Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Other federation server spamming PUT on /v1/send endpoint #17576

Open
mwllgr opened this issue Aug 15, 2024 · 1 comment
Open

Other federation server spamming PUT on /v1/send endpoint #17576

mwllgr opened this issue Aug 15, 2024 · 1 comment

Comments

@mwllgr
Copy link

mwllgr commented Aug 15, 2024

Description

Hello,

I'm currently receiving about 25 requests per second to the /_matrix/federation/v1/send/<id_or_similar?> endpoint:

134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001563 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001566 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001569 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001572 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"

... every request accompanied with the following log message (or similar → different IDs/timestamps):

matrix-server | 2024-08-10 16:48:39,209 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2355 - authenticate_request failed: 401: Destination mismatch in auth header
matrix-server | 2024-08-10 16:48:39,249 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2356 - authenticate_request failed: 401: Destination mismatch in auth header

The requests themselves contain the following (or similar?):
xxx → censored, whole content prettified beforehand

{
  "origin": "matrix-not-at-my-own-server.example.com",
  "origin_server_ts": 1723745703465,
  "pdus": [
    {
      "auth_events": [
        "xxx",
        "xxx"
      ],
      "content": {
        "membership": "leave"
      },
      "depth": 576354,
      "hashes": {
        "sha256": "xxx"
      },
      "origin": "matrix-not-at-my-own-server.example.com",
      "origin_server_ts": 1689514823361,
      "prev_events": [
        "xxx",
        "xxx",
        "xxx",
        "xxx",
        "xxx",
        "xxx",
        "xxx"
      ],
      "room_id": "!sOmeRoOmId:matrix.org",
      "sender": "@some_user:matrix-not-at-my-own-server.example.com",
      "signatures": {
        "matrix-not-at-my-own-server.example.com": {
          "ed25519:a_zVUb": "xxx"
        }
      },
      "state_key": "@some_user:matrix-not-at-my-own-server.example.com",
      "type": "m.room.member",
      "unsigned": {
        "age_ts": 1689514823361,
        "replaces_state": "xxx"
      }
    }
  ]
}

Steps to reproduce

  • run an own, federation-enabled homeserver

Homeserver

own homeserver

Synapse Version

1.112.0

Installation Method

Docker (matrixdotorg/synapse)

Database

postgres:14-alpine

Workers

Single process

Platform

Docker 20.10.18 on Ubuntu 22.04

Configuration

nginx vhost:

    location ~ ^(\/_matrix|\/_synapse\/client) {
      proxy_pass http://127.0.0.1:8008;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $host;
      proxy_max_temp_file_size 0;
    }

Relevant log output

matrix-server | 2024-08-10 16:48:39,209 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2355 - authenticate_request failed: 401: Destination mismatch in auth header

Anything else that would be useful to know?

No response
@mwllgr
Copy link
Author

mwllgr commented Aug 16, 2024

The server owner upgraded his Synapse instance from 1.90 to 1.106 and now the problem seems to be gone.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mwllgr