Skip to content

Commit

Permalink
remove all the quota stuff
Browse files Browse the repository at this point in the history
  • Loading branch information
phbnf committed Aug 15, 2024
1 parent 3f9bcd0 commit 1c36d57
Show file tree
Hide file tree
Showing 4 changed files with 1 addition and 133 deletions.
43 changes: 0 additions & 43 deletions personalities/sctfe/cert_quota.go

This file was deleted.

57 changes: 0 additions & 57 deletions personalities/sctfe/cert_quota_test.go

This file was deleted.

17 changes: 0 additions & 17 deletions personalities/sctfe/ct_server_gcp/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ import (
"github.com/google/trillian/monitoring/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp"
"github.com/rs/cors"
"github.com/tomasen/realip"
tessera "github.com/transparency-dev/trillian-tessera"
"github.com/transparency-dev/trillian-tessera/personalities/sctfe"
"github.com/transparency-dev/trillian-tessera/personalities/sctfe/configpb"
Expand All @@ -62,8 +61,6 @@ var (
tracing = flag.Bool("tracing", false, "If true opencensus Stackdriver tracing will be enabled. See https://opencensus.io/.")
tracingProjectID = flag.String("tracing_project_id", "", "project ID to pass to stackdriver. Can be empty for GCP, consult docs for other platforms.")
tracingPercent = flag.Int("tracing_percent", 0, "Percent of requests to be traced. Zero is a special case to use the DefaultSampler")
quotaRemote = flag.Bool("quota_remote", true, "Enable requesting of quota for IP address sending incoming requests")
quotaIntermediate = flag.Bool("quota_intermediate", true, "Enable requesting of quota for intermediate certificates in submitted chains")
pkcs11ModulePath = flag.String("pkcs11_module_path", "", "Path to the PKCS#11 module to use for keys that use the PKCS#11 interface")
)

Expand Down Expand Up @@ -252,20 +249,6 @@ func setupAndRegister(ctx context.Context, deadline time.Duration, vCfg *sctfe.V
RequestLog: new(sctfe.DefaultRequestLog),
MaskInternalErrors: maskInternalErrors,
}
if *quotaRemote {
klog.Info("Enabling quota for requesting IP")
opts.RemoteQuotaUser = func(r *http.Request) string {
var remoteUser = realip.FromRequest(r)
if len(remoteUser) == 0 {
return unknownRemoteUser
}
return remoteUser
}
}
if *quotaIntermediate {
klog.Info("Enabling quota for intermediate certificates")
opts.CertificateQuotaUser = sctfe.QuotaUserForCert
}

switch vCfg.Config.StorageConfig.(type) {
case *configpb.LogConfig_Gcp:
Expand Down
17 changes: 1 addition & 16 deletions personalities/sctfe/instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,11 @@ import (
"crypto/ecdsa"
"errors"
"fmt"
"net/http"
"strconv"
"strings"
"time"

"github.com/google/certificate-transparency-go/asn1"
"github.com/google/certificate-transparency-go/x509"
"github.com/google/certificate-transparency-go/x509util"
"github.com/google/trillian/crypto/keys"
"github.com/google/trillian/monitoring"
Expand All @@ -48,20 +46,7 @@ type InstanceOptions struct {
// a boolean to indicate whether the conversion succeeded.
ErrorMapper func(error) (int, bool)
// RequestLog provides structured logging of CTFE requests.
RequestLog RequestLog
// RemoteUser returns a string representing the originating host for the
// given request. This string will be used as a User quota key.
// If unset, no quota will be requested for remote users.
RemoteQuotaUser func(*http.Request) string
// CertificateQuotaUser returns a string representing the passed in
// intermediate certificate. This string will be user as a User quota key for
// the cert. Quota will be requested for each intermediate in an
// add-[pre]-chain request so as to allow individual issuers to be rate
// limited. If unset, no quota will be requested for intermediate
// certificates.
CertificateQuotaUser func(*x509.Certificate) string
// MaskInternalErrors indicates if internal server errors should be masked
// or returned to the user containing the full error message.
RequestLog RequestLog
MaskInternalErrors bool
}

Expand Down

0 comments on commit 1c36d57

Please sign in to comment.