Do lock tokens need to be unique?

[Karl Fogel <kf...@red-bean.com>]

Is it strictly necessary that we guarantee the uniqueness of lock tokens?

For more context, see this thread:

   "[PATCH] allow pre-lock hook to specify token for locking"
   http://subversion.tigris.org/servlets/BrowseList?list=dev&by=thread&from=667592

It's only six messages long (right now, anyway).  We're trying to figure
out if losing the guarantee that lock tokens are unique would cause any
badness in the real world.  Note cmpilato's post in the thread about how
it's a WebDAV spec issue.  He points to this:

   http://www.webdav.org/specs/rfc2518.html#rfc.section.6.3

As with other supposedly unique things, it gets more complicated when
svnsync and friend enter the picture.  My feeling is we should permit
the pre-lock hook to generate a token, and just put a warning where we
document it, pointing out that generating a non-unique token technically
violates that spec and that anyone who writes such a hook should be
aware of this.

-Karl

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Chia-liang Kao <cl...@clkao.org>]

2008/8/5 Karl Fogel <kf...@red-bean.com>:
>> I was almost done with the patch, but discovered mod_dav_svn handles this a
>> bit differenetly.  I had a chat with justin, it seems in protocol layer, when
>> committing lock tokens are provided by client in the If header, so the path
>> info here is lost.
>>
>> so in this case we might need to revision the ra_get_commit_editor API to take
>> only a list of tokens...
>
> I don't think revving that API is a huge problem.
>
> I didn't understand the "to take only a list of tokens" part, though.
> It already takes a hash of lock tokens; anyway, isn't it the paths
> you're missing, not the tokens?  But the hash is keyed by path...

the ra api does take hash of lock tokens, but i was looking with
justin at the individual put request (for dav server) where only lock
tokens were given. but turned out the merge request at the end does
have all the info I needed, so i sent the patch: [PATCH] Make
pre-commit hook have access to lock tokens

http://article.gmane.org/gmane.comp.version-control.subversion.devel/102717

Cheers,
CLK

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Karl Fogel <kf...@red-bean.com>]

"Chia-liang Kao" <cl...@clkao.org> writes:
> 2008/7/24 Karl Fogel <kf...@red-bean.com>:
>> Chia-liang Kao <cl...@clkao.org> writes:
>>> While talking to Karl today I explained that I intend to make the
>>> tokens available for the pre-commit hook, presumably via STDIN.  So I
>>> will change the svn_fs_access_add_lock_token to take path along with
>>> token, and add an accessor function to get the path/token pairs out
>>> for pre-commit hook to use.  Does this make sense?
>>
>> Yes :-).
>
> I was almost done with the patch, but discovered mod_dav_svn handles this a
> bit differenetly.  I had a chat with justin, it seems in protocol layer, when
> committing lock tokens are provided by client in the If header, so the path
> info here is lost.
>
> so in this case we might need to revision the ra_get_commit_editor API to take
> only a list of tokens...

I don't think revving that API is a huge problem.

I didn't understand the "to take only a list of tokens" part, though.
It already takes a hash of lock tokens; anyway, isn't it the paths
you're missing, not the tokens?  But the hash is keyed by path...

If you could formally propose the API rev you have in mind, that might
help.

Thanks,
-Karl

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Chia-liang Kao <cl...@clkao.org>]

2008/7/24 Karl Fogel <kf...@red-bean.com>:
> Chia-liang Kao <cl...@clkao.org> writes:
>> While talking to Karl today I explained that I intend to make the
>> tokens available for the pre-commit hook, presumably via STDIN.  So I
>> will change the svn_fs_access_add_lock_token to take path along with
>> token, and add an accessor function to get the path/token pairs out
>> for pre-commit hook to use.  Does this make sense?
>
> Yes :-).

I was almost done with the patch, but discovered mod_dav_svn handles this a
bit differenetly.  I had a chat with justin, it seems in protocol layer, when
committing lock tokens are provided by client in the If header, so the path
info here is lost.

so in this case we might need to revision the ra_get_commit_editor API to take
only a list of tokens...

Cheers,
CLK

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Karl Fogel <kf...@red-bean.com>]

Chia-liang Kao <cl...@clkao.org> writes:
> While talking to Karl today I explained that I intend to make the
> tokens available for the pre-commit hook, presumably via STDIN.  So I
> will change the svn_fs_access_add_lock_token to take path along with
> token, and add an accessor function to get the path/token pairs out
> for pre-commit hook to use.  Does this make sense?

Yes :-).

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Chia-liang Kao <cl...@clkao.org>]

Justin Erenkrantz <justin <at> erenkrantz.com> writes:
> On Tue, Jul 22, 2008 at 3:39 PM, Karl Fogel <kfogel <at> red-bean.com> wrote:
> > The point is that Subversion would be handing off the responsibility to
> > the hook -- and the hook can do whatever it wants.  We should document
> > the WebDAV uniqueness thing in the hook documentation, but beyond that,
> > the hook is out of our hands.
> 
> As I told clkao last night, if the admin installs a hook that violates
> the constraint, it's their own fault.  =)
> 
> > I'm +1 on allowing it now, FWIW.
> 
> It does make sense that there are cases where the admin might want to
> control the UUID generation, so sure...  -- justin

I took a little closer look at the current code.  in the svn_fs_access_t context
we have a has
keyed by the token (the path are not passed in at all), so duplicated tokens
will cause collision
here.  However, the tokens in svn_fs_access_t are never actually used.

While talking to Karl today I explained that I intend to make the tokens
available for the pre-commit
hook, presumably via STDIN.  So I will change the svn_fs_access_add_lock_token
to take path along
with token, and add an accessor function to get the path/token pairs out for
pre-commit hook to
use.  Does this make sense?

Cheers,
CLK



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Justin Erenkrantz <ju...@erenkrantz.com>]

On Tue, Jul 22, 2008 at 3:39 PM, Karl Fogel <kf...@red-bean.com> wrote:
> The point is that Subversion would be handing off the responsibility to
> the hook -- and the hook can do whatever it wants.  We should document
> the WebDAV uniqueness thing in the hook documentation, but beyond that,
> the hook is out of our hands.

As I told clkao last night, if the admin installs a hook that violates
the constraint, it's their own fault.  =)

> I'm +1 on allowing it now, FWIW.

It does make sense that there are cases where the admin might want to
control the UUID generation, so sure...  -- justin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Karl Fogel <kf...@red-bean.com>]

Julian Reschke <ju...@gmx.de> writes:
> But then: is it really so hard to generate a unique token? After all,
> that's why the WebDAV spec recommends using UUID based tokens...

The point is that Subversion would be handing off the responsibility to
the hook -- and the hook can do whatever it wants.  We should document
the WebDAV uniqueness thing in the hook documentation, but beyond that,
the hook is out of our hands.

I'm +1 on allowing it now, FWIW.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Do lock tokens need to be unique?

[Julian Reschke <ju...@gmx.de>]

Karl Fogel wrote:
> Is it strictly necessary that we guarantee the uniqueness of lock tokens?
> 
> For more context, see this thread:
> 
>    "[PATCH] allow pre-lock hook to specify token for locking"
>    http://subversion.tigris.org/servlets/BrowseList?list=dev&by=thread&from=667592
> 
> It's only six messages long (right now, anyway).  We're trying to figure
> out if losing the guarantee that lock tokens are unique would cause any
> badness in the real world.  Note cmpilato's post in the thread about how
> it's a WebDAV spec issue.  He points to this:
> 
>    http://www.webdav.org/specs/rfc2518.html#rfc.section.6.3

...better to point to... 
<http://www.webdav.org/specs/rfc4918.html#rfc.section.6.5>:

> Lock token URIs MUST be unique across all resources for all time. This uniqueness constraint allows lock tokens to be submitted across resources and servers without fear of confusion. Since lock tokens are unique, a client MAY submit a lock token in an If header on a resource other than the one that returned it.

That being said, I don't believe that anything catastrophic will happen 
if there'd be a conflict.

But then: is it really so hard to generate a unique token? After all, 
that's why the WebDAV spec recommends using UUID based tokens...

 > ...

BR, Julian

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org