diff options
| author | Antoine A <> | 2021-12-17 14:40:50 +0100 |
|---|---|---|
| committer | Antoine A <> | 2021-12-17 14:40:50 +0100 |
| commit | 46fed50db1edd4e3590fc3d7bcda565907c16b7a (patch) | |
| tree | 900fd65f9ebf09c4cb54ca441aa06f307c3fb04a | |
| parent | e11c589766c1fc8df0245d190213aa2d8791beb2 (diff) | |
| download | depolymerization-46fed50db1edd4e3590fc3d7bcda565907c16b7a.tar.gz depolymerization-46fed50db1edd4e3590fc3d7bcda565907c16b7a.tar.bz2 depolymerization-46fed50db1edd4e3590fc3d7bcda565907c16b7a.zip | |
wire-gateway: reduce max paylaod size to 4kB
| -rw-r--r-- | btc-wire/src/bin/test.rs | 2 | ||||
| -rw-r--r-- | script/test_btc_fail.sh | 2 | ||||
| -rw-r--r-- | script/test_gateway.sh | 4 | ||||
| -rw-r--r-- | wire-gateway/src/json.rs | 6 |
4 files changed, 8 insertions, 6 deletions
diff --git a/btc-wire/src/bin/test.rs b/btc-wire/src/bin/test.rs index 94554aa..7df3260 100644 --- a/btc-wire/src/bin/test.rs +++ b/btc-wire/src/bin/test.rs @@ -17,7 +17,7 @@ pub fn main() { let test_amount = Amount::from_sat(1500);
let data_dir = default_data_dir();
// Network check
- let network = Network::Bitcoin;
+ let network = Network::Regtest;
match network {
Network::Bitcoin => {
panic!("Do not run tests on the mainnet, you are going to loose money")
diff --git a/script/test_btc_fail.sh b/script/test_btc_fail.sh index fed431d..f058444 100644 --- a/script/test_btc_fail.sh +++ b/script/test_btc_fail.sh @@ -70,6 +70,8 @@ sleep 20 next_btc # Trigger watcher sleep 20 next_btc # Mine transactions +sleep 20 +next_btc # Mine transactions echo " OK" echo -n "Requesting exchange outgoing transaction list:" diff --git a/script/test_gateway.sh b/script/test_gateway.sh index a825fbe..88063a2 100644 --- a/script/test_gateway.sh +++ b/script/test_gateway.sh @@ -119,7 +119,7 @@ test `curl -w %{http_code} -s -o /dev/null -H "Content-Type: application/json" - echo "----- Security -----" # Generate big random file -printf 'HelloWorld%s' {1..100000} > $TEMP_FILE +printf 'HelloWorld%s' {1..1000} > $TEMP_FILE echo -n "Handle huge body:" test `curl -w %{http_code} -X POST -s -o /dev/null -d @$TEMP_FILE ${BANK_ENDPOINT}transfer` -eq 400 && echo " OK" || echo " Failed" @@ -128,7 +128,7 @@ echo -n "Handle body length liar:" test `curl -w %{http_code} -X POST -H"Content-Length:1024" -s -o /dev/null -d @$TEMP_FILE ${BANK_ENDPOINT}transfer` -eq 400 && echo " OK" || echo " Failed" # Generate compression bomb -printf 'HelloWorld%s' {1..100000} | pigz -z9 > $TEMP_FILE +printf 'HelloWorld%s' {1..1000} | pigz -z9 > $TEMP_FILE echo -n "Handle compression bomb:" test `curl -w %{http_code} -X POST -H"Content-Encoding:deflate" -s -o /dev/null --data-binary @$TEMP_FILE ${BANK_ENDPOINT}transfer` -eq 400 && echo " OK" || echo " Failed" diff --git a/wire-gateway/src/json.rs b/wire-gateway/src/json.rs index 0393e5d..78139f1 100644 --- a/wire-gateway/src/json.rs +++ b/wire-gateway/src/json.rs @@ -1,7 +1,7 @@ use hyper::{body::HttpBody, header, http::request::Parts, Body, Response, StatusCode};
use miniz_oxide::inflate::TINFLStatus;
-const MAX_ALLOWED_RESPONSE_SIZE: u64 = 1024 * 1024; // 1MB
+const MAX_PAYLOAD_SIZE: u64 = 4 * 1024; // 4kB
#[derive(Debug, thiserror::Error)]
pub enum ParseBodyError {
@@ -23,7 +23,7 @@ pub async fn parse_body<J: serde::de::DeserializeOwned>( body: Body,
) -> Result<J, ParseBodyError> {
// Check announced body size
- if body.size_hint().upper().unwrap_or(u64::MAX) > MAX_ALLOWED_RESPONSE_SIZE {
+ if body.size_hint().upper().unwrap_or(u64::MAX) > MAX_PAYLOAD_SIZE {
return Err(ParseBodyError::SuspiciousBody);
}
// Read body
@@ -38,7 +38,7 @@ pub async fn parse_body<J: serde::de::DeserializeOwned>( {
let decompressed = miniz_oxide::inflate::decompress_to_vec_zlib_with_limit(
&bytes,
- MAX_ALLOWED_RESPONSE_SIZE as usize,
+ MAX_PAYLOAD_SIZE as usize,
)
.map_err(|s| match s {
TINFLStatus::HasMoreOutput => ParseBodyError::SuspiciousCompression,
|