Skip to content

[codex] Fix relay WebSocket admission limits#1682

Open
jmecom wants to merge 2 commits into
mainfrom
jm/attack4-huddle-audio-limits
Open

[codex] Fix relay WebSocket admission limits#1682
jmecom wants to merge 2 commits into
mainfrom
jm/attack4-huddle-audio-limits

Conversation

@jmecom

@jmecom jmecom commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Sets parser-level WebSocket frame/message caps on both the main relay door and the huddle audio door, and makes huddle audio upgrades consume the same global connection permit as normal relay sockets.

Before this change, an unauthenticated caller could open /huddle/<random uuid>/audio sockets and hold them through the 5-second auth timeout without consuming BUZZ_MAX_CONNECTIONS. Both WebSocket doors also checked message size only after tungstenite had assembled the payload, so a caller could make the relay buffer oversized pre-auth messages before Buzz rejected them.

The handler-level checks remain as defense in depth. Tested with cargo test -p buzz-relay --lib, cargo clippy -p buzz-relay --all-targets -- -D warnings, and a local replay with BUZZ_MAX_CONNECTIONS=1. just ci still fails in unrelated desktop Tauri clippy warnings already present on origin/main.

@jmecom jmecom marked this pull request as ready for review July 9, 2026 17:18
@jmecom jmecom requested a review from a team as a code owner July 9, 2026 17:18
@jmecom jmecom changed the title [codex] Fix huddle audio WebSocket admission limits [codex] Fix relay WebSocket admission limits Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant