Commit Graph

775 Commits

Author SHA1 Message Date
Martin Holst Swende d3441ebb56
cmd/clef, signer: security fixes (#17554)
* signer: remove local path disclosure from extapi

* signer: show more data in cli ui

* rpc: make http server forward UA and Origin via Context

* signer, clef/core: ui changes + display UA and Origin

* signer: cliui - indicate less trust in remote headers, see https://github.com/ethereum/go-ethereum/issues/17637

* signer: prevent possibility swap KV-entries in aes_gcm storage, fixes #17635

* signer: remove ecrecover from external API

* signer,clef: default reject instead of warn + valideate new passwords. fixes #17632 and #17631

* signer: check calldata length even if no ABI signature is present

* signer: fix failing testcase

* clef: remove account import from external api

* signer: allow space in passwords, improve error messsage

* signer/storage: fix typos
2018-09-25 15:54:58 +02:00
HackyMiner b66f793443 rpc: increase maxRequestContentLength size to 512kB (#17595) 2018-09-25 12:27:18 +02:00
Peter Broadhurst c35659c6a0 rpc: enable basic auth for websocket client (#17699) 2018-09-19 18:09:03 +02:00
Gísli Kristjánsson c9a0b36a5f rpc: reset client write deadline after write (#17549)
This fixes an issue with websocket ping frame handling.
2018-09-03 16:56:30 +02:00
Jay abbb219933 rpc: fix a subscription name (#17345) 2018-08-09 08:56:35 +03:00
Ryan Schneider 5d7e18539e rpc: make HTTP RPC timeouts configurable, raise defaults (#17240)
* rpc: Make HTTP server timeout values configurable

* rpc: Remove flags for setting HTTP Timeouts, configuring via .toml is sufficient.

* rpc: Replace separate constants with a single default struct.

* rpc: Update HTTP Server Read and Write Timeouts to 30s.

* rpc: Remove redundant NewDefaultHTTPTimeouts function.

* rpc: document HTTPTimeouts.

* rpc: sanitize timeout values for library use
2018-07-31 12:16:14 +03:00
Wenbiao Zheng 68da9aa716 rpc: clean up check for missing methods/subscriptions on handler (#17145) 2018-07-24 02:00:55 +02:00
cong 8997efe31f rpc: fix missing parentheses in doc (#17224) 2018-07-22 22:09:45 +03:00
Ralph Caraveo III 5d30be412b all: switch out defunct set library to different one (#16873)
* keystore, ethash, eth, miner, rpc, whisperv6: tech debt with now defunct set.

* whisperv5: swap out gopkg.in/fatih/set.v0 with supported set
2018-07-16 10:54:19 +03:00
LeoLiao dbae1dc7b3 rpc: fixed comment grammar issue (#17146) 2018-07-09 11:31:59 +03:00
Elad 1836366ac1 all: library changes for swarm-network-rewrite (#16898)
This commit adds all changes needed for the merge of swarm-network-rewrite.
The changes:

- build: increase linter timeout
- contracts/ens: export ensNode
- log: add Output method and enable fractional seconds in format
- metrics: relax test timeout
- p2p: reduced some log levels, updates to simulation packages
- rpc: increased maxClientSubscriptionBuffer to 20000
2018-06-14 11:21:17 +02:00
Péter Szilágyi 99483e85b9
rpc: support returning nil pointer big.Ints (null) 2018-06-11 13:56:22 +03:00
xincaosu 1d666cf27e rpc: fix a comment typo (#16929) 2018-06-11 12:01:13 +03:00
Martin Holst Swende 17f80cc2e2
rpc: set timeouts for http server, see #16859 2018-06-04 11:41:55 +02:00
Ryan Schneider c8dcb9584e rpc: use HTTP request context as top-level context (#16861) 2018-06-02 12:26:47 +02:00
kiel barry 2ad511ce09 rpc: golint error with context as last parameter (#16657)
* rpc/*: golint error with context as last parameter

* Update json.go
2018-05-03 11:41:22 +03:00
Martin Holst Swende 8feb31825e rpc: handle HTTP response error codes (#16500) 2018-04-19 15:32:43 +02:00
Wuxiang 8f8774cf6d all: fix various typos (#16533)
* fix typo

* fix typo

* fix typo
2018-04-19 16:32:02 +03:00
Felix Lange 52b046c9b6
rpc: clean up IPC handler (#16524)
This avoids logging accept errors on shutdown and removes
a bit of duplication. It also fixes some goimports lint warnings.
2018-04-18 12:27:20 +02:00
Martin Holst Swende ec3db0f56c cmd/clef, signer: initial poc of the standalone signer (#16154)
* signer: introduce external signer command

* cmd/signer, rpc: Implement new signer. Add info about remote user to Context

* signer: refactored request/response, made use of urfave.cli

* cmd/signer: Use common flags

* cmd/signer: methods to validate calldata against abi

* cmd/signer: work on abi parser

* signer: add mutex around UI

* cmd/signer: add json 4byte directory, remove passwords from api

* cmd/signer: minor changes

* cmd/signer: Use ErrRequestDenied, enable lightkdf

* cmd/signer: implement tests

* cmd/signer: made possible for UI to modify tx parameters

* cmd/signer: refactors, removed channels in ui comms, added UI-api via stdin/out

* cmd/signer: Made lowercase json-definitions, added UI-signer test functionality

* cmd/signer: update documentation

* cmd/signer: fix bugs, improve abi detection, abi argument display

* cmd/signer: minor change in json format

* cmd/signer: rework json communication

* cmd/signer: implement mixcase addresses in API, fix json id bug

* cmd/signer: rename fromaccount, update pythonpoc with new json encoding format

* cmd/signer: make use of new abi interface

* signer: documentation

* signer/main: remove redundant  option

* signer: implement audit logging

* signer: create package 'signer', minor changes

* common: add 0x-prefix to mixcaseaddress in json marshalling + validation

* signer, rules, storage: implement rules + ephemeral storage for signer rules

* signer: implement OnApprovedTx, change signing response (API BREAKAGE)

* signer: refactoring + documentation

* signer/rules: implement dispatching to next handler

* signer: docs

* signer/rules: hide json-conversion from users, ensure context is cleaned

* signer: docs

* signer: implement validation rules, change signature of call_info

* signer: fix log flaw with string pointer

* signer: implement custom 4byte databsae that saves submitted signatures

* signer/storage: implement aes-gcm-backed credential storage

* accounts: implement json unmarshalling of url

* signer: fix listresponse, fix gas->uint64

* node: make http/ipc start methods public

* signer: add ipc capability+review concerns

* accounts: correct docstring

* signer: address review concerns

* rpc: go fmt -s

* signer: review concerns+ baptize Clef

* signer,node: move Start-functions to separate file

* signer: formatting
2018-04-16 15:04:32 +03:00
Felix Lange e9b5e22ad1 rpc: limit chunked requests (#16343) 2018-03-26 14:46:37 +03:00
Péter Szilágyi 555f42cfd8
rpc: enforce the 128KB request limits on websockets too 2018-03-13 13:55:26 +02:00
Janoš Guljaš 4535247793 rpc: set rpcRequest.service as methodNotFoundError.service value (#16163)
RPC Server readRequest method sets the serverRequest error service
value as the rpcRequest.method and this change sets it to the right
service value.
2018-02-22 18:39:28 +02:00
Felix Lange a5c0bbb4f4
all: update license information (#16089) 2018-02-14 13:49:11 +01:00
Martin Holst Swende 6c6247a690
node, rpc: fix linter issues 2018-02-12 14:12:55 +01:00
Martin Holst Swende 589b603a9b rpc: dns rebind protection (#15962)
* cmd,node,rpc: add allowedHosts to prevent dns rebinding attacks

* p2p,node: Fix bug with dumpconfig introduced in r54aeb8e4c0bb9f0e7a6c67258af67df3b266af3d

* rpc: add wildcard support for rpcallowedhosts + go fmt

* cmd/geth, cmd/utils, node, rpc: ignore direct ip(v4/6) addresses in rpc virtual hostnames check

* http, rpc, utils: make vhosts into map, address review concerns

* node: change log messages to use geth standard (not sprintf)

* rpc: fix spelling
2018-02-12 14:52:07 +02:00
Steven Roose 952482d5e4 rpc: Support specifying HTTP client in RPC dialing (#15836)
* rpc: Support specifying HTTP client in RPC dialing

Adds a minimal interface that captures http.Client and adds a new method
rpc.DialHTTPClient that takes a client using that interface. The existing
rpc.DialHTTP method is then alternatively implemented by using the new
rpc.DialHTTPClient method provided with a standard *http.Client.

* rpc: fix minor doc typos
2018-01-24 10:59:15 +02:00
Sorin Neacsu 5369a5c54d rpc: allow OPTIONS requests without Content-Type (#15759)
Fixes #15740
2017-12-28 14:15:33 +01:00
Vitaly V f258a21a63 rpc: use method constants instead of literal strings (#15652) 2017-12-12 19:12:32 +01:00
Zach 3da1bf8ca1 all: use gometalinter.v2, fix new gosimple issues (#15650) 2017-12-12 19:05:47 +01:00
Péter Szilágyi 3c6b9c5d72
rpc: minor cleanups to RPC PR 2017-11-17 14:25:02 +02:00
Armani Ferrante c5b8569707 rpc: disallow PUT and DELETE on HTTP (#15501)
Fixes #15493
2017-11-17 13:07:11 +01:00
Péter Szilágyi 4013e23312
rpc: allow dumb empty requests for AWS health checks 2017-11-16 13:51:06 +02:00
Benoit Verkindt 3ee86a57f3 rpc: warn on WebSocket origin mismatch (#15451)
Fixes #15373
2017-11-10 10:22:06 +01:00
bas-vk 4fe30bf5ad rpc: check content-type for HTTP requests (#15220) 2017-11-09 10:54:58 +01:00
ferhat elmas 9619a61024 all: gofmt -w -s (#15419) 2017-11-08 11:45:52 +01:00
Lewis Marshall 9feec51e2d p2p: add network simulation framework (#14982)
This commit introduces a network simulation framework which
can be used to run simulated networks of devp2p nodes. The
intention is to use this for testing protocols, performing
benchmarks and visualising emergent network behaviour.
2017-09-25 10:08:07 +02:00
Egon Elbre e063d538b8 rpc: fix megacheck warnings 2017-08-08 11:08:37 +02:00
Péter Szilágyi feb2932706 Merge pull request #14540 from bas-vk/whisper-api
whisperv5: integrate whisper and implement API
2017-06-26 13:44:35 +03:00
bloonfield 413dc1d265 rpc: fix closure problem in batch processing (#14688)
Demo of the issue: https://play.golang.org/p/EeTLFfppqC
2017-06-26 12:26:22 +03:00
Bas van Kervel b58a501673 whisperv5: integrate whisper and add whisper RPC simulator 2017-06-15 11:53:15 +02:00
Péter Szilágyi a8eafcdc0e Merge pull request #13885 from bas-vk/rpc_generic_pubsub
rpc: support subscriptions under custom namespaces
2017-05-03 11:41:07 +03:00
Bas van Kervel a6af56fa4d
rpc: disable CORS if user has not specified custom config 2017-05-02 11:14:40 +02:00
Bas van Kervel 37e3f561f1
rpc: support subscriptions under custom namespaces 2017-04-25 11:13:22 +02:00
Péter Szilágyi e353f9c088 Merge pull request #13886 from bas-vk/rpc_blocknum_parse
rpc: improve BlockNumber unmarshal parsing
2017-04-18 14:55:53 +03:00
Bas van Kervel 7d0ac94809
rpc: improve BlockNumber unmarshal parsing 2017-04-13 13:20:19 +02:00
bas-vk 5e29f4be93 cmd/utils, node: remove unused solc references and improve RPC config (#14324)
Currently http cors and websocket origins are a comma separated string in the
config object. These are replaced with string arrays that are more expressive in
case of a config file.
2017-04-12 23:04:14 +02:00
Felix Lange 30d706c35e cmd/geth: add --config file flag (#13875)
* p2p/discover, p2p/discv5: add marshaling methods to Node

* p2p/netutil: make Netlist decodable from TOML

* common/math: encode nil HexOrDecimal256 as 0x0

* cmd/geth: add --config file flag

* cmd/geth: add missing license header

* eth: prettify Config again, fix tests

* eth: use gasprice.Config instead of duplicating its fields

* eth/gasprice: hide nil default from dumpconfig output

* cmd/geth: hide genesis block in dumpconfig output

* node: make tests compile

* console: fix tests

* cmd/geth: make TOML keys look exactly like Go struct fields

* p2p: use discovery by default

This makes the zero Config slightly more useful. It also fixes package
node tests because Node detects reuse of the datadir through the
NodeDatabase.

* cmd/geth: make ethstats URL settable through config file

* cmd/faucet: fix configuration

* cmd/geth: dedup attach tests

* eth: add comment for DefaultConfig

* eth: pass downloader.SyncMode in Config

This removes the FastSync, LightSync flags in favour of a more
general SyncMode flag.

* cmd/utils: remove jitvm flags

* cmd/utils: make mutually exclusive flag error prettier

It now reads:

   Fatal: flags --dev, --testnet can't be used at the same time

* p2p: fix typo

* node: add DefaultConfig, use it for geth

* mobile: add missing NoDiscovery option

* cmd/utils: drop MakeNode

This exposed a couple of places that needed to be updated to use
node.DefaultConfig.

* node: fix typo

* eth: make fast sync the default mode

* cmd/utils: remove IPCApiFlag (unused)

* node: remove default IPC path

Set it in the frontends instead.

* cmd/geth: add --syncmode

* cmd/utils: make --ipcdisable and --ipcpath mutually exclusive

* cmd/utils: don't enable WS, HTTP when setting addr

* cmd/utils: fix --identity
2017-04-12 17:27:23 +03:00
Péter Szilágyi 1018bf6a00 rpc: honour pending requests before tearing conn down (#3814) 2017-03-24 12:07:12 +01:00
Felix Lange c213fd1fd8 all: import "context" instead of "golang.org/x/net/context"
There is no need to depend on the old context package now that the
minimum Go version is 1.7. The move to "context" eliminates our weird
vendoring setup. Some vendored code still uses golang.org/x/net/context
and it is now vendored in the normal way.

This change triggered new vet checks around context.WithTimeout which
didn't fire with golang.org/x/net/context.
2017-03-22 20:49:15 +01:00