This commit will expose ConnID in User-Agent HTTP Header on connection to upstream
relays. The ConnID is only an random string that only the bostr admin
knows what IP it does belong. This random string is always changing and
will never give the same ID on every single connections, So please do
not take this to be a similiar thing like X-Real-IP.
The ConnID won't reveal client IP to upstream relay due to how the
bouncer technically works, But it will help on both parties to finding the
culprit.
Only the respective bostr owner / admin know what IP does this ConnIDs
belong.
- To report an suspected service abuse, Contact to the bostr admin.
Make sure that you send atleast more than a single log of ConnID.
Please remember that these ConnIDs is not always the same.
So sending more log about ConnIDs will help bostr admin to figure out
the culprit.
- For bostr admins, Finding out the culprit is easy.
In your bostr log:
1 --- xxx.xxx.xxx.xxx is now using session 171629xxxxxxx_1_0.503985444xxxxxxx
^ ^
| |
Culprit ConnID
Signed-off-by: Yonle <yonle@lecturify.net>
- Try not to renew ${authKey} variable after auth
- Call _auth() only after ${authenticated} and ${!sessStarted} is passed
(_auth() is for telling the worker thread the authenticated user
pubkey)
- In worker_bouncer.js, If csess[m.id].pubkey === m.pubkey, We do not
need to do another reAUTH to these relays.
Signed-off-by: Yonle <yonle@lecturify.net>
The following configurations is removed due to flawed memory issues:
- broadcast_ratelimit
- incomming_ratelimit
Signed-off-by: Yonle <yonle@lecturify.net>
bostr already connected to relays before client is connecting to an
bouncer. So this feature is no longer needed.
Signed-off-by: Yonle <yonle@lecturify.net>
