Fixes#134
Those functions are unused in the whole Tendermint Github
organization plus they were unnecessariy verbose and could
have been concisely replaced with
```go
func RightPadString(s string, totalLength uint) string {
return fmt.Sprintf("% *s", totalLength, s)
}
func LeftPadString(s string, totalLength uint) string {
return fmt.Sprintf("% -*s", totalLength, s)
}
```
delete them anyways
Fixes#169
Fixes https://github.com/tendermint/tendermint/issues/1322
The previous code was very trusting assuming that
rational actors will use this code. However, Byzantine
actors don't care and in the case of the linked issue
negative lengths can be sent to this code unfettered
having been received from a peer.
This code is essentially just a sign change from
`==`
to
`<=`
and we've gutted out that attack by being more defensive.
Follow-up to feedback from #1286, this change simplifies the connection
handling in the SocketClient and makes the communication via TCP more
robust. It introduces the tcpTimeoutListener to encapsulate accept and
i/o timeout handling as well as connection keep-alive, this type could
likely be upgraded to handle more fine-grained tuning of the tcp stack
(linger, nodelay, etc.) according to the properties we desire. The same
methods should be applied to the RemoteSigner which will be overhauled
when the priv_val_server is fleshed out.
* require private key
* simplify connect logic
* break out conn upgrades to tcpTimeoutListener
* extend test coverage and simplify component setup
Fixes#212
Declare the purpose of the Less, Len, Swap methods
so that readers can see why they are defined.
Raised by an auditor in their report, as it looked like a security
concern but actually sort.Interface requires those methods implemented.
