-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make sure handshake version negotiation always has a timeout #2008
Conversation
As part of this change, refactor handshake version negotiation into its own function.
f8744d3
to
62e1cd4
Compare
/// at `addr`, using the connection `peer_conn`. | ||
/// | ||
/// We split `Handshake` into its components before calling this function, | ||
/// to avoid infectious `Sync` bounds on the returned future. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'infectious' is a good way to put this 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried it, and they just got everywhere
our_services: PeerServices, | ||
relay: bool, | ||
) -> Result<(Version, PeerServices), HandshakeError> { | ||
// Create a random nonce for this connection |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
// The protocol works fine if we don't reveal our current block height, | ||
// and not sending it means we don't need to be connected to the chain state. | ||
start_height: block::Height(0), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🥰
let nonce_reuse = { | ||
let mut locked_nonces = nonces.lock().expect("mutex should be unpoisoned"); | ||
let nonce_reuse = locked_nonces.contains(&remote_nonce); | ||
// Regardless of whether we observed nonce reuse, clean up the nonce set. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
// Disconnect if peer is using an obsolete version. | ||
return Err(HandshakeError::ObsoleteVersion(remote_version)); | ||
} | ||
// Wrap the entire initial connection setup in a timeout. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Motivation
It's hard to have consistent timeouts when we have to add a
timeout()
to everysend
andnext
during version negotiation. Also, the timeout value was too large.Solution
The code in this pull request has:
Review
@dconnolly asked for a timeout value change in #1850, but it was pretty easy to just make it a separate function with a single timeout.
This change blocks some of the upcoming security refactors, so it should be merged soon.
Related Issues
Closes #1994.