the drop-upload dircap should be in BASEDIR/private/

[zooko]

We like to keep anything confidential out of ~/.tahoe/tahoe.cfg and in ~/.tahoe/private/. This allows people to share their tahoe.cfg or an excerpt from it without risking disclosure of sensitive information. Unfortunately the dircap for the "drop upload" feature is currently stored in ~/.tahoe/tahoe.cfg. To close this ticket, start reading that dircap out of ~/.tahoe/private/ and deprecate its appearance in ~/.tahoe/tahoe.cfg.

Decisions we have to make while doing this:

1. Where does it appear in ~/.tahoe/private/? I would recommend its own file, perhaps named ~/.tahoe/private/drop-upload.cap.

2. How to handle if you detect a cap in the old location in tahoe.cfg, in a key named [drop_upload]upload.dircap? I suggest to raise an error, similar to the way we do if an old-style config file is detected​.

“'Twere well it were done quickly”

Since drop-upload was explicitly marked as an "experimental" feature in v1.9.0 that we reserved the right to change in backwards-incompatible ways, we shouldn't worry too much about forcing users who have already started using it to change their config files if they want their Tahoe-LAFS gateway to start up. But, the longer we leave it there, the more people will come to rely on it, and the more we'll feel like we ought to go through the long process of gracefully deprecating it in its old location before finally, years later, removing it altogether. So let's hurry and remove it altogether now!

[davidsarah]

I agree that an error should be raised if [drop_upload]upload.dircap is detected. I've named the private file as private/drop_upload_dircap. Patch to come shortly.

[davidsarah]

Attachments don't seem to be working, but the patch is at ​https://tahoe-lafs.org/~davidsarah/patches/fix-test-doc-1593.darcs.patch.

[zooko]

I reviewed ​https://tahoe-lafs.org/~davidsarah/patches/fix-test-doc-1593.darcs.patch . I think before this patch omitting the local.directory configuration would cause the drop-uploader to silently not start, and after this patch, omitting it will cause an AttributeError exception when the local_dir_utf8 argument to DropUploader is None.

Other than that, I see no problems with this patch.

Now, that isn't so important and maybe we could just land the patch as is.

[zooko]

I was wrong about that. I went to add a test of what happens when the local.directory configuration is missing and I found that there is already a test of that in this patch and the code already passes the test by correctly raising MissingConfigEntry. So this patch is perfect and should be committed to trunk at once.

Brian: the argument for why to include this patch in 1.9.1 is forward-compatibility—it would be nice if people didn't start putting the dircap into the tahoe.cfg file, causing a compatibility problem for future releases.

[david-sarah@…]

In 7f8bbcc15537144e:

Use a private/drop_upload_dircap file instead of the [drop_upload]upload.dircap option in tahoe.cfg. Fail if the upload.dircap option is used, or options are missing. Also updates tests and docs. fixes #1593

[zooko]

I'll assume from the fact that davidsarah committed this to trunk that the Release Master for 1.9.1 doesn't object, or else will somehow deal with it. :-)

[david-sarah <david-sarah@…>]

In 7f8bbcc15537144e:

Use a private/drop_upload_dircap file instead of the [drop_upload]upload.dircap option in tahoe.cfg. Fail if the upload.dircap option is used, or options are missing. Also updates tests and docs. fixes #1593

[david-sarah <david-sarah@…>]

In 7f8bbcc15537144e:

Use a private/drop_upload_dircap file instead of the [drop_upload]upload.dircap option in tahoe.cfg. Fail if the upload.dircap option is used, or options are missing. Also updates tests and docs. fixes #1593

[davidsarah]

Note that 1.9.1 was not released from trunk, so this change isn't in 1.9.1, but will be in 1.9.2.