diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-05-02 15:52:27 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-05-02 17:01:35 -0400 |
commit | f559fcfadd7079140ed64bab68275527f46d334e (patch) | |
tree | 1f30f563093a27188a5b1da37aa764f4e58c0393 /PrevActivity.hs | |
parent | 9456361ed8f6dd094a4c08cc352f9a1fd9d0069f (diff) | |
download | debug-me-f559fcfadd7079140ed64bab68275527f46d334e.tar.gz |
add prevEntered pointer
Client requires this always point to the previous Entered it accepted,
so a hash chain of Entered is built up, and there is no possibility for
ambiguity about which order a client received two Entered activies in.
So restoreHashes now has to try every possible combination of
known hashes for both prevEntered and prevActivity. That could be
significantly more work, but it would be unusual for there to be a lot
of known hashes, so it should be ok.
--graphviz shows this additional hash chain with grey edges
(and leaves out edges identical to the other hash chain)
While testing this with an artifical network lag, it turned out that
signature verification was failing for Reject messages sent by the
user. Didn't quite figure out what was at the bottom of that,
but the Activity Entered that was sent back in a Reject message was
clearly not useful, because it probably had both its prevEntered and
prevActivity hashes set to Nothing (because restoreHashes didn't restore
them, because the original Activity Entered was out of the expected
chain). So, switched Rejected to use a Hash.
(And renamed Rejected to EnteredRejected to make it more clear what
it's rejecting.)
Also, added a lastAccepted hash to EnteredRejected. This lets
the developer find its way back to the accepted chain when some
of its input gets rejected.
This commit was sponsored by Trenton Cronholm on Patreon.
Diffstat (limited to 'PrevActivity.hs')
-rw-r--r-- | PrevActivity.hs | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/PrevActivity.hs b/PrevActivity.hs index 0836c8b..74203fd 100644 --- a/PrevActivity.hs +++ b/PrevActivity.hs @@ -19,7 +19,10 @@ removeHashes msg = MissingHashes $ case msg of Developer (ActivityMessage a) -> Developer (go a) _ -> msg where - go a = ActivityMessage $ a { prevActivity = Nothing } + go a = ActivityMessage $ a + { prevActivity = Nothing + , prevEntered = Nothing + } type RecentActivity = STM (SigVerifier, [Hash]) @@ -29,17 +32,27 @@ type RecentActivity = STM (SigVerifier, [Hash]) -- point the message's signature will verify. restoreHashes :: RecentActivity -> MissingHashes AnyMessage -> STM AnyMessage restoreHashes ra (MissingHashes msg) = case msg of - User (ActivityMessage act) -> - User . ActivityMessage <$> (go act =<< ra) + User (ActivityMessage act) -> + User . ActivityMessage <$> find act Developer (ActivityMessage act) -> - Developer . ActivityMessage <$> (go act =<< ra) + Developer . ActivityMessage <$> find act User (ControlMessage {}) -> return msg Developer (ControlMessage {}) -> return msg where - go act (_, []) = return act - go act (sigverifier, (h:hs)) = do - let act' = act { prevActivity = Just h } - if verifySigned sigverifier act' - then return act' - else go act (sigverifier, hs) + find act = do + (sigverifier, l) <- ra + let l' = Nothing : map Just l + let ll = do + ah <- l' + eh <- l' + return $ act + { prevActivity = ah + , prevEntered = eh + } + go act sigverifier ll + go act _ [] = return act + go act sigverifier (l:ls) = do + if verifySigned sigverifier l + then return l + else go act sigverifier ls |