Only allow message_bridge to connect with matching config sha256
We've been seeing a ton of crashes becasue the config doesn't match, and
a node is out of range, or the client is asking for a channel which
doesn't exist. Honestly, there is no real use case at this point in
time for accepting connections from clients who aren't running the same
code. We can't read the logs if we were to allow it, and the effort
required to support that is massive. We'll probably run into send too
fast issues, would run into flatbuffer version problems (maybe), and all
sorts of other problems. The cost to reward ratio doesn't work.
So, as part of connecting, send the sha256 sum of the config. The
server will disconnect any clients who don't have a matching config, and
increment a counter in the status message.
Change-Id: I99520713efc644252f2c7cf5dc53720c4fc19974
Signed-off-by: Austin Schuh <austin.schuh@bluerivertech.com>
diff --git a/aos/network/message_bridge_server.fbs b/aos/network/message_bridge_server.fbs
index 031f801..30017c4 100644
--- a/aos/network/message_bridge_server.fbs
+++ b/aos/network/message_bridge_server.fbs
@@ -41,6 +41,10 @@
// Number of times we've established a connection to the server.
connection_count:uint (id: 8);
+
+ // Number of times we've had an invalid connection with something wrong in
+ // the connection message, but we were able to match which node it was.
+ invalid_connection_count:uint (id: 9);
}
// Statistics for all connections to all the clients.
@@ -49,6 +53,11 @@
// Count of timestamp send failures
timestamp_send_failures:uint64 (id: 1);
+
+ // Number of times we've had an invalid connection with something wrong in
+ // the connection message. The most likely cause is that the config sha256
+ // doesn't match between nodes.
+ invalid_connection_count:uint (id: 2);
}
root_type ServerStatistics;