feat(iroh)!: allow for limiting incoming connections on the router

[dignifiedquire]

Description

Changes the ProtocolHandler trait to allow for intercepting connecting and connection states explicitly

Breaking Changes

• changed: iroh::protocol::ProtocolHandler::accept now takes Connection instead of Connecting

Notes & open questions

The new limiter could also just be part of the test code/an example, instead of giving users an API, unclear to me

Change checklist

• Self-review.
• Documentation updates following the style guide, if relevant.
• Tests if relevant.
• All breaking changes documented.

[github-actions]

Documentation for this PR has been generated and is available at: https://n0-computer.github.io/iroh/pr/3157/docs/iroh/

Last updated: 2025-03-14T08:27:30Z

[rklaehn]

I'm on the way to the airport, so just a bunch of drive by comments.

[github-actions]

Netsim report & logs for this PR have been generated and is available at: LOGS
This report will remain available for 3 days.

Last updated for commit: 4a4a54a

[dignifiedquire]

@matheus23 can check if this change is good enough to still be able to use 0-rtt from ProtocolHandler impl please?

[matheus23]

Yeah - this change makes using 0-RTT/0.5-RTT on the accepting side possible at all, since otherwise you wouldn't be able to call Connecting::into_0rtt.

And all you need to do on the accepting side is call Connecting::into_0rtt, then if you get Ok, you take the connection, otherwise if you get an Err, you await.
That's it.
(You should also make sure you know the security implications of what you're doing - but from an "enabling 0-RTT" perspective that is indeed it.)

[flub]

I can also imagine a need for on_incoming or something like that in the future to be able to reject etc even further. But the nice thing about this design is that you can add this later without breaking backwards compatibility.

I have a minor bikeshedding concern that AccessLimit sounds too much like rate-limiting. But I don't know if there is a commonly used term that's better.

[flub]

I'm always a fan of being extremely verbose on the docs. I would add a paragraph suggesting when you might to use this:

This enables accepting 0-RTT data from clients, among other things.

[flub]

Not sure if this was discussed before: will we get folks upset that they can't do async stuff here? I think this itself runs in an async context.

[flub]

Of course we/they can just make an AsyncAcessLimit which is probably nicer than forcing everyone to use async.

[logankeenan]

@flub @dignifiedquire

How would you feel if I created a PR for AsyncAccessLimit?

[flub]

Sure, why not. Don't think there'd be an objection to this.

[flub]

This needs to be documented. Probably on the struct itself. Something like:

Any refused connection will be closed with an error code of `0` and reason `not allowed`.

(I can also imagine folks wanting this configurable. But I think that's possible in a backwards-compatible way so should be fine to add later. I can also imagine a world where the function returns those values.)

[dignifiedquire]

Of course we/they can just make an AsyncAcessLimit which is probably nicer than forcing everyone to use async.

yeah, this is more of an example for me

[dignifiedquire]

I have a minor bikeshedding concern that AccessLimit sounds too much like rate-limiting. But I don't know if there is a commonly used term that's better.

would love to hear better names..