Commit Graph

186 Commits

Author SHA1 Message Date
Felix Lange 69f5d5ba1f
node, rpc: add configurable HTTP request limit (#28948)
Adds a configurable HTTP request limit, and bumps the engine default
2024-02-07 21:06:38 +01:00
Delweng 386cba15b5
node: increase batch limits for auth rpc API (#27924)
This raises the JSON-RPC batch request limits significantly for the engine API endpoint.
The limits are now also hard-coded, so users won't get them wrong. I have chosen these limits:

    maximum batch items: 2000
    maximum batch response size: 250MB

While it would also be possible to disable batch limits completely for the engine API, 
I think having some limits is a good safety net against misbehaving CLs. Since this
 isn't configurable, we really want to ensure this limit will never become an issue in the
 CL/EL communication, so I set them quite high.

---------

Signed-off-by: jsvisa <delweng@gmail.com>
Co-authored-by: Felix Lange <fjl@twurst.com>
2023-08-16 15:26:49 +02:00
Curith 6ca3ef9a7b
node: fix listening on IPv6 address (#27628) (#27635) 2023-07-02 13:21:16 +02:00
Sanghee Choi acc2a2ac61
node: remove unused error return from Attach (#27450)
node: Delete the unused error from return parameters of Node.Attach() func
2023-06-14 08:24:47 -04:00
mmsqe f3314bb6df
rpc: add limit for batch request items and response size (#26681)
This PR adds server-side limits for JSON-RPC batch requests. Before this change, batches
were limited only by processing time. The server would pick calls from the batch and
answer them until the response timeout occurred, then stop processing the remaining batch
items.

Here, we are adding two additional limits which can be configured:

- the 'item limit': batches can have at most N items
- the 'response size limit': batches can contain at most X response bytes

These limits are optional in package rpc. In Geth, we set a default limit of 1000 items
and 25MB response size.

When a batch goes over the limit, an error response is returned to the client. However,
doing this correctly isn't always possible. In JSON-RPC, only method calls with a valid
`id` can be responded to. Since batches may also contain non-call messages or
notifications, the best effort thing we can do to report an error with the batch itself is
reporting the limit violation as an error for the first method call in the batch. If a batch is
too large, but contains only notifications and responses, the error will be reported with
a null `id`.

The RPC client was also changed so it can deal with errors resulting from too large
batches. An older client connected to the server code in this PR could get stuck
until the request timeout occurred when the batch is too large. **Upgrading to a version
of the RPC client containing this change is strongly recommended to avoid timeout issues.**

For some weird reason, when writing the original client implementation, @fjl worked off of
the assumption that responses could be distributed across batches arbitrarily. So for a
batch request containing requests `[A B C]`, the server could respond with `[A B C]` but
also with `[A B] [C]` or even `[A] [B] [C]` and it wouldn't make a difference to the
client.

So in the implementation of BatchCallContext, the client waited for all requests in the
batch individually. If the server didn't respond to some of the requests in the batch, the
client would eventually just time out (if a context was used).

With the addition of batch limits into the server, we anticipate that people will hit this
kind of error way more often. To handle this properly, the client now waits for a single
response batch and expects it to contain all responses to the requests.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
Co-authored-by: Martin Holst Swende <martin@swende.se>
2023-06-13 13:38:58 +02:00
Seungbae Yu a742943c78
node: fix typos in comments (#27236) 2023-05-10 10:42:55 +02:00
Delweng 8f373227ac
cmd/geth: make account commands not require datadir lock (#27084)
Makes the `geth account ... ` commands usable even if a geth-process is already executing, since the account commands do not read the chaindata, it was not required for those to use the same locking mechanism. 

---
Signed-off-by: jsvisa <delweng@gmail.com>
Co-authored-by: Martin Holst Swende <martin@swende.se>
Co-authored-by: Sina Mahmoodi <itz.s1na@gmail.com>
2023-04-27 06:57:29 -04:00
Péter Szilágyi d3ece3a07c
cmd/utils, node: switch to Pebble as the default db if none exists (#27136)
* cmd/utils, node: switch to Pebble as the default db if none exists

* node: fall back to LevelDB on platforms not supporting Pebble

* core/rawdb, node: default to Pebble at the node level

* cmd/geth: fix some tests explicitly using leveldb

* ethdb/pebble: allow double closes, makes tests simpler
2023-04-21 19:24:18 +03:00
Delweng 117530b0e6
metrics/librato: ensure resp.body closed (#26969)
This change ensures that we call Close on a http response body, in various places in the source code (mostly tests)
2023-03-27 07:44:41 -04:00
Martin Holst Swende 09a9ccdbce
core/rawdb, node: use standalone flock dependency (#26633) 2023-02-23 09:11:50 +02:00
Martin Holst Swende ed51b8c5d3
ethdb: pebble backend (64bit platforms only) (#26517)
* ethdb: use pebble

Co-authored-by: Gary Rong <garyrong0905@gmail.com>

foo

update

* apply suggested changes

* flags: go format

node: fix ddir lookup mistake

accounts/abi/bind: fix go.mod replacement for generated binding

deps: update pebble + with fix 32-bit build

* ethdb/pebble: respect max memtable size

* core/rawdb, ethdb: enable pebble on non-32bit platforms only

* core/rawdb: fix build tags, fix some review concerns

* core/rawdb: refactor methods for database opening

* core/rawdb: remove erroneous build tag

* cmd/geth: fix the flag default handling + testcase

* cmd/geth: improve testing regarding custom backends

* ethdb/pebble, deps: update pebble dependency

* core/rawdb: replace method with Open

* ethdb/pebble: several updates for pebble (#49)

* ethdb/pebble: fix size count in batch

* ethdb/pebble: disable seek compaction

* ethdb/pebble: more fixes

* ethdb, core, cmd: polish and fixes (#50)

* cmd/utils, core/rawdb, ethdb/pebble: address some review concerns

* Update flags.go

* ethdb/pebble: minor refactors

* ethdb/pebble: avoid copy on batch replay

* ethdb: fix compilation flaw

* cmd: fix test fail due to mismatching error message

* cmd/geth, node: rename backingdb to db.engine

---------

Co-authored-by: Jared Wasinger <j-wasinger@hotmail.com>
Co-authored-by: rjl493456442 <garyrong0905@gmail.com>
Co-authored-by: Péter Szilágyi <peterke@gmail.com>
2023-02-09 10:48:34 +02:00
Marius van der Wijden d0a4989a8d
cmd, eth, node: deprecate personal namespace (#26390)
* eth: cmd: deprecate personal namespace

* eth: cmd: move deprecation to node

* node: disable toml of enablepersonal

* node: disable personal on ipc as well

* Update node/node.go

Co-authored-by: Martin Holst Swende <martin@swende.se>

* console: error -> warn

* node: less roulette

---------

Co-authored-by: Martin Holst Swende <martin@swende.se>
2023-02-02 13:52:19 +02:00
Shude Li 163e996d0e
all: use http package to replace http method names (#26535) 2023-01-24 11:12:25 +02:00
Sina Mahmoodi f20eba426a
graphql, node, rpc: improve HTTP write timeout handling (#25457)
Here we add special handling for sending an error response when the write timeout of the
HTTP server is just about to expire. This is surprisingly difficult to get right, since is
must be ensured that all output is fully flushed in time, which needs support from
multiple levels of the RPC handler stack:

The timeout response can't use chunked transfer-encoding because there is no way to write
the final terminating chunk. net/http writes it when the topmost handler returns, but the
timeout will already be over by the time that happens. We decided to disable chunked
encoding by setting content-length explicitly.

Gzip compression must also be disabled for timeout responses because we don't know the
true content-length before compressing all output, i.e. compression would reintroduce
chunked transfer-encoding.
2022-12-07 14:02:14 +01:00
Sina Mahmoodi 3630cafb34
node: drop support for static & trusted node list files (#25610)
This changes the node setup to ignore datadir files

    static-nodes.json
    trusted-nodes.json

When these files are present, it an error will be printed to the log.
2022-10-12 10:50:12 +02:00
Felix Lange 9cddfe92a3
node: prevent exposing engine API on unauthenticated endpoint (#25939)
* node: prevent exposing engine API on unauthenticated endpoint

* node: improve RPC setup
2022-10-06 14:01:04 +02:00
Felix Lange 3db4a13230
node: fix lint issue in rpcstack.go (#25774) 2022-09-15 15:21:44 +02:00
Nicolas Gotchac 25b35c9728
node: fix HTTP server always force closing (#25755)
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-09-14 18:37:53 +02:00
Felix Lange b628d72766
build: upgrade to go 1.19 (#25726)
This changes the CI / release builds to use the latest Go version. It also
upgrades golangci-lint to a newer version compatible with Go 1.19.

In Go 1.19, godoc has gained official support for links and lists. The
syntax for code blocks in doc comments has changed and now requires a
leading tab character. gofmt adapts comments to the new syntax
automatically, so there are a lot of comment re-formatting changes in this
PR. We need to apply the new format in order to pass the CI lint stage with
Go 1.19.

With the linter upgrade, I have decided to disable 'gosec' - it produces
too many false-positive warnings. The 'deadcode' and 'varcheck' linters
have also been removed because golangci-lint warns about them being
unmaintained. 'unused' provides similar coverage and we already have it
enabled, so we don't lose much with this change.
2022-09-10 13:25:40 +02:00
protolambda 90711efb0a
node, rpc: add JWT auth support in client (#24911)
This adds a generic mechanism for 'dial options' in the RPC client,
and also implements a specific dial option for the JWT authentication
mechanism used by the engine API. Some real tests for the server-side
authentication handling are also added.

Co-authored-by: Joshua Gutow <jgutow@optimism.io>
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-09-02 17:40:41 +02:00
Felix Lange 2b6df280de
node: fix regression in TestJWT (#25635) 2022-08-30 16:41:09 +02:00
Seungbae Yu 7813b675f5
node: change JWT error status to 401 Unauthorized (#25629) 2022-08-30 15:25:02 +02:00
Justin Traglia 2c5648d891
all: fix some typos (#25551)
* Fix some typos

* Fix some mistakes

* Revert 4byte.json

* Fix an incorrect fix

* Change files to fails
2022-08-19 09:00:21 +03:00
rjl493456442 e44d6551c3
cmd, core, ethdb, node: move chain freezer one folder deeper (#25487)
* cmd, core, ethdb, node: create chain freezer in a sub folder

* core/rawdb: remove unused code

* core, ethdb, node: add AncientDatadir API back

* cmd, core: extend freezer info dump for sub-ancient-store

* core/rawdb: rework freezer inspector

* core/rawdb: address comments from Peter

* core/rawdb: fix build issue
2022-08-08 12:08:36 +03:00
Delweng 733d76a88d
node: remove noop path.Join (#25475)
Signed-off-by: Delweng <delweng@gmail.com>
2022-08-04 10:42:03 +03:00
Tristan-Wilson 9244f87dc1
node, rpc: add ReadHeaderTimeout config option (#25338)
This change makes http.Server.ReadHeaderTimeout configurable separately
from ReadTimeout for RPC servers. The default is set to the same as
ReadTimeout, which in order to cause no change in existing deployments.
2022-08-03 16:50:12 +02:00
Marius van der Wijden f26b63089a
node: set JWT expiry to 60 seconds (#25416)
* node: set JWT expiry to 60 seconds

* node: rename var
2022-07-28 09:30:50 +03:00
Delweng b196ad1c16
all: add whitespace linter (#25312)
* golangci: typo

Signed-off-by: Delweng <delweng@gmail.com>

* golangci: add whietspace

Signed-off-by: Delweng <delweng@gmail.com>

* *: rm whitesapce using golangci-lint

Signed-off-by: Delweng <delweng@gmail.com>

* cmd/puppeth: revert accidental resurrection

Co-authored-by: Péter Szilágyi <peterke@gmail.com>
2022-07-25 13:14:03 +03:00
Péter Szilágyi b53d38246e
Merge pull request #25096 from lightclient/remove-version-field
all: remove version field
2022-07-14 12:13:59 +03:00
Brion d839515434
rpc: add graceful shutdown timeout for HTTP server (#25258)
This change ensures the HTTP server will always terminate within
at most 5s, even when all connections are busy and do not become
idle.

Co-authored-by: Felix Lange <fjl@twurst.com>
2022-07-08 21:25:12 +02:00
lightclient@protonmail.com 0c6f81f888
all: remove version field from rpc.API 2022-06-27 12:39:46 +02:00
lightclient 119f955686
all: remove `public` field from `rpc.API` (#25059)
all: remove public field from rpc.API
2022-06-27 13:33:13 +03:00
lightclient 10dc5dce08
all: remove concept of public/private API definitions (#25053)
* internal/ethapi: rename PublicEthereumAPI to EthereumAPI

* eth: rename PublicEthereumAPI to EthereumAPI

* internal/ethapi: rename PublicTxPoolAPI to TxPoolAPI

* internal/ethapi: rename PublicAccountAPI to EthereumAccountAPI

* internal/ethapi: rename PrivateAccountAPI to PersonalAccountAPI

* internal/ethapi: rename PublicBlockChainAPI to BlockChainAPI

* internal/ethapi: rename PublicTransactionPoolAPI to TransactionAPI

* internal/ethapi: rename PublicDebugAPI to DebugAPI

* internal/ethapi: move PrivateDebugAPI methods to DebugAPI

* internal/ethapi: rename PublicNetAPI to NetAPI

* les: rename PrivateLightServerAPI to LightServerAPI

* les: rename PrivateLightAPI to LightAPI

* les: rename PrivateDebugAPI to DebugAPI

* les: rename PublicDownloaderAPI to DownloaderAPI

* eth,les: rename PublicFilterAPI to FilterAPI

* eth: rename PublicMinerAPI to MinerAPI

* eth: rename PublicDownloaderAPI to DownloaderAPI

* eth: move PrivateMinerAPI methods to MinerAPI

* eth: rename PrivateAdminAPI to AdminAPI

* eth: rename PublicDebugAPI to DebugAPI

* eth: move PrivateDebugAPI methods to DebugAPI

* node: rename publicAdminAPI to adminAPI

* node: move privateAdminAPI methods to adminAPI

* node: rename publicWeb3API to web3API

* eth,internal/ethapi: sync comments with previous renamings
2022-06-21 12:05:43 +03:00
Martin Holst Swende 21129ec838
node: make jwt tests less time-dependent (#25120) 2022-06-20 10:10:25 +02:00
Marius van der Wijden d78d302f3d
node: add info message when JWT secret is loaded (#25095)
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-06-15 14:35:53 +02:00
Martin Holst Swende a907d7e81a
all: more linters (#24783)
This enables the following linters

- typecheck
- unused
- staticcheck
- bidichk
- durationcheck
- exportloopref
- gosec

WIth a few exceptions.

- We use a deprecated protobuf in trezor. I didn't want to mess with that, since I cannot meaningfully test any changes there.
- The deprecated TypeMux is used in a few places still, so the warning for it is silenced for now.
- Using string type in context.WithValue is apparently wrong, one should use a custom type, to prevent collisions between different places in the hierarchy of callers. That should be fixed at some point, but may require some attention.
- The warnings for using weak random generator are squashed, since we use a lot of random without need for cryptographic guarantees.
2022-06-13 16:24:45 +02:00
Martin Holst Swende 6f075bf6af
node: make jwt test less dependent on time (#25016) 2022-06-02 20:21:35 +02:00
Felix Lange 9244d5cd61
all: update license headers and AUTHORS from git history (#24947) 2022-05-24 20:39:40 +02:00
Håvard Anda Estensen e644d45c14
all: use strings.EqualFold for string comparison (#24890) 2022-05-17 13:56:52 +02:00
Håvard Anda Estensen 07508ac0e9
all: replace uses of ioutil with io and os (#24869) 2022-05-16 11:59:35 +02:00
Eng Zer Jun 8d066f1f42
all: use T.TempDir to create temporary test directories (#24633)
This commit replaces ioutil.TempDir with t.TempDir in tests. The
directory created by t.TempDir is automatically removed when the test
and all its subtests complete.

Prior to this commit, temporary directory created using ioutil.TempDir
had to be removed manually by calling os.RemoveAll, which is omitted in
some tests. The error handling boilerplate e.g.

	defer func() {
		if err := os.RemoveAll(dir); err != nil {
			t.Fatal(err)
		}
	}

is also tedious, but t.TempDir handles this for us nicely.

Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-04-08 15:44:55 +02:00
Marius van der Wijden a8040bc2c5
node: allow JWT pass by file only (#24579) 2022-03-24 15:04:47 +01:00
Marius van der Wijden 4f4622bc8b
core: eth: implement Kiln-v2 spec (#24506)
* core/beacon: eth/catalyst: updated engine api to new version

* core: implement exchangeTransitionConfig

* core/beacon: prevRandao instead of Random

* eth/catalyst: Fix ExchangeTransitionConfig, add test

* eth/catalyst: stop external miners on TTD reached

* node: implement --authrpc.vhosts flag

* core: allow for config override on non-mainnet networks

* eth/catalyst: fix peters comments

* eth/catalyst: make stop remote sealer more explicit

* eth/catalyst: add log output

* cmd/utils: rename authrpc.host to authrpc.addr

* eth/catalyst: disable the disabling of the miner

* eth: core: remove notion of terminal pow block

* eth: les: more of peters nitpicks
2022-03-17 17:20:03 +02:00
Felix Lange 5079e3c6e5
cmd/geth: make authrpc listening address settable from command line (#24522)
The default listening address "localhost" is not sufficient when running
geth in Docker.
2022-03-09 14:45:39 +01:00
Martin Holst Swende 4860e50e05
cmd/geth, node, rpc: implement jwt tokens (#24364)
* rpc, node: refactor request validation and add jwt validation

* node, rpc: fix error message, ignore engine api in RegisterAPIs

* node: make authenticated port configurable

* eth/catalyst: enable unauthenticated version of engine api

* node: rework obtainjwtsecret (backport later)

* cmd/geth: added auth port flag

* node: happy lint, happy life

* node: refactor authenticated api

Modifies the authentication mechanism to use default values

* node: trim spaces and newline away from secret

Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
2022-03-07 09:30:27 +02:00
Shihao Xia eef7a33135
core, miner, rpc, eth: fix goroutine leaks in tests (#24211)
* fix blocking and non-blocking issues

* core: revert change in blockchain.go

Co-authored-by: Martin Holst Swende <martin@swende.se>
2022-01-21 12:22:44 +01:00
Iskander (Alex) Sharipov 778ff94794
all: fix some go-critic linter warnings (#23709)
This doesn't fix all go-critic warnings, just the most serious ones.

Co-authored-by: Felix Lange <fjl@twurst.com>
Co-authored-by: Martin Holst Swende <martin@swende.se>
2021-10-13 17:31:02 +02:00
Sina Mahmoodi 108eec3fee
node: remove dependency on wallet backend packages (#23019)
* accounts: new AddBackends method in manager

* node,cmd/geth: mv accman backend init to cmd/geth

* node,cmd/geth: mv scrypt config downstreawm from node

* accounts: use static buffer size for accman sub chan

minor fix

* accounts,cmd/geth: update accman backends through its event loop

* accounts,node: add comments

* accounts: un-export newBackendEvent

* accounts: use chan instead of wg in newBlockEvent

* node: rename isKeyDirEphem

* accounts,cmd: AddBackends->AddBackend

* accounts: fix potential blocking when adding backend
2021-08-25 22:34:22 +02:00
Zachinquarantine 85126c4eb9
node: add comment about --nousb being deprecated (#23439)
Co-authored-by: Felix Lange <fjl@twurst.com>
2021-08-24 14:10:52 +02:00
baptiste-b-pegasys 95bbd46eab
node, cmd/clef: remove term "whitelist" (#23296)
* node: remove term "whitelist"

* include cmd/clef
2021-08-02 15:43:01 +02:00