feat(core-p2p): Validate GET replies from other peers #2102
Conversation
|
@air1one @faustbrian @supaiku0 - please review this in the next few days. Be sure to explicitly select labels so I know what's going on. If no reviewer appears after a week, a reminder will be sent out. |
ghost
requested a review
from
|
@vasild The ci/circleci: test-node11-2 job is failing as of 94761b29e288c4c1a6e4dfed652219d7cf64516b. Please review the logs for more information. Once you've pushed the fixes, the build will automatically re-run. Thanks! |
|
This is a breaking change in how the legacy P2P API responds, some people still rely on it so that is a no go. This is a change that will be made for websockets. |
We agreed that I add a schema validation as a followup PR after #2032: Now, should I relax the validation so that it allows "legacy P2P API" replies, or completely ditch this PR |
|
By the way I get the following with this patch: and the node keeps working by fetching the peer list from another peer. This looks like a good way to get rid of the IP addresses like "2130706433" with which devnet is poisoned. |
|
If you change it so that the responses don't change we can keep it open, otherwise I would wait until 2.6 with it and talk to @air1one as he currently is working on the websockets. |
ghost
mentioned this pull request
Yes, sure. The idea was never to change the responses. The idea is to check that the responses are the expected ones. So, I guess, the rules should be relaxed. @air1one how would this fit with websockets? I guess with websockets we still send JSONs back and forth, right? So the validation is still relevant, no matter whether we received the reply via HTTP or websockets. |
|
@vasild try to finish this until the end of the week so we can put it on devnet and freeze the develop branch for the 2.2 release. |
Codecov Report
@@ Coverage Diff @@
## develop #2102 +/- ##
===========================================
- Coverage 79.55% 79.48% -0.07%
===========================================
Files 329 330 +1
Lines 7900 7913 +13
Branches 1123 1114 -9
===========================================
+ Hits 6285 6290 +5
- Misses 1582 1590 +8
Partials 33 33
Continue to review full report at Codecov.
|
packages/core-p2p/src/peer.ts
Outdated
| import util from "util"; | ||
| import { config as localConfig } from "./config"; | ||
| import { PeerPingTimeoutError, PeerStatusResponseError, PeerVerificationFailedError } from "./errors"; | ||
| import { PeerVerificationResult, PeerVerifier } from "./peer-verifier"; | ||
|
|
||
| export class Peer implements P2P.IPeer { | ||
| private static replySchemas: any = { |
There was a problem hiding this comment.
Please move the schemas into a separate file.
…ply-validation * ArkEcosystem/core/develop: chore(release): 2.2.0-beta.7 (#2141)
ghost
mentioned this pull request
* ArkEcosystem/core/2.3: chore: move core-graphql to the deprecated folder (#2169) refactor(crypto): benchmarks (#2167) refactor: replace micromatch with nanomatch and remove heavy deps (#2165) feat(crypto): increase vendor field length to 255 bytes (#2159) feat(core-api): search delegates by usernames (#2143) feat(core-logger-pino): initial implementation (#2134) perf(crypto): integrate bcrypto (#2158) feat(core): ask for process restarts after updating (#2155) refactor(core): replace pm2 with process manager (#2154) refactor(core): require the user to take action for updates (#2153) feat(core-p2p): Fetch list of peers from at least a few others (#2152) refactor(core): more robust check for ensureDefaults (#2151) fix(core): ensure file and defaults before reading fix(core): return correct suffix for core:restart command (#2150) fix(core-database): properly sort BigNumber values (#2144) feat(core): configuration and channel support for the CLI (#2145) feat(core): merge core-snapshot-cli commands into core (#2149) fix(core-api): pass query to findAllByVote method (#2142) feat(core-p2p): Validate GET replies from other peers (#2102) chore(release): 2.2.0-beta.7 (#2141) fix(core-blockchain): stuck at not ready to accept new block (#2139) refactor(core-p2p): Improve selection of peer for downloading blocks (#2137) fix(core): overwrite the config path if an env variable is provided (#2140) fix(core): do not ignore the network flag in parseWithNetwork (#2138) chore(release): 2.2.0-beta.6 (#2136) refactor(core-container): throw an error if the peers or plugins file are missing (#2135) chore(release): 2.2.0-beta.5 (#2132) refactor(core-p2p): reduce logging noise (#2129) misc(core-p2p): remove superfluous log message (#2128) refactor(core-p2p): Improve fork handling in updatePeersOnMissingBlocks (#2125)
Proposed changes
Types of changes
Checklist