Refactor self-connection handling and improve message processing

- Removed self-connection detection logic from the Listener and Server, simplifying the message handling process. - Updated the HandleMessage and handle-websocket functions to eliminate checks for self-connections, enhancing clarity and maintainability. - Adjusted AUTH challenge logic to focus solely on blacklisted IPs, streamlining connection management.
3 months ago · 15e2988222
5 changed files with 69 additions and 112 deletions
--- a/app/handle-message.go
+++ b/app/handle-message.go
@ -16,12 +16,6 @@ import (
				@@ -16,12 +16,6 @@ import (
 )

 func (l *Listener) HandleMessage(msg []byte, remote string) {
-	// Ignore all messages from self-connections
-	if l.isSelfConnection {
-		log.D.F("ignoring message from self-connection %s", remote)
-		return
-	}
-
 	// Handle blacklisted IPs - discard messages but keep connection open until timeout
 	if l.isBlacklisted {
 		// Check if timeout has been reached
--- a/app/handle-websocket.go
+++ b/app/handle-websocket.go
@ -88,12 +88,6 @@ whitelist:
				@@ -88,12 +88,6 @@ whitelist:
 		startTime: time.Now(),
 	}

-	// Detect self-connections early to avoid sending AUTH challenges
-	listener.isSelfConnection = s.isSelfConnection(remote)
-	if listener.isSelfConnection {
-		log.W.F("detected self-connection from %s, marking connection", remote)
-	}
-
 	// Check for blacklisted IPs
 	listener.isBlacklisted = s.isIPBlacklisted(remote)
 	if listener.isBlacklisted {
@ -103,7 +97,7 @@ whitelist:
				@@ -103,7 +97,7 @@ whitelist:
 	chal := make([]byte, 32)
 	rand.Read(chal)
 	listener.challenge.Store([]byte(hex.Enc(chal)))
-	if s.Config.ACLMode != "none" && !listener.isSelfConnection {
+	if s.Config.ACLMode != "none" {
 		log.D.F("sending AUTH challenge to %s", remote)
 		if err = authenvelope.NewChallengeWith(listener.challenge.Load()).
 			Write(listener); chk.E(err) {
@ -111,8 +105,6 @@ whitelist:
				@@ -111,8 +105,6 @@ whitelist:
 			return
 		}
 		log.D.F("AUTH challenge sent successfully to %s", remote)
-	} else if listener.isSelfConnection {
-		log.D.F("skipping AUTH challenge for self-connection from %s", remote)
 	}
 	ticker := time.NewTicker(DefaultPingWait)
 	go s.Pinger(ctx, conn, ticker, cancel)
--- a/app/listener.go
+++ b/app/listener.go
@ -24,7 +24,6 @@ type Listener struct {
				@@ -24,7 +24,6 @@ type Listener struct {
 	challenge        atomic.Bytes
 	authedPubkey     atomic.Bytes
 	startTime        time.Time
-	isSelfConnection bool      // Marker to identify self-connections
 	isBlacklisted    bool      // Marker to identify blacklisted IPs
 	blacklistTimeout time.Time // When to timeout blacklisted connections
 	// Diagnostics: per-connection counters
--- a/app/server.go
+++ b/app/server.go
@ -49,33 +49,6 @@ type Server struct {
				@@ -49,33 +49,6 @@ type Server struct {
 	policyManager    *policy.P
 }

-// isSelfConnection checks if the connection is coming from the relay itself
-func (s *Server) isSelfConnection(remote string) bool {
-	// Check for localhost connections
-	if strings.HasPrefix(remote, "127.0.0.1:") || strings.HasPrefix(remote, "::1:") || strings.HasPrefix(remote, "[::1]:") {
-		return true
-	}
-
-	// Check for connections from the same IP as the server
-	// This handles cases where the relay connects to itself via its public IP
-	if s.Config.Listen != "" {
-		// Extract IP from listen address (e.g., "0.0.0.0" -> "0.0.0.0")
-		listenIP := s.Config.Listen
-		if listenIP == "0.0.0.0" || listenIP == "" {
-			// If listening on all interfaces, check if remote IP matches any local interface
-			// For now, we'll be conservative and only check localhost
-			return false
-		}
-		// Check if remote IP matches the listen IP
-		remoteIP := strings.Split(remote, ":")[0]
-		if remoteIP == listenIP {
-			return true
-		}
-	}
-
-	return false
-}
-
 // isIPBlacklisted checks if an IP address is blacklisted using the managed ACL system
 func (s *Server) isIPBlacklisted(remote string) bool {
 	// Extract IP from remote address (e.g., "192.168.1.1:12345" -> "192.168.1.1")
--- a/pkg/acl/follows.go
+++ b/pkg/acl/follows.go
@ -396,8 +396,6 @@ func (f *Follows) startEventSubscriptions(ctx context.Context) {
				@@ -396,8 +396,6 @@ func (f *Follows) startEventSubscriptions(ctx context.Context) {
 						log.T.F("follows syncer: sent ping to %s", u)
 						continue
 					default:
-					}
-
 						// Set a read timeout to avoid hanging
 						readCtx, readCancel := context.WithTimeout(ctx, 60*time.Second)
 						_, data, err := c.Read(readCtx)
@ -480,6 +478,7 @@ func (f *Follows) startEventSubscriptions(ctx context.Context) {
				@@ -480,6 +478,7 @@ func (f *Follows) startEventSubscriptions(ctx context.Context) {
 							// ignore other labels
 						}
 					}
+				}
 				// Connection dropped, reconnect after delay
 				log.W.F("follows syncer: connection to %s dropped, will reconnect in 30 seconds", u)