Make sure handshake version negotiation always has a timeout #2008
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As part of this change, refactor handshake version negotiation into its own function.
teor2345
force-pushed
the
handshake-timeout
branch
from
f8744d3 to
62e1cd4
Compare
2 tasks
teor2345
commented
Apr 14, 2021
2 tasks
dconnolly
reviewed
Apr 19, 2021
| /// at `addr`, using the connection `peer_conn`. | ||
| /// | ||
| /// We split `Handshake` into its components before calling this function, | ||
| /// to avoid infectious `Sync` bounds on the returned future. |
There was a problem hiding this comment.
'infectious' is a good way to put this 😄
There was a problem hiding this comment.
I tried it, and they just got everywhere
dconnolly
reviewed
Apr 19, 2021
| our_services: PeerServices, | ||
| relay: bool, | ||
| ) -> Result<(Version, PeerServices), HandshakeError> { | ||
| // Create a random nonce for this connection |
dconnolly
reviewed
Apr 19, 2021
Comment on lines
+233
to
+235
| // The protocol works fine if we don't reveal our current block height, | ||
| // and not sending it means we don't need to be connected to the chain state. | ||
| start_height: block::Height(0), |
dconnolly
reviewed
Apr 19, 2021
| let nonce_reuse = { | ||
| let mut locked_nonces = nonces.lock().expect("mutex should be unpoisoned"); | ||
| let nonce_reuse = locked_nonces.contains(&remote_nonce); | ||
| // Regardless of whether we observed nonce reuse, clean up the nonce set. |
dconnolly
reviewed
Apr 19, 2021
| // Disconnect if peer is using an obsolete version. | ||
| return Err(HandshakeError::ObsoleteVersion(remote_version)); | ||
| } | ||
| // Wrap the entire initial connection setup in a timeout. |
dconnolly
approved these changes
Apr 19, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
It's hard to have consistent timeouts when we have to add a
timeout()to everysendandnextduring version negotiation. Also, the timeout value was too large.Solution
The code in this pull request has:
Review
@dconnolly asked for a timeout value change in #1850, but it was pretty easy to just make it a separate function with a single timeout.
This change blocks some of the upcoming security refactors, so it should be merged soon.
Related Issues
Closes #1994.