Fix OTK upload spam (#2448)

* Fix OTK spam * Update comment * Optimize selectKeysCountSQL to only return max 100 keys * Return CurrentPosition if the request timed out * Revert "Return CurrentPosition if the request timed out" This reverts commit 7dbdda964189f5542048c06ce5ffc6d4da1814e6. Co-authored-by: kegsay <kegan@matrix.org>
author: Till <2353100+S7evinK@users.noreply.github.com> 2022-05-11 18:15:18 +0200
committer: GitHub <noreply@github.com> 2022-05-11 17:15:18 +0100
commit: 58af7f61b6c3719e15cb4088a343cd08b404f5be (patch)
tree: f175b60da826dafaf58499dd3f1dbce5a7c3d6cc /keyserver
parent: 24f7be968d6459e887de7c18e17a2c7bb8294796 (diff)
2 files changed, 6 insertions, 2 deletions
diff --git a/keyserver/storage/postgres/one_time_keys_table.go b/keyserver/storage/postgres/one_time_keys_table.go
index d8c76b49..2117efca 100644
--- a/keyserver/storage/postgres/one_time_keys_table.go
+++ b/keyserver/storage/postgres/one_time_keys_table.go
@@ -53,7 +53,9 @@ const selectKeysSQL = "" +
 	"SELECT concat(algorithm, ':', key_id) as algorithmwithid, key_json FROM keyserver_one_time_keys WHERE user_id=$1 AND device_id=$2 AND concat(algorithm, ':', key_id) = ANY($3);"
 
 const selectKeysCountSQL = "" +
-	"SELECT algorithm, COUNT(key_id) FROM keyserver_one_time_keys WHERE user_id=$1 AND device_id=$2 GROUP BY algorithm"
+	"SELECT algorithm, COUNT(key_id) FROM " +
+	" (SELECT algorithm, key_id FROM keyserver_one_time_keys WHERE user_id = $1 AND device_id = $2 LIMIT 100)" +
+	" x GROUP BY algorithm"
 
 const deleteOneTimeKeySQL = "" +
 	"DELETE FROM keyserver_one_time_keys WHERE user_id = $1 AND device_id = $2 AND algorithm = $3 AND key_id = $4"
diff --git a/keyserver/storage/sqlite3/one_time_keys_table.go b/keyserver/storage/sqlite3/one_time_keys_table.go
index d2c0b7b2..7a923d0e 100644
--- a/keyserver/storage/sqlite3/one_time_keys_table.go
+++ b/keyserver/storage/sqlite3/one_time_keys_table.go
@@ -52,7 +52,9 @@ const selectKeysSQL = "" +
 	"SELECT key_id, algorithm, key_json FROM keyserver_one_time_keys WHERE user_id=$1 AND device_id=$2"
 
 const selectKeysCountSQL = "" +
-	"SELECT algorithm, COUNT(key_id) FROM keyserver_one_time_keys WHERE user_id=$1 AND device_id=$2 GROUP BY algorithm"
+	"SELECT algorithm, COUNT(key_id) FROM " +
+	" (SELECT algorithm, key_id FROM keyserver_one_time_keys WHERE user_id = $1 AND device_id = $2 LIMIT 100)" +
+	" x GROUP BY algorithm"
 
 const deleteOneTimeKeySQL = "" +
 	"DELETE FROM keyserver_one_time_keys WHERE user_id = $1 AND device_id = $2 AND algorithm = $3 AND key_id = $4"
author	Till <2353100+S7evinK@users.noreply.github.com>	2022-05-11 18:15:18 +0200
committer	GitHub <noreply@github.com>	2022-05-11 17:15:18 +0100
commit	58af7f61b6c3719e15cb4088a343cd08b404f5be (patch)
tree	f175b60da826dafaf58499dd3f1dbce5a7c3d6cc /keyserver
parent	24f7be968d6459e887de7c18e17a2c7bb8294796 (diff)