Return-Path: 
 <dev-return-23948-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-dev-archive@www.apache.org
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 50C20D6FA
	for <apmail-couchdb-dev-archive@www.apache.org>;
 Mon,  5 Nov 2012 20:14:13 +0000 (UTC)
Received: (qmail 98241 invoked by uid 500); 5 Nov 2012 20:14:12 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 98206 invoked by uid 500); 5 Nov 2012 20:14:12 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 98192 invoked by uid 99); 5 Nov 2012 20:14:12 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 05 Nov 2012 20:14:12 +0000
Date: Mon, 5 Nov 2012 20:14:12 +0000 (UTC)
From: "Jens Alfke (JIRA)" <jira@apache.org>
To: dev@couchdb.apache.org
Message-ID: <36697261.70214.1352146452593.JavaMail.jiratomcat@arcas>
In-Reply-To: 
 <1220942000.7101.1314138329138.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Commented] (COUCHDB-1259) Replication ID is not stable if
 local server has a dynamic port number
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/COUCHDB-1259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13490886#comment-13490886 ] 

Jens Alfke commented on COUCHDB-1259:
-------------------------------------

I have looked at the patch but I don't really understand what it's doing, both because my Erlang is really weak and because I don't know the internals of CouchDB. So I can't really comment on the code.

It does sound like what's being suggested goes beyond what I asked for. This bug is about the *local* server (the one running the replication) having a different IP address or port than the last time. The suggested patches seem to also cover changes to the *remote* server's URL. That's an interesting issue but IMHO not the same thing.

The point of this bug is that the URL of the *local* server running the replication is irrelevant to the replication. If I'm opening connections to another server to replicate with it, it doesn't matter what port or IP address I am listening on, because there aren't any incoming connections happening. They don't affect the replication at all.

As for Benoit's security issues: Replication has no security. Security applies at a more fundamental level of identifying who is connecting and authenticating that principal. You absolutely cannot make security tests based on IP addresses or port numbers.
                
> Replication ID is not stable if local server has a dynamic port number
> ----------------------------------------------------------------------
>
>                 Key: COUCHDB-1259
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1259
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Replication
>    Affects Versions: 1.1
>            Reporter: Jens Alfke
>            Assignee: Robert Newson
>            Priority: Blocker
>             Fix For: 1.3
>
>         Attachments: couchdb-1259.patch, couchdb-1259.patch
>
>
> I noticed that when Couchbase Mobile running on iOS replicates to/from a remote server (on iriscouch in this case), the replication has to fetch the full _changes feed every time it starts. Filipe helped me track down the problem -- the replication ID is coming out different every time. The reason for this is that the local port number, which is one of the inputs to the hash that generates the replication ID, is randomly assigned by the OS. (I.e. it uses a port number of 0 when opening its listener socket.) This is because there could be multiple apps using Couchbase Mobile running on the same device and we can't have their ports colliding.
> The underlying problem is that CouchDB is attempting to generate a unique ID for a particular pair of {source, destination} databases, but it's basing it on attributes that aren't fundamental to the database and can change, like the hostname or port number.
> One solution, proposed by Filipe and me, is to assign each database (or each server?) a random UUID when it's created, and use that to generate replication IDs.
> Another solution, proposed by Damien, is to have CouchDB let the client work out the replication ID on its own, and set it as a property in the replication document (or the JSON body of a _replicate request.) This is even more flexible and will handle tricky scenarios like full P2P replication where there may be no low-level way to uniquely identify the remote database being synced with.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira