Context Navigation

server.go@ 402

Last change on this file since 402 was 398, checked in by contact, 5 years ago

Implement rate limiting for upstream messages

Allow up to 10 outgoing messages in a burst, then throttle to 1 message
each 2 seconds.

Closes: https://todo.sr.ht/~emersion/soju/87

File size: 3.8 KB

Rev	Line
[98]	1	package soju
[1]	2
	3	import (
	4	"fmt"
[37]	5	"log"
[1]	6	"net"
[323]	7	"net/http"
[24]	8	"sync"
[323]	9	"sync/atomic"
[67]	10	"time"
[1]	11
	12	"gopkg.in/irc.v3"
[323]	13	"nhooyr.io/websocket"
[370]	14
	15	"git.sr.ht/~emersion/soju/config"
[1]	16	)
	17
[67]	18	// TODO: make configurable
[398]	19	var retryConnectDelay = time.Minute
[206]	20	var connectTimeout = 15 * time.Second
[205]	21	var writeTimeout = 10 * time.Second
[398]	22	var upstreamMessageDelay = 2 * time.Second
	23	var upstreamMessageBurst = 10
[67]	24
[9]	25	type Logger interface {
	26	Print(v ...interface{})
	27	Printf(format string, v ...interface{})
	28	}
	29
[21]	30	type prefixLogger struct {
	31	logger Logger
	32	prefix string
	33	}
	34
	35	var _ Logger = (*prefixLogger)(nil)
	36
	37	func (l *prefixLogger) Print(v ...interface{}) {
	38	v = append([]interface{}{l.prefix}, v...)
	39	l.logger.Print(v...)
	40	}
	41
	42	func (l *prefixLogger) Printf(format string, v ...interface{}) {
	43	v = append([]interface{}{l.prefix}, v...)
	44	l.logger.Printf("%v"+format, v...)
	45	}
	46
[10]	47	type Server struct {
[370]	48	Hostname string
	49	Logger Logger
	50	RingCap int
	51	HistoryLimit int
	52	LogPath string
	53	Debug bool
	54	HTTPOrigins []string
	55	AcceptProxyIPs config.IPSet
[385]	56	Identd *Identd // can be nil
[22]	57
[77]	58	db *DB
	59
[172]	60	lock sync.Mutex
	61	users map[string]*user
[10]	62	}
	63
[77]	64	func NewServer(db DB) Server {
[37]	65	return &Server{
[319]	66	Logger: log.New(log.Writer(), "", log.LstdFlags),
	67	RingCap: 4096,
	68	HistoryLimit: 1000,
	69	users: make(map[string]*user),
	70	db: db,
[37]	71	}
	72	}
	73
[5]	74	func (s Server) prefix() irc.Prefix {
	75	return &irc.Prefix{Name: s.Hostname}
	76	}
	77
[77]	78	func (s *Server) Run() error {
	79	users, err := s.db.ListUsers()
	80	if err != nil {
	81	return err
	82	}
[71]	83
[77]	84	s.lock.Lock()
[378]	85	for i := range users {
	86	s.addUserLocked(&users[i])
[71]	87	}
[37]	88	s.lock.Unlock()
	89
[77]	90	select {}
[10]	91	}
	92
[329]	93	func (s Server) createUser(user User) (*user, error) {
	94	s.lock.Lock()
	95	defer s.lock.Unlock()
	96
	97	if _, ok := s.users[user.Username]; ok {
	98	return nil, fmt.Errorf("user %q already exists", user.Username)
	99	}
	100
	101	err := s.db.StoreUser(user)
	102	if err != nil {
	103	return nil, fmt.Errorf("could not create user in db: %v", err)
	104	}
	105
[378]	106	return s.addUserLocked(user), nil
[329]	107	}
	108
[38]	109	func (s Server) getUser(name string) user {
	110	s.lock.Lock()
	111	u := s.users[name]
	112	s.lock.Unlock()
	113	return u
	114	}
	115
[378]	116	func (s Server) addUserLocked(user User) *user {
	117	s.Logger.Printf("starting bouncer for user %q", user.Username)
	118	u := newUser(s, user)
	119	s.users[u.Username] = u
	120
	121	go func() {
	122	u.run()
	123
	124	s.lock.Lock()
	125	delete(s.users, u.Username)
	126	s.lock.Unlock()
	127	}()
	128
	129	return u
	130	}
	131
[323]	132	var lastDownstreamID uint64 = 0
	133
[347]	134	func (s *Server) handle(ic ircConn) {
[323]	135	id := atomic.AddUint64(&lastDownstreamID, 1)
[347]	136	dc := newDownstreamConn(s, ic, id)
[323]	137	if err := dc.runUntilRegistered(); err != nil {
	138	dc.logger.Print(err)
	139	} else {
	140	dc.user.events <- eventDownstreamConnected{dc}
	141	if err := dc.readMessages(dc.user.events); err != nil {
	142	dc.logger.Print(err)
	143	}
	144	dc.user.events <- eventDownstreamDisconnected{dc}
	145	}
	146	dc.Close()
	147	}
	148
[3]	149	func (s *Server) Serve(ln net.Listener) error {
[1]	150	for {
[323]	151	conn, err := ln.Accept()
[1]	152	if err != nil {
	153	return fmt.Errorf("failed to accept connection: %v", err)
	154	}
	155
[347]	156	go s.handle(newNetIRCConn(conn))
[1]	157	}
	158	}
[323]	159
	160	func (s Server) ServeHTTP(w http.ResponseWriter, req http.Request) {
	161	conn, err := websocket.Accept(w, req, &websocket.AcceptOptions{
	162	OriginPatterns: s.HTTPOrigins,
[348]	163	Subprotocols: []string{"irc"},
[323]	164	})
	165	if err != nil {
	166	s.Logger.Printf("failed to serve HTTP connection: %v", err)
	167	return
	168	}
[345]	169
[370]	170	isProxy := false
[345]	171	if host, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
	172	if ip := net.ParseIP(host); ip != nil {
[370]	173	isProxy = s.AcceptProxyIPs.Contains(ip)
[345]	174	}
	175	}
	176
[370]	177	// Only trust X-Forwarded-* header fields if this is a trusted proxy IP
[345]	178	// to prevent users from spoofing the remote address
[344]	179	remoteAddr := req.RemoteAddr
	180	forwardedHost := req.Header.Get("X-Forwarded-For")
	181	forwardedPort := req.Header.Get("X-Forwarded-Port")
[370]	182	if isProxy && forwardedHost != "" && forwardedPort != "" {
[344]	183	remoteAddr = net.JoinHostPort(forwardedHost, forwardedPort)
	184	}
[345]	185
[347]	186	s.handle(newWebsocketIRCConn(conn, remoteAddr))
[323]	187	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: code/trunk/server.go@ 402

Download in other formats: