github.com/cryptotooltop/go-ethereum@v0.0.0-20231103184714-151d1922f3e5/node/rpcstack.go (about) 1 // Copyright 2020 The go-ethereum Authors 2 // This file is part of the go-ethereum library. 3 // 4 // The go-ethereum library is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Lesser General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // The go-ethereum library is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Lesser General Public License for more details. 13 // 14 // You should have received a copy of the GNU Lesser General Public License 15 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. 16 17 package node 18 19 import ( 20 "compress/gzip" 21 "context" 22 "fmt" 23 "io" 24 "io/ioutil" 25 "net" 26 "net/http" 27 "sort" 28 "strings" 29 "sync" 30 "sync/atomic" 31 32 "github.com/rs/cors" 33 34 "github.com/scroll-tech/go-ethereum/log" 35 "github.com/scroll-tech/go-ethereum/rpc" 36 ) 37 38 // httpConfig is the JSON-RPC/HTTP configuration. 39 type httpConfig struct { 40 Modules []string 41 CorsAllowedOrigins []string 42 Vhosts []string 43 prefix string // path prefix on which to mount http handler 44 } 45 46 // wsConfig is the JSON-RPC/Websocket configuration 47 type wsConfig struct { 48 Origins []string 49 Modules []string 50 prefix string // path prefix on which to mount ws handler 51 } 52 53 type rpcHandler struct { 54 http.Handler 55 server *rpc.Server 56 } 57 58 type httpServer struct { 59 log log.Logger 60 timeouts rpc.HTTPTimeouts 61 mux http.ServeMux // registered handlers go here 62 63 mu sync.Mutex 64 server *http.Server 65 listener net.Listener // non-nil when server is running 66 67 // HTTP RPC handler things. 68 69 httpConfig httpConfig 70 httpHandler atomic.Value // *rpcHandler 71 72 // WebSocket handler things. 73 wsConfig wsConfig 74 wsHandler atomic.Value // *rpcHandler 75 76 // These are set by setListenAddr. 77 endpoint string 78 host string 79 port int 80 81 handlerNames map[string]string 82 } 83 84 func newHTTPServer(log log.Logger, timeouts rpc.HTTPTimeouts) *httpServer { 85 h := &httpServer{log: log, timeouts: timeouts, handlerNames: make(map[string]string)} 86 87 h.httpHandler.Store((*rpcHandler)(nil)) 88 h.wsHandler.Store((*rpcHandler)(nil)) 89 return h 90 } 91 92 // setListenAddr configures the listening address of the server. 93 // The address can only be set while the server isn't running. 94 func (h *httpServer) setListenAddr(host string, port int) error { 95 h.mu.Lock() 96 defer h.mu.Unlock() 97 98 if h.listener != nil && (host != h.host || port != h.port) { 99 return fmt.Errorf("HTTP server already running on %s", h.endpoint) 100 } 101 102 h.host, h.port = host, port 103 h.endpoint = fmt.Sprintf("%s:%d", host, port) 104 return nil 105 } 106 107 // listenAddr returns the listening address of the server. 108 func (h *httpServer) listenAddr() string { 109 h.mu.Lock() 110 defer h.mu.Unlock() 111 112 if h.listener != nil { 113 return h.listener.Addr().String() 114 } 115 return h.endpoint 116 } 117 118 // start starts the HTTP server if it is enabled and not already running. 119 func (h *httpServer) start() error { 120 h.mu.Lock() 121 defer h.mu.Unlock() 122 123 if h.endpoint == "" || h.listener != nil { 124 return nil // already running or not configured 125 } 126 127 // Initialize the server. 128 h.server = &http.Server{Handler: h} 129 if h.timeouts != (rpc.HTTPTimeouts{}) { 130 CheckTimeouts(&h.timeouts) 131 h.server.ReadTimeout = h.timeouts.ReadTimeout 132 h.server.WriteTimeout = h.timeouts.WriteTimeout 133 h.server.IdleTimeout = h.timeouts.IdleTimeout 134 } 135 136 // Start the server. 137 listener, err := net.Listen("tcp", h.endpoint) 138 if err != nil { 139 // If the server fails to start, we need to clear out the RPC and WS 140 // configuration so they can be configured another time. 141 h.disableRPC() 142 h.disableWS() 143 return err 144 } 145 h.listener = listener 146 go h.server.Serve(listener) 147 148 if h.wsAllowed() { 149 url := fmt.Sprintf("ws://%v", listener.Addr()) 150 if h.wsConfig.prefix != "" { 151 url += h.wsConfig.prefix 152 } 153 h.log.Info("WebSocket enabled", "url", url) 154 } 155 // if server is websocket only, return after logging 156 if !h.rpcAllowed() { 157 return nil 158 } 159 // Log http endpoint. 160 h.log.Info("HTTP server started", 161 "endpoint", listener.Addr(), 162 "prefix", h.httpConfig.prefix, 163 "cors", strings.Join(h.httpConfig.CorsAllowedOrigins, ","), 164 "vhosts", strings.Join(h.httpConfig.Vhosts, ","), 165 ) 166 167 // Log all handlers mounted on server. 168 var paths []string 169 for path := range h.handlerNames { 170 paths = append(paths, path) 171 } 172 sort.Strings(paths) 173 logged := make(map[string]bool, len(paths)) 174 for _, path := range paths { 175 name := h.handlerNames[path] 176 if !logged[name] { 177 log.Info(name+" enabled", "url", "http://"+listener.Addr().String()+path) 178 logged[name] = true 179 } 180 } 181 return nil 182 } 183 184 func (h *httpServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { 185 // check if ws request and serve if ws enabled 186 ws := h.wsHandler.Load().(*rpcHandler) 187 if ws != nil && isWebsocket(r) { 188 if checkPath(r, h.wsConfig.prefix) { 189 ws.ServeHTTP(w, r) 190 } 191 return 192 } 193 // if http-rpc is enabled, try to serve request 194 rpc := h.httpHandler.Load().(*rpcHandler) 195 if rpc != nil { 196 // First try to route in the mux. 197 // Requests to a path below root are handled by the mux, 198 // which has all the handlers registered via Node.RegisterHandler. 199 // These are made available when RPC is enabled. 200 muxHandler, pattern := h.mux.Handler(r) 201 if pattern != "" { 202 muxHandler.ServeHTTP(w, r) 203 return 204 } 205 206 if checkPath(r, h.httpConfig.prefix) { 207 rpc.ServeHTTP(w, r) 208 return 209 } 210 } 211 w.WriteHeader(http.StatusNotFound) 212 } 213 214 // checkPath checks whether a given request URL matches a given path prefix. 215 func checkPath(r *http.Request, path string) bool { 216 // if no prefix has been specified, request URL must be on root 217 if path == "" { 218 return r.URL.Path == "/" 219 } 220 // otherwise, check to make sure prefix matches 221 return len(r.URL.Path) >= len(path) && r.URL.Path[:len(path)] == path 222 } 223 224 // validatePrefix checks if 'path' is a valid configuration value for the RPC prefix option. 225 func validatePrefix(what, path string) error { 226 if path == "" { 227 return nil 228 } 229 if path[0] != '/' { 230 return fmt.Errorf(`%s RPC path prefix %q does not contain leading "/"`, what, path) 231 } 232 if strings.ContainsAny(path, "?#") { 233 // This is just to avoid confusion. While these would match correctly (i.e. they'd 234 // match if URL-escaped into path), it's not easy to understand for users when 235 // setting that on the command line. 236 return fmt.Errorf("%s RPC path prefix %q contains URL meta-characters", what, path) 237 } 238 return nil 239 } 240 241 // stop shuts down the HTTP server. 242 func (h *httpServer) stop() { 243 h.mu.Lock() 244 defer h.mu.Unlock() 245 h.doStop() 246 } 247 248 func (h *httpServer) doStop() { 249 if h.listener == nil { 250 return // not running 251 } 252 253 // Shut down the server. 254 httpHandler := h.httpHandler.Load().(*rpcHandler) 255 wsHandler := h.wsHandler.Load().(*rpcHandler) 256 if httpHandler != nil { 257 h.httpHandler.Store((*rpcHandler)(nil)) 258 httpHandler.server.Stop() 259 } 260 if wsHandler != nil { 261 h.wsHandler.Store((*rpcHandler)(nil)) 262 wsHandler.server.Stop() 263 } 264 h.server.Shutdown(context.Background()) 265 h.listener.Close() 266 h.log.Info("HTTP server stopped", "endpoint", h.listener.Addr()) 267 268 // Clear out everything to allow re-configuring it later. 269 h.host, h.port, h.endpoint = "", 0, "" 270 h.server, h.listener = nil, nil 271 } 272 273 // enableRPC turns on JSON-RPC over HTTP on the server. 274 func (h *httpServer) enableRPC(apis []rpc.API, config httpConfig) error { 275 h.mu.Lock() 276 defer h.mu.Unlock() 277 278 if h.rpcAllowed() { 279 return fmt.Errorf("JSON-RPC over HTTP is already enabled") 280 } 281 282 // Create RPC server and handler. 283 srv := rpc.NewServer() 284 if err := RegisterApis(apis, config.Modules, srv, false); err != nil { 285 return err 286 } 287 h.httpConfig = config 288 h.httpHandler.Store(&rpcHandler{ 289 Handler: NewHTTPHandlerStack(srv, config.CorsAllowedOrigins, config.Vhosts), 290 server: srv, 291 }) 292 return nil 293 } 294 295 // disableRPC stops the HTTP RPC handler. This is internal, the caller must hold h.mu. 296 func (h *httpServer) disableRPC() bool { 297 handler := h.httpHandler.Load().(*rpcHandler) 298 if handler != nil { 299 h.httpHandler.Store((*rpcHandler)(nil)) 300 handler.server.Stop() 301 } 302 return handler != nil 303 } 304 305 // enableWS turns on JSON-RPC over WebSocket on the server. 306 func (h *httpServer) enableWS(apis []rpc.API, config wsConfig) error { 307 h.mu.Lock() 308 defer h.mu.Unlock() 309 310 if h.wsAllowed() { 311 return fmt.Errorf("JSON-RPC over WebSocket is already enabled") 312 } 313 314 // Create RPC server and handler. 315 srv := rpc.NewServer() 316 if err := RegisterApis(apis, config.Modules, srv, false); err != nil { 317 return err 318 } 319 h.wsConfig = config 320 h.wsHandler.Store(&rpcHandler{ 321 Handler: srv.WebsocketHandler(config.Origins), 322 server: srv, 323 }) 324 return nil 325 } 326 327 // stopWS disables JSON-RPC over WebSocket and also stops the server if it only serves WebSocket. 328 func (h *httpServer) stopWS() { 329 h.mu.Lock() 330 defer h.mu.Unlock() 331 332 if h.disableWS() { 333 if !h.rpcAllowed() { 334 h.doStop() 335 } 336 } 337 } 338 339 // disableWS disables the WebSocket handler. This is internal, the caller must hold h.mu. 340 func (h *httpServer) disableWS() bool { 341 ws := h.wsHandler.Load().(*rpcHandler) 342 if ws != nil { 343 h.wsHandler.Store((*rpcHandler)(nil)) 344 ws.server.Stop() 345 } 346 return ws != nil 347 } 348 349 // rpcAllowed returns true when JSON-RPC over HTTP is enabled. 350 func (h *httpServer) rpcAllowed() bool { 351 return h.httpHandler.Load().(*rpcHandler) != nil 352 } 353 354 // wsAllowed returns true when JSON-RPC over WebSocket is enabled. 355 func (h *httpServer) wsAllowed() bool { 356 return h.wsHandler.Load().(*rpcHandler) != nil 357 } 358 359 // isWebsocket checks the header of an http request for a websocket upgrade request. 360 func isWebsocket(r *http.Request) bool { 361 return strings.ToLower(r.Header.Get("Upgrade")) == "websocket" && 362 strings.Contains(strings.ToLower(r.Header.Get("Connection")), "upgrade") 363 } 364 365 // NewHTTPHandlerStack returns wrapped http-related handlers 366 func NewHTTPHandlerStack(srv http.Handler, cors []string, vhosts []string) http.Handler { 367 // Wrap the CORS-handler within a host-handler 368 handler := newCorsHandler(srv, cors) 369 handler = newVHostHandler(vhosts, handler) 370 return newGzipHandler(handler) 371 } 372 373 func newCorsHandler(srv http.Handler, allowedOrigins []string) http.Handler { 374 // disable CORS support if user has not specified a custom CORS configuration 375 if len(allowedOrigins) == 0 { 376 return srv 377 } 378 c := cors.New(cors.Options{ 379 AllowedOrigins: allowedOrigins, 380 AllowedMethods: []string{http.MethodPost, http.MethodGet}, 381 AllowedHeaders: []string{"*"}, 382 MaxAge: 600, 383 }) 384 return c.Handler(srv) 385 } 386 387 // virtualHostHandler is a handler which validates the Host-header of incoming requests. 388 // Using virtual hosts can help prevent DNS rebinding attacks, where a 'random' domain name points to 389 // the service ip address (but without CORS headers). By verifying the targeted virtual host, we can 390 // ensure that it's a destination that the node operator has defined. 391 type virtualHostHandler struct { 392 vhosts map[string]struct{} 393 next http.Handler 394 } 395 396 func newVHostHandler(vhosts []string, next http.Handler) http.Handler { 397 vhostMap := make(map[string]struct{}) 398 for _, allowedHost := range vhosts { 399 vhostMap[strings.ToLower(allowedHost)] = struct{}{} 400 } 401 return &virtualHostHandler{vhostMap, next} 402 } 403 404 // ServeHTTP serves JSON-RPC requests over HTTP, implements http.Handler 405 func (h *virtualHostHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 406 // if r.Host is not set, we can continue serving since a browser would set the Host header 407 if r.Host == "" { 408 h.next.ServeHTTP(w, r) 409 return 410 } 411 host, _, err := net.SplitHostPort(r.Host) 412 if err != nil { 413 // Either invalid (too many colons) or no port specified 414 host = r.Host 415 } 416 if ipAddr := net.ParseIP(host); ipAddr != nil { 417 // It's an IP address, we can serve that 418 h.next.ServeHTTP(w, r) 419 return 420 421 } 422 // Not an IP address, but a hostname. Need to validate 423 if _, exist := h.vhosts["*"]; exist { 424 h.next.ServeHTTP(w, r) 425 return 426 } 427 if _, exist := h.vhosts[host]; exist { 428 h.next.ServeHTTP(w, r) 429 return 430 } 431 http.Error(w, "invalid host specified", http.StatusForbidden) 432 } 433 434 var gzPool = sync.Pool{ 435 New: func() interface{} { 436 w := gzip.NewWriter(ioutil.Discard) 437 return w 438 }, 439 } 440 441 type gzipResponseWriter struct { 442 io.Writer 443 http.ResponseWriter 444 } 445 446 func (w *gzipResponseWriter) WriteHeader(status int) { 447 w.Header().Del("Content-Length") 448 w.ResponseWriter.WriteHeader(status) 449 } 450 451 func (w *gzipResponseWriter) Write(b []byte) (int, error) { 452 return w.Writer.Write(b) 453 } 454 455 func newGzipHandler(next http.Handler) http.Handler { 456 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 457 if !strings.Contains(r.Header.Get("Accept-Encoding"), "gzip") { 458 next.ServeHTTP(w, r) 459 return 460 } 461 462 w.Header().Set("Content-Encoding", "gzip") 463 464 gz := gzPool.Get().(*gzip.Writer) 465 defer gzPool.Put(gz) 466 467 gz.Reset(w) 468 defer gz.Close() 469 470 next.ServeHTTP(&gzipResponseWriter{ResponseWriter: w, Writer: gz}, r) 471 }) 472 } 473 474 type ipcServer struct { 475 log log.Logger 476 endpoint string 477 478 mu sync.Mutex 479 listener net.Listener 480 srv *rpc.Server 481 } 482 483 func newIPCServer(log log.Logger, endpoint string) *ipcServer { 484 return &ipcServer{log: log, endpoint: endpoint} 485 } 486 487 // Start starts the httpServer's http.Server 488 func (is *ipcServer) start(apis []rpc.API) error { 489 is.mu.Lock() 490 defer is.mu.Unlock() 491 492 if is.listener != nil { 493 return nil // already running 494 } 495 listener, srv, err := rpc.StartIPCEndpoint(is.endpoint, apis) 496 if err != nil { 497 is.log.Warn("IPC opening failed", "url", is.endpoint, "error", err) 498 return err 499 } 500 is.log.Info("IPC endpoint opened", "url", is.endpoint) 501 is.listener, is.srv = listener, srv 502 return nil 503 } 504 505 func (is *ipcServer) stop() error { 506 is.mu.Lock() 507 defer is.mu.Unlock() 508 509 if is.listener == nil { 510 return nil // not running 511 } 512 err := is.listener.Close() 513 is.srv.Stop() 514 is.listener, is.srv = nil, nil 515 is.log.Info("IPC endpoint closed", "url", is.endpoint) 516 return err 517 } 518 519 // RegisterApis checks the given modules' availability, generates an allowlist based on the allowed modules, 520 // and then registers all of the APIs exposed by the services. 521 func RegisterApis(apis []rpc.API, modules []string, srv *rpc.Server, exposeAll bool) error { 522 if bad, available := checkModuleAvailability(modules, apis); len(bad) > 0 { 523 log.Error("Unavailable modules in HTTP API list", "unavailable", bad, "available", available) 524 } 525 // Generate the allow list based on the allowed modules 526 allowList := make(map[string]bool) 527 for _, module := range modules { 528 allowList[module] = true 529 } 530 // Register all the APIs exposed by the services 531 for _, api := range apis { 532 if exposeAll || allowList[api.Namespace] || (len(allowList) == 0 && api.Public) { 533 if err := srv.RegisterName(api.Namespace, api.Service); err != nil { 534 return err 535 } 536 } 537 } 538 return nil 539 }