From f9d2a6c8a1d894b4dc1072ecea32502f39646d87 Mon Sep 17 00:00:00 2001 From: John | Elite Encoder Date: Wed, 28 Aug 2024 18:33:21 -0400 Subject: [PATCH 1/4] add validation for invalid serviceUri --- cmd/livepeer/starter/starter.go | 5 +++++ server/handlers.go | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/cmd/livepeer/starter/starter.go b/cmd/livepeer/starter/starter.go index 1556b125df..81e62d7516 100755 --- a/cmd/livepeer/starter/starter.go +++ b/cmd/livepeer/starter/starter.go @@ -1199,6 +1199,11 @@ func StartLivepeer(ctx context.Context, cfg LivepeerConfig) { if err != nil { glog.Exit("Error getting service URI: ", err) } + + if *cfg.Network == "arbitrum-one-mainnet" && strings.Contains(suri.Host, "0.0.0.0") { + glog.Exit("Service address must be a public IP address or hostname when operating on mainnet") + } + n.SetServiceURI(suri) // if http addr is not provided, listen to all ifaces // take the port to listen to from the service URI diff --git a/server/handlers.go b/server/handlers.go index 22116079e6..07ce5f6da8 100644 --- a/server/handlers.go +++ b/server/handlers.go @@ -526,6 +526,12 @@ func (s *LivepeerServer) setServiceURI(client eth.LivepeerEthClient, serviceURI return err } + if strings.Contains(parsedURI.Host, "0.0.0.0") { + err = errors.New("service address must be a public IP address or hostname") + glog.Error(err) + return err + } + glog.Infof("Storing service URI %v in service registry...", serviceURI) tx, err := client.SetServiceURI(serviceURI) From f0821f0ff6e94271b02444edd1913251620e1a6b Mon Sep 17 00:00:00 2001 From: John | Elite Encoder Date: Wed, 28 Aug 2024 19:17:37 -0400 Subject: [PATCH 2/4] change startup validation to warning, add tests --- cmd/livepeer/starter/starter.go | 4 ++-- common/util.go | 9 +++++++++ common/util_test.go | 36 +++++++++++++++++++++++++++++++++ server/handlers.go | 2 +- server/handlers_test.go | 23 +++++++++++++++++++++ 5 files changed, 71 insertions(+), 3 deletions(-) diff --git a/cmd/livepeer/starter/starter.go b/cmd/livepeer/starter/starter.go index 81e62d7516..30f9e9c905 100755 --- a/cmd/livepeer/starter/starter.go +++ b/cmd/livepeer/starter/starter.go @@ -1200,8 +1200,8 @@ func StartLivepeer(ctx context.Context, cfg LivepeerConfig) { glog.Exit("Error getting service URI: ", err) } - if *cfg.Network == "arbitrum-one-mainnet" && strings.Contains(suri.Host, "0.0.0.0") { - glog.Exit("Service address must be a public IP address or hostname when operating on mainnet") + if *cfg.Network != "offchain" && common.ValidateServiceURI(suri) { + glog.Warning("Service address is a private IP address; this is not recommended for onchain networks") } n.SetServiceURI(suri) diff --git a/common/util.go b/common/util.go index 639cf07ccd..9532d08006 100644 --- a/common/util.go +++ b/common/util.go @@ -11,6 +11,7 @@ import ( "math/big" "math/rand" "mime" + "net/url" "regexp" "sort" "strconv" @@ -530,3 +531,11 @@ func ParseEthAddr(strJsonKey string) (string, error) { } return "", errors.New("Error parsing address from keyfile") } + +func ValidateServiceURI(serviceURI *url.URL) bool { + if strings.Contains(serviceURI.Host, "0.0.0.0") { + return false + } else { + return true + } +} diff --git a/common/util_test.go b/common/util_test.go index 9a541669d6..131631586e 100644 --- a/common/util_test.go +++ b/common/util_test.go @@ -5,6 +5,7 @@ import ( "fmt" "math" "math/big" + "net/url" "strconv" "strings" "testing" @@ -483,3 +484,38 @@ func TestParseAccelDevices_CustomSelection(t *testing.T) { assert.Equal(ids[1], "3") assert.Equal(ids[2], "1") } +func TestValidateServiceURI(t *testing.T) { + // Valid service URIs + validURIs := []string{ + "https://8.8.8.8:8935", + "https://127.0.0.1:8935", + } + + for _, uri := range validURIs { + serviceURI, err := url.Parse(uri) + if err != nil { + t.Errorf("Failed to parse valid service URI: %v", err) + } + + if !ValidateServiceURI(serviceURI) { + t.Errorf("Expected service URI to be valid, but got invalid: %v", uri) + } + } + + // Invalid service URIs + invalidURIs := []string{ + "http://0.0.0.0", + "https://0.0.0.0", + } + + for _, uri := range invalidURIs { + serviceURI, err := url.Parse(uri) + if err != nil { + t.Errorf("Failed to parse invalid service URI: %v", err) + } + + if ValidateServiceURI(serviceURI) { + t.Errorf("Expected service URI to be invalid, but got valid: %v", uri) + } + } +} diff --git a/server/handlers.go b/server/handlers.go index 07ce5f6da8..5e9cc62d8c 100644 --- a/server/handlers.go +++ b/server/handlers.go @@ -526,7 +526,7 @@ func (s *LivepeerServer) setServiceURI(client eth.LivepeerEthClient, serviceURI return err } - if strings.Contains(parsedURI.Host, "0.0.0.0") { + if !common.ValidateServiceURI(parsedURI) { err = errors.New("service address must be a public IP address or hostname") glog.Error(err) return err diff --git a/server/handlers_test.go b/server/handlers_test.go index d191d0a75e..528282972e 100644 --- a/server/handlers_test.go +++ b/server/handlers_test.go @@ -15,6 +15,7 @@ import ( "github.com/ethereum/go-ethereum/accounts" ethcommon "github.com/ethereum/go-ethereum/common" + ethtypes "github.com/ethereum/go-ethereum/core/types" "github.com/livepeer/go-livepeer/core" "github.com/livepeer/go-livepeer/eth" "github.com/livepeer/go-livepeer/eth/types" @@ -1570,7 +1571,29 @@ func TestMustHaveDb_Success(t *testing.T) { assert.Equal(http.StatusOK, status) assert.Equal("success", body) } +func TestSetServiceURI(t *testing.T) { + s := stubServer() + client := ð.MockClient{} + serviceURI := "https://8.8.8.8:8935" + + t.Run("Valid Service URI", func(t *testing.T) { + client.On("SetServiceURI", serviceURI).Return(ðtypes.Transaction{}, nil) + client.On("CheckTx", mock.Anything).Return(nil) + + err := s.setServiceURI(client, serviceURI) + + assert.NoError(t, err) + }) + t.Run("Invalid Service URI", func(t *testing.T) { + invalidServiceURI := "https://0.0.0.0:8935" + + err := s.setServiceURI(client, invalidServiceURI) + + assert.Error(t, err) + }) + +} func dummyHandler() http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) From f35cda24b75c589e11bdb849860921380953fd80 Mon Sep 17 00:00:00 2001 From: John | Elite Encoder Date: Wed, 28 Aug 2024 19:31:38 -0400 Subject: [PATCH 3/4] fix logic and log msg --- cmd/livepeer/starter/starter.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/livepeer/starter/starter.go b/cmd/livepeer/starter/starter.go index 30f9e9c905..fb153b3802 100755 --- a/cmd/livepeer/starter/starter.go +++ b/cmd/livepeer/starter/starter.go @@ -1200,8 +1200,8 @@ func StartLivepeer(ctx context.Context, cfg LivepeerConfig) { glog.Exit("Error getting service URI: ", err) } - if *cfg.Network != "offchain" && common.ValidateServiceURI(suri) { - glog.Warning("Service address is a private IP address; this is not recommended for onchain networks") + if *cfg.Network != "offchain" && !common.ValidateServiceURI(suri) { + glog.Warning("**Warning -serviceAddr is a not a public address or hostname; this is not recommended for onchain networks**") } n.SetServiceURI(suri) From f6c0691c47670f2b64f68f0194f2a70e150b2b0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Leszko?= Date: Thu, 5 Sep 2024 10:18:22 +0200 Subject: [PATCH 4/4] Update common/util.go --- common/util.go | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/common/util.go b/common/util.go index 9532d08006..b4d7396a8b 100644 --- a/common/util.go +++ b/common/util.go @@ -533,9 +533,5 @@ func ParseEthAddr(strJsonKey string) (string, error) { } func ValidateServiceURI(serviceURI *url.URL) bool { - if strings.Contains(serviceURI.Host, "0.0.0.0") { - return false - } else { - return true - } + return !strings.Contains(serviceURI.Host, "0.0.0.0") }