setup: remove binary WinFUSE modules
I would prefer to have just source code, or indications of what 3rd-party packages are required, under revision control, and have the build process generate o
r acquire the binaries as needed. Also, having these in our release tarballs is interfering with getting Tahoe-LAFS uploaded into Ubuntu Karmic. (Technicall
y, they would accept binary modules as long as they came with the accompanying source so that they could satisfy their obligations under GPL2+ and TGPPL1+, bu
t it is easier for now to remove the binaries from the source tree.)
In this case, the binaries are from the tahoe-w32-client project: http://allmydata.org/trac/tahoe-w32-client , from which you can also get the source.
setup: remove binary _fusemodule.so 's
I would prefer to have just source code, or indications of what 3rd-party packages are required, under revision control, and have the build process generate or acquire the binaries as needed. Also, having these in our release tarballs is interfering with getting Tahoe-LAFS uploaded into Ubuntu Karmic. (Technically, they would accept binary modules as long as they came with the accompanying source so that they could satisfy their obligations under GPL2+ and TGPPL1+, but it is easier for now to remove the binaries from the source tree.)
In this case, these modules come from the MacFUSE project: http://code.google.com/p/macfuse/
setup: remove a convenience copy of figleaf, to ease inclusion into Ubuntu Karmic Koala
We need to carefully document the licence of figleaf in order to get Tahoe-LAFS into Ubuntu Karmic Koala. However, figleaf isn't really a part of Tahoe-LAFS per se -- this is just a "convenience copy" of a development tool. The quickest way to make Tahoe-LAFS acceptable for Karmic then, is to remove figleaf from the Tahoe-LAFS tarball itself. People who want to run figleaf on Tahoe-LAFS (as everyone should want) can install figleaf themselves. I haven't tested this -- there may be incompatibilities between upstream figleaf and the copy that we had here...
setup: shebang for misc/build-deb.py to fail quickly
Without this patch, when I ran "chmod +x ./misc/build-deb.py && ./misc/build-deb.py" then it hung indefinitely. (I wonder what it was doing.)
setup: remove bundled version of darcsver-1.2.1
That version of darcsver emits a scary error message when the darcs executable or the _darcs subdirectory is not found.
This error is hidden (unless the --loud option is passed) in darcsver >= 1.3.1.
Fixes #788.
Brian Warner [Sat, 15 Aug 2009 20:17:37 +0000 (13:17 -0700)]
de-Service-ify Helper, pass in storage_broker and secret_holder directly.
This makes it more obvious that the Helper currently generates leases with
the Helper's own secrets, rather than getting values from the client, which
is arguably a bug that will likely be resolved with the Accounting project.
Brian Warner [Sat, 15 Aug 2009 19:25:43 +0000 (12:25 -0700)]
immutable.Downloader: pass StorageBroker to constructor, stop being a Service
child of the client, access with client.downloader instead of
client.getServiceNamed("downloader"). The single "Downloader" instance is
scheduled for demolition anyways, to be replaced by individual
filenode.download calls.
tests: double the timeout on test_runner.RunNode.test_introducer since feisty hit a timeout
I'm not sure if this is an actual timing issue (feisty is running on an overloaded VM if I recall correctly), or it there is a deeper bug.
Brian Warner [Sat, 15 Aug 2009 11:02:56 +0000 (04:02 -0700)]
Overhaul IFilesystemNode handling, to simplify tests and use POLA internally.
* stop using IURI as an adapter
* pass cap strings around instead of URI instances
* move filenode/dirnode creation duties from Client to new NodeMaker class
* move other Client duties to KeyGenerator, SecretHolder, History classes
* stop passing Client reference to dirnode/filenode constructors
- pass less-powerful references instead, like StorageBroker or Uploader
* always create DirectoryNodes by wrapping a filenode (mutable for now)
* remove some specialized mock classes from unit tests
Detailed list of changes (done one at a time, then merged together)
always pass a string to create_node_from_uri(), not an IURI instance
always pass a string to IFilesystemNode constructors, not an IURI instance
stop using IURI() as an adapter, switch on cap prefix in create_node_from_uri()
client.py: move SecretHolder code out to a separate class
test_web.py: hush pyflakes
client.py: move NodeMaker functionality out into a separate object
LiteralFileNode: stop storing a Client reference
immutable Checker: remove Client reference, it only needs a SecretHolder
immutable Upload: remove Client reference, leave SecretHolder and StorageBroker
immutable Repairer: replace Client reference with StorageBroker and SecretHolder
immutable FileNode: remove Client reference
mutable.Publish: stop passing Client
mutable.ServermapUpdater: get StorageBroker in constructor, not by peeking into Client reference
MutableChecker: reference StorageBroker and History directly, not through Client
mutable.FileNode: removed unused indirection to checker classes
mutable.FileNode: remove Client reference
client.py: move RSA key generation into a separate class, so it can be passed to the nodemaker
move create_mutable_file() into NodeMaker
test_dirnode.py: stop using FakeClient mockups, use NoNetworkGrid instead. This simplifies the code, but takes longer to run (17s instead of 6s). This should come down later when other cleanups make it possible to use simpler (non-RSA) fake mutable files for dirnode tests.
test_mutable.py: clean up basedir names
client.py: move create_empty_dirnode() into NodeMaker
dirnode.py: get rid of DirectoryNode.create
remove DirectoryNode.init_from_uri, refactor NodeMaker for customization, simplify test_web's mock Client to match
stop passing Client to DirectoryNode, make DirectoryNode.create_with_mutablefile the normal DirectoryNode constructor, start removing client from NodeMaker
remove Client from NodeMaker
move helper status into History, pass History to web.Status instead of Client
test_mutable.py: fix minor typo
docs: install.html: instruct Debian users to use this document and not to go find the DownloadDebianPackages page, ignore the warning at the top of it, and try it
http://allmydata.org/pipermail/tahoe-dev/2009-August/002507.html
docs: introducing "provider-independent security"; Nathan Wilcox gave me good advice on how to be more specific in terminology when making security claims so as not fit in with the background noise of overblown and indefensible claims that is always buzzing in the security world
docs: update NEWS, about.html, relnotes-short.txt, and known_issues.txt in preparation for v1.5.0
Especially note that strong claims of specialness that I've added, e.g. in about.html .
Brian Warner [Mon, 20 Jul 2009 15:38:03 +0000 (11:38 -0400)]
Touch up #705 changes:
webapi.txt: clarify replace=only-files argument, mention replace= on POST t=uri
test_cli.py: insert whitespace between logical operations
web.common.parse_replace_arg: make it case-insensitive, to match the docs
introduction/storage-broker: add assertions of serverids being the right type and of internal consistency between the number of storage servers known and the number of storage servers
Brian Warner [Thu, 16 Jul 2009 23:01:20 +0000 (18:01 -0500)]
upload: fix #758 recursion-loop in peer-selection when servers report errors.
The bug was in the code that handles a third-or-later pass, and was
previously untested.
Brian Warner [Wed, 15 Jul 2009 06:45:10 +0000 (23:45 -0700)]
Allow tests to pass with -OO by turning some AssertionErrors (the ones that
we actually exercise during tests) into more specific exceptions, so they
don't get optimized away. The best rule to follow is probably this: if an
exception is worth testing, then it's part of the API, and AssertionError
should never be part of the API. Closes #749.
Brian Warner [Sun, 12 Jul 2009 23:47:50 +0000 (00:47 +0100)]
dirnode.py: security bug: also use child writecap to derive child enc key,
not just the dirnode writecap. The previous code (which only hashed the
dirnode writecap) would use the same key for all children, which is very bad.
This is the correct implementation of #750.
directories: make the IV for the writecaps in directory entries be computed from the secure hash of the writecap itself
This makes encoding of directory entries deterministic, and it is also a tad faster on Macbook Pro than getting a random IV with os.urandom(16).
directories: make initialization of the download cache lazy
If you open up a directory containing thousands of files, it currently computes the cache filename and checks for the cache file on disk immediately for each immutble file in that directory. With this patch, it delays those steps until you try to do something with an immutable file that could use the cache.
directories: rename internal data member download_cache to download_cache_dirman (benchmarks set this internal member and use the new name, so changing this makes the bench_dirnode.py work again)
directories: keep track of your position as you decode netstring after netstring from an input buffer instead of copying the trailing part
This makes decoding linear in the number of netstrings instead of O(N^2).