[tahoe-dev] [mm] unparseable directory
zooko
zooko at zooko.com
Mon May 5 10:23:21 PDT 2008
On May 5, 2008, at 11:00 AM, Ben Laurie wrote:
> OK, so I run:
>
> curl http://127.0.0.1:8124/uri/URI%3ASSK-RO%
> 3Apgj2oefhipe2uzulz7kyvyfcbe%
> 3A7xoalidet7oignxsnhra77ez7qxh6ro5humhumncabv4cghdkc2q > ssk-ro
...
> I get 332 bytes, the sha1sum is
>
> $ sha1 ssk-ro
> SHA1 (ssk-ro) = c7ccfeb56c6a40a090709f915307fba80fd909c8
>
> and I attach the contents of the file, which is just garbage.
Yep, so we have a bonafide data integrity failure, where the
capability that you used, above, should have yielded a valid version
of the mutable file contents or else failed clearly, but instead it
returned garbage. "Valid" in that sentence means that the file
contents (or more precisely a deterministic function of the file
contents) were digitally signed with an RSA key, the secure hash of
the public component of which is embedded into the capability that
you used.
Since we haven't seen anything like this in our automated tests or
our other usage, I'm inclined to suspect a build failure (especially
in the C/C++ code that does erasure decoding, decryption, and digital
signature verification) on your system.
The code path for integrity verification of SSK ("Sub-Space Key", as
called by Freenet, which in our docs are called "Small Distributed
Mutable Files") is like this:
http://allmydata.org/trac/tahoe/browser/docs/mutable.txt?rev=2514#L163
The access pattern for read is:
* hash read-key to get storage index
* use storage index to locate 'k' shares with identical 'R' values
* either get one share, read 'k' from it, then read k-1 shares
* or read, say, 5 shares, discover k, either get more or be finished
* or copy k into the URIs
* read verification key
* hash verification key, compare against verification key hash
* read seqnum, R, encoding parameters, signature
* verify signature against verification key
* read share data, compute block-hash Merkle tree and root "r"
* read share hash chain (leading from "r" to "R")
* validate share hash chain up to the root "R"
* submit share data to erasure decoding
* decrypt decoded data with read-key
* submit plaintext to application
Hm... Thinking over this it seems like the only way that all these
steps could complete with apparent success and then give you garbage
would be if there is a bug in the digital signature checking, the
erasure decoding, the decryption, or if you downloaded shares which
were actually from different encodings of the file or different
versions of the file but which incorrectly had identical version
numbers and root hashes.
Could you use the wui (point your web browser to http://
127.0.0.1:8124 ) and look at the "recent uploads and downloads" page
and see which shares from which servers were used for fetching that
mutable file?
Also, could you paste the output of "bin/tahoe --version"?
Thanks!
Regards,
Zooko
More information about the tahoe-dev
mailing list