Commit graph

45834 commits

Author SHA1 Message Date
Joey Hess
ccbc5189b5
Fix hang when receiving a large file into a proxied special remote
Only indicate that we're done with the bytestring once it all gets written.
Otherwise, the end of it may get garbage collected before we can process
it, leading to a hang.

This seems to have been introduced in commit
cdc4bd7443. Which oddly was trying to fix a
very similar problem, but specific to a cluster node. In that commit,
things got out of order, with it signaling it was done with the bytestring
before it has written all of it to the file.

My test case for this bug is a directory special remote
with a file being sent to it via a proxy accessed via ssh or http.
The file was 10 mb, and it hung on the last few kb of it not being
received.

I've also tested this fix in the case of proxying to a cluster node
directory special remote over http, which was the case
cdc4bd7443 was dealing with.
2024-10-30 12:29:37 -04:00
Joey Hess
fda151a4e2
Merge branch 'master' into p2pv4 2024-10-30 08:13:49 -04:00
Joey Hess
4d03ada12f
break out todo item 2024-10-30 08:13:33 -04:00
Joey Hess
2ca6ecad58
add tip for DATA-PRESENT feature 2024-10-29 16:15:01 -04:00
Joey Hess
0117cdab11
document DATA-PRESENT in CHANGELOG
I wonder where else this could be documented? It's kind of a niche
feature, since it needs at least a partial custom implementation of the p2p
protocol or the p2phttp protocol. But it can save a lot of bandwidth and
avoid the proxy needing disk space to buffer files uploaded to a special
remote.
2024-10-29 15:07:30 -04:00
Joey Hess
f19ebabe89
support DATA-PRESENT when proxtying for special remotes
There is a TODO left in the code for exporttree special remotes. If
possible, it should check if one of the export locations contains the
content of the key.
2024-10-29 14:55:31 -04:00
Joey Hess
2fc3fbfed2
support DATA-PRESENT in the p2p protocol proxy
But not yet when proxying to special remotes.

When proxying for a cluster, the client can store the object on any node
or nodes of the cluster, and send DATA-PRESENT. That gets proxied to each
node, and if any of them agree that they have the data, the proxy will
respond with SUCCESS or SUCCESS-PLUS.

I think it's ok to not check for the proxied remotes supporting protocol
version 4. When there are multiple remotes in a cluster, it behaves as
described above, and if they all respond with ERROR, the result will be
FAILURE. And when not proxying for a cluster, the proxy negotiates the
p2p protocol to be the same version or lower than the proxied remote,
which will prevent sending DATA-PRESENT when it's too old.
2024-10-29 14:44:23 -04:00
Joey Hess
a4e9057486
implement put data-present parameter in http servant
Changed the protocol docs because servant parses "true" and "false" for
booleans in query parameters, not "1" and "0".

clientPut with datapresent=True is not used by git-annex, and I don't
anticipate it being used in git-annex, except for testing.

I've tested this by making clientPut be called with datapresent=True and
git-annex copy to a remote succeeds once the object file is first
manually copied to the remote. That would be a good test for the test
suite, but running the http client means exposing it to at least
localhost, and would fail if a real http client was already running on
that port.
2024-10-29 13:32:43 -04:00
Joey Hess
57e27adb55
implement DATA-PRESENT in p2p protocol
Not yet implemented for the http server or the proxy.
2024-10-29 13:12:12 -04:00
pdz
7def4d0f48 2024-10-29 16:25:33 +00:00
Joey Hess
20df236a13
update http servant for p2p protocol version 4
This is all just adding the v4 routes and boilerplate. At this point v4
is implemented the same as v3.
2024-10-29 12:13:56 -04:00
Joey Hess
d782b136e0
p2p protocol version 4 for DATA-PRESENT 2024-10-29 10:39:12 -04:00
Joey Hess
dc7aec77a4
formatting 2024-10-28 13:49:58 -04:00
Joey Hess
95d1d29724
update 2024-10-28 13:46:57 -04:00
Joey Hess
926b632faa
simplified design for indirect uploads 2024-10-28 13:29:33 -04:00
Joey Hess
9db69a4c2c
fix reversion in getting from unchunked encrypted special remotes
Have to use the object file for the encrypted key, not the unencrypted
key.

Bug introduced in 835283b862
2024-10-28 12:20:10 -04:00
Joey Hess
63b33750c9
bisected 2024-10-28 12:01:23 -04:00
Joey Hess
12626c7fae
reproduced 2024-10-28 11:46:04 -04:00
yarikoptic
e1927e1e57 initial report on fresh FTBFS on debian 2024-10-24 14:00:14 +00:00
Joey Hess
cf7e6835ca
comment 2024-10-22 13:54:54 -04:00
Joey Hess
6a78f245ad
comment 2024-10-22 13:36:31 -04:00
Joey Hess
8ef0c7836a
remove warnings about tuning being experimental 2024-10-22 13:27:25 -04:00
Joey Hess
f54c5260e4
followup and close 2024-10-22 13:25:46 -04:00
Joey Hess
6396926375
close old xmpp bug 2024-10-22 13:19:04 -04:00
Joey Hess
027a9f0849
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-22 13:04:37 -04:00
Joey Hess
a0f1fbb613
pondering 2024-10-22 11:37:43 -04:00
Joey Hess
ed679f2a51
add missing space 2024-10-22 11:12:12 -04:00
Joey Hess
7dde035ac8
planning 2024-10-22 11:09:47 -04:00
matrss
e0227d1d28 Added a comment 2024-10-22 14:44:10 +00:00
matrss
d33e4c8435 Added a comment: Re: rclone remote config in special remote 2024-10-22 14:13:53 +00:00
Joey Hess
8baccda98f
Merge branch 'master' into streamproxy 2024-10-22 09:49:28 -04:00
Joey Hess
3bbad88314
response 2024-10-21 19:25:42 -04:00
Joey Hess
9270b8d180
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-21 16:04:47 -04:00
Joey Hess
bdf3a4747f
adjust: Allow any order of options when combining --hide-missing with options like --unlock.
optparse-applicative made this hard, the naive implementation this had
before didn't let --hide-missing come after --unlock. And just adding
additional <|> with --hide-missing coming after --unlock didn't work
either. So need to get some options and then combine them.
2024-10-21 16:03:39 -04:00
Joey Hess
2c14181bcb
better name for LinkPresentAdjustment 2024-10-21 15:42:01 -04:00
Joey Hess
4c1b3ca6bb
comment 2024-10-21 15:07:19 -04:00
Joey Hess
371360a9bb
response 2024-10-21 15:03:55 -04:00
matrss
49a57bf25f Added a comment 2024-10-21 16:32:18 +00:00
Joey Hess
66e1b66fad
comment 2024-10-21 12:08:56 -04:00
Joey Hess
378e878d1e
comment 2024-10-21 11:39:27 -04:00
Joey Hess
afe471c415
remove stack-lts-18.13.yaml
windows autobuilder fixed to use stack.yaml
2024-10-21 11:33:07 -04:00
Joey Hess
028b4a9203
comment 2024-10-21 11:32:02 -04:00
Joey Hess
952442fdc4
comment 2024-10-21 11:24:50 -04:00
Joey Hess
98ad05a07b
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-21 10:41:51 -04:00
Joey Hess
5ce388cd94
response 2024-10-21 10:40:51 -04:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
c45822852c 2024-10-21 14:14:18 +00:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
3953b880e9 2024-10-21 14:12:31 +00:00
Joey Hess
b8d6b7c848
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-21 10:03:32 -04:00
Joey Hess
de138c642b
p2phttp: Allow unauthenticated users to lock content by default
* p2phttp: Allow unauthenticated users to lock content by default.
* p2phttp: Added --unauth-nolocking option to prevent unauthenticated
  users from locking content.

The rationalle for this is that locking is not really a write operation, so
makes sense to allow in a repository that only allows read-only access. Not
supporting locking in that situation will prevent the user from dropping
content from a special remote they control in cases where the other copy of
the content is on the p2phttp server.

Also, when p2phttp is configured to also allow authenticated access,
lockcontent was resulting in a password prompt for users who had no way to
authenticate. And there is no good way to distinguish between the two types
of users client side.

--unauth-nolocking anticipates that this might be abused, and seems better
than disabling unauthenticated access entirely if a server is being
attacked. It may be that rate limiting locking by IP address or similar
would be an effective measure in such a situation. Or just limiting the
number of locks by anonymous users that can be live at any one time. Since
the impact of such an DOS attempt is limited to preventing dropping content
from the server, it seems not a very appealing target anyway.
2024-10-21 10:02:12 -04:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
60c123dd9d 2024-10-21 13:10:52 +00:00