Commit Graph

18 Commits

Author SHA1 Message Date
Zooko O'Whielacronx
b315619d6b download: refactor handling of URI Extension Block and crypttext hash tree, simplify things
Refactor into a class the logic of asking each server in turn until one of them gives an answer 
that validates.  It is called ValidatedThingObtainer.

Refactor the downloading and verification of the URI Extension Block into a class named 
ValidatedExtendedURIProxy.

The new logic of validating UEBs is minimalist: it doesn't require the UEB to contain any 
unncessary information, but of course it still accepts such information for backwards 
compatibility (so that this new download code is able to download files uploaded with old, and 
for that matter with current, upload code).

The new logic of validating UEBs follows the practice of doing all validation up front.  This 
practice advises one to isolate the validation of incoming data into one place, so that all of 
the rest of the code can assume only valid data.

If any redundant information is present in the UEB+URI, the new code cross-checks and asserts 
that it is all fully consistent.  This closes some issues where the uploader could have 
uploaded inconsistent redundant data, which would probably have caused the old downloader to 
simply reject that download after getting a Python exception, but perhaps could have caused 
greater harm to the old downloader.

I removed the notion of selecting an erasure codec from codec.py based on the string that was 
passed in the UEB.  Currently "crs" is the only such string that works, so 
"_assert(codec_name == 'crs')" is simpler and more explicit.  This is also in keeping with the 
"validate up front" strategy -- now if someone sets a different string than "crs" in their UEB, 
the downloader will reject the download in the "validate this UEB" function instead of in a 
separate "select the codec instance" function.

I removed the code to check plaintext hashes and plaintext Merkle Trees.  Uploaders do not 
produce this information any more (since it potentially exposes confidential information about 
the file), and the unit tests for it were disabled.  The downloader before this patch would 
check that plaintext hash or plaintext merkle tree if they were present, but not complain if 
they were absent.  The new downloader in this patch complains if they are present and doesn't 
check them.  (We might in the future re-introduce such hashes over the plaintext, but encrypt 
the hashes which are stored in the UEB to preserve confidentiality.  This would be a double-
check on the correctness of our own source code -- the current Merkle Tree over the ciphertext 
is already sufficient to guarantee the integrity of the download unless there is a bug in our 
Merkle Tree or AES implementation.) 

This patch increases the lines-of-code count by 8 (from 17,770 to 17,778), and reduces the 
uncovered-by-tests lines-of-code count by 24 (from 1408 to 1384).  Those numbers would be more 
meaningful if we omitted src/allmydata/util/ from the test-coverage statistics.
2008-12-05 08:17:54 -07:00
Brian Warner
5399395c27 allow the introducer to set default encoding parameters. Closes #84.
By writing something like "25 75 100" into a file named 'encoding_parameters'
in the central Introducer's base directory, all clients which use that
introducer will be advised to use 25-out-of-100 encoding for files (i.e.
100 shares will be produced, 25 are required to reconstruct, and the upload
process will be happy if it can find homes for at least 75 shares). The
default values are "3 7 10". For small meshes, the defaults are probably
good, but for larger ones it may be appropriate to increase the number of
shares.
2007-07-12 15:33:30 -07:00
Zooko O'Whielacronx
55949faecc finish renaminf "fec" to "zfec" in tahoe 2007-04-18 17:25:16 -07:00
Brian Warner
9a64a9f76e codec: remove more unused debugging code 2007-04-06 20:56:39 -07:00
Brian Warner
245d318409 codec: remove some unused debugging code 2007-04-06 20:55:37 -07:00
Brian Warner
9a2e0cf28e switch upload to use encode_new, fix a few things (but not nearly all of them) 2007-03-30 11:53:03 -07:00
Zooko O'Whielacronx
f4a718c5b6 finish storage server and write new download 2007-03-30 10:52:19 -07:00
Brian Warner
7802aa5303 hush pyflakes warnings in codec and test_codec 2007-03-28 15:31:51 -07:00
Zooko O'Whielacronx
0a9a6f0216 remove left-over early encode mechanism 2007-03-28 00:06:03 -07:00
Zooko O'Whielacronx
81c8cb6d6a switch to pyfec 2007-03-28 00:05:16 -07:00
Zooko O'Whielacronx
e4463056f3 fix test_codec and test_upload to handle current API 2007-03-27 22:57:15 -07:00
Brian Warner
0ee2f0f3bf update ReplicatingEncoder and decoder to match the current ICodecEncoder/decoder interface 2007-03-27 22:17:31 -07:00
Brian Warner
9d123605cb hush pyflakes warnings 2007-02-01 17:13:01 -07:00
Zooko O'Whielacronx
dd4ad3d542 use pyfec instead of py_ecc for erasure coding and update API to codec 2007-02-01 16:07:00 -07:00
Brian Warner
4101bcf218 update URI format, include codec name 2007-01-16 21:29:59 -07:00
Brian Warner
3209fd5e09 rearrange encode/upload, add URIs, switch to ReplicatingEncoder
Added metadata to the bucket store, which is used to hold the share number
(but the bucket doesn't know that, it just gets a string).

Modified the codec interfaces a bit.

Try to pass around URIs to/from download/upload instead of verifierids.
URI format is still in flux.

Change the current (primitive) file encoder to use a ReplicatingEncoder
because it provides ICodecEncoder. We will be moving to the (less primitive)
file encoder (currently in allmydata.encode_new) eventually, but for now
this change lets us test out PyRS or zooko's upcoming C-based RS codec in
something larger than a single unit test. This primitive file encoder only
uses a single segment, and has no merkle trees.

Also added allmydata.util.deferredutil for a DeferredList wrapper that
errbacks (but only when all component Deferreds have fired) if there were
any errors, which unfortunately is not a behavior available from the standard
DeferredList.
2007-01-15 21:22:22 -07:00
Brian Warner
e29032bc36 change IEncoder to ICodecEncoder, to match the previous change 2007-01-11 20:57:14 -07:00
Brian Warner
417c17755b use the word 'codec' for erasure coding, for now. 'encode' is used for file-level segmentation/hashing 2007-01-11 20:51:27 -07:00