LCOV - code coverage report
Current view: top level - src - httpserver.cpp (source / functions) Hit Total Coverage
Test: fuzz_coverage.info Lines: 2 443 0.5 %
Date: 2024-01-03 14:57:27 Functions: 2 68 2.9 %
Branches: 0 715 0.0 %

           Branch data     Line data    Source code
       1                 :            : // Copyright (c) 2015-2022 The Bitcoin Core developers
       2                 :            : // Distributed under the MIT software license, see the accompanying
       3                 :            : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
       4                 :            : 
       5                 :            : #if defined(HAVE_CONFIG_H)
       6                 :            : #include <config/bitcoin-config.h>
       7                 :            : #endif
       8                 :            : 
       9                 :            : #include <httpserver.h>
      10                 :            : 
      11                 :            : #include <chainparamsbase.h>
      12                 :            : #include <common/args.h>
      13                 :            : #include <compat/compat.h>
      14                 :            : #include <logging.h>
      15                 :            : #include <netbase.h>
      16                 :            : #include <node/interface_ui.h>
      17                 :            : #include <rpc/protocol.h> // For HTTP status codes
      18                 :            : #include <sync.h>
      19                 :            : #include <util/check.h>
      20                 :            : #include <util/signalinterrupt.h>
      21                 :            : #include <util/strencodings.h>
      22                 :            : #include <util/threadnames.h>
      23                 :            : #include <util/translation.h>
      24                 :            : 
      25                 :            : #include <condition_variable>
      26                 :            : #include <cstdio>
      27                 :            : #include <cstdlib>
      28                 :            : #include <deque>
      29                 :            : #include <memory>
      30                 :            : #include <optional>
      31                 :            : #include <string>
      32                 :            : #include <unordered_map>
      33                 :            : 
      34                 :            : #include <sys/types.h>
      35                 :            : #include <sys/stat.h>
      36                 :            : 
      37                 :            : #include <event2/buffer.h>
      38                 :            : #include <event2/bufferevent.h>
      39                 :            : #include <event2/http.h>
      40                 :            : #include <event2/http_struct.h>
      41                 :            : #include <event2/keyvalq_struct.h>
      42                 :            : #include <event2/thread.h>
      43                 :            : #include <event2/util.h>
      44                 :            : 
      45                 :            : #include <support/events.h>
      46                 :            : 
      47                 :            : /** Maximum size of http request (request line + headers) */
      48                 :            : static const size_t MAX_HEADERS_SIZE = 8192;
      49                 :            : 
      50                 :            : /** HTTP request work item */
      51                 :          0 : class HTTPWorkItem final : public HTTPClosure
      52                 :            : {
      53                 :            : public:
      54                 :          0 :     HTTPWorkItem(std::unique_ptr<HTTPRequest> _req, const std::string &_path, const HTTPRequestHandler& _func):
      55 [ #  # ][ #  # ]:          0 :         req(std::move(_req)), path(_path), func(_func)
      56                 :          0 :     {
      57                 :          0 :     }
      58                 :          0 :     void operator()() override
      59                 :            :     {
      60                 :          0 :         func(req.get(), path);
      61                 :          0 :     }
      62                 :            : 
      63                 :            :     std::unique_ptr<HTTPRequest> req;
      64                 :            : 
      65                 :            : private:
      66                 :            :     std::string path;
      67                 :            :     HTTPRequestHandler func;
      68                 :            : };
      69                 :            : 
      70                 :            : /** Simple work queue for distributing work over multiple threads.
      71                 :            :  * Work items are simply callable objects.
      72                 :            :  */
      73                 :            : template <typename WorkItem>
      74                 :            : class WorkQueue
      75                 :            : {
      76                 :            : private:
      77                 :            :     Mutex cs;
      78                 :            :     std::condition_variable cond GUARDED_BY(cs);
      79                 :            :     std::deque<std::unique_ptr<WorkItem>> queue GUARDED_BY(cs);
      80                 :          0 :     bool running GUARDED_BY(cs){true};
      81                 :            :     const size_t maxDepth;
      82                 :            : 
      83                 :            : public:
      84         [ #  # ]:          0 :     explicit WorkQueue(size_t _maxDepth) : maxDepth(_maxDepth)
      85                 :            :     {
      86                 :          0 :     }
      87                 :            :     /** Precondition: worker threads have all stopped (they have been joined).
      88                 :            :      */
      89                 :          0 :     ~WorkQueue() = default;
      90                 :            :     /** Enqueue a work item */
      91                 :          0 :     bool Enqueue(WorkItem* item) EXCLUSIVE_LOCKS_REQUIRED(!cs)
      92                 :            :     {
      93                 :          0 :         LOCK(cs);
      94 [ #  # ][ #  # ]:          0 :         if (!running || queue.size() >= maxDepth) {
      95                 :          0 :             return false;
      96                 :            :         }
      97         [ #  # ]:          0 :         queue.emplace_back(std::unique_ptr<WorkItem>(item));
      98                 :          0 :         cond.notify_one();
      99                 :          0 :         return true;
     100                 :          0 :     }
     101                 :            :     /** Thread function */
     102                 :          0 :     void Run() EXCLUSIVE_LOCKS_REQUIRED(!cs)
     103                 :            :     {
     104                 :          0 :         while (true) {
     105                 :          0 :             std::unique_ptr<WorkItem> i;
     106                 :            :             {
     107         [ #  # ]:          0 :                 WAIT_LOCK(cs, lock);
     108 [ #  # ][ #  # ]:          0 :                 while (running && queue.empty())
     109         [ #  # ]:          0 :                     cond.wait(lock);
     110 [ #  # ][ #  # ]:          0 :                 if (!running && queue.empty())
     111                 :          0 :                     break;
     112                 :          0 :                 i = std::move(queue.front());
     113                 :          0 :                 queue.pop_front();
     114         [ #  # ]:          0 :             }
     115         [ #  # ]:          0 :             (*i)();
     116      [ #  #  # ]:          0 :         }
     117                 :          0 :     }
     118                 :            :     /** Interrupt and exit loops */
     119                 :          0 :     void Interrupt() EXCLUSIVE_LOCKS_REQUIRED(!cs)
     120                 :            :     {
     121                 :          0 :         LOCK(cs);
     122                 :          0 :         running = false;
     123                 :          0 :         cond.notify_all();
     124                 :          0 :     }
     125                 :            : };
     126                 :            : 
     127                 :          0 : struct HTTPPathHandler
     128                 :            : {
     129                 :          0 :     HTTPPathHandler(std::string _prefix, bool _exactMatch, HTTPRequestHandler _handler):
     130         [ #  # ]:          0 :         prefix(_prefix), exactMatch(_exactMatch), handler(_handler)
     131                 :            :     {
     132                 :          0 :     }
     133                 :            :     std::string prefix;
     134                 :            :     bool exactMatch;
     135                 :            :     HTTPRequestHandler handler;
     136                 :            : };
     137                 :            : 
     138                 :            : /** HTTP module state */
     139                 :            : 
     140                 :            : //! libevent event loop
     141                 :            : static struct event_base* eventBase = nullptr;
     142                 :            : //! HTTP server
     143                 :            : static struct evhttp* eventHTTP = nullptr;
     144                 :            : //! List of subnets to allow RPC connections from
     145                 :            : static std::vector<CSubNet> rpc_allow_subnets;
     146                 :            : //! Work queue for handling longer requests off the event loop thread
     147                 :            : static std::unique_ptr<WorkQueue<HTTPClosure>> g_work_queue{nullptr};
     148                 :            : //! Handlers for (sub)paths
     149                 :            : static GlobalMutex g_httppathhandlers_mutex;
     150                 :            : static std::vector<HTTPPathHandler> pathHandlers GUARDED_BY(g_httppathhandlers_mutex);
     151                 :            : //! Bound listening sockets
     152                 :            : static std::vector<evhttp_bound_socket *> boundSockets;
     153                 :            : 
     154                 :            : /**
     155                 :            :  * @brief Helps keep track of open `evhttp_connection`s with active `evhttp_requests`
     156                 :            :  *
     157                 :            :  */
     158                 :          0 : class HTTPRequestTracker
     159                 :            : {
     160                 :            : private:
     161                 :            :     mutable Mutex m_mutex;
     162                 :            :     mutable std::condition_variable m_cv;
     163                 :            :     //! For each connection, keep a counter of how many requests are open
     164                 :            :     std::unordered_map<const evhttp_connection*, size_t> m_tracker GUARDED_BY(m_mutex);
     165                 :            : 
     166                 :          0 :     void RemoveConnectionInternal(const decltype(m_tracker)::iterator it) EXCLUSIVE_LOCKS_REQUIRED(m_mutex)
     167                 :            :     {
     168                 :          0 :         m_tracker.erase(it);
     169         [ #  # ]:          0 :         if (m_tracker.empty()) m_cv.notify_all();
     170                 :          0 :     }
     171                 :            : public:
     172                 :            :     //! Increase request counter for the associated connection by 1
     173                 :          0 :     void AddRequest(evhttp_request* req) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
     174                 :            :     {
     175                 :          0 :         const evhttp_connection* conn{Assert(evhttp_request_get_connection(Assert(req)))};
     176         [ #  # ]:          0 :         WITH_LOCK(m_mutex, ++m_tracker[conn]);
     177                 :          0 :     }
     178                 :            :     //! Decrease request counter for the associated connection by 1, remove connection if counter is 0
     179                 :          0 :     void RemoveRequest(evhttp_request* req) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
     180                 :            :     {
     181                 :          0 :         const evhttp_connection* conn{Assert(evhttp_request_get_connection(Assert(req)))};
     182                 :          0 :         LOCK(m_mutex);
     183         [ #  # ]:          0 :         auto it{m_tracker.find(conn)};
     184 [ #  # ][ #  # ]:          0 :         if (it != m_tracker.end() && it->second > 0) {
     185 [ #  # ][ #  # ]:          0 :             if (--(it->second) == 0) RemoveConnectionInternal(it);
     186                 :          0 :         }
     187                 :          0 :     }
     188                 :            :     //! Remove a connection entirely
     189                 :          0 :     void RemoveConnection(const evhttp_connection* conn) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
     190                 :            :     {
     191                 :          0 :         LOCK(m_mutex);
     192 [ #  # ][ #  # ]:          0 :         auto it{m_tracker.find(Assert(conn))};
     193 [ #  # ][ #  # ]:          0 :         if (it != m_tracker.end()) RemoveConnectionInternal(it);
     194                 :          0 :     }
     195                 :          0 :     size_t CountActiveConnections() const EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
     196                 :            :     {
     197                 :          0 :         return WITH_LOCK(m_mutex, return m_tracker.size());
     198                 :            :     }
     199                 :            :     //! Wait until there are no more connections with active requests in the tracker
     200                 :          0 :     void WaitUntilEmpty() const EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
     201                 :            :     {
     202                 :          0 :         WAIT_LOCK(m_mutex, lock);
     203         [ #  # ]:          0 :         m_cv.wait(lock, [this]() EXCLUSIVE_LOCKS_REQUIRED(m_mutex) { return m_tracker.empty(); });
     204                 :          0 :     }
     205                 :            : };
     206                 :            : //! Track active requests
     207                 :          2 : static HTTPRequestTracker g_requests;
     208                 :            : 
     209                 :            : /** Check if a network address is allowed to access the HTTP server */
     210                 :          0 : static bool ClientAllowed(const CNetAddr& netaddr)
     211                 :            : {
     212         [ #  # ]:          0 :     if (!netaddr.IsValid())
     213                 :          0 :         return false;
     214         [ #  # ]:          0 :     for(const CSubNet& subnet : rpc_allow_subnets)
     215         [ #  # ]:          0 :         if (subnet.Match(netaddr))
     216                 :          0 :             return true;
     217                 :          0 :     return false;
     218                 :          0 : }
     219                 :            : 
     220                 :            : /** Initialize ACL list for HTTP server */
     221                 :          0 : static bool InitHTTPAllowList()
     222                 :            : {
     223                 :          0 :     rpc_allow_subnets.clear();
     224 [ #  # ][ #  # ]:          0 :     rpc_allow_subnets.emplace_back(LookupHost("127.0.0.1", false).value(), 8);  // always allow IPv4 local subnet
         [ #  # ][ #  # ]
                 [ #  # ]
     225 [ #  # ][ #  # ]:          0 :     rpc_allow_subnets.emplace_back(LookupHost("::1", false).value());  // always allow IPv6 localhost
         [ #  # ][ #  # ]
                 [ #  # ]
     226 [ #  # ][ #  # ]:          0 :     for (const std::string& strAllow : gArgs.GetArgs("-rpcallowip")) {
                 [ #  # ]
              [ #  #  # ]
     227         [ #  # ]:          0 :         const CSubNet subnet{LookupSubNet(strAllow)};
     228 [ #  # ][ #  # ]:          0 :         if (!subnet.IsValid()) {
     229         [ #  # ]:          0 :             uiInterface.ThreadSafeMessageBox(
     230 [ #  # ][ #  # ]:          0 :                 strprintf(Untranslated("Invalid -rpcallowip subnet specification: %s. Valid are a single IP (e.g. 1.2.3.4), a network/netmask (e.g. 1.2.3.4/255.255.255.0) or a network/CIDR (e.g. 1.2.3.4/24)."), strAllow),
                 [ #  # ]
     231         [ #  # ]:          0 :                 "", CClientUIInterface::MSG_ERROR);
     232                 :          0 :             return false;
     233                 :            :         }
     234         [ #  # ]:          0 :         rpc_allow_subnets.push_back(subnet);
     235         [ #  # ]:          0 :     }
     236                 :          0 :     std::string strAllowed;
     237         [ #  # ]:          0 :     for (const CSubNet& subnet : rpc_allow_subnets)
     238 [ #  # ][ #  # ]:          0 :         strAllowed += subnet.ToString() + " ";
                 [ #  # ]
     239 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Allowing HTTP connections from: %s\n", strAllowed);
         [ #  # ][ #  # ]
                 [ #  # ]
     240                 :          0 :     return true;
     241                 :          0 : }
     242                 :            : 
     243                 :            : /** HTTP request method as string - use for logging only */
     244                 :          0 : std::string RequestMethodString(HTTPRequest::RequestMethod m)
     245                 :            : {
     246   [ #  #  #  #  :          0 :     switch (m) {
                   #  # ]
     247                 :            :     case HTTPRequest::GET:
     248         [ #  # ]:          0 :         return "GET";
     249                 :            :     case HTTPRequest::POST:
     250         [ #  # ]:          0 :         return "POST";
     251                 :            :     case HTTPRequest::HEAD:
     252         [ #  # ]:          0 :         return "HEAD";
     253                 :            :     case HTTPRequest::PUT:
     254         [ #  # ]:          0 :         return "PUT";
     255                 :            :     case HTTPRequest::UNKNOWN:
     256         [ #  # ]:          0 :         return "unknown";
     257                 :            :     } // no default case, so the compiler can warn about missing cases
     258                 :          0 :     assert(false);
     259                 :          0 : }
     260                 :            : 
     261                 :            : /** HTTP request callback */
     262                 :          0 : static void http_request_cb(struct evhttp_request* req, void* arg)
     263                 :            : {
     264                 :          0 :     evhttp_connection* conn{evhttp_request_get_connection(req)};
     265                 :            :     // Track active requests
     266                 :            :     {
     267                 :          0 :         g_requests.AddRequest(req);
     268                 :          0 :         evhttp_request_set_on_complete_cb(req, [](struct evhttp_request* req, void*) {
     269                 :          0 :             g_requests.RemoveRequest(req);
     270                 :          0 :         }, nullptr);
     271                 :          0 :         evhttp_connection_set_closecb(conn, [](evhttp_connection* conn, void* arg) {
     272                 :          0 :             g_requests.RemoveConnection(conn);
     273                 :          0 :         }, nullptr);
     274                 :            :     }
     275                 :            : 
     276                 :            :     // Disable reading to work around a libevent bug, fixed in 2.1.9
     277                 :            :     // See https://github.com/libevent/libevent/commit/5ff8eb26371c4dc56f384b2de35bea2d87814779
     278                 :            :     // and https://github.com/bitcoin/bitcoin/pull/11593.
     279 [ #  # ][ #  # ]:          0 :     if (event_get_version_number() >= 0x02010600 && event_get_version_number() < 0x02010900) {
     280         [ #  # ]:          0 :         if (conn) {
     281                 :          0 :             bufferevent* bev = evhttp_connection_get_bufferevent(conn);
     282         [ #  # ]:          0 :             if (bev) {
     283                 :          0 :                 bufferevent_disable(bev, EV_READ);
     284                 :          0 :             }
     285                 :          0 :         }
     286                 :          0 :     }
     287                 :          0 :     auto hreq{std::make_unique<HTTPRequest>(req, *static_cast<const util::SignalInterrupt*>(arg))};
     288                 :            : 
     289                 :            :     // Early address-based allow check
     290 [ #  # ][ #  # ]:          0 :     if (!ClientAllowed(hreq->GetPeer())) {
                 [ #  # ]
     291 [ #  # ][ #  # ]:          0 :         LogPrint(BCLog::HTTP, "HTTP request from %s rejected: Client network is not allowed RPC access\n",
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
                 [ #  # ]
     292                 :            :                  hreq->GetPeer().ToStringAddrPort());
     293 [ #  # ][ #  # ]:          0 :         hreq->WriteReply(HTTP_FORBIDDEN);
     294                 :          0 :         return;
     295                 :            :     }
     296                 :            : 
     297                 :            :     // Early reject unknown HTTP methods
     298 [ #  # ][ #  # ]:          0 :     if (hreq->GetRequestMethod() == HTTPRequest::UNKNOWN) {
     299 [ #  # ][ #  # ]:          0 :         LogPrint(BCLog::HTTP, "HTTP request from %s rejected: Unknown HTTP request method\n",
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
                 [ #  # ]
     300                 :            :                  hreq->GetPeer().ToStringAddrPort());
     301 [ #  # ][ #  # ]:          0 :         hreq->WriteReply(HTTP_BAD_METHOD);
     302                 :          0 :         return;
     303                 :            :     }
     304                 :            : 
     305 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n",
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
     306                 :            :              RequestMethodString(hreq->GetRequestMethod()), SanitizeString(hreq->GetURI(), SAFE_CHARS_URI).substr(0, 100), hreq->GetPeer().ToStringAddrPort());
     307                 :            : 
     308                 :            :     // Find registered handler for prefix
     309         [ #  # ]:          0 :     std::string strURI = hreq->GetURI();
     310                 :          0 :     std::string path;
     311 [ #  # ][ #  # ]:          0 :     LOCK(g_httppathhandlers_mutex);
     312                 :          0 :     std::vector<HTTPPathHandler>::const_iterator i = pathHandlers.begin();
     313                 :          0 :     std::vector<HTTPPathHandler>::const_iterator iend = pathHandlers.end();
     314         [ #  # ]:          0 :     for (; i != iend; ++i) {
     315                 :          0 :         bool match = false;
     316         [ #  # ]:          0 :         if (i->exactMatch)
     317                 :          0 :             match = (strURI == i->prefix);
     318                 :            :         else
     319         [ #  # ]:          0 :             match = (strURI.substr(0, i->prefix.size()) == i->prefix);
     320         [ #  # ]:          0 :         if (match) {
     321         [ #  # ]:          0 :             path = strURI.substr(i->prefix.size());
     322                 :          0 :             break;
     323                 :            :         }
     324                 :          0 :     }
     325                 :            : 
     326                 :            :     // Dispatch to worker thread
     327         [ #  # ]:          0 :     if (i != iend) {
     328 [ #  # ][ #  # ]:          0 :         std::unique_ptr<HTTPWorkItem> item(new HTTPWorkItem(std::move(hreq), path, i->handler));
                 [ #  # ]
     329         [ #  # ]:          0 :         assert(g_work_queue);
     330 [ #  # ][ #  # ]:          0 :         if (g_work_queue->Enqueue(item.get())) {
     331                 :          0 :             item.release(); /* if true, queue took ownership */
     332                 :          0 :         } else {
     333 [ #  # ][ #  # ]:          0 :             LogPrintf("WARNING: request rejected because http work queue depth exceeded, it can be increased with the -rpcworkqueue= setting\n");
                 [ #  # ]
     334 [ #  # ][ #  # ]:          0 :             item->req->WriteReply(HTTP_SERVICE_UNAVAILABLE, "Work queue depth exceeded");
     335                 :            :         }
     336                 :          0 :     } else {
     337 [ #  # ][ #  # ]:          0 :         hreq->WriteReply(HTTP_NOT_FOUND);
     338                 :            :     }
     339         [ #  # ]:          0 : }
     340                 :            : 
     341                 :            : /** Callback to reject HTTP requests after shutdown. */
     342                 :          0 : static void http_reject_request_cb(struct evhttp_request* req, void*)
     343                 :            : {
     344 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Rejecting request while shutting down\n");
         [ #  # ][ #  # ]
     345                 :          0 :     evhttp_send_error(req, HTTP_SERVUNAVAIL, nullptr);
     346                 :          0 : }
     347                 :            : 
     348                 :            : /** Event dispatcher thread */
     349                 :          0 : static void ThreadHTTP(struct event_base* base)
     350                 :            : {
     351 [ #  # ][ #  # ]:          0 :     util::ThreadRename("http");
     352 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Entering http event loop\n");
         [ #  # ][ #  # ]
     353                 :          0 :     event_base_dispatch(base);
     354                 :            :     // Event loop will be interrupted by InterruptHTTPServer()
     355 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Exited http event loop\n");
         [ #  # ][ #  # ]
     356                 :          0 : }
     357                 :            : 
     358                 :            : /** Bind HTTP server to specified addresses */
     359                 :          0 : static bool HTTPBindAddresses(struct evhttp* http)
     360                 :            : {
     361 [ #  # ][ #  # ]:          0 :     uint16_t http_port{static_cast<uint16_t>(gArgs.GetIntArg("-rpcport", BaseParams().RPCPort()))};
         [ #  # ][ #  # ]
     362                 :          0 :     std::vector<std::pair<std::string, uint16_t>> endpoints;
     363                 :            : 
     364                 :            :     // Determine what addresses to bind to
     365 [ #  # ][ #  # ]:          0 :     if (!(gArgs.IsArgSet("-rpcallowip") && gArgs.IsArgSet("-rpcbind"))) { // Default to loopback if not allowing external IPs
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
     366         [ #  # ]:          0 :         endpoints.emplace_back("::1", http_port);
     367         [ #  # ]:          0 :         endpoints.emplace_back("127.0.0.1", http_port);
     368 [ #  # ][ #  # ]:          0 :         if (gArgs.IsArgSet("-rpcallowip")) {
                 [ #  # ]
     369 [ #  # ][ #  # ]:          0 :             LogPrintf("WARNING: option -rpcallowip was specified without -rpcbind; this doesn't usually make sense\n");
                 [ #  # ]
     370                 :          0 :         }
     371 [ #  # ][ #  # ]:          0 :         if (gArgs.IsArgSet("-rpcbind")) {
                 [ #  # ]
     372 [ #  # ][ #  # ]:          0 :             LogPrintf("WARNING: option -rpcbind was ignored because -rpcallowip was not specified, refusing to allow everyone to connect\n");
                 [ #  # ]
     373                 :          0 :         }
     374 [ #  # ][ #  # ]:          0 :     } else if (gArgs.IsArgSet("-rpcbind")) { // Specific bind address
                 [ #  # ]
     375 [ #  # ][ #  # ]:          0 :         for (const std::string& strRPCBind : gArgs.GetArgs("-rpcbind")) {
                 [ #  # ]
     376                 :          0 :             uint16_t port{http_port};
     377                 :          0 :             std::string host;
     378         [ #  # ]:          0 :             SplitHostPort(strRPCBind, port, host);
     379         [ #  # ]:          0 :             endpoints.emplace_back(host, port);
     380                 :          0 :         }
     381                 :          0 :     }
     382                 :            : 
     383                 :            :     // Bind addresses
     384         [ #  # ]:          0 :     for (std::vector<std::pair<std::string, uint16_t> >::iterator i = endpoints.begin(); i != endpoints.end(); ++i) {
     385 [ #  # ][ #  # ]:          0 :         LogPrintf("Binding RPC on address %s port %i\n", i->first, i->second);
                 [ #  # ]
     386 [ #  # ][ #  # ]:          0 :         evhttp_bound_socket *bind_handle = evhttp_bind_socket_with_handle(http, i->first.empty() ? nullptr : i->first.c_str(), i->second);
     387         [ #  # ]:          0 :         if (bind_handle) {
     388 [ #  # ][ #  # ]:          0 :             const std::optional<CNetAddr> addr{LookupHost(i->first, false)};
     389 [ #  # ][ #  # ]:          0 :             if (i->first.empty() || (addr.has_value() && addr->IsBindAny())) {
         [ #  # ][ #  # ]
     390 [ #  # ][ #  # ]:          0 :                 LogPrintf("WARNING: the RPC server is not safe to expose to untrusted networks such as the public internet\n");
                 [ #  # ]
     391                 :          0 :             }
     392         [ #  # ]:          0 :             boundSockets.push_back(bind_handle);
     393                 :          0 :         } else {
     394 [ #  # ][ #  # ]:          0 :             LogPrintf("Binding RPC on address %s port %i failed.\n", i->first, i->second);
                 [ #  # ]
     395                 :            :         }
     396                 :          0 :     }
     397                 :          0 :     return !boundSockets.empty();
     398                 :          0 : }
     399                 :            : 
     400                 :            : /** Simple wrapper to set thread name and run work queue */
     401                 :          0 : static void HTTPWorkQueueRun(WorkQueue<HTTPClosure>* queue, int worker_num)
     402                 :            : {
     403         [ #  # ]:          0 :     util::ThreadRename(strprintf("httpworker.%i", worker_num));
     404                 :          0 :     queue->Run();
     405                 :          0 : }
     406                 :            : 
     407                 :            : /** libevent event log callback */
     408                 :          0 : static void libevent_log_cb(int severity, const char *msg)
     409                 :            : {
     410                 :            :     BCLog::Level level;
     411   [ #  #  #  # ]:          0 :     switch (severity) {
     412                 :            :     case EVENT_LOG_DEBUG:
     413                 :          0 :         level = BCLog::Level::Debug;
     414                 :          0 :         break;
     415                 :            :     case EVENT_LOG_MSG:
     416                 :          0 :         level = BCLog::Level::Info;
     417                 :          0 :         break;
     418                 :            :     case EVENT_LOG_WARN:
     419                 :          0 :         level = BCLog::Level::Warning;
     420                 :          0 :         break;
     421                 :            :     default: // EVENT_LOG_ERR and others are mapped to error
     422                 :          0 :         level = BCLog::Level::Error;
     423                 :          0 :         break;
     424                 :            :     }
     425 [ #  # ][ #  # ]:          0 :     LogPrintLevel(BCLog::LIBEVENT, level, "%s\n", msg);
         [ #  # ][ #  # ]
     426                 :          0 : }
     427                 :            : 
     428                 :          0 : bool InitHTTPServer(const util::SignalInterrupt& interrupt)
     429                 :            : {
     430         [ #  # ]:          0 :     if (!InitHTTPAllowList())
     431                 :          0 :         return false;
     432                 :            : 
     433                 :            :     // Redirect libevent's logging to our own log
     434                 :          0 :     event_set_log_callback(&libevent_log_cb);
     435                 :            :     // Update libevent's log handling.
     436                 :          0 :     UpdateHTTPServerLogging(LogInstance().WillLogCategory(BCLog::LIBEVENT));
     437                 :            : 
     438                 :            : #ifdef WIN32
     439                 :            :     evthread_use_windows_threads();
     440                 :            : #else
     441                 :          0 :     evthread_use_pthreads();
     442                 :            : #endif
     443                 :            : 
     444                 :          0 :     raii_event_base base_ctr = obtain_event_base();
     445                 :            : 
     446                 :            :     /* Create a new evhttp object to handle requests. */
     447         [ #  # ]:          0 :     raii_evhttp http_ctr = obtain_evhttp(base_ctr.get());
     448                 :          0 :     struct evhttp* http = http_ctr.get();
     449         [ #  # ]:          0 :     if (!http) {
     450 [ #  # ][ #  # ]:          0 :         LogPrintf("couldn't create evhttp. Exiting.\n");
                 [ #  # ]
     451                 :          0 :         return false;
     452                 :            :     }
     453                 :            : 
     454 [ #  # ][ #  # ]:          0 :     evhttp_set_timeout(http, gArgs.GetIntArg("-rpcservertimeout", DEFAULT_HTTP_SERVER_TIMEOUT));
                 [ #  # ]
     455         [ #  # ]:          0 :     evhttp_set_max_headers_size(http, MAX_HEADERS_SIZE);
     456         [ #  # ]:          0 :     evhttp_set_max_body_size(http, MAX_SIZE);
     457         [ #  # ]:          0 :     evhttp_set_gencb(http, http_request_cb, (void*)&interrupt);
     458                 :            : 
     459 [ #  # ][ #  # ]:          0 :     if (!HTTPBindAddresses(http)) {
     460 [ #  # ][ #  # ]:          0 :         LogPrintf("Unable to bind any endpoint for RPC server\n");
                 [ #  # ]
     461                 :          0 :         return false;
     462                 :            :     }
     463                 :            : 
     464 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Initialized HTTP server\n");
         [ #  # ][ #  # ]
                 [ #  # ]
     465 [ #  # ][ #  # ]:          0 :     int workQueueDepth = std::max((long)gArgs.GetIntArg("-rpcworkqueue", DEFAULT_HTTP_WORKQUEUE), 1L);
                 [ #  # ]
     466 [ #  # ][ #  # ]:          0 :     LogPrintfCategory(BCLog::HTTP, "creating work queue of depth %d\n", workQueueDepth);
                 [ #  # ]
     467                 :            : 
     468         [ #  # ]:          0 :     g_work_queue = std::make_unique<WorkQueue<HTTPClosure>>(workQueueDepth);
     469                 :            :     // transfer ownership to eventBase/HTTP via .release()
     470                 :          0 :     eventBase = base_ctr.release();
     471                 :          0 :     eventHTTP = http_ctr.release();
     472                 :          0 :     return true;
     473                 :          0 : }
     474                 :            : 
     475                 :          0 : void UpdateHTTPServerLogging(bool enable) {
     476         [ #  # ]:          0 :     if (enable) {
     477                 :          0 :         event_enable_debug_logging(EVENT_DBG_ALL);
     478                 :          0 :     } else {
     479                 :          0 :         event_enable_debug_logging(EVENT_DBG_NONE);
     480                 :            :     }
     481                 :          0 : }
     482                 :            : 
     483                 :          2 : static std::thread g_thread_http;
     484                 :            : static std::vector<std::thread> g_thread_http_workers;
     485                 :            : 
     486                 :          0 : void StartHTTPServer()
     487                 :            : {
     488 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Starting HTTP server\n");
         [ #  # ][ #  # ]
     489 [ #  # ][ #  # ]:          0 :     int rpcThreads = std::max((long)gArgs.GetIntArg("-rpcthreads", DEFAULT_HTTP_THREADS), 1L);
                 [ #  # ]
     490 [ #  # ][ #  # ]:          0 :     LogPrintfCategory(BCLog::HTTP, "starting %d worker threads\n", rpcThreads);
                 [ #  # ]
     491                 :          0 :     g_thread_http = std::thread(ThreadHTTP, eventBase);
     492                 :            : 
     493         [ #  # ]:          0 :     for (int i = 0; i < rpcThreads; i++) {
     494                 :          0 :         g_thread_http_workers.emplace_back(HTTPWorkQueueRun, g_work_queue.get(), i);
     495                 :          0 :     }
     496                 :          0 : }
     497                 :            : 
     498                 :          0 : void InterruptHTTPServer()
     499                 :            : {
     500 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Interrupting HTTP server\n");
         [ #  # ][ #  # ]
     501         [ #  # ]:          0 :     if (eventHTTP) {
     502                 :            :         // Reject requests on current connections
     503                 :          0 :         evhttp_set_gencb(eventHTTP, http_reject_request_cb, nullptr);
     504                 :          0 :     }
     505         [ #  # ]:          0 :     if (g_work_queue) {
     506                 :          0 :         g_work_queue->Interrupt();
     507                 :          0 :     }
     508                 :          0 : }
     509                 :            : 
     510                 :          0 : void StopHTTPServer()
     511                 :            : {
     512 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Stopping HTTP server\n");
         [ #  # ][ #  # ]
     513         [ #  # ]:          0 :     if (g_work_queue) {
     514 [ #  # ][ #  # ]:          0 :         LogPrint(BCLog::HTTP, "Waiting for HTTP worker threads to exit\n");
         [ #  # ][ #  # ]
     515         [ #  # ]:          0 :         for (auto& thread : g_thread_http_workers) {
     516                 :          0 :             thread.join();
     517                 :            :         }
     518                 :          0 :         g_thread_http_workers.clear();
     519                 :          0 :     }
     520                 :            :     // Unlisten sockets, these are what make the event loop running, which means
     521                 :            :     // that after this and all connections are closed the event loop will quit.
     522         [ #  # ]:          0 :     for (evhttp_bound_socket *socket : boundSockets) {
     523                 :          0 :         evhttp_del_accept_socket(eventHTTP, socket);
     524                 :            :     }
     525                 :          0 :     boundSockets.clear();
     526                 :            :     {
     527         [ #  # ]:          0 :         if (const auto n_connections{g_requests.CountActiveConnections()}; n_connections != 0) {
     528 [ #  # ][ #  # ]:          0 :             LogPrint(BCLog::HTTP, "Waiting for %d connections to stop HTTP server\n", n_connections);
         [ #  # ][ #  # ]
     529                 :          0 :         }
     530                 :          0 :         g_requests.WaitUntilEmpty();
     531                 :            :     }
     532         [ #  # ]:          0 :     if (eventHTTP) {
     533                 :            :         // Schedule a callback to call evhttp_free in the event base thread, so
     534                 :            :         // that evhttp_free does not need to be called again after the handling
     535                 :            :         // of unfinished request connections that follows.
     536                 :          0 :         event_base_once(eventBase, -1, EV_TIMEOUT, [](evutil_socket_t, short, void*) {
     537                 :          0 :             evhttp_free(eventHTTP);
     538                 :          0 :             eventHTTP = nullptr;
     539                 :          0 :         }, nullptr, nullptr);
     540                 :          0 :     }
     541         [ #  # ]:          0 :     if (eventBase) {
     542 [ #  # ][ #  # ]:          0 :         LogPrint(BCLog::HTTP, "Waiting for HTTP event thread to exit\n");
         [ #  # ][ #  # ]
     543         [ #  # ]:          0 :         if (g_thread_http.joinable()) g_thread_http.join();
     544                 :          0 :         event_base_free(eventBase);
     545                 :          0 :         eventBase = nullptr;
     546                 :          0 :     }
     547                 :          0 :     g_work_queue.reset();
     548 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Stopped HTTP server\n");
         [ #  # ][ #  # ]
     549                 :          0 : }
     550                 :            : 
     551                 :          0 : struct event_base* EventBase()
     552                 :            : {
     553                 :          0 :     return eventBase;
     554                 :            : }
     555                 :            : 
     556                 :          0 : static void httpevent_callback_fn(evutil_socket_t, short, void* data)
     557                 :            : {
     558                 :            :     // Static handler: simply call inner handler
     559                 :          0 :     HTTPEvent *self = static_cast<HTTPEvent*>(data);
     560                 :          0 :     self->handler();
     561         [ #  # ]:          0 :     if (self->deleteWhenTriggered)
     562         [ #  # ]:          0 :         delete self;
     563                 :          0 : }
     564                 :            : 
     565                 :          0 : HTTPEvent::HTTPEvent(struct event_base* base, bool _deleteWhenTriggered, const std::function<void()>& _handler):
     566                 :          0 :     deleteWhenTriggered(_deleteWhenTriggered), handler(_handler)
     567                 :            : {
     568         [ #  # ]:          0 :     ev = event_new(base, -1, 0, httpevent_callback_fn, this);
     569         [ #  # ]:          0 :     assert(ev);
     570                 :          0 : }
     571                 :          0 : HTTPEvent::~HTTPEvent()
     572                 :            : {
     573         [ #  # ]:          0 :     event_free(ev);
     574                 :          0 : }
     575                 :          0 : void HTTPEvent::trigger(struct timeval* tv)
     576                 :            : {
     577         [ #  # ]:          0 :     if (tv == nullptr)
     578                 :          0 :         event_active(ev, 0, 0); // immediately trigger event in main thread
     579                 :            :     else
     580                 :          0 :         evtimer_add(ev, tv); // trigger after timeval passed
     581                 :          0 : }
     582                 :          0 : HTTPRequest::HTTPRequest(struct evhttp_request* _req, const util::SignalInterrupt& interrupt, bool _replySent)
     583                 :          0 :     : req(_req), m_interrupt(interrupt), replySent(_replySent)
     584                 :            : {
     585                 :          0 : }
     586                 :            : 
     587                 :          0 : HTTPRequest::~HTTPRequest()
     588                 :            : {
     589         [ #  # ]:          0 :     if (!replySent) {
     590                 :            :         // Keep track of whether reply was sent to avoid request leaks
     591 [ #  # ][ #  # ]:          0 :         LogPrintf("%s: Unhandled request\n", __func__);
                 [ #  # ]
     592 [ #  # ][ #  # ]:          0 :         WriteReply(HTTP_INTERNAL_SERVER_ERROR, "Unhandled request");
     593                 :          0 :     }
     594                 :            :     // evhttpd cleans up the request, as long as a reply was sent.
     595                 :          0 : }
     596                 :            : 
     597                 :          0 : std::pair<bool, std::string> HTTPRequest::GetHeader(const std::string& hdr) const
     598                 :            : {
     599                 :          0 :     const struct evkeyvalq* headers = evhttp_request_get_input_headers(req);
     600         [ #  # ]:          0 :     assert(headers);
     601                 :          0 :     const char* val = evhttp_find_header(headers, hdr.c_str());
     602         [ #  # ]:          0 :     if (val)
     603                 :          0 :         return std::make_pair(true, val);
     604                 :            :     else
     605                 :          0 :         return std::make_pair(false, "");
     606                 :          0 : }
     607                 :            : 
     608                 :          0 : std::string HTTPRequest::ReadBody()
     609                 :            : {
     610                 :          0 :     struct evbuffer* buf = evhttp_request_get_input_buffer(req);
     611         [ #  # ]:          0 :     if (!buf)
     612         [ #  # ]:          0 :         return "";
     613                 :          0 :     size_t size = evbuffer_get_length(buf);
     614                 :            :     /** Trivial implementation: if this is ever a performance bottleneck,
     615                 :            :      * internal copying can be avoided in multi-segment buffers by using
     616                 :            :      * evbuffer_peek and an awkward loop. Though in that case, it'd be even
     617                 :            :      * better to not copy into an intermediate string but use a stream
     618                 :            :      * abstraction to consume the evbuffer on the fly in the parsing algorithm.
     619                 :            :      */
     620                 :          0 :     const char* data = (const char*)evbuffer_pullup(buf, size);
     621         [ #  # ]:          0 :     if (!data) // returns nullptr in case of empty buffer
     622         [ #  # ]:          0 :         return "";
     623         [ #  # ]:          0 :     std::string rv(data, size);
     624         [ #  # ]:          0 :     evbuffer_drain(buf, size);
     625                 :          0 :     return rv;
     626         [ #  # ]:          0 : }
     627                 :            : 
     628                 :          0 : void HTTPRequest::WriteHeader(const std::string& hdr, const std::string& value)
     629                 :            : {
     630                 :          0 :     struct evkeyvalq* headers = evhttp_request_get_output_headers(req);
     631         [ #  # ]:          0 :     assert(headers);
     632                 :          0 :     evhttp_add_header(headers, hdr.c_str(), value.c_str());
     633                 :          0 : }
     634                 :            : 
     635                 :            : /** Closure sent to main thread to request a reply to be sent to
     636                 :            :  * a HTTP request.
     637                 :            :  * Replies must be sent in the main loop in the main http thread,
     638                 :            :  * this cannot be done from worker threads.
     639                 :            :  */
     640                 :          0 : void HTTPRequest::WriteReply(int nStatus, const std::string& strReply)
     641                 :            : {
     642 [ #  # ][ #  # ]:          0 :     assert(!replySent && req);
     643         [ #  # ]:          0 :     if (m_interrupt) {
     644 [ #  # ][ #  # ]:          0 :         WriteHeader("Connection", "close");
                 [ #  # ]
     645                 :          0 :     }
     646                 :            :     // Send event to main http thread to send reply message
     647                 :          0 :     struct evbuffer* evb = evhttp_request_get_output_buffer(req);
     648         [ #  # ]:          0 :     assert(evb);
     649                 :          0 :     evbuffer_add(evb, strReply.data(), strReply.size());
     650                 :          0 :     auto req_copy = req;
     651 [ #  # ][ #  # ]:          0 :     HTTPEvent* ev = new HTTPEvent(eventBase, true, [req_copy, nStatus]{
     652                 :          0 :         evhttp_send_reply(req_copy, nStatus, nullptr, nullptr);
     653                 :            :         // Re-enable reading from the socket. This is the second part of the libevent
     654                 :            :         // workaround above.
     655 [ #  # ][ #  # ]:          0 :         if (event_get_version_number() >= 0x02010600 && event_get_version_number() < 0x02010900) {
     656                 :          0 :             evhttp_connection* conn = evhttp_request_get_connection(req_copy);
     657         [ #  # ]:          0 :             if (conn) {
     658                 :          0 :                 bufferevent* bev = evhttp_connection_get_bufferevent(conn);
     659         [ #  # ]:          0 :                 if (bev) {
     660                 :          0 :                     bufferevent_enable(bev, EV_READ | EV_WRITE);
     661                 :          0 :                 }
     662                 :          0 :             }
     663                 :          0 :         }
     664                 :          0 :     });
     665                 :          0 :     ev->trigger(nullptr);
     666                 :          0 :     replySent = true;
     667                 :          0 :     req = nullptr; // transferred back to main thread
     668                 :          0 : }
     669                 :            : 
     670                 :          0 : CService HTTPRequest::GetPeer() const
     671                 :            : {
     672                 :          0 :     evhttp_connection* con = evhttp_request_get_connection(req);
     673                 :          0 :     CService peer;
     674         [ #  # ]:          0 :     if (con) {
     675                 :            :         // evhttp retains ownership over returned address string
     676                 :          0 :         const char* address = "";
     677                 :          0 :         uint16_t port = 0;
     678                 :            : 
     679                 :            : #ifdef HAVE_EVHTTP_CONNECTION_GET_PEER_CONST_CHAR
     680                 :            :         evhttp_connection_get_peer(con, &address, &port);
     681                 :            : #else
     682         [ #  # ]:          0 :         evhttp_connection_get_peer(con, (char**)&address, &port);
     683                 :            : #endif // HAVE_EVHTTP_CONNECTION_GET_PEER_CONST_CHAR
     684                 :            : 
     685 [ #  # ][ #  # ]:          0 :         peer = MaybeFlipIPv6toCJDNS(LookupNumeric(address, port));
         [ #  # ][ #  # ]
     686                 :          0 :     }
     687                 :          0 :     return peer;
     688         [ #  # ]:          0 : }
     689                 :            : 
     690                 :          0 : std::string HTTPRequest::GetURI() const
     691                 :            : {
     692         [ #  # ]:          0 :     return evhttp_request_get_uri(req);
     693                 :          0 : }
     694                 :            : 
     695                 :          0 : HTTPRequest::RequestMethod HTTPRequest::GetRequestMethod() const
     696                 :            : {
     697   [ #  #  #  #  :          0 :     switch (evhttp_request_get_command(req)) {
                      # ]
     698                 :            :     case EVHTTP_REQ_GET:
     699                 :          0 :         return GET;
     700                 :            :     case EVHTTP_REQ_POST:
     701                 :          0 :         return POST;
     702                 :            :     case EVHTTP_REQ_HEAD:
     703                 :          0 :         return HEAD;
     704                 :            :     case EVHTTP_REQ_PUT:
     705                 :          0 :         return PUT;
     706                 :            :     default:
     707                 :          0 :         return UNKNOWN;
     708                 :            :     }
     709                 :          0 : }
     710                 :            : 
     711                 :          0 : std::optional<std::string> HTTPRequest::GetQueryParameter(const std::string& key) const
     712                 :            : {
     713                 :          0 :     const char* uri{evhttp_request_get_uri(req)};
     714                 :            : 
     715                 :          0 :     return GetQueryParameterFromUri(uri, key);
     716                 :            : }
     717                 :            : 
     718                 :          0 : std::optional<std::string> GetQueryParameterFromUri(const char* uri, const std::string& key)
     719                 :            : {
     720                 :          0 :     evhttp_uri* uri_parsed{evhttp_uri_parse(uri)};
     721         [ #  # ]:          0 :     if (!uri_parsed) {
     722         [ #  # ]:          0 :         throw std::runtime_error("URI parsing failed, it likely contained RFC 3986 invalid characters");
     723                 :            :     }
     724                 :          0 :     const char* query{evhttp_uri_get_query(uri_parsed)};
     725                 :          0 :     std::optional<std::string> result;
     726                 :            : 
     727         [ #  # ]:          0 :     if (query) {
     728                 :            :         // Parse the query string into a key-value queue and iterate over it
     729                 :            :         struct evkeyvalq params_q;
     730         [ #  # ]:          0 :         evhttp_parse_query_str(query, &params_q);
     731                 :            : 
     732         [ #  # ]:          0 :         for (struct evkeyval* param{params_q.tqh_first}; param != nullptr; param = param->next.tqe_next) {
     733 [ #  # ][ #  # ]:          0 :             if (param->key == key) {
     734         [ #  # ]:          0 :                 result = param->value;
     735                 :          0 :                 break;
     736                 :            :             }
     737                 :          0 :         }
     738         [ #  # ]:          0 :         evhttp_clear_headers(&params_q);
     739                 :          0 :     }
     740         [ #  # ]:          0 :     evhttp_uri_free(uri_parsed);
     741                 :            : 
     742                 :          0 :     return result;
     743         [ #  # ]:          0 : }
     744                 :            : 
     745                 :          0 : void RegisterHTTPHandler(const std::string &prefix, bool exactMatch, const HTTPRequestHandler &handler)
     746                 :            : {
     747 [ #  # ][ #  # ]:          0 :     LogPrint(BCLog::HTTP, "Registering HTTP handler for %s (exactmatch %d)\n", prefix, exactMatch);
         [ #  # ][ #  # ]
     748                 :          0 :     LOCK(g_httppathhandlers_mutex);
     749         [ #  # ]:          0 :     pathHandlers.emplace_back(prefix, exactMatch, handler);
     750                 :          0 : }
     751                 :            : 
     752                 :          0 : void UnregisterHTTPHandler(const std::string &prefix, bool exactMatch)
     753                 :            : {
     754                 :          0 :     LOCK(g_httppathhandlers_mutex);
     755                 :          0 :     std::vector<HTTPPathHandler>::iterator i = pathHandlers.begin();
     756                 :          0 :     std::vector<HTTPPathHandler>::iterator iend = pathHandlers.end();
     757         [ #  # ]:          0 :     for (; i != iend; ++i)
     758 [ #  # ][ #  # ]:          0 :         if (i->prefix == prefix && i->exactMatch == exactMatch)
     759                 :          0 :             break;
     760         [ #  # ]:          0 :     if (i != iend)
     761                 :            :     {
     762 [ #  # ][ #  # ]:          0 :         LogPrint(BCLog::HTTP, "Unregistering HTTP handler for %s (exactmatch %d)\n", prefix, exactMatch);
         [ #  # ][ #  # ]
                 [ #  # ]
     763         [ #  # ]:          0 :         pathHandlers.erase(i);
     764                 :          0 :     }
     765                 :          0 : }

Generated by: LCOV version 1.14