devblog

1 files changed, 20 insertions, 0 deletions

diff --git a/doc/devblog/day_133__db_and_bugfixes.mdwn b/doc/devblog/day_133__db_and_bugfixes.mdwn
new file mode 100644
index 000000000..d8bb391ca
--- /dev/null
+++ b/doc/devblog/day_133__db_and_bugfixes.mdwn
@@ -0,0 +1,20 @@
+Did some more exploration and perf tuning and thinking on caching
+databases, and am pretty sure I know how I want to implement it. Will be
+several stages, starting with using it for generating views, and ending(?)
+with using it for direct mode file mappings.
+
+Not sure I'm ready to dive into that yet, so instead spent the rest of the
+day working on small bugfixes and improvemnts. Only two significant ones..
+
+Made the webapp use a constant time string comparison (from `securemem`)
+to check its auth token is valid. Could avoid a potential timing attack to
+guess the auth token, although that is theoretical. Just best practice to
+do this.
+
+Seems that openssh 6.5p1 had another hidden surprise (in addition to
+its now-fixed bug in handing hostnames in `.ssh/config`) -- it broke
+the method git-annex was using for stopping a cached ssh connection,
+which led to some timeouts for failing DNS lookups. If you see git-annex
+seeming to stall for a few seconds at startup/shutdown, that's maybe why
+(--debug will tell for sure). Seem to have found a workaround that avoids
+the problem.