Other federation server spamming PUT on /v1/send endpoint
Opened this issue · 1 comments
mwllgr commented
Description
Hello,
I'm currently receiving about 25 requests per second to the /_matrix/federation/v1/send/<id_or_similar?>
endpoint:
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001563 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001566 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001569 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
134.102.x.x - - [15/Aug/2024:20:27:05 +0200] "PUT /_matrix/federation/v1/send/1723503001572 HTTP/1.1" 401 85 "-" "Synapse/1.90.0"
... every request accompanied with the following log message (or similar → different IDs/timestamps):
matrix-server | 2024-08-10 16:48:39,209 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2355 - authenticate_request failed: 401: Destination mismatch in auth header
matrix-server | 2024-08-10 16:48:39,249 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2356 - authenticate_request failed: 401: Destination mismatch in auth header
The requests themselves contain the following (or similar?):
xxx → censored, whole content prettified beforehand
{
"origin": "matrix-not-at-my-own-server.example.com",
"origin_server_ts": 1723745703465,
"pdus": [
{
"auth_events": [
"xxx",
"xxx"
],
"content": {
"membership": "leave"
},
"depth": 576354,
"hashes": {
"sha256": "xxx"
},
"origin": "matrix-not-at-my-own-server.example.com",
"origin_server_ts": 1689514823361,
"prev_events": [
"xxx",
"xxx",
"xxx",
"xxx",
"xxx",
"xxx",
"xxx"
],
"room_id": "!sOmeRoOmId:matrix.org",
"sender": "@some_user:matrix-not-at-my-own-server.example.com",
"signatures": {
"matrix-not-at-my-own-server.example.com": {
"ed25519:a_zVUb": "xxx"
}
},
"state_key": "@some_user:matrix-not-at-my-own-server.example.com",
"type": "m.room.member",
"unsigned": {
"age_ts": 1689514823361,
"replaces_state": "xxx"
}
}
]
}
Steps to reproduce
- run an own, federation-enabled homeserver
Homeserver
own homeserver
Synapse Version
1.112.0
Installation Method
Docker (matrixdotorg/synapse)
Database
postgres:14-alpine
Workers
Single process
Platform
Docker 20.10.18 on Ubuntu 22.04
Configuration
nginx vhost:
location ~ ^(\/_matrix|\/_synapse\/client) {
proxy_pass http://127.0.0.1:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_max_temp_file_size 0;
}
Relevant log output
matrix-server | 2024-08-10 16:48:39,209 - synapse.federation.transport.server._base - 323 - WARNING - PUT-2355 - authenticate_request failed: 401: Destination mismatch in auth header
Anything else that would be useful to know?
No response
mwllgr commented
The server owner upgraded his Synapse instance from 1.90 to 1.106 and now the problem seems to be gone.