aboutsummaryrefslogtreecommitdiff
path: root/src/httpserver.cpp
AgeCommit message (Collapse)Author
2022-01-13Merge bitcoin/bitcoin#23607: rpc: Pass const char* to ↵laanwj
evhttp_connection_get_peer for new libevent c62d763fc313585d79ad833c9d729f6acf2652aa Necessary improvements to make configure work without libevent installed (Perlover) 091ccc38c2e589b649648cbcc99aca4802f98775 The evhttp_connection_get_peer function from libevent changes the type of the second parameter. Fixing the problem. (Perlover) Pull request description: The second parameter of evhttp_connection_get_peer in libevent already has type as `const char **` The compilation of bitcoind with the fresh libevent occurs errors Details: https://github.com/bitcoin/bitcoin/issues/23606 ACKs for top commit: laanwj: Code review ACK c62d763fc313585d79ad833c9d729f6acf2652aa luke-jr: tACK c62d763fc313585d79ad833c9d729f6acf2652aa Tree-SHA512: d1c8062d90bd0d55c582dae2c3a7e5ee1b6c7ca872bf4aa7fe6f45a52ac4a8f59464215759d961f8efde0efbeeade31b08daf9387d7d50d7622baa1c06992d83
2021-12-30scripted-diff: Bump copyright headersHennadii Stepanov
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: * 2020: fa0074e2d82928016a43ca408717154a1c70a4db * 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2021-12-07Necessary improvements to make configure work without libevent installedPerlover
2021-12-01The evhttp_connection_get_peer function from libevent changes the type of ↵Perlover
the second parameter. Fixing the problem.
2021-10-04Merge bitcoin/bitcoin#20487: Add syscall sandboxing using seccomp-bpf (Linux ↵W. J. van der Laan
secure computing mode) 4747da3a5b639b5a336b737e7e3cbf060cf2efcf Add syscall sandboxing (seccomp-bpf) (practicalswift) Pull request description: Add experimental syscall sandboxing using seccomp-bpf (Linux secure computing mode). Enable filtering of system calls using seccomp-bpf: allow only explicitly allowlisted (expected) syscalls to be called. The syscall sandboxing implemented in this PR is an experimental feature currently available only under Linux x86-64. To enable the experimental syscall sandbox the `-sandbox=<mode>` option must be passed to `bitcoind`: ``` -sandbox=<mode> Use the experimental syscall sandbox in the specified mode (-sandbox=log-and-abort or -sandbox=abort). Allow only expected syscalls to be used by bitcoind. Note that this is an experimental new feature that may cause bitcoind to exit or crash unexpectedly: use with caution. In the "log-and-abort" mode the invocation of an unexpected syscall results in a debug handler being invoked which will log the incident and terminate the program (without executing the unexpected syscall). In the "abort" mode the invocation of an unexpected syscall results in the entire process being killed immediately by the kernel without executing the unexpected syscall. ``` The allowed syscalls are defined on a per thread basis. I've used this feature since summer 2020 and I find it to be a helpful testing/debugging addition which makes it much easier to reason about the actual capabilities required of each type of thread in Bitcoin Core. --- Quick start guide: ``` $ ./configure $ src/bitcoind -regtest -debug=util -sandbox=log-and-abort … 2021-06-09T12:34:56Z Experimental syscall sandbox enabled (-sandbox=log-and-abort): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked. … 2021-06-09T12:34:56Z Syscall filter installed for thread "addcon" 2021-06-09T12:34:56Z Syscall filter installed for thread "dnsseed" 2021-06-09T12:34:56Z Syscall filter installed for thread "net" 2021-06-09T12:34:56Z Syscall filter installed for thread "msghand" 2021-06-09T12:34:56Z Syscall filter installed for thread "opencon" 2021-06-09T12:34:56Z Syscall filter installed for thread "init" … # A simulated execve call to show the sandbox in action: 2021-06-09T12:34:56Z ERROR: The syscall "execve" (syscall number 59) is not allowed by the syscall sandbox in thread "msghand". Please report. … Aborted (core dumped) $ ``` --- [About seccomp and seccomp-bpf](https://en.wikipedia.org/wiki/Seccomp): > In computer security, seccomp (short for secure computing mode) is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), and read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely. > > […] > > seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on Chrome OS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.) ACKs for top commit: laanwj: Code review and lightly tested ACK 4747da3a5b639b5a336b737e7e3cbf060cf2efcf Tree-SHA512: e1c28e323eb4409a46157b7cc0fc29a057ba58d1ee2de268962e2ade28ebd4421b5c2536c64a3af6e9bd3f54016600fec88d016adb49864b63edea51ad838e17
2021-10-01Add syscall sandboxing (seccomp-bpf)practicalswift
2021-09-09util: remove libevent <= 2.0.18 back-compat codefanquake
Now that we require libevent >=2.0.21, remove backwards compatibility code for older versions.
2021-09-27scripted-diff: Rename overloaded int GetArg to GetIntArgRussell Yanofsky
Improve readability of code, simplify future scripted diff cleanup PRs, and be more consistent with naming for GetBoolArg. This will also be useful for replacing runtime settings type checking with compile time checking. -BEGIN VERIFY SCRIPT- git grep -l GetArg | xargs sed -i 's/GetArg(\([^)]*\( [0-9]\+\|-1\|port\|BaseParams().RPCPort()\|Params().GetDefaultPort()\|_TIMEOUT\|Height\|_WORKQUEUE\|_THREADS\|_CONNECTIONS\|LIMIT\|SigOp\|Bytes\|_VERSION\|_AGE\|_CHECKS\|Checks() ? 1 : 0\|_BANTIME\|Cache\|BLOCKS\|LEVEL\|Weight\|Version\|BUFFER\|TARGET\|WEIGHT\|TXN\|TRANSACTIONS\|ADJUSTMENT\|i64\|Size\|nDefault\|_EXPIRY\|HEIGHT\|SIZE\|SNDHWM\|_TIME_MS\)\))/GetIntArg(\1)/g' -END VERIFY SCRIPT- Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2021-06-28refactor: Make httpserver work queue a unique_ptrMarcoFalke
2021-06-21Merge bitcoin/bitcoin#19033: http: Release work queue after event base finishW. J. van der Laan
4e353cb618745cdb5d98e58e7dcd400ded01299a http: Release work queue after event base finish (João Barbosa) Pull request description: This fixes a race between `http_request_cb` and `StopHTTPServer` where the work queue is used after release. Fixes #18856. ACKs for top commit: fjahr: Code review ACK 4e353cb618745cdb5d98e58e7dcd400ded01299a achow101: ACK 4e353cb618745cdb5d98e58e7dcd400ded01299a LarryRuane: ACK 4e353cb618745cdb5d98e58e7dcd400ded01299a hebasto: ACK 4e353cb618745cdb5d98e58e7dcd400ded01299a, tested (rebased on top of master 9313c4e6aa4b707c06a86b33d5d2753cd8383340) on Linux Mint 20.1 (x86_64) using MarcoFalke's [patch](https://github.com/bitcoin/bitcoin/pull/19033#issuecomment-640106647), including different `-rpcthreads`/`-rpcworkqueue` cases. The bug is fixed. The code is correct. Tree-SHA512: 185d2a9744d0d5134d782bf321ac9958ba17b11a5b3d70b4897c8243e6b146dfd3f23c57aef8e10ae9484374120b64389c1949a9cf0a21dccc47ffc934c20930
2021-05-09refactor: Add TSA annotations to the WorkQueue class membersHennadii Stepanov
2021-03-19Merge #18335: bitcoin-cli: print useful error if bitcoind rpc work queue ↵MarcoFalke
exceeded 8dd5946c0b7aa8f3976b14a5de4ce84b80a9c32a add functional test (Larry Ruane) b5a80fa7e487c37b7ac0e3874a2fabade41b9ca8 util: Handle HTTP_SERVICE_UNAVAILABLE in bitcoin-cli (Hennadii Stepanov) Pull request description: If `bitcoind` is processing 16 RPC requests, attempting to submit another request using `bitcoin-cli` produces this less-than-helpful error message: `error: couldn't parse reply from server`. This PR changes the error to: `error: server response: Work queue depth exceeded`. ACKs for top commit: fjahr: tACK 8dd5946c0b7aa8f3976b14a5de4ce84b80a9c32a luke-jr: utACK 8dd5946c0b7aa8f3976b14a5de4ce84b80a9c32a (no changes since previous utACK) hebasto: re-ACK 8dd5946c0b7aa8f3976b14a5de4ce84b80a9c32a, only suggested changes since my [previous](https://github.com/bitcoin/bitcoin/pull/18335#pullrequestreview-460621350) review. darosior: ACK 8dd5946c0b7aa8f3976b14a5de4ce84b80a9c32a Tree-SHA512: 33e25f6ff05d9b56fae2bdb68b132557bb8e995f5438ac4fbbc53c304c5152a98aa43c43600c31d8a6a2830cbd48bf8ec7d89dce50190b29ec00a43830126913
2021-03-16p2p, refactor: pass and use uint16_t CService::port as uint16_tJon Atack
2020-10-22net: Drop unneeded headers when compat.h includedHennadii Stepanov
2020-07-12util: Handle HTTP_SERVICE_UNAVAILABLE in bitcoin-cliHennadii Stepanov
2020-07-09http: Release work queue after event base finishJoão Barbosa
This fixes a race between http_request_cb and StopHTTPServer where the work queue is used after release.
2020-06-27scripted-diff: Move ui_interface to the node libMarcoFalke
-BEGIN VERIFY SCRIPT- # Move files git mv src/ui_interface.h src/node/ui_interface.h git mv src/ui_interface.cpp src/node/ui_interface.cpp sed -i -e 's/BITCOIN_UI_INTERFACE_H/BITCOIN_NODE_UI_INTERFACE_H/g' src/node/ui_interface.h # Adjust includes and makefile sed -i -e 's|ui_interface|node/ui_interface|g' $(git grep -l ui_interface) # Sort includes git diff -U0 | clang-format-diff -p1 -i -v -END VERIFY SCRIPT-
2020-05-19http: Avoid crash when g_thread_http was never startedMarcoFalke
g_thread_http can not be joined when it is not joinable. Avoid crashing the node by adding the required check and add a test.
2020-05-05Make ThreadSafe{MessageBox|Question} bilingualHennadii Stepanov
2020-04-16scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-04-06tests: Add fuzzing harness for HTTPRequest, libevent's evhttp and related ↵practicalswift
functions
2020-02-18httpserver: use own HTTP status codesFilip Gospodinov
Before, macros defined in `<event2/http.h>` have been used for some HTTP status codes. `<event2/http.h>` is included implicitly and the usage of its status code macros is inconsistent with the majority HTTP response implementations in this file. Now, the `HTTPStatusCode` enum from `<rpc/protocol.h>` is consistently used for all HTTP response implementations.
2020-01-08net: Avoid using C-style NUL-terminated strings as arguments in the netbase ↵practicalswift
interface
2019-12-30scripted-diff: Bump copyright of files changed in 2019MarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2019-10-25http: add missing header bootlegged by boost < 1.72Jan Beich
httpserver.cpp:74:10: error: no template named 'deque' in namespace 'std' std::deque<std::unique_ptr<WorkItem>> queue; ~~~~~^
2019-10-15Remove unused includespracticalswift
2019-05-25Remove global symbols: Avoid using the global namespace if possiblepracticalswift
Rename CCriticalSection to RecursiveMutex (both are AnnotatedMixin<std::recursive_mutex>) ``` $ git grep -E '(typedef|using).*(CCriticalSection|RecursiveMutex)' src/sync.h:using RecursiveMutex = AnnotatedMixin<std::recursive_mutex>; src/sync.h:typedef AnnotatedMixin<std::recursive_mutex> CCriticalSection; ```
2019-04-29threads: introduce util/threadnames, refactor thread namingJames O'Beirne
This work is prerequisite to attaching thread names to log lines and deadlock debug utilities. This code allows setting of an "internal" threadname per thread on platforms where thread_local is available. This commit also moves RenameThread() out of a more general module and adds a numeric suffix to disambiguate between threads with the same name. It explicitly names a few main threads using the new util::ThreadRename().
2019-04-09[build] Add several util unitsJohn Newbery
Adds the following util units and adds them to libbitcoin_util: - `util/url.cpp` takes `urlDecode` from `httpserver.cpp` - `util/error.cpp` takes `TransactionErrorString` from `node/transaction.cpp` and `AmountHighWarn` and `AmountErrMsg` from `ui_interface.cpp` - `util/fees.cpp` takes `StringForFeeReason` and `FeeModeFromString` from `policy/fees.cpp` - `util/rbf.cpp` takes `SignalsOptInRBF` from `policy/rbf.cpp` - 'util/validation.cpp` takes `FormatStateMessage` and `strMessageMagic` from 'validation.cpp`
2019-01-29log: Construct global logger on first useMarcoFalke
2019-01-05Use C++11 default member initializersMarcoFalke
2018-11-23http: Remove timeout to exit event loopJoão Barbosa
Let HTTP connections to timeout due to inactivity. Let all remaning connections finish sending the response and close.
2018-11-23http: Remove unnecessary event_base_loopexit callJoão Barbosa
Let event base loop exit cleanly by processing all active and pending events. The call is no longer necessary because closing persistent connections is now properly handled.
2018-11-23http: Unlisten sockets after all workers quitJoão Barbosa
This (almost) move only ensures the event base loop doesn't exit before HTTP worker threads exit. This way events registered by HTTP workers are processed and not discarded.
2018-11-23http: Send "Connection: close" header if shutdown is requestedJoão Barbosa
Sending the header "Connection: close" makes libevent close persistent connections (implicit with HTTP 1.1) which cleans the event base when shutdown is requested.
2018-11-22rpcbind: Warn about exposing RPC to untrusted networksLuke Dashjr
2018-11-22net: Always default rpcbind to localhost, never "all interfaces"Luke Dashjr
We don't support binding to untrusted networks, so avoid a default where that is typical
2018-11-05Add SAFE_CHARS[SAFE_CHARS_URI]: Chars allowed in URIs (RFC 3986)practicalswift
2018-11-05rpc: Make HTTP RPC debug logging more informativepracticalswift
2018-11-05Merge #14628: Trivial: Rename misleading 'defaultPort' to 'rpc_port'Wladimir J. van der Laan
4ed730802f9ec3d65477a29a318dd78216ef7085 scripted-diff: Rename misleading 'defaultPort' to 'http_port' (Murray Nesbitt) Pull request description: `defaultPort` in `HTTPBindAddresses()` is misleadingly named. `defaultPort ` suggests a constant, not something that might be overridden by `-rpcport`. Tree-SHA512: f6ae8bdc2b4a4f503e44df9efdec32c854d2dede87714399f53791d50cce6bc41c46b01d1583cfc0e3e4777c244e1c74443fa39d9da50a45e53af265b74a17d1
2018-11-05scripted-diff: Rename misleading 'defaultPort' to 'http_port'Murray Nesbitt
-BEGIN VERIFY SCRIPT- sed -i -e 's/\<defaultPort\>/http_port/g' src/httpserver.cpp -END VERIFY SCRIPT-
2018-11-04scripted-diff: Move util files to separate directory.Jim Posen
-BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
2018-09-20Merge #14214: convert C-style (void) parameter lists to C++ style ()MarcoFalke
3ccfa34b32 convert C-style (void) parameter lists to C++ style () (Arvid Norberg) Pull request description: In C, an empty parameter list, `()`, means the function takes any arguments, and `(void)` means the function does not take any parameters. In C++, an empty parameter list means the function does not take any parameters. So, C++ still supports `(void)` parameter lists with the same semantics, why change to `()`? 1. removing the redundant `void` improves signal-to-noise ratio of the code 2. using `(void)` exposes a rare inconsistency in that a template taking a template `(T)` parameter list, cannot be instantiated with `T=void` Tree-SHA512: be2897b6c5e474873aa878ed6bac098382cd21866aec33752fe40b089a6331aa6263cae749aba1b4a41e8467f1a47086d32eb74abaf09927fd5a2f44a4b2109a
2018-09-19init: Remove deprecated args from hidden argsMarcoFalke
2018-09-13convert C-style (void) parameter lists to C++ style ()Arvid Norberg
2018-08-31scripted-diff: Small locking renameRussell Yanofsky
Call sync.h primitives "locks" and "mutexes" instead of "blocks" and "waitable critical sections" to match current coding conventions and c++11 standard names. This PR does not rename the "CCriticalSection" class (though this could be done as a followup) because it is used everywhere and would swamp the other changes in this PR. Plain mutexes should mostly be preferred instead of recursive mutexes in new code anyway. -BEGIN VERIFY SCRIPT- set -x set -e ren() { git grep -l $1 | xargs sed -i s/$1/$2/; } ren CCriticalBlock UniqueLock ren CWaitableCriticalSection Mutex ren CConditionVariable std::condition_variable ren cs_GenesisWait g_genesis_wait_mutex ren condvar_GenesisWait g_genesis_wait_cv perl -0777 -pi -e 's/.*typedef.*condition_variable.*\n\n?//g' src/sync.h -END VERIFY SCRIPT-
2018-08-31Merge #11640: Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSectionWladimir J. van der Laan
9c4dc597ddc66acfd58a945a5ab11f833731abba Use LOCK macros for non-recursive locks (Russell Yanofsky) 1382913e61f5db6ba849b1e261e8aefcd5a1ae68 Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSection (Russell Yanofsky) ba1f095aadf29bddb0bd8176d2e0b908f92a5623 MOVEONLY Move AnnotatedMixin declaration (Russell Yanofsky) 41b88e93375d57db12da923f45f87b9a2db8e730 Add unit test for DEBUG_LOCKORDER code (Russell Yanofsky) Pull request description: Make LOCK macros work with non-recursive mutexes, and use wherever possible for better deadlock detection. Also add unit test for DEBUG_LOCKORDER code. Tree-SHA512: 64ef209307f28ecd0813a283f15c6406138c6ffe7f6cbbd084161044db60e2c099a7d0d2edcd1c5e7770a115e9b931b486e86c9a777bdc96d2e8a9f4dc192942
2018-08-20http: Add const modifier to HTTPRequest methodsJoão Barbosa
2018-08-08Merge #13780: 0.17: Pre-branch maintenanceWladimir J. van der Laan
3fc20632a3ad30809356a58d2cf0ea4a4ad4cec3 qt: Set BLOCK_CHAIN_SIZE = 220 (DrahtBot) 2b6a2f4a28792f2fe9dc1be843b1ff1ecae35e8a Regenerate manpages (DrahtBot) eb7daf4d600eeb631427c018a984a77a34aca66e Update copyright headers to 2018 (DrahtBot) Pull request description: Some trivial maintenance to avoid having to do it again after the 0.17 branch off. (The scripts to do this are in `./contrib/`) Tree-SHA512: 16b2af45e0351b1c691c5311d48025dc6828079e98c2aa2e600dc5910ee8aa01858ca6c356538150dc46fe14c8819ed8ec8e4ec9a0f682b9950dd41bc50518fa
2018-08-03Use LOCK macros for non-recursive locksRussell Yanofsky
Instead of std::unique_lock.