Support IPv6 in BN and VC HTTP APIs (#3104)

## Issue Addressed

#3103

## Proposed Changes

Parse `http-address` and `metrics-address` as `IpAddr` for both the beacon node and validator client to support IPv6 addresses.
Also adjusts parsing of CORS origins to allow for IPv6 addresses.

## Usage
You can now set  `http-address` and/or `metrics-address`  flags to IPv6 addresses.
For example, the following:
`lighthouse bn --http --http-address :: --metrics --metrics-address ::1`
will expose the beacon node HTTP server on `[::]` (equivalent of `0.0.0.0` in IPv4) and the metrics HTTP server on `localhost` (the equivalent of `127.0.0.1` in IPv4) 

The beacon node API can then be accessed by:
`curl "http://[server-ipv6-address]:5052/eth/v1/some_endpoint"`

And the metrics server api can be accessed by:
`curl "http://localhost:5054/metrics"` or by `curl "http://[::1]:5054/metrics"`

## Additional Info
On most Linux distributions the `v6only` flag is set to `false` by default (see the section for the `IPV6_V6ONLY` flag in https://www.man7.org/linux/man-pages/man7/ipv6.7.html) which means IPv4 connections will continue to function on a IPv6 address (providing it is appropriately mapped). This means that even if the Lighthouse API is running on `::` it is also possible to accept IPv4 connections.

However on Windows, this is not the case. The `v6only` flag is set to `true` so binding to `::` will only allow IPv6 connections.
This commit is contained in:
Mac L 2022-03-24 00:04:49 +00:00
parent 3c675a9dfc
commit 41b5af9b16
12 changed files with 82 additions and 42 deletions

View File

@ -38,7 +38,7 @@ use state_id::StateId;
use std::borrow::Cow;
use std::convert::TryInto;
use std::future::Future;
use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::path::PathBuf;
use std::pin::Pin;
use std::sync::Arc;
@ -98,7 +98,7 @@ pub struct Context<T: BeaconChainTypes> {
#[derive(PartialEq, Debug, Clone, Serialize, Deserialize)]
pub struct Config {
pub enabled: bool,
pub listen_addr: Ipv4Addr,
pub listen_addr: IpAddr,
pub listen_port: u16,
pub allow_origin: Option<String>,
pub serve_legacy_spec: bool,
@ -110,7 +110,7 @@ impl Default for Config {
fn default() -> Self {
Self {
enabled: false,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 5052,
allow_origin: None,
serve_legacy_spec: true,
@ -2790,7 +2790,7 @@ pub fn serve<T: BeaconChainTypes>(
.map(|reply| warp::reply::with_header(reply, "Server", &version_with_platform()))
.with(cors_builder.build());
let http_socket: SocketAddrV4 = SocketAddrV4::new(config.listen_addr, config.listen_port);
let http_socket: SocketAddr = SocketAddr::new(config.listen_addr, config.listen_port);
let http_server: HttpServer = match config.tls_config {
Some(tls_config) => {
let (socket, server) = warp::serve(routes)

View File

@ -15,7 +15,7 @@ use network::NetworkMessage;
use sensitive_url::SensitiveUrl;
use slog::Logger;
use std::future::Future;
use std::net::{Ipv4Addr, SocketAddr};
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::sync::Arc;
use std::time::Duration;
use tokio::sync::{mpsc, oneshot};
@ -128,7 +128,7 @@ pub async fn create_api_server<T: BeaconChainTypes>(
let context = Arc::new(Context {
config: Config {
enabled: true,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 0,
allow_origin: None,
serve_legacy_spec: true,

View File

@ -9,7 +9,7 @@ use lighthouse_version::version_with_platform;
use serde::{Deserialize, Serialize};
use slog::{crit, info, Logger};
use std::future::Future;
use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::path::PathBuf;
use std::sync::Arc;
use warp::{http::Response, Filter};
@ -48,7 +48,7 @@ pub struct Context<T: BeaconChainTypes> {
#[derive(PartialEq, Debug, Clone, Serialize, Deserialize)]
pub struct Config {
pub enabled: bool,
pub listen_addr: Ipv4Addr,
pub listen_addr: IpAddr,
pub listen_port: u16,
pub allow_origin: Option<String>,
pub allocator_metrics_enabled: bool,
@ -58,7 +58,7 @@ impl Default for Config {
fn default() -> Self {
Self {
enabled: false,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 5054,
allow_origin: None,
allocator_metrics_enabled: true,
@ -131,7 +131,7 @@ pub fn serve<T: BeaconChainTypes>(
.with(cors_builder.build());
let (listening_socket, server) = warp::serve(routes).try_bind_with_graceful_shutdown(
SocketAddrV4::new(config.listen_addr, config.listen_port),
SocketAddr::new(config.listen_addr, config.listen_port),
async {
shutdown.await;
},

View File

@ -2,7 +2,7 @@ use beacon_chain::test_utils::EphemeralHarnessType;
use environment::null_logger;
use http_metrics::Config;
use reqwest::StatusCode;
use std::net::Ipv4Addr;
use std::net::{IpAddr, Ipv4Addr};
use std::sync::Arc;
use tokio::sync::oneshot;
use types::MainnetEthSpec;
@ -17,7 +17,7 @@ async fn returns_200_ok() {
let context = Arc::new(Context {
config: Config {
enabled: true,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 0,
allow_origin: None,
allocator_metrics_enabled: true,

View File

@ -93,8 +93,8 @@ pub fn get_config<E: EthSpec>(
if let Some(address) = cli_args.value_of("http-address") {
client_config.http_api.listen_addr = address
.parse::<Ipv4Addr>()
.map_err(|_| "http-address is not a valid IPv4 address.")?;
.parse::<IpAddr>()
.map_err(|_| "http-address is not a valid IP address.")?;
}
if let Some(port) = cli_args.value_of("http-port") {
@ -145,8 +145,8 @@ pub fn get_config<E: EthSpec>(
if let Some(address) = cli_args.value_of("metrics-address") {
client_config.http_metrics.listen_addr = address
.parse::<Ipv4Addr>()
.map_err(|_| "metrics-address is not a valid IPv4 address.")?;
.parse::<IpAddr>()
.map_err(|_| "metrics-address is not a valid IP address.")?;
}
if let Some(port) = cli_args.value_of("metrics-port") {

View File

@ -1,4 +1,4 @@
use std::net::Ipv4Addr;
use std::net::IpAddr;
use warp::filters::cors::Builder;
/// Configure a `cors::Builder`.
@ -7,7 +7,7 @@ use warp::filters::cors::Builder;
pub fn set_builder_origins(
builder: Builder,
allow_origin: Option<&str>,
default_origin: (Ipv4Addr, u16),
default_origin: (IpAddr, u16),
) -> Result<Builder, String> {
if let Some(allow_origin) = allow_origin {
let origins = allow_origin
@ -16,7 +16,10 @@ pub fn set_builder_origins(
.collect::<Result<Vec<_>, _>>()?;
Ok(builder.allow_origins(origins))
} else {
let origin = format!("http://{}:{}", default_origin.0, default_origin.1);
let origin = match default_origin.0 {
IpAddr::V4(_) => format!("http://{}:{}", default_origin.0, default_origin.1),
IpAddr::V6(_) => format!("http://[{}]:{}", default_origin.0, default_origin.1),
};
verify_cors_origin_str(&origin)?;
Ok(builder.allow_origin(origin.as_str()))
@ -65,6 +68,8 @@ mod test {
verify_cors_origin_str("http://localhost").unwrap();
verify_cors_origin_str("http://127.0.0.1:8000").unwrap();
verify_cors_origin_str("http://localhost:8000").unwrap();
verify_cors_origin_str("http://[::1]").unwrap();
verify_cors_origin_str("http://[::1]:8000").unwrap();
}
#[test]
@ -72,5 +77,6 @@ mod test {
verify_cors_origin_str(".*").unwrap_err();
verify_cors_origin_str("127.0.0.1").unwrap_err();
verify_cors_origin_str("localhost").unwrap_err();
verify_cors_origin_str("[::1]").unwrap_err();
}
}

View File

@ -4,7 +4,7 @@ use crate::exec::{CommandLineTestExec, CompletedTest};
use lighthouse_network::PeerId;
use std::fs::File;
use std::io::Write;
use std::net::{IpAddr, Ipv4Addr};
use std::net::IpAddr;
use std::path::PathBuf;
use std::process::Command;
use std::str::FromStr;
@ -395,7 +395,7 @@ fn network_shutdown_after_sync_disabled_flag() {
}
#[test]
fn network_listen_address_flag() {
let addr = "127.0.0.2".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.2".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("listen-address", Some("127.0.0.2"))
.run_with_zero_port()
@ -627,13 +627,21 @@ fn http_flag() {
}
#[test]
fn http_address_flag() {
let addr = "127.0.0.99".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http-address", Some("127.0.0.99"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.listen_addr, addr));
}
#[test]
fn http_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http-address", Some("::1"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.listen_addr, addr));
}
#[test]
fn http_port_flag() {
let port1 = unused_tcp_port().expect("Unable to find unused port.");
let port2 = unused_tcp_port().expect("Unable to find unused port.");
@ -704,7 +712,7 @@ fn metrics_flag() {
}
#[test]
fn metrics_address_flag() {
let addr = "127.0.0.99".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-address", Some("127.0.0.99"))
@ -712,6 +720,15 @@ fn metrics_address_flag() {
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
}
#[test]
fn metrics_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-address", Some("::1"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
}
#[test]
fn metrics_port_flag() {
let port1 = unused_tcp_port().expect("Unable to find unused port.");
let port2 = unused_tcp_port().expect("Unable to find unused port.");

View File

@ -4,7 +4,7 @@ use crate::exec::CommandLineTestExec;
use bls::{Keypair, PublicKeyBytes};
use std::fs::File;
use std::io::Write;
use std::net::Ipv4Addr;
use std::net::IpAddr;
use std::path::PathBuf;
use std::process::Command;
use std::str::FromStr;
@ -320,7 +320,7 @@ fn http_flag() {
}
#[test]
fn http_address_flag() {
let addr = "127.0.0.99".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http-address", Some("127.0.0.99"))
.flag("unencrypted-http-transport", None)
@ -328,9 +328,18 @@ fn http_address_flag() {
.with_config(|config| assert_eq!(config.http_api.listen_addr, addr));
}
#[test]
fn http_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http-address", Some("::1"))
.flag("unencrypted-http-transport", None)
.run()
.with_config(|config| assert_eq!(config.http_api.listen_addr, addr));
}
#[test]
#[should_panic]
fn missing_unencrypted_http_transport_flag() {
let addr = "127.0.0.99".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http-address", Some("127.0.0.99"))
.run()
@ -373,13 +382,21 @@ fn metrics_flag() {
}
#[test]
fn metrics_address_flag() {
let addr = "127.0.0.99".parse::<Ipv4Addr>().unwrap();
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics-address", Some("127.0.0.99"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
}
#[test]
fn metrics_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics-address", Some("::1"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
}
#[test]
fn metrics_port_flag() {
CommandLineTest::new()
.flag("metrics-port", Some("9090"))

View File

@ -12,7 +12,7 @@ use sensitive_url::SensitiveUrl;
use serde_derive::{Deserialize, Serialize};
use slog::{info, warn, Logger};
use std::fs;
use std::net::Ipv4Addr;
use std::net::IpAddr;
use std::path::PathBuf;
use types::{Address, GRAFFITI_BYTES_LEN};
@ -238,8 +238,8 @@ impl Config {
if let Some(address) = cli_args.value_of("http-address") {
if cli_args.is_present("unencrypted-http-transport") {
config.http_api.listen_addr = address
.parse::<Ipv4Addr>()
.map_err(|_| "http-address is not a valid IPv4 address.")?;
.parse::<IpAddr>()
.map_err(|_| "http-address is not a valid IP address.")?;
} else {
return Err(
"While using `--http-address`, you must also use `--unencrypted-http-transport`."
@ -273,8 +273,8 @@ impl Config {
if let Some(address) = cli_args.value_of("metrics-address") {
config.http_metrics.listen_addr = address
.parse::<Ipv4Addr>()
.map_err(|_| "metrics-address is not a valid IPv4 address.")?;
.parse::<IpAddr>()
.map_err(|_| "metrics-address is not a valid IP address.")?;
}
if let Some(port) = cli_args.value_of("metrics-port") {

View File

@ -16,7 +16,7 @@ use slog::{crit, info, warn, Logger};
use slot_clock::SlotClock;
use std::future::Future;
use std::marker::PhantomData;
use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::path::PathBuf;
use std::sync::{Arc, Weak};
use tokio::runtime::Runtime;
@ -69,7 +69,7 @@ pub struct Context<T: SlotClock, E: EthSpec> {
#[derive(PartialEq, Debug, Clone, Serialize, Deserialize)]
pub struct Config {
pub enabled: bool,
pub listen_addr: Ipv4Addr,
pub listen_addr: IpAddr,
pub listen_port: u16,
pub allow_origin: Option<String>,
}
@ -78,7 +78,7 @@ impl Default for Config {
fn default() -> Self {
Self {
enabled: false,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 5062,
allow_origin: None,
}
@ -609,7 +609,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
.with(cors_builder.build());
let (listening_socket, server) = warp::serve(routes).try_bind_with_graceful_shutdown(
SocketAddrV4::new(config.listen_addr, config.listen_port),
SocketAddr::new(config.listen_addr, config.listen_port),
async {
shutdown.await;
},

View File

@ -27,7 +27,7 @@ use slashing_protection::{SlashingDatabase, SLASHING_PROTECTION_FILENAME};
use slot_clock::{SlotClock, TestingSlotClock};
use std::future::Future;
use std::marker::PhantomData;
use std::net::Ipv4Addr;
use std::net::{IpAddr, Ipv4Addr};
use std::sync::Arc;
use std::time::Duration;
use task_executor::TaskExecutor;
@ -120,7 +120,7 @@ impl ApiTester {
spec: E::default_spec(),
config: HttpConfig {
enabled: true,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 0,
allow_origin: None,
},

View File

@ -10,7 +10,7 @@ use serde::{Deserialize, Serialize};
use slog::{crit, info, Logger};
use slot_clock::SystemTimeSlotClock;
use std::future::Future;
use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
use std::net::{IpAddr, Ipv4Addr, SocketAddr};
use std::sync::Arc;
use types::EthSpec;
use warp::{http::Response, Filter};
@ -53,7 +53,7 @@ pub struct Context<T: EthSpec> {
#[derive(PartialEq, Debug, Clone, Serialize, Deserialize)]
pub struct Config {
pub enabled: bool,
pub listen_addr: Ipv4Addr,
pub listen_addr: IpAddr,
pub listen_port: u16,
pub allow_origin: Option<String>,
}
@ -62,7 +62,7 @@ impl Default for Config {
fn default() -> Self {
Self {
enabled: false,
listen_addr: Ipv4Addr::new(127, 0, 0, 1),
listen_addr: IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)),
listen_port: 5064,
allow_origin: None,
}
@ -134,7 +134,7 @@ pub fn serve<T: EthSpec>(
.with(cors_builder.build());
let (listening_socket, server) = warp::serve(routes).try_bind_with_graceful_shutdown(
SocketAddrV4::new(config.listen_addr, config.listen_port),
SocketAddr::new(config.listen_addr, config.listen_port),
async {
shutdown.await;
},