security protocol ordering preference broken #1906

marten-seemann · 2022-11-20T05:13:32Z

Since fx groups don't provide ordering (see https://pkg.go.dev/go.uber.org/fx#hdr-Value_Groups), we end up not adhering to the ordering of the configured security protocols.

We need to:

fix this bug
add an integration test

This is a blocker for the v0.24.0 release.

vyzo · 2022-11-20T09:26:04Z

fx.... lol.

marten-seemann · 2022-11-20T09:52:52Z

@vyzo Enjoy your told-you-so moment.

The fact that we didn't have any tests for security protocol selection is the real culprit here, as I see it.

vyzo · 2022-11-20T11:25:54Z

it was a small triumph :)

marten-seemann added kind/bug A bug in existing code (including security flaws) P0 Critical: Tackled by core team ASAP labels Nov 20, 2022

marten-seemann self-assigned this Nov 20, 2022

This was referenced Nov 20, 2022

go-libp2p v0.24 #1766

Closed

expose the security protocol on the ConnectionState #1907

Merged

respect the user's security protocol preference order #1908

Closed

marten-seemann mentioned this issue Nov 21, 2022

respect the user's security protocol preference order #1912

Merged

marten-seemann closed this as completed in #1912 Nov 21, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security protocol ordering preference broken #1906

security protocol ordering preference broken #1906

marten-seemann commented Nov 20, 2022 •

edited

Loading

vyzo commented Nov 20, 2022

marten-seemann commented Nov 20, 2022

vyzo commented Nov 20, 2022

security protocol ordering preference broken #1906

security protocol ordering preference broken #1906

Comments

marten-seemann commented Nov 20, 2022 • edited Loading

vyzo commented Nov 20, 2022

marten-seemann commented Nov 20, 2022

vyzo commented Nov 20, 2022

marten-seemann commented Nov 20, 2022 •

edited

Loading