feat(prober): publish attacker.fingerprinted on the bus (DEBT-031)
Each successful JARM / HASSH / TCPfp probe fans out an
attacker.fingerprinted event; the probe family goes in event.type so a
single subscription covers all three. Payload carries the attacker IP,
port, and probe-specific hash — enough for the MazeNET live map to
render fingerprint info on observed attackers.
Lifts the thread-safe publisher helper out of the sniffer worker into
decnet/bus/publish.py so the prober (and every future worker with a
to_thread hot path) can reuse it without copy-pasting the
run_coroutine_threadsafe dance. Sniffer rewires onto the shared helper
in passing.
Adds ATTACKER_FINGERPRINTED as a new leaf — distinct from
ATTACKER_OBSERVED (correlator's first-sight signal) because an active
probe result is additional evidence about an already-observed attacker.
Note: the plan's decky.{id}.state realism-probe publish path is
deferred — the current prober fingerprints attackers, not decky
realism. Will revisit when realism probes exist.
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
"""Fire-and-forget publish helper shared across every worker.
|
||||
"""Fire-and-forget publish helpers shared across every worker.
|
||||
|
||||
Lifted out of ``decnet/mutator/engine.py`` once a second caller showed up
|
||||
(DEBT-031). Keeping one implementation means the "never break the worker
|
||||
@@ -6,7 +6,8 @@ loop" guarantee is audited in exactly one place.
|
||||
"""
|
||||
from __future__ import annotations
|
||||
|
||||
from typing import Any
|
||||
import asyncio
|
||||
from typing import Any, Callable
|
||||
|
||||
from decnet.bus.base import BaseBus
|
||||
from decnet.logging import get_logger
|
||||
@@ -34,3 +35,33 @@ async def publish_safely(
|
||||
await bus.publish(topic, payload, event_type=event_type)
|
||||
except Exception as exc: # noqa: BLE001
|
||||
log.warning("bus publish failed topic=%s: %s", topic, exc)
|
||||
|
||||
|
||||
def make_thread_safe_publisher(
|
||||
bus: BaseBus | None,
|
||||
loop: asyncio.AbstractEventLoop,
|
||||
) -> Callable[[str, dict[str, Any], str], None]:
|
||||
"""Build a sync callable that marshals publishes back to *loop*.
|
||||
|
||||
Workers that run their hot paths in a worker thread (scapy sniff loop,
|
||||
``asyncio.to_thread`` probes, blocking socket reads) cannot ``await``
|
||||
the bus directly. This helper returns a plain function that schedules
|
||||
the publish on *loop* via ``run_coroutine_threadsafe`` and returns
|
||||
immediately — the calling thread is never blocked on the publish.
|
||||
|
||||
A ``None`` bus yields a no-op callable, matching the degraded-mode
|
||||
contract the rest of this module already upholds.
|
||||
"""
|
||||
if bus is None:
|
||||
return lambda _topic, _payload, _event_type="": None
|
||||
|
||||
def _publish(topic: str, payload: dict[str, Any], event_type: str = "") -> None:
|
||||
try:
|
||||
asyncio.run_coroutine_threadsafe(
|
||||
publish_safely(bus, topic, payload, event_type=event_type),
|
||||
loop,
|
||||
)
|
||||
except Exception as exc: # noqa: BLE001
|
||||
log.debug("cross-thread bus publish failed topic=%s: %s", topic, exc)
|
||||
|
||||
return _publish
|
||||
|
||||
Reference in New Issue
Block a user