Page MenuHomePhabricator
Differential D11695

[identity] remove OTKs in chronological order to make sure there are never more than 100 keys per olm account
ClosedPublic
Actions

Authored by varun on Thu, Apr 18, 4:51 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Apr 27, 5:33 AM
Unknown Object (File)
Fri, Apr 26, 11:28 PM
Unknown Object (File)
Fri, Apr 26, 1:04 PM
Unknown Object (File)
Wed, Apr 24, 1:21 PM
Unknown Object (File)
Wed, Apr 24, 9:07 AM
Unknown Object (File)
Tue, Apr 23, 12:29 PM
Unknown Object (File)
Mon, Apr 22, 9:06 AM
Unknown Object (File)
Thu, Apr 18, 6:25 PM
View All 10 Files
Subscribers
ashoat
tomek

Details

Reviewers
bartek
Commits
rCOMM6ed6865e5347: [identity] remove OTKs in chronological order to make sure there are never more…
Summary

this diff is pretty big. high level summary:

  1. reduce the number of olm keys per account per upload to 24. We might need to delete as many keys as we are uploading, so 24 keys * 2 accounts * 2 operations (put + delete) = 96. we also need to do one update call per upload to update the otk count for each olm account. that's 97 total operations, which is under the 100 operation limit per transaction.
  2. add a new helper to create the delete operations
  3. update helper responsible for creating update operation. now responsible for update and delete operations.
  4. integration tests to make sure that excess keys are removed correctly and that the upload size limit is also enforced
Test Plan

new integration tests, some manual testing

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun created this revision.Thu, Apr 18, 4:51 PM
Herald added subscribers: tomek, ashoat. · View Herald TranscriptThu, Apr 18, 4:51 PM
varun added inline comments.Thu, Apr 18, 5:02 PM
services/identity/src/database/one_time_keys.rs
162 ↗(On Diff #39264)

might be worth adding a comment here explaining that DDB expects limit to be >=1, so we shouldn't call it with 0

249 ↗(On Diff #39264)

if num_content_keys_to_append + current_content_otk_count < MAX_ONE_TIME_KEYS, we shouldn't delete any keys

services/identity/src/ddb_utils.rs
123 ↗(On Diff #39264)

this should never overflow because we only call this function when adding new OTKs, and we should never delete more keys than we're adding.

Harbormaster completed remote builds in B28316: Diff 39264.Thu, Apr 18, 5:07 PM
varun requested review of this revision.Thu, Apr 18, 5:07 PM
bartek accepted this revision.Fri, Apr 19, 3:58 AM

Nice!

services/commtest/tests/identity_one_time_key_tests.rs
86–87 ↗(On Diff #39264)

This is get(5) because later you upload 5 more keys, so keys 1..4 get dropped and these (5th) become the first keys to be retrieved in the second get_keyserver_keys call, right?

services/identity/src/ddb_utils.rs
162 ↗(On Diff #39264)

I'd see this as part of impl OTKRow

impl OTKRow {
  pub fn as_delete_request(&self) -> TransactWriteItem { ... }
  // or consuming self version
  pub fn into_delete_request(self) -> TransactWriteItem { ... }
}

The reasoning (besides syntax preferences 😜 ) is that we have many functions called into_something() and it's easy to get lost among them

This revision is now accepted and ready to land.Fri, Apr 19, 3:58 AM
varun added inline comments.Fri, Apr 19, 8:27 AM
services/commtest/tests/identity_one_time_key_tests.rs
86–87 ↗(On Diff #39264)

yeah that's right

Closed by commit rCOMM6ed6865e5347: [identity] remove OTKs in chronological order to make sure there are never more… (authored by varun). · Explain WhyFri, Apr 19, 8:28 AM
This revision was automatically updated to reflect the committed changes.
varun added a commit: rCOMM6ed6865e5347: [identity] remove OTKs in chronological order to make sure there are never more….

Revision Contents
Changeset List

PathSize
services/
commtest/
tests/
151 lines
identity/
src/
3 lines
1 line
database/
176 lines
37 lines
2 lines

Diff 39279

View Options

services/commtest/tests/identity_one_time_key_tests.rs

Loading...
View Options

services/identity/src/constants.rs

Loading...
View Options

services/identity/src/database.rs

Loading...
View Options

services/identity/src/database/one_time_keys.rs

Loading...
View Options

services/identity/src/ddb_utils.rs

Loading...
View Options

services/identity/src/error.rs

Loading...