fix: bound ipns caching and validate lifetimes#11349
Open
lidel wants to merge 2 commits into
Open
Conversation
Bumps github.com/ipfs/boxo to the tip of fix/ipns-cache-control-expiry (55fd621d1872) to exercise the IPNS cache-control/TTL/EOL fixes from ipfs/boxo#1166. Root, docs/examples, and test/dependencies modules tidied via make mod_tidy. Signed-off-by: Marcin Rataj <lidel@lidel.org>
lidel
changed the title
ipfs name publish now sanitizes its duration flags instead of emitting a record that fails verification later: a non-positive --lifetime and a negative --ttl are rejected, an explicit --ttl over --lifetime is rejected, and an omitted --ttl is capped to --lifetime. The --lifetime and --ttl defaults are applied server-side so an explicit value is distinguishable from the default. The daemon also refuses to start when Ipns.RecordLifetime is shorter than Ipns.RepublishPeriod, which would let records expire before they are republished. Signed-off-by: Marcin Rataj <lidel@lidel.org>
lidel
force-pushed
the
bump-boxo-ipns-cache-control
branch
from
ca0361e to
2e14dcb
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
IPNS responses could be reused past a record's validity, and
ipfs name publishaccepted self-defeating settings. A cache (CDN, browser, Helia) could serve a record whose signature had already expired, which validating clients reject as sporadic 500s;ipfs name publishtook a non-positive--lifetime, a negative--ttl, or a--ttllonger than--lifetime; and a republisher withIpns.RecordLifetimeshorter thanIpns.RepublishPeriodlet records expire before the next cycle, leaving names unresolvable.Fix
github.com/ipfs/boxoto fix: bound ipns cache-control to record eol boxo#1166: IPNSmax-age/TTL is capped to the record's remaining EOL validity across the gateway, routing/v1, and namesys (resolver + cache).ipfs name publishrejects a non-positive--lifetimeand a negative--ttl; an explicit--ttlover--lifetimeis rejected, while an omitted--ttlis capped to--lifetime.Ipns.RecordLifetime < Ipns.RepublishPeriod.No cache reuses an IPNS response past the record's EOL, and
ipfs name publishcan no longer mint a record with an invalid lifetime or a TTL that outlives it.TODO