From: Tay Ray Chuan <rctay89@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Johannes Schindelin <Johannes.Schindelin@gmx.de>, git@vger.kernel.org
Subject: Re: [PATCH] use lock token in non-URI form in start_put
Date: Sun, 8 Feb 2009 09:45:52 +0800 [thread overview]
Message-ID: <be6fef0d0902071745r355309c2o76622b3af8df53bc@mail.gmail.com> (raw)
In-Reply-To: <7v1vuavv4l.fsf@gitster.siamese.dyndns.org>
Hi,
On Sun, Feb 8, 2009 at 4:40 AM, Junio C Hamano <gitster@pobox.com> wrote:
> Let me show more of my ignorance around this codepath.
>
> What is the real purpose of this appending? My understanding is that it
> is to ensure that a tentative PUT goes to a new file, so that a DAV server
> whose PUT is not atomic (i.e. can leave a half-written bogosity when the
> operation fails for whatever reason) won't leave a broken object in its
> object store. We MOVE it to its final destination and expect that to be
> atomic.
This happens to be my understanding as well.
> Does the server side guarantee that the lock token string is unique in the
> sense that it does not reuse a token that was used for a recent
> transaction that was aborted? If there is no such guarantee, then using
> (a part of) the lock token as the string we append is no better than using
> a random string we choose ourselves.
In section 6.5 which you cite below, the token is unique, and we hold
the server's word for it.
> We may need to send the exact lock token back for unlocking the
> transaction we started, but I do not think it necessarily is a good idea
> to tie that to the random string we would use for PUT-then-MOVE operation.
>
> RFC 4918 (section 6.5) explicitly states that the servers are free to use
> any URI so long as it meets the uniqueness requirements, so relying on it
> being any form of uuid does not sound like a good idea. It can contain
> not just a colon but other potentially problematic characters, such as a
> slash, no?
>
> That is why I asked in my previous question what in the codepath protects
> ourselves from using problematic characters.
>
You're right, section 6.5 doesn't enforce that lock tokens are UUIDs.
Any solutions to this? Perhaps one could have a function, say,
get_unique_remote_postfix, and the function would check for URI
schemes which we know are safe for use in file names, namely,
"urn:uuid:" and "opaqulocktoken:". However, if its a URI we are unsure
of, then it would generate a random string.
--
Cheers,
Ray Chuan
next prev parent reply other threads:[~2009-02-08 1:47 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-07 19:27 [PATCH] use lock token in non-URI form in start_put Tay Ray Chuan
2009-02-07 20:20 ` Johannes Schindelin
2009-02-07 20:40 ` Junio C Hamano
2009-02-08 1:45 ` Tay Ray Chuan [this message]
2009-02-08 2:28 ` Junio C Hamano
2009-02-08 3:28 ` Tay Ray Chuan
2009-02-08 1:25 ` Tay Ray Chuan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=be6fef0d0902071745r355309c2o76622b3af8df53bc@mail.gmail.com \
--to=rctay89@gmail.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).