From 046a6513bcad2f7111e12e3b750eb798466731da Mon Sep 17 00:00:00 2001 From: Shay Date: Thu, 30 Jun 2022 09:22:40 -0700 Subject: [PATCH] Don't process /send requests for users who have hit their ratelimit (#13134) --- changelog.d/13134.misc | 1 + synapse/handlers/message.py | 3 +++ 2 files changed, 4 insertions(+) create mode 100644 changelog.d/13134.misc diff --git a/changelog.d/13134.misc b/changelog.d/13134.misc new file mode 100644 index 000000000..e3e16056d --- /dev/null +++ b/changelog.d/13134.misc @@ -0,0 +1 @@ +Apply ratelimiting earlier in processing of /send request. \ No newline at end of file diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py index 189f52fe5..c6b40a5b7 100644 --- a/synapse/handlers/message.py +++ b/synapse/handlers/message.py @@ -903,6 +903,9 @@ class EventCreationHandler: await self.clock.sleep(random.randint(1, 10)) raise ShadowBanError() + if ratelimit: + await self.request_ratelimiter.ratelimit(requester, update=False) + # We limit the number of concurrent event sends in a room so that we # don't fork the DAG too much. If we don't limit then we can end up in # a situation where event persistence can't keep up, causing