From 366022cebb123d1d5f117982ba1c0589aa1cc7e7 Mon Sep 17 00:00:00 2001 From: Michael Peters Date: Tue, 25 Oct 2022 22:37:40 -0700 Subject: [PATCH] fix double-requests by removing verify on connect --- src/client/webapp/auto-verifier.ts | 12 +++++----- .../lists/components/channel-element.tsx | 1 + src/client/webapp/fetchable-pair-verifier.ts | 7 +----- src/client/webapp/guild-combined.ts | 9 ++++---- src/client/webapp/socket-verifier.ts | 2 +- src/server/db.ts | 2 +- src/server/server-controller.ts | 23 +++++++++---------- 7 files changed, 26 insertions(+), 30 deletions(-) diff --git a/src/client/webapp/auto-verifier.ts b/src/client/webapp/auto-verifier.ts index e179f22..391c006 100644 --- a/src/client/webapp/auto-verifier.ts +++ b/src/client/webapp/auto-verifier.ts @@ -5,7 +5,6 @@ const LOG = Logger.create(__filename, electronConsole); import { Changes, WithEquals } from './data-types'; -import * as uuid from 'uuid'; import assert from 'assert'; export enum AutoVerifierChangesType { @@ -30,8 +29,6 @@ export class AutoVerifier { private verifyPromise: Promise | null = null; public trustedStatus: 'none' | 'fetching' | 'verifying' | 'verified' = 'none'; - private verifierId: string; - /** * allows a trusted function to verify the primary function * @param primaryFunc The primary function @@ -42,9 +39,8 @@ export class AutoVerifier { private primaryFunc: () => Promise, private trustedFunc: () => Promise, private verifyFunc: (primaryResult: T | null, trustedResult: T | null) => Promise, - ) { - this.verifierId = uuid.v4().slice(undefined, 4); - } + private name: string | null = null, // for debugging + ) {} /** returns the changes that must be made to primaryResult given trustedResult */ static getChanges & { id: string }>( @@ -125,6 +121,7 @@ export class AutoVerifier { primaryFunc: () => Promise, trustedFunc: () => Promise, changesFunc: (changesType: AutoVerifierChangesType, changes: Changes) => Promise, + name: string | null = null, ) { return new AutoVerifier( primaryFunc, @@ -134,6 +131,7 @@ export class AutoVerifier { const changesType = AutoVerifier.getListChangesType(primaryResult, trustedResult, changes); return await changesFunc(changesType, changes); }, + name, ); } @@ -145,6 +143,7 @@ export class AutoVerifier { primaryResult: T | null, trustedResult: T | null, ) => Promise, + name: string | null = null, ) { return new AutoVerifier( primaryFunc, @@ -153,6 +152,7 @@ export class AutoVerifier { const changesType = AutoVerifier.getSingleChangesType(primaryResult, trustedResult); return await changesFunc(changesType, primaryResult, trustedResult); }, + name, ); } diff --git a/src/client/webapp/elements/lists/components/channel-element.tsx b/src/client/webapp/elements/lists/components/channel-element.tsx index 9a076a0..3706824 100644 --- a/src/client/webapp/elements/lists/components/channel-element.tsx +++ b/src/client/webapp/elements/lists/components/channel-element.tsx @@ -55,6 +55,7 @@ const ChannelElement: FC = (props: ChannelElementProps) => setOverlay(); }, [setOverlay, channel]); + // TODO: Restrict for permissions return (
{BaseElements.TEXT_CHANNEL_ICON}
diff --git a/src/client/webapp/fetchable-pair-verifier.ts b/src/client/webapp/fetchable-pair-verifier.ts index 0501471..19b670b 100644 --- a/src/client/webapp/fetchable-pair-verifier.ts +++ b/src/client/webapp/fetchable-pair-verifier.ts @@ -22,7 +22,7 @@ export default class PairVerifierFetchable extends EventEmitter im public readonly fetchMessagesBeforeVerifier: AutoVerifierWithArg; public readonly fetchMessagesAfterVerifier: AutoVerifierWithArg; - constructor(private primary: Fetchable & Lackable, private trusted: Fetchable & Ensurable) { + constructor(private primary: Fetchable & Lackable, private trusted: Fetchable & Ensurable, private name: string | null = null) { super(); if (trusted instanceof PairVerifierFetchable) { @@ -239,7 +239,6 @@ export default class PairVerifierFetchable extends EventEmitter im } unverify() { - // lOG.debug('unverifying all'); this.fetchMetadataVerifier.unverify(); this.fetchMembersVerifier.unverify(); this.fetchChannelsVerifier.unverify(); @@ -250,10 +249,6 @@ export default class PairVerifierFetchable extends EventEmitter im this.fetchMessagesRecentVerifier.unverifyAll(); this.fetchMessagesBeforeVerifier.unverifyAll(); this.fetchMessagesAfterVerifier.unverifyAll(); - - if (this.trusted instanceof PairVerifierFetchable) { - this.trusted.unverify(); - } } async fetchMetadata(): Promise { diff --git a/src/client/webapp/guild-combined.ts b/src/client/webapp/guild-combined.ts index 16a65fa..7a9a786 100644 --- a/src/client/webapp/guild-combined.ts +++ b/src/client/webapp/guild-combined.ts @@ -59,14 +59,15 @@ export default class CombinedGuild this.personalDBGuild = new PersonalDBGuild(personalDB, this.id, this.memberId); this.socketGuild = new SocketGuild(socket, socketVerifier); - const diskSocket = new PairVerifierFetchable(this.personalDBGuild, this.socketGuild); - const ramDiskSocket = new PairVerifierFetchable(this.ramGuild, diskSocket); + const diskSocket = new PairVerifierFetchable(this.personalDBGuild, this.socketGuild, 'Disk -> Socket'); + const ramDiskSocket = new PairVerifierFetchable(this.ramGuild, diskSocket, 'RAM -> Disk'); + // TODO: I think this unverify is causing the RARE ALERTs + // do we need to unverify on connect? or just disconnect? // connect/Disconnect this.socketGuild.on('connect', () => { LOG.info(`g#${this.id} connected`); - diskSocket.unverify(); - ramDiskSocket.unverify(); + ramDiskSocket.unverify(); // make sure to query the disk-socket AutoVerifier again this.emit('connect'); }); this.socketGuild.on('disconnect', async () => { diff --git a/src/client/webapp/socket-verifier.ts b/src/client/webapp/socket-verifier.ts index c23e044..a173ae3 100644 --- a/src/client/webapp/socket-verifier.ts +++ b/src/client/webapp/socket-verifier.ts @@ -53,7 +53,7 @@ export default class SocketVerifier extends EventEmitter<{ verified: () => void } this.memberId = memberId; this.isVerified = true; - LOG.debug(`verified as u#${memberId}`); + LOG.debug(`verified as u#${memberId.slice(0, 4)}`); resolve(memberId); this.emit('verified'); }); diff --git a/src/server/db.ts b/src/server/db.ts index 081a25a..78fe7fa 100644 --- a/src/server/db.ts +++ b/src/server/db.ts @@ -67,7 +67,7 @@ export default class DB { // eslint-disable-next-line newline-per-chained-call LOG.silly( `searching for public key (der hash: ${LOG.inspect( - crypto.createHash('sha256').update(der).digest().toString('hex'), + crypto.createHash('sha256').update(der).digest().toString('hex').slice(0, 8), )})`, ); diff --git a/src/server/server-controller.ts b/src/server/server-controller.ts index 069688c..23c2f2b 100644 --- a/src/server/server-controller.ts +++ b/src/server/server-controller.ts @@ -127,7 +127,6 @@ function bindEvent( } } } - //lOG.debug(`c#${client.id}: ${name}`); try { await handler(...args); } catch (e) { @@ -139,7 +138,7 @@ function bindEvent( } } catch (e) { if (e instanceof SignatureError) { - LOG.warn(`c#${client.id}: ${name} request does not match expected signature`, { + LOG.warn(`c#${client.id.slice(0, 4)}: ${name} request does not match expected signature`, { signature, args, msg: e.message, @@ -147,7 +146,7 @@ function bindEvent( // do not respond to requests with invalid signatures } else if (e instanceof EventError) { LOG.warn( - `c#${client.id}: ${e.message}${e.extended_message ? ' / ' + e.extended_message : ''}`, + `c#${client.id.slice(0, 4)}: ${e.message}${e.extended_message ? ' / ' + e.extended_message : ''}`, e.cause, ); respond(e.message); @@ -204,7 +203,7 @@ function bindRegistrationEvents(io: socketio.Server, client: socketio.Socket): v const member = await DB.getMember(guildId, memberId); const meta = await DB.getGuild(guildId); - LOG.info(`c#${client.id}: registered with t#${token} as u#${member.id} / ${member.display_name}`); + LOG.info(`c#${client.id.slice(0, 4)}: registered with t#${token} as u#${member.id} / ${member.display_name}`); respond(null, member, meta); @@ -245,7 +244,7 @@ function bindChallengeVerificationEvents(io: socketio.Server, client: socketio.S throw new EventError('unauthorized public key', e as Error); } - LOG.debug(`c#${client.id}: challenging for u#${identity.memberId?.slice(0, 4)}`); + LOG.debug(`c#${client.id.slice(0, 4)}: challenging for u#${identity.memberId?.slice(0, 4)}`); if (connected.find(i => i.memberId === identity.memberId && i.verified)) { throw new EventError('member already connected'); @@ -315,10 +314,10 @@ function bindChallengeVerificationEvents(io: socketio.Server, client: socketio.S .map((privilege: string) => guildPrivilegeRoomName(identity.guildId as string, privilege)) : [], ); - LOG.debug(`c#${client.id} joining ${rooms.join(', ')}`); + LOG.debug(`c#${client.id.slice(0, 4)} joining g#[${rooms.map(room => room.slice(0, 4)).join(', ')}]`); client.join(rooms); - LOG.info(`c#${client.id}: verified as g#${identity.guildId} u#${identity.memberId?.slice(0, 4)}`); + LOG.info(`c#${client.id.slice(0, 4)}: verified as g#${identity.guildId.slice(0, 4)} u#${identity.memberId?.slice(0, 4)}`); respond(null, identity.memberId); }); } @@ -753,7 +752,7 @@ function bindActionEvents(io: socketio.Server, client: socketio.Socket, identity if (!identity.memberId) throw new EventError('identity no memberId'); if (avatarBuff.length > MAX_AVATAR_SIZE) { - LOG.warn(`c#${client.id}: avatar too large`); + LOG.warn(`c#${client.id.slice(0, 4)}: avatar too large`); respond('buffer too large'); return; } @@ -825,7 +824,7 @@ function bindFetchEvents(client: socketio.Socket, identity: IIdentity): void { if (!identity.guildId) throw new EventError('identity no guildId'); if (!identity.memberId) throw new EventError('identity no memberId'); LOG.info( - `u#${identity.memberId?.slice(0, 4)}: fetching recent messages for ch#${channelId} number: ${number}`, + `u#${identity.memberId?.slice(0, 4)}: fetching recent messages for ch#${channelId.slice(0, 4)} number: ${number}`, ); const messages = await DB.getMessagesRecent(identity.guildId, channelId, number); respond(null, messages); @@ -929,7 +928,7 @@ function bindFetchEvents(client: socketio.Socket, identity: IIdentity): void { export function bindSocketEvents(io: socketio.Server): void { io.on('connection', client => { - LOG.info(`c#${client.id}: connected`); + LOG.info(`c#${client.id.slice(0, 4)}: connected`); const identity: IIdentity = { guildId: null, @@ -953,7 +952,7 @@ export function bindSocketEvents(io: socketio.Server): void { 1, ); if (identity.verified) { - LOG.info(`c#${client.id}: disconnected (was u#${identity.memberId?.slice(0, 4)})`); + LOG.info(`c#${client.id.slice(0, 4)}: disconnected (was u#${identity.memberId?.slice(0, 4)})`); (async () => { if (!identity.guildId || !identity.memberId) return; try { @@ -963,7 +962,7 @@ export function bindSocketEvents(io: socketio.Server): void { } })(); } else { - LOG.info(`c#${client.id}: disconnected (was unverified)`); + LOG.info(`c#${client.id.slice(0, 4)}: disconnected (was unverified)`); } }); });