Added PubSub.Join(topic) that returns a Topic object. This object can be Subscribed and Published to as well as to get a TopicEventHandler for topic events. This means that the Subscription object will no longer handle PeerEvents and that PubSub's Publish and Subscribe functions are deprecated.
As the adversary has turned of signature verification, we should expect
to see two messages (the correctly signed and the incorrectly signed
one) when we publish. Those that have verification on, should only see
one.
Test the case where an adversarial peer signs a message with a key they
didn't originally register with. First, we test that an adversarial peer
will allow the message to pass through validation as they turn off
strict verification (putting themselves at risk), but an honest peer
with strict verification on will never see the message!
Previously, there was no non-breaking upgrade path to enable message signing by
default while still providing a way to disable it. This patch breaks the options
into:
1. WithMessageSigning - actually enable message signing.
2. WithStrictSignatureVerification - enforce strict signature verification.
3. WithMessageAuthor - set the message author (independent of signing).
Now, users can explicitly set all three options and any changes we make to the
defaults will never override these explicit settings.
This patch *also* enables *signing* by default but not strict signature
verification. We obviously can't enable verification by default yet but I see no
reason not to enable signing. Basically, we're either hurting performance or
security by default. Security issues are generally only noticed once it's too
late. Performance issues can be caught ahead of time.
- make validators time out after 100ms
- add context param to validator functions
- add type Validator func(context.Context, *Message) bool
- drop message if more than 10 messages are already being validated
Adin Schmahmann
Raúl Kripalani
Raghav Gulati
vyzo
Steven Allen
Kevin Atkinson
Erin Swenson-Healey
keks