Break out into a multi-module project

2026-04-20 14:18:04 +01:00 · 2019-04-20 21:56:20 -07:00
parent b41dde777e
commit d0d375aeb7
318 changed files with 255 additions and 215 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/limits/LeakyBucket.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/limits/LeakyBucket.java
@@ -0,0 +1,98 @@
+/**
+ * Copyright (C) 2013 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.limits;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import java.io.IOException;
+
+public class LeakyBucket {
+
+  private final int    bucketSize;
+  private final double leakRatePerMillis;
+
+  private int spaceRemaining;
+  private long lastUpdateTimeMillis;
+
+  public LeakyBucket(int bucketSize, double leakRatePerMillis) {
+    this(bucketSize, leakRatePerMillis, bucketSize, System.currentTimeMillis());
+  }
+
+  private LeakyBucket(int bucketSize, double leakRatePerMillis, int spaceRemaining, long lastUpdateTimeMillis) {
+    this.bucketSize           = bucketSize;
+    this.leakRatePerMillis    = leakRatePerMillis;
+    this.spaceRemaining       = spaceRemaining;
+    this.lastUpdateTimeMillis = lastUpdateTimeMillis;
+  }
+
+  public boolean add(int amount) {
+    this.spaceRemaining       = getUpdatedSpaceRemaining();
+    this.lastUpdateTimeMillis = System.currentTimeMillis();
+
+    if (this.spaceRemaining >= amount) {
+      this.spaceRemaining -= amount;
+      return true;
+    } else {
+      return false;
+    }
+  }
+
+  private int getUpdatedSpaceRemaining() {
+    long elapsedTime = System.currentTimeMillis() - this.lastUpdateTimeMillis;
+
+    return Math.min(this.bucketSize,
+                    (int)Math.floor(this.spaceRemaining + (elapsedTime * this.leakRatePerMillis)));
+  }
+
+  public String serialize(ObjectMapper mapper) throws JsonProcessingException {
+    return mapper.writeValueAsString(new LeakyBucketEntity(bucketSize, leakRatePerMillis, spaceRemaining, lastUpdateTimeMillis));
+  }
+
+  public static LeakyBucket fromSerialized(ObjectMapper mapper, String serialized) throws IOException {
+    LeakyBucketEntity entity = mapper.readValue(serialized, LeakyBucketEntity.class);
+
+    return new LeakyBucket(entity.bucketSize, entity.leakRatePerMillis,
+                           entity.spaceRemaining, entity.lastUpdateTimeMillis);
+  }
+
+  private static class LeakyBucketEntity {
+    @JsonProperty
+    private int    bucketSize;
+
+    @JsonProperty
+    private double leakRatePerMillis;
+
+    @JsonProperty
+    private int    spaceRemaining;
+
+    @JsonProperty
+    private long   lastUpdateTimeMillis;
+
+    public LeakyBucketEntity() {}
+
+    private LeakyBucketEntity(int bucketSize, double leakRatePerMillis,
+                              int spaceRemaining, long lastUpdateTimeMillis)
+    {
+      this.bucketSize           = bucketSize;
+      this.leakRatePerMillis    = leakRatePerMillis;
+      this.spaceRemaining       = spaceRemaining;
+      this.lastUpdateTimeMillis = lastUpdateTimeMillis;
+    }
+  }
+}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/limits/LockingRateLimiter.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/limits/LockingRateLimiter.java
@@ -0,0 +1,60 @@
+package org.whispersystems.textsecuregcm.limits;
+
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import org.whispersystems.textsecuregcm.controllers.RateLimitExceededException;
+import org.whispersystems.textsecuregcm.redis.ReplicatedJedisPool;
+import org.whispersystems.textsecuregcm.util.Constants;
+
+import static com.codahale.metrics.MetricRegistry.name;
+import redis.clients.jedis.Jedis;
+
+public class LockingRateLimiter extends RateLimiter {
+
+  private final Meter meter;
+
+  public LockingRateLimiter(ReplicatedJedisPool cacheClient, String name, int bucketSize, double leakRatePerMinute) {
+    super(cacheClient, name, bucketSize, leakRatePerMinute);
+
+    MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+    this.meter = metricRegistry.meter(name(getClass(), name, "locked"));
+  }
+
+  @Override
+  public void validate(String key, int amount) throws RateLimitExceededException {
+    if (!acquireLock(key)) {
+      meter.mark();
+      throw new RateLimitExceededException("Locked");
+    }
+
+    try {
+      super.validate(key, amount);
+    } finally {
+      releaseLock(key);
+    }
+  }
+
+  @Override
+  public void validate(String key) throws RateLimitExceededException {
+    validate(key, 1);
+  }
+
+  private void releaseLock(String key) {
+    try (Jedis jedis = cacheClient.getWriteResource()) {
+      jedis.del(getLockName(key));
+    }
+  }
+
+  private boolean acquireLock(String key) {
+    try (Jedis jedis = cacheClient.getWriteResource()) {
+      return jedis.set(getLockName(key), "L", "NX", "EX", 10) != null;
+    }
+  }
+
+  private String getLockName(String key) {
+    return "leaky_lock::" + name + "::" + key;
+  }
+
+
+}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiter.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiter.java
@@ -0,0 +1,115 @@
+/**
+ * Copyright (C) 2013 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.limits;
+
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.controllers.RateLimitExceededException;
+import org.whispersystems.textsecuregcm.redis.ReplicatedJedisPool;
+import org.whispersystems.textsecuregcm.util.Constants;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
+
+import java.io.IOException;
+
+import static com.codahale.metrics.MetricRegistry.name;
+import redis.clients.jedis.Jedis;
+
+public class RateLimiter {
+
+  private final Logger       logger = LoggerFactory.getLogger(RateLimiter.class);
+  private final ObjectMapper mapper = SystemMapper.getMapper();
+
+  private   final Meter               meter;
+  protected final ReplicatedJedisPool cacheClient;
+  protected final String              name;
+  private   final int                 bucketSize;
+  private   final double              leakRatePerMillis;
+  private   final boolean             reportLimits;
+
+  public RateLimiter(ReplicatedJedisPool cacheClient, String name,
+                     int bucketSize, double leakRatePerMinute)
+  {
+    this(cacheClient, name, bucketSize, leakRatePerMinute, false);
+  }
+
+  public RateLimiter(ReplicatedJedisPool cacheClient, String name,
+                     int bucketSize, double leakRatePerMinute,
+                     boolean reportLimits)
+  {
+    MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+
+    this.meter             = metricRegistry.meter(name(getClass(), name, "exceeded"));
+    this.cacheClient       = cacheClient;
+    this.name              = name;
+    this.bucketSize        = bucketSize;
+    this.leakRatePerMillis = leakRatePerMinute / (60.0 * 1000.0);
+    this.reportLimits      = reportLimits;
+  }
+
+  public void validate(String key, int amount) throws RateLimitExceededException {
+    LeakyBucket bucket = getBucket(key);
+
+    if (bucket.add(amount)) {
+      setBucket(key, bucket);
+    } else {
+      meter.mark();
+      throw new RateLimitExceededException(key + " , " + amount);
+    }
+  }
+
+  public void validate(String key) throws RateLimitExceededException {
+    validate(key, 1);
+  }
+
+  public void clear(String key) {
+    try (Jedis jedis = cacheClient.getWriteResource()) {
+      jedis.del(getBucketName(key));
+    }
+  }
+
+  private void setBucket(String key, LeakyBucket bucket) {
+    try (Jedis jedis = cacheClient.getWriteResource()) {
+      String serialized = bucket.serialize(mapper);
+      jedis.setex(getBucketName(key), (int) Math.ceil((bucketSize / leakRatePerMillis) / 1000), serialized);
+    } catch (JsonProcessingException e) {
+      throw new IllegalArgumentException(e);
+    }
+  }
+
+  private LeakyBucket getBucket(String key) {
+    try (Jedis jedis = cacheClient.getReadResource()) {
+      String serialized = jedis.get(getBucketName(key));
+
+      if (serialized != null) {
+        return LeakyBucket.fromSerialized(mapper, serialized);
+      }
+    } catch (IOException e) {
+      logger.warn("Deserialization error", e);
+    }
+
+    return new LeakyBucket(bucketSize, leakRatePerMillis);
+  }
+
+  private String getBucketName(String key) {
+    return "leaky_bucket::" + name + "::" + key;
+  }
+}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java
@@ -0,0 +1,176 @@
+/**
+ * Copyright (C) 2013 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.limits;
+
+
+import org.whispersystems.textsecuregcm.configuration.RateLimitsConfiguration;
+import org.whispersystems.textsecuregcm.redis.ReplicatedJedisPool;
+
+public class RateLimiters {
+
+  private final RateLimiter smsDestinationLimiter;
+  private final RateLimiter voiceDestinationLimiter;
+  private final RateLimiter voiceDestinationDailyLimiter;
+  private final RateLimiter smsVoiceIpLimiter;
+  private final RateLimiter smsVoicePrefixLimiter;
+  private final RateLimiter autoBlockLimiter;
+  private final RateLimiter verifyLimiter;
+  private final RateLimiter pinLimiter;
+
+  private final RateLimiter attachmentLimiter;
+  private final RateLimiter contactsLimiter;
+  private final RateLimiter preKeysLimiter;
+  private final RateLimiter messagesLimiter;
+
+  private final RateLimiter allocateDeviceLimiter;
+  private final RateLimiter verifyDeviceLimiter;
+
+  private final RateLimiter turnLimiter;
+
+  private final RateLimiter profileLimiter;
+
+  public RateLimiters(RateLimitsConfiguration config, ReplicatedJedisPool cacheClient) {
+    this.smsDestinationLimiter = new RateLimiter(cacheClient, "smsDestination",
+                                                 config.getSmsDestination().getBucketSize(),
+                                                 config.getSmsDestination().getLeakRatePerMinute());
+
+    this.voiceDestinationLimiter = new RateLimiter(cacheClient, "voxDestination",
+                                                   config.getVoiceDestination().getBucketSize(),
+                                                   config.getVoiceDestination().getLeakRatePerMinute());
+
+    this.voiceDestinationDailyLimiter = new RateLimiter(cacheClient, "voxDestinationDaily",
+                                                        config.getVoiceDestinationDaily().getBucketSize(),
+                                                        config.getVoiceDestinationDaily().getLeakRatePerMinute());
+
+    this.smsVoiceIpLimiter = new RateLimiter(cacheClient, "smsVoiceIp",
+                                             config.getSmsVoiceIp().getBucketSize(),
+                                             config.getSmsVoiceIp().getLeakRatePerMinute());
+
+    this.smsVoicePrefixLimiter = new RateLimiter(cacheClient, "smsVoicePrefix",
+                                                 config.getSmsVoicePrefix().getBucketSize(),
+                                                 config.getSmsVoicePrefix().getLeakRatePerMinute());
+
+    this.autoBlockLimiter = new RateLimiter(cacheClient, "autoBlock",
+                                            config.getAutoBlock().getBucketSize(),
+                                            config.getAutoBlock().getLeakRatePerMinute());
+
+    this.verifyLimiter = new RateLimiter(cacheClient, "verify",
+                                         config.getVerifyNumber().getBucketSize(),
+                                         config.getVerifyNumber().getLeakRatePerMinute());
+
+    this.pinLimiter = new LockingRateLimiter(cacheClient, "pin",
+                                             config.getVerifyPin().getBucketSize(),
+                                             config.getVerifyPin().getLeakRatePerMinute());
+
+    this.attachmentLimiter = new RateLimiter(cacheClient, "attachmentCreate",
+                                             config.getAttachments().getBucketSize(),
+                                             config.getAttachments().getLeakRatePerMinute());
+
+    this.contactsLimiter = new RateLimiter(cacheClient, "contactsQuery",
+                                           config.getContactQueries().getBucketSize(),
+                                           config.getContactQueries().getLeakRatePerMinute());
+
+    this.preKeysLimiter = new RateLimiter(cacheClient, "prekeys",
+                                          config.getPreKeys().getBucketSize(),
+                                          config.getPreKeys().getLeakRatePerMinute());
+
+    this.messagesLimiter = new RateLimiter(cacheClient, "messages",
+                                           config.getMessages().getBucketSize(),
+                                           config.getMessages().getLeakRatePerMinute());
+
+    this.allocateDeviceLimiter = new RateLimiter(cacheClient, "allocateDevice",
+                                                 config.getAllocateDevice().getBucketSize(),
+                                                 config.getAllocateDevice().getLeakRatePerMinute());
+
+    this.verifyDeviceLimiter = new RateLimiter(cacheClient, "verifyDevice",
+                                               config.getVerifyDevice().getBucketSize(),
+                                               config.getVerifyDevice().getLeakRatePerMinute());
+
+    this.turnLimiter = new RateLimiter(cacheClient, "turnAllocate",
+                                       config.getTurnAllocations().getBucketSize(),
+                                       config.getTurnAllocations().getLeakRatePerMinute());
+
+    this.profileLimiter = new RateLimiter(cacheClient, "profile",
+                                          config.getProfile().getBucketSize(),
+                                          config.getProfile().getLeakRatePerMinute());
+  }
+
+  public RateLimiter getAllocateDeviceLimiter() {
+    return allocateDeviceLimiter;
+  }
+
+  public RateLimiter getVerifyDeviceLimiter() {
+    return verifyDeviceLimiter;
+  }
+
+  public RateLimiter getMessagesLimiter() {
+    return messagesLimiter;
+  }
+
+  public RateLimiter getPreKeysLimiter() {
+    return preKeysLimiter;
+  }
+
+  public RateLimiter getContactsLimiter() {
+    return contactsLimiter;
+  }
+
+  public RateLimiter getAttachmentLimiter() {
+    return this.attachmentLimiter;
+  }
+
+  public RateLimiter getSmsDestinationLimiter() {
+    return smsDestinationLimiter;
+  }
+
+  public RateLimiter getSmsVoiceIpLimiter() {
+    return smsVoiceIpLimiter;
+  }
+
+  public RateLimiter getSmsVoicePrefixLimiter() {
+    return smsVoicePrefixLimiter;
+  }
+
+  public RateLimiter getAutoBlockLimiter() {
+    return autoBlockLimiter;
+  }
+
+  public RateLimiter getVoiceDestinationLimiter() {
+    return voiceDestinationLimiter;
+  }
+
+  public RateLimiter getVoiceDestinationDailyLimiter() {
+    return voiceDestinationDailyLimiter;
+  }
+
+  public RateLimiter getVerifyLimiter() {
+    return verifyLimiter;
+  }
+
+  public RateLimiter getPinLimiter() {
+    return pinLimiter;
+  }
+
+  public RateLimiter getTurnLimiter() {
+    return turnLimiter;
+  }
+
+  public RateLimiter getProfileLimiter() {
+    return profileLimiter;
+  }
+
+}