Set solana-tpu ALPN protocol ID (#26587)

2022-07-13 20:55:13 +02:00 · 2022-07-13 20:55:13 +02:00 · 048b9f670b
parent 49a112ae74
commit 048b9f670b
3 changed files with 14 additions and 3 deletions
--- a/client/src/nonblocking/quic_client.rs
+++ b/client/src/nonblocking/quic_client.rs
@ -25,7 +25,10 @@ use {
        signature::Keypair,
        transport::Result as TransportResult,
    },
-    solana_streamer::tls_certificates::new_self_signed_tls_certificate_chain,
+    solana_streamer::{
+        nonblocking::quic::ALPN_TPU_PROTOCOL_ID,
+        tls_certificates::new_self_signed_tls_certificate_chain,
+    },
    std::{
        net::{IpAddr, Ipv4Addr, SocketAddr, UdpSocket},
        sync::{atomic::Ordering, Arc},
@ -92,6 +95,7 @@ impl QuicLazyInitializedEndpoint {
            )
            .expect("Failed to set QUIC client certificates");
        crypto.enable_early_data = true;
+        crypto.alpn_protocols = vec![ALPN_TPU_PROTOCOL_ID.to_vec()];

        let mut endpoint =
            QuicNewConnection::create_endpoint(EndpointConfig::default(), client_socket);
--- a/streamer/src/nonblocking/quic.rs
+++ b/streamer/src/nonblocking/quic.rs
@ -38,6 +38,8 @@ use {
 const QUIC_TOTAL_STAKED_CONCURRENT_STREAMS: f64 = 100_000f64;
 const WAIT_FOR_STREAM_TIMEOUT_MS: u64 = 100;

+pub const ALPN_TPU_PROTOCOL_ID: &[u8] = b"solana-tpu";
+
 #[allow(clippy::too_many_arguments)]
 pub fn spawn_server(
    sock: UdpSocket,
@ -721,6 +723,7 @@ pub mod test {
            .expect("Failed to use client certificate");

        crypto.enable_early_data = true;
+        crypto.alpn_protocols = vec![ALPN_TPU_PROTOCOL_ID.to_vec()];

        let mut config = ClientConfig::new(Arc::new(crypto));

--- a/streamer/src/quic.rs
+++ b/streamer/src/quic.rs
@ -1,5 +1,8 @@
 use {
-    crate::{streamer::StakedNodes, tls_certificates::new_self_signed_tls_certificate_chain},
+    crate::{
+        nonblocking::quic::ALPN_TPU_PROTOCOL_ID, streamer::StakedNodes,
+        tls_certificates::new_self_signed_tls_certificate_chain,
+    },
    crossbeam_channel::Sender,
    pem::Pem,
    quinn::{IdleTimeout, ServerConfig, VarInt},
@ -67,11 +70,12 @@ pub(crate) fn configure_server(
        .collect();
    let cert_chain_pem = pem::encode_many(&cert_chain_pem_parts);

-    let server_tls_config = rustls::ServerConfig::builder()
+    let mut server_tls_config = rustls::ServerConfig::builder()
        .with_safe_defaults()
        .with_client_cert_verifier(SkipClientVerification::new())
        .with_single_cert(cert_chain, priv_key)
        .map_err(|_e| QuicServerError::ConfigureFailed)?;
+    server_tls_config.alpn_protocols = vec![ALPN_TPU_PROTOCOL_ID.to_vec()];

    let mut server_config = ServerConfig::with_crypto(Arc::new(server_tls_config));
    let config = Arc::get_mut(&mut server_config.transport).unwrap();