search

nextcloud / spreed

🗨️ Nextcloud Talk – chat, video & audio calls for Nextcloud
https://nextcloud.com/talk
GNU Affero General Public License v3.0
1.6k stars 428 forks source link

People ending up brute-force protected when having a conversation open that is being deleted #8328

Open nickvergessen opened 1 year ago

nickvergessen commented 1 year ago

Happened today with our colleague Alba

[09/Nov/2022:13:59:26 +0000] "POST /ocs/v2.php/apps/spreed/api/v4/room/ABC/participants/active HTTP/1.1" 404 929 "-" "Mozilla/5.0" 33549
[09/Nov/2022:13:59:26 +0000] "GET /ocs/v2.php/apps/spreed/api/v4/room/ABC HTTP/1.1" 404 830 "-" "Mozilla/5.0" 431673
[09/Nov/2022:13:59:39 +0000] "POST /ocs/v2.php/apps/spreed/api/v4/room/ABC/participants/active HTTP/1.1" 404 929 "-" "Mozilla/5.0" 47989
[09/Nov/2022:13:59:40 +0000] "GET /ocs/v2.php/apps/spreed/api/v4/room/ABC HTTP/1.1" 404 868 "-" "Mozilla/5.0" 1635294
[09/Nov/2022:14:00:02 +0000] "POST /ocs/v2.php/apps/spreed/api/v4/room/ABC/participants/active HTTP/1.1" 404 929 "-" "Mozilla/5.0" 39757
[09/Nov/2022:14:00:03 +0000] "GET /ocs/v2.php/apps/spreed/api/v4/room/ABC HTTP/1.1" 404 868 "-" "Mozilla/5.0" 6437726
[09/Nov/2022:14:00:43 +0000] "POST /ocs/v2.php/apps/spreed/api/v4/room/ABC/participants/active HTTP/1.1" 404 929 "-" "Mozilla/5.0" 41701
[09/Nov/2022:14:00:44 +0000] "GET /ocs/v2.php/apps/spreed/api/v4/room/ABC HTTP/1.1" 404 868 "-" "Mozilla/5.0" 50033972

Maybe the bruteforce protection can be tweaked in a way that only different room attempts or passwords end up brute force throttling.

vitormattos commented 1 year ago

I tried to reproduce this scenario doing the follow:

Then I can't receive the same routes path as reported at description of this issue. The unique 404 entry that I receive is the follow:

[17/Mar/2023:13:54:53 +0000] "GET /ocs/v2.php/apps/spreed/api/v3/signaling/2o8rqgsg HTTP/1.1" 404 109 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0" "-"

How can I reproduce this scenario and get the 404 error?

nickvergessen commented 1 year ago

Maybe the HPB is required, as we have that on our instance

vitormattos commented 1 year ago

I did the same with HPB and can't reproduce this log.