Issue #8325 has been updated by R.I. Pienaar. Status changed from Accepted to Closed
http://git.io/Z9U_cA 11 files changed, 76 insertions(+), 18 deletions(-) ---------------------------------------- Feature #8325: A default TTL should be supported https://projects.puppetlabs.com/issues/8325 Author: R.I. Pienaar Status: Closed Priority: Normal Assignee: R.I. Pienaar Category: Core Target version: 1.3.x Keywords: Branch: ripienaar/feature/master/8325 Affected mCollective version: There should be a default TTL on messages and broadcast ones should have a TTL of less than a minute. This will mean clocks need to be in sync so should have the option of disabling it - but on by default. This is to assist in avoiding message replay attacks and to defend against bad middleware setups that cause duplicate messages - like meshed networks with bad maximum hop configurations. We should also create a in-memory capped array that tracks seen messages and ignore already seen messages. This won't be the be-all of replay protection as messages with say a month TTL will not be noticed as dupes but we can later expand this when the basic tracking of IDs are in the code. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
