Official Go implementation of the Bytom protocol
Révision | d78c99f2eff51ab555e4f8810ce893c8e4807609 (tree) |
---|---|
l'heure | 2020-12-26 16:21:41 |
Auteur | LonelyPale <lonelypale@126....> |
Commiter | LonelyPale |
api server add https support
@@ -164,8 +164,16 @@ func (a *API) StartServer(address string) { | ||
164 | 164 | // it's blocking and we need to proceed to the rest of the core setup after |
165 | 165 | // we call it. |
166 | 166 | go func() { |
167 | - if err := a.server.Serve(listener); err != nil { | |
168 | - log.WithFields(log.Fields{"module": logModule, "error": errors.Wrap(err, "Serve")}).Error("Rpc server") | |
167 | + if cfg.CommonConfig.Https.EnableTLS { | |
168 | + certFile := cfg.CommonConfig.RootDir + "/" + cfg.CommonConfig.Https.CertFile | |
169 | + keyFile := cfg.CommonConfig.RootDir + "/" + cfg.CommonConfig.Https.KeyFile | |
170 | + if err = a.server.ServeTLS(listener, certFile, keyFile); err != nil { | |
171 | + log.WithFields(log.Fields{"module": logModule, "error": errors.Wrap(err, "ServeTLS")}).Error("Rpc server") | |
172 | + } | |
173 | + } else { | |
174 | + if err := a.server.Serve(listener); err != nil { | |
175 | + log.WithFields(log.Fields{"module": logModule, "error": errors.Wrap(err, "Serve")}).Error("Rpc server") | |
176 | + } | |
169 | 177 | } |
170 | 178 | }() |
171 | 179 | } |
@@ -28,6 +28,7 @@ type Config struct { | ||
28 | 28 | Web *WebConfig `mapstructure:"web"` |
29 | 29 | Simd *SimdConfig `mapstructure:"simd"` |
30 | 30 | Websocket *WebsocketConfig `mapstructure:"ws"` |
31 | + Https *HttpsConfig `mapstructure:"https"` | |
31 | 32 | } |
32 | 33 | |
33 | 34 | // Default configurable parameters. |
@@ -205,6 +206,13 @@ type WebsocketConfig struct { | ||
205 | 206 | MaxNumConcurrentReqs int `mapstructure:"max_num_concurrent_reqs"` |
206 | 207 | } |
207 | 208 | |
209 | +// enable https | |
210 | +type HttpsConfig struct { | |
211 | + EnableTLS bool `mapstructure:"enable_tls"` | |
212 | + CertFile string `mapstructure:"cert_file"` | |
213 | + KeyFile string `mapstructure:"key_file"` | |
214 | +} | |
215 | + | |
208 | 216 | // Default configurable rpc's auth parameters. |
209 | 217 | func DefaultRPCAuthConfig() *RPCAuthConfig { |
210 | 218 | return &RPCAuthConfig{ |
@@ -243,6 +251,14 @@ func DefaultWebsocketConfig() *WebsocketConfig { | ||
243 | 251 | } |
244 | 252 | } |
245 | 253 | |
254 | +func DefaultHttpsConfig() *HttpsConfig { | |
255 | + return &HttpsConfig{ | |
256 | + EnableTLS: false, | |
257 | + CertFile: "key/cert.pem", | |
258 | + KeyFile: "key/key.pem", | |
259 | + } | |
260 | +} | |
261 | + | |
246 | 262 | //----------------------------------------------------------------------------- |
247 | 263 | // Utils |
248 | 264 |
@@ -1,6 +1,8 @@ | ||
1 | 1 | package config |
2 | 2 | |
3 | 3 | import ( |
4 | + "os" | |
5 | + "os/exec" | |
4 | 6 | "path" |
5 | 7 | |
6 | 8 | cmn "github.com/tendermint/tmlibs/common" |
@@ -17,6 +19,16 @@ func EnsureRoot(rootDir string, network string) { | ||
17 | 19 | if !cmn.FileExists(configFilePath) { |
18 | 20 | cmn.MustWriteFile(configFilePath, []byte(selectNetwork(network)), 0644) |
19 | 21 | } |
22 | + | |
23 | + cmn.EnsureDir(rootDir+"/key", 0700) | |
24 | + if err := os.Chdir(rootDir + "/key"); err != nil { | |
25 | + panic(err) | |
26 | + } | |
27 | + | |
28 | + cmd := exec.Command("/bin/bash", "-c", `go run $GOROOT/src/crypto/tls/generate_cert.go --host="localhost"`) | |
29 | + if err := cmd.Run(); err != nil { | |
30 | + panic(err) | |
31 | + } | |
20 | 32 | } |
21 | 33 | |
22 | 34 | var defaultConfigTmpl = `# This is a TOML config file. |
@@ -45,14 +57,21 @@ laddr = "tcp://0.0.0.0:46658" | ||
45 | 57 | seeds = "" |
46 | 58 | ` |
47 | 59 | |
60 | +var httpsConfigTmpl = ` | |
61 | +[https] | |
62 | +enable_tls = true | |
63 | +cert_file = "key/cert.pem" | |
64 | +key_file = "key/key.pem" | |
65 | +` | |
66 | + | |
48 | 67 | // Select network seeds to merge a new string. |
49 | 68 | func selectNetwork(network string) string { |
50 | 69 | switch network { |
51 | 70 | case "mainnet": |
52 | - return defaultConfigTmpl + mainNetConfigTmpl | |
71 | + return defaultConfigTmpl + mainNetConfigTmpl + httpsConfigTmpl | |
53 | 72 | case "testnet": |
54 | - return defaultConfigTmpl + testNetConfigTmpl | |
73 | + return defaultConfigTmpl + testNetConfigTmpl + httpsConfigTmpl | |
55 | 74 | default: |
56 | - return defaultConfigTmpl + soloNetConfigTmpl | |
75 | + return defaultConfigTmpl + soloNetConfigTmpl + httpsConfigTmpl | |
57 | 76 | } |
58 | 77 | } |
@@ -0,0 +1,14 @@ | ||
1 | +# 信通院安全评测版本 | |
2 | + | |
3 | +```shell script | |
4 | +root | |
5 | +123456 | |
6 | + | |
7 | +make bytomd | |
8 | +make install | |
9 | + | |
10 | +bytomd init --chain_id testnet | |
11 | +bytomd node --auth.disable | |
12 | + | |
13 | +curl -k https://localhost:9888/net-info | |
14 | +``` |