[STOR-700] Add support for token checksum requests (RFC 3230) in StoRM WebDAV Created: 16/Jan/15 Updated: 22/Jan/16 Resolved: 30/Sep/15 |
|
| Status: | Closed |
| Project: | StoRM |
| Component/s: | webdav |
| Affects Version/s: | 1.11.9 |
| Fix Version/s: | 1.11.10 |
| Security Level: | Public (Visbile by non-authn users.) |
| Type: | Task | Priority: | Major |
| Reporter: | Andrea Ceccanti | Assignee: | Enrico Vianello |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | Not Specified | Time Spent: | Not Specified |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Sub-Tasks: |
|
| Description |
|
RFC 3230 basically allows a client to request the checksum for a file. (From the excellent explanation given by P. Millar) The basic approach is to implement RFC 3230. See: http://tools.ietf.org/html/rfc3230 The incredibly short summary is that HEAD and GET responses should include a header like: Digest: adler32=8a23d4f8 RFC 3230 also describes how the client can request which checksum algorithm it wants. Here's an example showing the client requesting an ADLER32 checksum and the server providing this checksum: paul@sparkplug:~$ curl -H 'Want-Digest: adler32' -I
http://prometheus.desy.de/dteam/test-1
HTTP/1.1 200 OK
Date: Tue, 13 Jan 2015 23:19:43 GMT
Server: milton.io-2.0.0
Accept-Ranges: bytes
ETag: "0000A6BC82E4ED2B44988905E34897DE3963_-462834388"
Last-Modified: Tue, 13 Jan 2015 17:49:00 GMT
Digest: adler32=8a23d4f8
Content-Length: 1029624
However, it's also legal for the server to always respond with an ADLER32 checksum in a Digest header, independent of the client's 'Want-Digest' header. The format for an ADLER32 checksum is described here: |
| Comments |
| Comment by Enrico Vianello [ 30/Sep/15 ] |
|
https://github.com/italiangrid/storm-webdav/commit/613064eaced4341fe1acad4cc5d73f13ebdeb211 |
| Comment by Enrico Vianello [ 31/Aug/15 ] |
|
Successful webdav logging messages with level = debug: [...] 2015-08-31 08:51:09,346 INFO [Thread-1] -- StoRM WebDAV server starting... 2015-08-31 08:51:10,889 DEBUG [Thread-1] -- Initializing security filter. 2015-08-31 08:51:10,890 DEBUG [Thread-1] -- Initializing checksum filter. 2015-08-31 08:51:11,135 INFO [Thread-1] -- StoRM WebDAV server started. [...] 2015-08-31 09:05:40,506 DEBUG [qtp1367722887-18] -- Retrieving checksum value ... 2015-08-31 09:05:40,506 DEBUG [qtp1367722887-18] -- /test.vo/test.txt matches with access point /test.vo. Resolved path: /storage/test.vo/test.txt 2015-08-31 09:05:40,506 DEBUG [qtp1367722887-18] -- Added response header 'Digest: adler32=5a301a7' |
| Comment by Enrico Vianello [ 31/Aug/15 ] |
|
GET non existing file: $ davix-get -P Grid --debug https://centos6-devel.cnaf.infn.it:8443/test.vo/iononesisto
[...]
< HTTP/1.1 404 Not Found
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Pragma: no-cache
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: JSESSIONID=8q73z2dcho5p6w2uqsp4u69o;Path=/;Secure
< Content-Type: text/html;charset=ISO-8859-1
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Length: 1384
<
[...]
|
| Comment by Enrico Vianello [ 31/Aug/15 ] |
|
HEAD non existing file: $ davix-http -P Grid -X HEAD --debug https://centos6-devel.cnaf.infn.it:8443/test.vo/aklsdaklsjajkld
[...]
< HTTP/1.1 404 Not Found
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Pragma: no-cache
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: JSESSIONID=iyzy53mpikfr1gpw9onkfl5g3;Path=/;Secure
< Content-Type: text/html;charset=ISO-8859-1
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Length: 1388
<
[...]
|
| Comment by Enrico Vianello [ 31/Aug/15 ] |
|
GET existing file: $ davix-get -P Grid --debug https://centos6-devel.cnaf.infn.it:8443/test.vo/test.txt
[...]
< HTTP/1.1 200 OK
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: JSESSIONID=1bk08xgg10l0f16ru1svp98ohn;Path=/;Secure
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Digest: adler32=5a301a7
< Content-Type: text/plain
< Last-Modified: Fri, 21 Aug 2015 09:03:50 GMT
< Content-Length: 5
< Accept-Ranges: bytes
<
[...]
|
| Comment by Enrico Vianello [ 31/Aug/15 ] |
|
HEAD on existing file: $ davix-http -P Grid -X HEAD --debug https://centos6-devel.cnaf.infn.it:8443/test.vo/test.txt
[...]
< HTTP/1.1 200 OK
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: JSESSIONID=12ndhxo2rsrd01jbv895tep764;Path=/;Secure
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Digest: adler32=5a301a7
< Content-Type: text/plain
< Last-Modified: Fri, 21 Aug 2015 09:03:50 GMT
< Content-Length: 5
< Accept-Ranges: bytes
<
[...]
|
| Comment by Enrico Vianello [ 21/Aug/15 ] |
|
Pull request: |