Commit 2203ee13 authored by Grégoire Henry's avatar Grégoire Henry Committed by Julien

P2p: reject after authentification when `max_connections` is reached

The number of pending unauthenticated connection is still limited (see
`max_incoming_connection).
parent 65593eb3
......@@ -849,6 +849,9 @@ and raw_authenticate pool ?point_info canceler fd point =
~distributed_db_versions:pool.message_config.distributed_db_versions
~p2p_versions:pool.custom_p2p_versions
info.announced_version in
let acceptable_capacity =
let active = active_connections pool in
pool.config.max_connections > active in
let acceptable_point =
Option.unopt_map connection_point_info
~default:(not pool.config.private_mode)
......@@ -886,7 +889,8 @@ and raw_authenticate pool ?point_info canceler fd point =
if incoming then
P2p_point.Table.remove pool.incoming point ;
match acceptable_version with
| Some version when acceptable_peer_id && acceptable_point -> begin
| Some version
when acceptable_capacity && acceptable_peer_id && acceptable_point -> begin
log pool (Accepting_request (point, info.id_point, info.peer_id)) ;
Option.iter connection_point_info
~f:(fun point_info ->
......@@ -1163,14 +1167,7 @@ and swap pool conn current_peer_id new_point =
let accept pool fd point =
log pool (Incoming_connection point) ;
let max_active_conns =
if Random.bool () then
(* randomly allow one additional incoming connection *)
pool.config.max_connections + 1
else
pool.config.max_connections in
if pool.config.max_incoming_connections <= P2p_point.Table.length pool.incoming
|| max_active_conns <= active_connections pool
(* silently ignore banned points *)
|| (P2p_acl.banned_addr pool.acl (fst point)) then
Lwt.async (fun () -> P2p_fd.close fd)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment