search

TokTok / c-toxcore

The future of online communications.
https://tox.chat
GNU General Public License v3.0
2.21k stars 280 forks source link

refactor: Observers/ignored peers can now send and receive custom packets #2728

Closed JFreegman closed 3 months ago

JFreegman commented 3 months ago

The Observer role was intended to prevent peers from being disruptive and/or interacting with other peers in the group. It wasn't intended to cripple custom protocols running on-top of the groups such as file sharing and message syncing.

In cases where it might be undesirable for observers to use custom packets (e.g. starting a file transfer) the client will still have the ability to decide whether or not to allow it.

This change is Reviewable

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 73.05%. Comparing base (b3c3c49) to head (99e0bcc).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #2728 +/- ## ========================================== - Coverage 73.11% 73.05% -0.06% ========================================== Files 149 149 Lines 30517 30499 -18 ========================================== - Hits 22313 22282 -31 - Misses 8204 8217 +13 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

zoff99 commented 3 months ago

this allows a peer thats is muted (observer) to send packets. i don't think this is a good thing. spam blocking on the receiver side is worse than blocking on the sender side. i do not like this.

JFreegman commented 3 months ago

this allows a peer thats is muted (observer) to send packets. i don't think this is a good thing. spam blocking on the receiver side is worse than blocking on the sender side. i do not like this.

Nothing stops a malicious peer from modifying their source code and spamming illegitimate custom packets to a group, regardless of their permissions (apart from removing them from the group). The only thing this PR changes in that respect is that the spammer no longer needs to remove those client-side checks themselves. However, in order to spam illegitimate custom packets, they will still need to modify the source code, and removing the client-side checks at the same time is trivial.