Merge pull request #3 from ava-labs/master

updating against ava-labs base

Author: galenmarchetti

api/admin/service.go

@@ -10,16 +10,19 @@ import (
 
 	"github.com/ava-labs/gecko/api"
 	"github.com/ava-labs/gecko/chains"
+	"github.com/ava-labs/gecko/genesis"
 	"github.com/ava-labs/gecko/ids"
 	"github.com/ava-labs/gecko/network"
 	"github.com/ava-labs/gecko/snow/engine/common"
 	"github.com/ava-labs/gecko/utils/logging"
+	"github.com/ava-labs/gecko/version"
 
 	cjson "github.com/ava-labs/gecko/utils/json"
 )
 
 // Admin is the API service for node admin management
 type Admin struct {
+	version      version.Version
 	nodeID       ids.ShortID
 	networkID    uint32
 	log          logging.Logger
@@ -30,12 +33,13 @@ type Admin struct {
 }
 
 // NewService returns a new admin API service
-func NewService(nodeID ids.ShortID, networkID uint32, log logging.Logger, chainManager chains.Manager, peers network.Network, httpServer *api.Server) *common.HTTPHandler {
+func NewService(version version.Version, nodeID ids.ShortID, networkID uint32, log logging.Logger, chainManager chains.Manager, peers network.Network, httpServer *api.Server) *common.HTTPHandler {
 	newServer := rpc.NewServer()
 	codec := cjson.NewCodec()
 	newServer.RegisterCodec(codec, "application/json")
 	newServer.RegisterCodec(codec, "application/json;charset=UTF-8")
 	newServer.RegisterService(&Admin{
+		version:      version,
 		nodeID:       nodeID,
 		networkID:    networkID,
 		log:          log,
@@ -46,38 +50,58 @@ func NewService(nodeID ids.ShortID, networkID uint32, log logging.Logger, chainM
 	return &common.HTTPHandler{Handler: newServer}
 }
 
-// GetNodeIDArgs are the arguments for calling GetNodeID
-type GetNodeIDArgs struct{}
+// GetNodeVersionReply are the results from calling GetNodeVersion
+type GetNodeVersionReply struct {
+	Version string `json:"version"`
+}
+
+// GetNodeVersion returns the version this node is running
+func (service *Admin) GetNodeVersion(_ *http.Request, _ *struct{}, reply *GetNodeVersionReply) error {
+	service.log.Debug("Admin: GetNodeVersion called")
+
+	reply.Version = service.version.String()
+	return nil
+}
 
 // GetNodeIDReply are the results from calling GetNodeID
 type GetNodeIDReply struct {
 	NodeID ids.ShortID `json:"nodeID"`
 }
 
 // GetNodeID returns the node ID of this node
-func (service *Admin) GetNodeID(r *http.Request, args *GetNodeIDArgs, reply *GetNodeIDReply) error {
+func (service *Admin) GetNodeID(_ *http.Request, _ *struct{}, reply *GetNodeIDReply) error {
 	service.log.Debug("Admin: GetNodeID called")
 
 	reply.NodeID = service.nodeID
 	return nil
 }
 
-// GetNetworkIDArgs are the arguments for calling GetNetworkID
-type GetNetworkIDArgs struct{}
-
 // GetNetworkIDReply are the results from calling GetNetworkID
 type GetNetworkIDReply struct {
 	NetworkID cjson.Uint32 `json:"networkID"`
 }
 
 // GetNetworkID returns the network ID this node is running on
-func (service *Admin) GetNetworkID(r *http.Request, args *GetNetworkIDArgs, reply *GetNetworkIDReply) error {
+func (service *Admin) GetNetworkID(_ *http.Request, _ *struct{}, reply *GetNetworkIDReply) error {
 	service.log.Debug("Admin: GetNetworkID called")
 
 	reply.NetworkID = cjson.Uint32(service.networkID)
 	return nil
 }
 
+// GetNetworkNameReply is the result from calling GetNetworkName
+type GetNetworkNameReply struct {
+	NetworkName string `json:"networkName"`
+}
+
+// GetNetworkName returns the network name this node is running on
+func (service *Admin) GetNetworkName(_ *http.Request, _ *struct{}, reply *GetNetworkNameReply) error {
+	service.log.Debug("Admin: GetNetworkName called")
+
+	reply.NetworkName = genesis.NetworkName(service.networkID)
+	return nil
+}
+
 // GetBlockchainIDArgs are the arguments for calling GetBlockchainID
 type GetBlockchainIDArgs struct {
 	Alias string `json:"alias"`
@@ -89,24 +113,21 @@ type GetBlockchainIDReply struct {
 }
 
 // GetBlockchainID returns the blockchain ID that resolves the alias that was supplied
-func (service *Admin) GetBlockchainID(r *http.Request, args *GetBlockchainIDArgs, reply *GetBlockchainIDReply) error {
+func (service *Admin) GetBlockchainID(_ *http.Request, args *GetBlockchainIDArgs, reply *GetBlockchainIDReply) error {
 	service.log.Debug("Admin: GetBlockchainID called")
 
 	bID, err := service.chainManager.Lookup(args.Alias)
 	reply.BlockchainID = bID.String()
 	return err
 }
 
-// PeersArgs are the arguments for calling Peers
-type PeersArgs struct{}
-
 // PeersReply are the results from calling Peers
 type PeersReply struct {
 	Peers []network.PeerID `json:"peers"`
 }
 
 // Peers returns the list of current validators
-func (service *Admin) Peers(r *http.Request, args *PeersArgs, reply *PeersReply) error {
+func (service *Admin) Peers(_ *http.Request, _ *struct{}, reply *PeersReply) error {
 	service.log.Debug("Admin: Peers called")
 	reply.Peers = service.networking.Peers()
 	return nil
@@ -123,22 +144,19 @@ type StartCPUProfilerReply struct {
 }
 
 // StartCPUProfiler starts a cpu profile writing to the specified file
-func (service *Admin) StartCPUProfiler(r *http.Request, args *StartCPUProfilerArgs, reply *StartCPUProfilerReply) error {
+func (service *Admin) StartCPUProfiler(_ *http.Request, args *StartCPUProfilerArgs, reply *StartCPUProfilerReply) error {
 	service.log.Debug("Admin: StartCPUProfiler called with %s", args.Filename)
 	reply.Success = true
 	return service.performance.StartCPUProfiler(args.Filename)
 }
 
-// StopCPUProfilerArgs are the arguments for calling StopCPUProfiler
-type StopCPUProfilerArgs struct{}
-
 // StopCPUProfilerReply are the results from calling StopCPUProfiler
 type StopCPUProfilerReply struct {
 	Success bool `json:"success"`
 }
 
 // StopCPUProfiler stops the cpu profile
-func (service *Admin) StopCPUProfiler(r *http.Request, args *StopCPUProfilerArgs, reply *StopCPUProfilerReply) error {
+func (service *Admin) StopCPUProfiler(_ *http.Request, _ *struct{}, reply *StopCPUProfilerReply) error {
 	service.log.Debug("Admin: StopCPUProfiler called")
 	reply.Success = true
 	return service.performance.StopCPUProfiler()
@@ -155,7 +173,7 @@ type MemoryProfileReply struct {
 }
 
 // MemoryProfile runs a memory profile writing to the specified file
-func (service *Admin) MemoryProfile(r *http.Request, args *MemoryProfileArgs, reply *MemoryProfileReply) error {
+func (service *Admin) MemoryProfile(_ *http.Request, args *MemoryProfileArgs, reply *MemoryProfileReply) error {
 	service.log.Debug("Admin: MemoryProfile called with %s", args.Filename)
 	reply.Success = true
 	return service.performance.MemoryProfile(args.Filename)
@@ -172,7 +190,7 @@ type LockProfileReply struct {
 }
 
 // LockProfile runs a mutex profile writing to the specified file
-func (service *Admin) LockProfile(r *http.Request, args *LockProfileArgs, reply *LockProfileReply) error {
+func (service *Admin) LockProfile(_ *http.Request, args *LockProfileArgs, reply *LockProfileReply) error {
 	service.log.Debug("Admin: LockProfile called with %s", args.Filename)
 	reply.Success = true
 	return service.performance.LockProfile(args.Filename)
@@ -190,7 +208,7 @@ type AliasReply struct {
 }
 
 // Alias attempts to alias an HTTP endpoint to a new name
-func (service *Admin) Alias(r *http.Request, args *AliasArgs, reply *AliasReply) error {
+func (service *Admin) Alias(_ *http.Request, args *AliasArgs, reply *AliasReply) error {
 	service.log.Debug("Admin: Alias called with URL: %s, Alias: %s", args.Endpoint, args.Alias)
 	reply.Success = true
 	return service.httpServer.AddAliasesWithReadLock(args.Endpoint, args.Alias)
@@ -233,7 +251,7 @@ type StacktraceReply struct {
 }
 
 // Stacktrace returns the current global stacktrace
-func (service *Admin) Stacktrace(_ *http.Request, _ *StacktraceArgs, reply *StacktraceReply) error {
+func (service *Admin) Stacktrace(_ *http.Request, _ *struct{}, reply *StacktraceReply) error {
 	reply.Stacktrace = logging.Stacktrace{Global: true}.String()
 	return nil
 }

api/keystore/service.go

@@ -8,12 +8,14 @@ import (
 	"fmt"
 	"net/http"
 	"sync"
+	"testing"
 
 	"github.com/gorilla/rpc/v2"
 
 	"github.com/ava-labs/gecko/chains/atomic"
 	"github.com/ava-labs/gecko/database"
 	"github.com/ava-labs/gecko/database/encdb"
+	"github.com/ava-labs/gecko/database/memdb"
 	"github.com/ava-labs/gecko/database/prefixdb"
 	"github.com/ava-labs/gecko/ids"
 	"github.com/ava-labs/gecko/snow/engine/common"
@@ -29,8 +31,17 @@ const (
 	// maxUserPassLen is the maximum length of the username or password allowed
 	maxUserPassLen = 1024
 
-	// requiredPassScore defines the score a password must achieve to be accepted
-	// as a password with strong characteristics by the zxcvbn package
+	// maxCheckedPassLen limits the length of the password that should be
+	// strength checked.
+	//
+	// As per issue https://github.com/ava-labs/gecko/issues/195 it was found
+	// the longer the length of password the slower zxcvbn.PasswordStrength()
+	// performs. To avoid performance issues, and a DoS vector, we only check
+	// the first 50 characters of the password.
+	maxCheckedPassLen = 50
+
+	// requiredPassScore defines the score a password must achieve to be
+	// accepted as a password with strong characteristics by the zxcvbn package
 	//
 	// The scoring mechanism defined is as follows;
 	//
@@ -136,36 +147,10 @@ func (ks *Keystore) CreateUser(_ *http.Request, args *CreateUserArgs, reply *Cre
 	defer ks.lock.Unlock()
 
 	ks.log.Verbo("CreateUser called with %.*s", maxUserPassLen, args.Username)
-
-	if len(args.Username) > maxUserPassLen || len(args.Password) > maxUserPassLen {
-		return errUserPassMaxLength
-	}
-
-	if args.Username == "" {
-		return errEmptyUsername
-	}
-	if usr, err := ks.getUser(args.Username); err == nil || usr != nil {
-		return fmt.Errorf("user already exists: %s", args.Username)
-	}
-
-	if zxcvbn.PasswordStrength(args.Password, nil).Score < requiredPassScore {
-		return errWeakPassword
-	}
-
-	usr := &User{}
-	if err := usr.Initialize(args.Password); err != nil {
-		return err
-	}
-
-	usrBytes, err := ks.codec.Marshal(usr)
-	if err != nil {
+	if err := ks.AddUser(args.Username, args.Password); err != nil {
 		return err
 	}
 
-	if err := ks.userDB.Put([]byte(args.Username), usrBytes); err != nil {
-		return err
-	}
-	ks.users[args.Username] = usr
 	reply.Success = true
 	return nil
 }
@@ -266,6 +251,10 @@ func (ks *Keystore) ImportUser(r *http.Request, args *ImportUserArgs, reply *Imp
 
 	ks.log.Verbo("ImportUser called for %s", args.Username)
 
+	if args.Username == "" {
+		return errEmptyUsername
+	}
+
 	if usr, err := ks.getUser(args.Username); err == nil || usr != nil {
 		return fmt.Errorf("user already exists: %s", args.Username)
 	}
@@ -399,3 +388,51 @@ func (ks *Keystore) GetDatabase(bID ids.ID, username, password string) (database
 
 	return encDB, nil
 }
+
+// AddUser attempts to register this username and password as a new user of the
+// keystore.
+func (ks *Keystore) AddUser(username, password string) error {
+	if len(username) > maxUserPassLen || len(password) > maxUserPassLen {
+		return errUserPassMaxLength
+	}
+
+	if username == "" {
+		return errEmptyUsername
+	}
+	if usr, err := ks.getUser(username); err == nil || usr != nil {
+		return fmt.Errorf("user already exists: %s", username)
+	}
+
+	checkPass := password
+	if len(password) > maxCheckedPassLen {
+		checkPass = password[:maxCheckedPassLen]
+	}
+
+	if zxcvbn.PasswordStrength(checkPass, nil).Score < requiredPassScore {
+		return errWeakPassword
+	}
+
+	usr := &User{}
+	if err := usr.Initialize(password); err != nil {
+		return err
+	}
+
+	usrBytes, err := ks.codec.Marshal(usr)
+	if err != nil {
+		return err
+	}
+
+	if err := ks.userDB.Put([]byte(username), usrBytes); err != nil {
+		return err
+	}
+	ks.users[username] = usr
+
+	return nil
+}
+
+// CreateTestKeystore returns a new keystore that can be utilized for testing
+func CreateTestKeystore(t *testing.T) *Keystore {
+	ks := &Keystore{}
+	ks.Initialize(logging.NoLog{}, memdb.New())
+	return ks
+}