Skip to content

Commit

Permalink
Version 1.6.0 (#272)
Browse files Browse the repository at this point in the history 
* Choose the storage location of encrypted publications (#267)

This evolution has been requested by several implementers, notably the Internet Archive.

With the current encryption workflow, lcpencrypt is creating a temporary encrypted file in the file system; the file path is notified to the License Server, which copies the content of the file either to the final file system storage or S3 bucket. All encrypted files are stored in the same folder or bucket, which may be quite large. This solution has three issues: there must be a shared folder between lcpencrypt and lcpserver, there is a file copy (if the storage is a file system) that has no real interest, and the storage is hugely monolithic.

The license server does not need to manage file storage: its purpose is serving licenses, and for that it must only know the URL of the encrypted publication.

Therefore, the evolution consists in adding storage control to lcpencrypt, and the possibility to notify the lcpserver of the encryption of a new publication with its storage URL as a parameter.

An implementer can therefore control storage folders or S3 buckets as he needs, e.g. use one folder/bucket per month, one folder/bucket per type of publication, even one folder/bucket per publication if this is his choice.

The evolution is totally backward compatible, i.e. implementers are able to keep their current architecture and configuration file. They are also able to move to the new architecture without the requirement to change the structure or content of their active database. Implementers willing to move to the new architecture will just have to modify their config file, restart their lcpserver and use lcpencrypt with new parameters.

Note: this is also the opportunity to clean redundant encryption code (duplicated between lcpencrypt and the test frontend server).

* Fetch the input file from a remote http server

Restore the capability for the lcpencrypt utility to fetch the input file from a remote http server.
  • Loading branch information
@llemeurfr
llemeurfr authored Feb 2, 2022
1 parent a7ae277 commit bff371c
Show file tree
Hide file tree
Showing 16 changed files with 827 additions and 918 deletions.
248 changes: 131 additions & 117 deletions README.md
View file

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ type Certificate struct {

type FileSystem struct {
Directory string `yaml:"directory"`
URL string `yaml:"url,omitempty"`
}

type Storage struct {
Expand Down
4 changes: 2 additions & 2 deletions dbmodel/sqlite_db_setup_lcpserver.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ CREATE TABLE content (
id varchar(255) PRIMARY KEY NOT NULL,
encryption_key varchar(64) NOT NULL,
location text NOT NULL,
  length bigint,
  sha256 varchar(64),
length bigint,
sha256 varchar(64),
"type" varchar(255) NOT NULL DEFAULT 'application/epub+zip'
);

Expand Down
Loading

0 comments on commit bff371c

Please sign in to comment.