[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

checksums and scan/verify (was: Re: Linux Kernel Summit)

From: Greg Stein <gstein_at_lyra.org>
Date: 2001-04-06 11:40:28 CEST

On Thu, Apr 05, 2001 at 04:07:09PM -0400, Deven T. Corzine wrote:
> On Tue, 3 Apr 2001, Greg Stein wrote:
> > Guys... we already said that we're going to be adding MD5 hashes and having
> > a "scan/verify" utility. In 1.0.
> Here's my questions at the moment:
> (1) Will the MD5 hashes be kept for EACH version that may be reconstructed,
> so that the reconstructed file can always be compared against a hash of
> the ORIGINAL data? (Hashes on deltas alone isn't good enough for an
> end-to-end integrity check.)

The hash is for the original version. We may keep a hash for the delta, too.

(I said "both"; Jim mentioned the former a couple days ago; so now I put in
 the "may" in the latter statement above)

> (2) Will that utility be able to scan/verify ALL reconstructable revisions
> and verify their MD5 hashes, or only the current revision?

All revisions of all nodes. The whole darned database.

And yah yah... sure, we'll probably have some additional features to make it
a bit more sane for the user (e.g. just scan subsets).

> (3) Will there be a configuration option (preferably configurable on a
> file, directory, project or archive basis) that will allow the MD5 hash
> validation (end-to-end) to be automatically performed on (configurably)
> (a) the current and previous revision, or (b) all revisions? (Which
> would be configured based on the importance of the data and/or the
> level of paranoia of the system administrator...)

We'll just always have it on. If we find the performance of the MD5 hashing
is getting a bit "too much", then we'll allow for fine-grained hashing. For
example, turning it off for that 3G of porn you've loaded into SVN.

IOW, we'll probably have a per-file property that says "disable MD5

> (4) Will MD5 hashes be kept on the client side as well, so it can do checks
> end-to-end instead of having to completely trust the server to do it?

The server will return an MD5 hash in the HTTP responses. The client can
then use it to verify its data.


Greg Stein, http://www.lyra.org/
Received on Sat Oct 21 14:36:28 2006

This is an archived mail posted to the Subversion Dev mailing list.