alkdev/reverse-proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
54f1725173655e82d04806e181b63b7dd67b92ef
reverse-proxy/tasks/fix/admin-socket-reload-mutex-visibility.md
glm-5.1 54f1725173 Decompose security review #003 findings into 17 fix tasks and 1 review task 
Address 4 critical, 8 warning, and 5 suggestion findings from the
security and bug review by creating atomic, dependency-ordered tasks:

Critical fixes (C1-C4): rate limiter IP source (ADR-025), InFlightCounter
increment + drain interval, connector timeout ceiling (ADR-026), JSON format
without log file.

Validation tightening (W1, W2): upstream host validation, ACME contact email
validation.

Robustness (W3, W4, W5, W12): upstream URI error handling (502 not silent
drop), admin socket resource limits (ADR-027), TlsMode wildcard mismatch,
http_port u32→u16.

Code quality (W6, W10, W11, S1, S3, W8/W9): config type consolidation,
TokenBucket field visibility, reload_mutex #[cfg(test)], dead code removal,
root cert count logging, misleading test names.

Test coverage (S10): rate limiter ConnectInfo tests (depends on C1 fix).

Review: post-security-fix-review checkpoint covering all critical fixes
and sensitive config consolidation path.
2026-06-12 13:42:37 +00:00

1.5 KiB
Raw Blame History

id, name, status, depends_on, scope, risk, impact, level, review_findings
id name status depends_on scope risk impact level review_findings
fix/admin-socket-reload-mutex-visibility Gate AdminSocket::reload_mutex with pending
single trivial isolated implementation
W11

Description

AdminSocket::reload_mutex() is a public method that exists solely for the test_reload_serialized_with_mutex test. It exposes an internal synchronization primitive, and the test acquires the mutex before sending a reload command — coupling the test to implementation details.

Changes Required

src/admin/socket.rs:

  • Gate reload_mutex() with #[cfg(test)]: 
    #[cfg(test)]
pub fn reload_mutex(&self) -> Arc<Mutex<()>> {
    self.reload_mutex.clone()
}
  • The existing test test_reload_serialized_with_mutex already uses this method, so it will continue to work.

Acceptance Criteria

  • reload_mutex() is only available in test builds (#[cfg(test)])
  • The test_reload_serialized_with_mutex test still compiles and passes
  • cargo clippy passes with no warnings in non-test build

References

  • docs/reviews/003-security-and-bug-review.md — W11 finding
  • src/admin/socket.rs — AdminSocket::reload_mutex(), test

Notes

The review suggests alternatively removing the method entirely and testing serialization through observable behavior. For Phase 1, gating with #[cfg(test)] is the simpler fix that preserves the existing test.

Summary

To be filled on completion

Reference in New Issue View Git Blame Copy Permalink