2007-11-02 06:46:47 +00:00
|
|
|
|
2008-05-08 23:19:42 +00:00
|
|
|
import os, time, math
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
from zope.interface import implements
|
|
|
|
from twisted.internet import defer
|
2009-05-22 00:38:23 +00:00
|
|
|
from foolscap.api import fireEventually
|
2007-11-02 06:46:47 +00:00
|
|
|
import simplejson
|
2008-04-11 21:31:16 +00:00
|
|
|
from allmydata.mutable.common import NotMutableError
|
2008-12-07 15:20:08 +00:00
|
|
|
from allmydata.mutable.filenode import MutableFileNode
|
2007-11-02 06:46:47 +00:00
|
|
|
from allmydata.interfaces import IMutableFileNode, IDirectoryNode,\
|
2008-09-10 08:45:04 +00:00
|
|
|
IURI, IFileNode, IMutableFileURI, IFilesystemNode, \
|
2008-10-27 20:15:25 +00:00
|
|
|
ExistingChildError, NoSuchChildError, ICheckable, IDeepCheckable
|
2009-01-06 20:37:03 +00:00
|
|
|
from allmydata.check_results import DeepCheckResults, \
|
2008-09-07 19:44:56 +00:00
|
|
|
DeepCheckAndRepairResults
|
2008-10-22 00:03:07 +00:00
|
|
|
from allmydata.monitor import Monitor
|
2008-08-12 04:23:38 +00:00
|
|
|
from allmydata.util import hashutil, mathutil, base32, log
|
2008-12-19 15:39:24 +00:00
|
|
|
from allmydata.util.assertutil import _assert, precondition
|
2007-11-02 06:46:47 +00:00
|
|
|
from allmydata.util.hashutil import netstring
|
2008-09-26 04:38:24 +00:00
|
|
|
from allmydata.util.netstring import split_netstring
|
download: refactor handling of URI Extension Block and crypttext hash tree, simplify things
Refactor into a class the logic of asking each server in turn until one of them gives an answer
that validates. It is called ValidatedThingObtainer.
Refactor the downloading and verification of the URI Extension Block into a class named
ValidatedExtendedURIProxy.
The new logic of validating UEBs is minimalist: it doesn't require the UEB to contain any
unncessary information, but of course it still accepts such information for backwards
compatibility (so that this new download code is able to download files uploaded with old, and
for that matter with current, upload code).
The new logic of validating UEBs follows the practice of doing all validation up front. This
practice advises one to isolate the validation of incoming data into one place, so that all of
the rest of the code can assume only valid data.
If any redundant information is present in the UEB+URI, the new code cross-checks and asserts
that it is all fully consistent. This closes some issues where the uploader could have
uploaded inconsistent redundant data, which would probably have caused the old downloader to
simply reject that download after getting a Python exception, but perhaps could have caused
greater harm to the old downloader.
I removed the notion of selecting an erasure codec from codec.py based on the string that was
passed in the UEB. Currently "crs" is the only such string that works, so
"_assert(codec_name == 'crs')" is simpler and more explicit. This is also in keeping with the
"validate up front" strategy -- now if someone sets a different string than "crs" in their UEB,
the downloader will reject the download in the "validate this UEB" function instead of in a
separate "select the codec instance" function.
I removed the code to check plaintext hashes and plaintext Merkle Trees. Uploaders do not
produce this information any more (since it potentially exposes confidential information about
the file), and the unit tests for it were disabled. The downloader before this patch would
check that plaintext hash or plaintext merkle tree if they were present, but not complain if
they were absent. The new downloader in this patch complains if they are present and doesn't
check them. (We might in the future re-introduce such hashes over the plaintext, but encrypt
the hashes which are stored in the UEB to preserve confidentiality. This would be a double-
check on the correctness of our own source code -- the current Merkle Tree over the ciphertext
is already sufficient to guarantee the integrity of the download unless there is a bug in our
Merkle Tree or AES implementation.)
This patch increases the lines-of-code count by 8 (from 17,770 to 17,778), and reduces the
uncovered-by-tests lines-of-code count by 24 (from 1408 to 1384). Those numbers would be more
meaningful if we omitted src/allmydata/util/ from the test-coverage statistics.
2008-12-05 15:17:54 +00:00
|
|
|
from allmydata.uri import NewDirectoryURI, LiteralFileURI, from_string
|
2007-12-04 00:27:46 +00:00
|
|
|
from pycryptopp.cipher.aes import AES
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2008-04-18 02:57:04 +00:00
|
|
|
class Deleter:
|
2008-04-18 03:06:06 +00:00
|
|
|
def __init__(self, node, name, must_exist=True):
|
2008-04-18 02:57:04 +00:00
|
|
|
self.node = node
|
|
|
|
self.name = name
|
2008-04-18 03:06:06 +00:00
|
|
|
self.must_exist = True
|
2008-12-06 05:07:10 +00:00
|
|
|
def modify(self, old_contents, servermap, first_time):
|
2008-04-18 02:57:04 +00:00
|
|
|
children = self.node._unpack_contents(old_contents)
|
|
|
|
if self.name not in children:
|
2008-12-06 05:08:37 +00:00
|
|
|
if first_time and self.must_exist:
|
2008-10-27 20:15:25 +00:00
|
|
|
raise NoSuchChildError(self.name)
|
2008-04-18 02:57:04 +00:00
|
|
|
self.old_child = None
|
|
|
|
return None
|
|
|
|
self.old_child, metadata = children[self.name]
|
|
|
|
del children[self.name]
|
|
|
|
new_contents = self.node._pack_contents(children)
|
|
|
|
return new_contents
|
|
|
|
|
|
|
|
class MetadataSetter:
|
|
|
|
def __init__(self, node, name, metadata):
|
|
|
|
self.node = node
|
|
|
|
self.name = name
|
|
|
|
self.metadata = metadata
|
|
|
|
|
2008-12-06 05:07:10 +00:00
|
|
|
def modify(self, old_contents, servermap, first_time):
|
2008-04-18 02:57:04 +00:00
|
|
|
children = self.node._unpack_contents(old_contents)
|
2008-10-27 20:15:25 +00:00
|
|
|
if self.name not in children:
|
|
|
|
raise NoSuchChildError(self.name)
|
2008-04-18 02:57:04 +00:00
|
|
|
children[self.name] = (children[self.name][0], self.metadata)
|
|
|
|
new_contents = self.node._pack_contents(children)
|
|
|
|
return new_contents
|
|
|
|
|
|
|
|
|
|
|
|
class Adder:
|
2008-05-16 23:09:47 +00:00
|
|
|
def __init__(self, node, entries=None, overwrite=True):
|
2008-04-18 02:57:04 +00:00
|
|
|
self.node = node
|
|
|
|
if entries is None:
|
|
|
|
entries = []
|
|
|
|
self.entries = entries
|
2008-05-16 23:09:47 +00:00
|
|
|
self.overwrite = overwrite
|
2008-04-18 02:57:04 +00:00
|
|
|
|
|
|
|
def set_node(self, name, node, metadata):
|
2008-12-19 15:39:24 +00:00
|
|
|
precondition(isinstance(name, unicode), name)
|
|
|
|
precondition(IFilesystemNode.providedBy(node), node)
|
2008-04-18 02:57:04 +00:00
|
|
|
self.entries.append( [name, node, metadata] )
|
|
|
|
|
2008-12-06 05:07:10 +00:00
|
|
|
def modify(self, old_contents, servermap, first_time):
|
2008-04-18 02:57:04 +00:00
|
|
|
children = self.node._unpack_contents(old_contents)
|
|
|
|
now = time.time()
|
|
|
|
for e in self.entries:
|
|
|
|
if len(e) == 2:
|
|
|
|
name, child = e
|
|
|
|
new_metadata = None
|
|
|
|
else:
|
|
|
|
assert len(e) == 3
|
|
|
|
name, child, new_metadata = e
|
2008-12-19 15:39:24 +00:00
|
|
|
assert _assert(IFilesystemNode.providedBy(child), child)
|
2008-04-18 02:57:04 +00:00
|
|
|
assert isinstance(name, unicode)
|
|
|
|
if name in children:
|
2008-05-16 23:09:47 +00:00
|
|
|
if not self.overwrite:
|
|
|
|
raise ExistingChildError("child '%s' already exists" % name)
|
2008-04-18 02:57:04 +00:00
|
|
|
metadata = children[name][1].copy()
|
|
|
|
else:
|
|
|
|
metadata = {"ctime": now,
|
2009-04-11 22:52:05 +00:00
|
|
|
"mtime": now,
|
|
|
|
"tahoe": {
|
|
|
|
"linkcrtime": now,
|
|
|
|
"linkmotime": now,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if new_metadata is not None:
|
|
|
|
# Overwrite all metadata.
|
|
|
|
newmd = new_metadata.copy()
|
|
|
|
|
|
|
|
# Except 'tahoe'.
|
|
|
|
if newmd.has_key('tahoe'):
|
|
|
|
del newmd['tahoe']
|
|
|
|
if metadata.has_key('tahoe'):
|
|
|
|
newmd['tahoe'] = metadata['tahoe']
|
|
|
|
|
|
|
|
metadata = newmd
|
|
|
|
else:
|
|
|
|
# For backwards compatibility with Tahoe < 1.4.0:
|
2008-04-18 02:57:04 +00:00
|
|
|
if "ctime" not in metadata:
|
|
|
|
metadata["ctime"] = now
|
|
|
|
metadata["mtime"] = now
|
2009-04-11 22:52:05 +00:00
|
|
|
|
|
|
|
# update timestamps
|
|
|
|
sysmd = metadata.get('tahoe', {})
|
|
|
|
if not 'linkcrtime' in sysmd:
|
|
|
|
if "ctime" in metadata:
|
|
|
|
# In Tahoe < 1.4.0 we used the word "ctime" to mean what Tahoe >= 1.4.0
|
|
|
|
# calls "linkcrtime".
|
|
|
|
sysmd["linkcrtime"] = metadata["ctime"]
|
|
|
|
else:
|
|
|
|
sysmd["linkcrtime"] = now
|
|
|
|
sysmd["linkmotime"] = now
|
|
|
|
|
2008-04-18 02:57:04 +00:00
|
|
|
children[name] = (child, metadata)
|
|
|
|
new_contents = self.node._pack_contents(children)
|
|
|
|
return new_contents
|
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
class NewDirectoryNode:
|
2008-09-10 20:44:58 +00:00
|
|
|
implements(IDirectoryNode, ICheckable, IDeepCheckable)
|
2007-11-02 06:46:47 +00:00
|
|
|
filenode_class = MutableFileNode
|
|
|
|
|
|
|
|
def __init__(self, client):
|
|
|
|
self._client = client
|
2008-05-08 20:21:14 +00:00
|
|
|
self._most_recent_size = None
|
|
|
|
|
2007-12-03 21:52:42 +00:00
|
|
|
def __repr__(self):
|
|
|
|
return "<%s %s %s>" % (self.__class__.__name__, self.is_readonly() and "RO" or "RW", hasattr(self, '_uri') and self._uri.abbrev())
|
2007-11-02 06:46:47 +00:00
|
|
|
def init_from_uri(self, myuri):
|
2007-12-03 21:52:42 +00:00
|
|
|
self._uri = IURI(myuri)
|
2007-11-02 06:46:47 +00:00
|
|
|
self._node = self.filenode_class(self._client)
|
2007-12-03 21:52:42 +00:00
|
|
|
self._node.init_from_uri(self._uri.get_filenode_uri())
|
2007-11-02 06:46:47 +00:00
|
|
|
return self
|
|
|
|
|
2008-04-02 01:45:13 +00:00
|
|
|
def create(self, keypair_generator=None):
|
2007-12-03 21:52:42 +00:00
|
|
|
"""
|
|
|
|
Returns a deferred that eventually fires with self once the directory
|
|
|
|
has been created (distributed across a set of storage servers).
|
|
|
|
"""
|
2007-11-02 06:46:47 +00:00
|
|
|
# first we create a MutableFileNode with empty_contents, then use its
|
|
|
|
# URI to create our own.
|
|
|
|
self._node = self.filenode_class(self._client)
|
|
|
|
empty_contents = self._pack_contents({})
|
2008-04-02 01:45:13 +00:00
|
|
|
d = self._node.create(empty_contents, keypair_generator)
|
2007-11-02 06:46:47 +00:00
|
|
|
d.addCallback(self._filenode_created)
|
|
|
|
return d
|
|
|
|
def _filenode_created(self, res):
|
2007-12-04 21:32:04 +00:00
|
|
|
self._uri = NewDirectoryURI(IMutableFileURI(self._node.get_uri()))
|
2007-12-03 21:52:42 +00:00
|
|
|
return self
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2008-05-08 20:21:14 +00:00
|
|
|
def get_size(self):
|
|
|
|
# return the size of our backing mutable file, in bytes, if we've
|
|
|
|
# fetched it.
|
|
|
|
return self._most_recent_size
|
|
|
|
|
|
|
|
def _set_size(self, data):
|
|
|
|
self._most_recent_size = len(data)
|
|
|
|
return data
|
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
def _read(self):
|
2008-04-18 00:51:38 +00:00
|
|
|
d = self._node.download_best_version()
|
2008-05-08 20:21:14 +00:00
|
|
|
d.addCallback(self._set_size)
|
2007-11-02 06:46:47 +00:00
|
|
|
d.addCallback(self._unpack_contents)
|
|
|
|
return d
|
|
|
|
|
|
|
|
def _encrypt_rwcap(self, rwcap):
|
|
|
|
assert isinstance(rwcap, str)
|
|
|
|
IV = os.urandom(16)
|
2007-11-06 04:51:08 +00:00
|
|
|
key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey())
|
2007-12-04 00:27:46 +00:00
|
|
|
cryptor = AES(key)
|
|
|
|
crypttext = cryptor.process(rwcap)
|
2007-11-02 06:46:47 +00:00
|
|
|
mac = hashutil.hmac(key, IV + crypttext)
|
|
|
|
assert len(mac) == 32
|
|
|
|
return IV + crypttext + mac
|
2008-12-22 00:35:18 +00:00
|
|
|
# The MAC is not checked by readers in Tahoe >= 1.3.0, but we still produce it for the sake of older readers.
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
def _decrypt_rwcapdata(self, encwrcap):
|
|
|
|
IV = encwrcap[:16]
|
|
|
|
crypttext = encwrcap[16:-32]
|
2007-11-06 04:51:08 +00:00
|
|
|
key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey())
|
2007-12-04 00:27:46 +00:00
|
|
|
cryptor = AES(key)
|
|
|
|
plaintext = cryptor.process(crypttext)
|
2007-11-02 06:46:47 +00:00
|
|
|
return plaintext
|
|
|
|
|
|
|
|
def _create_node(self, child_uri):
|
2007-11-09 09:54:51 +00:00
|
|
|
return self._client.create_node_from_uri(child_uri)
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
def _unpack_contents(self, data):
|
|
|
|
# the directory is serialized as a list of netstrings, one per child.
|
|
|
|
# Each child is serialized as a list of four netstrings: (name,
|
|
|
|
# rocap, rwcap, metadata), in which the name,rocap,metadata are in
|
2008-02-14 22:45:56 +00:00
|
|
|
# cleartext. The 'name' is UTF-8 encoded. The rwcap is formatted as:
|
|
|
|
# pack("16ss32s", iv, AES(H(writekey+iv), plaintextrwcap), mac)
|
2007-11-02 06:46:47 +00:00
|
|
|
assert isinstance(data, str)
|
|
|
|
# an empty directory is serialized as an empty string
|
|
|
|
if data == "":
|
|
|
|
return {}
|
2007-12-03 21:52:42 +00:00
|
|
|
writeable = not self.is_readonly()
|
2007-11-02 06:46:47 +00:00
|
|
|
children = {}
|
|
|
|
while len(data) > 0:
|
|
|
|
entry, data = split_netstring(data, 1, True)
|
|
|
|
name, rocap, rwcapdata, metadata_s = split_netstring(entry, 4)
|
2008-02-14 22:45:56 +00:00
|
|
|
name = name.decode("utf-8")
|
2007-12-03 21:52:42 +00:00
|
|
|
if writeable:
|
2007-11-02 06:46:47 +00:00
|
|
|
rwcap = self._decrypt_rwcapdata(rwcapdata)
|
|
|
|
child = self._create_node(rwcap)
|
|
|
|
else:
|
|
|
|
child = self._create_node(rocap)
|
|
|
|
metadata = simplejson.loads(metadata_s)
|
|
|
|
assert isinstance(metadata, dict)
|
|
|
|
children[name] = (child, metadata)
|
|
|
|
return children
|
|
|
|
|
|
|
|
def _pack_contents(self, children):
|
|
|
|
# expects children in the same format as _unpack_contents
|
|
|
|
assert isinstance(children, dict)
|
|
|
|
entries = []
|
|
|
|
for name in sorted(children.keys()):
|
|
|
|
child, metadata = children[name]
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
assert (IFileNode.providedBy(child)
|
|
|
|
or IMutableFileNode.providedBy(child)
|
2007-12-19 06:30:02 +00:00
|
|
|
or IDirectoryNode.providedBy(child)), (name,child)
|
2007-11-02 06:46:47 +00:00
|
|
|
assert isinstance(metadata, dict)
|
2007-12-03 21:52:42 +00:00
|
|
|
rwcap = child.get_uri() # might be RO if the child is not writeable
|
2008-12-19 15:39:24 +00:00
|
|
|
assert isinstance(rwcap, str), rwcap
|
2007-12-03 21:52:42 +00:00
|
|
|
rocap = child.get_readonly_uri()
|
download: refactor handling of URI Extension Block and crypttext hash tree, simplify things
Refactor into a class the logic of asking each server in turn until one of them gives an answer
that validates. It is called ValidatedThingObtainer.
Refactor the downloading and verification of the URI Extension Block into a class named
ValidatedExtendedURIProxy.
The new logic of validating UEBs is minimalist: it doesn't require the UEB to contain any
unncessary information, but of course it still accepts such information for backwards
compatibility (so that this new download code is able to download files uploaded with old, and
for that matter with current, upload code).
The new logic of validating UEBs follows the practice of doing all validation up front. This
practice advises one to isolate the validation of incoming data into one place, so that all of
the rest of the code can assume only valid data.
If any redundant information is present in the UEB+URI, the new code cross-checks and asserts
that it is all fully consistent. This closes some issues where the uploader could have
uploaded inconsistent redundant data, which would probably have caused the old downloader to
simply reject that download after getting a Python exception, but perhaps could have caused
greater harm to the old downloader.
I removed the notion of selecting an erasure codec from codec.py based on the string that was
passed in the UEB. Currently "crs" is the only such string that works, so
"_assert(codec_name == 'crs')" is simpler and more explicit. This is also in keeping with the
"validate up front" strategy -- now if someone sets a different string than "crs" in their UEB,
the downloader will reject the download in the "validate this UEB" function instead of in a
separate "select the codec instance" function.
I removed the code to check plaintext hashes and plaintext Merkle Trees. Uploaders do not
produce this information any more (since it potentially exposes confidential information about
the file), and the unit tests for it were disabled. The downloader before this patch would
check that plaintext hash or plaintext merkle tree if they were present, but not complain if
they were absent. The new downloader in this patch complains if they are present and doesn't
check them. (We might in the future re-introduce such hashes over the plaintext, but encrypt
the hashes which are stored in the UEB to preserve confidentiality. This would be a double-
check on the correctness of our own source code -- the current Merkle Tree over the ciphertext
is already sufficient to guarantee the integrity of the download unless there is a bug in our
Merkle Tree or AES implementation.)
This patch increases the lines-of-code count by 8 (from 17,770 to 17,778), and reduces the
uncovered-by-tests lines-of-code count by 24 (from 1408 to 1384). Those numbers would be more
meaningful if we omitted src/allmydata/util/ from the test-coverage statistics.
2008-12-05 15:17:54 +00:00
|
|
|
assert isinstance(rocap, str), rocap
|
2008-02-14 22:45:56 +00:00
|
|
|
entry = "".join([netstring(name.encode("utf-8")),
|
2007-11-02 06:46:47 +00:00
|
|
|
netstring(rocap),
|
|
|
|
netstring(self._encrypt_rwcap(rwcap)),
|
|
|
|
netstring(simplejson.dumps(metadata))])
|
|
|
|
entries.append(netstring(entry))
|
|
|
|
return "".join(entries)
|
|
|
|
|
|
|
|
def is_readonly(self):
|
|
|
|
return self._node.is_readonly()
|
|
|
|
def is_mutable(self):
|
|
|
|
return self._node.is_mutable()
|
|
|
|
|
|
|
|
def get_uri(self):
|
|
|
|
return self._uri.to_string()
|
|
|
|
|
2007-12-03 21:52:42 +00:00
|
|
|
def get_readonly_uri(self):
|
2007-11-02 06:46:47 +00:00
|
|
|
return self._uri.get_readonly().to_string()
|
|
|
|
|
2008-12-08 19:44:11 +00:00
|
|
|
def get_verify_cap(self):
|
|
|
|
return self._uri.get_verify_cap()
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2009-01-23 04:44:49 +00:00
|
|
|
def get_repair_cap(self):
|
|
|
|
if self._node.is_readonly():
|
|
|
|
return None
|
|
|
|
return self._uri
|
|
|
|
|
2008-08-12 23:14:07 +00:00
|
|
|
def get_storage_index(self):
|
|
|
|
return self._uri._filenode_uri.storage_index
|
|
|
|
|
2009-02-18 02:32:43 +00:00
|
|
|
def check(self, monitor, verify=False, add_lease=False):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""Perform a file check. See IChecker.check for details."""
|
2009-02-18 02:32:43 +00:00
|
|
|
return self._node.check(monitor, verify, add_lease)
|
|
|
|
def check_and_repair(self, monitor, verify=False, add_lease=False):
|
|
|
|
return self._node.check_and_repair(monitor, verify, add_lease)
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
def list(self):
|
|
|
|
"""I return a Deferred that fires with a dictionary mapping child
|
2007-12-03 21:52:42 +00:00
|
|
|
name to a tuple of (IFileNode or IDirectoryNode, metadata)."""
|
2007-11-02 06:46:47 +00:00
|
|
|
return self._read()
|
|
|
|
|
|
|
|
def has_child(self, name):
|
|
|
|
"""I return a Deferred that fires with a boolean, True if there
|
|
|
|
exists a child of the given name, False if not."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
d = self._read()
|
|
|
|
d.addCallback(lambda children: children.has_key(name))
|
|
|
|
return d
|
|
|
|
|
2007-12-03 21:52:42 +00:00
|
|
|
def _get(self, children, name):
|
|
|
|
child = children.get(name)
|
|
|
|
if child is None:
|
2008-10-27 20:15:25 +00:00
|
|
|
raise NoSuchChildError(name)
|
2007-12-03 21:52:42 +00:00
|
|
|
return child[0]
|
|
|
|
|
2008-10-03 00:52:03 +00:00
|
|
|
def _get_with_metadata(self, children, name):
|
|
|
|
child = children.get(name)
|
|
|
|
if child is None:
|
2008-10-27 20:15:25 +00:00
|
|
|
raise NoSuchChildError(name)
|
2008-10-03 00:52:03 +00:00
|
|
|
return child
|
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
def get(self, name):
|
2007-12-03 21:52:42 +00:00
|
|
|
"""I return a Deferred that fires with the named child node,
|
|
|
|
which is either an IFileNode or an IDirectoryNode."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
d = self._read()
|
2007-12-03 21:52:42 +00:00
|
|
|
d.addCallback(self._get, name)
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
2008-10-03 00:52:03 +00:00
|
|
|
def get_child_and_metadata(self, name):
|
|
|
|
"""I return a Deferred that fires with the (node, metadata) pair for
|
|
|
|
the named child. The node is either an IFileNode or an
|
|
|
|
IDirectoryNode, and the metadata is a dictionary."""
|
|
|
|
assert isinstance(name, unicode)
|
|
|
|
d = self._read()
|
|
|
|
d.addCallback(self._get_with_metadata, name)
|
|
|
|
return d
|
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
def get_metadata_for(self, name):
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
d = self._read()
|
|
|
|
d.addCallback(lambda children: children[name][1])
|
|
|
|
return d
|
|
|
|
|
2008-02-09 01:43:47 +00:00
|
|
|
def set_metadata_for(self, name, metadata):
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2008-02-09 01:43:47 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
|
|
|
assert isinstance(metadata, dict)
|
2008-04-18 02:57:04 +00:00
|
|
|
s = MetadataSetter(self, name, metadata)
|
|
|
|
d = self._node.modify(s.modify)
|
2008-02-09 01:43:47 +00:00
|
|
|
d.addCallback(lambda res: self)
|
|
|
|
return d
|
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
def get_child_at_path(self, path):
|
|
|
|
"""Transform a child path into an IDirectoryNode or IFileNode.
|
|
|
|
|
|
|
|
I perform a recursive series of 'get' operations to find the named
|
|
|
|
descendant node. I return a Deferred that fires with the node, or
|
|
|
|
errbacks with IndexError if the node could not be found.
|
|
|
|
|
|
|
|
The path can be either a single string (slash-separated) or a list of
|
|
|
|
path-name elements.
|
|
|
|
"""
|
2008-10-03 01:08:45 +00:00
|
|
|
d = self.get_child_and_metadata_at_path(path)
|
2008-10-03 00:52:03 +00:00
|
|
|
d.addCallback(lambda (node, metadata): node)
|
|
|
|
return d
|
|
|
|
|
2008-10-03 01:08:45 +00:00
|
|
|
def get_child_and_metadata_at_path(self, path):
|
2008-10-03 00:52:03 +00:00
|
|
|
"""Transform a child path into an IDirectoryNode or IFileNode and
|
|
|
|
a metadata dictionary from the last edge that was traversed.
|
|
|
|
"""
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
if not path:
|
2008-10-03 00:52:03 +00:00
|
|
|
return defer.succeed((self, {}))
|
2008-02-14 22:45:56 +00:00
|
|
|
if isinstance(path, (list, tuple)):
|
|
|
|
pass
|
|
|
|
else:
|
2007-11-02 06:46:47 +00:00
|
|
|
path = path.split("/")
|
2008-02-14 22:45:56 +00:00
|
|
|
for p in path:
|
|
|
|
assert isinstance(p, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
childname = path[0]
|
|
|
|
remaining_path = path[1:]
|
|
|
|
if remaining_path:
|
2008-10-03 00:52:03 +00:00
|
|
|
d = self.get(childname)
|
|
|
|
d.addCallback(lambda node:
|
2008-10-03 01:08:45 +00:00
|
|
|
node.get_child_and_metadata_at_path(remaining_path))
|
2008-10-03 00:52:03 +00:00
|
|
|
return d
|
|
|
|
d = self.get_child_and_metadata(childname)
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def set_uri(self, name, child_uri, metadata=None, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""I add a child (by URI) at the specific name. I return a Deferred
|
2007-12-03 21:52:42 +00:00
|
|
|
that fires with the child node when the operation finishes. I will
|
|
|
|
replace any existing child of the same name.
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
The child_uri could be for a file, or for a directory (either
|
|
|
|
read-write or read-only, using a URI that came from get_uri() ).
|
|
|
|
|
|
|
|
If this directory node is read-only, the Deferred will errback with a
|
|
|
|
NotMutableError."""
|
2008-12-19 15:39:24 +00:00
|
|
|
precondition(isinstance(name, unicode), name)
|
|
|
|
precondition(isinstance(child_uri, str), child_uri)
|
2008-04-18 02:57:04 +00:00
|
|
|
child_node = self._create_node(child_uri)
|
2008-05-16 23:09:47 +00:00
|
|
|
d = self.set_node(name, child_node, metadata, overwrite)
|
2008-04-18 02:57:04 +00:00
|
|
|
d.addCallback(lambda res: child_node)
|
|
|
|
return d
|
2007-12-19 06:30:02 +00:00
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def set_children(self, entries, overwrite=True):
|
2008-04-18 02:57:04 +00:00
|
|
|
# this takes URIs
|
2008-05-16 23:09:47 +00:00
|
|
|
a = Adder(self, overwrite=overwrite)
|
2007-12-19 06:30:02 +00:00
|
|
|
node_entries = []
|
|
|
|
for e in entries:
|
|
|
|
if len(e) == 2:
|
|
|
|
name, child_uri = e
|
2008-02-09 01:43:47 +00:00
|
|
|
metadata = None
|
2007-12-19 06:30:02 +00:00
|
|
|
else:
|
|
|
|
assert len(e) == 3
|
|
|
|
name, child_uri, metadata = e
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2008-04-18 02:57:04 +00:00
|
|
|
a.set_node(name, self._create_node(child_uri), metadata)
|
|
|
|
return self._node.modify(a.modify)
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def set_node(self, name, child, metadata=None, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""I add a child at the specific name. I return a Deferred that fires
|
|
|
|
when the operation finishes. This Deferred will fire with the child
|
|
|
|
node that was just added. I will replace any existing child of the
|
|
|
|
same name.
|
|
|
|
|
|
|
|
If this directory node is read-only, the Deferred will errback with a
|
|
|
|
NotMutableError."""
|
2008-04-18 02:57:04 +00:00
|
|
|
|
2008-12-19 15:39:24 +00:00
|
|
|
precondition(IFilesystemNode.providedBy(child), child)
|
|
|
|
|
2008-04-18 02:57:04 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-12-19 06:30:02 +00:00
|
|
|
assert IFilesystemNode.providedBy(child), child
|
2008-05-16 23:09:47 +00:00
|
|
|
a = Adder(self, overwrite=overwrite)
|
2008-04-18 02:57:04 +00:00
|
|
|
a.set_node(name, child, metadata)
|
|
|
|
d = self._node.modify(a.modify)
|
2007-12-19 06:30:02 +00:00
|
|
|
d.addCallback(lambda res: child)
|
|
|
|
return d
|
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def set_nodes(self, entries, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
2008-05-16 23:09:47 +00:00
|
|
|
a = Adder(self, entries, overwrite=overwrite)
|
2008-04-18 02:57:04 +00:00
|
|
|
d = self._node.modify(a.modify)
|
2007-12-19 06:30:02 +00:00
|
|
|
d.addCallback(lambda res: None)
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
2007-12-19 06:30:02 +00:00
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def add_file(self, name, uploadable, metadata=None, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""I upload a file (using the given IUploadable), then attach the
|
|
|
|
resulting FileNode to the directory at the given name. I return a
|
|
|
|
Deferred that fires (with the IFileNode of the uploaded file) when
|
|
|
|
the operation completes."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
2008-01-14 21:55:59 +00:00
|
|
|
d = self._client.upload(uploadable)
|
2008-02-06 04:01:38 +00:00
|
|
|
d.addCallback(lambda results: results.uri)
|
2007-11-09 09:54:51 +00:00
|
|
|
d.addCallback(self._client.create_node_from_uri)
|
2008-05-16 23:09:47 +00:00
|
|
|
d.addCallback(lambda node:
|
|
|
|
self.set_node(name, node, metadata, overwrite))
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
|
|
|
def delete(self, name):
|
|
|
|
"""I remove the child at the specific name. I return a Deferred that
|
|
|
|
fires (with the node just removed) when the operation finishes."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
2008-04-18 02:57:04 +00:00
|
|
|
deleter = Deleter(self, name)
|
|
|
|
d = self._node.modify(deleter.modify)
|
|
|
|
d.addCallback(lambda res: deleter.old_child)
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
2008-05-16 23:09:47 +00:00
|
|
|
def create_empty_directory(self, name, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""I create and attach an empty directory at the given name. I return
|
|
|
|
a Deferred that fires (with the new directory node) when the
|
|
|
|
operation finishes."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
if self.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
2008-01-14 21:55:59 +00:00
|
|
|
d = self._client.create_empty_dirnode()
|
2007-11-02 06:46:47 +00:00
|
|
|
def _created(child):
|
2008-04-18 02:57:04 +00:00
|
|
|
entries = [(name, child, None)]
|
2008-05-16 23:09:47 +00:00
|
|
|
a = Adder(self, entries, overwrite=overwrite)
|
2008-04-18 02:57:04 +00:00
|
|
|
d = self._node.modify(a.modify)
|
2007-11-02 06:46:47 +00:00
|
|
|
d.addCallback(lambda res: child)
|
|
|
|
return d
|
|
|
|
d.addCallback(_created)
|
|
|
|
return d
|
|
|
|
|
|
|
|
def move_child_to(self, current_child_name, new_parent,
|
2008-05-16 23:09:47 +00:00
|
|
|
new_child_name=None, overwrite=True):
|
2007-11-02 06:46:47 +00:00
|
|
|
"""I take one of my children and move them to a new parent. The child
|
|
|
|
is referenced by name. On the new parent, the child will live under
|
|
|
|
'new_child_name', which defaults to 'current_child_name'. I return a
|
|
|
|
Deferred that fires when the operation finishes."""
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(current_child_name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
if self.is_readonly() or new_parent.is_readonly():
|
|
|
|
return defer.fail(NotMutableError())
|
|
|
|
if new_child_name is None:
|
|
|
|
new_child_name = current_child_name
|
2008-02-14 22:45:56 +00:00
|
|
|
assert isinstance(new_child_name, unicode)
|
2007-11-02 06:46:47 +00:00
|
|
|
d = self.get(current_child_name)
|
2007-12-03 21:52:42 +00:00
|
|
|
def sn(child):
|
2008-05-16 23:09:47 +00:00
|
|
|
return new_parent.set_node(new_child_name, child,
|
|
|
|
overwrite=overwrite)
|
2007-12-03 21:52:42 +00:00
|
|
|
d.addCallback(sn)
|
2007-11-02 06:46:47 +00:00
|
|
|
d.addCallback(lambda child: self.delete(current_child_name))
|
|
|
|
return d
|
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
|
|
|
|
def deep_traverse(self, walker):
|
|
|
|
"""Perform a recursive walk, using this dirnode as a root, notifying
|
|
|
|
the 'walker' instance of everything I encounter.
|
|
|
|
|
|
|
|
I call walker.enter_directory(parent, children) once for each dirnode
|
|
|
|
I visit, immediately after retrieving the list of children. I pass in
|
|
|
|
the parent dirnode and the dict of childname->(childnode,metadata).
|
|
|
|
This function should *not* traverse the children: I will do that.
|
|
|
|
enter_directory() is most useful for the deep-stats number that
|
|
|
|
counts how large a directory is.
|
|
|
|
|
|
|
|
I call walker.add_node(node, path) for each node (both files and
|
|
|
|
directories) I can reach. Most work should be done here.
|
|
|
|
|
|
|
|
I avoid loops by keeping track of verifier-caps and refusing to call
|
2009-01-09 02:41:16 +00:00
|
|
|
walker.add_node() or traverse a node that I've seen before. This
|
|
|
|
means that any file or directory will only be given to the walker
|
|
|
|
once. If files or directories are referenced multiple times by a
|
|
|
|
directory structure, this may appear to under-count or miss some of
|
|
|
|
them.
|
2008-09-10 08:45:04 +00:00
|
|
|
|
2009-01-23 04:39:50 +00:00
|
|
|
I return a Monitor which can be used to wait for the operation to
|
|
|
|
finish, learn about its progress, or cancel the operation.
|
2008-09-10 08:45:04 +00:00
|
|
|
"""
|
2007-11-02 06:46:47 +00:00
|
|
|
|
|
|
|
# this is just a tree-walker, except that following each edge
|
2009-01-09 02:41:16 +00:00
|
|
|
# requires a Deferred. We used to use a ConcurrencyLimiter to limit
|
|
|
|
# fanout to 10 simultaneous operations, but the memory load of the
|
|
|
|
# queued operations was excessive (in one case, with 330k dirnodes,
|
|
|
|
# it caused the process to run into the 3.0GB-ish per-process 32bit
|
|
|
|
# linux memory limit, and crashed). So we use a single big Deferred
|
|
|
|
# chain, and do a strict depth-first traversal, one node at a time.
|
|
|
|
# This can be slower, because we aren't pipelining directory reads,
|
|
|
|
# but it brought the memory footprint down by roughly 50%.
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2008-10-22 00:03:07 +00:00
|
|
|
monitor = Monitor()
|
|
|
|
walker.set_monitor(monitor)
|
|
|
|
|
2008-12-08 19:44:11 +00:00
|
|
|
found = set([self.get_verify_cap()])
|
2009-01-09 02:41:16 +00:00
|
|
|
d = self._deep_traverse_dirnode(self, [], walker, monitor, found)
|
2008-09-10 08:45:04 +00:00
|
|
|
d.addCallback(lambda ignored: walker.finish())
|
2008-10-22 00:03:07 +00:00
|
|
|
d.addBoth(monitor.finish)
|
2008-10-22 07:55:52 +00:00
|
|
|
d.addErrback(lambda f: None)
|
|
|
|
|
2008-10-22 00:03:07 +00:00
|
|
|
return monitor
|
2007-11-02 06:46:47 +00:00
|
|
|
|
2009-01-09 02:41:16 +00:00
|
|
|
def _deep_traverse_dirnode(self, node, path, walker, monitor, found):
|
2008-09-10 08:45:04 +00:00
|
|
|
# process this directory, then walk its children
|
2008-10-22 07:55:52 +00:00
|
|
|
monitor.raise_if_cancelled()
|
2009-01-09 02:41:16 +00:00
|
|
|
d = defer.maybeDeferred(walker.add_node, node, path)
|
|
|
|
d.addCallback(lambda ignored: node.list())
|
2008-09-10 08:45:04 +00:00
|
|
|
d.addCallback(self._deep_traverse_dirnode_children, node, path,
|
2009-01-09 02:41:16 +00:00
|
|
|
walker, monitor, found)
|
2007-11-02 06:46:47 +00:00
|
|
|
return d
|
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
def _deep_traverse_dirnode_children(self, children, parent, path,
|
2009-01-09 02:41:16 +00:00
|
|
|
walker, monitor, found):
|
2008-10-22 07:55:52 +00:00
|
|
|
monitor.raise_if_cancelled()
|
2009-01-09 02:41:16 +00:00
|
|
|
d = defer.maybeDeferred(walker.enter_directory, parent, children)
|
|
|
|
# we process file-like children first, so we can drop their FileNode
|
|
|
|
# objects as quickly as possible. Tests suggest that a FileNode (held
|
|
|
|
# in the client's nodecache) consumes about 2440 bytes. dirnodes (not
|
|
|
|
# in the nodecache) seem to consume about 2000 bytes.
|
|
|
|
dirkids = []
|
|
|
|
filekids = []
|
2009-03-13 06:50:46 +00:00
|
|
|
for name, (child, metadata) in sorted(children.iteritems()):
|
2008-12-08 19:44:11 +00:00
|
|
|
verifier = child.get_verify_cap()
|
2008-11-15 05:50:49 +00:00
|
|
|
# allow LIT files (for which verifier==None) to be processed
|
|
|
|
if (verifier is not None) and (verifier in found):
|
2008-09-10 08:45:04 +00:00
|
|
|
continue
|
|
|
|
found.add(verifier)
|
|
|
|
childpath = path + [name]
|
|
|
|
if IDirectoryNode.providedBy(child):
|
2009-01-09 02:41:16 +00:00
|
|
|
dirkids.append( (child, childpath) )
|
2008-09-10 08:45:04 +00:00
|
|
|
else:
|
2009-01-09 02:41:16 +00:00
|
|
|
filekids.append( (child, childpath) )
|
2009-03-13 23:31:35 +00:00
|
|
|
for i, (child, childpath) in enumerate(filekids):
|
2009-01-09 02:41:16 +00:00
|
|
|
d.addCallback(lambda ignored, child=child, childpath=childpath:
|
|
|
|
walker.add_node(child, childpath))
|
2009-03-13 23:31:35 +00:00
|
|
|
# to work around the Deferred tail-recursion problem
|
|
|
|
# (specifically the defer.succeed flavor) requires us to avoid
|
|
|
|
# doing more than 158 LIT files in a row. We insert a turn break
|
|
|
|
# once every 100 files (LIT or CHK) to preserve some stack space
|
|
|
|
# for other code. This is a different expression of the same
|
|
|
|
# Twisted problem as in #237.
|
|
|
|
if i % 100 == 99:
|
|
|
|
d.addCallback(lambda ignored: fireEventually())
|
2009-01-09 02:41:16 +00:00
|
|
|
for (child, childpath) in dirkids:
|
|
|
|
d.addCallback(lambda ignored, child=child, childpath=childpath:
|
|
|
|
self._deep_traverse_dirnode(child, childpath,
|
|
|
|
walker, monitor,
|
|
|
|
found))
|
|
|
|
return d
|
2008-05-08 20:21:14 +00:00
|
|
|
|
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
def build_manifest(self):
|
2008-10-22 00:03:07 +00:00
|
|
|
"""Return a Monitor, with a ['status'] that will be a list of (path,
|
|
|
|
cap) tuples, for all nodes (directories and files) reachable from
|
|
|
|
this one."""
|
|
|
|
walker = ManifestWalker(self)
|
|
|
|
return self.deep_traverse(walker)
|
2008-05-08 20:21:14 +00:00
|
|
|
|
2008-10-22 00:03:07 +00:00
|
|
|
def start_deep_stats(self):
|
2008-09-10 08:45:04 +00:00
|
|
|
# Since deep_traverse tracks verifier caps, we avoid double-counting
|
|
|
|
# children for which we've got both a write-cap and a read-cap
|
2008-10-22 00:03:07 +00:00
|
|
|
return self.deep_traverse(DeepStats(self))
|
2008-05-08 20:21:14 +00:00
|
|
|
|
2009-02-18 02:32:43 +00:00
|
|
|
def start_deep_check(self, verify=False, add_lease=False):
|
|
|
|
return self.deep_traverse(DeepChecker(self, verify, repair=False, add_lease=add_lease))
|
2008-07-17 01:20:57 +00:00
|
|
|
|
2009-02-18 02:32:43 +00:00
|
|
|
def start_deep_check_and_repair(self, verify=False, add_lease=False):
|
|
|
|
return self.deep_traverse(DeepChecker(self, verify, repair=True, add_lease=add_lease))
|
2008-09-07 19:44:56 +00:00
|
|
|
|
2008-07-17 01:20:57 +00:00
|
|
|
|
2008-07-17 21:25:04 +00:00
|
|
|
|
2008-05-08 20:33:07 +00:00
|
|
|
class DeepStats:
|
2008-10-22 00:03:07 +00:00
|
|
|
def __init__(self, origin):
|
|
|
|
self.origin = origin
|
2008-05-08 20:33:07 +00:00
|
|
|
self.stats = {}
|
|
|
|
for k in ["count-immutable-files",
|
|
|
|
"count-mutable-files",
|
|
|
|
"count-literal-files",
|
|
|
|
"count-files",
|
|
|
|
"count-directories",
|
|
|
|
"size-immutable-files",
|
|
|
|
#"size-mutable-files",
|
|
|
|
"size-literal-files",
|
|
|
|
"size-directories",
|
|
|
|
"largest-directory",
|
|
|
|
"largest-directory-children",
|
|
|
|
"largest-immutable-file",
|
|
|
|
#"largest-mutable-file",
|
|
|
|
]:
|
|
|
|
self.stats[k] = 0
|
2008-05-08 23:19:42 +00:00
|
|
|
self.histograms = {}
|
|
|
|
for k in ["size-files-histogram"]:
|
|
|
|
self.histograms[k] = {} # maps (min,max) to count
|
|
|
|
self.buckets = [ (0,0), (1,3)]
|
|
|
|
self.root = math.sqrt(10)
|
2008-05-08 20:33:07 +00:00
|
|
|
|
2008-10-22 00:03:07 +00:00
|
|
|
def set_monitor(self, monitor):
|
|
|
|
self.monitor = monitor
|
|
|
|
monitor.origin_si = self.origin.get_storage_index()
|
2008-11-19 23:00:27 +00:00
|
|
|
monitor.set_status(self.get_results())
|
2008-10-22 00:03:07 +00:00
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
def add_node(self, node, childpath):
|
|
|
|
if IDirectoryNode.providedBy(node):
|
|
|
|
self.add("count-directories")
|
|
|
|
elif IMutableFileNode.providedBy(node):
|
|
|
|
self.add("count-files")
|
|
|
|
self.add("count-mutable-files")
|
|
|
|
# TODO: update the servermap, compute a size, add it to
|
|
|
|
# size-mutable-files, max it into "largest-mutable-file"
|
|
|
|
elif IFileNode.providedBy(node): # CHK and LIT
|
|
|
|
self.add("count-files")
|
|
|
|
size = node.get_size()
|
|
|
|
self.histogram("size-files-histogram", size)
|
download: refactor handling of URI Extension Block and crypttext hash tree, simplify things
Refactor into a class the logic of asking each server in turn until one of them gives an answer
that validates. It is called ValidatedThingObtainer.
Refactor the downloading and verification of the URI Extension Block into a class named
ValidatedExtendedURIProxy.
The new logic of validating UEBs is minimalist: it doesn't require the UEB to contain any
unncessary information, but of course it still accepts such information for backwards
compatibility (so that this new download code is able to download files uploaded with old, and
for that matter with current, upload code).
The new logic of validating UEBs follows the practice of doing all validation up front. This
practice advises one to isolate the validation of incoming data into one place, so that all of
the rest of the code can assume only valid data.
If any redundant information is present in the UEB+URI, the new code cross-checks and asserts
that it is all fully consistent. This closes some issues where the uploader could have
uploaded inconsistent redundant data, which would probably have caused the old downloader to
simply reject that download after getting a Python exception, but perhaps could have caused
greater harm to the old downloader.
I removed the notion of selecting an erasure codec from codec.py based on the string that was
passed in the UEB. Currently "crs" is the only such string that works, so
"_assert(codec_name == 'crs')" is simpler and more explicit. This is also in keeping with the
"validate up front" strategy -- now if someone sets a different string than "crs" in their UEB,
the downloader will reject the download in the "validate this UEB" function instead of in a
separate "select the codec instance" function.
I removed the code to check plaintext hashes and plaintext Merkle Trees. Uploaders do not
produce this information any more (since it potentially exposes confidential information about
the file), and the unit tests for it were disabled. The downloader before this patch would
check that plaintext hash or plaintext merkle tree if they were present, but not complain if
they were absent. The new downloader in this patch complains if they are present and doesn't
check them. (We might in the future re-introduce such hashes over the plaintext, but encrypt
the hashes which are stored in the UEB to preserve confidentiality. This would be a double-
check on the correctness of our own source code -- the current Merkle Tree over the ciphertext
is already sufficient to guarantee the integrity of the download unless there is a bug in our
Merkle Tree or AES implementation.)
This patch increases the lines-of-code count by 8 (from 17,770 to 17,778), and reduces the
uncovered-by-tests lines-of-code count by 24 (from 1408 to 1384). Those numbers would be more
meaningful if we omitted src/allmydata/util/ from the test-coverage statistics.
2008-12-05 15:17:54 +00:00
|
|
|
theuri = from_string(node.get_uri())
|
|
|
|
if isinstance(theuri, LiteralFileURI):
|
2008-09-10 08:45:04 +00:00
|
|
|
self.add("count-literal-files")
|
|
|
|
self.add("size-literal-files", size)
|
|
|
|
else:
|
|
|
|
self.add("count-immutable-files")
|
|
|
|
self.add("size-immutable-files", size)
|
|
|
|
self.max("largest-immutable-file", size)
|
|
|
|
|
|
|
|
def enter_directory(self, parent, children):
|
|
|
|
dirsize_bytes = parent.get_size()
|
|
|
|
dirsize_children = len(children)
|
|
|
|
self.add("size-directories", dirsize_bytes)
|
|
|
|
self.max("largest-directory", dirsize_bytes)
|
|
|
|
self.max("largest-directory-children", dirsize_children)
|
|
|
|
|
2008-05-08 20:33:07 +00:00
|
|
|
def add(self, key, value=1):
|
|
|
|
self.stats[key] += value
|
|
|
|
|
|
|
|
def max(self, key, value):
|
|
|
|
self.stats[key] = max(self.stats[key], value)
|
|
|
|
|
2008-05-08 23:19:42 +00:00
|
|
|
def which_bucket(self, size):
|
|
|
|
# return (min,max) such that min <= size <= max
|
|
|
|
# values are from the set (0,0), (1,3), (4,10), (11,31), (32,100),
|
|
|
|
# (101,316), (317, 1000), etc: two per decade
|
|
|
|
assert size >= 0
|
|
|
|
i = 0
|
|
|
|
while True:
|
|
|
|
if i >= len(self.buckets):
|
|
|
|
# extend the list
|
|
|
|
new_lower = self.buckets[i-1][1]+1
|
|
|
|
new_upper = int(mathutil.next_power_of_k(new_lower, self.root))
|
|
|
|
self.buckets.append( (new_lower, new_upper) )
|
|
|
|
maybe = self.buckets[i]
|
|
|
|
if maybe[0] <= size <= maybe[1]:
|
|
|
|
return maybe
|
|
|
|
i += 1
|
|
|
|
|
|
|
|
def histogram(self, key, size):
|
|
|
|
bucket = self.which_bucket(size)
|
|
|
|
h = self.histograms[key]
|
|
|
|
if bucket not in h:
|
|
|
|
h[bucket] = 0
|
|
|
|
h[bucket] += 1
|
|
|
|
|
2008-05-08 20:33:07 +00:00
|
|
|
def get_results(self):
|
2008-05-08 23:19:42 +00:00
|
|
|
stats = self.stats.copy()
|
|
|
|
for key in self.histograms:
|
|
|
|
h = self.histograms[key]
|
|
|
|
out = [ (bucket[0], bucket[1], h[bucket]) for bucket in h ]
|
|
|
|
out.sort()
|
|
|
|
stats[key] = out
|
|
|
|
return stats
|
2008-05-08 20:21:14 +00:00
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
def finish(self):
|
|
|
|
return self.get_results()
|
|
|
|
|
2008-11-19 22:03:47 +00:00
|
|
|
class ManifestWalker(DeepStats):
|
|
|
|
def __init__(self, origin):
|
|
|
|
DeepStats.__init__(self, origin)
|
|
|
|
self.manifest = []
|
2008-11-19 23:00:27 +00:00
|
|
|
self.storage_index_strings = set()
|
2008-11-24 21:40:46 +00:00
|
|
|
self.verifycaps = set()
|
2008-11-19 22:03:47 +00:00
|
|
|
|
|
|
|
def add_node(self, node, path):
|
|
|
|
self.manifest.append( (tuple(path), node.get_uri()) )
|
2008-11-19 23:00:27 +00:00
|
|
|
si = node.get_storage_index()
|
|
|
|
if si:
|
|
|
|
self.storage_index_strings.add(base32.b2a(si))
|
2008-12-08 19:44:11 +00:00
|
|
|
v = node.get_verify_cap()
|
2008-11-24 21:40:46 +00:00
|
|
|
if v:
|
|
|
|
self.verifycaps.add(v.to_string())
|
2008-11-19 22:03:47 +00:00
|
|
|
return DeepStats.add_node(self, node, path)
|
|
|
|
|
2008-11-19 23:00:27 +00:00
|
|
|
def get_results(self):
|
|
|
|
stats = DeepStats.get_results(self)
|
2008-11-19 22:03:47 +00:00
|
|
|
return {"manifest": self.manifest,
|
2008-11-24 21:40:46 +00:00
|
|
|
"verifycaps": self.verifycaps,
|
2008-11-19 23:00:27 +00:00
|
|
|
"storage-index": self.storage_index_strings,
|
|
|
|
"stats": stats,
|
2008-11-19 22:03:47 +00:00
|
|
|
}
|
|
|
|
|
2008-09-10 08:45:04 +00:00
|
|
|
|
|
|
|
class DeepChecker:
|
2009-02-18 02:32:43 +00:00
|
|
|
def __init__(self, root, verify, repair, add_lease):
|
2008-09-10 08:45:04 +00:00
|
|
|
root_si = root.get_storage_index()
|
|
|
|
self._lp = log.msg(format="deep-check starting (%(si)s),"
|
|
|
|
" verify=%(verify)s, repair=%(repair)s",
|
|
|
|
si=base32.b2a(root_si), verify=verify, repair=repair)
|
|
|
|
self._verify = verify
|
|
|
|
self._repair = repair
|
2009-02-18 02:32:43 +00:00
|
|
|
self._add_lease = add_lease
|
2008-09-10 08:45:04 +00:00
|
|
|
if repair:
|
|
|
|
self._results = DeepCheckAndRepairResults(root_si)
|
|
|
|
else:
|
|
|
|
self._results = DeepCheckResults(root_si)
|
2008-10-22 00:03:07 +00:00
|
|
|
self._stats = DeepStats(root)
|
|
|
|
|
|
|
|
def set_monitor(self, monitor):
|
|
|
|
self.monitor = monitor
|
|
|
|
monitor.set_status(self._results)
|
2008-09-10 08:45:04 +00:00
|
|
|
|
|
|
|
def add_node(self, node, childpath):
|
|
|
|
if self._repair:
|
2009-02-18 02:32:43 +00:00
|
|
|
d = node.check_and_repair(self.monitor, self._verify, self._add_lease)
|
2008-09-10 08:45:04 +00:00
|
|
|
d.addCallback(self._results.add_check_and_repair, childpath)
|
|
|
|
else:
|
2009-02-18 02:32:43 +00:00
|
|
|
d = node.check(self.monitor, self._verify, self._add_lease)
|
2008-09-10 08:45:04 +00:00
|
|
|
d.addCallback(self._results.add_check, childpath)
|
|
|
|
d.addCallback(lambda ignored: self._stats.add_node(node, childpath))
|
|
|
|
return d
|
|
|
|
|
|
|
|
def enter_directory(self, parent, children):
|
|
|
|
return self._stats.enter_directory(parent, children)
|
|
|
|
|
|
|
|
def finish(self):
|
|
|
|
log.msg("deep-check done", parent=self._lp)
|
|
|
|
self._results.update_stats(self._stats.get_results())
|
|
|
|
return self._results
|
|
|
|
|
2008-05-08 20:21:14 +00:00
|
|
|
|
2007-11-02 06:46:47 +00:00
|
|
|
# use client.create_dirnode() to make one of these
|
|
|
|
|
|
|
|
|