diff --git a/README.md b/README.md index 47cc59fd1..b2e5d8749 100644 --- a/README.md +++ b/README.md @@ -287,7 +287,7 @@ http.api : ["eth","debug","net"] Erigon can be used as an Execution Layer (EL) for Consensus Layer clients (CL). Default configuration is OK. If your CL client is on a different device, add `--authrpc.addr 0.0.0.0` ([Engine API] listens on localhost by default) -as well as `--authrpc.vhosts `. +as well as `--authrpc.vhosts ` where `` is your source host or `any`. [Engine API]: https://github.com/ethereum/execution-apis/blob/main/src/engine/specification.md diff --git a/cmd/utils/flags.go b/cmd/utils/flags.go index 52648d3b5..c11689b1c 100644 --- a/cmd/utils/flags.go +++ b/cmd/utils/flags.go @@ -335,12 +335,12 @@ var ( } HTTPVirtualHostsFlag = cli.StringFlag{ Name: "http.vhosts", - Usage: "Comma separated list of virtual hostnames from which to accept requests (server enforced). Accepts '*' wildcard.", + Usage: "Comma separated list of virtual hostnames from which to accept requests (server enforced). Accepts 'any' or '*' as wildcard.", Value: strings.Join(nodecfg.DefaultConfig.HTTPVirtualHosts, ","), } AuthRpcVirtualHostsFlag = cli.StringFlag{ Name: "authrpc.vhosts", - Usage: "Comma separated list of virtual hostnames from which to accept Engine API requests (server enforced). Accepts '*' wildcard.", + Usage: "Comma separated list of virtual hostnames from which to accept Engine API requests (server enforced). Accepts 'any' or '*' as wildcard.", Value: strings.Join(nodecfg.DefaultConfig.HTTPVirtualHosts, ","), } HTTPApiFlag = cli.StringFlag{ diff --git a/docker-compose.yml b/docker-compose.yml index bf5982c9b..37c20a28f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -63,7 +63,7 @@ services: <<: *default-erigon-service entrypoint: rpcdaemon command: | - ${RPCDAEMON_FLAGS-} --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --ws + ${RPCDAEMON_FLAGS-} --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --ws --private.api.addr=erigon:9090 --txpool.api.addr=txpool:9094 --datadir=/home/erigon/.local/share/erigon ports: [ "8545:8545" ] diff --git a/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml b/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml index c8185cf28..9a9543261 100644 --- a/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml +++ b/k8s/google-kubernetes-engine/statefulset-erigon-patch.yaml @@ -24,7 +24,7 @@ - '--http.addr=0.0.0.0' - '--http.api=eth,erigon,web3,net,debug,ots,trace,txpool' - '--http.corsdomain=*' - - '--http.vhosts=*' + - '--http.vhosts=any' - '--log.console.verbosity=1' - '--log.json' - '--metrics' diff --git a/node/rpcstack.go b/node/rpcstack.go index 3dbd4a306..2959aca0b 100644 --- a/node/rpcstack.go +++ b/node/rpcstack.go @@ -402,7 +402,11 @@ func (h *virtualHostHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { h.next.ServeHTTP(w, r) return } - if _, exist := h.vhosts[host]; exist { + if _, exist := h.vhosts["any"]; exist { + h.next.ServeHTTP(w, r) + return + } + if _, exist := h.vhosts[strings.ToLower(host)]; exist { h.next.ServeHTTP(w, r) return } diff --git a/node/rpcstack_test.go b/node/rpcstack_test.go index 8aa76c85b..0280ab84e 100644 --- a/node/rpcstack_test.go +++ b/node/rpcstack_test.go @@ -50,7 +50,7 @@ func TestCorsHandler(t *testing.T) { assert.Equal(t, "", resp2.Header.Get("Access-Control-Allow-Origin")) } -// TestVhosts makes sure vhosts are properly handled on the http server. +// TestVhosts makes sure vhosts is properly handled on the http server. func TestVhosts(t *testing.T) { srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"test"}}, false, &wsConfig{}) defer srv.stop() @@ -65,6 +65,21 @@ func TestVhosts(t *testing.T) { assert.Equal(t, resp2.StatusCode, http.StatusForbidden) } +// TestVhostsAny makes sure vhosts any is properly handled on the http server. +func TestVhostsAny(t *testing.T) { + srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"any"}}, false, &wsConfig{}) + defer srv.stop() + url := "http://" + srv.listenAddr() + + resp := rpcRequest(t, url, "host", "test") + defer resp.Body.Close() + assert.Equal(t, resp.StatusCode, http.StatusOK) + + resp2 := rpcRequest(t, url, "host", "bad") + defer resp2.Body.Close() + assert.Equal(t, resp.StatusCode, http.StatusOK) +} + type originTest struct { spec string expOk []string diff --git a/tests/automated-testing/docker-compose.yml b/tests/automated-testing/docker-compose.yml index aec7614b7..cff9184f0 100644 --- a/tests/automated-testing/docker-compose.yml +++ b/tests/automated-testing/docker-compose.yml @@ -35,7 +35,7 @@ services: image: thorax/erigon:$ERIGON_TAG entrypoint: rpcdaemon command: | - --private.api.addr=erigon:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.port=8545 --graphql --log.dir.path=/logs/node1 + --private.api.addr=erigon:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --http.port=8545 --graphql --log.dir.path=/logs/node1 volumes: - ./logdir:/logs user: ${DOCKER_UID}:${DOCKER_GID} @@ -47,7 +47,7 @@ services: image: thorax/erigon:$ERIGON_TAG entrypoint: rpcdaemon command: | - --private.api.addr=erigon-node2:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.port=8545 --log.dir.path=/logs/node2 + --private.api.addr=erigon-node2:9090 --http.api=admin,eth,erigon,web3,net,debug,trace,txpool,parity --http.addr=0.0.0.0 --http.vhosts=any --http.corsdomain=* --http.port=8545 --log.dir.path=/logs/node2 volumes: - ./logdir:/logs user: ${DOCKER_UID}:${DOCKER_GID}