LemmyNet / activitypub-federation-rust

High-level Rust library for the Activitypub protocol
GNU Affero General Public License v3.0
431 stars 47 forks source link

Make sure http signing is not blocking tokio #63

Closed phiresky closed 1 year ago

phiresky commented 1 year ago

Right now this lambda:

https://github.com/LemmyNet/activitypub-federation-rust/blob/af92e0d53204a2ccd13bc0db3c58de24bff646bf/src/http_signatures.rs#L105-L113

is passed to here: https://git.asonix.dog/asonix/http-signature-normalization/src/commit/85bbcb0bae2f976d08dfddad3d5050ffae149732/reqwest/src/lib.rs#L249

which seems to run it in the main async runtime. But signing is a potentially expensive operation and should probably run inside tokio::spawn. I've messaged asonix, the author of the library to confirm since if true it's probably not fixable here since the lambda is synchronous.

phiresky commented 1 year ago

I don't really know what I'm talking about, but according to openssl speed rsa a signing operation with a 2048-bit RSA key takes around 0.3ms. according to https://ryhl.io/blog/async-what-is-blocking/ , stuff in the async runtime threads shouldn't block for more than 0.1ms.

phiresky commented 1 year ago

The same goes for the verification function maybe:

https://github.com/LemmyNet/activitypub-federation-rust/blob/b64f4a8f3fd15fed1a0e122eeaaffb65ea5b2ad2/src/http_signatures.rs#L201-L219

That one should actually be fixable here since the verify function can return a Future

Nutomic commented 1 year ago

Fixed in https://git.asonix.dog/asonix/http-signature-normalization/commit/ac25b1d951cd30261928cfe3b4a185e72c33aa52