2023-06-02 02:44:24 +00:00
|
|
|
package preflight
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"crypto/tls"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"fmt"
|
|
|
|
|
"net"
|
|
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
|
|
|
|
"strconv"
|
2023-06-02 02:51:12 +00:00
|
|
|
"sync"
|
2023-06-02 02:44:24 +00:00
|
|
|
"time"
|
|
|
|
|
|
2023-09-11 12:19:26 +00:00
|
|
|
"github.com/status-im/status-go/server/pairing"
|
2023-11-07 01:51:15 +00:00
|
|
|
"github.com/status-im/status-go/timesource"
|
2023-09-11 12:19:26 +00:00
|
|
|
|
2023-06-02 10:32:58 +00:00
|
|
|
"go.uber.org/zap"
|
|
|
|
|
|
2023-06-02 02:44:24 +00:00
|
|
|
"github.com/status-im/status-go/logutils"
|
|
|
|
|
"github.com/status-im/status-go/protocol/common"
|
|
|
|
|
"github.com/status-im/status-go/server"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
outboundCheck = "/outbound_check"
|
|
|
|
|
headerPing = "ping"
|
|
|
|
|
headerPong = "pong"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func preflightHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
ping := r.Header.Get(headerPing)
|
|
|
|
|
if ping == "" {
|
|
|
|
|
http.Error(w, "no value in 'ping' header", http.StatusBadRequest)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Header().Set(headerPong, ping)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func makeCert(address net.IP) (*tls.Certificate, []byte, error) {
|
2023-11-13 19:06:32 +00:00
|
|
|
now := timesource.GetCurrentTime()
|
test_: Code Migration from status-cli-tests
author shashankshampi <shashank.sanket1995@gmail.com> 1729780155 +0530
committer shashankshampi <shashank.sanket1995@gmail.com> 1730274350 +0530
test: Code Migration from status-cli-tests
fix_: functional tests (#5979)
* fix_: generate on test-functional
* chore(test)_: fix functional test assertion
---------
Co-authored-by: Siddarth Kumar <siddarthkay@gmail.com>
feat(accounts)_: cherry-pick Persist acceptance of Terms of Use & Privacy policy (#5766) (#5977)
* feat(accounts)_: Persist acceptance of Terms of Use & Privacy policy (#5766)
The original GH issue https://github.com/status-im/status-mobile/issues/21113
came from a request from the Legal team. We must show to Status v1 users the new
terms (Terms of Use & Privacy Policy) right after they upgrade to Status v2
from the stores.
The solution we use is to create a flag in the accounts table, named
hasAcceptedTerms. The flag will be set to true on the first account ever
created in v2 and we provide a native call in mobile/status.go#AcceptTerms,
which allows the client to persist the user's choice in case they are upgrading
(from v1 -> v2, or from a v2 older than this PR).
This solution is not the best because we should store the setting in a separate
table, not in the accounts table.
Related Mobile PR https://github.com/status-im/status-mobile/pull/21124
* fix(test)_: Compare addresses using uppercased strings
---------
Co-authored-by: Icaro Motta <icaro.ldm@gmail.com>
test_: restore account (#5960)
feat_: `LogOnPanic` linter (#5969)
* feat_: LogOnPanic linter
* fix_: add missing defer LogOnPanic
* chore_: make vendor
* fix_: tests, address pr comments
* fix_: address pr comments
fix(ci)_: remove workspace and tmp dir
This ensures we do not encounter weird errors like:
```
+ ln -s /home/jenkins/workspace/go_prs_linux_x86_64_main_PR-5907 /home/jenkins/workspace/go_prs_linux_x86_64_main_PR-5907@tmp/go/src/github.com/status-im/status-go
ln: failed to create symbolic link '/home/jenkins/workspace/go_prs_linux_x86_64_main_PR-5907@tmp/go/src/github.com/status-im/status-go': File exists
script returned exit code 1
```
Signed-off-by: Jakub Sokołowski <jakub@status.im>
chore_: enable windows and macos CI build (#5840)
- Added support for Windows and macOS in CI pipelines
- Added missing dependencies for Windows and x86-64-darwin
- Resolved macOS SDK version compatibility for darwin-x86_64
The `mkShell` override was necessary to ensure compatibility with the newer
macOS SDK (version 11.0) for x86_64. The default SDK (10.12) was causing build failures
because of the missing libs and frameworks. OverrideSDK creates a mapping from
the default SDK in all package categories to the requested SDK (11.0).
fix(contacts)_: fix trust status not being saved to cache when changed (#5965)
Fixes https://github.com/status-im/status-desktop/issues/16392
cleanup
added logger and cleanup
review comments changes
fix_: functional tests (#5979)
* fix_: generate on test-functional
* chore(test)_: fix functional test assertion
---------
Co-authored-by: Siddarth Kumar <siddarthkay@gmail.com>
feat(accounts)_: cherry-pick Persist acceptance of Terms of Use & Privacy policy (#5766) (#5977)
* feat(accounts)_: Persist acceptance of Terms of Use & Privacy policy (#5766)
The original GH issue https://github.com/status-im/status-mobile/issues/21113
came from a request from the Legal team. We must show to Status v1 users the new
terms (Terms of Use & Privacy Policy) right after they upgrade to Status v2
from the stores.
The solution we use is to create a flag in the accounts table, named
hasAcceptedTerms. The flag will be set to true on the first account ever
created in v2 and we provide a native call in mobile/status.go#AcceptTerms,
which allows the client to persist the user's choice in case they are upgrading
(from v1 -> v2, or from a v2 older than this PR).
This solution is not the best because we should store the setting in a separate
table, not in the accounts table.
Related Mobile PR https://github.com/status-im/status-mobile/pull/21124
* fix(test)_: Compare addresses using uppercased strings
---------
Co-authored-by: Icaro Motta <icaro.ldm@gmail.com>
test_: restore account (#5960)
feat_: `LogOnPanic` linter (#5969)
* feat_: LogOnPanic linter
* fix_: add missing defer LogOnPanic
* chore_: make vendor
* fix_: tests, address pr comments
* fix_: address pr comments
chore_: enable windows and macos CI build (#5840)
- Added support for Windows and macOS in CI pipelines
- Added missing dependencies for Windows and x86-64-darwin
- Resolved macOS SDK version compatibility for darwin-x86_64
The `mkShell` override was necessary to ensure compatibility with the newer
macOS SDK (version 11.0) for x86_64. The default SDK (10.12) was causing build failures
because of the missing libs and frameworks. OverrideSDK creates a mapping from
the default SDK in all package categories to the requested SDK (11.0).
fix(contacts)_: fix trust status not being saved to cache when changed (#5965)
Fixes https://github.com/status-im/status-desktop/issues/16392
test_: remove port bind
chore(wallet)_: move route execution code to separate module
chore_: replace geth logger with zap logger (#5962)
closes: #6002
feat(telemetry)_: add metrics for message reliability (#5899)
* feat(telemetry)_: track message reliability
Add metrics for dial errors, missed messages,
missed relevant messages, and confirmed delivery.
* fix_: handle error from json marshal
chore_: use zap logger as request logger
iterates: status-im/status-desktop#16536
test_: unique project per run
test_: use docker compose v2, more concrete project name
fix(codecov)_: ignore folders without tests
Otherwise Codecov reports incorrect numbers when making changes.
https://docs.codecov.com/docs/ignoring-paths
Signed-off-by: Jakub Sokołowski <jakub@status.im>
test_: verify schema of signals during init; fix schema verification warnings (#5947)
fix_: update defaultGorushURL (#6011)
fix(tests)_: use non-standard port to avoid conflicts
We have observed `nimbus-eth2` build failures reporting this port:
```json
{
"lvl": "NTC",
"ts": "2024-10-28 13:51:32.308+00:00",
"msg": "REST HTTP server could not be started",
"topics": "beacnde",
"address": "127.0.0.1:5432",
"reason": "(98) Address already in use"
}
```
https://ci.status.im/job/nimbus-eth2/job/platforms/job/linux/job/x86_64/job/main/job/PR-6683/3/
Signed-off-by: Jakub Sokołowski <jakub@status.im>
fix_: create request logger ad-hoc in tests
Fixes `TestCall` failing when run concurrently.
chore_: configure codecov (#6005)
* chore_: configure codecov
* fix_: after_n_builds
2024-10-24 14:29:15 +00:00
|
|
|
logutils.ZapLogger().Debug("makeCert",
|
|
|
|
|
logutils.UnixTimeMs("system time", time.Now()),
|
|
|
|
|
logutils.UnixTimeMs("timesource time", now),
|
|
|
|
|
)
|
2023-09-11 12:19:26 +00:00
|
|
|
notBefore := now.Add(-pairing.CertificateMaxClockDrift)
|
|
|
|
|
notAfter := now.Add(pairing.CertificateMaxClockDrift)
|
2023-08-22 16:18:14 +00:00
|
|
|
return server.GenerateTLSCert(notBefore, notAfter, []net.IP{address}, []string{})
|
2023-06-02 02:44:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func makeAndStartServer(cert *tls.Certificate, address net.IP) (string, func() error, error) {
|
2023-06-02 02:51:12 +00:00
|
|
|
wg := sync.WaitGroup{}
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
waitForPortSet := func(int) {
|
|
|
|
|
wg.Done()
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-02 02:44:24 +00:00
|
|
|
s := server.NewServer(
|
|
|
|
|
cert,
|
|
|
|
|
address.String(),
|
2023-06-02 02:51:12 +00:00
|
|
|
waitForPortSet,
|
2023-06-02 02:44:24 +00:00
|
|
|
logutils.ZapLogger().Named("Preflight Server"),
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
s.SetHandlers(server.HandlerPatternMap{outboundCheck: preflightHandler})
|
|
|
|
|
err := s.Start()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-02 02:51:12 +00:00
|
|
|
wg.Wait()
|
2023-06-02 02:44:24 +00:00
|
|
|
return s.GetHostname() + ":" + strconv.Itoa(s.GetPort()), s.Stop, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func makeClient(certPem []byte) (*http.Client, error) {
|
|
|
|
|
rootCAs, err := x509.SystemCertPool()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if ok := rootCAs.AppendCertsFromPEM(certPem); !ok {
|
|
|
|
|
return nil, fmt.Errorf("failed to append certPem to rootCAs")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tr := &http.Transport{
|
|
|
|
|
TLSClientConfig: &tls.Config{
|
|
|
|
|
MinVersion: tls.VersionTLS12,
|
|
|
|
|
InsecureSkipVerify: false, // MUST BE FALSE
|
|
|
|
|
RootCAs: rootCAs,
|
2023-11-13 19:06:32 +00:00
|
|
|
Time: timesource.GetCurrentTime,
|
2023-06-02 02:44:24 +00:00
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &http.Client{Transport: tr}, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func makeOutboundCheck(c *http.Client, host string) error {
|
|
|
|
|
u := url.URL{
|
|
|
|
|
Scheme: "https",
|
|
|
|
|
Host: host,
|
|
|
|
|
Path: outboundCheck,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
req, err := http.NewRequest("GET", u.String(), nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ping, err := common.RandomAlphanumericString(64)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
req.Header.Set(headerPing, ping)
|
|
|
|
|
|
|
|
|
|
resp, err := c.Do(req)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if resp.StatusCode != http.StatusOK {
|
|
|
|
|
return fmt.Errorf("response status not ok, received '%d' : '%s'", resp.StatusCode, resp.Status)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pong := resp.Header.Get(headerPong)
|
|
|
|
|
if pong != ping {
|
|
|
|
|
return fmt.Errorf("ping should match pong: ping '%s', pong '%s'", ping, pong)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func CheckOutbound() error {
|
|
|
|
|
// cert stuff
|
|
|
|
|
outboundIP, err := server.GetOutboundIP()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cert, certPem, err := makeCert(outboundIP)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// server stuff
|
|
|
|
|
host, stop, err := makeAndStartServer(cert, outboundIP)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer func() {
|
2023-06-02 10:32:58 +00:00
|
|
|
err := stop()
|
|
|
|
|
if err != nil {
|
|
|
|
|
logutils.ZapLogger().Error("error while stopping preflight serve", zap.Error(err))
|
|
|
|
|
}
|
2023-06-02 02:44:24 +00:00
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
// Client stuff
|
|
|
|
|
c, err := makeClient(certPem)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return makeOutboundCheck(c, host)
|
|
|
|
|
}
|
