Test AddressIterator for the absence of panics, nil addresses, and empty
lists.
This fuzz test finds https://github.com/lightningnetwork/lnd/issues/7552
in seconds. No other panics found after 300+ CPU-hours of fuzzing.
In this commit, we add an Identifier method to the blob.Type struct
which returns a unique identifier for a given blob type. This identifier
is then used for initialising the disk overflow queue of the given
client.
In this commit, a new generic DiskOverflowQueue implementation is added.
This allows a user to specify a maximum number of items that the queue
can hold in-memory. Any new items will then overflow to disk. The
producer and consumer of the queue items will interact with the queue
just like a normal in-memory queue.
This commit adds a test to the wtclient. The test demonstrates that if a
client tries to back up states while it has no active sessions with a
server then those updates are accumlated in memory and lost on restart.
This will be fixed in upcoming commits.
Lock the `backupMu` when accessing `c.chanCommitHeights` in the `New`
function. It is not strictly necessary right now but good to add it so
that there is no accidental oversight if the `perUpdate` method is ever
extracted and reused in future.
Since the retrubution info of a backup task is now only constructed at
the time that the task is being bound to a session, the in-memory queue
only needs to carry the BackupID of the task.
Since the TowerClient now has a callback that it can use to retrieve the
retribution for a certain channel and commit height, let it use this
call back instead of requiring the info to be passed to it through
BackupState.
In this commit, a new BuildBreachRetribution callback is added to the
tower client's Config struct. The main LND server provides the client
with an implementation of the callback.
If the tower returns CreateSessionCodeAlreadyExists in response to the
CreateSession message from the client, then skip forward a few key
indices until we find one that the server does not return the error
for. This will allow a client to recover after a data loss incident.
This commit adds a forceNext boolean parameter to NextSessionKeyIndex.
Setting this param to true will force the index to cycle over 1000 key
indices before returning the new key.
In this commit, a test is added to demonstrate how clients can end up
getting the StateUpdateCodeClientBehind error from a tower server. This
can happen if a client ever deletes their db. If they do this then the
sessions they create with the tower will have the same IDs as the
sessions created in the now deleted db. This is because the session keys
(and thus session IDs) are calculated deterministically from a counter
(which is reset if the db is deleted). The tower server then throws this
error because the client would say that the sequence ID is 1 for the
next update.
Ensure that calling Next twice in a row without first calling Reset is
safe when the iterator is at the end of its list. Also alter the
towerListIterator to call Reset after hitting an error on Next.
This commit adds a test that shows that it is possible to cause the
AddressIterator to panic if the `Next` method is ever called twice when
the iterator is at the end of its list without Reset first being called.
In this commit, a new `ExhaustedSessionFilter` function is added and
used as a PostEvalFilterFn used when loading sessions from the DB. It
allows us to not unnecessarily load exhausted sessions into memory for
areas of the code where they will not be needed.
In this commit, a PreEvaluateFilterFn option is added to the
wtdb.ClientSessionListCfg and it is used instead of a separate
ClientSessionFilterFn parameter. This neatens quiet a few function
signatures.
This commit adds a deleteSessionFromTower method which can be used to
dial the tower that we created a given session with and then sends that
tower the DeleteSession method.
In this commit, a thread-safe min-heap is implemented. It will carry
sessionCloseItems which carry a sessionID and a block height at which
the session should be closed.
This commit adds a new ListClosableSessions method to the tower client
DB. This method will return a map of sessionIDs to block heights. The
IDs belong to sessions that are considered closable and the block
heights are the block height at which the last associated channel for
the session was closed in.
This commit adds a `MarkChannelClosed` method to the tower client DB.
This function can be called when a channel is closed and it will
check the channel's associated sessions to see if any of them are
"closable". Any closable sessions are added to a new
`cClosableSessionsBkt` bucket so that they can be evaluated in future.
Note that only the logic for this function is added in this commit and
it is not yet called.
In this commit, a new ClientSessionFilterFn parameter is added to the
DB's ListClientSession method which can be used to allow the caller to
specify a filter function for filtering sessions read from the DB.
Currently all filtering of sessions are done after the sessions have
been read from the DB, so adding this option should provide some
efficiency.
In this commit, a migration is done that takes all the AckedUpdates of
all sessions and stores them in the RangeIndex pattern instead and
deletes the session's old AckedUpdates bucket. All the logic in the code
is also updates in order to write and read from this new structure.
In this commit, the bug demonstrated in the previous commit is fixed.
The locking capabilities of the AddressIterator are used to lock
addresses if they are being used for session negotiation. So now, when a
request comes through to remove a tower address then a check is first
done to ensure that the address is not currently in use. If it is not,
then the request can go through.
In this commit, a new test is added to demonstrate that an error is
thrown if a user attempts to remove a tower during session negotiation
even if no current negotiation is taking place with the tower.
This commit upgrades the wtclient package to make use of the new
`AddressIterator`. It does so by first creating new `Tower` and
`ClientSession` types. The new `Tower` type has an `AddressIterator`
instead of a list of addresses. The `ClientSession` type contains a
`Tower`.
In this commit, a new AddressIterator type is added. It is a type that
can be used to iterate over a list of addresses. It strictly disallows
the list of addresses it holds to be empty. It also allows callers to
place locks on certain addresses in order to prevent other callers from
removing the addresses in question from the iterator.
In this commit, a test is added to demonstrate that if a client tries to
update the address of a tower for an active tower session, then this new
address will not be used until the client restarts. This is a bug that
will be fixed in a future commit.
This commit is a step towards prepping the watchtower client test
harness to be able to handle the case where the client connects to
multiple mock servers.
