20b3ff84b3
In previous implementation IR incorrectly verified `SetEACL` event of `Container` contract. The incorrect behavior could be reproduced in two ways: 1. Create container using session, and perform `SetEACL` operation with a key that is different from the session one. 2. Create container using session, and perform `SetEACL` w/o a session, but sign it using session key from the `Put` operation. The problem was in the `checkSetEACL` validation method of IR container processor. It always used session token used for container creation during session ownership check. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> |
||
---|---|---|
.. | ||
config | ||
internal/client | ||
processors | ||
timers | ||
alphabet.go | ||
bindings.go | ||
blocktimer.go | ||
contracts.go | ||
fetcher.go | ||
indexer.go | ||
innerring.go | ||
locode.go | ||
notary.go | ||
rpc.go | ||
settlement.go | ||
state.go | ||
subnet.go |