mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-25 13:29:27 +01:00
parent
0af0a0b445
commit
4e13f72ca9
@ -111,6 +111,8 @@ type Session struct {
|
||||
capState caps.State
|
||||
capVersion caps.Version
|
||||
|
||||
registrationMessages int
|
||||
|
||||
resumeID string
|
||||
resumeDetails *ResumeDetails
|
||||
zncPlaybackTimes *zncPlaybackTimes
|
||||
@ -396,6 +398,15 @@ func (client *Client) run(session *Session) {
|
||||
}
|
||||
}
|
||||
|
||||
// DoS hardening, #505
|
||||
if !client.registered {
|
||||
session.registrationMessages++
|
||||
if client.server.Config().Limits.RegistrationMessages < session.registrationMessages {
|
||||
client.Send(nil, client.server.name, ERR_UNKNOWNERROR, "*", client.t("You have sent too many registration messages"))
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
msg, err := ircmsg.ParseLineStrict(line, true, maxlenRest)
|
||||
if err == ircmsg.ErrorLineIsEmpty {
|
||||
continue
|
||||
|
@ -224,6 +224,7 @@ type Limits struct {
|
||||
NickLen int `yaml:"nicklen"`
|
||||
TopicLen int `yaml:"topiclen"`
|
||||
WhowasEntries int `yaml:"whowas-entries"`
|
||||
RegistrationMessages int `yaml:"registration-messages"`
|
||||
}
|
||||
|
||||
// STSConfig controls the STS configuration/
|
||||
@ -532,6 +533,9 @@ func LoadConfig(filename string) (config *Config, err error) {
|
||||
if config.Limits.NickLen < 1 || config.Limits.ChannelLen < 2 || config.Limits.AwayLen < 1 || config.Limits.KickLen < 1 || config.Limits.TopicLen < 1 {
|
||||
return nil, ErrLimitsAreInsane
|
||||
}
|
||||
if config.Limits.RegistrationMessages == 0 {
|
||||
config.Limits.RegistrationMessages = 1024
|
||||
}
|
||||
if config.Server.STS.Enabled {
|
||||
config.Server.STS.Duration, err = custime.ParseDuration(config.Server.STS.DurationString)
|
||||
if err != nil {
|
||||
|
@ -557,6 +557,10 @@ limits:
|
||||
# configurable length for the rest of the message:
|
||||
rest: 2048
|
||||
|
||||
# maximum number of messages to accept during registration (prevents
|
||||
# DoS / resource exhaustion attacks):
|
||||
registration-messages: 1024
|
||||
|
||||
# fakelag: prevents clients from spamming commands too rapidly
|
||||
fakelag:
|
||||
# whether to enforce fakelag
|
||||
|
Loading…
Reference in New Issue
Block a user