Commit Graph

2055 Commits

Author SHA1 Message Date
Zooko O'Whielacronx
75e4e67ed7 immutable: tighten preconditions -- you can write empty strings or read zero bytes, and add the first simple unit test of DownUpConnector 2009-02-10 00:56:47 -07:00
Zooko O'Whielacronx
d436c6235d immutable: tests: the real WRITE_LEEWAY is 35 (it was a mistake to move it from 10 to 35 earlier -- I had seen a failure in which it took 35 times as many writes as I thought were optimal, but I misread and thought it took only 20 times as many) 2009-02-09 23:53:48 -07:00
Zooko O'Whielacronx
c59940852b immutable: defensive programming: assert that the encrypted readable gave you no more than the number of bytes you asked for
(There is a bug in the current DownUpConnector which can cause it to give more bytes than you asked for on one request, and then less on the next, effectively shifting some of the bytes to an earlier request, but I think this bug never gets triggered in practice.)
2009-02-09 23:46:05 -07:00
Zooko O'Whielacronx
65c12b24b8 immutable: tests: sigh, raise, again the limit of how many extra writes you can do and still pass this test
Obviously requiring the code under test to perform within some limit isn't very meaningful if we raise the limit whenever the test goes outside of it.
But I still don't want to remove the test code which measures how many writes (and, elsewhere, how many reads) a client does in order to fulfill these duties.
Let this number -- now 20 -- stand as an approximation of the inefficiency of our code divided by my mental model of how many operations are actually optimal for these duties.
2009-02-09 20:09:31 -07:00
Zooko O'Whielacronx
5738d94ccd immutable: tests: assert that verifier gives a clean bill of health after corruption and repair (the previous patch mistakenly did this only after deletion and repair), and also test whether deleting seven other shares and then downloading works. Also count the number of shares stored in the local filesystem. 2009-02-09 20:08:41 -07:00
Zooko O'Whielacronx
bbf48f4a88 immutable: test: add a test after attempting to repair from corruption: does a full verify run give the file a clean bill of health? If not, the you haven't successfully repaired it.
This will make the repairer tests more consistent -- less accidentally passing due to getting lucky.
2009-02-09 19:01:49 -07:00
Zooko O'Whielacronx
4091f73f34 immutable: tests: put shares back to their pristine condition in between each test of corrupting-and-repairing them
This is important, because if the repairer doesn't completely repair all kinds of corruption (as the current one doesn't), then the successive tests get messed up by assuming that the shares were uncorrupted when the test first set about to corrupt them.
2009-02-09 18:29:56 -07:00
Brian Warner
a9a3b509df upload: add a think-of-the-compatibility note to UploadResults 2009-02-09 14:50:04 -07:00
Brian Warner
a5ab6c060d helper #609: uploading client should ignore old helper's UploadResults, which were in a different format 2009-02-09 14:45:43 -07:00
Brian Warner
b197c5bb8c test_runner: skip all spawnProcess-using tests on cygwin, since spawnProcess just hangs forever 2009-02-09 02:34:00 -07:00
Brian Warner
19902a0f16 test_runner.py: revert the CreateNode section to using runner() inline, rather than spawning a process, to get more precise coverage 2009-02-09 02:26:17 -07:00
Brian Warner
0b29aae7cf storage #596: announce 'tolerates-immutable-read-overrun' to the version announcement, to indicate that a read() on an immutable share where offset+length is beyond the end of the file will return a truncated string instead of raising an exception 2009-02-08 19:56:02 -07:00
Brian Warner
89683a3906 test_upload: add test of maximum-immutable-share-size, to complete the last item of #538 2009-02-08 19:41:27 -07:00
Brian Warner
d8e00c37b5 test_cli.Backup: capture stderr when sqlite is unavailable 2009-02-07 15:14:40 -07:00
Brian Warner
213ef3d64b test_repairer: wrap comments to 80cols, my laptop does not have a wide screen. No functional changes. 2009-02-07 14:06:26 -07:00
Brian Warner
38ee95fec4 immutable/checker: wrap comments to 80cols, my laptop does not have a wide screen. No functional changes. 2009-02-07 14:04:39 -07:00
Brian Warner
50886ea494 test/common.py: in share-layout-reading code, use '>L' consistently, since '>l' doesn't specify the signedness and the windows tests appear to be failing with an endianness-like problem (version==0x01000000). Also use binary mode when editing sharefiles 2009-02-07 13:38:17 -07:00
Brian Warner
1fd8f023ab test_cli: increase timeout on test_backup, since our dapper buildslave is really slow 2009-02-06 02:17:53 -07:00
Brian Warner
5bc0ef7ffe backupdb.py: catch OperationalError on duplicate-insert too, since pysqlite2 on dapper raises it instead of IntegrityError 2009-02-06 01:34:01 -07:00
Brian Warner
9933aa0d49 test_backupdb.py: reset the check-timers after one step, otherwise a slow host can false-fail 2009-02-06 01:33:05 -07:00
Brian Warner
814fec5495 test_cli.backup: oops, fix test to work even when sqlite is unavailable 2009-02-05 22:10:42 -07:00
Brian Warner
ca32db5b39 #598: add cli+backupdb tests, improve user display, update docs, move docs out of proposed/ 2009-02-05 22:07:01 -07:00
Brian Warner
add0e1f2f8 #598: add backupdb to 'tahoe backup' command, enable it by default 2009-02-05 19:56:40 -07:00
Brian Warner
4be2e11d11 add sqlite-based backupdb, for #598 and others (including 'tahoe cp'). Not enabled yet. 2009-02-05 18:17:56 -07:00
Zooko O'Whielacronx
9ba5f9347d setup: add a case to execute "python .../twistd.py" if "twistd" is not found 2009-02-04 18:06:20 -07:00
Brian Warner
4e572a5f24 webapi: add verifycap (spelled 'verify_url') to the t=json output on files and directories. Closes #559. 2009-02-03 19:22:48 -07:00
Brian Warner
0716fbcd16 CLI: tahoe_check: stop escaping the JSON output when using --raw 2009-02-02 21:12:32 -07:00
Brian Warner
cfce8b5eab #598: first cut of 'tahoe backup' command: no backupdb, but yes shared-unchanged-directories and Archives/TIMESTAMP and Latest/ 2009-02-02 21:09:02 -07:00
Brian Warner
91dacc3dbc CLI: move node-url -should-end-in-slash code into a common place, so other tools can rely upon it later 2009-02-02 21:08:56 -07:00
Brian Warner
a7de479767 tahoe_ls: CLI command should return rc=0, not None 2009-02-02 21:07:20 -07:00
Zooko O'Whielacronx
e08e8d3f41 storage: disable test_large_share again: my linux laptop has less than 4 GiB free 2009-01-30 22:16:49 -07:00
Brian Warner
529a8e9fdb web/directory: add a link from readwrite directories to a read-only version, and fix the 'SI=xxx' header to actually use the storage index, not the writekey 2009-01-30 19:32:05 -07:00
Brian Warner
b77a017872 uri: add abbrev_si() method, which returns the abbreviated storage index 2009-01-30 19:31:10 -07:00
Zooko O'Whielacronx
f0682cf43e setup: more verbose assertion failure in test_runner 2009-01-29 10:49:06 -07:00
Zooko O'Whielacronx
204629be43 storage: enable the test of a share larger than 2 GiB; this will probably be too expensive on Mac OS X, but I think it won't be on all the other platforms ; I will probably set it to SkipTest if the sys.platform is Mac after seeing the results of this buildbot run 2009-01-28 16:33:12 -07:00
Brian Warner
1427db1c88 CLI: fix examples in tahoe put --help 2009-01-27 15:39:09 -07:00
Zooko O'Whielacronx
8d7fe2adb3 trivial: remove unused imports noticed by pyflakes 2009-01-27 15:11:48 -07:00
Zooko O'Whielacronx
64d12a9402 setup: fix test_runner to invoke bin/tahoe.exe instead of bin/tahoe if on Windows (this is what happens when a user invokes bin/tahoe on Windows) 2009-01-27 14:37:17 -07:00
Zooko O'Whielacronx
1ae08acc8f setup: fix test_runner to assert that lines which are output to stderr must end with a punctuation mark (apparently re.search("x$", "x\r\n") does not match. :-() 2009-01-27 14:35:05 -07:00
Zooko O'Whielacronx
3cd4722c9b setup: fix test_runner.RunNode.test_baddir -- it was left incomplete and broken by a recent patch 2009-01-27 14:32:45 -07:00
Zooko O'Whielacronx
688bb7a453 setup: go ahead and check for noise in test_client_no_noise 2009-01-26 17:46:16 -07:00
Zooko O'Whielacronx
8d2a3e78ca setup: add a test for a warning message from importing nevow, marked as TODO, comment-out the assertion of no-noise inside other test_runner tests 2009-01-26 17:30:46 -07:00
Brian Warner
9d6534d78b make streaming-manifest stop doing work after the HTTP connection is dropped 2009-01-23 19:39:08 -07:00
Zooko O'Whielacronx
3e4450cf3f setup: find a "bin/tahoe" executable to test based on allmydata.__file__ instead of based on the CWD
This means that the tests still work if you are executing them from a CWD other than the src dir -- *if* the "bin/tahoe" is found at os.path.dirname(os.path.dirname(os.path.dirname(allmydata.__file__))).
If no file is found at that location, then just skip the tests of executing the "tahoe" executable, because we don't want to accidentally run those tests against an executable from a different version of tahoe.
2009-01-23 18:34:37 -07:00
Brian Warner
1de4110b35 #509: remove non-streaming 'tahoe manifest' CLI form 2009-01-23 17:00:02 -07:00
Brian Warner
6a04103cc2 #509 CLI: add 'tahoe manifest --stream' 2009-01-23 16:33:21 -07:00
Brian Warner
5a0e3f3a40 #509: test_system.py: add test for streamed-manifest 2009-01-23 16:32:47 -07:00
Brian Warner
9ade197c3b test_system: rearrange DeepCheckWebGood to make it easier to add CLI tests 2009-01-23 16:13:06 -07:00
Brian Warner
6ba154851f CLI: remove the '-v' alias for --version-and-path, to free up '-v' for more traditional uses (like --verbose) 2009-01-23 15:21:50 -07:00
Brian Warner
26260374e9 #590: add webish t=stream-manifest 2009-01-22 22:01:36 -07:00
Brian Warner
72adeccf2d dirnode: add get_repair_cap() 2009-01-22 21:44:49 -07:00
Brian Warner
94ab90273d dirnode.deep_traverse: fix docstring to describe the correct return value 2009-01-22 21:39:50 -07:00
Brian Warner
d8b3505cf5 filenode: add get_repair_cap(), which uses the read-write filecap for immutable files, and the verifycap for immutable files 2009-01-22 21:38:36 -07:00
Zooko O'Whielacronx
b77c89ac60 setup: add test that the tests are testing the right source code
This is a test of #145, and I think that now the code passes this test.
2009-01-22 15:52:40 -07:00
Zooko O'Whielacronx
967102e1b9 trivial: removed unused imports noticed by pyflakes 2009-01-22 15:52:13 -07:00
Zooko O'Whielacronx
210da5cd9a setup: change test_runner to invoke "bin/tahoe" in a subprocess instead of executing runner.runner()
This is necessary because loading allmydata code now depends on PYTHONPATH manipulation which is done in the "bin/tahoe" script.  Unfortunately it makes test_runner slower since it launches and waits for many subprocesses.
2009-01-22 15:38:18 -07:00
Zooko O'Whielacronx
fafdd2ce59 setup: fix "tahoe start" to work on Windows even when a Tahoe base dir hasn't been configured in the Windows registry 2009-01-21 12:47:20 -07:00
Zooko O'Whielacronx
7d91dc5efe rollback the feature of making "ambient upload authority" configurable
This reverses some, but not all, of the changes that were committed in the following set of patches.

rolling back:

Sun Jan 18 09:54:30 MST 2009  toby.murray
  * add 'web.ambient_upload_authority' as a paramater to tahoe.cfg

    M ./src/allmydata/client.py -1 +3
    M ./src/allmydata/test/common.py -7 +9
    A ./src/allmydata/test/test_ambient_upload_authority.py
    M ./src/allmydata/web/root.py +12
    M ./src/allmydata/webish.py -1 +4
Sun Jan 18 09:56:08 MST 2009  zooko@zooko.com
  * trivial: whitespace
  I ran emacs's "M-x whitespace-cleanup" on the files that Toby's recent patch had touched that had trailing whitespace on some lines.

    M ./src/allmydata/test/test_ambient_upload_authority.py -9 +8
    M ./src/allmydata/web/root.py -2 +1
    M ./src/allmydata/webish.py -2 +1
Mon Jan 19 14:16:19 MST 2009  zooko@zooko.com
  * trivial: remove unused import noticed by pyflakes

    M ./src/allmydata/test/test_ambient_upload_authority.py -1
Mon Jan 19 21:38:35 MST 2009  toby.murray
  * doc: describe web.ambient_upload_authority

    M ./docs/configuration.txt +14
    M ./docs/frontends/webapi.txt +11
Mon Jan 19 21:38:57 MST 2009  zooko@zooko.com
  * doc: add Toby Murray to the CREDITS

    M ./CREDITS +4
2009-01-20 20:47:35 -07:00
Zooko O'Whielacronx
6bbbb375e1 setup: fix test_system to require tahoe under its package==distribution name "allmydata-tahoe" instead of its module name "allmydata" 2009-01-20 12:38:09 -07:00
Zooko O'Whielacronx
845b21a5ad trivial: remove unused import noticed by pyflakes 2009-01-19 15:16:19 -07:00
Zooko O'Whielacronx
f4f69f4a95 setup: refactor versions-and-paths and use pkg_resources to find them
Using pkg_resources is probably better if it works -- zope.interface doesn't have a __version__ attribute that we can query, but pkg_resources knows zope.interface's version number, for one thing.
This code falls back to the old way -- looking at the __version__ attributes and __file__ attributes -- if the pkg_resources way doesn't answer.
Note that this patch also changes the capitalization of "Nevow", "Twisted", and "pyOpenSSL", and the spelling of "allmydata-tahoe".  These changes are not frivolous: they are reflecting the fact that we are naming Python packages (technically called Python "distributions") instead of Python modules (technically and confusingly called Python "packages") here.  The package ("distribution") is named "allmydata-tahoe".  The module ("package") is named "allmydata".
2009-01-19 15:04:35 -07:00
Zooko O'Whielacronx
4771e1c9d5 trivial: whitespace
Ran "M-x whitespace-cleanup" on files that Toby's recent patch touched, even though they didn't have trailing whitespace.
2009-01-18 10:58:15 -07:00
Zooko O'Whielacronx
ce7c448bc0 trivial: whitespace
I ran emacs's "M-x whitespace-cleanup" on the files that Toby's recent patch had touched that had trailing whitespace on some lines.
2009-01-18 10:56:08 -07:00
Zooko O'Whielacronx
9247dc70e5 trivial: whitespace 2009-01-18 10:54:58 -07:00
toby.murray
66f83c7356 add 'web.ambient_upload_authority' as a paramater to tahoe.cfg 2009-01-18 10:54:30 -07:00
cgalvan
7bfaa74ef1 add option to show version and path to the tahoe executable 2009-01-16 12:47:51 -07:00
Brian Warner
26ca53fa3d node.py: use NODEDIR/tmp for the 'tempfile' module's temporary directory, so webapi upload tempfiles are put there instead of /tmp . You can set it to something else by setting [node]tempdir in tahoe.cfg 2009-01-14 20:00:15 -07:00
Brian Warner
e9d4334159 web/operations: undo the disable-ophandle-expiration change that inadvertently got included in zooko's recent 'rename wapi.txt to webapi.txt' patch, causing test failures 2009-01-14 19:14:59 -07:00
Zooko O'Whielacronx
f9ee60a88e cli: tests: skip symlink test if there is no os.symlink 2009-01-14 18:10:10 -07:00
Brian Warner
2fe099a0b3 mutable: move recent operation history management code (MutableWatcher) into history.py, have History provide stats 2009-01-14 17:36:20 -07:00
Brian Warner
aa50c30aa2 download: tiny cleanup of history code 2009-01-14 16:41:51 -07:00
Brian Warner
10268a4f7f upload: move upload history into History object 2009-01-14 16:41:06 -07:00
Brian Warner
3920e6d1e7 immutable/download.py move recent-downloads history out of Downloader and into a separate class. upload/etc will follow soon. 2009-01-14 16:14:24 -07:00
Zooko O'Whielacronx
0a2895e17a docs: rename wapi.txt to webapi.txt
Because Brian argues that the file contains a description of the wui as well as of the wapi, and because the name "webapi.txt" might be more obvious to the untrained eye.
2009-01-14 13:53:48 -07:00
Brian Warner
cc50e2f4aa upload: use WriteBucketProxy_v2 when uploading a large file (with shares larger than 4GiB). This finally closes #346. I think we can now handle immutable files up to 48EiB. 2009-01-12 20:14:42 -07:00
Brian Warner
bf56e2bb51 deep-check-and-repair: improve results and their HTML representation 2009-01-12 18:56:19 -07:00
Brian Warner
8f2ec16b2c test_repairer.py: hush pyflakes: remove duplicate/shadowed function name, by using the earlier definition (which is identical) 2009-01-12 15:45:09 -07:00
Brian Warner
fe362c0021 hush pyflakes by removing unused imports 2009-01-12 15:41:20 -07:00
Zooko O'Whielacronx
25063688b4 immutable repairer
This implements an immutable repairer by marrying a CiphertextDownloader to a CHKUploader.  It extends the IDownloadTarget interface so that the downloader can provide some metadata that the uploader requires.
The processing is incremental -- it uploads the first segments before it finishes downloading the whole file.  This is necessary so that you can repair large files without running out of RAM or using a temporary file on the repairer.
It requires only a verifycap, not a readcap.  That is: it doesn't need or use the decryption key, only the integrity check codes.
There are several tests marked TODO and several instances of XXX in the source code.  I intend to open tickets to document further improvements to functionality and testing, but the current version is probably good enough for Tahoe-1.3.0.
2009-01-12 11:00:22 -07:00
Zooko O'Whielacronx
e449052a17 util: dictutil: add DictOfSets.union(key, values) and DictOfSets.update(otherdictofsets) 2009-01-12 10:55:39 -07:00
Zooko O'Whielacronx
8dd3b3185f immutable: separate tests of immutable upload/download from tests of immutable checking/repair 2009-01-10 15:07:39 -07:00
Zooko O'Whielacronx
b496eba072 trivial: minor changes to in-line comments -- mark plaintext-hash-tree as obsolete 2009-01-10 14:56:01 -07:00
Zooko O'Whielacronx
38bb3e464b immutable: make the web display of upload results more human-friendly, like they were before my recent change to the meaning of the "sharemap" 2009-01-10 14:02:09 -07:00
Zooko O'Whielacronx
0f9c11cfde immutable: fix edit-o in interfaces.py documentation introduced in recent patch 2009-01-10 12:54:08 -07:00
Zooko O'Whielacronx
6e3396fb88 immutable: redefine the "sharemap" member of the upload results to be a map from shnum to set of serverids
It used to be a map from shnum to a string saying "placed this share on XYZ server".  The new definition is more in keeping with the "sharemap" object that results from immutable file checking and repair, and it is more useful to the repairer, which is a consumer of immutable upload results.
2009-01-10 11:46:23 -07:00
Zooko O'Whielacronx
ef60e85ec6 naming: finish renaming "CheckerResults" to "CheckResults" 2009-01-09 18:00:52 -07:00
Brian Warner
167742c2b3 storage.py : replace 4294967295 with 2**32-1: python does constant folding, I measured this statement as taking 50ns, versus the 400ns for the call to min(), or the 9us required for the 'assert not os.path.exists' syscall 2009-01-09 19:52:22 -07:00
Brian Warner
c7cd3f38e7 storage.py: announce a maximum-immutable-share-size based upon a 'df' of the disk. Fixes #569, and this should be the last requirement for #346 (remove 12GiB filesize limit) 2009-01-09 19:37:36 -07:00
Brian Warner
45fc3819a2 test_helper: hush pyflakes by avoiding use of 'uri' as a variable, since it shadows an import of the same name 2009-01-08 20:59:41 -07:00
Brian Warner
f8de336039 immutable/checker: include a summary (with 'Healthy' or 'Not Healthy' and a count of shares) in the checker results 2009-01-08 20:01:45 -07:00
Brian Warner
7ee336b274 webapi/deep-manifest t=JSON: don't return the (large) manifest/SI/verifycap lists unless the operation has completed, to avoid the considerable CPU+memory cost of creating the JSON (for 330k dirnodes, it could take two minutes to generate 275MB of JSON). They must be paid eventually, but not on every poll 2009-01-08 19:59:32 -07:00
Brian Warner
39a089dc7e dirnode deep-traversal: remove use of Limiter, stick with strict depth-first-traversal, to reduce memory usage during very large (300k+ dirnode) traversals 2009-01-08 19:41:16 -07:00
Zooko O'Whielacronx
ade6a4fa74 immutable: add a monitor API to CiphertextDownloader with which to tell it to stop its work 2009-01-08 14:42:15 -07:00
Zooko O'Whielacronx
157e365d2b naming: Rename a few things which I touched or changed in the recent patch to download-without-decrypting.
Rename "downloadable" to "target".
Rename "u" to "v" in FileDownloader.__init__().
Rename "_uri" to "_verifycap" in FileDownloader.
Rename "_downloadable" to "_target" in FileDownloader.
Rename "FileDownloader" to "CiphertextDownloader".
2009-01-08 12:13:07 -07:00
Zooko O'Whielacronx
600196f571 immutable: refactor download to do only download-and-decode, not decryption
FileDownloader takes a verify cap and produces ciphertext, instead of taking a read cap and producing plaintext.
FileDownloader does all integrity checking including the mandatory ciphertext hash tree and the optional ciphertext flat hash, rather than expecting its target to do some of that checking.
Rename immutable.download.Output to immutable.download.DecryptingOutput. An instance of DecryptingOutput can be passed to FileDownloader to use as the latter's target.  Text pushed to the DecryptingOutput is decrypted and then pushed to *its* target.
DecryptingOutput satisfies the IConsumer interface, and if its target also satisfies IConsumer, then it forwards and pause/unpause signals to its producer (which is the FileDownloader).
This patch also changes some logging code to use the new logging mixin class.
Check integrity of a segment and decrypt the segment one block-sized buffer at a time instead of copying the buffers together into one segment-sized buffer (reduces peak memory usage, I think, and is probably a tad faster/less CPU, depending on your encoding parameters).
Refactor FileDownloader so that processing of segments and of tail-segment share as much code is possible.
FileDownloader and FileNode take caps as instances of URI (Python objects), not as strings.
2009-01-08 11:53:49 -07:00
Zooko O'Whielacronx
9bba578776 trivial: tiny changes to test code 2009-01-08 11:20:48 -07:00
Zooko O'Whielacronx
ecabcc674c immutable: Make more parts of download use logging mixins and know what their "parent msg id" is. 2009-01-08 11:25:30 -07:00
Zooko O'Whielacronx
2a443cd049 trivial: M-x whitespace-cleanup on src/immutable/download.py 2009-01-08 10:49:01 -07:00
Zooko O'Whielacronx
7d15928faa immutable: ValidatedExtendedURIProxy computes and stores the tail data size as a convenience to its caller.
The "tail data size" is how many of the bytes of the tail segment are data (as opposed to padding).
2009-01-08 10:41:39 -07:00
Zooko O'Whielacronx
2e762f39f6 immutable: define a new interface IImmutableFileURI and declare that CHKFileURI and LiteralFileURI provide it 2009-01-07 12:24:51 -07:00
Zooko O'Whielacronx
c01cfc0035 util: log: allow empty msgs (because downloader is using the "format" alternative with no "msg" argument) 2009-01-07 11:54:11 -07:00
Larry Hosken
3267984fa9 'tahoe cp -r', upon encountering a dangling symlink, would assert out.
This was somewhat sad; the assertion didn't say what path caused the
error, what went wrong.  So... silently skip over things that are
neither dirs nor files.
2009-01-07 23:51:14 -07:00
Zooko O'Whielacronx
83b97ee79f immutable: fix error in validation of ciphertext hash tree and add test for that code
pyflakes pointed out to me that I had committed some code that is untested, since it uses an undefined name.  This patch exercises that code -- the validation of the ciphertext hash tree -- by corrupting some of the share files in a very specific way, and also fixes the bug.
2009-01-07 23:40:12 -07:00
Zooko O'Whielacronx
6011f4522f immutable: do not catch arbitrary exceptions/failures from the attempt to get a crypttext hash tree -- catch only ServerFailure, IntegrityCheckReject, LayoutInvalid, ShareVersionIncompatible, and DeadReferenceError
Once again I inserted a bug into the code, and once again it was hidden by something catching arbitrary exception/failure and assuming that it means the server failed to provide valid data.
2009-01-07 22:25:51 -07:00
Zooko O'Whielacronx
e598ca2f3f download: make sure you really get all the crypttext hashes
We were not making sure that we really got all the crypttext hashes during download.  If a server were to return less than the complete set of crypttext hashes, then our subsequent attempt to verify the correctness of the ciphertext would fail.  (And it wouldn't be obvious without very careful debugging why it had failed.)
This patch makes it so that you keep trying to get ciphertext hashes until you have a full set or you run out of servers to ask.
2009-01-07 20:26:38 -07:00
Zooko O'Whielacronx
2122ba78b3 util: deferredutil: undo my recent patch to use our own implementation of gatherResults
It seems to cause lots of failures on some builders.
2009-01-07 11:00:05 -07:00
Zooko O'Whielacronx
79535e4f5b util: deferredutil: implement our own gatherResults instead of using Twisted's
Because we want to maintain backwards compatibility to Twisted 2.4.0.
2009-01-07 10:32:07 -07:00
Zooko O'Whielacronx
78306cf7fa trivial: M-x whitespace-cleanup 2009-01-07 10:25:28 -07:00
Zooko O'Whielacronx
a54eba1d80 util: deferredutil: add basic test for deferredutil.gatherResults
Also I checked and Twisted 2.4.0 supports .subFailure and the other parts of the API that we require.
2009-01-07 08:13:42 -07:00
Zooko O'Whielacronx
d5a6eed407 trivial: fix redefinition of name "log" in imports (pyflakes) 2009-01-06 22:08:29 -07:00
Zooko O'Whielacronx
c85f75bb08 immutable: refactor uploader to do just encoding-and-uploading, not encryption
This makes Uploader take an EncryptedUploadable object instead of an Uploadable object.  I also changed it to return a verify cap instead of a tuple of the bits of data that one finds in a verify cap.
This will facilitate hooking together an Uploader and a Downloader to make a Repairer.
Also move offloaded.py into src/allmydata/immutable/.
2009-01-06 21:48:22 -07:00
Zooko O'Whielacronx
81add135dc trivial: whitespace and docstring tidyups 2009-01-06 21:41:04 -07:00
Brian Warner
ebe767bccf storage.py: explain what this large and hard-to-recognize 4294967295 number is 2009-01-06 13:57:21 -07:00
Zooko O'Whielacronx
5e6f90a015 rename "checker results" to "check results", because it is more parallel to "check-and-repair results" 2009-01-06 13:37:03 -07:00
Zooko O'Whielacronx
4ada923e2b immutable: tests: verifier doesn't always catch corrupted share hashes
Maybe it already got one of the corrupted hashes from a different server and it doesn't double-check that the hash from every server is correct.  Or another problem.  But in any case I'm marking this as TODO because an even better (more picky) verifier is less urgent than repairer.
2009-01-06 13:04:49 -07:00
Zooko O'Whielacronx
3bc4b015c8 immutable: fix the writing of share data size into share file in case the share file is used by a < v1.3.0 storage server
Brian noticed that the constant was wrong, and in fixing that I noticed that we should be saturating instead of modding.
This code would never matter unless a server downgraded or a share migrated from Tahoe >= v1.3.0 to Tahoe < v1.3.0.  Even in that case, this bug would never matter unless the share size were exactly 4,294,967,296 bytes long.
Brian, for good reason, wanted this to be spelled "2**32" instead of "4294967296", but I couldn't stand to see a couple of more Python bytecodes interpreted in the middle of a core, frequent operation on the server like immutable share creation.
2009-01-06 12:24:04 -07:00
Zooko O'Whielacronx
8e92dd1231 trivial: whitespace cleanup 2009-01-06 11:20:58 -07:00
Zooko O'Whielacronx
d4a5f9131b util: base32: require str-not-unicode inputs -- effectively rolls back [3306] and [3307] 2009-01-06 10:41:22 -07:00
Zooko O'Whielacronx
c35a6ee3a2 trivial: fix a bunch of pyflakes complaints 2009-01-06 08:00:54 -07:00
Zooko O'Whielacronx
821e64203c cli: make startstop_node wait 40 seconds instead of 20 for a process to go away after we signalled it to go away, before emitting a warning
Because the unit tests on the VirtualZooko? buildslave failed when it took 31 seconds for a process to go away.
Perhaps getting warning message after only 5 seconds instead of 40 seconds is desirable, and we should change the unit tests and set this back to 5, but I don't know exactly how to change the unit tests. Perhaps match this particular warning message about the shutdown taking a while and allow the code under test to pass if the only stderr that it emits is this warning.
2009-01-06 07:51:06 -07:00
Zooko O'Whielacronx
6a12f316a4 immutable: new checker and verifier
New checker and verifier use the new download class.  They are robust against various sorts of failures or corruption.  They return detailed results explaining what they learned about your immutable files.  Some grotesque sorts of corruption are not properly handled yet, and those ones are marked as TODO or commented-out in the unit tests.
There is also a repairer module in this patch with the beginnings of a repairer in it.  That repairer is mostly just the interface to the outside world -- the core operation of actually reconstructing the missing data blocks and uploading them is not in there yet.
This patch also refactors the unit tests in test_immutable so that the handling of each kind of corruption is reported as passing or failing separately, can be separately TODO'ified, etc.  The unit tests are also improved in various ways to require more of the code under test or to stop requiring unreasonable things of it.  :-)
2009-01-05 18:28:18 -07:00
Zooko O'Whielacronx
4921a9f243 trivial: fix inline comment in test code 2009-01-05 17:53:42 -07:00
Zooko O'Whielacronx
206ab2b44d immutable: handle another form of share corruption with LayoutInvalid exception instead of AssertionError 2009-01-05 17:46:45 -07:00
Zooko O'Whielacronx
c84bb795f3 trivial: remove unused import (pyflakes) 2009-01-05 17:31:20 -07:00
Zooko O'Whielacronx
67d72aadd3 immutable: skip the test of large files, because that is too hard on the host if it doesn't efficiently handle sparse files 2009-01-05 17:07:27 -07:00
Zooko O'Whielacronx
f4fab23bf6 immutable: raise a LayoutInvalid exception instead of an AssertionError if the share is corrupted so that the sharehashtree is the wrong size 2009-01-05 14:01:14 -07:00
Zooko O'Whielacronx
98b28c1d5e immutable: stop reading past the end of the sharefile in the process of optimizing download -- Tahoe storage servers < 1.3.0 return an error if you read past the end of the share file 2009-01-05 13:40:57 -07:00
Zooko O'Whielacronx
8a840469c3 immutable: tidy up the notification of waiters for ReadBucketProxy 2009-01-05 13:35:22 -07:00
Zooko O'Whielacronx
778167c2b1 immutable: refactor downloader to be more reusable for checker/verifier/repairer (and better)
The code for validating the share hash tree and the block hash tree has been rewritten to make sure it handles all cases, to share metadata about the file (such as the share hash tree, block hash trees, and UEB) among different share downloads, and not to require hashes to be stored on the server unnecessarily, such as the roots of the block hash trees (not needed since they are also the leaves of the share hash tree), and the root of the share hash tree (not needed since it is also included in the UEB).  It also passes the latest tests including handling corrupted shares well.
  
ValidatedReadBucketProxy takes a share_hash_tree argument to its constructor, which is a reference to a share hash tree shared by all ValidatedReadBucketProxies for that immutable file download.
  
ValidatedReadBucketProxy requires the block_size and share_size to be provided in its constructor, and it then uses those to compute the offsets and lengths of blocks when it needs them, instead of reading those values out of the share.  The user of ValidatedReadBucketProxy therefore has to have first used a ValidatedExtendedURIProxy to compute those two values from the validated contents of the URI.  This is pleasingly simplifies safety analysis: the client knows which span of bytes corresponds to a given block from the validated URI data, rather than from the unvalidated data stored on the storage server.  It also simplifies unit testing of verifier/repairer, because now it doesn't care about the contents of the "share size" and "block size" fields in the share.  It does not relieve the need for share data v2 layout, because we still need to store and retrieve the offsets of the fields which come after the share data, therefore we still need to use share data v2 with its 8-byte fields if we want to store share data larger than about 2^32.
  
Specify which subset of the block hashes and share hashes you need while downloading a particular share.  In the future this will hopefully be used to fetch only a subset, for network efficiency, but currently all of them are fetched, regardless of which subset you specify.
  
ReadBucketProxy hides the question of whether it has "started" or not (sent a request to the server to get metadata) from its user.

Download is optimized to do as few roundtrips and as few requests as possible, hopefully speeding up download a bit.
2009-01-05 09:51:45 -07:00
Zooko O'Whielacronx
5d5e89d96d util: add gatherResults which is a deferred-list-like thing that doesn't wrap failures in a FirstError 2009-01-04 10:52:02 -07:00
Zooko O'Whielacronx
38f293a913 immutable: fix think-o in previous patch which caused all reads to return "", and also optimize by not opening the file when the answer is going to be "" 2009-01-03 14:02:45 -07:00
Zooko O'Whielacronx
53b28c1650 immutable: when storage server reads from immutable share, don't try to read past the end of the file (Python allocates space according to the amount of data requested, so if there is corruption and that number is huge it will do a huge memory allocation) 2009-01-03 13:22:22 -07:00
Zooko O'Whielacronx
de4269a643 immutable: mark a failing download test as "todo", because I think it is revealing a limitation of the current downloader's handling of corrupted shares 2009-01-03 13:00:03 -07:00
Zooko O'Whielacronx
8f5cc24948 trivial: remove unused import (pyflakes) 2009-01-03 12:22:15 -07:00
Zooko O'Whielacronx
5954ab456d immutable: fix test for truncated reads of URI extension block size 2009-01-03 11:44:27 -07:00
Zooko O'Whielacronx
7adf905b9f immutable: further loosen the performance-regression test to allow up to 45 reads
This does raise the question of if there is any point to this test, since I apparently don't know what the answer *should* be, and whenever one of the buildbots fails then I redefine success.

But, I'm about to commit a bunch of patches to implement checker, verifier, and repairer as well as to refactor downloader, and I would really like to know if these patches *increase* the number of reads required even higher than it currently is.
2009-01-03 11:41:09 -07:00
Zooko O'Whielacronx
2788c80496 trivial: another place where I accidentally committed a note-to-self about the lease fields in the server-side share file 2009-01-03 11:29:41 -07:00
Zooko O'Whielacronx
54787771c3 immutable: fix detection of truncated shares to take into account the fieldsize -- either 4 or 8 2009-01-02 18:57:45 -07:00
Zooko O'Whielacronx
21e0ff97f2 immutable: raise LayoutInvalid instead of struct.error when a share is truncated
To fix this error from the Windows buildslave:

[ERROR]: allmydata.test.test_immutable.Test.test_download_from_only_3_remaining_shares

Traceback (most recent call last):
  File "C:\Documents and Settings\buildslave\windows-native-tahoe\windows\build\src\allmydata\immutable\download.py", line 135, in _bad
    raise NotEnoughSharesError("ran out of peers, last error was %s" % (f,))
allmydata.interfaces.NotEnoughSharesError: ran out of peers, last error was [Failure instance: Traceback: <class 'struct.error'>: unpack requires a string argument of length 4
c:\documents and settings\buildslave\windows-native-tahoe\windows\build\support\lib\site-packages\foolscap-0.3.2-py2.5.egg\foolscap\call.py:667:_done
c:\documents and settings\buildslave\windows-native-tahoe\windows\build\support\lib\site-packages\foolscap-0.3.2-py2.5.egg\foolscap\call.py:53:complete
c:\Python25\lib\site-packages\twisted\internet\defer.py:239:callback
c:\Python25\lib\site-packages\twisted\internet\defer.py:304:_startRunCallbacks
--- <exception caught here> ---
c:\Python25\lib\site-packages\twisted\internet\defer.py:317:_runCallbacks
C:\Documents and Settings\buildslave\windows-native-tahoe\windows\build\src\allmydata\immutable\layout.py:374:_got_length
C:\Python25\lib\struct.py:87:unpack
]
===============================================================================
2009-01-02 18:48:06 -07:00
Zooko O'Whielacronx
5a21638853 immutable: whoops, it actually takes up to 39 reads sometimes to download a corrupted file 2009-01-02 17:43:02 -07:00
Zooko O'Whielacronx
e26cec2502 immutable: add more detailed tests of download, including testing the count of how many reads different sorts of downloads take 2009-01-02 16:54:59 -07:00
Zooko O'Whielacronx
cc70c163ba trivial: a few improvements to in-line doc and code, and renaming of test/test_immutable_checker.py to test/test_immutable.py
That file currently tests checker and verifier and repairer, and will soon also test downloader.
2009-01-02 16:49:41 -07:00
Zooko O'Whielacronx
a52b5542e9 immutable: fix name change from BadOrMissingShareHash to BadOrMissingHash
One of the instances of the name accidentally didn't get changed, and pyflakes noticed.  The new downloader/checker/verifier/repairer unit tests would also have noticed, but those tests haven't been rolled into a patch and applied to this repo yet...
2009-01-02 13:27:09 -07:00
Zooko O'Whielacronx
c72be1c553 trivial: remove unused import -- thanks, pyflakes 2009-01-02 13:21:28 -07:00
Zooko O'Whielacronx
d8c9c3dc99 immutable: download.py: Raise the appropriate type of exception to indicate the cause of failure, e.g. BadOrMissingHash, ServerFailure, IntegrityCheckReject (which is a supertype of BadOrMissingHash). This helps users (such as verifier/repairer) catch certain classes of reasons for "why did this download not work". The tests of verifier/repairer test this code and rely on this code. 2009-01-02 12:58:58 -07:00
Zooko O'Whielacronx
fa5c1d8326 immutable: ReadBucketProxy defines classes of exception: LayoutInvalid and its two subtypes RidiculouslyLargeURIExtensionBlock and ShareVersionIncompatible. This helps users (such as verifier/repairer) catch certain classes of reasons for "why did this download not work". This code gets exercised by the verifier/repairer unit tests, which corrupt the shares on disk in order to trigger problems like these. 2009-01-02 12:15:54 -07:00
Zooko O'Whielacronx
0ee027c180 immutable: ValidatedExtendedURIProxy computes and stores block_size and share_size for the convenience of its users 2009-01-02 11:43:17 -07:00
Zooko O'Whielacronx
fe707630af doc: remove notes to self that I accidentally included in a recent patch 2009-01-01 22:14:57 -07:00
Zooko O'Whielacronx
63efa1665b immutable: make the test of large files more likely to work by requesting to allocate space for only one huge share, not three 2008-12-31 15:59:42 -07:00
Zooko O'Whielacronx
b0b9e8c1da trivial: "M-x whitespace-cleanup", and also remove an unused variable 2008-12-31 15:42:33 -07:00