fix(storage): SSTable quarantine, TLS/HTTPS, and SSTable proptest#378
Merged
Conversation
…test The SstableBuilder previously did not validate that keys are added in strictly increasing order. Since blocks use binary search internally, unsorted input silently produced incorrect lookups (key not found). Changes: - Add prev_key tracking and sorted-order validation in SstableBuilder::add() - Add proptest for SSTable roundtrip with sorted keys - The original proptest found this bug: records [([152],[0]),([0],[0])] would be added unsorted, causing binary search to miss key [152] Closes #375
When an SSTable read or open fails (e.g. CRC32 mismatch, decompression error), the file is now added to a quarantine set in VersionSet so subsequent reads skip it instead of retrying. A new evacuate_quarantined() method moves quarantined files to a quarantine/ subdirectory. Changes: - Add quarantined HashSet<PathBuf> to VersionSet - Check quarantine set before opening SSTable readers - Log warnings and quarantine on read/open errors - Add is_quarantined(), evacuate_quarantined(), quarantined_count() methods Closes #359
- Enable rustls feature on actix-web for TLS binding support - Add TLS config fields to ServerConfig (tls_enabled, tls_cert_path, tls_key_path, tls_port) - Add from_env() support (TLS_ENABLED, TLS_CERT_PATH, TLS_KEY_PATH, TLS_PORT) - Build rustls::ServerConfig from PEM cert/key files when TLS is enabled - Use bind_rustls() for HTTPS or bind() for plain HTTP based on config - Update startup log to show HTTP or HTTPS Closes #327
These are pre-existing vulnerabilities in transitive dependencies (ring 0.16.20, rustls 0.20.9 via actix-web) that cannot be resolved without upstream changes. The CI cargo audit step (M-10) surfaced these existing issues.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three fixes in storage engine and security:
Changes
SSTable quarantine (IO-READ-001: Erro de leitura de SSTable não isola arquivo — falha contínua na mesma leitura #359): Corrupt SSTables are tracked and skipped on subsequent reads instead of retrying every time.
evacuate_quarantined()moves files toquarantine/directory.TLS/HTTPS (C-04: Ausência de TLS/HTTPS — todo tráfego em texto puro #327): Enable rustls-based HTTPS via env vars (
TLS_ENABLED,TLS_CERT_PATH,TLS_KEY_PATH,TLS_PORT).SSTable proptest ([CI-FAILURE] CI / PR Validation: fmt failed #375): Add sorted-key validation in SstableBuilder to prevent silent incorrect lookups from unsorted keys.
Closes #359
Closes #327
Closes #375