Skip to content

Fix http network construction: avoid log.Fatal and validate host #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alienx5499 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix http network construction: avoid log.Fatal and validate host #97

alienx5499 wants to merge 1 commit into from

Conversation

@alienx5499
Copy link
Contributor

@alienx5499 alienx5499 commented Feb 6, 2026

Summary

  • Stop tlock/networks/http.NewNetwork from terminating the process on bad input.
  • Add strict host validation so invalid URLs are rejected early and deterministically.
  • Fix a typo in the “chain hash mismatch” error message.
  • Add unit tests for invalid inputs (invalid host URL, missing host, invalid chain hash hex).

Problem

tlock/networks/http.NewNetwork is part of a library API, but it previously called log.Fatal when URL parsing failed, which would exit the entire process of any downstream application importing tlock (including CLIs, services, or libraries) and is unexpected and makes error handling and testing difficult.

Additionally, the previous URL parsing check was too permissive: some malformed host inputs could still parse as a URL path and slip through, causing failures later in the network setup instead of being rejected up front.

Initially I expected url.Parse to reject these inputs, but some malformed hosts still parsed as paths, which is why the stricter validation lives in normalizeHost.

Changes

File: networks/http/http.go

  • Replace the log.Fatal call in NewNetwork with a returned error so callers
    can handle invalid input without the process exiting.
  • Introduce normalizeHost(host) to:
    • Add a default https:// scheme when the host doesn’t include one.
    • Parse and validate that the URL is absolute (has both scheme and host).
  • Fix typo in error message:
    • chain hash mistmatchchain hash mismatch

File: networks/http/http_test.go

  • Add TestNewNetwork_InvalidInputsReturnError with deterministic cases:
    • Invalid host URL parse error (e.g. http://%)
    • Missing host (e.g. https://)
    • Invalid chain hash hex (e.g. not-hex)

Notes

This change improves robustness for any downstream code using tlock as a library: invalid host strings now return errors instead of terminating the entire process.

Testing

From the tlock module:

cd tlock
go test ./...

This runs:

  • github.com/drand/tlock
  • github.com/drand/tlock/networks/fixed
  • github.com/drand/tlock/networks/http
  • github.com/drand/tlock/cmd/tle/commands

and passes with the new tests in place.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alienx5499