6195 Commits

Author SHA1 Message Date
kevan
70d27cfa7c mutable/publish: handle unknown mutable share formats when handling errors 2011-09-24 17:43:05 -07:00
kevan
e8afe84813 mutable/layout: break unpack_checkstring into unpack_mdmf_checkstring and unpack_sdmf_checkstring, add distinguisher function for checkstrings 2011-09-24 17:41:34 -07:00
kevan
2187f27ad0 test/test_mutable: reenable mdmf publish surprise test 2011-09-24 16:54:15 -07:00
kevan
a911e15783 mutable/publish: use unpack_mdmf_checkstring and unpack_sdmf_checkstring instead of unpack_checkstring. fixes #1540 2011-09-24 16:51:37 -07:00
david-sarah
32262239e5 misc/coding_tools/check_interfaces.py: report all violations rather than only one for a given class, by including a forked version of verifyClass. refs #1474 2011-09-16 15:34:50 -07:00
david-sarah
9ca8ff7bfc misc/coding_tools/check_interfaces.py: use os.walk instead of FilePath, since this script shouldn't really depend on Twisted. refs #1474 2011-09-16 14:26:33 -07:00
david-sarah
f1445ce0b2 misc/coding_tools/check-interfaces.py: reduce false-positives by adding Dummy* to the set of excluded classnames, and bench-* to the set of excluded basenames. refs #1474 2011-09-16 14:26:24 -07:00
david-sarah
417054aaba Add a script 'misc/coding_tools/check-interfaces.py' that checks whether zope interfaces are enforced. Also add 'check-interfaces', 'version-and-path', and 'code-checks' targets to the Makefile. fixes #1474 2011-09-15 09:15:32 -07:00
david-sarah
1fa5c729b7 mutable/publish.py: copy the self.writers dict before iterating over it, since we remove elements from it during the iteration. refs #393 2011-09-24 14:12:08 -07:00
david-sarah
f94eb86fc9 mutable/publish.py: simplify by refactoring self.outstanding to self.num_outstanding. refs #393 2011-09-24 13:50:04 -07:00
david-sarah
4af626a798 test_mutable.py: update SkipTest message for test_publish_surprise_mdmf to reference the right ticket number. refs #1540. 2011-09-23 14:16:22 -07:00
Brian Warner
f61bdbffd7 control.py: unbreak speed-test: overwrite() wants a MutableData, not str
Really, all the upload/modify APIs should take a string or a filehandle, and
internally wrap it as needed. Callers should not need to be aware of
Uploadable() or MutableData() classes.
2011-09-23 00:37:48 -07:00
david-sarah
5d3d0dc336 test_mutable.py: skip test_publish_surprise_mdmf, which is causing an error. refs #1534, #393 2011-09-20 11:33:19 -07:00
kevan
d93b2965c3 test/test_mutable: write publish surprise test for MDMF, rename existing test_publish_surprise to clarify that it is for SDMF 2011-09-17 17:36:57 -07:00
kevan
19cf58f2aa test/test_mutable: refactor publish surprise test into common test fixture, rewrite test_publish_surprise to use test fixture 2011-09-17 17:35:33 -07:00
kevan
8c7406508a mutable/publish: add errback immediately after write, don't consume errors from other parts of the publisher 2011-09-17 16:47:08 -07:00
david-sarah
351015c21b .darcs-boringfile: minor cleanups. 2011-09-20 08:49:18 -07:00
david-sarah
87a936564e uri.py: fix two interface violations in verifier URI classes. refs #1474 2011-09-19 20:01:56 -07:00
Brian Warner
8e69b94588 Make platform-detection code tolerate linux-3.0, patch by zooko.
Otherwise address-autodetection can't find ifconfig. refs #1536
2011-09-15 13:26:20 -07:00
david-sarah
3f756e9429 test_web.py: fix a bug in _count_leases that was causing us to check only the lease count of one share file, not of all share files as intended. 2011-09-15 11:51:26 -07:00
Zooko O'Whielacronx
c4029d427f docs: insert a newline at the beginning of known_issues.rst to see if this makes it render more nicely in trac 2011-09-13 23:47:28 -07:00
Zooko O'Whielacronx
40bea76b3a docs: remove the coding: utf-8 declaration at the to of known_issues.rst, since the trac rendering doesn't hide it 2011-09-13 22:57:13 -07:00
Zooko O'Whielacronx
5bc4f64ec9 docs: more cleanup of known_issues.rst -- now it passes "rst2html --verbose" without comment 2011-09-13 22:54:19 -07:00
Zooko O'Whielacronx
42dece142e docs: more formatting improvements to known_issues.rst 2011-09-13 22:16:39 -07:00
Zooko O'Whielacronx
9a26279391 docs: reformatting of known_issues.rst 2011-09-13 22:02:40 -07:00
Zooko O'Whielacronx
1db2c5395d docs: fix formatting error in docs/known_issues.rst 2011-09-13 21:59:09 -07:00
Zooko O'Whielacronx
a6d5a9b508 merge Tahoe-LAFS v1.8.3 release announcement with trunk 2011-09-13 14:05:44 -07:00
Zooko O'Whielacronx
fcedf5f143 docs: release notes for Tahoe-LAFS v1.8.3 2011-09-13 09:58:26 -07:00
Zooko O'Whielacronx
2025e42ec2 tests: bump up the timeout in this test that fails on FreeStorm's CentOS in order to see if it is just very slow 2011-09-12 19:42:55 -07:00
david-sarah
c10099f982 interfaces: document that the 'fills-holes-with-zero-bytes' key should be used to detect whether a storage server has that behavior. refs #1528 2011-09-12 17:28:43 -07:00
Zooko O'Whielacronx
4c33d855d1 CREDITS: more CREDITS for Kevan and David-Sarah 2011-09-12 15:33:57 -07:00
Zooko O'Whielacronx
b15bd674c3 merge NEWS about the mutable file bounds fixes with NEWS about work-in-progress 2011-09-13 13:55:21 -07:00
Zooko O'Whielacronx
eb26075da0 doc: add NEWS item about fixes to potential palimpsest issues in mutable files
ref. #1528
2011-09-12 15:33:29 -07:00
Zooko O'Whielacronx
401d0e7f69 merge the NEWS about the security fix (#1528) with the work-in-progress NEWS 2011-09-13 13:51:53 -07:00
Zooko O'Whielacronx
7a98abeb3a doc: add NEWS entry about the issue which allows unauthorized deletion of shares
ref. #1528
2011-09-12 15:32:46 -07:00
Zooko O'Whielacronx
48f56dab6f doc: add entry in known_issues.rst about the issue which allows unauthorized deletion of shares
ref. #1528
2011-09-12 15:31:35 -07:00
Zooko O'Whielacronx
32f80625c9 storage: more paranoid handling of bounds and palimpsests in mutable share files
* storage server ignores requests to extend shares by sending a new_length
* storage server fills exposed holes (created by sending a write vector whose offset begins after the end of the current data) with 0 to avoid "palimpsest" exposure of previous contents
* storage server zeroes out lease info at the old location when moving it to a new location
ref. #1528
2011-09-12 15:26:55 -07:00
Zooko O'Whielacronx
942c5e5162 storage: test that the storage server ignores requests to extend shares by sending a new_length, and that the storage server fills exposed holes with 0 to avoid "palimpsest" exposure of previous contents
ref. #1528
2011-09-12 15:25:54 -07:00
Zooko O'Whielacronx
20e2910c61 immutable: prevent clients from reading past the end of share data, which would allow them to learn the cancellation secret
Declare explicitly that we prevent this problem in the server's version dict.
fixes #1528 (there are two patches that are each a sufficient fix to #1528 and this is one of them)
2011-09-12 15:24:58 -07:00
Zooko O'Whielacronx
5476f67dc1 storage: remove the storage server's "remote_cancel_lease" function
We're removing this function because it is currently unused, because it is dangerous, and because the bug described in #1528 leaks the cancellation secret, which allows anyone who knows a file's storage index to abuse this function to delete shares of that file.
fixes #1528 (there are two patches that are each a sufficient fix to #1528 and this is one of them)
2011-09-12 15:23:31 -07:00
Zooko O'Whielacronx
65de17245d storage: test that the storage server does *not* have a "remote_cancel_lease" function
We're removing this function because it is currently unused, because it is dangerous, and because the bug described in #1528 leaks the cancellation secret, which allows anyone who knows a file's storage index to abuse this function to delete shares of that file.
ref. #1528
2011-09-12 15:23:24 -07:00
Zooko O'Whielacronx
cffc987804 immutable: test whether the server allows clients to read past the end of share data, which would allow them to learn the cancellation secret
Also test whether the server explicitly declares that it prevents this problem.
ref #1528
2011-09-12 15:12:01 -07:00
Brian Warner
bd709c4833 Retrieve._activate_enough_peers: rewrite Verify logic 2011-09-09 11:11:50 -07:00
Brian Warner
a15ce96846 Retrieve: implement/test stopProducing 2011-09-09 11:11:50 -07:00
Brian Warner
748e419a9b move DownloadStopped from download.common to interfaces 2011-09-09 11:11:50 -07:00
Brian Warner
425152c34e retrieve.py: remove vestigal self._validated_readers 2011-09-09 11:11:50 -07:00
Brian Warner
df07060f93 Retrieve: rewrite flow-control: use a top-level loop() to catch all errors
This ought to close the potential for dropped errors and hanging downloads.
Verify needs to be examined, I may have broken it, although all tests pass.
2011-09-09 11:11:50 -07:00
Brian Warner
53bbc1d06a Retrieve: merge _validate_active_prefixes into _add_active_peers 2011-09-09 11:11:50 -07:00
Brian Warner
2edfb1a334 Retrieve: remove the initial prefix-is-still-good check
This check needs to be done with each fetch from the storage server, to
detect when someone has changed the share (i.e. our servermap goes stale).
Doing it just once at the beginning of retrieve isn't enough: a write might
occur after the first segment but before the second, etc.

_try_to_validate_prefix() was not removed: it will be used by the future
check-with-each-fetch code.

test_mutable.Roundtrip.test_corrupt_all_seqnum_late was disabled, since it
fails until this check is brought back. (the corruption it applies only
touches the prefix, not the block data, so the check-less retrieve actually
tolerates it). Don't forget to re-enable it once the check is brought back.
2011-09-09 11:11:50 -07:00
Brian Warner
2b4f2b7fa3 MDMFSlotReadProxy: remove the queue
This is a neat trick to reduce Foolscap overhead, but the need for an
explicit flush() complicates the Retrieve path and makes it prone to
lost-progress bugs.

Also change test_mutable.FakeStorageServer to tolerate multiple reads of the
same share in a row, a limitation exposed by turning off the queue.
2011-09-09 11:11:50 -07:00