don't store remote device lists if they have more than 10K devices
Matthew Hodgson
parent
046d731fbd
commit
482d06774a
|
|
@ -533,18 +533,19 @@ class DeviceListEduUpdater(object):
|
||||||
stream_id = result["stream_id"]
|
stream_id = result["stream_id"]
|
||||||
devices = result["devices"]
|
devices = result["devices"]
|
||||||
|
|
||||||
# Emergency hack to prevent DoS from
|
# If the remote server has more than ~10000 devices for this user
|
||||||
# @bot:oliviervandertoorn.nl and @bot:matrix-beta.igalia.com
|
# we assume that something is going horribly wrong (e.g. a bot
|
||||||
# on Jan 15 2019: only store the most recent 1000 devices for
|
# that logs in and creates a new device every time it tries to
|
||||||
# a given user. (We assume we receive them in chronological
|
# send a message). Maintaining lots of devices per user in the
|
||||||
# order, which is dubious given _get_e2e_device_keys_txn does
|
# cache can cause serious performance issues as if this request
|
||||||
# not explicitly order its results). Otherwise it can take
|
# takes more than 60s to complete, internal replication from the
|
||||||
# longer than 60s to persist the >100K devices, at which point
|
# inbound federation worker to the synapse master may time out
|
||||||
# the internal replication request to handle the
|
# causing the inbound federation to fail and causing the remote
|
||||||
# m.device_list_update EDU times out, causing the remote
|
# server to retry, causing a DoS. So in this scenario we give
|
||||||
# server to retry the transaction and thus DoS synapse master
|
# up on storing the total list of devices and only handle the
|
||||||
# CPU and DB.
|
# delta instead.
|
||||||
devices = devices[-1000:]
|
if len(devices) > 10000:
|
||||||
|
devices = []
|
||||||
|
|
||||||
yield self.store.update_remote_device_list_cache(
|
yield self.store.update_remote_device_list_cache(
|
||||||
user_id, devices, stream_id,
|
user_id, devices, stream_id,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue