diff options
| author | Matthew Hodgson <matthew@matrix.org> | 2019-01-15 21:07:12 +0000 |
|---|---|---|
| committer | Matthew Hodgson <matthew@matrix.org> | 2019-01-15 21:07:12 +0000 |
| commit | 046d731fbdf0f7058395fc0c691c9029c1fcb4c9 (patch) | |
| tree | 77e87bcf2195049142b09c38082c55a778015192 | |
| parent | Merge tag 'v0.34.1rc1' into matrix-org-hotfixes (diff) | |
| download | synapse-046d731fbdf0f7058395fc0c691c9029c1fcb4c9.tar.xz | |
limit remote device lists to 1000 entries per user
| -rw-r--r-- | synapse/handlers/device.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/synapse/handlers/device.py b/synapse/handlers/device.py index 9e017116a9..6f80a7dce9 100644 --- a/synapse/handlers/device.py +++ b/synapse/handlers/device.py @@ -532,6 +532,20 @@ class DeviceListEduUpdater(object): stream_id = result["stream_id"] devices = result["devices"] + + # Emergency hack to prevent DoS from + # @bot:oliviervandertoorn.nl and @bot:matrix-beta.igalia.com + # on Jan 15 2019: only store the most recent 1000 devices for + # a given user. (We assume we receive them in chronological + # order, which is dubious given _get_e2e_device_keys_txn does + # not explicitly order its results). Otherwise it can take + # longer than 60s to persist the >100K devices, at which point + # the internal replication request to handle the + # m.device_list_update EDU times out, causing the remote + # server to retry the transaction and thus DoS synapse master + # CPU and DB. + devices = devices[-1000:] + yield self.store.update_remote_device_list_cache( user_id, devices, stream_id, ) |