rpc: Write authcookie atomically #11131
Conversation
|
utACK 43e7dcb
|
There was a problem hiding this comment.
Another option is to use fs::unique_path.
Edit: Concept ACK!
src/rpc/protocol.cpp
Outdated
There was a problem hiding this comment.
Append the suffix in GenerateAuthCookie() and there is no need to call GetAuthCookieFile() twice.
There was a problem hiding this comment.
Yeah, well, find a fool proof and portable way to append to a fs::path (without adding path components!) and get back me. After browsing stack overflow and boost documentation for a while, I deemed it easier and safer to just do it where the filename is constructed initially.
Edit: oh, and if you want to hear something else funny, calling path::replace_extension will replace .cookie with .tmp. ARg.
There was a problem hiding this comment.
I also saw all that, but with GetDataDir() / fs::unique_path() none of ths is really necessary.
src/rpc/protocol.cpp
Outdated
There was a problem hiding this comment.
Remove forward declaration?
There was a problem hiding this comment.
Is it only used after the declaration? To minimize diff I didn't want to move the function around and had some compile issues, but that might have been for another reason, will try again.
There was a problem hiding this comment.
I thought we always put the documentation above the declaration, but whatever, no need to change it back now.
I wasn't sure that would work in all cases - using a temporary file would potentially move over filesystem boundaries, right? Cross-filesystem move is not atomic IIRC. |
|
I meant |
It's possible to place the cookie file outside of the data directory with an option. Also my gut feeling says it's better to create files with deterministic names in the data directory, what if e.g. boost accidentally generates a name used as a wallet name :) I don't see any advantages. |
I see you take serious precautions 😄 In the documentation there is http://www.boost.org/doc/libs/1_53_0/libs/filesystem/doc/reference.html#path-concatenation. |
laanwj
force-pushed
the
2017_08_atomic_cookie
branch
from
43e7dcb to
e413f1d
Compare
src/rpc/protocol.cpp
Outdated
There was a problem hiding this comment.
In other words, call file.flush() before close?
There was a problem hiding this comment.
You're having another misconception there: fsync is not necessary for other processes to see the result! Only to make sure that the data hits disk, in case of crashes etc. Which is not relevant here.
There was a problem hiding this comment.
I think the only concern is that libc may buffer the write as long as the file is open, in which case a flush would be useful to make it visible to the OS (and thus other processes). However, as you're closing the file anyway, I don't believe that matters.
|
Yes, but as I understoof, there is difference between boost_filesystem versions there. I don't really have a lot of time to dive into that, and I don't want this to come back with some strange compile error, and this works so... |
Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in bitcoin#11129.
laanwj
force-pushed
the
2017_08_atomic_cookie
branch
from
e413f1d to
82dd719
Compare
|
utACK 82dd719
Agreed, this seems fine to me |
|
utACK 82dd719 |
82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03
Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in bitcoin#11129. Github-Pull: bitcoin#11131 Rebased-From: 82dd719
Summary: 82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03 Backport of Core PR11131 bitcoin/bitcoin#11131 Test Plan: make check ./bitcoind Verify `.cookie` exists ine `.bitcoin/<dir>/.cookie` Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc Differential Revision: https://reviews.bitcoinabc.org/D3940
82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in bitcoin#11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03
Summary: 82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03 Backport of Core PR11131 bitcoin/bitcoin#11131 Test Plan: make check ./bitcoind Verify `.cookie` exists ine `.bitcoin/<dir>/.cookie` Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc Differential Revision: https://reviews.bitcoinabc.org/D3940
Summary: 82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03 Backport of Core PR11131 bitcoin/bitcoin#11131 Test Plan: make check ./bitcoind Verify `.cookie` exists ine `.bitcoin/<dir>/.cookie` Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc Differential Revision: https://reviews.bitcoinabc.org/D3940
Summary: 82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03 Backport of Core PR11131 bitcoin/bitcoin#11131 Test Plan: make check ./bitcoind Verify `.cookie` exists ine `.bitcoin/<dir>/.cookie` Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc Differential Revision: https://reviews.bitcoinabc.org/D3940
Summary: 82dd719 rpc: Write authcookie atomically (Wladimir J. van der Laan) Pull request description: Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR. Tree-SHA512: 47fcc1ed2ff3d8fed4b7441e4939f29cc99b57b7a035673c3b55a124a2e49c8a904637a6ff700dd13a184be8c0255707d74781f8e626314916418954e2467e03 Backport of Core PR11131 bitcoin/bitcoin#11131 Test Plan: make check ./bitcoind Verify `.cookie` exists ine `.bitcoin/<dir>/.cookie` Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc Differential Revision: https://reviews.bitcoinabc.org/D3940
6 participants
Use POSIX rename atomicity at the
bitcoindside to create a workingcookie atomically:
.cookie.tmp, close file.cookie.tmpto.cookieThis avoids clients reading invalid/partial cookies as in #11129. As such, this is an alternative to that PR.