62cab9cb1a
* Set cache control in the HTTP-RPC response header
* Add a simply cache policy to the RPC routes
* add a condition to check the RPC request has default height settings
* fix cherry pick error
* update pending log
* use options struct intead of single parameter
* refacor FuncOptions to functional options
* add functional options in WebSocket RPC function
* revert doc
* replace deprecated function call
* revise functional options
* remove unuse comment
* fix revised error
* adjust cache-control settings
* Update rpc/jsonrpc/server/http_json_handler.go
Co-authored-by: Thane Thomson <connect@thanethomson.com>
* linter: Fix false positive
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* rpc: Separate cacheable and non-cacheable HTTP response writers
Allows us to roll this change out in a non-API-breaking way, since this
is an additive change.
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* rpc: Ensure consistent caching strategy
Ensure a consistent caching strategy across both JSONRPC- and URI-based
requests.
This requires a bit of a refactor of the previous caching logic, which
is complicated a little by the complex reflection-based approach taken
in the Tendermint RPC.
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* rpc: Add more tests for caching
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* Update CHANGELOG_PENDING
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* light: Sync routes config with RPC core
Signed-off-by: Thane Thomson <connect@thanethomson.com>
* rpc: Update OpenAPI docs
Signed-off-by: Thane Thomson <connect@thanethomson.com>
Signed-off-by: Thane Thomson <connect@thanethomson.com>
Co-authored-by: jayt106 <jaytseng106@gmail.com>
Co-authored-by: jay tseng <jay.tseng@crypto.com>
Co-authored-by: JayT106 <JayT106@users.noreply.github.com>
(cherry picked from commit 816c6bac00)
# Conflicts:
# CHANGELOG_PENDING.md
# test/fuzz/tests/rpc_jsonrpc_server_test.go
fuzz
Fuzzing for various packages in Tendermint using go-fuzz library.
Inputs:
- mempool
CheckTx(using kvstore in-process ABCI app) - p2p
Addrbook#AddAddress - p2p
pex.Reactor#Receive - p2p
SecretConnection#ReadandSecretConnection#Write - rpc jsonrpc server
Directory structure
| test
| |- corpus/
| |- crashers/
| |- init-corpus/
| |- suppressions/
| |- testdata/
| |- <testname>.go
/corpus directory contains corpus data. The idea is to help the fuzzier to
understand what bytes sequences are semantically valid (e.g. if we're testing
PNG decoder, then we would put black-white PNG into corpus directory; with
blockchain reactor - we would put blockchain messages into corpus).
/init-corpus (if present) contains a script for generating corpus data.
/testdata directory may contain an additional data (like addrbook.json).
Upon running the fuzzier, /crashers and /suppressions dirs will be created,
along with .zip archive. /crashers will show any inputs, which have
lead to panics (plus a trace). /suppressions will show any suppressed inputs.
Running
make fuzz-mempool
make fuzz-p2p-addrbook
make fuzz-p2p-pex
make fuzz-p2p-sc
make fuzz-rpc-server
Each command will create corpus data (if needed), generate a fuzz archive and
call go-fuzz executable.
Then watch out for the respective outputs in the fuzzer output to announce new
crashers which can be found in the directory crashers.
For example if we find
ls crashers/
61bde465f47c93254d64d643c3b2480e0a54666e
61bde465f47c93254d64d643c3b2480e0a54666e.output
61bde465f47c93254d64d643c3b2480e0a54666e.quoted
da39a3ee5e6b4b0d3255bfef95601890afd80709
da39a3ee5e6b4b0d3255bfef95601890afd80709.output
da39a3ee5e6b4b0d3255bfef95601890afd80709.quoted
the crashing bytes generated by the fuzzer will be in
61bde465f47c93254d64d643c3b2480e0a54666e the respective crash report in
61bde465f47c93254d64d643c3b2480e0a54666e.output
and the bug report can be created by retrieving the bytes in
61bde465f47c93254d64d643c3b2480e0a54666e and feeding those back into the
Fuzz function.