7667 cli params vhost (#7669)

This change adds 'any' as an alternate wildcard to '*'. I have updated all doc references in the main erigon repo - let me know if there is anywhere else that needs changing.
2024-12-21 11:10:38 +00:00 · 2023-06-09 14:12:11 +01:00 · 2023-06-09 14:12:11 +01:00 · 62b2375de9
commit 62b2375de9
parent 614769f7ac
7 changed files with 28 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -287,7 +287,7 @@ http.api : ["eth","debug","net"]
 Erigon can be used as an Execution Layer (EL) for Consensus Layer clients (CL). Default configuration is OK.

 If your CL client is on a different device, add `--authrpc.addr 0.0.0.0` ([Engine API] listens on localhost by default)
-as well as `--authrpc.vhosts <CL host>`.
+as well as `--authrpc.vhosts <CL host>` where `<CL host>` is your source host or `any`.

 [Engine API]: https://github.com/ethereum/execution-apis/blob/main/src/engine/specification.md

--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@ -335,12 +335,12 @@ var (
 	}
 	HTTPVirtualHostsFlag = cli.StringFlag{
 		Name:  "http.vhosts",
-		Usage: "Comma separated list of virtual hostnames from which to accept requests (server enforced). Accepts '*' wildcard.",
+		Usage: "Comma separated list of virtual hostnames from which to accept requests (server enforced). Accepts 'any' or '*' as wildcard.",
 		Value: strings.Join(nodecfg.DefaultConfig.HTTPVirtualHosts, ","),
 	}
 	AuthRpcVirtualHostsFlag = cli.StringFlag{
 		Name:  "authrpc.vhosts",
-		Usage: "Comma separated list of virtual hostnames from which to accept Engine API requests (server enforced). Accepts '*' wildcard.",
+		Usage: "Comma separated list of virtual hostnames from which to accept Engine API requests (server enforced). Accepts 'any' or '*' as wildcard.",
 		Value: strings.Join(nodecfg.DefaultConfig.HTTPVirtualHosts, ","),
 	}
 	HTTPApiFlag = cli.StringFlag{
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -63,7 +63,7 @@ services:
    <<: *default-erigon-service
    entrypoint: rpcdaemon
    command: |
-      ${RPCDAEMON_FLAGS-} --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --ws
+      ${RPCDAEMON_FLAGS-} --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --ws
      --private.api.addr=erigon:9090 --txpool.api.addr=txpool:9094 --datadir=/home/erigon/.local/share/erigon
    ports: [ "8545:8545" ]

--- a/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml
+++ b/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml
@ -24,7 +24,7 @@
    - '--http.addr=0.0.0.0'
    - '--http.api=eth,erigon,web3,net,debug,ots,trace,txpool'
    - '--http.corsdomain=*'
-    - '--http.vhosts=*'
+    - '--http.vhosts=any'
    - '--log.console.verbosity=1'
    - '--log.json'
    - '--metrics'
--- a/node/rpcstack.go
+++ b/node/rpcstack.go
@ -402,7 +402,11 @@ func (h *virtualHostHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		h.next.ServeHTTP(w, r)
 		return
 	}
-	if _, exist := h.vhosts[host]; exist {
+	if _, exist := h.vhosts["any"]; exist {
+		h.next.ServeHTTP(w, r)
+		return
+	}
+	if _, exist := h.vhosts[strings.ToLower(host)]; exist {
 		h.next.ServeHTTP(w, r)
 		return
 	}
--- a/node/rpcstack_test.go
+++ b/node/rpcstack_test.go
@ -50,7 +50,7 @@ func TestCorsHandler(t *testing.T) {
 	assert.Equal(t, "", resp2.Header.Get("Access-Control-Allow-Origin"))
 }

-// TestVhosts makes sure vhosts are properly handled on the http server.
+// TestVhosts makes sure vhosts is properly handled on the http server.
 func TestVhosts(t *testing.T) {
 	srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"test"}}, false, &wsConfig{})
 	defer srv.stop()
@ -65,6 +65,21 @@ func TestVhosts(t *testing.T) {
 	assert.Equal(t, resp2.StatusCode, http.StatusForbidden)
 }

+// TestVhostsAny makes sure vhosts any is properly handled on the http server.
+func TestVhostsAny(t *testing.T) {
+	srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"any"}}, false, &wsConfig{})
+	defer srv.stop()
+	url := "http://" + srv.listenAddr()
+
+	resp := rpcRequest(t, url, "host", "test")
+	defer resp.Body.Close()
+	assert.Equal(t, resp.StatusCode, http.StatusOK)
+
+	resp2 := rpcRequest(t, url, "host", "bad")
+	defer resp2.Body.Close()
+	assert.Equal(t, resp.StatusCode, http.StatusOK)
+}
+
 type originTest struct {
 	spec    string
 	expOk   []string
--- a/tests/automated-testing/docker-compose.yml
+++ b/tests/automated-testing/docker-compose.yml
@ -35,7 +35,7 @@ services:
    image: thorax/erigon:$ERIGON_TAG
    entrypoint: rpcdaemon
    command: |
-      --private.api.addr=erigon:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.port=8545 --graphql --log.dir.path=/logs/node1
+      --private.api.addr=erigon:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --http.port=8545 --graphql --log.dir.path=/logs/node1
    volumes:
      - ./logdir:/logs
    user: ${DOCKER_UID}:${DOCKER_GID}
@ -47,7 +47,7 @@ services:
    image: thorax/erigon:$ERIGON_TAG
    entrypoint: rpcdaemon
    command: |
-      --private.api.addr=erigon-node2:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.port=8545 --log.dir.path=/logs/node2
+      --private.api.addr=erigon-node2:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --http.port=8545 --log.dir.path=/logs/node2
    volumes:
      - ./logdir:/logs
    user: ${DOCKER_UID}:${DOCKER_GID}