-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refactor challenge hashing, add sanity limit
This adds a sanity limit of 200 hash collision entries in the runtime lookup hashtables for ACME challenge repsonses. The hashtable of course only stores "live" challenge data that hasn't expired yet. In practice (there's some hash collision statistics involved), this limit *should* only kick in if 200 or more challenges are defined for a single domainname, because the hashtable's slot count is fairly oversized, and becomes increasingly even more oversized as more challenges per domainname are configured. The sanity limit is checked when adding a new challenge set, and will cause explicit rejection and thus failure of the gdnsdctl command that attempts to add excess challenges too quickly. This should prevent runaway/broken ACME automations from configuring insane amounts of challenges for a single domainname within an acme_challenge_ttl window, which could otherwise cause all kinds of performance degradation for the parts of the daemon. Even if we didn't have this limit, at around 285 entries for the same domainname, they wouldn't all fit in our maximal 16KB TCP response size. Before this patch, when that happened the daemon simply stopped outputting additional TXT records once the 16KB limit was reached, allowing the remainder to eventually come into view for new queries as older ones expired. Explicit rejection seems cleaner from a user/tool-facing perspective than that anyways.
- Loading branch information
Showing
1 changed file
with
150 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters