2021-05-30 19:52:34 -07:00
|
|
|
//! DateTime types with specific serialization invariants.
|
|
|
|
|
|
|
|
|
|
use std::{
|
|
|
|
|
convert::{TryFrom, TryInto},
|
|
|
|
|
fmt,
|
|
|
|
|
num::TryFromIntError,
|
|
|
|
|
};
|
|
|
|
|
|
2021-12-03 10:09:43 -08:00
|
|
|
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
|
|
|
|
use chrono::{TimeZone, Utc};
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
use super::{SerializationError, ZcashDeserialize, ZcashSerialize};
|
|
|
|
|
|
|
|
|
|
/// A date and time, represented by a 32-bit number of seconds since the UNIX epoch.
|
|
|
|
|
#[derive(Copy, Clone, Eq, PartialEq, Ord, PartialOrd, Hash)]
|
|
|
|
|
pub struct DateTime32 {
|
|
|
|
|
timestamp: u32,
|
|
|
|
|
}
|
|
|
|
|
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// An unsigned time duration, represented by a 32-bit number of seconds.
|
|
|
|
|
#[derive(Copy, Clone, Eq, PartialEq, Ord, PartialOrd, Hash)]
|
|
|
|
|
pub struct Duration32 {
|
|
|
|
|
seconds: u32,
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
impl DateTime32 {
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// The earliest possible `DateTime32` value.
|
|
|
|
|
pub const MIN: DateTime32 = DateTime32 {
|
|
|
|
|
timestamp: u32::MIN,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/// The latest possible `DateTime32` value.
|
|
|
|
|
pub const MAX: DateTime32 = DateTime32 {
|
|
|
|
|
timestamp: u32::MAX,
|
|
|
|
|
};
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
/// Returns the number of seconds since the UNIX epoch.
|
|
|
|
|
pub fn timestamp(&self) -> u32 {
|
|
|
|
|
self.timestamp
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the equivalent [`chrono::DateTime`].
|
|
|
|
|
pub fn to_chrono(self) -> chrono::DateTime<Utc> {
|
|
|
|
|
self.into()
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns the current time.
|
|
|
|
|
///
|
|
|
|
|
/// # Panics
|
|
|
|
|
///
|
|
|
|
|
/// If the number of seconds since the UNIX epoch is greater than `u32::MAX`.
|
2021-05-30 19:52:34 -07:00
|
|
|
pub fn now() -> DateTime32 {
|
2021-12-03 10:09:43 -08:00
|
|
|
chrono::Utc::now()
|
2021-05-30 19:52:34 -07:00
|
|
|
.try_into()
|
|
|
|
|
.expect("unexpected out of range chrono::DateTime")
|
|
|
|
|
}
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns the duration elapsed between `earlier` and this time,
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// or `None` if `earlier` is later than this time.
|
|
|
|
|
pub fn checked_duration_since(&self, earlier: DateTime32) -> Option<Duration32> {
|
|
|
|
|
self.timestamp
|
|
|
|
|
.checked_sub(earlier.timestamp)
|
2021-06-21 19:16:59 -07:00
|
|
|
.map(Duration32::from)
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
}
|
|
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns duration elapsed between `earlier` and this time,
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// or zero if `earlier` is later than this time.
|
|
|
|
|
pub fn saturating_duration_since(&self, earlier: DateTime32) -> Duration32 {
|
2021-06-21 19:16:59 -07:00
|
|
|
Duration32::from(self.timestamp.saturating_sub(earlier.timestamp))
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
}
|
|
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns the duration elapsed since this time,
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// or if this time is in the future, returns `None`.
|
2021-12-03 10:09:43 -08:00
|
|
|
pub fn checked_elapsed(&self, now: chrono::DateTime<Utc>) -> Option<Duration32> {
|
|
|
|
|
DateTime32::try_from(now)
|
|
|
|
|
.expect("unexpected out of range chrono::DateTime")
|
|
|
|
|
.checked_duration_since(*self)
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
}
|
|
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns the duration elapsed since this time,
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
/// or if this time is in the future, returns zero.
|
2021-12-03 10:09:43 -08:00
|
|
|
pub fn saturating_elapsed(&self, now: chrono::DateTime<Utc>) -> Duration32 {
|
|
|
|
|
DateTime32::try_from(now)
|
|
|
|
|
.expect("unexpected out of range chrono::DateTime")
|
|
|
|
|
.saturating_duration_since(*self)
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
}
|
2021-06-21 19:16:59 -07:00
|
|
|
|
|
|
|
|
/// Returns the time that is `duration` after this time.
|
|
|
|
|
/// If the calculation overflows, returns `None`.
|
|
|
|
|
pub fn checked_add(&self, duration: Duration32) -> Option<DateTime32> {
|
|
|
|
|
self.timestamp
|
|
|
|
|
.checked_add(duration.seconds)
|
|
|
|
|
.map(DateTime32::from)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the time that is `duration` after this time.
|
|
|
|
|
/// If the calculation overflows, returns `DateTime32::MAX`.
|
|
|
|
|
pub fn saturating_add(&self, duration: Duration32) -> DateTime32 {
|
|
|
|
|
DateTime32::from(self.timestamp.saturating_add(duration.seconds))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the time that is `duration` before this time.
|
|
|
|
|
/// If the calculation underflows, returns `None`.
|
|
|
|
|
pub fn checked_sub(&self, duration: Duration32) -> Option<DateTime32> {
|
|
|
|
|
self.timestamp
|
|
|
|
|
.checked_sub(duration.seconds)
|
|
|
|
|
.map(DateTime32::from)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the time that is `duration` before this time.
|
|
|
|
|
/// If the calculation underflows, returns `DateTime32::MIN`.
|
|
|
|
|
pub fn saturating_sub(&self, duration: Duration32) -> DateTime32 {
|
|
|
|
|
DateTime32::from(self.timestamp.saturating_sub(duration.seconds))
|
|
|
|
|
}
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl Duration32 {
|
|
|
|
|
/// The earliest possible `Duration32` value.
|
|
|
|
|
pub const MIN: Duration32 = Duration32 { seconds: u32::MIN };
|
|
|
|
|
|
|
|
|
|
/// The latest possible `Duration32` value.
|
|
|
|
|
pub const MAX: Duration32 = Duration32 { seconds: u32::MAX };
|
|
|
|
|
|
2021-06-28 22:12:27 -07:00
|
|
|
/// Creates a new [`Duration32`] to represent the given amount of seconds.
|
|
|
|
|
pub const fn from_seconds(seconds: u32) -> Self {
|
|
|
|
|
Duration32 { seconds }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Creates a new [`Duration32`] to represent the given amount of minutes.
|
|
|
|
|
///
|
|
|
|
|
/// If the resulting number of seconds does not fit in a [`u32`], [`Duration32::MAX`] is
|
|
|
|
|
/// returned.
|
|
|
|
|
pub const fn from_minutes(minutes: u32) -> Self {
|
|
|
|
|
Duration32::from_seconds(minutes.saturating_mul(60))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Creates a new [`Duration32`] to represent the given amount of hours.
|
|
|
|
|
///
|
|
|
|
|
/// If the resulting number of seconds does not fit in a [`u32`], [`Duration32::MAX`] is
|
|
|
|
|
/// returned.
|
|
|
|
|
pub const fn from_hours(hours: u32) -> Self {
|
|
|
|
|
Duration32::from_minutes(hours.saturating_mul(60))
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-10 15:51:22 -08:00
|
|
|
/// Creates a new [`Duration32`] to represent the given amount of days.
|
|
|
|
|
///
|
|
|
|
|
/// If the resulting number of seconds does not fit in a [`u32`], [`Duration32::MAX`] is
|
|
|
|
|
/// returned.
|
|
|
|
|
pub const fn from_days(days: u32) -> Self {
|
|
|
|
|
Duration32::from_hours(days.saturating_mul(24))
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Returns the number of seconds in this duration.
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
pub fn seconds(&self) -> u32 {
|
|
|
|
|
self.seconds
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the equivalent [`chrono::Duration`].
|
|
|
|
|
pub fn to_chrono(self) -> chrono::Duration {
|
|
|
|
|
self.into()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns the equivalent [`std::time::Duration`].
|
|
|
|
|
pub fn to_std(self) -> std::time::Duration {
|
|
|
|
|
self.into()
|
|
|
|
|
}
|
2021-06-21 19:16:59 -07:00
|
|
|
|
|
|
|
|
/// Returns a duration that is `duration` longer than this duration.
|
|
|
|
|
/// If the calculation overflows, returns `None`.
|
|
|
|
|
pub fn checked_add(&self, duration: Duration32) -> Option<Duration32> {
|
|
|
|
|
self.seconds
|
|
|
|
|
.checked_add(duration.seconds)
|
|
|
|
|
.map(Duration32::from)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns a duration that is `duration` longer than this duration.
|
|
|
|
|
/// If the calculation overflows, returns `Duration32::MAX`.
|
|
|
|
|
pub fn saturating_add(&self, duration: Duration32) -> Duration32 {
|
|
|
|
|
Duration32::from(self.seconds.saturating_add(duration.seconds))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns a duration that is `duration` shorter than this duration.
|
|
|
|
|
/// If the calculation underflows, returns `None`.
|
|
|
|
|
pub fn checked_sub(&self, duration: Duration32) -> Option<Duration32> {
|
|
|
|
|
self.seconds
|
|
|
|
|
.checked_sub(duration.seconds)
|
|
|
|
|
.map(Duration32::from)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Returns a duration that is `duration` shorter than this duration.
|
|
|
|
|
/// If the calculation underflows, returns `Duration32::MIN`.
|
|
|
|
|
pub fn saturating_sub(&self, duration: Duration32) -> Duration32 {
|
|
|
|
|
Duration32::from(self.seconds.saturating_sub(duration.seconds))
|
|
|
|
|
}
|
2021-05-30 19:52:34 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl fmt::Debug for DateTime32 {
|
|
|
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
|
|
|
f.debug_struct("DateTime32")
|
|
|
|
|
.field("timestamp", &self.timestamp)
|
|
|
|
|
.field("calendar", &chrono::DateTime::<Utc>::from(*self))
|
|
|
|
|
.finish()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
impl fmt::Debug for Duration32 {
|
|
|
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
|
|
|
f.debug_struct("Duration32")
|
|
|
|
|
.field("seconds", &self.seconds)
|
|
|
|
|
.field("calendar", &chrono::Duration::from(*self))
|
|
|
|
|
.finish()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
impl From<u32> for DateTime32 {
|
|
|
|
|
fn from(value: u32) -> Self {
|
|
|
|
|
DateTime32 { timestamp: value }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<&u32> for DateTime32 {
|
|
|
|
|
fn from(value: &u32) -> Self {
|
|
|
|
|
(*value).into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<DateTime32> for chrono::DateTime<Utc> {
|
|
|
|
|
fn from(value: DateTime32) -> Self {
|
|
|
|
|
// chrono::DateTime is guaranteed to hold 32-bit values
|
|
|
|
|
Utc.timestamp(value.timestamp.into(), 0)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<&DateTime32> for chrono::DateTime<Utc> {
|
|
|
|
|
fn from(value: &DateTime32) -> Self {
|
|
|
|
|
(*value).into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
impl From<u32> for Duration32 {
|
|
|
|
|
fn from(value: u32) -> Self {
|
|
|
|
|
Duration32 { seconds: value }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<&u32> for Duration32 {
|
|
|
|
|
fn from(value: &u32) -> Self {
|
|
|
|
|
(*value).into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<Duration32> for chrono::Duration {
|
|
|
|
|
fn from(value: Duration32) -> Self {
|
|
|
|
|
// chrono::Duration is guaranteed to hold 32-bit values
|
|
|
|
|
chrono::Duration::seconds(value.seconds.into())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<&Duration32> for chrono::Duration {
|
|
|
|
|
fn from(value: &Duration32) -> Self {
|
|
|
|
|
(*value).into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<Duration32> for std::time::Duration {
|
|
|
|
|
fn from(value: Duration32) -> Self {
|
|
|
|
|
// std::time::Duration is guaranteed to hold 32-bit values
|
|
|
|
|
std::time::Duration::from_secs(value.seconds.into())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<&Duration32> for std::time::Duration {
|
|
|
|
|
fn from(value: &Duration32) -> Self {
|
|
|
|
|
(*value).into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
impl TryFrom<chrono::DateTime<Utc>> for DateTime32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`chrono::DateTime`] to a [`DateTime32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds since the UNIX epoch is outside the `u32` range.
|
2021-05-30 19:52:34 -07:00
|
|
|
fn try_from(value: chrono::DateTime<Utc>) -> Result<Self, Self::Error> {
|
|
|
|
|
Ok(Self {
|
|
|
|
|
timestamp: value.timestamp().try_into()?,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl TryFrom<&chrono::DateTime<Utc>> for DateTime32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`chrono::DateTime`] to a [`DateTime32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds since the UNIX epoch is outside the `u32` range.
|
2021-05-30 19:52:34 -07:00
|
|
|
fn try_from(value: &chrono::DateTime<Utc>) -> Result<Self, Self::Error> {
|
|
|
|
|
(*value).try_into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
impl TryFrom<chrono::Duration> for Duration32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`chrono::Duration`] to a [`Duration32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds since the UNIX epoch is outside the `u32` range.
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
fn try_from(value: chrono::Duration) -> Result<Self, Self::Error> {
|
|
|
|
|
Ok(Self {
|
|
|
|
|
seconds: value.num_seconds().try_into()?,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl TryFrom<&chrono::Duration> for Duration32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`chrono::Duration`] to a [`Duration32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds in the duration is outside the `u32` range.
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
fn try_from(value: &chrono::Duration) -> Result<Self, Self::Error> {
|
|
|
|
|
(*value).try_into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl TryFrom<std::time::Duration> for Duration32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`std::time::Duration`] to a [`Duration32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds in the duration is outside the `u32` range.
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
fn try_from(value: std::time::Duration) -> Result<Self, Self::Error> {
|
|
|
|
|
Ok(Self {
|
|
|
|
|
seconds: value.as_secs().try_into()?,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl TryFrom<&std::time::Duration> for Duration32 {
|
|
|
|
|
type Error = TryFromIntError;
|
|
|
|
|
|
|
|
|
|
/// Convert from a [`std::time::Duration`] to a [`Duration32`], discarding any nanoseconds.
|
|
|
|
|
///
|
2021-06-21 19:16:59 -07:00
|
|
|
/// Conversion fails if the number of seconds in the duration is outside the `u32` range.
|
Security: Limit reconnection rate to individual peers (#2275)
* Security: Limit reconnection rate to individual peers
Reconnection Rate
Limit the reconnection rate to each individual peer by applying the
liveness cutoff to the attempt, responded, and failure time fields.
If any field is recent, the peer is skipped.
The new liveness cutoff skips any peers that have recently been attempted
or failed. (Previously, the liveness check was only applied if the peer
was in the `Responded` state, which could lead to repeated retries of
`Failed` peers, particularly in small address books.)
Reconnection Order
Zebra prefers more useful peer states, then the earliest attempted,
failed, and responded times, then the most recent gossiped last seen
times.
Before this change, Zebra took the most recent time in all the peer time
fields, and used that time for liveness and ordering. This led to
confusion between trusted and untrusted data, and success and failure
times.
Unlike the previous order, the new order:
- tries all peers in each state, before re-trying any peer in that state,
and
- only checks the the gossiped untrusted last seen time
if all other times are equal.
* Preserve the later time if changes arrive out of order
* Update CandidateSet::next documentation
* Update CandidateSet state diagram
* Fix variant names in comments
* Explain why timestamps can be left out of MetaAddrChanges
* Add a simple test for the individual peer retry limit
* Only generate valid Arbitrary PeerServices values
* Add an individual peer retry limit AddressBook and CandidateSet test
* Stop deleting recently live addresses from the address book
If we delete recently live addresses from the address book, we can get a
new entry for them, and reconnect too rapidly.
* Rename functions to match similar tokio API
* Fix docs for service sorting
* Clarify a comment
* Cleanup a variable and comments
* Remove blank lines in the CandidateSet state diagram
* Add a multi-peer proptest that checks outbound attempt fairness
* Fix a comment typo
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
* Simplify time maths in MetaAddr
* Create a Duration32 type to simplify calculations and comparisons
* Rename variables for clarity
* Split a string constant into multiple lines
* Make constants match rustdoc order
Co-authored-by: Janito Vaqueiro Ferreira Filho <janito.vff@gmail.com>
2021-06-18 05:30:44 -07:00
|
|
|
fn try_from(value: &std::time::Duration) -> Result<Self, Self::Error> {
|
|
|
|
|
(*value).try_into()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-30 19:52:34 -07:00
|
|
|
impl ZcashSerialize for DateTime32 {
|
|
|
|
|
fn zcash_serialize<W: std::io::Write>(&self, mut writer: W) -> Result<(), std::io::Error> {
|
|
|
|
|
writer.write_u32::<LittleEndian>(self.timestamp)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl ZcashDeserialize for DateTime32 {
|
|
|
|
|
fn zcash_deserialize<R: std::io::Read>(mut reader: R) -> Result<Self, SerializationError> {
|
|
|
|
|
Ok(DateTime32 {
|
|
|
|
|
timestamp: reader.read_u32::<LittleEndian>()?,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
