Closed Menooker closed 9 years ago
Its not a bug, its a feature :)
Peer 2 only fails to store the data on Peer 1, but it can store the data on itself (which happens if you have a small network). The get() then fetches any both content, from Peer 1 and Peer 2 and the evaluation mechanism will return the data from Peer2, thus giving you the impression that you overwrote a protected entry.
Please note that the protection is "best effort" security, and any malicious peer can ignore this. Thus, removing data will always be possible with malicious peers.
@tbocek Thanks for your replying. This is my first issue submitted on github. ^.^ So I guess there is no reliable mechanism in tomp2p so far to make sure 'get()' returns the original data before peer2 'overwrites' the entry?
If my program needs a more reliable way to protect the entries, could you tell me how to do so?
@Menooker You could do a get first, before you do a put to see what content is already available. So peer 2 would make a get first, see that there is already something stored, so it won't make the put.
When I used a keypair to protect an entry, I found that there are still chances that the peer with a wrong key can overwrite the protected entry after several trials. Here are my test codes, which are almost the same as dht/TestSecurity.java
This line should show the problem. assertEquals(testData1, (String) futureGet2.data().object()); peer1 protects the entry with keyPairData. But peer2 can modify it with its own key. I'm using version 5.0 beta 7
///////////////////////////////////////////////////////////////////////////