Merge pull request 'TLS support for RPC nodes' (#7) from support-tls into master

Reviewed-on: https://git.wownero.com/wownero/wowlet-backend/pulls/7
This commit is contained in:
wowario 2021-05-03 07:08:05 +00:00
commit ba87a744f6
3 changed files with 20 additions and 11 deletions

View file

@ -16,6 +16,7 @@
"eu-west-5.wow.xmr.pm:34568", "eu-west-5.wow.xmr.pm:34568",
"eu-west-6.wow.xmr.pm:34568", "eu-west-6.wow.xmr.pm:34568",
"na-west-1.wow.xmr.pm:34568", "na-west-1.wow.xmr.pm:34568",
"wowbux.org:34568",
"169.119.33.174:34568", "169.119.33.174:34568",
"wow.bot.tips:34568", "wow.bot.tips:34568",
"idontwanttogototoronto.wow.fail:34568" "idontwanttogototoronto.wow.fail:34568"

View file

@ -41,19 +41,26 @@ class RPCNodeCheckTask(WowletTask):
for network_type, _nodes in _.items(): for network_type, _nodes in _.items():
for node in _nodes: for node in _nodes:
for scheme in ["https", "http"]:
try: try:
blob = await self.node_check(node, network_type=network_type) blob = await self.node_check(f"{scheme}://{node}", network_type=network_type)
blob['tls'] = True if scheme == "https" else False
data.append(blob) data.append(blob)
break
except Exception as ex: except Exception as ex:
app.logger.warning(f"node {node} not reachable; {ex}") continue
if not data:
app.logger.warning(f"node {node} not reachable")
data.append(self._bad_node({ data.append(self._bad_node({
"address": node, "address": node,
"nettype": network_type_coin, "nettype": network_type_coin,
"type": network_type, "type": network_type,
"height": 0 "height": 0,
"tls": False
}, reason="unreachable")) }, reason="unreachable"))
# not neccesary for stagenet/testnet nodes to be validated # not necessary for stagenet/testnet nodes to be validated
if network_type_coin != "mainnet": if network_type_coin != "mainnet":
nodes += data nodes += data
continue continue
@ -82,14 +89,15 @@ class RPCNodeCheckTask(WowletTask):
"""Call /get_info on the RPC, return JSON""" """Call /get_info on the RPC, return JSON"""
opts = { opts = {
"timeout": self._http_timeout, "timeout": self._http_timeout,
"json": True "json": True,
"verify_tls": False
} }
if network_type == "tor": if network_type == "tor":
opts["socks5"] = settings.TOR_SOCKS_PROXY opts["socks5"] = settings.TOR_SOCKS_PROXY
opts["timeout"] = self._http_timeout_onion opts["timeout"] = self._http_timeout_onion
blob = await httpget(f"http://{node}/get_info", **opts) blob = await httpget(f"{node}/get_info", **opts)
for expect in ["nettype", "height", "target_height"]: for expect in ["nettype", "height", "target_height"]:
if expect not in blob: if expect not in blob:
raise Exception(f"Invalid JSON response from RPC; expected key '{expect}'") raise Exception(f"Invalid JSON response from RPC; expected key '{expect}'")

View file

@ -54,14 +54,14 @@ def collect_websocket(func):
return wrapper return wrapper
async def httpget(url: str, json=True, timeout: int = 5, socks5: str = None, raise_for_status=True): async def httpget(url: str, json=True, timeout: int = 5, socks5: str = None, raise_for_status=True, verify_tls=True):
headers = {"User-Agent": random_agent()} headers = {"User-Agent": random_agent()}
opts = {"timeout": aiohttp.ClientTimeout(total=timeout)} opts = {"timeout": aiohttp.ClientTimeout(total=timeout)}
if socks5: if socks5:
opts['connector'] = ProxyConnector.from_url(socks5) opts['connector'] = ProxyConnector.from_url(socks5)
async with aiohttp.ClientSession(**opts) as session: async with aiohttp.ClientSession(**opts) as session:
async with session.get(url, headers=headers) as response: async with session.get(url, headers=headers, ssl=verify_tls) as response:
if raise_for_status: if raise_for_status:
response.raise_for_status() response.raise_for_status()