From ef46666fd214d184440364fe6350007b674c1661 Mon Sep 17 00:00:00 2001 From: ravinsp <33562092+ravinsp@users.noreply.github.com> Date: Sun, 10 Nov 2019 14:55:55 +0530 Subject: [PATCH] Added peer and user connection limits. --- src/conf.cpp | 15 ++++++++++----- src/conf.hpp | 2 ++ src/p2p/peer_session_handler.cpp | 11 ++++++++++- src/usr/user_session_handler.cpp | 9 ++++++++- 4 files changed, 30 insertions(+), 7 deletions(-) diff --git a/src/conf.cpp b/src/conf.cpp index 2ac1df0a..67e6b46a 100644 --- a/src/conf.cpp +++ b/src/conf.cpp @@ -238,18 +238,20 @@ int load_config() } cfg.peerport = d["peerport"].GetInt(); - cfg.roundtime = d["roundtime"].GetInt(); cfg.pubport = d["pubport"].GetInt(); + cfg.roundtime = d["roundtime"].GetInt(); cfg.pubmaxsize = d["pubmaxsize"].GetUint64(); cfg.pubmaxcpm = d["pubmaxcpm"].GetUint64(); cfg.pubmaxbadmpm = d["pubmaxbadmpm"].GetUint64(); + cfg.pubmaxcons = d["pubmaxcons"].GetUint(); cfg.peermaxsize = d["peermaxsize"].GetUint64(); cfg.peermaxcpm = d["peermaxcpm"].GetUint64(); cfg.peermaxdupmpm = d["peermaxdupmpm"].GetUint64(); cfg.peermaxbadmpm = d["peermaxbadmpm"].GetUint64(); cfg.peermaxbadsigpm = d["peermaxbadsigpm"].GetUint64(); + cfg.peermaxcons = d["peermaxcons"].GetUint(); cfg.loglevel = d["loglevel"].GetString(); cfg.loggers.clear(); @@ -309,18 +311,20 @@ int save_config() d.AddMember("unl", unl, allocator); d.AddMember("peerport", cfg.peerport, allocator); - d.AddMember("roundtime", cfg.roundtime, allocator); d.AddMember("pubport", cfg.pubport, allocator); + d.AddMember("roundtime", cfg.roundtime, allocator); d.AddMember("pubmaxsize", cfg.pubmaxsize, allocator); d.AddMember("pubmaxcpm", cfg.pubmaxcpm, allocator); d.AddMember("pubmaxbadmpm", cfg.pubmaxbadmpm, allocator); + d.AddMember("pubmaxcons", cfg.pubmaxcons, allocator); d.AddMember("peermaxsize", cfg.peermaxsize, allocator); d.AddMember("peermaxcpm", cfg.peermaxcpm, allocator); d.AddMember("peermaxdupmpm", cfg.peermaxdupmpm, allocator); d.AddMember("peermaxbadmpm", cfg.peermaxbadmpm, allocator); d.AddMember("peermaxbadsigpm", cfg.peermaxbadsigpm, allocator); + d.AddMember("peermaxcons", cfg.peermaxcons, allocator); d.AddMember("loglevel", rapidjson::StringRef(cfg.loglevel.data()), allocator); rapidjson::Value loggers(rapidjson::kArrayType); @@ -525,9 +529,10 @@ int is_schema_valid(const rapidjson::Document &d) "{" "\"type\": \"object\"," "\"required\": [ \"version\", \"pubkeyhex\", \"seckeyhex\", \"binary\", \"binargs\", \"listenip\"" - ", \"peers\", \"unl\", \"peerport\", \"roundtime\", \"pubport\", \"pubmaxsize\", \"pubmaxcpm\"" - ", \"pubmaxbadmpm\", \"peermaxsize\", \"peermaxcpm\"" - ", \"peermaxdupmpm\", \"peermaxbadmpm\", \"peermaxbadsigpm\", \"loglevel\", \"loggers\" ]," + ", \"peers\", \"unl\", \"pubport\", \"peerport\", \"roundtime\"" + ", \"pubmaxsize\", \"pubmaxcpm\", \"pubmaxbadmpm\", \"pubmaxcons\"" + ", \"peermaxsize\", \"peermaxcpm\", \"peermaxdupmpm\", \"peermaxbadmpm\", \"peermaxbadsigpm\", \"peermaxcons\"" + ", \"loglevel\", \"loggers\" ]," "\"properties\": {" "\"version\": { \"type\": \"string\" }," "\"pubkeyhex\": { \"type\": \"string\" }," diff --git a/src/conf.hpp b/src/conf.hpp index e81de946..af7b22c3 100644 --- a/src/conf.hpp +++ b/src/conf.hpp @@ -54,12 +54,14 @@ struct contract_config uint64_t pubmaxsize; // User message max size in bytes uint64_t pubmaxcpm; // User message rate (characters(bytes) per minute) uint64_t pubmaxbadmpm; // User bad messages per minute + uint16_t pubmaxcons; // Max inbound user connections uint64_t peermaxsize; // Peer message max size in bytes uint64_t peermaxcpm; // Peer message rate (characters(bytes) per minute) uint64_t peermaxdupmpm; // Peer max duplicate messages per minute uint64_t peermaxbadmpm; // Peer bad messages per minute uint64_t peermaxbadsigpm; // Peer bad signatures per minute + uint16_t peermaxcons; // Max inbound peer connections std::string loglevel; // Log severity level (debug, info, warn, error) std::unordered_set loggers; // List of enabled loggers (console, file) diff --git a/src/p2p/peer_session_handler.cpp b/src/p2p/peer_session_handler.cpp index cf4260da..0a3c4ef9 100644 --- a/src/p2p/peer_session_handler.cpp +++ b/src/p2p/peer_session_handler.cpp @@ -24,7 +24,16 @@ util::rollover_hashset recent_peermsg_hashes(200); */ void peer_session_handler::on_connect(sock::socket_session *session) { - if (!session->flags[sock::SESSION_FLAG::INBOUND]) + if (session->flags[sock::SESSION_FLAG::INBOUND]) + { + // Limit max number of inbound connections. + if (conf::cfg.peermaxcons > 0 && ctx.peer_connections.size() >= conf::cfg.peermaxcons) + { + session->close(); + LOG_DBG << "Max peer connections reached. Dropped connection " << session->uniqueid; + } + } + else { std::lock_guard lock(ctx.peer_connections_mutex); ctx.peer_connections.try_emplace(session->uniqueid, session); diff --git a/src/usr/user_session_handler.cpp b/src/usr/user_session_handler.cpp index 47915f30..d678bd2e 100644 --- a/src/usr/user_session_handler.cpp +++ b/src/usr/user_session_handler.cpp @@ -18,7 +18,14 @@ namespace usr */ void user_session_handler::on_connect(sock::socket_session *session) { - LOG_DBG << "User client connected " << session->address << ":" << session->port; + if (conf::cfg.pubmaxcons > 0 && ctx.users.size() >= conf::cfg.pubmaxcons) + { + session->close(); + LOG_DBG << "Max user connections reached. Dropped connection " << session->uniqueid; + return; + } + + LOG_DBG << "User client connected " << session->uniqueid; // As soon as a user connects, we issue them a challenge message. We remember the // challenge we issued and later verifies the user's response with it.