Skip to content

ts_tunnel: cleanup expired sessions that no longer receive traffic#264

Open
danderson wants to merge 1 commit into
mainfrom
push-qsxnrnvrwwlu
Open

ts_tunnel: cleanup expired sessions that no longer receive traffic#264
danderson wants to merge 1 commit into
mainfrom
push-qsxnrnvrwwlu

Conversation

@danderson

Copy link
Copy Markdown
Member

Updates #17

Change-Id: I972c8c4833e5b2930462dba2487e15cc6a6a6964

Updates #17

Signed-off-by: David Anderson <[email protected]>
Change-Id: I972c8c4833e5b2930462dba2487e15cc6a6a6964

@nrc nrc left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, a bunch of tiny and optional suggestions inline, none of them are very important.

Comment thread ts_tunnel/src/endpoint.rs
self.session_cleanup = Some(endpoint.scheduler.add(
TimeRange::new(expiry, expiry + SESSION_CLEANUP_GRACE),
Event::ExpireSession(self.id),
));

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: this repeated code could be factored out since it is computing timeouts it seems like code which could get out of sync. Only two cases, so borderline though

Comment thread ts_tunnel/src/session.rs

/// Grace time for cleaning up a session that has exceeded [`SESSION_LIFETIME`].
///
/// Once a session has expired, we need to delete it key material to ensure forward secrecy

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
/// Once a session has expired, we need to delete it key material to ensure forward secrecy
/// Once a session has expired, we need to delete its key material to ensure forward secrecy

Comment thread ts_tunnel/src/session.rs

pub fn expired(&self, now: Instant) -> bool {
now.duration_since(self.created) > Duration::from_secs(240) // TODO: constants
now.duration_since(self.created) > SESSION_LIFETIME

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: the tests could use the constants +/- a delta

Comment thread ts_tunnel/src/session.rs
/// Endpoints start a new handshake to rotate onto fresh session keys once a session
/// has been alive for this long, if it's still exchanging traffic. The session can
/// continue to be used while the rotation handshake proceeds, up to [`SESSION_LIFETIME`].
pub const SESSION_FRESH_LIFETIME: Duration = Duration::from_secs(120);

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

COOKIE_ROTATION_TIME (in ts_tunnel/src/macs.rs) is also 120 seconds, should these be a single const or is it just coincidence?

Comment thread ts_tunnel/src/endpoint.rs
}
}

fn expire_sessions(&mut self, endpoint: &mut EndpointState) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if this function should be used in get_recv to avoid duplicating the 'is session expired' logic? Not sure exactly how that would work, maybe as simple as calling this function from there then assuming things are not expired?

Comment thread ts_tunnel/src/endpoint.rs
{
recv_prev
.take()
.inspect(|recv_prev| endpoint.ids.remove_session(recv_prev.id()));

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This idiom is used a few times and might be worth factoring out, not sure if it can be done nicely or if it is worthwhile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants