This commit improves how the legacy RPC server responds to authentication
failures so things like web browsers can react better. The following
changes have been made:
First, authentication failures were only printing the 401 error response
in the body instead of setting the http status code. This means the
response had a 200 OK header with a body of 401 Unauthorized. Therefore
the client would think everything was ok, but see the response as
malformed JSON.
Second, the spec for 401 Unauthorized responses state they must include a
WWW-Authenticate header to instruct the client how to authenticate.
Without this, browsers won't prompt the user for credentials.
The previous websocket code required HTTP auth headers to be sent in order
to use the websocket. While this makes sense for most applications, some
use cases such as javascript-based websockets from browsers do no have the
ability to send headers.
This commit modifies the authentication logic to allow an alternative
authentication mechanism when HTTP auth headers can't be sent. In
particular, it introduces a new JSON-RPC command named authenticate which
accepts the username and passphrase for the RPC server. The command is
only required if the connetion has not already been authenticated via HTTP
auth headers and it must be the first command to be received. Sending any
other command will immediately disconnect the websocket.
ok from @owainga and @jrick.
This closes#77.
This fixes two issues: first, the sendrawtransaction handler had an
extra character in the key in the websocket handler map, preventing
the handler from never running. Second, a nil pointer dereference was
removed from the handler.
This change fixes the minedtx notifications for btcwallet, since the
websocket-handler now runs instead of falling back to the legacy RPC
handler.
This commit adds the btcdb memdb backend as a supported database type.
Note that users will NOT want to run in this mode because, being memory
only, it obviously does not persist the database when shutdown.
It is being added for testing purposes to help prevent constant abuse to
developer's hard drive when churning the block database multiple times a
day.
The specific parameters required by a backend is better left up to the
backend itself. For example memdb has no need for a database path, while
ldb does. This commit modifies the OpenDB and CreateDB functions to take
a arbitrary arguments which are passed along to the driver. The driver is
expected to verify the correct type and number of arguments and error
accordingly.
The existing backends have been updated accordingly.
This commit prunes several unused functions from the Db interface and the
underlying implementations. For the most part these are holdovers from
the original sqlite implementation. It also removes the types associated
with those functions since they are no longer needed. The following
functions and types have been removed:
- InvalidateCache
- InvalidateBlockCache
- InvalidateTxCache
- SetDBInsertMode
- InsertMode type and associated constants
- NewIterateBlocks
- BlockIterator interface
The reasons for removing these are broken out below.
- Neither of two current implementations implement these functions nor
does any of the fully functional code using the interface invoke them.
- After contemplating and testing caching of blocks and transactions at
this layer, it doesn't seem to provide any real benefit unless very
specific assumptions about the use case are made. Making those
assumptions can make other use cases worse. For example, assuming a
large cache is harmful to memory-constrained use cases. Leaving it up
to the caller to choose when to cache block and transactions allows much
greater flexibility.
- The DB insert mode was an artifact of the original sqlite implementation
and probably should have only been exposed specifically on the
implementation as opposed through generic interface. If a specific
implementation wishes to provide functionality such as special modes,
that should be done through type assertions.
This commit changes the node index creation to use block headers instead
of full blocks. This speeds up the initial node index generation since it
doesn't require loading a bunch of full blocks at startup.
This commit modifies local variables that are used for more convenient
access to a block's header to use pointers. This avoids copying the
header multiple times.
This commit switches the handleGetHeadersMsg function to make use of the
new FetchBlockHeightBySha and FetchBlockHeaderBySha functions in btcdb.
Also, while here, nuke the header copy which is no longer required due to
the recent btcwire changes.
This commit introduces two new functions to the btcdb.Db interface named
FetchBlockHeightBySha and FetchBlockHeaderBySha.
The FetchBlockHeightBySha function is useful since previously it was only
possible to get the height of block by fetching the entire block with
FetchBlockBySha and pulling the height out of the returned btcutil.Block.
The FetchBlockHeaderBySha function will ultimately make it much more
efficient to fetch block headers. Currently, due to the database design
in the ldb backend, the entire block has to be loaded anyways, so the only
current benefit is to avoid the deserialize on all of the transactions.
However, ultimately btcdb will gain a more efficient backend which can
also avoid reading all of the extra transaction data altogether.
The sqlite3 backend has been deprecated for quite some time. As a result,
it has not been updated with many of the more recent changes which means
the behavior no longer conforms to the interface contract.
This commit introduces two new functions for Blockheader named Serialize
and Deserialize. The functions provide a stable mechanism for serializing
and deserializing block headers to and from disk. The main benefit here
is deserialization of the header since typically only full blocks are
serialized to disk. Then when a header is needed, only the header portion
of the block is read and deserialized.
This commit removes the TxnCount field from the BlockHeader type and
updates the tests accordingly. Note that this change does not affect the
actual wire protocol encoding in any way.
The reason the field has been removed is it really doesn't belong there
even though the wire protocol wiki entry on the official bitcoin wiki
implies it does. The implication is an artifact from the way the
reference implementation serializes headers (MsgHeaders) messages. It
includes the transaction count, which is naturally always 0 for headers,
along with every header. However, in reality, a block header does not
include the transaction count. This can be evidenced by looking at how a
block hash is calculated. It is only up to and including the Nonce field
(a total of 80 bytes).
From an API standpoint, having the field as part of the BlockHeader type
results in several odd cases.
For example, the transaction count for MsgBlocks (the only place that
actually has a real transaction count since MsgHeaders does not) is
available by taking the len of the Transactions slice. As such, having
the extra field in the BlockHeader is really a useless field that could
potentially get out of sync and cause the encode to fail.
Another example is related to deserializing a block header from the
database in order to serve it in response to a getheaders (MsgGetheaders)
request. If a block header is assumed to have the transaction count as a
part of it, then derserializing a block header not only consumes more than
the 80 bytes that actually comprise the header as stated above, but you
then need to change the transaction count to 0 before sending the headers
(MsgHeaders) message. So, not only are you reading and deserializing more
bytes than needed, but worse, you generally have to make a copy of it so
you can change the transaction count without busting cached headers.
This is part 1 of #13.
This commit reduces the initial idle timeout before version negotiation
has happened on a new peer to 30 seconds. Previously it could take 5
minutes due to the general idle timeout.
The websocket.Server used the by websocket.Handler type automatically adds
a handshake function which prevents connections when the Origin header is
not set. Not all clients send this information and we already require
authentication headers as the auth mechanism anyways.
The websocket package assumes binary blobs if []byte is used. Since we're
using JSON-RPC for all the websocket communications, it should be text
based.
This commit changes the websocket Send/Receive and associated channels to
strings accordingly.
This removes the last notification that was being sent unsolicited.
Since it is no longer needed, the code to duplicate notifications to
all clients has been removed.