From 0b4aebbc24369d9254b2621cec68531974c8275f Mon Sep 17 00:00:00 2001 From: mbecker20 Date: Wed, 8 Oct 2025 02:32:52 -0700 Subject: [PATCH] periphery refresh panics if server_enabled, and core public key fails to parse. --- bin/periphery/src/connection/mod.rs | 36 ++++++++++++++++++----------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/bin/periphery/src/connection/mod.rs b/bin/periphery/src/connection/mod.rs index 60e37eb57..be82dee7c 100644 --- a/bin/periphery/src/connection/mod.rs +++ b/bin/periphery/src/connection/mod.rs @@ -60,28 +60,38 @@ impl CorePublicKeys { } pub fn refresh(&self) { - let Some(core_public_keys) = - periphery_config().core_public_keys.as_ref() + let config = periphery_config(); + let Some(core_public_keys) = config.core_public_keys.as_ref() else { return; }; let core_public_keys = core_public_keys .iter() .flat_map(|public_key| { - let maybe_pem = + let res = || { if let Some(path) = public_key.strip_prefix("file:") { - read_to_string(path) - .with_context(|| { + let contents = + read_to_string(path).with_context(|| { format!("Failed to read public key at {path:?}") - }) - .inspect_err(|e| warn!("{e:#}")) - .ok()? + })?; + SpkiPublicKey::from_maybe_pem(&contents) } else { - public_key.clone() - }; - SpkiPublicKey::from_maybe_pem(&maybe_pem) - .inspect_err(|e| warn!("{e:#}")) - .ok() + SpkiPublicKey::from_maybe_pem(&public_key) + } + }; + match (res(), config.server_enabled) { + (Ok(public_key), _) => Some(public_key), + (Err(e), false) => { + // If only outbound connections, only warn. + // It will be written the next time `RotateCoreKeys` is executed. + warn!("{e:#}"); + None + } + (Err(e), true) => { + // This is too dangerous to allow if server_enabled. + panic!("{e:#}"); + } + } }) .collect::>(); self.0.store(Arc::new(core_public_keys));