On Fri, Oct 11, 2002 at 12:49:38PM +0100, Matthew Toseland wrote: > Hi. It looks like ProgressiveHashInputStream passes through data without > verifying it, then throws afterwards. This allows corrupt data through > to fproxy, or possibly even through a full request chain, causing > significant damage. IMHO we want to buffer the unverified chunk until it > has been verified. Comments? Also, should we wrap KeyInputStreams from the datastore? If we have a corrupt file in the datastore, we need to remove it and retry.
-- Matthew Toseland [EMAIL PROTECTED] [EMAIL PROTECTED] Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02.
msg04304/pgp00000.pgp
Description: PGP signature
