58 lines
1.7 KiB
C
58 lines
1.7 KiB
C
/*
|
|
* IRC - Internet Relay Chat, include/ircd_limits.h
|
|
* Copyright (C) 2026 Underchat IRCD Security Hardening
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2, or (at your option)
|
|
* any later version.
|
|
*
|
|
* Security limits to prevent DoS attacks and resource exhaustion.
|
|
* Added as part of security audit (February 2026).
|
|
*/
|
|
/** @file
|
|
* @brief Security limits for DoS protection and resource management.
|
|
* @version $Id: ircd_limits.h 1 2026-02-23 00:00:00Z security-audit $
|
|
*/
|
|
#ifndef INCLUDED_ircd_limits_h
|
|
#define INCLUDED_ircd_limits_h
|
|
|
|
/** @name SendQ Limits
|
|
* Maximum send queue sizes to prevent memory exhaustion.
|
|
* @{
|
|
*/
|
|
/** Maximum send queue size for regular users (64 KB). */
|
|
#define MAX_SENDQ_USER (64 * 1024)
|
|
|
|
/** Maximum send queue size for IRC operators (128 KB). */
|
|
#define MAX_SENDQ_OPER (128 * 1024)
|
|
|
|
/** Maximum send queue size for servers (512 KB). */
|
|
#define MAX_SENDQ_SERVER (512 * 1024)
|
|
/** @} */
|
|
|
|
/** @name RecvQ Limits
|
|
* Maximum receive queue sizes to prevent memory exhaustion.
|
|
* @{
|
|
*/
|
|
/** Maximum receive queue size for regular users (8 KB). */
|
|
#define MAX_RECVQ_USER (8 * 1024)
|
|
|
|
/** Maximum receive queue size for servers (64 KB). */
|
|
#define MAX_RECVQ_SERVER (64 * 1024)
|
|
/** @} */
|
|
|
|
/** @name Connection Limits
|
|
* Timeouts for incomplete or stale connections.
|
|
* @{
|
|
*/
|
|
/** Maximum age (in seconds) for incomplete messages before disconnect. */
|
|
#define MAX_BUFFER_AGE 30
|
|
|
|
/** Maximum time (in seconds) a client can remain in NONL state. */
|
|
#define MAX_INCOMPLETE_MESSAGE_TIMEOUT 30
|
|
/** @} */
|
|
|
|
#endif /* INCLUDED_ircd_limits_h */
|
|
|