cherry-pick: add optional gRPC max message size limit to trillian logserver and logsigner #3801

[fghanmi]

Description

This change introduces a new optional flag --max_msg_size_bytes to both Trillian logsigner and logserver.

When set to a positive value, the flag enables a gRPC server-side limit on the size of incoming messages using grpc.MaxRecvMsgSize(). This provides a safeguard against resource exhaustion and potential denial-of-service (DoS) attacks caused by overly large client requests.

If the flag is unset or set to 0, no message size limit is enforced, preserving backward compatibility with existing deployments.

This change is non-breaking by design and is disabled by default.

---

Checklist

• I have updated the CHANGELOG.
• I have updated documentation accordingly (including the feature implementation matrix).

Summary by Sourcery

Add a non‐breaking, opt‐in gRPC receive message size limit to the Trillian logserver and logsigner by introducing a new --max_msg_size_bytes flag that is disabled by default.

New Features:

• Introduce an optional --max_msg_size_bytes flag in Trillian logsigner and logserver to configure a gRPC server receive message size limit

Documentation:

• Update CHANGELOG to document the new max message size flag and its default behavior

[sourcery-ai]

Reviewer's Guide

Adds an optional --max_msg_size_bytes flag to both Trillian logsigner and logserver for enforcing a server-side gRPC receive message size limit when set to a positive value, preserving backward compatibility when unset or zero, and updates the CHANGELOG accordingly.

Class diagram for updated Trillian logsigner and logserver main functions

classDiagram
    class Main {
        +RPCEndpoint
        +HTTPEndpoint
        +TLSCertFile
        +TLSKeyFile
        +StatsPrefix
        +ExtraOptions
        +DBClose
        +Registry
        +RegisterServerFn
    }
    class grpc_ServerOption
    class flag {
        +Int(name, default, usage)
    }
    Main --> grpc_ServerOption : uses
    Main --> flag : uses

    class trillian_log_signer_main {
        +maxMsgSize : int
        main()
    }
    class trillian_log_server_main {
        +maxMsgSize : int
        main()
    }
    trillian_log_signer_main --> Main : configures
    trillian_log_server_main --> grpc_ServerOption : configures
    trillian_log_signer_main --> flag : defines maxMsgSize
    trillian_log_server_main --> flag : defines maxMsgSize

Loading

Flow diagram for gRPC server option with max message size

flowchart TD
    A[Start logsigner/logserver] --> B{Is --max_msg_size_bytes > 0?}
    B -- Yes --> C[Add grpc.MaxRecvMsgSize option]
    B -- No --> D[No message size limit]
    C --> E[Start gRPC server with limit]
    D --> F[Start gRPC server without limit]

Loading

File-Level Changes

Change	Details	Files
Introduce and apply an optional gRPC max receive message size limit in logsigner	Declare new max_msg_size_bytes flag with default 0 Initialize grpc.ServerOption slice and conditionally append grpc.MaxRecvMsgSize(*) Pass ExtraOptions to serverutil.Main to include the size limit	cmd/trillian_log_signer/main.go
Introduce and apply an optional gRPC max receive message size limit in logserver	Declare new max_msg_size_bytes flag with default 0 Conditionally append grpc.MaxRecvMsgSize(*) to server options	cmd/trillian_log_server/main.go
Update CHANGELOG with new flag documentation	Add entry for optional gRPC message size limit via --max_msg_size_bytes	CHANGELOG.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey @fghanmi - I've reviewed your changes - here's some feedback:

• It may be worth validating that max_msg_size_bytes isn’t negative (and failing fast) instead of silently treating negative values the same as zero.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- It may be worth validating that max_msg_size_bytes isn’t negative (and failing fast) instead of silently treating negative values the same as zero.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}