Skip to content

Commit 5c386d1

Browse files
committed
Give back allocation after failed signature validation
1 parent a2b489d commit 5c386d1

1 file changed

Lines changed: 4 additions & 1 deletion

File tree

client/http_client.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,10 @@ async def async_auth_flow(self, request):
5959
computed_signature = signing_key.sign([content])
6060
signature_ok = received_signature.same_as(computed_signature)
6161
if not signature_ok:
62-
# TODO: Give allocation back to pool
62+
# If the signature validation fails, we give the allocation for the signing key
63+
# back to the pool. This is to prevent an attacker exhausting the pool (denial of
64+
# service) by sending lots of badly signed messages.
65+
allocation.give_back()
6366
raise InvalidSignatureError()
6467

6568
def __init__(self, local_pool: Pool, peer_pool: Pool):

0 commit comments

Comments
 (0)