YGGverse/aquatic
1
0
Fork 0
mirror of https://github.com/YGGverse/aquatic.git synced 2026-03-31 17:55:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

aquatic http: request from path: whitelist url keys for security

Browse source 
This way, the non-ddos-resistant hashmap hasher can be kept. Also
improves performance, probably simply because less hashing work
is done:

time:   [2.8050 us 2.8156 us 2.8274 us]
change: [-22.940% -22.412% -21.916%] (p = 0.00 < 0.01)
Performance has improved.
This commit is contained in:
Joakim Frostegård 2020-07-19 13:44:16 +02:00
parent 09d27d5075
commit 54e801c6a9
6 changed files with 1017 additions and 1010 deletions
Download patch file Download diff file Expand all files Collapse all files

2
TODO.md
View file

@ -11,8 +11,6 @@
## aquatic_http ## aquatic_http
* request parsing: * request parsing:
* tests of main function and the various helper functions * tests of main function and the various helper functions
* hashmap needs ddos protecting hash function, or keys could be checked
against list before insertion
* deserialize 20 bytes: possibly rewrite (just check length of underlying * deserialize 20 bytes: possibly rewrite (just check length of underlying
bytes == 20 and then copy them), also maybe remove String from map for bytes == 20 and then copy them), also maybe remove String from map for
these cases too these cases too

19
aquatic_http/src/lib/protocol/request.rs
View file

@ -166,13 +166,22 @@ impl Request {
.with_context(|| format!("no key at {}..{}", position, equal_sign_index))?; .with_context(|| format!("no key at {}..{}", position, equal_sign_index))?;
let value = query_string.get(equal_sign_index + 1..segment_end) let value = query_string.get(equal_sign_index + 1..segment_end)
.with_context(|| format!("no value at {}..{}", equal_sign_index + 1, segment_end))?; .with_context(|| format!("no value at {}..{}", equal_sign_index + 1, segment_end))?;
// whitelist keys to avoid having to use ddos-resistant hashmap
match key {
"info_hash" => {
let value = Self::urldecode_memchr(value)?;
let value = Self::urldecode_memchr(value)?; info_hashes.push(value);
},
"peer_id" | "port" | "left" | "event" | "compact" | "numwant" | "key" => {
let value = Self::urldecode_memchr(value)?;
if key == "info_hash" { data.insert(key, value);
info_hashes.push(value); },
} else { k => {
data.insert(key, value); ::log::info!("ignored unrecognized key: {}", k)
}
} }
if segment_end == query_string.len(){ if segment_end == query_string.len(){

2
aquatic_http/target/criterion/request-from-path/latest/estimates.json
View file

@ -1 +1 @@
{"mean":{"confidence_interval":{"confidence_level":0.95,"lower_bound":3620.223185445427,"upper_bound":3660.1054580320942},"point_estimate":3639.1705234625256,"standard_error":10.23030590161961},"median":{"confidence_interval":{"confidence_level":0.95,"lower_bound":3573.248635351063,"upper_bound":3590.1493227124265},"point_estimate":3581.371033648157,"standard_error":4.667798258726669},"median_abs_dev":{"confidence_interval":{"confidence_level":0.95,"lower_bound":97.9344093806613,"upper_bound":119.75600340036665},"point_estimate":107.24540589334634,"standard_error":5.4808042142175495},"slope":{"confidence_interval":{"confidence_level":0.95,"lower_bound":3619.5284724763083,"upper_bound":3656.7793470824513},"point_estimate":3637.3029331473836,"standard_error":9.48013840981128},"std_dev":{"confidence_interval":{"confidence_level":0.95,"lower_bound":247.96259922399872,"upper_bound":395.99450743999654},"point_estimate":322.5988272216282,"standard_error":37.832790227752945}} {"mean":{"confidence_interval":{"confidence_level":0.95,"lower_bound":2813.0057190996495,"upper_bound":2835.0971444734805},"point_estimate":2823.5630570532094,"standard_error":5.60999731355646},"median":{"confidence_interval":{"confidence_level":0.95,"lower_bound":2781.583086146614,"upper_bound":2798.7822350926263},"point_estimate":2790.3154531476994,"standard_error":4.287304236535639},"median_abs_dev":{"confidence_interval":{"confidence_level":0.95,"lower_bound":80.18917995973909,"upper_bound":97.47337305052561},"point_estimate":88.82164587342986,"standard_error":4.385899559662111},"slope":{"confidence_interval":{"confidence_level":0.95,"lower_bound":2805.0369153378406,"upper_bound":2827.3641695562396},"point_estimate":2815.621225429684,"standard_error":5.696158165859643},"std_dev":{"confidence_interval":{"confidence_level":0.95,"lower_bound":138.70894509735032,"upper_bound":221.75787184542193},"point_estimate":177.57952341503912,"standard_error":21.529316188103856}}

2000
aquatic_http/target/criterion/request-from-path/latest/raw.csv
View file

File diff suppressed because it is too large Load diff

2
aquatic_http/target/criterion/request-from-path/latest/sample.json
View file

File diff suppressed because one or more lines are too long

2
aquatic_http/target/criterion/request-from-path/latest/tukey.json
View file

@ -1 +1 @@
[3073.4575890843375,3293.348255296047,3879.7233651939387,4099.614031405648] [2329.596058483846,2533.3581761736277,3076.7238233463795,3280.4859410361614]