<file name="example.file">
<size>XXXX</size>
<verification>
<hash .../>
</verification>
<resources>
<url type="bittorrent">http://www.example.com/example.torrent</url>
</resources>
</file>
This makes sense, if each file has its own torrent. However, Fedora
and other torrent generator persons don't always do this. Instead,
they will have multiple files inside the torrent:
{'path': ['Fedora-10-x86_64-DVD.iso'], 'length': 4172283904L}
{'path': ['SHA1SUM'], 'length': 788}
In this instance, the metalink for the Fedora-10-x86_64-DVD.iso that
MirrorManager publishes has direct FTP/HTTP URLs to that ISO, and the
<verification> section has info on this single file.
But this single file isn't published in its own torrent, it's in a
torrent with those multiple pieces. The whole <verification> section
then is either meaningless, or would provide incorrect information, as
compared to the torrent URL.
Likewise, the CD downloads for the multi-CD set includes direct
HTTP/FTP URLs to each of the CDs, but the torrent includes all of them
in a single torrent.
Is the <verification> section completely ignored when torrents are
used, and instead the torrent metadata used? If so, can that be
documented in the specification?
Thanks,
Matt
Why would it take more time to check more hashes? If both the metalink and
the torrent have chunk checksums with the same chunk size, just see if both
have the same checksums. Or, calculate chunk hash and compare it to both.
The bottleneck is I/O, not CPU. You can compute sets of chunk hashes for
different chunk sizes *and* the full-file hash "at the same time" (reading
the file only once).
If they don't have the same length and you download the file randomly,
as bittorrent does, then it will get both complicated and most probably
take more time to calculate the additional hashes (while downloading).
I agree that reading the file once and computing all the hashes at the
same time (as you said) is a good strategy, once the file is finished.
The chunk checksums have hopefully been checked already at that time,
though.
If you have a slow or busy CPU it won't be I/O bound. It's obvious that
it takes more resources to check more hashes. If that translates to
more time depends on the system where it runs. What you say is probably
true for many modern desktop systems (not necessarily all, especially
not when compiling stuff in the background or similar).
Not that it's necessarily a bad idea to make those checks, but
IMO it might not be worth it (both when it comes to speed and
complexity). It's a lot easier when the lengths match, so a middle way
would be to only do it in those cases. As always I think it's up to the
client programmer. I'm not sure if I would have done it.
A hash for the whole torrent would make all this unnecessary and would
be a lot easier. It would be just as easy (and effective!) when the
chunks have different lengths too.
Hampus
from what I remember when this came up before, the filename in a
multi-file torrent should match the filename in the metalink (here
<file name="example.file">). I know this isn't too flexible but I
think it can be made to work for most cases now.
Tatsuhiro, any ideas for improvements? perhaps a file or files
attribute for bittorrent URLs?
> Is the <verification> section completely ignored when torrents are
> used, and instead the torrent metadata used? If so, can that be
> documented in the specification?
Tatsuhiro said aria2 behaves in this way:
"The verification section is ignored if torrent is specified, either
single- or multi- file torrent, because .torrent file has piece hash
and they are enough to validate the integrity of file.
I'm not sure this behavior is documented or not."
this becomes tricky - which is "authoritative", the metalink or the
torrent? linux distros probably roll their own, both torrents &
metalinks, so this isn't a problem. but others might not have control
over both.
then, basically all metalink clients will do full file checksum
verification. but few do chunk checksums, few do mirrors and torrents,
even fewer do both.
for instance, if DTA did chunk checksums, it still probably won't
support torrents any time soon.
--
(( Anthony Bryan ... Metalink [ http://www.metalinker.org ]
)) Easier, More Reliable, Self Healing Downloads
here's what I think would work:
1) use a single file torrent.
2) the filename in a multi-file torrent should match the filename in
the metalink (here <file name="example.file">).
3) add a file attribute to <url>s of type="bittorrent" so you can
select one file out of a multi-file torrent
<url type="bittorrent" file="Fedora-11-i386-disc1.iso"
preference="100">http://torrent.fedoraproject.org/torrents//Fedora-11-i386-CDs.torrent</url>
not feasible really. The convenience of multi-file torrents is too
much to pass up.
> 2) the filename in a multi-file torrent should match the filename in
> the metalink (here <file name="example.file">).
>
> 3) add a file attribute to <url>s of type="bittorrent" so you can
> select one file out of a multi-file torrent
>
> <url type="bittorrent" file="Fedora-11-i386-disc1.iso"
> preference="100">http://torrent.fedoraproject.org/torrents//Fedora-11-i386-CDs.torrent</url>
This could work for me.
-Matt
you mean a torrent capable client needs to go through the metalink &
grab all files in a mult-file torrent all at once?
I guess file="" isn't the best solution for all cases, but I'm having
trouble coming up with a better one for our paradigm of alternate URLs
for unique files. if we have another <metadata>/<torrent> section
under <files> (not <file)? I don't think that fits in with how we're
doing things tho.
let's keep thinking about/discussing this...
thanks for joining us, LLoyd!
> I believe the idea of Metalink is to allow swarming across multiple
> protocols, not choose one over the other.
> Can any current Metalink client swarm between BitTorrent & other
> protocols?
as TT said, aria2 can. along with GetRight and Retriever. at some
point KGet might be able to as well.
> The proper way to handle the situation, presented by Matt, is to use
> file hashes (MD5, SHA-1, or similar).
> Relying on filenames is not fail-safe, due to the fact that filenames
> are arbitrary.
> On the contrary, the file hash will never change unless the data
> changes.
>
> Specifying a MD5 or SHA-1 hash for the .torrent file is the best
> solution.
good point! don't the torrents contain a SHA-1 hash of the whole file?
trying to remember...or is it just hashes of the chunks?