github.com/daeglee/go-ethereum@v0.0.0-20190504220456-cad3e8d18e9b/node/config.go (about) 1 // Copyright 2014 The go-ethereum Authors 2 // This file is part of the go-ethereum library. 3 // 4 // The go-ethereum library is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Lesser General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // The go-ethereum library is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Lesser General Public License for more details. 13 // 14 // You should have received a copy of the GNU Lesser General Public License 15 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. 16 17 package node 18 19 import ( 20 "crypto/ecdsa" 21 "fmt" 22 "io/ioutil" 23 "os" 24 "path/filepath" 25 "runtime" 26 "strings" 27 "sync" 28 29 "github.com/ethereum/go-ethereum/accounts" 30 "github.com/ethereum/go-ethereum/accounts/external" 31 "github.com/ethereum/go-ethereum/accounts/keystore" 32 "github.com/ethereum/go-ethereum/accounts/usbwallet" 33 "github.com/ethereum/go-ethereum/common" 34 "github.com/ethereum/go-ethereum/crypto" 35 "github.com/ethereum/go-ethereum/log" 36 "github.com/ethereum/go-ethereum/p2p" 37 "github.com/ethereum/go-ethereum/p2p/enode" 38 "github.com/ethereum/go-ethereum/rpc" 39 ) 40 41 const ( 42 datadirPrivateKey = "nodekey" // Path within the datadir to the node's private key 43 datadirDefaultKeyStore = "keystore" // Path within the datadir to the keystore 44 datadirStaticNodes = "static-nodes.json" // Path within the datadir to the static node list 45 datadirTrustedNodes = "trusted-nodes.json" // Path within the datadir to the trusted node list 46 datadirNodeDatabase = "nodes" // Path within the datadir to store the node infos 47 ) 48 49 // Config represents a small collection of configuration values to fine tune the 50 // P2P network layer of a protocol stack. These values can be further extended by 51 // all registered services. 52 type Config struct { 53 // Name sets the instance name of the node. It must not contain the / character and is 54 // used in the devp2p node identifier. The instance name of geth is "geth". If no 55 // value is specified, the basename of the current executable is used. 56 Name string `toml:"-"` 57 58 // UserIdent, if set, is used as an additional component in the devp2p node identifier. 59 UserIdent string `toml:",omitempty"` 60 61 // Version should be set to the version number of the program. It is used 62 // in the devp2p node identifier. 63 Version string `toml:"-"` 64 65 // DataDir is the file system folder the node should use for any data storage 66 // requirements. The configured data directory will not be directly shared with 67 // registered services, instead those can use utility methods to create/access 68 // databases or flat files. This enables ephemeral nodes which can fully reside 69 // in memory. 70 DataDir string 71 72 // Configuration of peer-to-peer networking. 73 P2P p2p.Config 74 75 // KeyStoreDir is the file system folder that contains private keys. The directory can 76 // be specified as a relative path, in which case it is resolved relative to the 77 // current directory. 78 // 79 // If KeyStoreDir is empty, the default location is the "keystore" subdirectory of 80 // DataDir. If DataDir is unspecified and KeyStoreDir is empty, an ephemeral directory 81 // is created by New and destroyed when the node is stopped. 82 KeyStoreDir string `toml:",omitempty"` 83 84 // ExternalSigner specifies an external URI for a clef-type signer 85 ExternalSigner string `toml:"omitempty"` 86 87 // UseLightweightKDF lowers the memory and CPU requirements of the key store 88 // scrypt KDF at the expense of security. 89 UseLightweightKDF bool `toml:",omitempty"` 90 91 // NoUSB disables hardware wallet monitoring and connectivity. 92 NoUSB bool `toml:",omitempty"` 93 94 // IPCPath is the requested location to place the IPC endpoint. If the path is 95 // a simple file name, it is placed inside the data directory (or on the root 96 // pipe path on Windows), whereas if it's a resolvable path name (absolute or 97 // relative), then that specific path is enforced. An empty path disables IPC. 98 IPCPath string `toml:",omitempty"` 99 100 // HTTPHost is the host interface on which to start the HTTP RPC server. If this 101 // field is empty, no HTTP API endpoint will be started. 102 HTTPHost string `toml:",omitempty"` 103 104 // HTTPPort is the TCP port number on which to start the HTTP RPC server. The 105 // default zero value is/ valid and will pick a port number randomly (useful 106 // for ephemeral nodes). 107 HTTPPort int `toml:",omitempty"` 108 109 // GraphQLHost is the host interface on which to start the GraphQL server. If this 110 // field is empty, no GraphQL API endpoint will be started. 111 GraphQLHost string `toml:",omitempty"` 112 113 // GraphQLPort is the TCP port number on which to start the GraphQL server. The 114 // default zero value is/ valid and will pick a port number randomly (useful 115 // for ephemeral nodes). 116 GraphQLPort int `toml:",omitempty"` 117 118 // GraphQLCors is the Cross-Origin Resource Sharing header to send to requesting 119 // clients. Please be aware that CORS is a browser enforced security, it's fully 120 // useless for custom HTTP clients. 121 GraphQLCors []string `toml:",omitempty"` 122 123 // GraphQLVirtualHosts is the list of virtual hostnames which are allowed on incoming requests. 124 // This is by default {'localhost'}. Using this prevents attacks like 125 // DNS rebinding, which bypasses SOP by simply masquerading as being within the same 126 // origin. These attacks do not utilize CORS, since they are not cross-domain. 127 // By explicitly checking the Host-header, the server will not allow requests 128 // made against the server with a malicious host domain. 129 // Requests using ip address directly are not affected 130 GraphQLVirtualHosts []string `toml:",omitempty"` 131 132 // HTTPCors is the Cross-Origin Resource Sharing header to send to requesting 133 // clients. Please be aware that CORS is a browser enforced security, it's fully 134 // useless for custom HTTP clients. 135 HTTPCors []string `toml:",omitempty"` 136 137 // HTTPVirtualHosts is the list of virtual hostnames which are allowed on incoming requests. 138 // This is by default {'localhost'}. Using this prevents attacks like 139 // DNS rebinding, which bypasses SOP by simply masquerading as being within the same 140 // origin. These attacks do not utilize CORS, since they are not cross-domain. 141 // By explicitly checking the Host-header, the server will not allow requests 142 // made against the server with a malicious host domain. 143 // Requests using ip address directly are not affected 144 HTTPVirtualHosts []string `toml:",omitempty"` 145 146 // HTTPModules is a list of API modules to expose via the HTTP RPC interface. 147 // If the module list is empty, all RPC API endpoints designated public will be 148 // exposed. 149 HTTPModules []string `toml:",omitempty"` 150 151 // HTTPTimeouts allows for customization of the timeout values used by the HTTP RPC 152 // interface. 153 HTTPTimeouts rpc.HTTPTimeouts 154 155 // WSHost is the host interface on which to start the websocket RPC server. If 156 // this field is empty, no websocket API endpoint will be started. 157 WSHost string `toml:",omitempty"` 158 159 // WSPort is the TCP port number on which to start the websocket RPC server. The 160 // default zero value is/ valid and will pick a port number randomly (useful for 161 // ephemeral nodes). 162 WSPort int `toml:",omitempty"` 163 164 // WSOrigins is the list of domain to accept websocket requests from. Please be 165 // aware that the server can only act upon the HTTP request the client sends and 166 // cannot verify the validity of the request header. 167 WSOrigins []string `toml:",omitempty"` 168 169 // WSModules is a list of API modules to expose via the websocket RPC interface. 170 // If the module list is empty, all RPC API endpoints designated public will be 171 // exposed. 172 WSModules []string `toml:",omitempty"` 173 174 // WSExposeAll exposes all API modules via the WebSocket RPC interface rather 175 // than just the public ones. 176 // 177 // *WARNING* Only set this if the node is running in a trusted network, exposing 178 // private APIs to untrusted users is a major security risk. 179 WSExposeAll bool `toml:",omitempty"` 180 181 // Logger is a custom logger to use with the p2p.Server. 182 Logger log.Logger `toml:",omitempty"` 183 184 staticNodesWarning bool 185 trustedNodesWarning bool 186 oldGethResourceWarning bool 187 } 188 189 // IPCEndpoint resolves an IPC endpoint based on a configured value, taking into 190 // account the set data folders as well as the designated platform we're currently 191 // running on. 192 func (c *Config) IPCEndpoint() string { 193 // Short circuit if IPC has not been enabled 194 if c.IPCPath == "" { 195 return "" 196 } 197 // On windows we can only use plain top-level pipes 198 if runtime.GOOS == "windows" { 199 if strings.HasPrefix(c.IPCPath, `\\.\pipe\`) { 200 return c.IPCPath 201 } 202 return `\\.\pipe\` + c.IPCPath 203 } 204 // Resolve names into the data directory full paths otherwise 205 if filepath.Base(c.IPCPath) == c.IPCPath { 206 if c.DataDir == "" { 207 return filepath.Join(os.TempDir(), c.IPCPath) 208 } 209 return filepath.Join(c.DataDir, c.IPCPath) 210 } 211 return c.IPCPath 212 } 213 214 // NodeDB returns the path to the discovery node database. 215 func (c *Config) NodeDB() string { 216 if c.DataDir == "" { 217 return "" // ephemeral 218 } 219 return c.ResolvePath(datadirNodeDatabase) 220 } 221 222 // DefaultIPCEndpoint returns the IPC path used by default. 223 func DefaultIPCEndpoint(clientIdentifier string) string { 224 if clientIdentifier == "" { 225 clientIdentifier = strings.TrimSuffix(filepath.Base(os.Args[0]), ".exe") 226 if clientIdentifier == "" { 227 panic("empty executable name") 228 } 229 } 230 config := &Config{DataDir: DefaultDataDir(), IPCPath: clientIdentifier + ".ipc"} 231 return config.IPCEndpoint() 232 } 233 234 // HTTPEndpoint resolves an HTTP endpoint based on the configured host interface 235 // and port parameters. 236 func (c *Config) HTTPEndpoint() string { 237 if c.HTTPHost == "" { 238 return "" 239 } 240 return fmt.Sprintf("%s:%d", c.HTTPHost, c.HTTPPort) 241 } 242 243 // GraphQLEndpoint resolves a GraphQL endpoint based on the configured host interface 244 // and port parameters. 245 func (c *Config) GraphQLEndpoint() string { 246 if c.GraphQLHost == "" { 247 return "" 248 } 249 return fmt.Sprintf("%s:%d", c.GraphQLHost, c.GraphQLPort) 250 } 251 252 // DefaultHTTPEndpoint returns the HTTP endpoint used by default. 253 func DefaultHTTPEndpoint() string { 254 config := &Config{HTTPHost: DefaultHTTPHost, HTTPPort: DefaultHTTPPort} 255 return config.HTTPEndpoint() 256 } 257 258 // WSEndpoint resolves a websocket endpoint based on the configured host interface 259 // and port parameters. 260 func (c *Config) WSEndpoint() string { 261 if c.WSHost == "" { 262 return "" 263 } 264 return fmt.Sprintf("%s:%d", c.WSHost, c.WSPort) 265 } 266 267 // DefaultWSEndpoint returns the websocket endpoint used by default. 268 func DefaultWSEndpoint() string { 269 config := &Config{WSHost: DefaultWSHost, WSPort: DefaultWSPort} 270 return config.WSEndpoint() 271 } 272 273 // NodeName returns the devp2p node identifier. 274 func (c *Config) NodeName() string { 275 name := c.name() 276 // Backwards compatibility: previous versions used title-cased "Geth", keep that. 277 if name == "geth" || name == "geth-testnet" { 278 name = "Geth" 279 } 280 if c.UserIdent != "" { 281 name += "/" + c.UserIdent 282 } 283 if c.Version != "" { 284 name += "/v" + c.Version 285 } 286 name += "/" + runtime.GOOS + "-" + runtime.GOARCH 287 name += "/" + runtime.Version() 288 return name 289 } 290 291 func (c *Config) name() string { 292 if c.Name == "" { 293 progname := strings.TrimSuffix(filepath.Base(os.Args[0]), ".exe") 294 if progname == "" { 295 panic("empty executable name, set Config.Name") 296 } 297 return progname 298 } 299 return c.Name 300 } 301 302 // These resources are resolved differently for "geth" instances. 303 var isOldGethResource = map[string]bool{ 304 "chaindata": true, 305 "nodes": true, 306 "nodekey": true, 307 "static-nodes.json": false, // no warning for these because they have their 308 "trusted-nodes.json": false, // own separate warning. 309 } 310 311 // ResolvePath resolves path in the instance directory. 312 func (c *Config) ResolvePath(path string) string { 313 if filepath.IsAbs(path) { 314 return path 315 } 316 if c.DataDir == "" { 317 return "" 318 } 319 // Backwards-compatibility: ensure that data directory files created 320 // by geth 1.4 are used if they exist. 321 if warn, isOld := isOldGethResource[path]; isOld { 322 oldpath := "" 323 if c.name() == "geth" { 324 oldpath = filepath.Join(c.DataDir, path) 325 } 326 if oldpath != "" && common.FileExist(oldpath) { 327 if warn { 328 c.warnOnce(&c.oldGethResourceWarning, "Using deprecated resource file %s, please move this file to the 'geth' subdirectory of datadir.", oldpath) 329 } 330 return oldpath 331 } 332 } 333 return filepath.Join(c.instanceDir(), path) 334 } 335 336 func (c *Config) instanceDir() string { 337 if c.DataDir == "" { 338 return "" 339 } 340 return filepath.Join(c.DataDir, c.name()) 341 } 342 343 // NodeKey retrieves the currently configured private key of the node, checking 344 // first any manually set key, falling back to the one found in the configured 345 // data folder. If no key can be found, a new one is generated. 346 func (c *Config) NodeKey() *ecdsa.PrivateKey { 347 // Use any specifically configured key. 348 if c.P2P.PrivateKey != nil { 349 return c.P2P.PrivateKey 350 } 351 // Generate ephemeral key if no datadir is being used. 352 if c.DataDir == "" { 353 key, err := crypto.GenerateKey() 354 if err != nil { 355 log.Crit(fmt.Sprintf("Failed to generate ephemeral node key: %v", err)) 356 } 357 return key 358 } 359 360 keyfile := c.ResolvePath(datadirPrivateKey) 361 if key, err := crypto.LoadECDSA(keyfile); err == nil { 362 return key 363 } 364 // No persistent key found, generate and store a new one. 365 key, err := crypto.GenerateKey() 366 if err != nil { 367 log.Crit(fmt.Sprintf("Failed to generate node key: %v", err)) 368 } 369 instanceDir := filepath.Join(c.DataDir, c.name()) 370 if err := os.MkdirAll(instanceDir, 0700); err != nil { 371 log.Error(fmt.Sprintf("Failed to persist node key: %v", err)) 372 return key 373 } 374 keyfile = filepath.Join(instanceDir, datadirPrivateKey) 375 if err := crypto.SaveECDSA(keyfile, key); err != nil { 376 log.Error(fmt.Sprintf("Failed to persist node key: %v", err)) 377 } 378 return key 379 } 380 381 // StaticNodes returns a list of node enode URLs configured as static nodes. 382 func (c *Config) StaticNodes() []*enode.Node { 383 return c.parsePersistentNodes(&c.staticNodesWarning, c.ResolvePath(datadirStaticNodes)) 384 } 385 386 // TrustedNodes returns a list of node enode URLs configured as trusted nodes. 387 func (c *Config) TrustedNodes() []*enode.Node { 388 return c.parsePersistentNodes(&c.trustedNodesWarning, c.ResolvePath(datadirTrustedNodes)) 389 } 390 391 // parsePersistentNodes parses a list of discovery node URLs loaded from a .json 392 // file from within the data directory. 393 func (c *Config) parsePersistentNodes(w *bool, path string) []*enode.Node { 394 // Short circuit if no node config is present 395 if c.DataDir == "" { 396 return nil 397 } 398 if _, err := os.Stat(path); err != nil { 399 return nil 400 } 401 c.warnOnce(w, "Found deprecated node list file %s, please use the TOML config file instead.", path) 402 403 // Load the nodes from the config file. 404 var nodelist []string 405 if err := common.LoadJSON(path, &nodelist); err != nil { 406 log.Error(fmt.Sprintf("Can't load node list file: %v", err)) 407 return nil 408 } 409 // Interpret the list as a discovery node array 410 var nodes []*enode.Node 411 for _, url := range nodelist { 412 if url == "" { 413 continue 414 } 415 node, err := enode.ParseV4(url) 416 if err != nil { 417 log.Error(fmt.Sprintf("Node URL %s: %v\n", url, err)) 418 continue 419 } 420 nodes = append(nodes, node) 421 } 422 return nodes 423 } 424 425 // AccountConfig determines the settings for scrypt and keydirectory 426 func (c *Config) AccountConfig() (int, int, string, error) { 427 scryptN := keystore.StandardScryptN 428 scryptP := keystore.StandardScryptP 429 if c.UseLightweightKDF { 430 scryptN = keystore.LightScryptN 431 scryptP = keystore.LightScryptP 432 } 433 434 var ( 435 keydir string 436 err error 437 ) 438 switch { 439 case filepath.IsAbs(c.KeyStoreDir): 440 keydir = c.KeyStoreDir 441 case c.DataDir != "": 442 if c.KeyStoreDir == "" { 443 keydir = filepath.Join(c.DataDir, datadirDefaultKeyStore) 444 } else { 445 keydir, err = filepath.Abs(c.KeyStoreDir) 446 } 447 case c.KeyStoreDir != "": 448 keydir, err = filepath.Abs(c.KeyStoreDir) 449 } 450 return scryptN, scryptP, keydir, err 451 } 452 453 func makeAccountManager(conf *Config) (*accounts.Manager, string, error) { 454 scryptN, scryptP, keydir, err := conf.AccountConfig() 455 var ephemeral string 456 if keydir == "" { 457 // There is no datadir. 458 keydir, err = ioutil.TempDir("", "go-ethereum-keystore") 459 ephemeral = keydir 460 } 461 462 if err != nil { 463 return nil, "", err 464 } 465 if err := os.MkdirAll(keydir, 0700); err != nil { 466 return nil, "", err 467 } 468 // Assemble the account manager and supported backends 469 var backends []accounts.Backend 470 if len(conf.ExternalSigner) > 0 { 471 log.Info("Using external signer", "url", conf.ExternalSigner) 472 if extapi, err := external.NewExternalBackend(conf.ExternalSigner); err == nil { 473 backends = append(backends, extapi) 474 } else { 475 log.Info("Error configuring external signer", "error", err) 476 } 477 } 478 if len(backends) == 0 { 479 // For now, we're using EITHER external signer OR local signers. 480 // If/when we implement some form of lockfile for USB and keystore wallets, 481 // we can have both, but it's very confusing for the user to see the same 482 // accounts in both externally and locally, plus very racey. 483 backends = append(backends, keystore.NewKeyStore(keydir, scryptN, scryptP)) 484 if !conf.NoUSB { 485 // Start a USB hub for Ledger hardware wallets 486 if ledgerhub, err := usbwallet.NewLedgerHub(); err != nil { 487 log.Warn(fmt.Sprintf("Failed to start Ledger hub, disabling: %v", err)) 488 } else { 489 backends = append(backends, ledgerhub) 490 } 491 // Start a USB hub for Trezor hardware wallets 492 if trezorhub, err := usbwallet.NewTrezorHub(); err != nil { 493 log.Warn(fmt.Sprintf("Failed to start Trezor hub, disabling: %v", err)) 494 } else { 495 backends = append(backends, trezorhub) 496 } 497 } 498 } 499 500 return accounts.NewManager(backends...), ephemeral, nil 501 } 502 503 var warnLock sync.Mutex 504 505 func (c *Config) warnOnce(w *bool, format string, args ...interface{}) { 506 warnLock.Lock() 507 defer warnLock.Unlock() 508 509 if *w { 510 return 511 } 512 l := c.Logger 513 if l == nil { 514 l = log.Root() 515 } 516 l.Warn(fmt.Sprintf(format, args...)) 517 *w = true 518 }