swarm/pss: Message handler refactor #965
Conversation
nolash
requested review from
gbalint,
holisticode,
janos,
acud,
nonsense and
zelig
as code owners
nolash
removed request for
nonsense,
janos,
holisticode,
gbalint,
zelig and
acud
nolash
force-pushed
the
pss-handler-refactor-depth
branch
from
c0eff2c to
588ab17
Compare
nolash
requested review from
adamschmideg and
zelig
and removed request for
adamschmideg
|
https://travis-ci.org/ethersphere/go-ethereum/jobs/443683817#L439 |
swarm/pss/api.go
Outdated
| }, | ||
| } | ||
| if raw { | ||
| hndlr.caps |= handlerCapRaw |
| // - no prox handler on message and partial address matches | ||
| // - prox handler on message and we are in prox regardless of partial address match | ||
| // store this result so we don't calculate again on every handler | ||
| var isProx bool |
There was a problem hiding this comment.
Now I think you execute a raw handler for a message if there is another handler that allows prox even if that handler does not allow prox.
I think this logic should be different now, instead of isSelf calls we should just have a call to func getHandlersFor(topic, type) *handler when the type enum is
rawif the message is rawsymif the message has a symkey hintasymif there is no hint.
the handlers would be in a map indexed by topic+type serialised.
this would return a list of handlers where the handler would have an address matcher
to be called with address and sym key hint.
func (*handler) match(address, symhint) (payload []byte, handlers []*handlerFunc, forward bool)
this would
- lookup decryption key from hint and open for sym
- it would match on address
- or partial address if allowed
- or proximity if allowed
- or it would decrypt with asym if there was no hint
and return the decrypted payload and the handlers that matched and a bool to indicate if the message needs to be forwarded (only false if full destination address matches)
There was a problem hiding this comment.
Now I think you execute a raw handler for a message if there is another handler that allows prox even if that handler does not allow prox.
It's not clear to mean what you mean here, but the condition in pss.go:380 stops handling of raw message if no raw handlers are registered for the topic.
There was a problem hiding this comment.
sure but it still tries it even though we could know better by then....
zelig
force-pushed
the
pss-handler-refactor-depth
branch
from
f42eca7 to
9edcb1c
Compare
nolash
force-pushed
the
pss-handler-refactor-depth
branch
from
10def86 to
11f1528
Compare
swarm/pss/pss_test.go
Outdated
| // remote address distances from localAddr to try and the expected outcomes if we use prox handler | ||
| remoteDistances := []int{ | ||
| 255, | ||
| kad.MinBinSize + 1, |
There was a problem hiding this comment.
this is very confusing and most likely wrong. How is kad.MinBinSize relate to proximity order (you call distance)?
This works only becuse you set peerCount := kad.MinBinSize + 2 , kad.MinProxBinSize happens to be 2 and you fill the table with peers in PO bins staring from 0.
This is way too arcane for a test.
There was a problem hiding this comment.
I wanted to make sure that I have one peer in each bin, two more peers than NNs. The NNs in this test will be in two separate bins.
Are you arguing that the test will break if kad.MinBinSize would change? I'm not sure how?
I do agree however that the naming in this test makes it confusing. How about I copy the kad.MinBinSize to a local var, and only use local var names thereafter?
|
Also, the algo for forwarding needs fixing as per our convo (see my code) |
|
@zelig I think this was wrong before. Can you evaluate too please? |
nolash
force-pushed
the
pss-handler-refactor-depth
branch
from
a46ac96 to
b13b05c
Compare
swarm/network/kademlia.go
Outdated
| @@ -430,6 +433,12 @@ func (k *Kademlia) eachAddr(base []byte, o int, f func(*BzzAddr, int, bool) bool | |||
| // the nearest neighbour set with cardinality >= MinProxBinSize | |||
| // if there is altogether less than MinProxBinSize peers it returns 0 | |||
| // caller must hold the lock | |||
swarm/pss/protocol_test.go
Outdated
| @@ -129,7 +129,9 @@ func testProtocol(t *testing.T) { | |||
| case <-lmsgC: | |||
| log.Debug("lnode ok") | |||
| case cerr := <-lctx.Done(): | |||
| t.Fatalf("test message timed out: %v", cerr) | |||
| _ = cerr | |||
swarm/pss/pss.go
Outdated
| return false | ||
| } | ||
|
|
||
| minProx := p.Kademlia.NeighbourhoodDepth() |
swarm/pss/pss.go
Outdated
| } | ||
|
|
||
| minProx := p.Kademlia.NeighbourhoodDepth() | ||
| depth, _ := p.Kademlia.Pof(p.Kademlia.BaseAddr(), msg.To, 0) |
| if err != nil { | ||
| return err | ||
| } | ||
| if p.isSelfPossibleRecipient(pssMsg, true) && p.topicHandlerCaps[topic].prox { |
There was a problem hiding this comment.
worth a comment that this is loopback
nolash
force-pushed
the
pss-handler-refactor-depth
branch
from
45e6069 to
8b7918b
Compare
swarm/pss/pss.go
Outdated
|
|
||
| if minProx <= depth { | ||
| if po <= depth { |
There was a problem hiding this comment.
lol sorry. thanks for catching it
zelig
added
ready to submit to ethereum/go-ethereum
and removed
ready for review
labels
|
Submitted upstream ethereum/go-ethereum#18169 |
This is the first in a series of PR providing the following enhancements to PSS:
Send fully addressed messages to neighbourhoods
The possibility of sending a message with full
PssAddressto a neighbourhood of nodes, by interactive with the Kademlia. The primary use case is chunk syncing, where the chunk will have full address but nodes that have responsibility for storing the chunk should still regard themselves as recipients of it.Mitigate external influence of resource expenditure
If receiving raw messages, currently all raw messages will be passed on to handling code, effectively passing the responsibility of limiting resource expenditure to the handlers. This can be risky, in case of implementations that do not protect against request flooding. Whether to handle raw messages or not should therefore be explicitly set on the handler.
This also pertains to symmetric decryptions, were all registered symmetric keys (for decryption) share the same LRU cache which is tried sequentially on the decrypt. Instead, there should be symkey decrypt caches per topic.
Symkey filter in message type
To reduce resource expenditure in symmetric decryption, an extra field in the message type will be introduced where up to 32 bytes of symmetric key hint can be added. The hint is a hash of the symmetric key, indexed on both sides. The symkey cache must be refactored to be able to take advantage of this hint. A zero-value in this field would indicate public key crypto.
This also clears the way for upgrading whisper support to v6, as one of the changes in whisper v6 is omission of the symkey nonce in the whisper envelope; with this field it's still possible to identify incoming symmetrically encrypted messages, to avoid a forced attempt of asymmetric decryption on every reception.
Part 1
protocols,handshakes,pss/clientandnotifyhave all been edited to pass tests with the newHandlerstruct, but need to be revisited for implementation details. This will follow in a later PRThe PR also replaces the
-v[v]verbosity flags for tests with--loglevelflag that sets the loglevel explicitly, and default level to 2 (log.Warn).