alkdev/reverse-proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
159eeda266b09be8dad9549588656d1475559ddf
reverse-proxy/tasks/fix/remove-dead-code-remnants.md
glm-5.1 54f1725173 Decompose security review #003 findings into 17 fix tasks and 1 review task 
Address 4 critical, 8 warning, and 5 suggestion findings from the
security and bug review by creating atomic, dependency-ordered tasks:

Critical fixes (C1-C4): rate limiter IP source (ADR-025), InFlightCounter
increment + drain interval, connector timeout ceiling (ADR-026), JSON format
without log file.

Validation tightening (W1, W2): upstream host validation, ACME contact email
validation.

Robustness (W3, W4, W5, W12): upstream URI error handling (502 not silent
drop), admin socket resource limits (ADR-027), TlsMode wildcard mismatch,
http_port u32→u16.

Code quality (W6, W10, W11, S1, S3, W8/W9): config type consolidation,
TokenBucket field visibility, reload_mutex #[cfg(test)], dead code removal,
root cert count logging, misleading test names.

Test coverage (S10): rate limiter ConnectInfo tests (depends on C1 fix).

Review: post-security-fix-review checkpoint covering all critical fixes
and sensitive config consolidation path.
2026-06-12 13:42:37 +00:00

4.2 KiB
Raw Blame History

id, name, status, depends_on, scope, risk, impact, level, review_findings
id name status depends_on scope risk impact level review_findings
fix/remove-dead-code-remnants Remove dead code items identified in security review pending
narrow trivial component implementation
S1

Description

Security review #003 identifies the following dead code items that survived the previous fix/clean-dead-code task. These items are defined but never called in production code:

Item File Note
log_rate_limit! macro src/logging/format.rs:72-83 Rate limiter uses warn! directly
log_config_reload! macro src/logging/format.rs:97-106 Reload uses info!/warn! directly
format_event_fields() src/logging/format.rs:50-54 Never called
ProxyError::PayloadTooLarge src/proxy/error.rs:12 Body limit returns tuple directly
ProxyError::NotFound src/proxy/error.rs:20 Code uses UnknownHost instead
ProxyError::BadRequest src/proxy/error.rs:22 Code uses MissingHost instead
ProxyError::UpstreamTls src/proxy/error.rs:28 Never constructed
build_multi_domain_server_config() src/tls/config.rs:78-102 Never called
SniCertResolver src/tls/config.rs:104-126 Only used by above
AcmeTlsConfig::directory_url() src/tls/acme.rs:53-59 Only used in tests

Changes Required

For each item, either wire it up (if it should be used) or remove it:

Logging macros (src/logging/format.rs):

  • log_rate_limit!: The rate limiter middleware now uses warn! directly. Remove the macro and its test invocation in log_macros_compile.
  • log_config_reload!: The admin socket reload uses info!/warn! directly. Remove the macro and its test invocation.
  • format_event_fields(): Never called externally. Remove it.

ProxyError variants (src/proxy/error.rs):

  • PayloadTooLarge: Not used by body limit middleware (returns tuple directly). Keep for now with a comment explaining it's reserved for future use, OR remove if no plan to use it. The #[non_exhaustive] attribute means removing a variant is not a breaking change for external consumers.
  • NotFound: Superseded by UnknownHost. Remove and update status_code() and body() match arms.
  • BadRequest: Superseded by MissingHost. Remove and update match arms.
  • UpstreamTls: Never constructed. Remove and update match arms.
  • Update unit tests that reference removed variants.

TLS dead code (src/tls/config.rs, src/tls/acme.rs):

  • build_multi_domain_server_config(): Remove function.
  • SniCertResolver: Remove struct and impl (only used by above function).
  • AcmeTlsConfig::directory_url(): Check if it's used in tests. If only in tests, gate with #[cfg(test)]. If truly unused, remove.

Test helpers (tests/helpers/http_test_helper.rs):

  • TestUpstream::url(), TestUpstream::upstream_addr(): Currently annotated #[allow(dead_code)]. If not used in any test, remove. If used, remove the #[allow(dead_code)] annotation.

Acceptance Criteria

  • log_rate_limit! and log_config_reload! macros removed
  • format_event_fields() removed
  • Unused ProxyError variants removed (NotFound, BadRequest, UpstreamTls)
  • PayloadTooLarge either removed or documented with a TODO comment
  • build_multi_domain_server_config() and SniCertResolver removed
  • directory_url() either #[cfg(test)]-gated or removed
  • Dead test helper methods removed or #[allow(dead_code)] removed
  • All match arms in ProxyError methods updated for removed variants
  • All unit tests updated for removed variants
  • cargo test passes
  • cargo clippy passes with no warnings

References

  • docs/reviews/003-security-and-bug-review.md — S1 finding
  • src/logging/format.rs — dead macros and function
  • src/proxy/error.rs — unused ProxyError variants
  • src/tls/config.rs — dead TLS functions
  • src/tls/acme.rs — directory_url method
  • tests/helpers/http_test_helper.rs — dead_code-annotated helpers

Notes

The previous fix/clean-dead-code task added #[non_exhaustive] and removed some dead code. This task addresses the items that survived that round or were newly identified in review #003.

Summary

To be filled on completion

Reference in New Issue View Git Blame Copy Permalink