Rate limit key share requests #8677

erikjohnston · 2020-10-28T13:31:28Z

There is a bug in one of the clients that causes a lot of cross user key share requests, which then stacks up in the device_inbox for devices leading to issues on clients (potentially, maybe). These should be both relatively rare and safe to drop, so we should rate limit them.

We may also want to consider dropping key share requests to devices that already have a large (ish) number of device messages in their inbox.

We should back out #8675 after this is done.

The text was updated successfully, but these errors were encountered:

clokep · 2020-10-30T18:59:41Z

I'm guessing the work is something like:

Add a new rate limiter for incoming federation EDUs.
Replace the patch in federation_server.py from Patch to temporarily drop cross-user m.key_share_requests #8675 with a check for the rate-limiter. If over the limit, drop the request.
Replace the patch in devicemessage.py from Patch to temporarily drop cross-user m.key_share_requests #8675 with a check for the rate-limiter, raising a 429 if over the limit?
Add tests.

Does something like that sound about right?

anoadragon453 added the A-Performance Performance, both client-facing and admin-facing label Oct 28, 2020

clokep self-assigned this Dec 16, 2020

clokep mentioned this issue Dec 16, 2020

Ratelimit cross user room key share requests. #8957

Merged

clokep closed this as completed in #8957 Feb 19, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Rate limit key share requests #8677

Rate limit key share requests #8677

erikjohnston commented Oct 28, 2020

clokep commented Oct 30, 2020

Rate limit key share requests #8677

Rate limit key share requests #8677

Comments

erikjohnston commented Oct 28, 2020

clokep commented Oct 30, 2020