FIX(Server): Unauthenticated connections no longer add to user count #4817
Conversation
This commit fixes both issues discussed in mumble-voip#4277 which were related to the fact that any socket connection was allocated an ID and marked as a user. This bug allowed for a malicious user to lock out all users of a server regardless of server password usage. This change simply moves ID allocation to after a connection is marked as Authenticated. FIXES: mumble-voip#4277
|
Copied from the other PR on why it was changed: I initially decided to keep both changes as one commit because they were both needed to fix the issue. The second change is one solution to the two issues that cause ID exhaustion.
Therefore without addressing at least one of these issues, the connections needed to lock users out of a server goes from iMaxUsers -> (iMaxUsers * 2) - 1. I had originally gone with solution 1, and changed the IDs from a very limited pool of in-order integers (until someone disconnects out of order) to randomly generated unique IDs. However after sleeping on it I revisited option 2 which I had initially thought as harder and found that Murmur doesn't seem to require that connections need IDs until they are authenticated. So I'm adding a simpler patch which just move ID assignment to after a connection is authenticated and it looks like it solve both problems. I still believe that assigning IDs in a stateless manner is preferable to the current ID Queue Approach. Maybe it will make its way into a future patch. |
|
Thank you for fixing this 👍 |
This commit fixes both issues discussed in #4277 which were related to
the fact that any socket connection was allocated an ID and marked as
a user. This bug allowed for a malicious user to lock out all users of
a server regardless of server password usage. This change simply moves ID
allocation to after a connection is marked as Authenticated.
FIXES: #4277
This is a modification and reopening of #4812 because I accidentally killed it.
Checks