Commit Graph

12 Commits

Author SHA1 Message Date
Martin Holst Swende 4860e50e05
cmd/geth, node, rpc: implement jwt tokens (#24364)
* rpc, node: refactor request validation and add jwt validation

* node, rpc: fix error message, ignore engine api in RegisterAPIs

* node: make authenticated port configurable

* eth/catalyst: enable unauthenticated version of engine api

* node: rework obtainjwtsecret (backport later)

* cmd/geth: added auth port flag

* node: happy lint, happy life

* node: refactor authenticated api

Modifies the authentication mechanism to use default values

* node: trim spaces and newline away from secret

Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
2022-03-07 09:30:27 +02:00
Felix Lange 5bcbb2980b
rpc: add PeerInfo (#24255)
This replaces the sketchy and undocumented string context keys for HTTP requests
with a defined interface. Using string keys with context is discouraged because
they may clash with keys created by other packages.

We added these keys to make connection metadata available in the signer, so this
change also updates signer/core to use the new PeerInfo API.
2022-01-20 12:45:07 +01:00
Guillaume Ballet 0183256e7f
all: fix warning flagging the use of DeepEqual on error (#23624)
* core: fix warning flagging the use of DeepEqual on error

* apply the same change everywhere possible

* revert change that was committed by mistake

* fix build error

* Update config.go

* revert changes to ConfigCompatError

* review feedback

Co-authored-by: Felix Lange <fjl@twurst.com>
2021-10-19 17:06:47 +02:00
Jordan Krage 51ececb64e
rpc: set pong read deadline (#23556)
This PR adds a 30s timeout for the remote part to answer a ping message, thus detecting (silent) disconnnects
2021-09-27 16:31:45 +02:00
Felix Lange 4a37ae510e
rpc: tighter shutdown synchronization in client subscription (#22597)
This fixes a rare issue where the client subscription forwarding loop
would attempt send on the subscription's channel after Unsubscribe has
returned, leading to a panic if the subscription channel was already
closed by the user. Example:

    sub, _ := client.Subscribe(..., channel, ...)
    sub.Unsubscribe()
    close(channel)

The race occurred because Unsubscribe called quitWithServer to tell the
forwarding loop to stop sending on sub.channel, but did not wait for the
loop to actually come down. This is fixed by adding an additional channel
to track the shutdown, on which Unsubscribe now waits.

Fixes #22322
2021-03-30 20:09:30 +02:00
Felix Lange 27b31371d4
rpc: add separate size limit for websocket (#22385)
This makes the WebSocket message size limit independent of the
limit used for HTTP requests. The new limit for WebSocket messages 
is 15MB.
2021-02-26 13:40:35 +01:00
ucwong f7b29ec942
rpc: add missing timer.Stop calls in websocket tests (#20863) 2020-04-02 22:08:45 +02:00
Felix Lange 8008c5b1fa rpc: remove 'exported or builtin' restriction for parameters (#20332)
* rpc: remove 'exported or builtin' restriction for parameters

There is no technial reason for this restriction because package reflect
can create values of any type. Requiring parameters and return values to
be exported causes a lot of noise in package exports.

* rpc: fix staticcheck warnings
2019-11-20 10:06:21 +02:00
Felix Lange 04e175b8ec rpc: implement websockets with github.com/gorilla/websocket (#19866)
* rpc: implement websockets with github.com/gorilla/websocket

This change makes package rpc use the github.com/gorilla/websocket
package for WebSockets instead of golang.org/x/net/websocket. The new
library is more robust and supports all WebSocket features including
continuation frames.

There are new tests for two issues with the previously-used library:

  - TestWebsocketClientPing checks handling of Ping frames.
  - TestWebsocketLargeCall checks whether the request size limit is
    applied correctly.

* rpc: raise HTTP/WebSocket request size limit to 5MB

* rpc: remove default origin for client connections

The client used to put the local hostname into the Origin header because
the server wanted an origin to accept the connection, but that's silly:
Origin is for browsers/websites. The nobody would whitelist a particular
hostname.

Now that the server doesn't need Origin anymore, don't bother setting
one for clients. Users who need an origin can use DialWebsocket to
create a client with arbitrary origin if needed.

* vendor: put golang.org/x/net/websocket back

* rpc: don't set Origin header for empty (default) origin

* rpc: add HTTP status code to handshake error

This makes it easier to debug failing connections.

* ethstats: use github.com/gorilla/websocket

* rpc: fix lint
2019-07-22 13:22:39 +03:00
Péter Szilágyi 1a83114c74
all: update author list and licenses 2019-07-22 12:17:27 +03:00
Felix Lange f088c650a5 all: replace t.Log(); t.FailNow() with t.Fatal() (#19849) 2019-07-18 15:21:24 +03:00
Peter Broadhurst c35659c6a0 rpc: enable basic auth for websocket client (#17699) 2018-09-19 18:09:03 +02:00