)]
wui/wapi: change the default port number from 8123 to 3456 to avoid conflict with TorButton
See ticket #536 for details.

16 years agosetup: move the requirement on simplejson from setup.py to _auto_deps.py, and loosen...
Zooko O'Whielacronx [Tue, 25 Nov 2008 21:37:51 +0000 (14:37 -0700)]
setup: move the requirement on simplejson from setup.py to _auto_deps.py, and loosen it from >= 2.0.5 to > 1.8.1
We'll see if this fixes the tests on all of our current buildslaves, and if it does then I'll be happy to leave it at "> 1.8.1" for now, even though I don't know exactly what versions of simplejson changed exactly what behavior that interacts with exactly what environment.  See http://allmydata.org/trac/tahoe/ticket/534 for uncertainties.

16 years agosetup.py: Require simplejson version >= 2.0.5
francois [Tue, 25 Nov 2008 18:17:27 +0000 (11:17 -0700)]
setup.py: Require simplejson version >= 2.0.5

16 years agomutable publish: reinstate the foolscap-reference-token-bug workaround, both for...
Brian Warner [Tue, 25 Nov 2008 21:27:35 +0000 (14:27 -0700)]
mutable publish: reinstate the foolscap-reference-token-bug workaround, both for the original reasons and because of an apparent new foolscap bug that's triggered by reference tokens. See #541 for details.