Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Add a quota handler callback #423

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Conversation

rg0now
Copy link
Contributor

@rg0now rg0now commented Nov 18, 2024

Note: the PR is on top of #419, see the changes on top of that PR here.

RFC 8656 includes the following text:

To mitigate either intentional or unintentional denial-of-service attacks against the server by clients with valid usernames and passwords, it is RECOMMENDED that the server impose limits on both the number of allocations active at one time for a given username and on the amount of bandwidth those allocations can use. The server should reject new allocations that would exceed the limit on the allowed number of allocations active at one time with a 486 (Allocation Quota Exceeded [sic!]) [error].

(Note the mistake in the text: the name of the error is in fact "Allocation Quota Reached", not "Allocation Quota Exceeded".)

This PR adds a quota handler callback function which, if specified, is called by the server just before making an allocation for a user. The handler should return a single bool: if true then the allocation request can proceed, otherwise the request is rejected with the 486 (Allocation Quota Reached) error. Then, the lifecycle API can be used to track the number of active allocations per user and this callback can be leveraged to reject allocation requests that would exceed the user's quota.

Note that the other DoS mitigation recommendation given in the RFC (limiting the amount of bandwidth a single user can use) is not targeted by this PR.

@rg0now rg0now requested a review from Sean-Der November 18, 2024 20:33
Copy link

codecov bot commented Nov 18, 2024

Codecov Report

Attention: Patch coverage is 91.50000% with 17 lines in your changes missing coverage. Please review.

Project coverage is 68.94%. Comparing base (3ff9392) to head (9927614).

Files with missing lines Patch % Lines
internal/server/util.go 72.00% 5 Missing and 2 partials ⚠️
internal/allocation/five_tuple.go 60.00% 4 Missing ⚠️
server.go 57.14% 2 Missing and 1 partial ⚠️
internal/server/nonce.go 50.00% 0 Missing and 1 partial ⚠️
relay_address_generator_range.go 0.00% 1 Missing ⚠️
server_config.go 97.43% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##           master     #423      +/-   ##
==========================================
+ Coverage   66.63%   68.94%   +2.31%     
==========================================
  Files          43       43              
  Lines        2919     3104     +185     
==========================================
+ Hits         1945     2140     +195     
+ Misses        807      798       -9     
+ Partials      167      166       -1     
Flag Coverage Δ
go 68.94% <91.50%> (+2.31%) ⬆️
wasm 25.54% <3.00%> (-1.59%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rg0now rg0now force-pushed the quota-handler branch 2 times, most recently from 31bb618 to 14ea578 Compare December 5, 2024 11:40
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant