Only allow message_bridge to connect with matching config sha256
We've been seeing a ton of crashes becasue the config doesn't match, and
a node is out of range, or the client is asking for a channel which
doesn't exist. Honestly, there is no real use case at this point in
time for accepting connections from clients who aren't running the same
code. We can't read the logs if we were to allow it, and the effort
required to support that is massive. We'll probably run into send too
fast issues, would run into flatbuffer version problems (maybe), and all
sorts of other problems. The cost to reward ratio doesn't work.
So, as part of connecting, send the sha256 sum of the config. The
server will disconnect any clients who don't have a matching config, and
increment a counter in the status message.
Change-Id: I99520713efc644252f2c7cf5dc53720c4fc19974
Signed-off-by: Austin Schuh <austin.schuh@bluerivertech.com>
diff --git a/aos/network/message_bridge_server.cc b/aos/network/message_bridge_server.cc
index 3b5d30b..ec3cdc4 100644
--- a/aos/network/message_bridge_server.cc
+++ b/aos/network/message_bridge_server.cc
@@ -2,6 +2,7 @@
#include "aos/init.h"
#include "aos/logging/dynamic_logging.h"
#include "aos/network/message_bridge_server_lib.h"
+#include "aos/sha256.h"
#include "gflags/gflags.h"
#include "glog/logging.h"
@@ -20,7 +21,7 @@
event_loop.SetRuntimeRealtimePriority(FLAGS_rt_priority);
}
- MessageBridgeServer app(&event_loop);
+ MessageBridgeServer app(&event_loop, Sha256(config.span()));
logging::DynamicLogging dynamic_logging(&event_loop);