multi: add spam option for test client. #4
Draft
dnldd wants to merge 8 commits intobisoncraft:masterfrom
Draft
Conversation
dnldd
force-pushed
the
testclient-spam-option
branch
from
1224696 to
826bd71
Compare
dnldd
force-pushed
the
testclient-spam-option
branch
2 times, most recently
from
07197f8 to
7a3ce45
Compare
This implements a ban manager that tracks client ips and their associated infractions. Associated tests have been added.
This adds a broadcast rate limiter for clients to control frequency of broadcasts made by clients.
This updates tatanka handlers to punish clients sending malformed messages, spamming broadcasts or impersonating nodes by posting to restricted topics like the clients ban and oracle topics. Unauthorized errors now propagate to the client to terminate it.
This restructures infractions by gossiping infractions immediately to the mesh, this way mesh nodes keep an equivalent infractions dataset. Also connecting nodes on startup request for an infraction snapshot, via the infractions snapshot protocol, from one of the mesh nodes picked at random. The ban manager ensures infractions are deduplicated by checking if an infraction key exists for an infraction or not. Associated tests have been updated accordingly and an integration test for new nodes joining a mesh and requesting an infraction snapshot has been added.
This updates client message publishing to return a response in order to be notified of infractions when publishing messages.
The check prevented clients from publishing messages with topic names starting with "client_infractions", but this was defensive without real security benefit. Real infractions use clientInfractionsTopic (whitelist-only, node-to-node). Clients cannot access the whitelist-only topic (peerFilter blocks non-whitelist peers). If a client publishes topic="client_infractions" to clientMessageTopic, it's just a normal broadcast with no effect on the ban system. Infractions are never sent to clients, so spoofing has no impact. This differs from the oracle topic check (retained), where clients actually receive oracle data and could be misled by spoofed messages if the Sender field is not validated. This also: - Fixes double expiry calculation in recordInfraction: extract expiry to single variable so local infraction and gossip message use identical timestamp - Replaces unbounded context.Background() with timeout context in recordInfraction to prevent indefinite gossip blocking - Skips MalformedMessage infraction on io.EOF (clean disconnect) in 5 handlers: handleClientPush, handleClientSubscribe, handleClientPublish, handlePostBonds, handleClientRelayMessage. Only record infraction for actual parse errors.
Fixed flaky TestMeshConnectionManagerFailover by separating exponential backoff semantics: backoff now applies only when all nodes are exhausted, not when primary connection fails with alternatives available. On primary connection error, immediately call attemptConnect() to try alternatives. On failed connection attempts (no nodes available), apply exponential backoff before retrying. This maintains graceful error recovery while fixing unnecessary delays that caused test timeouts. Backoff is applied only in the appropriate scenario: when we've tried all options and need to wait before retrying, not when we have alternatives to try immediately.
This adds a feature to the test client where it publishes spam for the purposes of testing out broadcast restrictions. The harness has also been updated to allow toggling this feature when needed.
dnldd
force-pushed
the
testclient-spam-option
branch
from
7a3ce45 to
68dd915
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This adds a feature to the test client where it publishes spam for the purposes of testing out broadcast restrictions. The harness has also been updated to allow toggling this feature when needed.
NB: this is based on #3 , it'll be prepared to merge after that.