mangadex_at_home/src/main/kotlin/mdnet/base/netty/ApplicationNetty.kt

/*
Mangadex@Home
Copyright (c) 2020, MangaDex Network
This file is part of MangaDex@Home.

MangaDex@Home is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

MangaDex@Home is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this MangaDex@Home.  If not, see <http://www.gnu.org/licenses/>.
 */
/* ktlint-disable no-wildcard-imports */
package mdnet.base.netty

import io.netty.bootstrap.ServerBootstrap
import io.netty.channel.*
import io.netty.channel.nio.NioEventLoopGroup
import io.netty.channel.socket.SocketChannel
import io.netty.channel.socket.nio.NioServerSocketChannel
import io.netty.handler.codec.DecoderException
import io.netty.handler.codec.http.*
import io.netty.handler.ssl.SslContextBuilder
import io.netty.handler.stream.ChunkedWriteHandler
import io.netty.handler.timeout.ReadTimeoutException
import io.netty.handler.timeout.ReadTimeoutHandler
import io.netty.handler.timeout.WriteTimeoutException
import io.netty.handler.timeout.WriteTimeoutHandler
import io.netty.handler.traffic.GlobalTrafficShapingHandler
import io.netty.handler.traffic.TrafficCounter
import java.io.ByteArrayInputStream
import java.io.IOException
import java.io.InputStream
import java.net.InetSocketAddress
import java.net.SocketException
import java.security.PrivateKey
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate
import java.util.concurrent.TimeUnit
import java.util.concurrent.atomic.AtomicReference
import javax.net.ssl.SSLException
import mdnet.base.Constants
import mdnet.base.data.Statistics
import mdnet.base.info
import mdnet.base.settings.ClientSettings
import mdnet.base.settings.TlsCert
import mdnet.base.trace
import org.http4k.core.HttpHandler
import org.http4k.server.Http4kChannelHandler
import org.http4k.server.Http4kServer
import org.http4k.server.ServerConfig
import org.slf4j.LoggerFactory

private val LOGGER = LoggerFactory.getLogger("Application")

class Netty(private val tls: TlsCert, private val clientSettings: ClientSettings, private val statistics: AtomicReference<Statistics>) : ServerConfig {
    override fun toServer(httpHandler: HttpHandler): Http4kServer = object : Http4kServer {
        private val masterGroup = NioEventLoopGroup(clientSettings.threads)
        private val workerGroup = NioEventLoopGroup(clientSettings.threads)
        private lateinit var closeFuture: ChannelFuture
        private lateinit var address: InetSocketAddress

        private val burstLimiter = object : GlobalTrafficShapingHandler(
                workerGroup, clientSettings.maxKilobitsPerSecond * 1000L / 8L, 0, 50) {
            override fun doAccounting(counter: TrafficCounter) {
                statistics.getAndUpdate {
                    it.copy(bytesSent = it.bytesSent + counter.cumulativeWrittenBytes())
                }
                counter.resetCumulativeTime()
            }
        }

        override fun start(): Http4kServer = apply {
            LOGGER.info { "Starting Netty with ${clientSettings.threads} threads" }

            val certs = getX509Certs(tls.certificate)
            val sslContext = SslContextBuilder
                    .forServer(getPrivateKey(tls.privateKey), certs)
                    .protocols("TLSv1.3", "TLSv1.2", "TLSv1.1", "TLSv1")
                    .build()

            val bootstrap = ServerBootstrap()
            bootstrap.group(masterGroup, workerGroup)
                    .channelFactory(ChannelFactory<ServerChannel> { NioServerSocketChannel() })
                    .childHandler(object : ChannelInitializer<SocketChannel>() {
                        public override fun initChannel(ch: SocketChannel) {
                            ch.pipeline().addLast("ssl", sslContext.newHandler(ch.alloc()))

                            ch.pipeline().addLast("codec", HttpServerCodec())
                            ch.pipeline().addLast("keepAlive", HttpServerKeepAliveHandler())
                            ch.pipeline().addLast("aggregator", HttpObjectAggregator(65536))

                            ch.pipeline().addLast("burstLimiter", burstLimiter)

                            ch.pipeline().addLast("readTimeoutHandler", ReadTimeoutHandler(Constants.MAX_READ_TIME_SECONDS))
                            ch.pipeline().addLast("writeTimeoutHandler", WriteTimeoutHandler(Constants.MAX_WRITE_TIME_SECONDS))

                            ch.pipeline().addLast("streamer", ChunkedWriteHandler())
                            ch.pipeline().addLast("handler", Http4kChannelHandler(httpHandler))

                            ch.pipeline().addLast("handle_ssl", object : ChannelInboundHandlerAdapter() {
                                override fun exceptionCaught(ctx: ChannelHandlerContext, cause: Throwable) {
                                    if (cause is SSLException || (cause is DecoderException && cause.cause is SSLException)) {
                                        LOGGER.trace { "Ignored invalid SSL connection" }
                                    } else if (cause is IOException || cause is SocketException) {
                                        LOGGER.info { "User (downloader) abruptly closed the connection" }
                                        LOGGER.trace(cause) { "Exception in pipeline" }
                                    } else if (cause !is ReadTimeoutException && cause !is WriteTimeoutException) {
                                        ctx.fireExceptionCaught(cause)
                                    }
                                }
                            })
                        }
                    })
                    .option(ChannelOption.SO_BACKLOG, 1000)
                    .childOption(ChannelOption.SO_KEEPALIVE, true)

            val channel = bootstrap.bind(InetSocketAddress(clientSettings.clientHostname, clientSettings.clientPort)).sync().channel()
            address = channel.localAddress() as InetSocketAddress
            closeFuture = channel.closeFuture()
        }

        override fun stop() = apply {
            masterGroup.shutdownGracefully(1, 15, TimeUnit.SECONDS).sync()
            workerGroup.shutdownGracefully(1, 15, TimeUnit.SECONDS).sync()
            closeFuture.sync()
        }

        override fun port(): Int = if (clientSettings.clientPort > 0) clientSettings.clientPort else address.port
    }
}

fun getX509Certs(certificates: String): Collection<X509Certificate> {
    val targetStream: InputStream = ByteArrayInputStream(certificates.toByteArray())
    @Suppress("unchecked_cast")
    return CertificateFactory.getInstance("X509").generateCertificates(targetStream) as Collection<X509Certificate>
}

fun getPrivateKey(privateKey: String): PrivateKey {
    return loadKey(privateKey)!!
}
Added license headers 2020-06-22 17:02:36 +00:00			`/*`
			`Mangadex@Home`
			`Copyright (c) 2020, MangaDex Network`
			`This file is part of MangaDex@Home.`

			`MangaDex@Home is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation, either version 3 of the License, or`
			`(at your option) any later version.`

			`MangaDex@Home is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this MangaDex@Home. If not, see <http://www.gnu.org/licenses/>.`
			`*/`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00			`/* ktlint-disable no-wildcard-imports */`
Switch from Gson to Jackson for better null checks and invalid property support 2020-06-19 20:16:24 +00:00			`package mdnet.base.netty`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00
			`import io.netty.bootstrap.ServerBootstrap`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00			`import io.netty.channel.*`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`import io.netty.channel.nio.NioEventLoopGroup`
			`import io.netty.channel.socket.SocketChannel`
			`import io.netty.channel.socket.nio.NioServerSocketChannel`
Rc5 release - hid SSL in logs - possibly fix a crash bug 2020-06-08 22:10:22 +00:00			`import io.netty.handler.codec.DecoderException`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00			`import io.netty.handler.codec.http.*`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`import io.netty.handler.ssl.SslContextBuilder`
			`import io.netty.handler.stream.ChunkedWriteHandler`
Supress logs 2020-07-04 17:14:51 +00:00			`import io.netty.handler.timeout.ReadTimeoutException`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00			`import io.netty.handler.timeout.ReadTimeoutHandler`
Supress logs 2020-07-04 17:14:51 +00:00			`import io.netty.handler.timeout.WriteTimeoutException`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00			`import io.netty.handler.timeout.WriteTimeoutHandler`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`import io.netty.handler.traffic.GlobalTrafficShapingHandler`
			`import io.netty.handler.traffic.TrafficCounter`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`import java.io.ByteArrayInputStream`
Bump threads, sanitize uri, hide some errors, change logs some more 2020-06-09 14:40:36 +00:00			`import java.io.IOException`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`import java.io.InputStream`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`import java.net.InetSocketAddress`
Fine-tune logging statements 2020-06-22 17:08:46 +00:00			`import java.net.SocketException`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`import java.security.PrivateKey`
			`import java.security.cert.CertificateFactory`
			`import java.security.cert.X509Certificate`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`import java.util.concurrent.TimeUnit`
			`import java.util.concurrent.atomic.AtomicReference`
Rc5 release - hid SSL in logs - possibly fix a crash bug 2020-06-08 22:10:22 +00:00			`import javax.net.ssl.SSLException`
Update gradle and spotless 2020-07-02 16:06:32 +00:00			`import mdnet.base.Constants`
			`import mdnet.base.data.Statistics`
Logging overhauls 2020-07-04 19:39:11 +00:00			`import mdnet.base.info`
Update gradle and spotless 2020-07-02 16:06:32 +00:00			`import mdnet.base.settings.ClientSettings`
			`import mdnet.base.settings.TlsCert`
Logging overhauls 2020-07-04 19:39:11 +00:00			`import mdnet.base.trace`
Update gradle and spotless 2020-07-02 16:06:32 +00:00			`import org.http4k.core.HttpHandler`
			`import org.http4k.server.Http4kChannelHandler`
			`import org.http4k.server.Http4kServer`
			`import org.http4k.server.ServerConfig`
			`import org.slf4j.LoggerFactory`
Rc5 release - hid SSL in logs - possibly fix a crash bug 2020-06-08 22:10:22 +00:00
			`private val LOGGER = LoggerFactory.getLogger("Application")`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00
Switch from Gson to Jackson for better null checks and invalid property support 2020-06-19 20:16:24 +00:00			`class Netty(private val tls: TlsCert, private val clientSettings: ClientSettings, private val statistics: AtomicReference<Statistics>) : ServerConfig {`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`override fun toServer(httpHandler: HttpHandler): Http4kServer = object : Http4kServer {`
Make Statistics immutable 2020-06-13 03:35:08 +00:00			`private val masterGroup = NioEventLoopGroup(clientSettings.threads)`
			`private val workerGroup = NioEventLoopGroup(clientSettings.threads)`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`private lateinit var closeFuture: ChannelFuture`
			`private lateinit var address: InetSocketAddress`

			`private val burstLimiter = object : GlobalTrafficShapingHandler(`
Fixed conversion mistake 2020-06-17 23:01:51 +00:00			`workerGroup, clientSettings.maxKilobitsPerSecond * 1000L / 8L, 0, 50) {`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`override fun doAccounting(counter: TrafficCounter) {`
Make Statistics immutable 2020-06-13 03:35:08 +00:00			`statistics.getAndUpdate {`
			`it.copy(bytesSent = it.bytesSent + counter.cumulativeWrittenBytes())`
			`}`
Bump threads, sanitize uri, hide some errors, change logs some more 2020-06-09 14:40:36 +00:00			`counter.resetCumulativeTime()`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`}`
			`}`

			`override fun start(): Http4kServer = apply {`
Logging overhauls 2020-07-04 19:39:11 +00:00			`LOGGER.info { "Starting Netty with ${clientSettings.threads} threads" }`
Made more changes to the numbers used for threading 2020-06-11 18:47:43 +00:00
Update cert code to be more general 2020-06-27 18:15:49 +00:00			`val certs = getX509Certs(tls.certificate)`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`val sslContext = SslContextBuilder`
Update cert code to be more general 2020-06-27 18:15:49 +00:00			`.forServer(getPrivateKey(tls.privateKey), certs)`
merge 2020-06-12 17:58:10 +00:00			`.protocols("TLSv1.3", "TLSv1.2", "TLSv1.1", "TLSv1")`
			`.build()`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00
			`val bootstrap = ServerBootstrap()`
			`bootstrap.group(masterGroup, workerGroup)`
			`.channelFactory(ChannelFactory<ServerChannel> { NioServerSocketChannel() })`
			`.childHandler(object : ChannelInitializer<SocketChannel>() {`
			`public override fun initChannel(ch: SocketChannel) {`
Add more logs, remove HTTP support, remove limiter 2020-06-09 22:37:42 +00:00			`ch.pipeline().addLast("ssl", sslContext.newHandler(ch.alloc()))`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00
			`ch.pipeline().addLast("codec", HttpServerCodec())`
Keep alive handler 2020-06-16 03:45:59 +00:00			`ch.pipeline().addLast("keepAlive", HttpServerKeepAliveHandler())`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`ch.pipeline().addLast("aggregator", HttpObjectAggregator(65536))`
Wtf 2020-06-09 19:29:33 +00:00
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`ch.pipeline().addLast("burstLimiter", burstLimiter)`
Reorganize some code - add read and write timeouts 2020-06-30 19:06:12 +00:00
			`ch.pipeline().addLast("readTimeoutHandler", ReadTimeoutHandler(Constants.MAX_READ_TIME_SECONDS))`
			`ch.pipeline().addLast("writeTimeoutHandler", WriteTimeoutHandler(Constants.MAX_WRITE_TIME_SECONDS))`

Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`ch.pipeline().addLast("streamer", ChunkedWriteHandler())`
			`ch.pipeline().addLast("handler", Http4kChannelHandler(httpHandler))`
Rc5 release - hid SSL in logs - possibly fix a crash bug 2020-06-08 22:10:22 +00:00
			`ch.pipeline().addLast("handle_ssl", object : ChannelInboundHandlerAdapter() {`
			`override fun exceptionCaught(ctx: ChannelHandlerContext, cause: Throwable) {`
			`if (cause is SSLException \|\| (cause is DecoderException && cause.cause is SSLException)) {`
Logging overhauls 2020-07-04 19:39:11 +00:00			`LOGGER.trace { "Ignored invalid SSL connection" }`
Fine-tune logging statements 2020-06-22 17:08:46 +00:00			`} else if (cause is IOException \|\| cause is SocketException) {`
Logging overhauls 2020-07-04 19:39:11 +00:00			`LOGGER.info { "User (downloader) abruptly closed the connection" }`
			`LOGGER.trace(cause) { "Exception in pipeline" }`
Supress logs 2020-07-04 17:14:51 +00:00			`} else if (cause !is ReadTimeoutException && cause !is WriteTimeoutException) {`
Rc5 release - hid SSL in logs - possibly fix a crash bug 2020-06-08 22:10:22 +00:00			`ctx.fireExceptionCaught(cause)`
			`}`
			`}`
			`})`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`}`
			`})`
			`.option(ChannelOption.SO_BACKLOG, 1000)`
			`.childOption(ChannelOption.SO_KEEPALIVE, true)`

Allow client configuration of hosts binding 2020-06-14 23:47:57 +00:00			`val channel = bootstrap.bind(InetSocketAddress(clientSettings.clientHostname, clientSettings.clientPort)).sync().channel()`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`address = channel.localAddress() as InetSocketAddress`
			`closeFuture = channel.closeFuture()`
			`}`

			`override fun stop() = apply {`
Adjust shutdown timings 2020-06-19 20:40:05 +00:00			`masterGroup.shutdownGracefully(1, 15, TimeUnit.SECONDS).sync()`
			`workerGroup.shutdownGracefully(1, 15, TimeUnit.SECONDS).sync()`
Squash a bunch of commits together 2020-06-06 22:52:25 +00:00			`closeFuture.sync()`
			`}`

			`override fun port(): Int = if (clientSettings.clientPort > 0) clientSettings.clientPort else address.port`
			`}`
			`}`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00
Update cert code to be more general 2020-06-27 18:15:49 +00:00			`fun getX509Certs(certificates: String): Collection<X509Certificate> {`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`val targetStream: InputStream = ByteArrayInputStream(certificates.toByteArray())`
Update cert code to be more general 2020-06-27 18:15:49 +00:00			`@Suppress("unchecked_cast")`
			`return CertificateFactory.getInstance("X509").generateCertificates(targetStream) as Collection<X509Certificate>`
Reinstall limiter, add buffering, fix TLS setup 2020-06-09 19:21:18 +00:00			`}`

			`fun getPrivateKey(privateKey: String): PrivateKey {`
			`return loadKey(privateKey)!!`
Formatting 2020-06-09 19:21:29 +00:00			`}`