Harden protocol, authentication, and session lifecycle#29
Conversation
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d510a2d74e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| } | ||
| closeConnection(expectedConnection); | ||
| try { | ||
| broadcast(ChatMessage.withData(MessageType.USER_REMOVED, userName, null), null); |
There was a problem hiding this comment.
Avoid broadcasting while holding the session lock
When a user disconnects while any remaining client is slow or not reading, this broadcast(...) can block indefinitely in ChatConnection.send() while sessionsMonitor is still held. That lock is also needed by new handshakes before adding a session, so one stuck USER_REMOVED delivery can stall other users from logging in or being cleaned up; copy the recipients under the lock, then close/broadcast outside it.
Useful? React with 👍 / 👎.



Summary
Validation
clean check jacocoAllReport releaseBundle --offline --no-daemon --warning-mode allCompatibility
pbkdf2-sha256$210000$markercreateAccount