Skip to content
This repository was archived by the owner on Nov 6, 2020. It is now read-only.

Use randomized subscription ids for PubSub #5756

Merged
merged 6 commits into from
Jun 13, 2017
Merged

Use randomized subscription ids for PubSub #5756

merged 6 commits into from
Jun 13, 2017

Conversation

tomusdrw
Copy link
Collaborator

@tomusdrw tomusdrw commented Jun 4, 2017

No description provided.

@tomusdrw tomusdrw added A0-pleasereview 🤓 Pull request needs code review. M6-rpcapi 📣 RPC API. labels Jun 4, 2017
@tomusdrw tomusdrw requested review from debris and rphmeier June 4, 2017 09:07
rphmeier
rphmeier reviewed Jun 5, 2017
View reviewed changes
rpc/src/v1/helpers/subscribers.rs
pub struct Subscribers<T> {
next_id: u64,
subscriptions: HashMap<u64, T>,
rand: StdRng,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why use random IDs? is it a reason that's defeated by not using cryptographic-strength randomness?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When you run public node it would be possible to cancel other peoples subscriptions. We could instead have an id per session, but I think it would be a bit more complicated.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i see, but you could still guess and get lucky and cancel others'?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, you could even try to fire milions of requests and cancel all of them. But that should be that should be handled by some rate limiting (that is needed anyway).

debris
debris reviewed Jun 6, 2017
View reviewed changes
rpc/src/v1/helpers/subscribers.rs Outdated
Err(_) => {
self.next_id -= 1;
},
Err(_) => {},
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if let is more idiomatic

@NikVolf NikVolf added A8-looksgood 🦄 Pull request is reviewed well. and removed A0-pleasereview 🤓 Pull request needs code review. labels Jun 12, 2017
@gavofyork gavofyork merged commit 57479da into master Jun 13, 2017
@gavofyork gavofyork deleted the pusubid branch June 13, 2017 15:36
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@debris debris debris left review comments

@rphmeier rphmeier rphmeier left review comments

Assignees
No one assigned
Labels
A8-looksgood 🦄 Pull request is reviewed well. M6-rpcapi 📣 RPC API.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tomusdrw @debris @rphmeier @gavofyork @NikVolf