Ecosystem/serai
Ecosystem/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2024-12-22 11:39:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Use a single long-lived RPC connection when authenticated

Browse source 
The prior system spawned a new connection per request to enable parallelism,
yet kept hitting hyper::IncompleteMessages I couldn't track down. This
attempts to resolve those by a long-lived socket.

Halves the amount of requests per-authenticated RPC call, and accordingly is
likely still better overall.

I don't believe this is resolved yet but this is still worth pushing.
This commit is contained in:
Luke Parker 2023-11-06 23:45:39 -05:00
parent c03fb6c71b
commit 56fd11ab8d
No known key found for this signature in database
14 changed files with 169 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Cargo.lock generated
View file

@ -309,6 +309,17 @@ dependencies = [
"event-listener",
]
[[package]]
name = "async-recursion"
version = "1.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5fd55a5ba1179988837d24ab4c7cc8ed6efdeff578ede0416b4225a5fca35bd0"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.39",
]
[[package]]
name = "async-trait"
version = "0.1.74"
@ -4840,6 +4851,7 @@ dependencies = [
name = "monero-serai"
version = "0.1.4-alpha"
dependencies = [
"async-recursion",
"async-trait",
"base58-monero",
"curve25519-dalek",

3
coins/monero/Cargo.toml
View file

@ -54,6 +54,7 @@ serde_json = { version = "1", default-features = false, features = ["alloc"] }
base58-monero = { version = "2", default-features = false, features = ["check"] }
# Used for the provided HTTP RPC
async-recursion = { version = "1", optional = true }
digest_auth = { version = "0.3", default-features = false, optional = true }
simple-request = { path = "../../common/request", version = "0.1", default-features = false, optional = true }
tokio = { version = "1", default-features = false, optional = true }
@ -100,7 +101,7 @@ std = [
"base58-monero/std",
]
http-rpc = ["digest_auth", "simple-request", "tokio"]
http-rpc = ["async-recursion", "digest_auth", "simple-request", "tokio"]
multisig = ["transcript", "frost", "dleq", "std"]
binaries = ["tokio/rt-multi-thread", "tokio/macros", "http-rpc"]
experimental = []

7
coins/monero/src/bin/reserialize_chain.rs
View file

@ -271,14 +271,15 @@ async fn main() {
}
let nodes = if specified_nodes.is_empty() { default_nodes } else { specified_nodes };
let rpc = |url: String| {
let rpc = |url: String| async move {
HttpRpc::new(url.clone())
.await
.unwrap_or_else(|_| panic!("couldn't create HttpRpc connected to {url}"))
};
let main_rpc = rpc(nodes[0].clone());
let main_rpc = rpc(nodes[0].clone()).await;
let mut rpcs = vec![];
for i in 0 .. async_parallelism {
rpcs.push(Arc::new(rpc(nodes[i % nodes.len()].clone())));
rpcs.push(Arc::new(rpc(nodes[i % nodes.len()].clone()).await));
}
let mut rpc_i = 0;

178
coins/monero/src/rpc/http.rs
View file

@ -1,25 +1,30 @@
use std::io::Read;
use std::{sync::Arc, io::Read};
use async_trait::async_trait;
use digest_auth::AuthContext;
use tokio::sync::Mutex;
use digest_auth::{WwwAuthenticateHeader, AuthContext};
use simple_request::{
hyper::{header::HeaderValue, Request},
Client,
hyper::{StatusCode, header::HeaderValue, Request},
Response, Client,
};
use crate::rpc::{RpcError, RpcConnection, Rpc};
#[derive(Clone, Debug)]
enum Authentication {
// If unauthenticated, reuse a single client
// If unauthenticated, use a single client
Unauthenticated(Client),
// If authenticated, don't reuse clients so that each connection makes its own connection
// If authenticated, use a single client which supports being locked and tracks its nonce
// This ensures that if a nonce is requested, another caller doesn't make a request invalidating
// it
// We could acquire a mutex over the client, yet creating a new client is preferred for the
// possibility of parallelism
Authenticated { username: String, password: String },
Authenticated {
username: String,
password: String,
#[allow(clippy::type_complexity)]
connection: Arc<Mutex<(Option<(WwwAuthenticateHeader, u64)>, Client)>>,
},
}
/// An HTTP(S) transport for the RPC.
@ -32,11 +37,29 @@ pub struct HttpRpc {
}
impl HttpRpc {
fn digest_auth_challenge(
response: &Response,
) -> Result<Option<(WwwAuthenticateHeader, u64)>, RpcError> {
Ok(if let Some(header) = response.headers().get("www-authenticate") {
Some((
digest_auth::parse(
header
.to_str()
.map_err(|_| RpcError::InvalidNode("www-authenticate header wasn't a string"))?,
)
.map_err(|_| RpcError::InvalidNode("invalid digest-auth response"))?,
0,
))
} else {
None
})
}
/// Create a new HTTP(S) RPC connection.
///
/// A daemon requiring authentication can be used via including the username and password in the
/// URL.
pub fn new(mut url: String) -> Result<Rpc<HttpRpc>, RpcError> {
pub async fn new(mut url: String) -> Result<Rpc<HttpRpc>, RpcError> {
let authentication = if url.contains('@') {
// Parse out the username and password
let url_clone = url;
@ -61,9 +84,24 @@ impl HttpRpc {
if split_userpass.len() > 2 {
Err(RpcError::ConnectionError("invalid amount of passwords".to_string()))?;
}
let client = Client::without_connection_pool(url.clone())
.map_err(|_| RpcError::ConnectionError("invalid URL".to_string()))?;
// Obtain the initial challenge, which also somewhat validates this connection
let challenge = Self::digest_auth_challenge(
&client
.request(
Request::post(url.clone())
.body(vec![].into())
.map_err(|e| RpcError::ConnectionError(format!("couldn't make request: {e:?}")))?,
)
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?,
)?;
Authentication::Authenticated {
username: split_userpass[0].to_string(),
password: split_userpass.get(1).unwrap_or(&"").to_string(),
connection: Arc::new(Mutex::new((challenge, client))),
}
} else {
Authentication::Unauthenticated(Client::with_connection_pool())
@ -74,60 +112,96 @@ impl HttpRpc {
}
impl HttpRpc {
async fn inner_post(&self, route: &str, body: Vec<u8>) -> Result<Vec<u8>, RpcError> {
let request = |uri| Request::post(uri).body(body.clone().into()).unwrap();
#[async_recursion::async_recursion]
async fn inner_post(
&self,
route: &str,
body: Vec<u8>,
recursing: bool,
) -> Result<Vec<u8>, RpcError> {
let request_fn = |uri| {
Request::post(uri)
.body(body.clone().into())
.map_err(|e| RpcError::ConnectionError(format!("couldn't make request: {e:?}")))
};
let mut connection = None;
let response = match &self.authentication {
Authentication::Unauthenticated(client) => client
.request(request(self.url.clone() + "/" + route))
.request(request_fn(self.url.clone() + "/" + route)?)
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?,
Authentication::Authenticated { username, password } => {
// This Client will drop and replace its connection on error, when monero-serai requires
// a single socket for the lifetime of this function
// Since dropping the connection will raise an error, and this function aborts on any
// error, this is fine
let client = Client::without_connection_pool(self.url.clone())
.map_err(|_| RpcError::ConnectionError("invalid URL".to_string()))?;
let mut response = client
.request(request("/".to_string() + route))
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?;
Authentication::Authenticated { username, password, connection } => {
let mut connection_lock = connection.lock().await;
let mut request = request_fn("/".to_string() + route)?;
// If we don't have an auth challenge, obtain one
if connection_lock.0.is_none() {
connection_lock.0 = Self::digest_auth_challenge(
&connection_lock
.1
.request(request)
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?,
)?;
request = request_fn("/".to_string() + route)?;
}
// Insert the challenge response, if we have a challenge
if let Some((challenge, cnonce)) = connection_lock.0.as_mut() {
// Update the cnonce
// Overflow isn't a concern as this is a u64
*cnonce += 1;
let mut context = AuthContext::new_post::<_, _, _, &[u8]>(
username,
password,
"/".to_string() + route,
None,
);
context.set_custom_cnonce(hex::encode(cnonce.to_le_bytes()));
// Only provide authentication if this daemon actually expects it
if let Some(header) = response.headers().get("www-authenticate") {
let mut request = request("/".to_string() + route);
request.headers_mut().insert(
"Authorization",
HeaderValue::from_str(
&digest_auth::parse(
header
.to_str()
.map_err(|_| RpcError::InvalidNode("www-authenticate header wasn't a string"))?,
)
.map_err(|_| RpcError::InvalidNode("invalid digest-auth response"))?
.respond(&AuthContext::new_post::<_, _, _, &[u8]>(
username,
password,
"/".to_string() + route,
None,
))
.map_err(|_| RpcError::InvalidNode("couldn't respond to digest-auth challenge"))?
.to_header_string(),
&challenge
.respond(&context)
.map_err(|_| RpcError::InvalidNode("couldn't respond to digest-auth challenge"))?
.to_header_string(),
)
.unwrap(),
);
// Make the request with the response challenge
response = client
.request(request)
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?;
}
// Store the client so it's not dropped yet
connection = Some(client);
let response_result = connection_lock
.1
.request(request)
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")));
// If the connection entered an error state, drop the cached challenge as challenges are
// per-connection
// We don't need to create a new connection as simple-request will for us
if response_result.is_err() {
connection_lock.0 = None;
}
let response = response_result?;
// If we need to re-auth due to this token being stale, recursively re-call this function,
// unless we're already recursing
if (!recursing) && (response.status() == StatusCode::UNAUTHORIZED) {
if let Some(header) = response.headers().get("www-authenticate") {
if header
.to_str()
.map_err(|_| RpcError::InvalidNode("www-authenticate header wasn't a string"))?
.contains("stale")
{
connection_lock.0 = None;
drop(connection_lock);
return self.inner_post(route, body, true).await;
}
}
}
response
}
@ -163,8 +237,6 @@ impl HttpRpc {
.read_to_end(&mut res)
.unwrap();
drop(connection);
Ok(res)
}
}
@ -173,7 +245,7 @@ impl HttpRpc {
impl RpcConnection for HttpRpc {
async fn post(&self, route: &str, body: Vec<u8>) -> Result<Vec<u8>, RpcError> {
// TODO: Make this timeout configurable
tokio::time::timeout(core::time::Duration::from_secs(30), self.inner_post(route, body))
tokio::time::timeout(core::time::Duration::from_secs(30), self.inner_post(route, body, false))
.await
.map_err(|e| RpcError::ConnectionError(format!("{e:?}")))?
}

2
coins/monero/tests/runner.rs
View file

@ -86,7 +86,7 @@ pub fn check_weight_and_fee(tx: &Transaction, fee_rate: Fee) {
}
pub async fn rpc() -> Rpc<HttpRpc> {
let rpc = HttpRpc::new("http://127.0.0.1:18081".to_string()).unwrap();
let rpc = HttpRpc::new("http://127.0.0.1:18081".to_string()).await.unwrap();
// Only run once
if rpc.get_height().await.unwrap() != 1 {

2
coins/monero/tests/wallet2_compatibility.rs
View file

@ -35,7 +35,7 @@ async fn make_integrated_address(rpc: &Rpc<HttpRpc>, payment_id: [u8; 8]) -> Str
}
async fn initialize_rpcs() -> (Rpc<HttpRpc>, Rpc<HttpRpc>, String) {
let wallet_rpc = HttpRpc::new("http://127.0.0.1:6061".to_string()).unwrap();
let wallet_rpc = HttpRpc::new("http://127.0.0.1:6061".to_string()).await.unwrap();
let daemon_rpc = runner::rpc().await;
#[derive(Debug, Deserialize)]

4
common/request/src/lib.rs
View file

@ -26,7 +26,7 @@ pub enum Error {
InvalidUri,
MissingHost,
InconsistentHost,
SslError,
SslError(Box<dyn Send + Sync + std::error::Error>),
Hyper(hyper::Error),
}
@ -116,7 +116,7 @@ impl Client {
// If there's not a connection...
if connection_lock.is_none() {
let (requester, connection) = hyper::client::conn::http1::handshake(
https_builder.clone().call(host.clone()).await.map_err(|_| Error::SslError)?,
https_builder.clone().call(host.clone()).await.map_err(Error::SslError)?,
)
.await
.map_err(Error::Hyper)?;

2
processor/src/main.rs
View file

@ -650,7 +650,7 @@ async fn main() {
#[cfg(feature = "bitcoin")]
NetworkId::Bitcoin => run(db, Bitcoin::new(url).await, coordinator).await,
#[cfg(feature = "monero")]
NetworkId::Monero => run(db, Monero::new(url), coordinator).await,
NetworkId::Monero => run(db, Monero::new(url).await, coordinator).await,
_ => panic!("spawning a processor for an unsupported network"),
}
}

4
processor/src/networks/monero.rs
View file

@ -191,8 +191,8 @@ fn map_rpc_err(err: RpcError) -> NetworkError {
}
impl Monero {
pub fn new(url: String) -> Monero {
Monero { rpc: HttpRpc::new(url).unwrap() }
pub async fn new(url: String) -> Monero {
Monero { rpc: HttpRpc::new(url).await.unwrap() }
}
fn view_pair(spend: EdwardsPoint) -> ViewPair {

6
processor/src/tests/literal/mod.rs
View file

@ -114,13 +114,15 @@ mod monero {
async fn monero(ops: &DockerOperations) -> Monero {
let handle = ops.handle("serai-dev-monero").host_port(18081).unwrap();
let monero = Monero::new(format!("http://serai:seraidex@{}:{}", handle.0, handle.1));
let url = format!("http://serai:seraidex@{}:{}", handle.0, handle.1);
for _ in 0 .. 60 {
if monero.get_latest_block_number().await.is_ok() {
if monero_serai::rpc::HttpRpc::new(url.clone()).await.is_ok() {
break;
}
tokio::time::sleep(core::time::Duration::from_secs(1)).await;
}
let monero = Monero::new(url).await;
while monero.get_latest_block_number().await.unwrap() < 150 {
monero.mine_block().await;
}

2
tests/full-stack/src/lib.rs
View file

@ -171,7 +171,7 @@ impl Handles {
// If the RPC server has yet to start, sleep for up to 60s until it does
for _ in 0 .. 60 {
tokio::time::sleep(Duration::from_secs(1)).await;
let Ok(client) = HttpRpc::new(rpc.clone()) else { continue };
let Ok(client) = HttpRpc::new(rpc.clone()).await else { continue };
if client.get_height().await.is_err() {
continue;
}

2
tests/full-stack/src/tests/mint_and_burn.rs
View file

@ -523,7 +523,7 @@ async fn mint_and_burn_test() {
Coin::Monero,
1_000_000_000_000,
ExternalAddress::new(
serai_client::networks::monero::Address::new(monero_addr).unwrap().try_into().unwrap(),
serai_client::networks::monero::Address::new(monero_addr).unwrap().into(),
)
.unwrap(),
)

17
tests/processor/src/lib.rs
View file

@ -188,7 +188,8 @@ impl Coordinator {
use monero_serai::rpc::HttpRpc;
// Monero's won't, so call get_height
if HttpRpc::new(rpc_url.clone())
if handle
.block_on(HttpRpc::new(rpc_url.clone()))
.ok()
.and_then(|rpc| handle.block_on(rpc.get_height()).ok())
.is_some()
@ -283,7 +284,7 @@ impl Coordinator {
rpc::HttpRpc,
};
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the Monero RPC");
let rpc = HttpRpc::new(rpc_url).await.expect("couldn't connect to the Monero RPC");
let _: EmptyResponse = rpc
.json_rpc_call(
"generateblocks",
@ -322,7 +323,8 @@ impl Coordinator {
NetworkId::Monero => {
use monero_serai::rpc::HttpRpc;
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the coordinator's Monero RPC");
let rpc =
HttpRpc::new(rpc_url).await.expect("couldn't connect to the coordinator's Monero RPC");
let res: serde_json::Value = rpc
.json_rpc_call("submit_block", Some(serde_json::json!([hex::encode(block)])))
.await
@ -368,10 +370,11 @@ impl Coordinator {
NetworkId::Monero => {
use monero_serai::rpc::HttpRpc;
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the Monero RPC");
let rpc = HttpRpc::new(rpc_url).await.expect("couldn't connect to the Monero RPC");
let to = rpc.get_height().await.unwrap();
for coordinator in others {
let from = HttpRpc::new(network_rpc(self.network, ops, &coordinator.network_handle))
.await
.expect("couldn't connect to the Monero RPC")
.get_height()
.await
@ -407,7 +410,8 @@ impl Coordinator {
NetworkId::Monero => {
use monero_serai::{transaction::Transaction, rpc::HttpRpc};
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the coordinator's Monero RPC");
let rpc =
HttpRpc::new(rpc_url).await.expect("couldn't connect to the coordinator's Monero RPC");
rpc.publish_transaction(&Transaction::read(&mut &*tx).unwrap()).await.unwrap();
}
NetworkId::Serai => panic!("processor tests broadcasting block to Serai"),
@ -436,7 +440,8 @@ impl Coordinator {
NetworkId::Monero => {
use monero_serai::rpc::HttpRpc;
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the coordinator's Monero RPC");
let rpc =
HttpRpc::new(rpc_url).await.expect("couldn't connect to the coordinator's Monero RPC");
let mut hash = [0; 32];
hash.copy_from_slice(tx);
if let Ok(tx) = rpc.get_transaction(hash).await {

4
tests/processor/src/networks.rs
View file

@ -180,7 +180,7 @@ impl Wallet {
let view_pair =
ViewPair::new(ED25519_BASEPOINT_POINT * spend_key, Zeroizing::new(view_key));
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the Monero RPC");
let rpc = HttpRpc::new(rpc_url).await.expect("couldn't connect to the Monero RPC");
let height = rpc.get_height().await.unwrap();
// Mines 200 blocks so sufficient decoys exist, as only 60 is needed for maturity
@ -316,7 +316,7 @@ impl Wallet {
use processor::{additional_key, networks::Monero};
let rpc_url = network_rpc(NetworkId::Monero, ops, handle);
let rpc = HttpRpc::new(rpc_url).expect("couldn't connect to the Monero RPC");
let rpc = HttpRpc::new(rpc_url).await.expect("couldn't connect to the Monero RPC");
// Prepare inputs
let outputs = std::mem::take(inputs);