Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not possible to disable gRPC methods #5858

Closed
SWvheerden opened this issue Oct 23, 2023 · 1 comment
Closed

Not possible to disable gRPC methods #5858

SWvheerden opened this issue Oct 23, 2023 · 1 comment
Assignees
@hansieodendaal
Labels
release-blocker Something that needs to be fixed before a release can be made

Comments

@SWvheerden
Copy link
Collaborator

gRPC server is either enabled or disabled, with no way to filter which methods the
node or wallet operator wants to expose.
While this can be resolved by the use of a reverse-proxy, it is recommended that
the configuration exists to protect unaware operators. In particular, certain
methods should be disabled by default unless the operator explicitly requests
them, because they provide information about a node that in most cases should be
private, such as:

check_for_updates
get_version
list_connected_peers
get_sync_progress
get_network_status
get_peers

Add the capability to disable or enable gRPC methods. Disable methods that
provide internal information of the node by default.
@SWvheerden SWvheerden added the release-blocker Something that needs to be fixed before a release can be made label Oct 23, 2023
@hansieodendaal hansieodendaal self-assigned this Oct 30, 2023
@hansieodendaal hansieodendaal mentioned this issue Oct 30, 2023
Merged
4 tasks
@hansieodendaal
Copy link
Contributor

See #5886

SWvheerden pushed a commit that referenced this issue Nov 1, 2023
@hansieodendaal
feat: add config for grpc server methods (#5886)
a3d7cf7 
Description
---
Added configuration options for the base node's gRPC methods whereby
each method can be enabled or disabled with the startup-config settings.

Closing #5858

Some BloomRPC screenshots:


![image](https://github.com/tari-project/tari/assets/39146854/356cbe44-d3ff-46c8-9215-57e9f24da815)


![image](https://github.com/tari-project/tari/assets/39146854/8bf225b8-1b00-439b-96be-93c8040bf8d4)


Motivation and Context
---
See #5858

How Has This Been Tested?
---
- Pass existing unit tests
- Added unit test `fn it_deserializes_enums`
- Pass cucumber tests on CI
- Manual gRPC queries to the base node (with BloomRPC)

What process can a PR reviewer use to test or verify this change?
---
- Code walkthrough
- Manual gRPC queries to the base node

<!-- Checklist -->
<!-- 1. Is the title of your PR in the form that would make nice release
notes? The title, excluding the conventional commit
tag, will be included exactly as is in the CHANGELOG, so please think
about it carefully. -->


Breaking Changes
---

- [x] None
- [ ] Requires data directory on base node to be deleted
- [ ] Requires hard fork
- [ ] Other - Please specify

<!-- Does this include a breaking change? If so, include this line as a
footer -->
<!-- BREAKING CHANGE: Description what the user should do, e.g. delete a
database, resync the chain -->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hansieodendaal hansieodendaal

Labels
release-blocker Something that needs to be fixed before a release can be made
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SWvheerden @hansieodendaal