package octez-libs
A package that contains multiple base libraries used by the Octez suite
Install
Dune Dependency
Authors
Maintainers
Sources
tezos-octez-v20.1.tag.bz2
sha256=ddfb5076eeb0b32ac21c1eed44e8fc86a6743ef18ab23fff02d36e365bb73d61
sha512=d22a827df5146e0aa274df48bc2150b098177ff7e5eab52c6109e867eb0a1f0ec63e6bfbb0e3645a6c2112de3877c91a17df32ccbff301891ce4ba630c997a65
doc/src/octez-libs.rpc-http-server/RPC_server.ml.html
Source file RPC_server.ml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353(*****************************************************************************) (* *) (* Open Source License *) (* Copyright (c) 2018 Dynamic Ledger Solutions, Inc. <contact@tezos.com> *) (* Copyright (c) 2021 Tocqueville Group, Inc. <marcin.pastudzki@tqtezos.com> *) (* *) (* Permission is hereby granted, free of charge, to any person obtaining a *) (* copy of this software and associated documentation files (the "Software"),*) (* to deal in the Software without restriction, including without limitation *) (* the rights to use, copy, modify, merge, publish, distribute, sublicense, *) (* and/or sell copies of the Software, and to permit persons to whom the *) (* Software is furnished to do so, subject to the following conditions: *) (* *) (* The above copyright notice and this permission notice shall be included *) (* in all copies or substantial portions of the Software. *) (* *) (* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR*) (* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, *) (* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL *) (* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER*) (* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING *) (* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER *) (* DEALINGS IN THE SOFTWARE. *) (* *) (*****************************************************************************) type cors = Resto_cohttp.Cors.t = { allowed_headers : string list; allowed_origins : string list; } module RPC_logging = struct open Internal_event open Internal_event.Simple let rpc_http_event name level = declare_1 ~section:["rpc_server"] ~name ~msg:"{msg}" ~level ~pp1:Format.pp_print_text ("msg", Data_encoding.string) let rpc_http_event_debug = rpc_http_event "rpc_http_event_debug" Debug let rpc_http_event_info = rpc_http_event "rpc_http_event_info" Info let rpc_http_event_notice = rpc_http_event "rpc_http_event_notice" Notice let rpc_http_event_warning = rpc_http_event "rpc_http_event_warning" Warning let rpc_http_event_error = rpc_http_event "rpc_http_event_error" Error let emit_async event fmt = Format.kasprintf (fun message -> Lwt.ignore_result (emit event message)) fmt let emit_lwt event fmt = Format.kasprintf (fun message -> emit event message) fmt let debug f = emit_async rpc_http_event_debug f let log_info f = emit_async rpc_http_event_info f let log_notice f = emit_async rpc_http_event_notice f let warn f = emit_async rpc_http_event_warning f let log_error f = emit_async rpc_http_event_error f let lwt_debug f = emit_lwt rpc_http_event_debug f let lwt_log_info f = emit_lwt rpc_http_event_info f let lwt_log_notice f = emit_lwt rpc_http_event_notice f let lwt_warn f = emit_lwt rpc_http_event_warning f let lwt_log_error f = emit_lwt rpc_http_event_error f end include Resto_cohttp_server.Server.Make (Tezos_rpc.Encoding) (RPC_logging) module Acl = struct include Resto_acl.Acl type endpoint = P2p_point.Id.addr_port_id type policy = (endpoint * t) list let secure = Deny_all { except = List.map parse [ "GET /chains/*/blocks"; "GET /chains/*/blocks/*"; "GET /chains/*/chain_id"; "GET /chains/*/checkpoint"; "GET /chains/*/blocks/*/context/adaptive_issuance_launch_cycle"; "GET /chains/*/blocks/*/context/big_maps/*/*"; "GET /chains/*/blocks/*/context/cache/**"; "GET /chains/*/blocks/*/context/constants"; "GET /chains/*/blocks/*/context/contracts/**"; "GET /chains/*/blocks/*/context/delegates/**"; "GET /chains/*/blocks/*/context/denunciations"; "GET /chains/*/blocks/*/context/issuance"; "GET /chains/*/blocks/*/context/issuance/*"; "GET /chains/*/blocks/*/context/liquidity_baking/*"; "GET /chains/*/blocks/*/context/merkle_tree/**"; "GET /chains/*/blocks/*/context/merkle_tree_v2/**"; "GET /chains/*/blocks/*/context/nonces/*"; "GET /chains/*/blocks/*/context/sapling/**"; "GET /chains/*/blocks/*/context/seed_computation"; "GET /chains/*/blocks/*/context/selected_snapshot"; "GET /chains/*/blocks/*/context/total_frozen_stake"; "GET /chains/*/blocks/*/context/total_supply"; "GET /chains/*/blocks/*/hash"; "GET /chains/*/blocks/*/header"; "GET /chains/*/blocks/*/header/**"; "GET /chains/*/blocks/*/helpers/current_level"; "GET /chains/*/blocks/*/live_blocks"; "GET /chains/*/blocks/*/metadata"; "GET /chains/*/blocks/*/metadata_hash"; "GET /chains/*/blocks/*/minimal_valid_time"; "GET /chains/*/blocks/*/operation_hashes"; "GET /chains/*/blocks/*/operation_hashes/**"; "GET /chains/*/blocks/*/operation_metadata_hashes"; "GET /chains/*/blocks/*/operations"; "GET /chains/*/blocks/*/operations/**"; "GET /chains/*/blocks/*/operations_metadata_hash"; "GET /chains/*/blocks/*/protocols"; "GET /chains/*/blocks/*/resulting_context_hash"; "GET /chains/*/blocks/*/votes/**"; "GET /chains/*/invalid_blocks"; "GET /chains/*/invalid_blocks/*"; "GET /chains/*/is_bootstrapped"; "GET /chains/*/levels/*"; "GET /chains/*/mempool/filter"; "GET /chains/*/mempool/pending_operations"; "GET /config/history_mode"; "GET /config/network/user_activated_protocol_overrides"; "GET /config/network/user_activated_upgrades"; "GET /config/network/dal"; "GET /network/stat"; "GET /network/version"; "GET /network/versions"; "GET /protocols"; "GET /protocols/*/environment"; "GET /version"; "POST /chains/*/blocks/*/context/contracts/*/big_map_get"; "POST /chains/*/blocks/*/context/seed"; "POST /injection/operation"; ]; } let allow_all = Allow_all {except = []} let default (address : P2p_addr.t) = let open Ipaddr in if V6.scope address = Interface then allow_all else secure let empty_policy = [] let match_address_and_port point1 point2 = let open P2p_point.Id in point1.addr = point2.addr && point1.port = point2.port let rec put_policy (addr, acl) = function | [] -> [(addr, acl)] | (a, _) :: policy when match_address_and_port addr a -> (addr, acl) :: policy | entry :: policy -> entry :: put_policy (addr, acl) policy (* FIXME (https://gitlab.com/tezos/tezos/-/issues/1320). Use resto functions instead. *) let meth_to_string = function | Any -> "" | Exact `GET -> "GET" | Exact `PUT -> "PUT" | Exact `POST -> "POST" | Exact `PATCH -> "PATCH" | Exact `DELETE -> "DELETE" let escaped_asterisk_seq = String.to_seq "%2A" let chunk_to_string = function | Wildcard -> "*" | Literal l -> let s = Uri.pct_encode l in if String.contains s '*' then (* slow path *) String.of_seq (Seq.flat_map (function '*' -> escaped_asterisk_seq | c -> Seq.return c) (String.to_seq s)) else s let chunk_list_to_string l = "/" ^ String.concat "/" (List.map chunk_to_string l) let path_to_string = function | FollowedByAnySuffix l -> chunk_list_to_string l ^ "/**" | Exact l -> chunk_list_to_string l let matcher_to_string {meth; path} = meth_to_string meth ^ path_to_string path let matcher_encoding : matcher Data_encoding.t = let open Data_encoding in conv matcher_to_string parse string let endpoint_encoding : endpoint Data_encoding.t = let open Data_encoding in let open P2p_point.Id in let parse str = match parse_addr_port_id str with | Ok endpoint -> endpoint | Error e -> raise (Invalid_argument (Format.sprintf "%s in address" (string_of_parsing_error e))) in conv addr_port_id_to_string parse string let policy_type p = if p = secure then "Secure" else if p = allow_all then "AllowAll" else "Custom" let policy_encoding : (endpoint * t) list Data_encoding.t = let open Data_encoding in list @@ union [ case ~title:"Whitelist" (Tag 0) (obj2 (req "address" endpoint_encoding) (req "whitelist" @@ list matcher_encoding)) (function | addr, Deny_all {except} -> Some (addr, except) | _ -> None) (fun (addr, except) -> (addr, Deny_all {except})); case ~title:"Blacklist" (Tag 1) (obj2 (req "address" endpoint_encoding) (req "blacklist" @@ list matcher_encoding)) (function | addr, Allow_all {except} -> Some (addr, except) | _ -> None) (fun (addr, except) -> (addr, Allow_all {except})); ] let policy_to_string policy = let open Data_encoding in Json.construct policy_encoding policy |> Json.to_string let find_policy policy (address, port) = let match_addr searched_port searched_addr (endpoint, acl) = let open P2p_point.Id in match (endpoint.addr = searched_addr, endpoint.port, searched_port) with | true, None, _ -> Some acl | true, Some port, Some searched_port when port = searched_port -> Some acl | _ -> None in List.find_map (match_addr port address) policy let acl_type = function Allow_all _ -> `Blacklist | Deny_all _ -> `Whitelist module Internal_for_test = struct type nonrec endpoint = endpoint let rec resolve_domain_names resolve = let open Lwt_syntax in function | [] -> return_nil | (endpoint, acl) :: remainder -> let open P2p_point.Id in let* resolved = resolve endpoint in let resolved = List.map (fun (ip_addr, _) -> ( { endpoint with addr = Format.asprintf "%a" Ipaddr.V6.pp ip_addr; }, acl )) resolved in let+ rem = resolve_domain_names resolve remainder in resolved @ rem end let resolve_domain_names = let open P2p_point.Id in let resolve endpoint = let service = Option.fold ~none:"" ~some:Int.to_string endpoint.port in Lwt_utils_unix.getaddrinfo ~node:endpoint.addr ~service ~passive:false in Internal_for_test.resolve_domain_names resolve end module Max_active_rpc_connections = struct type t = Unlimited | Limited of int let default = Limited 100 let encoding = let open Data_encoding in def "max_active_rpc_connections" ~title:"max_active_rpc_connections" ~description:"The maximum alowed number of RPC connections" (union ~tag_size:`Uint8 [ case ~title:"unlimited" ~description: "There is not limit of the number of RPC connections allowed." (Tag 0) (constant "unlimited") (function Unlimited -> Some () | _ -> None) (fun () -> Unlimited); case ~title:"limited" ~description: "The number of maximum RPC connections allowed is limited to \ the given integer's value." (Tag 1) int31 (function Limited i -> Some i | _ -> None) (fun i -> Limited i); ]) let pp_parameter ppf = function | Unlimited -> Format.fprintf ppf "unlimited" | Limited limit -> Format.fprintf ppf "%l" limit end let launch ?host server ?conn_closed ?callback ?(max_active_connections = Max_active_rpc_connections.default) mode = (* TODO: backport max_active_connections in resto *) (match max_active_connections with | Unlimited -> () | Limited max_active_connections -> Conduit_lwt_unix.set_max_active max_active_connections) ; launch ?host server ?conn_closed ?callback mode