Revert "feat: add timeout validation to prevent DoS attacks"

This reverts commit 8296242.

Author: bug-ops

crates/rmcp/src/service.rs

@@ -46,8 +46,6 @@ pub enum ServiceError {
     Cancelled { reason: Option<String> },
     #[error("request timeout after {}", chrono::Duration::from_std(*timeout).unwrap_or_default())]
     Timeout { timeout: Duration },
-    #[error("invalid timeout value: {timeout:?} - {reason}")]
-    InvalidTimeout { timeout: Duration, reason: String },
 }
 
 trait TransferObject:

crates/rmcp/src/service/server.rs

@@ -3,34 +3,6 @@ use std::borrow::Cow;
 use thiserror::Error;
 
 use super::*;
-
-/// Validates timeout values to prevent DoS attacks and ensure reasonable limits
-fn validate_timeout(timeout: Option<std::time::Duration>) -> Result<(), ServiceError> {
-    if let Some(duration) = timeout {
-        const MAX_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(300); // 5 minutes max
-        const MIN_TIMEOUT: std::time::Duration = std::time::Duration::from_millis(1); // 1ms min
-
-        if duration > MAX_TIMEOUT {
-            return Err(ServiceError::InvalidTimeout {
-                timeout: duration,
-                reason: "Timeout exceeds maximum allowed duration (300 seconds)".to_string(),
-            });
-        }
-        if duration < MIN_TIMEOUT {
-            return Err(ServiceError::InvalidTimeout {
-                timeout: duration,
-                reason: "Timeout must be at least 1 millisecond".to_string(),
-            });
-        }
-        if duration.is_zero() {
-            return Err(ServiceError::InvalidTimeout {
-                timeout: duration,
-                reason: "Timeout cannot be zero".to_string(),
-            });
-        }
-    }
-    Ok(())
-}
 #[cfg(feature = "elicitation")]
 use crate::model::{
     CreateElicitationRequest, CreateElicitationRequestParam, CreateElicitationResult,
@@ -363,9 +335,6 @@ macro_rules! method {
             &self,
             timeout: Option<std::time::Duration>,
         ) -> Result<$Resp, ServiceError> {
-            // Validate timeout to prevent DoS attacks
-            validate_timeout(timeout)?;
-
             let request = ServerRequest::$Req($Req {
                 method: Default::default(),
                 extensions: Default::default(),
@@ -392,9 +361,6 @@ macro_rules! method {
             params: $Param,
             timeout: Option<std::time::Duration>,
         ) -> Result<$Resp, ServiceError> {
-            // Validate timeout to prevent DoS attacks
-            validate_timeout(timeout)?;
-
             let request = ServerRequest::$Req($Req {
                 method: Default::default(),
                 params,

crates/rmcp/tests/test_elicitation.rs

@@ -1346,68 +1346,6 @@ async fn test_realistic_timeout_scenarios() {
     assert!(long_timeout <= Duration::from_secs(300));
 }
 
-/// Test timeout validation to prevent DoS attacks
-#[tokio::test]
-async fn test_timeout_validation_dos_prevention() {
-    use std::time::Duration;
-
-    // Test extremely long timeout (should be rejected)
-    let very_long_timeout = Duration::from_secs(3600); // 1 hour
-    assert!(very_long_timeout > Duration::from_secs(300)); // Exceeds max
-
-    // Test zero timeout (should be rejected)
-    let zero_timeout = Duration::from_millis(0);
-    assert!(zero_timeout.is_zero());
-
-    // Test extremely short timeout (should be rejected)
-    let too_short_timeout = Duration::from_nanos(1);
-    assert!(too_short_timeout < Duration::from_millis(1));
-
-    // Test valid timeout ranges
-    let valid_timeouts = vec![
-        Duration::from_millis(1),   // Minimum valid
-        Duration::from_millis(100), // Short but valid
-        Duration::from_secs(1),     // Normal
-        Duration::from_secs(30),    // Standard
-        Duration::from_secs(300),   // Maximum valid
-    ];
-
-    for timeout in valid_timeouts {
-        assert!(timeout >= Duration::from_millis(1));
-        assert!(timeout <= Duration::from_secs(300));
-        assert!(!timeout.is_zero());
-    }
-}
-
-/// Test timeout validation error messages
-#[tokio::test]
-async fn test_timeout_validation_error_messages() {
-    use std::time::Duration;
-
-    // Test that timeout validation provides meaningful error messages
-    let invalid_timeouts = vec![
-        (Duration::from_secs(400), "exceeds maximum"), // Too long
-        (Duration::from_millis(0), "cannot be zero"),  // Zero
-        (Duration::from_nanos(1), "at least 1 millisecond"), // Too short
-    ];
-
-    for (timeout, expected_message_part) in invalid_timeouts {
-        // Verify that these timeouts would fail validation
-        match timeout {
-            t if t > Duration::from_secs(300) => {
-                assert!(expected_message_part.contains("maximum"));
-            }
-            t if t.is_zero() => {
-                assert!(expected_message_part.contains("zero"));
-            }
-            t if t < Duration::from_millis(1) => {
-                assert!(expected_message_part.contains("millisecond"));
-            }
-            _ => unreachable!(),
-        }
-    }
-}
-
 /// Test that different ElicitationAction values map to correct error types
 #[tokio::test]
 async fn test_elicitation_action_error_mapping() {