couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dave Cottlehuber (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1259) Replication ID is not stable if local server has a dynamic port number
Date Mon, 05 Nov 2012 13:22:12 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13490612#comment-13490612
] 

Dave Cottlehuber commented on COUCHDB-1259:
-------------------------------------------

Jens, will the patch address your issue?

Overall I'm +1 on this approach for enabling faster restarts of replication -- I think it's
a huge win.

I don't see that the behaviour of the new patch changes the security constraints vs today,
but I think I see Benoit's point. Today if a replication endpoint changes its ephemeral port
# (e.g. expired DHCP lease), the replication will fail and cannot restart until it is deleted
& recreated.

With the patch, the replication could restart in some situations, without requiring active
intervention - that's the whole point.

So if Dr.Evil has captured the UUID, it might be possible to acquire the replication without
the source endpoint being aware.  I think this should be addressed post 1.3. The proposed
functionality could note that securing replication requires using TLS and appropriate SSL
cert checking in both directions. Which seems common sense anyway! The Dr Evil scenario however
is no different under today's activity - if an IP address is hijacked and SSL is not in use,
Dr Evil has your documents.


                
> Replication ID is not stable if local server has a dynamic port number
> ----------------------------------------------------------------------
>
>                 Key: COUCHDB-1259
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1259
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Replication
>    Affects Versions: 1.1
>            Reporter: Jens Alfke
>            Assignee: Robert Newson
>            Priority: Blocker
>             Fix For: 1.3
>
>         Attachments: couchdb-1259.patch, couchdb-1259.patch
>
>
> I noticed that when Couchbase Mobile running on iOS replicates to/from a remote server
(on iriscouch in this case), the replication has to fetch the full _changes feed every time
it starts. Filipe helped me track down the problem -- the replication ID is coming out different
every time. The reason for this is that the local port number, which is one of the inputs
to the hash that generates the replication ID, is randomly assigned by the OS. (I.e. it uses
a port number of 0 when opening its listener socket.) This is because there could be multiple
apps using Couchbase Mobile running on the same device and we can't have their ports colliding.
> The underlying problem is that CouchDB is attempting to generate a unique ID for a particular
pair of {source, destination} databases, but it's basing it on attributes that aren't fundamental
to the database and can change, like the hostname or port number.
> One solution, proposed by Filipe and me, is to assign each database (or each server?)
a random UUID when it's created, and use that to generate replication IDs.
> Another solution, proposed by Damien, is to have CouchDB let the client work out the
replication ID on its own, and set it as a property in the replication document (or the JSON
body of a _replicate request.) This is even more flexible and will handle tricky scenarios
like full P2P replication where there may be no low-level way to uniquely identify the remote
database being synced with.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message