summary refs log tree commit diff
path: root/synapse/federation/transport
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2020-09-18 10:50:04 +0100
committerErik Johnston <erik@matrix.org>2020-09-18 10:50:04 +0100
commit5e42e61609d2eb35092e31bfc9a0ded9b67f3510 (patch)
tree8fa9ea6966cfdc76bd47ae9af0a0ebc8e18dd87e /synapse/federation/transport
parentMove lint dependencies to extras_require (#8330) (diff)
parentFix ratelimiting for federation `/send` requests. (#8342) (diff)
downloadsynapse-5e42e61609d2eb35092e31bfc9a0ded9b67f3510.tar.xz
Merge remote-tracking branch 'origin/release-v1.20.0' into develop
Diffstat (limited to 'synapse/federation/transport')
-rw-r--r--synapse/federation/transport/server.py13
1 files changed, 8 insertions, 5 deletions
diff --git a/synapse/federation/transport/server.py b/synapse/federation/transport/server.py
index 9325e0f857..cc7e9a973b 100644
--- a/synapse/federation/transport/server.py
+++ b/synapse/federation/transport/server.py
@@ -45,7 +45,6 @@ from synapse.logging.opentracing import (
 )
 from synapse.server import HomeServer
 from synapse.types import ThirdPartyInstanceID, get_domain_from_id
-from synapse.util.ratelimitutils import FederationRateLimiter
 from synapse.util.versionstring import get_version_string
 
 logger = logging.getLogger(__name__)
@@ -72,9 +71,7 @@ class TransportLayerServer(JsonResource):
         super(TransportLayerServer, self).__init__(hs, canonical_json=False)
 
         self.authenticator = Authenticator(hs)
-        self.ratelimiter = FederationRateLimiter(
-            self.clock, config=hs.config.rc_federation
-        )
+        self.ratelimiter = hs.get_federation_ratelimiter()
 
         self.register_servlets()
 
@@ -272,6 +269,8 @@ class BaseFederationServlet:
 
     PREFIX = FEDERATION_V1_PREFIX  # Allows specifying the API version
 
+    RATELIMIT = True  # Whether to rate limit requests or not
+
     def __init__(self, handler, authenticator, ratelimiter, server_name):
         self.handler = handler
         self.authenticator = authenticator
@@ -335,7 +334,7 @@ class BaseFederationServlet:
                 )
 
             with scope:
-                if origin:
+                if origin and self.RATELIMIT:
                     with ratelimiter.ratelimit(origin) as d:
                         await d
                         if request._disconnected:
@@ -372,6 +371,10 @@ class BaseFederationServlet:
 class FederationSendServlet(BaseFederationServlet):
     PATH = "/send/(?P<transaction_id>[^/]*)/?"
 
+    # We ratelimit manually in the handler as we queue up the requests and we
+    # don't want to fill up the ratelimiter with blocked requests.
+    RATELIMIT = False
+
     def __init__(self, handler, server_name, **kwargs):
         super(FederationSendServlet, self).__init__(
             handler, server_name=server_name, **kwargs