chore_: remove CLI option MEDIA_HTTPS

2024-11-20 21:42:56 +08:00 · 2024-11-20 21:42:56 +08:00 · ea5ccf1604
parent 11cf42bedd
commit ea5ccf1604
8 changed files with 94 additions and 60 deletions
--- a/3
+++ b/3
@ -152,10 +152,9 @@ status-backend: ##@build Build status-backend to run status-go as HTTP server
 status-backend: build/bin/status-backend

 run-status-backend: PORT ?= 0
-MEDIA_HTTPS ?= true
 run-status-backend: generate
 run-status-backend: ##@run Start status-backend server listening to localhost:PORT
-	go run ./cmd/status-backend --address localhost:${PORT} --media-https=${MEDIA_HTTPS}
+	go run ./cmd/status-backend --address localhost:${PORT}

 statusgo-cross: statusgo-android statusgo-ios
 	@echo "Full cross compilation done."
--- a/cmd/status-backend/main.go
+++ b/cmd/status-backend/main.go
@ -9,16 +9,14 @@ import (

 	"github.com/ethereum/go-ethereum/log"

-	backendServer "github.com/status-im/status-go/cmd/status-backend/server"
+	"github.com/status-im/status-go/cmd/status-backend/server"
 	"github.com/status-im/status-go/internal/version"
 	"github.com/status-im/status-go/logutils"
-	mediaServer "github.com/status-im/status-go/server"
 )

 var (
-	address       = flag.String("address", "", "host:port to listen")
-	useMediaHTTPS = flag.Bool("media-https", true, "use HTTPS for media server (default: true)")
-	logger        = log.New("package", "status-go/cmd/status-backend")
+	address = flag.String("address", "", "host:port to listen")
+	logger  = log.New("package", "status-go/cmd/status-backend")
 )

 func init() {
@ -36,9 +34,7 @@ func init() {
 func main() {
 	flag.Parse()

-	mediaServer.UseHTTP = !*useMediaHTTPS
-
-	srv := backendServer.NewServer()
+	srv := server.NewServer()
 	srv.Setup()

 	err := srv.Listen(*address)
--- a/mobile/status.go
+++ b/mobile/status.go
@ -84,9 +84,9 @@ func initializeApplication(requestJSON string) string {
 	providers.MixpanelAppID = request.MixpanelAppID
 	providers.MixpanelToken = request.MixpanelToken

-	datadir := request.DataDir
+	statusBackend.StatusNode().SetMediaServerEnableTLS(request.MediaServerEnableTLS)

-	statusBackend.UpdateRootDataDir(datadir)
+	statusBackend.UpdateRootDataDir(request.DataDir)
 	err = statusBackend.OpenAccounts()
 	if err != nil {
 		return makeJSONResponse(err)
--- a/node/get_status_node.go
+++ b/node/get_status_node.go
@ -88,7 +88,9 @@ type StatusNode struct {
 	rpcClient *rpc.Client        // reference to an RPC client

 	downloader *ipfs.Downloader
-	httpServer *server.MediaServer
+
+	mediaServerEnableTLS *bool
+	httpServer           *server.MediaServer

 	discovery discovery.Discovery
 	register  *peers.Register
@ -215,7 +217,11 @@ func (n *StatusNode) StartMediaServerWithoutDB() error {
 		}
 	}

-	httpServer, err := server.NewMediaServer(nil, nil, n.multiaccountsDB, nil)
+	var opts []server.MediaServerOption
+	if n.mediaServerEnableTLS != nil {
+		opts = append(opts, server.WithMediaServerDisableTLS(!*n.mediaServerEnableTLS))
+	}
+	httpServer, err := server.NewMediaServer(nil, nil, n.multiaccountsDB, nil, opts...)
 	if err != nil {
 		return err
 	}
@ -269,6 +275,10 @@ func (n *StatusNode) StartWithOptions(config *params.NodeConfig, options StartOp
 	return nil
 }

+func (n *StatusNode) SetMediaServerEnableTLS(enableTLS *bool) {
+	n.mediaServerEnableTLS = enableTLS
+}
+
 func (n *StatusNode) startWithDB(config *params.NodeConfig, accs *accounts.Manager, db *leveldb.DB) error {
 	if err := n.createNode(config, accs, db); err != nil {
 		return err
@ -287,7 +297,12 @@ func (n *StatusNode) startWithDB(config *params.NodeConfig, accs *accounts.Manag
 		}
 	}

-	httpServer, err := server.NewMediaServer(n.appDB, n.downloader, n.multiaccountsDB, n.walletDB)
+	var opts []server.MediaServerOption
+	if n.mediaServerEnableTLS != nil {
+		opts = append(opts, server.WithMediaServerDisableTLS(!*n.mediaServerEnableTLS))
+	}
+
+	httpServer, err := server.NewMediaServer(n.appDB, n.downloader, n.multiaccountsDB, n.walletDB, opts...)
 	if err != nil {
 		return err
 	}
--- a/protocol/requests/initialize_application.go
+++ b/protocol/requests/initialize_application.go
@ -12,6 +12,8 @@ type InitializeApplication struct {
 	DataDir       string `json:"dataDir"`
 	MixpanelAppID string `json:"mixpanelAppId"`
 	MixpanelToken string `json:"mixpanelToken"`
+	// MediaServerEnableTLS is optional, if not provided, media server will use TLS by default
+	MediaServerEnableTLS *bool `json:"mediaServerEnableTLS"`
 }

 func (i *InitializeApplication) Validate() error {
--- a/server/certs.go
+++ b/server/certs.go
@ -75,9 +75,9 @@ func GenerateTLSCert(notBefore, notAfter time.Time, IPAddresses []net.IP, DNSNam
 	return &finalCert, certPem, err
 }

-func generateMediaTLSCert() error {
+func generateMediaTLSCert() (*tls.Certificate, string, error) {
 	if globalMediaCertificate != nil {
-		return nil
+		return globalMediaCertificate, globalMediaPem, nil
 	}

 	now := time.Now()
@ -90,21 +90,21 @@ func generateMediaTLSCert() error {
 	)
 	finalCert, certPem, err := GenerateTLSCert(notBefore, notAfter, []net.IP{}, []string{Localhost})
 	if err != nil {
-		return err
+		return nil, "", err
 	}

 	globalMediaCertificate = finalCert
 	globalMediaPem = string(certPem)
-	return nil
+	return finalCert, globalMediaPem, nil
 }

 func PublicMediaTLSCert() (string, error) {
-	err := generateMediaTLSCert()
+	_, pem, err := generateMediaTLSCert()
 	if err != nil {
 		return "", err
 	}

-	return globalMediaPem, nil
+	return pem, nil
 }

 // ToECDSA takes a []byte of D and uses it to create an ecdsa.PublicKey on the elliptic.P256 curve
--- a/server/server.go
+++ b/server/server.go
@ -55,25 +55,26 @@ func (s *Server) mustGetHost() string {
 	return fmt.Sprintf("%s:%d", s.hostname, s.MustGetPort())
 }

+func (s *Server) createListener() (net.Listener, error) {
+	host := s.getHost()
+	if s.cert == nil {
+		// HTTP mode
+		return net.Listen("tcp", host)
+	}
+
+	// HTTPS mode
+	cfg := &tls.Config{
+		Certificates: []tls.Certificate{*s.cert},
+		ServerName:   s.hostname,
+		MinVersion:   tls.VersionTLS12,
+	}
+	return tls.Listen("tcp", host, cfg)
+}
+
 func (s *Server) listenAndServe() {
 	defer common.LogOnPanic()

-	var listener net.Listener
-	var err error
-
-	if s.cert != nil {
-		// HTTPS mode
-		cfg := &tls.Config{
-			Certificates: []tls.Certificate{*s.cert},
-			ServerName:   s.hostname,
-			MinVersion:   tls.VersionTLS12,
-		}
-		listener, err = tls.Listen("tcp", s.getHost(), cfg)
-	} else {
-		// HTTP mode
-		listener, err = net.Listen("tcp", s.getHost())
-	}
-
+	listener, err := s.createListener()
 	if err != nil {
 		s.logger.Error("failed to start server, retrying", zap.Error(err))
 		s.ResetPort()
--- a/server/server_media.go
+++ b/server/server_media.go
@ -14,13 +14,13 @@ import (
 	"github.com/status-im/status-go/signal"
 )

-var (
-	// UseHTTP controls whether the media server uses HTTP instead of HTTPS.
-	// Set to true to avoid TLS certificate issues with react-native-fast-image
-	// on Android, which has limitations with dynamic certificate updates.
-	// Pls check doc/use-status-backend-server.md in status-mobile for more details
-	UseHTTP = false
-)
+type MediaServerOption func(*MediaServer)
+
+func WithMediaServerDisableTLS(disableTLS bool) MediaServerOption {
+	return func(s *MediaServer) {
+		s.disableTLS = disableTLS
+	}
+}

 type MediaServer struct {
 	Server
@ -29,31 +29,52 @@ type MediaServer struct {
 	downloader      *ipfs.Downloader
 	multiaccountsDB *multiaccounts.Database
 	walletDB        *sql.DB
+
+	// disableTLS controls whether the media server uses HTTP instead of HTTPS.
+	// Set to true to avoid TLS certificate issues with react-native-fast-image
+	// on Android, which has limitations with dynamic certificate updates.
+	// Pls check doc/use-status-backend-server.md in status-mobile for more details
+	disableTLS bool
+}
+
+func initMediaCertificate(disableTLS bool) (*tls.Certificate, error) {
+	if disableTLS {
+		return nil, nil
+	}
+
+	cert, _, err := generateMediaTLSCert()
+	if err != nil {
+		return nil, err
+	}
+	return cert, nil
 }

 // NewMediaServer returns a *MediaServer
-func NewMediaServer(db *sql.DB, downloader *ipfs.Downloader, multiaccountsDB *multiaccounts.Database, walletDB *sql.DB) (*MediaServer, error) {
-	var cert *tls.Certificate
-	if !UseHTTP {
-		err := generateMediaTLSCert()
-		if err != nil {
-			return nil, err
-		}
-		cert = globalMediaCertificate
-	}
+func NewMediaServer(db *sql.DB, downloader *ipfs.Downloader, multiaccountsDB *multiaccounts.Database, walletDB *sql.DB, opts ...MediaServerOption) (*MediaServer, error) {

 	s := &MediaServer{
-		Server: NewServer(
-			cert,
-			Localhost,
-			signal.SendMediaServerStarted,
-			logutils.ZapLogger().Named("MediaServer"),
-		),
+		disableTLS:      false,
 		db:              db,
 		downloader:      downloader,
 		multiaccountsDB: multiaccountsDB,
 		walletDB:        walletDB,
 	}
+
+	for _, opt := range opts {
+		opt(s)
+	}
+
+	cert, err := initMediaCertificate(s.disableTLS)
+	if err != nil {
+		return nil, err
+	}
+	s.Server = NewServer(
+		cert,
+		Localhost,
+		signal.SendMediaServerStarted,
+		logutils.ZapLogger().Named("MediaServer"),
+	)
+
 	s.SetHandlers(HandlerPatternMap{
 		accountImagesPath:                   handleAccountImages(s.multiaccountsDB, s.logger),
 		accountInitialsPath:                 handleAccountInitials(s.multiaccountsDB, s.logger),
@ -80,7 +101,7 @@ func NewMediaServer(db *sql.DB, downloader *ipfs.Downloader, multiaccountsDB *mu

 func (s *MediaServer) MakeBaseURL() *url.URL {
 	return &url.URL{
-		Scheme: map[bool]string{true: "http", false: "https"}[UseHTTP],
+		Scheme: map[bool]string{true: "http", false: "https"}[s.disableTLS],
 		Host:   s.mustGetHost(),
 	}
 }