Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

Consolidated Security Updates for 2.0.12 - develop #10272

Merged
merged 5 commits into from
Apr 20, 2021
Merged

Consolidated Security Updates for 2.0.12 - develop #10272

merged 5 commits into from
Apr 20, 2021

Conversation

nickjjzhao
Copy link
Contributor

@nickjjzhao nickjjzhao commented Apr 20, 2021
edited
Loading

Consolidated Security Updates for 2.0.12

Apply three-strikes rule to all transaction failures
Apply unconditional subjective CPU check along with some additional logging
Provide options to enable subjective CPU billing for P2P and API transactions ,and provide an option to disable it for individual accounts

v2.0.x - #10264

Co-Authored-By:Kevin Heifner heifnerk@objectcomputing.com
Co-Authored-By:Lin Huang lin.huang@block.one

Change Type

Select ONE:

  • Documentation
  • Stability bug fix
  • Other
  • Other - special case

Testing Changes

Select ANY that apply:

  • New Tests
  • Existing Tests
  • Test Framework
  • CI System

@nickjjzhao
Merge security patch PR#371 into develop
07e40b8 
- Apply three-strikes rule to all transaction failures
- Apply unconditional subjective CPU check along with some additional logging
- Provide options to enable subjective CPU billing for P2P and API transactions ,and provide an option to disable it for individual accounts

Co-Authored-By:Kevin Heifner heifnerk@objectcomputing.com
Co-Authored-By:Lin Huang lin.huang@block.one
@nickjjzhao
Resolve more merge conflicts
87c9a83
@heifner heifner changed the title Merge security patch PR#371 into develop Consolidated Security Updates for 2.0.12 - develop Apr 20, 2021
heifner
heifner suggested changes Apr 20, 2021
View reviewed changes
plugins/producer_plugin/producer_plugin.cpp Outdated Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Outdated Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Outdated Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Show resolved Hide resolved
plugins/producer_plugin/producer_plugin.cpp Show resolved Hide resolved
heifner
heifner reviewed Apr 20, 2021
View reviewed changes
plugins/producer_plugin/producer_plugin.cpp
@@ -457,14 +459,14 @@ class producer_plugin_impl : public std::enable_shared_from_this<producer_plugin
future.wait();
app().post( priority::low, [self, future{std::move(future)}, persist_until_expired, next{std::move( next )}, trx{std::move(trx)}]() mutable {
auto exception_handler = [self, &next, trx{std::move(trx)}](fc::exception_ptr ex) {
fc_dlog(_trx_failed_trace_log, "[TRX_TRACE] Speculative execution is REJECTING tx: ${txid} : ${why} ",
("txid", trx->id())("why",ex->what()));
fc_dlog(_trx_failed_trace_log, "[TRX_TRACE] Speculative execution is REJECTING tx: ${txid}, auth: ${a} : ${why} ",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use 3 spaces mostly in our code base.

@nickjjzhao nickjjzhao merged commit dcab780 into develop Apr 20, 2021
@nickjjzhao nickjjzhao deleted the develop-security-fixes branch April 20, 2021 22:31
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@heifner heifner heifner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nickjjzhao @heifner