Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Add a ratelimiter for 3pid invite (#11892)
Browse files Browse the repository at this point in the history
  • Loading branch information
babolivier authored Feb 3, 2022
1 parent 8332475 commit d80d39b
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 1 deletion.
1 change: 1 addition & 0 deletions changelog.d/11892.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Use a dedicated configurable rate limiter for 3PID invites.
7 changes: 7 additions & 0 deletions docs/sample_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -857,6 +857,9 @@ log_config: "CONFDIR/SERVERNAME.log.config"
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
# - two for ratelimiting how often invites can be sent in a room or to a
# specific user.
# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
# such as an email address or a phone number) based on the account that's
# sending the invite.
#
# The defaults are as shown below.
#
Expand Down Expand Up @@ -906,6 +909,10 @@ log_config: "CONFDIR/SERVERNAME.log.config"
# per_user:
# per_second: 0.003
# burst_count: 5
#
#rc_third_party_invite:
# per_second: 0.2
# burst_count: 10

# Ratelimiting settings for incoming federation
#
Expand Down
15 changes: 15 additions & 0 deletions synapse/config/ratelimiting.py
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,14 @@ def read_config(self, config, **kwargs):
defaults={"per_second": 0.003, "burst_count": 5},
)

self.rc_third_party_invite = RateLimitConfig(
config.get("rc_third_party_invite", {}),
defaults={
"per_second": self.rc_message.per_second,
"burst_count": self.rc_message.burst_count,
},
)

def generate_config_section(self, **kwargs):
return """\
## Ratelimiting ##
Expand Down Expand Up @@ -168,6 +176,9 @@ def generate_config_section(self, **kwargs):
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
# - two for ratelimiting how often invites can be sent in a room or to a
# specific user.
# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
# such as an email address or a phone number) based on the account that's
# sending the invite.
#
# The defaults are as shown below.
#
Expand Down Expand Up @@ -217,6 +228,10 @@ def generate_config_section(self, **kwargs):
# per_user:
# per_second: 0.003
# burst_count: 5
#
#rc_third_party_invite:
# per_second: 0.2
# burst_count: 10
# Ratelimiting settings for incoming federation
#
Expand Down
9 changes: 8 additions & 1 deletion synapse/handlers/room_member.py
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,13 @@ def __init__(self, hs: "HomeServer"):
burst_count=hs.config.ratelimiting.rc_invites_per_user.burst_count,
)

self._third_party_invite_limiter = Ratelimiter(
store=self.store,
clock=self.clock,
rate_hz=hs.config.ratelimiting.rc_third_party_invite.per_second,
burst_count=hs.config.ratelimiting.rc_third_party_invite.burst_count,
)

self.request_ratelimiter = hs.get_request_ratelimiter()

@abc.abstractmethod
Expand Down Expand Up @@ -1295,7 +1302,7 @@ async def do_3pid_invite(

# We need to rate limit *before* we send out any 3PID invites, so we
# can't just rely on the standard ratelimiting of events.
await self.request_ratelimiter.ratelimit(requester)
await self._third_party_invite_limiter.ratelimit(requester)

can_invite = await self.third_party_event_rules.check_threepid_can_be_invited(
medium, address, room_id
Expand Down

0 comments on commit d80d39b

Please sign in to comment.