public-mirrors/molly-brown
1
0
Fork 0
mirror of https://tildegit.org/solderpunk/molly-brown.git synced 2025-04-13 09:29:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make rate limiting configurable.

Browse source
This commit is contained in:
Solderpunk 2023-03-17 19:52:39 +01:00
parent 5016f40edb
commit a6170a355d
4 changed files with 19 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
config.go
View file

@ -22,6 +22,9 @@ type SysConfig struct {
SCGIPaths map[string]string SCGIPaths map[string]string
ReadMollyFiles bool ReadMollyFiles bool
AllowTLS12 bool AllowTLS12 bool
RateLimitEnable bool
RateLimitAverage int
RateLimitBurst int
} }
type UserConfig struct { type UserConfig struct {
@ -56,6 +59,9 @@ func getConfig(filename string) (SysConfig, UserConfig, error) {
sysConfig.SCGIPaths = make(map[string]string) sysConfig.SCGIPaths = make(map[string]string)
sysConfig.ReadMollyFiles = false sysConfig.ReadMollyFiles = false
sysConfig.AllowTLS12 = true sysConfig.AllowTLS12 = true
sysConfig.RateLimitEnable = false
sysConfig.RateLimitAverage = 1
sysConfig.RateLimitBurst = 10
userConfig.GeminiExt = "gmi" userConfig.GeminiExt = "gmi"
userConfig.DefaultLang = "" userConfig.DefaultLang = ""

14
handler.go
View file

@ -50,12 +50,14 @@ func handleGeminiRequest(conn net.Conn, sysConfig SysConfig, config UserConfig,
} }
// Enforce rate limiting // Enforce rate limiting
noPort := logEntry.RemoteAddr.String() if sysConfig.RateLimitEnable {
noPort = noPort[0:strings.LastIndex(noPort, ":")] noPort := logEntry.RemoteAddr.String()
if !rl.Allowed(noPort) { noPort = noPort[0:strings.LastIndex(noPort, ":")]
conn.Write([]byte("44 10 second cool down, please!\r\n")) if !rl.Allowed(noPort) {
logEntry.Status = 44 conn.Write([]byte("44 10 second cool down, please!\r\n"))
return logEntry.Status = 44
return
}
} }
// Read request // Read request

2
launch.go
View file

@ -159,7 +159,7 @@ func launch(sysConfig SysConfig, userConfig UserConfig, privInfo userInfo) int {
// Infinite serve loop (SIGTERM breaks out) // Infinite serve loop (SIGTERM breaks out)
running := true running := true
var wg sync.WaitGroup var wg sync.WaitGroup
rl := newRateLimiter(100, 5) rl := newRateLimiter(sysConfig.RateLimitAverage, sysConfig.RateLimitBurst)
for running { for running {
conn, err := listener.Accept() conn, err := listener.Accept()
if err == nil { if err == nil {

10
ratelim.go
View file

@ -1,7 +1,6 @@
package main package main
import ( import (
"fmt"
"sync" "sync"
"time" "time"
) )
@ -9,19 +8,18 @@ import (
type RateLimiter struct { type RateLimiter struct {
mu sync.Mutex mu sync.Mutex
bucket map[string]int bucket map[string]int
capacity int
rate int rate int
burst int
} }
func newRateLimiter(capacity int, rate int) RateLimiter { func newRateLimiter(rate int, burst int) RateLimiter {
var rl = new(RateLimiter) var rl = new(RateLimiter)
rl.bucket = make(map[string]int) rl.bucket = make(map[string]int)
rl.capacity = capacity
rl.rate = rate rl.rate = rate
rl.burst = burst
// Leak periodically // Leak periodically
go func () { go func () {
for(true) { for(true) {
fmt.Println(rl.bucket)
rl.mu.Lock() rl.mu.Lock()
for addr, drips := range rl.bucket { for addr, drips := range rl.bucket {
if drips <= rate { if drips <= rate {
@ -45,7 +43,7 @@ func (rl *RateLimiter) Allowed(addr string) bool {
rl.bucket[addr] = 1 rl.bucket[addr] = 1
return true return true
} }
if drips == rl.capacity { if drips == rl.burst {
return false return false
} }
rl.bucket[addr] = drips + 1 rl.bucket[addr] = drips + 1