search

painless-security / trust-router

Moonshot Trust Router
0 stars 0 forks source link

Community memberships do not properly expire after a peer is lost #71

Closed jennifer-richards closed 6 years ago

jennifer-richards commented 6 years ago

While debugging #69, I discovered that not all of the communities that had been learned from a peer were ever removed.

When a peer is lost, the periodic updates to the community information stop coming, so all of the community memberships should eventually expire and be removed. Some were expiring, others were not and persisted indefinitely.

This may be related to #69 because it is possible this can leave the community table in an inconsistent state, perhaps containing pointers to previously freed membership records. I don't have a specific mechanism for that to happen, though.

jennifer-richards commented 6 years ago

This was fixed by #70 - the iterator for the community membership table was entirely incorrect. After fixing that, all realms and community memberships expire as expected.

jennifer-richards commented 6 years ago

Test

Steps

  1. Set up two trust routers as peers. At least one should be transmitting community updates to the other
  2. Start the trust routers and let them establish peering and exchange info
  3. Use trmon to examine the community table on the trust router that you are not going to shut down in the next step.
  4. Stop one (if only one is announcing community info, shut that one down)
  5. Wait between 3 and 6 times the scheduled update interval configured for the trust router you just shut down and use trmon to examine the community table on the running trust router
  6. Wait more than 6 times the scheduled update interval and use trmon again.

Expected results

  1. Before shutting down the trust router, you should see all of its announced community memberships, each with an expiration time (this may be in the future, or it may be in 1970, depending on which pull requests have been merged when you test). Each should have 'times_expired' of 0
  2. In step 5, the community memberships should still all be present, but now should have "times_expired" of 1
  3. In step 6, all of the community memberships should have been removed, leaving only entries with "source" of "file".
meadmaker commented 6 years ago

Verified!