Merge pull request #164 from moreati/rpc-host

api: Allow bind address of RPC server to be restricted
2020-05-23 14:03:05 -04:00 · 2020-05-23 14:03:05 -04:00 · 386b37e35d
parent c3f9a50228 18f43ee406
commit 386b37e35d
5 changed files with 25 additions and 11 deletions
--- a/api/server.go
+++ b/api/server.go
@ -7,6 +7,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net"
 	"net/http"
 	"net/url"
 	"sync"
@ -28,30 +29,40 @@ var (

 // Server maintains the HTTP router
 type Server struct {
-	log     logging.Logger
-	factory logging.Factory
-	router  *router
-	portURL string
+	log           logging.Logger
+	factory       logging.Factory
+	router        *router
+	listenAddress string
 }

-// Initialize creates the API server at the provided port
-func (s *Server) Initialize(log logging.Logger, factory logging.Factory, port uint16) {
+// Initialize creates the API server at the provided host and port
+func (s *Server) Initialize(log logging.Logger, factory logging.Factory, host string, port uint16) {
 	s.log = log
 	s.factory = factory
-	s.portURL = fmt.Sprintf(":%d", port)
+	s.listenAddress = fmt.Sprintf("%s:%d", host, port)
 	s.router = newRouter()
 }

 // Dispatch starts the API server
 func (s *Server) Dispatch() error {
 	handler := cors.Default().Handler(s.router)
-	return http.ListenAndServe(s.portURL, handler)
+	listener, err := net.Listen("tcp", s.listenAddress)
+	if err != nil {
+		return err
+	}
+	s.log.Info("API server listening on %q", s.listenAddress)
+	return http.Serve(listener, handler)
 }

 // DispatchTLS starts the API server with the provided TLS certificate
 func (s *Server) DispatchTLS(certFile, keyFile string) error {
 	handler := cors.Default().Handler(s.router)
-	return http.ListenAndServeTLS(s.portURL, certFile, keyFile, handler)
+	listener, err := net.Listen("tcp", s.listenAddress)
+	if err != nil {
+		return err
+	}
+	s.log.Info("API server listening on %q", s.listenAddress)
+	return http.ServeTLS(listener, handler, certFile, keyFile)
 }

 // RegisterChain registers the API endpoints associated with this chain That
--- a/api/server_test.go
+++ b/api/server_test.go
@ -30,7 +30,7 @@ func (s *Service) Call(_ *http.Request, args *Args, reply *Reply) error {

 func TestCall(t *testing.T) {
 	s := Server{}
-	s.Initialize(logging.NoLog{}, logging.NoFactory{}, 8080)
+	s.Initialize(logging.NoLog{}, logging.NoFactory{}, "localhost", 8080)

 	serv := &Service{}
 	newServer := rpc.NewServer()
--- a/main/params.go
+++ b/main/params.go
@ -93,6 +93,7 @@ func init() {
 	consensusIP := fs.String("public-ip", "", "Public IP of this node")

 	// HTTP Server:
+	httpHost := fs.String("http-host", "", "Address of the HTTP server")
 	httpPort := fs.Uint("http-port", 9650, "Port of the HTTP server")
 	fs.BoolVar(&Config.EnableHTTPS, "http-tls-enabled", false, "Upgrade the HTTP server to HTTPs")
 	fs.StringVar(&Config.HTTPSKeyFile, "http-tls-key-file", "", "TLS private key file for the HTTPs server")
@ -269,6 +270,7 @@ func init() {
 	}

 	// HTTP:
+	Config.HTTPHost = *httpHost
 	Config.HTTPPort = uint16(*httpPort)

 	// Logging:
--- a/node/config.go
+++ b/node/config.go
@ -42,6 +42,7 @@ type Config struct {
 	BootstrapPeers []*Peer

 	// HTTP configuration
+	HTTPHost      string
 	HTTPPort      uint16
 	EnableHTTPS   bool
 	HTTPSKeyFile  string
--- a/node/node.go
+++ b/node/node.go
@ -477,7 +477,7 @@ func (n *Node) initChains() error {
 func (n *Node) initAPIServer() {
 	n.Log.Info("Initializing API server")

-	n.APIServer.Initialize(n.Log, n.LogFactory, n.Config.HTTPPort)
+	n.APIServer.Initialize(n.Log, n.LogFactory, n.Config.HTTPHost, n.Config.HTTPPort)

 	go n.Log.RecoverAndPanic(func() {
 		if n.Config.EnableHTTPS {