Peter Secor [Wed, 26 Mar 2008 00:00:59 +0000 (17:00 -0700)]
native client - updated to fix windows vista backup rproblems, edit word documents directly on the drive, requeue files that failed to upload from the node to the helper
Brian Warner [Tue, 25 Mar 2008 01:55:37 +0000 (18:55 -0700)]
encode: log a plaintext hash and SI for each upload. This will allow the log gatherer to correlate the two, to better measure the benefits of convergence
robk-tahoe [Mon, 24 Mar 2008 22:47:12 +0000 (15:47 -0700)]
confwiz: set a convergence domain based on root_dir upon config
when the confwiz configures a node (i.e. typically once on mac, once per
install on windows) in addition to writing the root_dir.cap retrieved from
the native_client backend into a config file, it additionally writes a hash
thereof into the 'convergence' config file.
this causes uploads from this node to use a consistent 'convergence' hashing
value matching any other nodes with the same configured root_dir, i.e. for
the most part other systems installed and configured on the same account.
Brian Warner [Sun, 23 Mar 2008 22:35:54 +0000 (15:35 -0700)]
UNDO: upload: stop putting plaintext and ciphertext hashes in shares.
This removes the guess-partial-information attack vector, and reduces
the amount of overhead that we consume with each file. It also introduces
a forwards-compability break: older versions of the code (before the
previous download-time "make hashes optional" patch) will be unable
to read files uploaded by this version, as they will complain about the
missing hashes. This patch is experimental, and is being pushed into
trunk to obtain test coverage. We may undo it before releasing 1.0.
fix check-memory to use new upload API (which requires a "convergence" argument), and change it to measure convergence instead of random-key, since convergence is the use case we care about more
Now upload or encode methods take a required argument named "convergence" which can be either None, indicating no convergent encryption at all, or a string, which is the "added secret" to be mixed in to the content hash key. If you want traditional convergent encryption behavior, set the added secret to be the empty string.
This patch also renames "content hash key" to "convergent encryption" in a argument names and variable names. (A different and larger renaming is needed in order to clarify that Tahoe supports immutable files which are not encrypted content-hash-key a.k.a. convergent encryption.)
This patch also changes a few unit tests to use non-convergent encryption, because it doesn't matter for what they are testing and non-convergent encryption is slightly faster.
Brian Warner [Sun, 23 Mar 2008 22:35:54 +0000 (15:35 -0700)]
upload: stop putting plaintext and ciphertext hashes in shares.
This removes the guess-partial-information attack vector, and reduces
the amount of overhead that we consume with each file. It also introduces
a forwards-compability break: older versions of the code (before the
previous download-time "make hashes optional" patch) will be unable
to read files uploaded by this version, as they will complain about the
missing hashes. This patch is experimental, and is being pushed into
trunk to obtain test coverage. We may undo it before releasing 1.0.
Brian Warner [Sun, 23 Mar 2008 21:46:49 +0000 (14:46 -0700)]
download: make plaintext and ciphertext hashes in the UEB optional.
Removing the plaintext hashes can help with the guess-partial-information
attack. This does not affect compatibility, but if and when we actually
remove any hashes from the share, that will introduce a
forwards-compatibility break: tahoe-0.9 will not be able to read such files.
robk-tahoe [Tue, 18 Mar 2008 23:15:36 +0000 (16:15 -0700)]
confwiz: reworked confwiz look and feel
this changes the confwiz to have a look and feel much more consistent
with that of the innosetup installer it is launched within the context
of. this applies, naturally, primarily to windows.
Peter Secor [Tue, 18 Mar 2008 17:44:43 +0000 (10:44 -0700)]
windows installer - changed to reflect the new StartAllmydata.exe executable that is used to launch the various pieces of the native client. Also verified that the SMB service was stopped when uninstalling.
robk-tahoe [Tue, 18 Mar 2008 01:13:01 +0000 (18:13 -0700)]
add a mkdir-p POST handler
this adds a t=mkdir-p call to directories (accessed by their uri as
/uri/<URI>?t=mkdir=p&path=/some/path) which returns the uri for a
directory at a specified path before the given uri, regardless of
whether the directory exists or whether intermediate directories
need to be created to satisfy the request.
this is used by the migration code in MV to optimise the work of
path traversal which was other wise done on every file PUT
Peter Secor [Mon, 17 Mar 2008 21:22:03 +0000 (14:22 -0700)]
native client - fixes for drive size (now 1TB), running service as adminstrator to allow client stopping and starting in Vista, large number of files fix
refactor one of the dispatch routines in webish.py
The behavior is intended to be unchanged by this refactoring. Unit tests show no change in behavior.
storage servers announce that they will support clients as old as v0.8.0
Not that anyone pays attention to what storage servers claim about what versions they will support.
Peter Secor [Tue, 11 Mar 2008 20:31:26 +0000 (13:31 -0700)]
native client - updated executables and dll's to have green icon, preference for log levels, and force a link every 100 files when uploading large amounts of files
Peter Secor [Tue, 11 Mar 2008 18:10:38 +0000 (11:10 -0700)]
makefile - unreverted Zooko's change to setup.py, this originally was to see if it was causing the build to create a non-running installer on windows, but it wasn't the problem.
make the nodeurl start with '127.0.0.1' instead of with 'localhost'
This is because there exist in the wild computers that are misconfigured so that 'localhost' doesn't resolve to 127.0.0.1. On those computers, using 'localhost' for the nodeurl is a security problem, because the user commonly sends valuable caps to the nodeurl.
robk-tahoe [Tue, 11 Mar 2008 00:50:44 +0000 (17:50 -0700)]
confwiz: write accountname to a file
motivated simply by a desire to be able to identify 'noderoot' directories for
debugging and testing, the confwiz now writes an 'accountname' files based on
what account was used when the node was configured. this is not currently read
by or used by any code in the system, but helps identify directories from testing.
Brian Warner [Sat, 8 Mar 2008 02:24:51 +0000 (19:24 -0700)]
lower max_segsize for immutable files to 128KiB, to make download-progress smoother and improve alacrity. Closes #252. Note that mutable files continue to use 1MiB segments.
robk-tahoe [Fri, 7 Mar 2008 00:43:25 +0000 (17:43 -0700)]
macfuse: fix unicode handling
at one point I'd thrown in a 'str' since fuse api bits required a str instance
but tahoe returns unicode objects from its json parsing. that, naturally
enough should really be a utf8 encoded str of the unicode object...