Add BackendVerifyFails to /stats to count request spam

2025-06-28 15:27:43 +00:00 · 2015-11-21 12:10:01 -08:00 · 2015-11-21 12:10:01 -08:00 · 6f13ea360c
commit 6f13ea360c
parent 38972364fb
2 changed files with 7 additions and 4 deletions
--- a/socketserver/server/stats.go
+++ b/socketserver/server/stats.go
@ -46,6 +46,8 @@ type StatsData struct {

 	EmotesReportedTotal uint64

+	BackendVerifyFails uint64
+
 	// DisconnectReasons is at the bottom because it has indeterminate size
 	DisconnectReasons map[string]uint64
 }
@ -57,7 +59,7 @@ type StatsData struct {
 // I don't really care.
 var Statistics = newStatsData()

-const StatsDataVersion = 4
+const StatsDataVersion = 5
 const pageSize = 4096

 var cpuUsage struct {
--- a/socketserver/server/utils.go
+++ b/socketserver/server/utils.go
@ -6,7 +6,6 @@ import (
 	"encoding/base64"
 	"errors"
 	"golang.org/x/crypto/nacl/box"
-	"log"
 	"net/url"
 	"strconv"
 	"strings"
@ -70,9 +69,11 @@ func UnsealRequest(form url.Values) (url.Values, error) {
 	dec := base64.NewDecoder(base64.URLEncoding, strings.NewReader(nonceString))
 	count, err := dec.Read(nonce[:])
 	if err != nil {
+		Statistics.BackendVerifyFails++
 		return nil, err
 	}
 	if count != 24 {
+		Statistics.BackendVerifyFails++
 		return nil, ErrorShortNonce
 	}

@ -83,13 +84,13 @@ func UnsealRequest(form url.Values) (url.Values, error) {

 	message, ok := box.OpenAfterPrecomputation(nil, cipherBuffer.Bytes(), &nonce, &backendSharedKey)
 	if !ok {
+		Statistics.BackendVerifyFails++
 		return nil, ErrorInvalidSignature
 	}

 	retValues, err := url.ParseQuery(string(message))
 	if err != nil {
-		// Assume that the signature was accidentally correct but the contents were garbage
-		log.Println("Error unsealing request:", err)
+		Statistics.BackendVerifyFails++
 		return nil, ErrorInvalidSignature
 	}