Kitura · RudraniW · Aug 27, 2019 · Aug 28, 2019 · Aug 30, 2019 · weissi
diff --git a/Package.swift b/Package.swift
@@ -32,7 +32,7 @@ let package = Package(
         .package(url: "https://github.com/apple/swift-nio-ssl.git", from: "2.0.0"),
         .package(url: "https://github.com/apple/swift-nio-extras.git", from: "1.0.0"),
         .package(url: "https://github.com/IBM-Swift/BlueSSLService.git", from: "1.0.0"),
-        .package(url: "https://github.com/IBM-Swift/LoggerAPI.git", from: "1.7.3")
+        .package(url: "https://github.com/IBM-Swift/LoggerAPI.git", from: "1.7.3"),
     ],
     targets: [
         // Targets are the basic building blocks of a package. A target can define a module or a test suite.
@@ -42,7 +42,7 @@ let package = Package(
             dependencies: []),
         .target(
             name: "KituraNet",
-            dependencies: ["NIO", "NIOFoundationCompat", "NIOHTTP1", "NIOSSL", "SSLService", "LoggerAPI", "NIOWebSocket", "CLinuxHelpers", "NIOExtras"]),
+            dependencies: ["NIO", "NIOFoundationCompat", "NIOHTTP1", "NIOSSL", "SSLService", "LoggerAPI", "NIOWebSocket", "CLinuxHelpers", "NIOExtras", "NIOConcurrencyHelpers"]),
         .testTarget(
             name: "KituraNetTests",
             dependencies: ["KituraNet"])

diff --git a/Sources/KituraNet/HTTP/HTTP.swift b/Sources/KituraNet/HTTP/HTTP.swift
@@ -87,8 +87,9 @@ public class HTTP {
     let server = HTTP.createServer()
     ````
     */
-    public static func createServer() -> HTTPServer {
-        return HTTPServer()
+    public static func createServer(serverConfig: HTTPServerConfiguration = .default) -> HTTPServer {
+        let serverConfig = serverConfig
+        return HTTPServer(serverConfig: serverConfig)
     }
 
     /**

diff --git a/Sources/KituraNet/HTTP/HTTPRequestHandler.swift b/Sources/KituraNet/HTTP/HTTPRequestHandler.swift
@@ -22,7 +22,6 @@ import Foundation
 import Dispatch
 
 internal class HTTPRequestHandler: ChannelInboundHandler, RemovableChannelHandler {
-
     /// The HTTPServer instance on which this handler is installed
     var server: HTTPServer
 
@@ -79,6 +78,14 @@ internal class HTTPRequestHandler: ChannelInboundHandler, RemovableChannelHandle
 
         switch request {
         case .head(let header):
+            if let requestSizeLimit = server.serverConfig.requestSizeLimit,
+                let contentLength = header.headers["Content-Length"].first,
+                    let contentLengthValue = Int(contentLength) {
+                    if contentLengthValue > requestSizeLimit {
+                        sendRequestTooLongResponse(context: context)
+                        context.close()
+                    }
+            }
             serverRequest = HTTPServerRequest(channel: context.channel, requestHead: header, enableSSL: enableSSLVerification)
             self.clientRequestedKeepAlive = header.isKeepAlive
         case .body(var buffer):
@@ -92,6 +99,7 @@ internal class HTTPRequestHandler: ChannelInboundHandler, RemovableChannelHandle
                 serverRequest.buffer!.byteBuffer.writeBuffer(&buffer)
             }
         case .end:
+            let resetRequestSize = 0
             serverResponse = HTTPServerResponse(channel: context.channel, handler: self)
             //Make sure we use the latest delegate registered with the server
             DispatchQueue.global().async {
@@ -100,14 +108,12 @@ internal class HTTPRequestHandler: ChannelInboundHandler, RemovableChannelHandle
                 Monitor.delegate?.started(request: serverRequest, response: serverResponse)
                 delegate.handle(request: serverRequest, response: serverResponse)
             }
+            self.userInboundEventTriggered(context: context, event: resetRequestSize)
         }
     }
 
-    //IdleStateEvents are received on this method
     public func userInboundEventTriggered(context: ChannelHandlerContext, event: Any) {
-        if event is IdleStateHandler.IdleStateEvent {
-            _ = context.close()
-        }
+        context.triggerUserOutboundEvent(event, promise: nil)
     }
 
     public func channelReadComplete(context: ChannelHandlerContext) {
@@ -152,4 +158,15 @@ internal class HTTPRequestHandler: ChannelInboundHandler, RemovableChannelHandle
     func updateKeepAliveState() {
         keepAliveState.decrement()
     }
+
+    func sendRequestTooLongResponse(context: ChannelHandlerContext) {
+        let statusDescription = HTTP.statusCodes[HTTPStatusCode.requestTooLong.rawValue] ?? ""
+        do {
+            serverResponse = HTTPServerResponse(channel: context.channel, handler: self)
+            errorResponseSent = true
+            try serverResponse?.end(with: .requestTooLong, message: statusDescription)
+        } catch {
+            Log.error("Failed to send error response")
+        }
+    }
 }
diff --git a/Sources/KituraNet/HTTP/HTTPServer.swift b/Sources/KituraNet/HTTP/HTTPServer.swift
@@ -23,6 +23,8 @@ import LoggerAPI
 import NIOWebSocket
 import CLinuxHelpers
 import NIOExtras
+import Foundation
+import NIOConcurrencyHelpers
 
 #if os(Linux)
 import Glibc
@@ -127,6 +129,12 @@ public class HTTPServer: Server {
 
     var quiescingHelper: ServerQuiescingHelper?
 
+    /// server configuration
+    public var serverConfig: HTTPServerConfiguration
+
+    //counter for no of connections
+    var connectionCount = Atomic(value: 0)
+
     /**
      Creates an HTTP server object.
 
@@ -136,13 +144,14 @@ public class HTTPServer: Server {
      server.listen(on: 8080)
      ````
     */
-    public init() {
+    public init(serverConfig: HTTPServerConfiguration = .default) {
 #if os(Linux)
         let numberOfCores = Int(linux_sched_getaffinity())
         self.eventLoopGroup = MultiThreadedEventLoopGroup(numberOfThreads: numberOfCores > 0 ? numberOfCores : System.coreCount)
 #else
         self.eventLoopGroup = MultiThreadedEventLoopGroup(numberOfThreads: System.coreCount)
 #endif
+        self.serverConfig = serverConfig
     }
 
     /**
@@ -309,15 +318,17 @@ public class HTTPServer: Server {
             }
             .childChannelInitializer { channel in
                 let httpHandler = HTTPRequestHandler(for: self)
+                let serverConfigurationHandler = HTTPServerConfigurationHandler(for: self)
                 let config: NIOHTTPServerUpgradeConfiguration = (upgraders: upgraders, completionHandler: { _ in
                     _ = channel.pipeline.removeHandler(httpHandler)
                 })
                 return channel.pipeline.configureHTTPServerPipeline(withServerUpgrade: config, withErrorHandling: true).flatMap {
                     if let nioSSLServerHandler = self.createNIOSSLServerHandler() {
-                        _ = channel.pipeline.addHandler(nioSSLServerHandler, position: .first)
+                        return channel.pipeline.addHandler(nioSSLServerHandler, position: .first)
                     }
-                    return channel.pipeline.addHandler(httpHandler)
-                }
+                    return channel.eventLoop.makeSucceededFuture(()) } .flatMap {
+                        return channel.pipeline.addHandler(serverConfigurationHandler, position: .first) }.flatMap {
+                            return channel.pipeline.addHandler(httpHandler)}
             }
 
         let listenerDescription: String

diff --git a/Sources/KituraNet/HTTP/HTTPServerConfiguration.swift b/Sources/KituraNet/HTTP/HTTPServerConfiguration.swift
@@ -0,0 +1,47 @@
+/*
+ * Copyright IBM Corporation 2019
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import Foundation
+
+public struct HTTPServerConfiguration {
+    /// Defines the maximum size of an incoming request, in bytes. If requests are received that are larger
+    /// than this limit, they will be rejected and the connection will be closed.
+
+    /// A value of `nil` means no limit.
+    public let requestSizeLimit: Int?
+
+    /// Defines the maximum number of concurrent connections that a server should accept. Clients attempting
+    /// to connect when this limit has been reached will be rejected.
+    /// A value of `nil` means no limit.
+    public let connectionLimit: Int?
+
+    /// A default limit of 1mb on the size of requests that a server should accept
+    /// A default limit of 10,000 on the number of concurrent connections that a server should accept.
+    public static var `default` = HTTPServerConfiguration(requestSizeLimit: 1048576, connectionLimit: 10000)
+
+
+    /// Create an `HTTPServerConfiguration` to determine the behaviour of a `Server`.
+    ///
+    /// - parameter requestSizeLimit: The maximum size of an incoming request. Defaults to `IncomingSocketOptions.defaultRequestSizeLimit`.
+    /// - parameter connectionLimit: The maximum number of concurrent connections. Defaults to `IncomingSocketOptions.defaultConnectionLimit`.
+
+    public init(requestSizeLimit: Int?, connectionLimit: Int?)
+    {
+        self.requestSizeLimit = requestSizeLimit
+        self.connectionLimit = connectionLimit
+    }
+
+}
diff --git a/Sources/KituraNet/HTTP/HTTPServerConfigurationHandler.swift b/Sources/KituraNet/HTTP/HTTPServerConfigurationHandler.swift
@@ -0,0 +1,74 @@
+import NIO
+import NIOHTTP1
+import NIOWebSocket
+import LoggerAPI
+import Foundation
+import Dispatch
+import NIOConcurrencyHelpers
+
+internal class HTTPServerConfigurationHandler: ChannelDuplexHandler {
+    // The HTTPServer instance on which this handler is installed
+    var server: HTTPServer
+    let requestSizeLimit: Int?
+    let connectionLimit: Int?
+    var requestSize: Int = 0
+    var connectionCount = 0
+    typealias InboundIn = ByteBuffer
+    typealias OutboundIn = ByteBuffer
+    typealias InboundOut = ByteBuffer
+    typealias OutboundOut = ByteBuffer
+
+    public init(for server: HTTPServer) {
+        self.server = server
+//        if let requestSizeLimit = server.serverConfig.requestSizeLimit {
+//            self.requestSizeLimit = requestSizeLimit
+//        }
+//        if let connectionLimit = server.serverConfig.connectionLimit {
+//            self.connectionLimit = connectionLimit
+//        }
+        self.requestSizeLimit = server.serverConfig.requestSizeLimit ?? nil
+        self.connectionLimit = server.serverConfig.connectionLimit ?? nil
+    }
+    public func channelRead(context: ChannelHandlerContext, data: NIOAny) {
+        let data = self.unwrapInboundIn(data)
+        requestSize = requestSize + data.readableBytes
+        if let requestSizeLimit1 = requestSizeLimit {
+            if requestSize > requestSizeLimit1 {
+                let statusDescription = HTTP.statusCodes[HTTPStatusCode.requestTooLong.rawValue] ?? ""
+                var discriptionBuffer = ByteBufferAllocator().buffer(capacity: requestSizeLimit!)
+                discriptionBuffer.writeString(statusDescription)
+                context.writeAndFlush(NIOAny(discriptionBuffer),promise: nil)
+                requestSize = 0
+                context.close(mode: .all, promise: nil)
+                return
+            }
+        }
+        context.fireChannelRead(wrapInboundOut(data))
+    }
+
+    public func triggerUserOutboundEvent(context: ChannelHandlerContext, event: Any, promise: EventLoopPromise<Void>?) {
+        requestSize = event as? Int ?? 0
+    }
+    public func channelActive(context: ChannelHandlerContext) {
+        _ = server.connectionCount.add(1)
+        if let connectionLimit1 = connectionLimit {
+            if server.connectionCount.load() > connectionLimit1{
+                let statusDescription = HTTP.statusCodes[HTTPStatusCode.serviceUnavailable.rawValue] ?? ""
+                var statusBuffer = ByteBufferAllocator().buffer(capacity: 1024)
+                statusBuffer.writeString(statusDescription)
+                context.writeAndFlush(NIOAny(statusBuffer),promise: nil)
+                _ = server.connectionCount.sub(1)
+                context.close(mode: .all, promise: nil)
+                return
+            }
+        }
+        context.fireChannelActive()
+    }
+
+    func channelInactive(context: ChannelHandlerContext) {
+        _ = server.connectionCount.sub(1)
+        context.fireChannelInactive()
+    }
+}
+
+
diff --git a/Tests/KituraNetTests/HTTPResponseHandler.swift b/Tests/KituraNetTests/HTTPResponseHandler.swift
@@ -0,0 +1,24 @@
+import NIO
+import NIOHTTP1
+import NIOWebSocket
+import LoggerAPI
+import Foundation
+import Dispatch
+import XCTest
+@testable import KituraNet
+internal class HTTPConfigTestsResponseHandler: ChannelInboundHandler {
+    typealias InboundIn = ByteBuffer
+    let expectedSubstring: String
+    let expectation: XCTestExpectation
+    public init(expectation: XCTestExpectation, expectedSubstring: String ){
+        self.expectedSubstring = expectedSubstring
+        self.expectation = expectation
+    }
+
+    public func channelRead(context: ChannelHandlerContext, data: NIOAny) {
+        let response = self.unwrapInboundIn(data)
+        XCTAssert(response.getString(at: 0, length: response.readableBytes)?.starts(with: expectedSubstring) ?? false)
+        expectation.fulfill()
+    }
+}
+
diff --git a/Tests/KituraNetTests/HTTPResponseTests.swift b/Tests/KituraNetTests/HTTPResponseTests.swift
@@ -40,7 +40,7 @@ class HTTPResponseTests: KituraNetTest {
         let headers = HeadersContainer()
 
         headers.append("Content-Type", value: "text/html")
-        var values = headers["Content-Type"]
+        let values = headers["Content-Type"]
         XCTAssertNotNil(values, "Couldn't retrieve just set Content-Type header")
         XCTAssertEqual(values?.count, 1, "Content-Type header should only have one value")
         XCTAssertEqual(values?[0], "text/html")

diff --git a/Tests/KituraNetTests/KituraNIOTest.swift b/Tests/KituraNetTests/KituraNIOTest.swift
@@ -85,9 +85,9 @@ class KituraNetTest: XCTestCase {
         }
     }
 
-    func startServer(_ delegate: ServerDelegate?, unixDomainSocketPath: String? = nil, port: Int = portDefault, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault) throws -> HTTPServer {
-
-        let server = HTTP.createServer()
+    func startServer(_ delegate: ServerDelegate?, unixDomainSocketPath: String? = nil, port: Int = portDefault, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, serverConfig: HTTPServerConfiguration = .default) throws -> HTTPServer {
+        let serverConfig = serverConfig
+        let server = HTTP.createServer(serverConfig: serverConfig)
         server.delegate = delegate
         if useSSL {
             server.sslConfig = KituraNetTest.sslConfig
@@ -103,8 +103,9 @@ class KituraNetTest: XCTestCase {
 
     /// Convenience function for starting an HTTPServer on an ephemeral port,
     /// returning the a tuple containing the server and the port it is listening on.
-    func startEphemeralServer(_ delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault) throws -> (server: HTTPServer, port: Int) {
-        let server = try startServer(delegate, port: 0, useSSL: useSSL, allowPortReuse: allowPortReuse)
+    func startEphemeralServer(_ delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, serverConfig: HTTPServerConfiguration = .default) throws -> (server: HTTPServer, port: Int) {
+        let serverConfig = serverConfig
+        let server = try startServer(delegate, port: 0, useSSL: useSSL, allowPortReuse: allowPortReuse, serverConfig: serverConfig)
         guard let serverPort = server.port else {
             throw KituraNetTestError(message: "Server port was not initialized")
         }
@@ -121,26 +122,26 @@ class KituraNetTest: XCTestCase {
         case both
     }
 
-    func performServerTest(_ delegate: ServerDelegate?, socketType: SocketType = .both, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: (XCTestExpectation) -> Void...) {
+    func performServerTest(serverConfig: HTTPServerConfiguration = .default, _ delegate: ServerDelegate?, socketType: SocketType = .both, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: (XCTestExpectation) -> Void...) {
+        let serverConfig = serverConfig
         self.socketType = socketType
         if socketType != .tcp {
-            performServerTestWithUnixSocket(delegate: delegate, useSSL: useSSL, allowPortReuse: allowPortReuse, line: line, asyncTasks: asyncTasks)
+            performServerTestWithUnixSocket(serverConfig: serverConfig, delegate: delegate, useSSL: useSSL, allowPortReuse: allowPortReuse, line: line, asyncTasks: asyncTasks)
         }
         if socketType != .unixDomainSocket {
-            performServerTestWithTCPPort(delegate: delegate, useSSL: useSSL, allowPortReuse:  allowPortReuse, line: line, asyncTasks: asyncTasks)
+            performServerTestWithTCPPort(serverConfig: serverConfig, delegate: delegate, useSSL: useSSL, allowPortReuse:  allowPortReuse, line: line, asyncTasks: asyncTasks)
         }
     }
 
-    func performServerTestWithUnixSocket(delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: [(XCTestExpectation) -> Void]) { 
+    func performServerTestWithUnixSocket(serverConfig: HTTPServerConfiguration = .default, delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: [(XCTestExpectation) -> Void]) {
         do {
             var server: HTTPServer
             self.useSSL = useSSL
             self.unixDomainSocketPath = self.socketFilePath
-            server = try startServer(delegate, unixDomainSocketPath: self.unixDomainSocketPath, useSSL: useSSL, allowPortReuse: allowPortReuse)
+            server = try startServer(delegate, unixDomainSocketPath: self.unixDomainSocketPath, useSSL: useSSL, allowPortReuse: allowPortReuse, serverConfig: serverConfig)
             defer {
                 server.stop()
             }
-
             let requestQueue = DispatchQueue(label: "Request queue")
             for (index, asyncTask) in asyncTasks.enumerated() {
                 let expectation = self.expectation(line: line, index: index)
@@ -158,18 +159,17 @@ class KituraNetTest: XCTestCase {
         }
     }
 
-    func performServerTestWithTCPPort(delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: [(XCTestExpectation) -> Void]) { 
+    func performServerTestWithTCPPort(serverConfig: HTTPServerConfiguration = .default, delegate: ServerDelegate?, useSSL: Bool = useSSLDefault, allowPortReuse: Bool = portReuseDefault, line: Int = #line, asyncTasks: [(XCTestExpectation) -> Void]) {
         do {
             var server: HTTPServer
             var ephemeralPort: Int = 0
             self.useSSL = useSSL
-            (server, ephemeralPort) = try startEphemeralServer(delegate, useSSL: useSSL, allowPortReuse: allowPortReuse)
+            (server, ephemeralPort) = try startEphemeralServer(delegate, useSSL: useSSL, allowPortReuse: allowPortReuse, serverConfig: serverConfig)
             self.port = ephemeralPort
             self.unixDomainSocketPath = nil
             defer {
                 server.stop()
             }
-
             let requestQueue = DispatchQueue(label: "Request queue")
             for (index, asyncTask) in asyncTasks.enumerated() {
                 let expectation = self.expectation(line: line, index: index)

diff --git a/Tests/KituraNetTests/LargePayloadTests.swift b/Tests/KituraNetTests/LargePayloadTests.swift
@@ -40,7 +40,7 @@ class LargePayloadTests: KituraNetTest {
     private let delegate = TestServerDelegate()
 
     func testLargePosts() {
-        performServerTest(delegate, useSSL: false, asyncTasks: { expectation in
+        performServerTest(serverConfig: HTTPServerConfiguration(requestSizeLimit: 100*10000, connectionLimit: 1),delegate,socketType: .tcp, useSSL: false, asyncTasks: { expectation in
             let payload = "[" + contentTypesString + "," + contentTypesString + contentTypesString + "," + contentTypesString + "]"
             self.performRequest("post", path: "/largepost", callback: {response in
                 XCTAssertEqual(response?.statusCode, HTTPStatusCode.OK, "Status code wasn't .Ok was \(String(describing: response?.statusCode))")