Add ---no-untrusted-rpc flag
This commit is contained in:
parent
5d9130a3c4
commit
d677e83ed4
|
@ -212,6 +212,14 @@ fn get_shred_rpc_peers(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn is_trusted_validator(id: &Pubkey, trusted_validators: &Option<HashSet<Pubkey>>) -> bool {
|
||||||
|
if let Some(trusted_validators) = trusted_validators {
|
||||||
|
trusted_validators.contains(id)
|
||||||
|
} else {
|
||||||
|
false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fn get_trusted_snapshot_hashes(
|
fn get_trusted_snapshot_hashes(
|
||||||
cluster_info: &Arc<RwLock<ClusterInfo>>,
|
cluster_info: &Arc<RwLock<ClusterInfo>>,
|
||||||
trusted_validators: &Option<HashSet<Pubkey>>,
|
trusted_validators: &Option<HashSet<Pubkey>>,
|
||||||
|
@ -262,6 +270,7 @@ fn get_rpc_node(
|
||||||
validator_config: &ValidatorConfig,
|
validator_config: &ValidatorConfig,
|
||||||
blacklisted_rpc_nodes: &mut HashSet<Pubkey>,
|
blacklisted_rpc_nodes: &mut HashSet<Pubkey>,
|
||||||
snapshot_not_required: bool,
|
snapshot_not_required: bool,
|
||||||
|
no_untrusted_rpc: bool,
|
||||||
) -> (ContactInfo, Option<(Slot, Hash)>) {
|
) -> (ContactInfo, Option<(Slot, Hash)>) {
|
||||||
let mut blacklist_timeout = Instant::now();
|
let mut blacklist_timeout = Instant::now();
|
||||||
loop {
|
loop {
|
||||||
|
@ -281,10 +290,16 @@ fn get_rpc_node(
|
||||||
.filter(|rpc_peer| !blacklisted_rpc_nodes.contains(&rpc_peer.id))
|
.filter(|rpc_peer| !blacklisted_rpc_nodes.contains(&rpc_peer.id))
|
||||||
.collect();
|
.collect();
|
||||||
let rpc_peers_blacklisted = rpc_peers_total - rpc_peers.len();
|
let rpc_peers_blacklisted = rpc_peers_total - rpc_peers.len();
|
||||||
|
let rpc_peers_trusted = rpc_peers
|
||||||
|
.iter()
|
||||||
|
.filter(|rpc_peer| {
|
||||||
|
is_trusted_validator(&rpc_peer.id, &validator_config.trusted_validators)
|
||||||
|
})
|
||||||
|
.count();
|
||||||
|
|
||||||
info!(
|
info!(
|
||||||
"Total {} RPC nodes found. {} blacklisted ",
|
"Total {} RPC nodes found. {} trusted, {} blacklisted ",
|
||||||
rpc_peers_total, rpc_peers_blacklisted
|
rpc_peers_total, rpc_peers_trusted, rpc_peers_blacklisted
|
||||||
);
|
);
|
||||||
|
|
||||||
if rpc_peers_blacklisted == rpc_peers_total {
|
if rpc_peers_blacklisted == rpc_peers_total {
|
||||||
|
@ -308,6 +323,11 @@ fn get_rpc_node(
|
||||||
let mut eligible_rpc_peers = vec![];
|
let mut eligible_rpc_peers = vec![];
|
||||||
|
|
||||||
for rpc_peer in rpc_peers.iter() {
|
for rpc_peer in rpc_peers.iter() {
|
||||||
|
if no_untrusted_rpc
|
||||||
|
&& !is_trusted_validator(&rpc_peer.id, &validator_config.trusted_validators)
|
||||||
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
if let Some(snapshot_hashes) = cluster_info
|
if let Some(snapshot_hashes) = cluster_info
|
||||||
.read()
|
.read()
|
||||||
.unwrap()
|
.unwrap()
|
||||||
|
@ -806,6 +826,13 @@ pub fn main() {
|
||||||
.help("A snapshot hash must be published in gossip by this validator to be accepted. \
|
.help("A snapshot hash must be published in gossip by this validator to be accepted. \
|
||||||
May be specified multiple times. If unspecified any snapshot hash will be accepted"),
|
May be specified multiple times. If unspecified any snapshot hash will be accepted"),
|
||||||
)
|
)
|
||||||
|
.arg(
|
||||||
|
Arg::with_name("no_untrusted_rpc")
|
||||||
|
.long("no-untrusted-rpc")
|
||||||
|
.takes_value(false)
|
||||||
|
.requires("trusted_validators")
|
||||||
|
.help("Use the RPC service of trusted validators only")
|
||||||
|
)
|
||||||
.get_matches();
|
.get_matches();
|
||||||
|
|
||||||
let identity_keypair = Arc::new(
|
let identity_keypair = Arc::new(
|
||||||
|
@ -848,6 +875,7 @@ pub fn main() {
|
||||||
exit(1);
|
exit(1);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
let no_untrusted_rpc = matches.is_present("no_untrusted_rpc");
|
||||||
let trusted_validators = if matches.is_present("trusted_validators") {
|
let trusted_validators = if matches.is_present("trusted_validators") {
|
||||||
let trusted_validators: HashSet<_> =
|
let trusted_validators: HashSet<_> =
|
||||||
values_t_or_exit!(matches, "trusted_validators", Pubkey)
|
values_t_or_exit!(matches, "trusted_validators", Pubkey)
|
||||||
|
@ -1102,6 +1130,7 @@ pub fn main() {
|
||||||
&validator_config,
|
&validator_config,
|
||||||
&mut blacklisted_rpc_nodes,
|
&mut blacklisted_rpc_nodes,
|
||||||
no_snapshot_fetch,
|
no_snapshot_fetch,
|
||||||
|
no_untrusted_rpc,
|
||||||
);
|
);
|
||||||
info!(
|
info!(
|
||||||
"Using RPC service from node {}: {:?}",
|
"Using RPC service from node {}: {:?}",
|
||||||
|
|
Loading…
Reference in New Issue