[tahoe-dev] [tahoe-lafs] #708: graceful handling of capabilities in a format from the future that you can't understand

tahoe-lafs trac at allmydata.org
Thu May 14 21:12:34 UTC 2009 

#708: graceful handling of capabilities in a format from the future that you
can't understand
-------------------------------------+--------------------------------------
 Reporter:  zooko                    |           Owner:            
     Type:  enhancement              |          Status:  new       
 Priority:  major                    |       Milestone:  eventually
Component:  code-encoding            |         Version:  1.4.1     
 Keywords:  backwards-compatibility  |   Launchpad_bug:            
-------------------------------------+--------------------------------------
 In the future, we will rev the format of LAFS files and directories.
 (Don't worry, this will happen very gracefully -- you can confidently
 continue to use the current format for as long as you wish without having
 to deal compatibility issues.  So relax -- we know how to do this right.)

 One detail that will help with the transition (''when/if'' you choose to
 make the transition) is for older Tahoe clients such as v1.5 (which isn't
 out yet, but will be old by then) to fail in some clear and graceful
 manner when confronted with a capability of a new form that it doesn't
 know how to use.  In the WUI and the CLI this is very simple: return a
 nice error message.  If v1.5 is able to recognize that this is a
 capability from the future (as opposed to a corrupted or truncated
 capability or something else such as a normal old Web URL) and can tell
 the user so, so much the better.

 But what about capabilities from the future which it finds in a directory?
 Looking at [source:src/allmydata/dirnode.py at 20090411225205-92b7f-
 7adfb89cb4db4ac7d28427934dea3d2c108f6476#L194
 NewDirectoryNode._unpack_contents()], it looks like it calls
 {{{self._create_node()}}} on each capability that it finds in a directory.
 {{{_create_node()}}} will raise an exception if its argument is not a
 known kind of capability, so that means using the current release of Tahoe
 (v1.4.1) you can't view or use a directory if ''any'' of the entries in it
 have capabilities that you don't know how to use.

 It would be better if those entries which have an unusable capability were
 greyed-out (marked as unusable) but the rest of the directory remained
 usable.  Again, if Tahoe v1.5 has a good way to discriminate between
 capabilities that look like they're from the future and capabilities that
 look like they're just messed up, the WUI could display some sort of
 "help" link explaining to the user why those entries are greyed out.

-- 
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/708>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid

More information about the tahoe-dev mailing list