-
Notifications
You must be signed in to change notification settings - Fork 839
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use the node's configuration to decide if adding a peer with DNS in the enode is allowed #5584
Conversation
|
6e2d7e7
to
33a242e
Compare
6acd277
to
7247718
Compare
…he enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
831686a
to
253072b
Compare
Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall. one suggestion about dealing with the Optional.
also could do with a changelog entry
* @param enodeDnsConfiguration the DNS configuration for enodes | ||
* @return the runner builder | ||
*/ | ||
public RunnerBuilder enodeDnsConfiguration( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
better to pass in the actual value (not optional) and do Optional.of() within this method
similar to rpcMaxLogsRange() above
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @macfarla that makes sense. I've made that change under the latest commit, along with an update to the change log.
Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com>
…ntegration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
Signed-off-by: Matt Whitehead <matthew1001@hotmail.com>
Hi @matthew1001 I just built besu from this PR locally and getting a parse error from the JSON-RPC
but besu log message would lead me to believe it worked ok
Can you look into the Parse error? |
Hi @macfarla hmm that's odd. Let me look into it and see why it's still returning a parse error. |
…h a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
@macfarla I've re-tested locally and with I added a unit test for the case where |
Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
…(but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
I've made the following additional changes to make the JSON/RPC errors clearer:
|
Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
couple of nits. I tested it locally and my results match your description. so looking good overall.
...est/java/org/hyperledger/besu/ethereum/api/jsonrpc/internal/methods/AdminRemovePeerTest.java
Outdated
Show resolved
Hide resolved
@@ -1,5 +1,5 @@ | |||
/* | |||
* Copyright ConsenSys AG. | |||
* Copyright © 2023 Kaleido, Inc. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need to update existing copyright lines, but if you are changing it - it should be Copyright Hyperledger Besu contributors
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Weirdly I don't actually recall updating this one - must have been when I was adding copyright for the new file. I've reverted it to how it was for now.
@@ -162,6 +162,8 @@ public enum JsonRpcError { | |||
VALUE_NOT_ZERO(-50100, "We cannot transfer ether in a private transaction yet."), | |||
|
|||
CANT_CONNECT_TO_LOCAL_PEER(-32100, "Cannot add local node as peer."), | |||
CANT_RESOLVE_PEER_ENODE_DNS(-32100, "Cannot resolve enode DNS hostname"), | |||
CANT_USE_PEER_ENODE_DNS(-32100, "Enode DNS support is disabled"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CANT_USE_PEER_ENODE_DNS(-32100, "Enode DNS support is disabled"), | |
DNS_NOT_ENABLED(-32100, "Enode DNS support is disabled"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion for a simpler name. also "X not enabled" matches other error codes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, new commit renames the constant and updates the references to it.
CHANGELOG.md
Outdated
@@ -21,6 +21,7 @@ and in case a rollback is needed, before installing a previous version, the migr | |||
- Fix backwards sync bug where chain is rolled back too far, especially when restarting Nimbus [#5497](https://github.com/hyperledger/besu/pull/5497) | |||
- Check to ensure storage and transactions are not closed prior to reading/writing [#5527](https://github.com/hyperledger/besu/pull/5527) | |||
- Fix the unavailability of account code and storage on GraphQl/Bonsai [#5548](https://github.com/hyperledger/besu/pull/5548) | |||
- Use the node's configuration to determine if DNS enode URLs are allowed in calls to `admin_addPeer` and `admin_removePeer` [#5584](https://github.com/hyperledger/besu/pull/5584) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will need to move to next release 23.4.3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've created a new section in the change-log under the latest commit, and removed this line from the 23.4.2 section.
Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com>
1684853
to
3f092e9
Compare
Signed-off-by: Matthew Whitehead <matthew1001@gmail.com>
3f092e9
to
a0dca8e
Compare
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…DNS in the enode is allowed (hyperledger#5584)" This reverts commit 057c9a5.
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
…he enode is allowed (hyperledger#5584) * Use the node's configuration to decide if adding a peer with DNS in the enode is allowed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update command test mocks Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments. Add a reference in the change log. Fix failing integration test. Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add the same DNS-config checking logic to admin_removePeer, along with a unit test file for it Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Tweak the change log Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add clearer error messages for the cases where enode DNS is disabled (but a hostname one has been specified in the URL) or where DNS name resolution failed Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless Java fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Fix copyright for new file Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * Address PR comments (mainly copyright & constant renaming) Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * move changelog entry to 23.4.4 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Matthew Whitehead <matthew1001@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
PR description
Uses the node configuration to decide if
admin_addPeer()
should allow enodes with DNS in them. Previously this was hard coded to DNS-disabled.I had to flow the enode DNS configuration through from
RunnerBuilder
to the JSON RPC method factory so that AdminAddPeer` has access to it. It may be that this isn't necessary, but I couldn't see another way to do it.Fixed Issue(s)
Fixes #5583