/root/bitcoin/src/httpserver.cpp

Source
// Copyright (c) 2015-present The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <bitcoin-build-config.h> // IWYU pragma: keep

#include <httpserver.h>

#include <chainparamsbase.h>
#include <common/args.h>
#include <common/messages.h>
#include <common/url.h>
#include <compat/compat.h>
#include <logging.h>
#include <netbase.h>
#include <node/interface_ui.h>
#include <rpc/protocol.h>
#include <span.h>
#include <sync.h>
#include <util/check.h>
#include <util/signalinterrupt.h>
#include <util/sock.h>
#include <util/strencodings.h>
#include <util/thread.h>
#include <util/threadnames.h>
#include <util/threadpool.h>
#include <util/time.h>
#include <util/translation.h>

#include <condition_variable>
#include <cstdio>
#include <cstdlib>
#include <deque>
#include <memory>
#include <optional>
#include <span>
#include <string>
#include <thread>
#include <unordered_map>
#include <vector>

#include <sys/types.h>
#include <sys/stat.h>

//! The set of sockets cannot be modified while waiting, so
//! the sleep time needs to be small to avoid new sockets stalling.
static constexpr auto SELECT_TIMEOUT{50ms};

//! Explicit alias for setting socket option methods.
static constexpr int SOCKET_OPTION_TRUE{1};

using common::InvalidPortErrMsg;
using http_bitcoin::HTTPRequest;

struct HTTPPathHandler
{
    HTTPPathHandler(std::string _prefix, bool _exactMatch, HTTPRequestHandler _handler):
        prefix(_prefix), exactMatch(_exactMatch), handler(_handler)
    {
    }
    std::string prefix;
    bool exactMatch;
    HTTPRequestHandler handler;
};

/** HTTP module state */

static std::unique_ptr<http_bitcoin::HTTPServer> g_http_server{nullptr};
//! List of subnets to allow RPC connections from
static std::vector<CSubNet> rpc_allow_subnets;
//! Handlers for (sub)paths
static GlobalMutex g_httppathhandlers_mutex;
static std::vector<HTTPPathHandler> pathHandlers GUARDED_BY(g_httppathhandlers_mutex);
//! Http thread pool - future: encapsulate in HttpContext
static ThreadPool g_threadpool_http("http");
static int g_max_queue_depth{100};

/** Check if a network address is allowed to access the HTTP server */
static bool ClientAllowed(const CNetAddr& netaddr)
{
    if (!netaddr.IsValid())
        return false;
    for(const CSubNet& subnet : rpc_allow_subnets)
        if (subnet.Match(netaddr))
            return true;
    return false;
}

/** Initialize ACL list for HTTP server */
static bool InitHTTPAllowList()
{
    rpc_allow_subnets.clear();
    rpc_allow_subnets.emplace_back(LookupHost("127.0.0.1", false).value(), 8);  // always allow IPv4 local subnet
    rpc_allow_subnets.emplace_back(LookupHost("::1", false).value());  // always allow IPv6 localhost
    for (const std::string& strAllow : gArgs.GetArgs("-rpcallowip")) {
        const CSubNet subnet{LookupSubNet(strAllow)};
        if (!subnet.IsValid()) {
            uiInterface.ThreadSafeMessageBox(
#define strprintf tfm::format
                CClientUIInterface::MSG_ERROR);
            return false;
        }
        rpc_allow_subnets.push_back(subnet);
    }
    std::string strAllowed;
    for (const CSubNet& subnet : rpc_allow_subnets)
        strAllowed += subnet.ToString() + " ";
    } while (0)
    return true;
}

/** HTTP request method as string - use for logging only */
std::string_view RequestMethodString(HTTPRequestMethod m)
{
    switch (m) {
        using enum HTTPRequestMethod;
        case GET: return "GET";
        case POST: return "POST";
        case HEAD: return "HEAD";
        case PUT: return "PUT";
        case UNKNOWN: return "unknown";
    } // no default case, so the compiler can warn about missing cases
    assert(false);
}

static void MaybeDispatchRequestToWorker(std::shared_ptr<HTTPRequest> hreq)
{
    // Early address-based allow check
    if (!ClientAllowed(hreq->GetPeer())) {
    } while (0)
                 hreq->GetPeer().ToStringAddrPort());
        hreq->WriteReply(HTTP_FORBIDDEN);
        return;
    }

    // Early reject unknown HTTP methods
    if (hreq->GetRequestMethod() == HTTPRequestMethod::UNKNOWN) {
    } while (0)
                 hreq->GetPeer().ToStringAddrPort());
        hreq->WriteReply(HTTP_BAD_METHOD);
        return;
    }

    // Find registered handler for prefix
    std::string strURI = hreq->GetURI();
    std::string path;
#define PASTE(x, y) x ## y
    std::vector<HTTPPathHandler>::const_iterator i = pathHandlers.begin();
    std::vector<HTTPPathHandler>::const_iterator iend = pathHandlers.end();
    for (; i != iend; ++i) {
        bool match = false;
        if (i->exactMatch)
            match = (strURI == i->prefix);
        else
            match = strURI.starts_with(i->prefix);
        if (match) {
            path = strURI.substr(i->prefix.size());
            break;
        }
    }

    // Dispatch to worker thread
    if (i != iend) {
        if (static_cast<int>(g_threadpool_http.WorkQueueSize()) >= g_max_queue_depth) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
            hreq->WriteReply(HTTP_SERVICE_UNAVAILABLE, "Work queue depth exceeded");
            return;
        }

        auto item = [req = hreq, in_path = std::move(path), fn = i->handler]() {
            std::string err_msg;
            try {
                fn(req.get(), in_path);
                return;
            } catch (const std::exception& e) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
                err_msg = e.what();
            } catch (...) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
                err_msg = "unknown error";
            }
            // Reply so the client doesn't hang waiting for the response.
            req->WriteHeader("Connection", "close");
            // TODO: Implement specific error formatting for the REST and JSON-RPC servers responses.
            req->WriteReply(HTTP_INTERNAL_SERVER_ERROR, err_msg);
        };

        if (auto res = g_threadpool_http.Submit(std::move(item)); !res.has_value()) {
#define Assume(val) inline_assertion_check<false>(val, std::source_location::current(), #val)
            // Both SubmitError::Inactive and SubmitError::Interrupted mean shutdown
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
            hreq->WriteReply(HTTP_SERVICE_UNAVAILABLE, "Request rejected during server shutdown");
            return;
        }
    } else {
        hreq->WriteReply(HTTP_NOT_FOUND);
    }
}

static void RejectRequest(std::unique_ptr<http_bitcoin::HTTPRequest> hreq)
{
    } while (0)
    hreq->WriteReply(HTTP_SERVICE_UNAVAILABLE);
}

static std::vector<std::pair<std::string, uint16_t>> GetBindAddresses()
{
    uint16_t http_port{static_cast<uint16_t>(gArgs.GetIntArg("-rpcport", BaseParams().RPCPort()))};
    std::vector<std::pair<std::string, uint16_t>> endpoints;

    // Determine what addresses to bind to
    // To prevent misconfiguration and accidental exposure of the RPC
    // interface, require -rpcallowip and -rpcbind to both be specified
    // together. If either is missing, ignore both values, bind to localhost
    // instead, and log warnings.
    if (gArgs.GetArgs("-rpcallowip").empty() || gArgs.GetArgs("-rpcbind").empty()) { // Default to loopback if not allowing external IPs
        endpoints.emplace_back("::1", http_port);
        endpoints.emplace_back("127.0.0.1", http_port);
        if (!gArgs.GetArgs("-rpcallowip").empty()) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
        }
        if (!gArgs.GetArgs("-rpcbind").empty()) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
        }
    } else { // Specific bind addresses
        for (const std::string& strRPCBind : gArgs.GetArgs("-rpcbind")) {
            uint16_t port{http_port};
            std::string host;
            if (!SplitHostPort(strRPCBind, port, host)) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
                return {}; // empty
            }
            endpoints.emplace_back(host, port);
        }
    }
    return endpoints;
}

void RegisterHTTPHandler(const std::string &prefix, bool exactMatch, const HTTPRequestHandler &handler)
{
    } while (0)
#define PASTE(x, y) x ## y
    pathHandlers.emplace_back(prefix, exactMatch, handler);
}

void UnregisterHTTPHandler(const std::string &prefix, bool exactMatch)
{
#define PASTE(x, y) x ## y
    std::vector<HTTPPathHandler>::iterator i = pathHandlers.begin();
    std::vector<HTTPPathHandler>::iterator iend = pathHandlers.end();
    for (; i != iend; ++i)
        if (i->prefix == prefix && i->exactMatch == exactMatch)
            break;
    if (i != iend)
    {
    } while (0)
        pathHandlers.erase(i);
    }
}

namespace http_bitcoin {
using util::Split;

std::optional<std::string> HTTPHeaders::FindFirst(const std::string_view key) const
{
    for (const auto& item : m_headers) {
        if (CaseInsensitiveEqual(key, item.first)) {
            return item.second;
        }
    }
    return std::nullopt;
}

void HTTPHeaders::Write(std::string&& key, std::string&& value)
{
    m_headers.emplace_back(std::move(key), std::move(value));
}

void HTTPHeaders::RemoveAll(std::string_view key)
{
    auto moved = std::ranges::remove_if(m_headers, [key] (auto& pair) {
        return CaseInsensitiveEqual(key, pair.first);
    });
    m_headers.erase(moved.begin(), moved.end());
}

bool HTTPHeaders::Read(util::LineReader& reader)
{
    // Headers https://httpwg.org/specs/rfc9110.html#rfc.section.6.3
    // A sequence of Field Lines https://httpwg.org/specs/rfc9110.html#rfc.section.5.2
    while (auto maybe_line = reader.ReadLine()) {
        if (reader.Consumed() > MAX_HEADERS_SIZE) throw std::runtime_error("HTTP headers exceed size limit")0;

        const std::string& line = *maybe_line;

        // An empty line indicates end of the headers section https://www.rfc-editor.org/rfc/rfc2616#section-4
        if (line.empty()) return true12.4k;

        // Header line must have at least one ":"
        // keys are not allowed to have delimiters like ":" but values are
        // https://httpwg.org/specs/rfc9110.html#rfc.section.5.6.2
        const size_t pos{line.find(':')};
        if (pos == std::string::npos) throw std::runtime_error("HTTP header missing colon (:)")2.48k;

        // Whitespace is optional
        std::string key = util::TrimString(std::string_view(line).substr(0, pos));
        std::string value = util::TrimString(std::string_view(line).substr(pos + 1));

        // Header keys are Field Names: https://httpwg.org/specs/rfc9110.html#fields.names
        // which consist of "tokens": https://httpwg.org/specs/rfc9110.html#rfc.section.5.6.2
        // that can not be empty.
        if (key.empty()) throw std::runtime_error("Empty HTTP header name")954;

        Write(std::move(key), std::move(value));
    }

    return false;
}

std::string HTTPHeaders::Stringify() const
{
    std::string out;
    for (const auto& [key, value] : m_headers) {
        out += key + ": " + value + "\r\n";
    }

    // Headers are terminated by an empty line
    out += "\r\n";

    return out;
}

std::string HTTPResponse::StringifyHeaders() const
{
#define strprintf tfm::format
}

bool HTTPRequest::LoadControlData(LineReader& reader)
{
    auto maybe_line = reader.ReadLine();
    if (!maybe_line) return false102;
    const std::string& request_line = *maybe_line;

    // Request Line aka Control Data https://httpwg.org/specs/rfc9110.html#rfc.section.6.2
    // Three words separated by spaces, terminated by \n or \r\n
    if (request_line.length() < MIN_REQUEST_LINE_LENGTH) throw std::runtime_error("HTTP request line too short")70;

    const std::vector<std::string_view> parts{Split<std::string_view>(request_line, " ")};
    if (parts.size() != 3) throw std::runtime_error("HTTP request line malformed")239;

    if (parts[0] == "GET") {
        m_method = HTTPRequestMethod::GET;
    } else if (parts[0] == "POST") {
        m_method = HTTPRequestMethod::POST;
    } else if (parts[0] == "HEAD") {
        m_method = HTTPRequestMethod::HEAD;
    } else if (parts[0] == "PUT") {
        m_method = HTTPRequestMethod::PUT;
    } else {
        m_method = HTTPRequestMethod::UNKNOWN;
    }

    m_target = parts[1];

    if (parts[2].rfind("HTTP/") != 0) throw std::runtime_error("HTTP request line malformed")46;

    // Version is exactly two decimal digits separated by a decimal point
    // https://httpwg.org/specs/rfc9110.html#rfc.section.2.5
    const std::vector<std::string_view> version_parts{Split<std::string_view>(parts[2].substr(5), ".")};
    if (version_parts.size() != 2) throw std::runtime_error("HTTP request line malformed")370;
    auto major = ToIntegral<uint8_t>(version_parts[0]);
    auto minor = ToIntegral<uint8_t>(version_parts[1]);
    if (!major || !minor23.9k || major > 123.8k || minor > 923.8k) throw std::runtime_error("HTTP bad version")250;
    m_version_major = major.value();
    m_version_minor = minor.value();

    return true;
}

bool HTTPRequest::LoadHeaders(LineReader& reader)
{
    return m_headers.Read(reader);
}

bool HTTPRequest::LoadBody(LineReader& reader)
{
    // https://httpwg.org/specs/rfc9112.html#message.body
    auto transfer_encoding_header = m_headers.FindFirst("Transfer-Encoding");
    if (transfer_encoding_header && ToLower(transfer_encoding_header.value()) == "chunked"0) {
        // Transfer-Encoding: https://datatracker.ietf.org/doc/html/rfc7230.html#section-3.3.1
        // Chunked Transfer Coding: https://datatracker.ietf.org/doc/html/rfc7230.html#section-4.1
        // see evhttp_handle_chunked_read() in libevent http.c
        while (reader.Remaining() > 0) {
            auto maybe_chunk_size = reader.ReadLine();
            if (!maybe_chunk_size) return false;

            // Allow (but ignore) Chunk Extensions
            // See https://www.rfc-editor.org/rfc/rfc9112.html#name-chunk-extensions
            std::string_view chunk_size_noext{maybe_chunk_size.value()};
            const auto semicolon_pos = chunk_size_noext.find(';');
            if (semicolon_pos != chunk_size_noext.npos) {
                chunk_size_noext.remove_suffix(chunk_size_noext.size() - semicolon_pos);
            }

            const auto chunk_size{ToIntegral<uint64_t>(util::TrimStringView(chunk_size_noext), /*base=*/16)};
            if (!chunk_size) throw std::runtime_error("Cannot parse chunk length value");

            if (*chunk_size + m_body.size() > MAX_SIZE) throw std::runtime_error("Chunk will exceed max body size");

            bool last_chunk{*chunk_size == 0};
            if (!last_chunk) {
                // We are still expecting more data for this chunk
                if (reader.Remaining() < *chunk_size) {
                    return false;
                }
                // Pack chunk onto body
                m_body += reader.ReadLength(*chunk_size);
            } else {
                // Allow (but ignore) Chunked Trailer section, by
                // reading CRLF-terminated lines until we read an empty line,
                // which indicates the end of this request.
                // See https://httpwg.org/specs/rfc9112.html#rfc.section.7.1.2
                while (!reader.ReadLine().value().empty()) {}
                // Complete request has been parsed, reader is now pointing
                // to beginning of next request or end of the buffer.
                return true;
            }

            // Even though every chunk size is explicitly declared,
            // they are still terminated by a CRLF we don't need.
            auto crlf = reader.ReadLine();
            if (!crlf || !crlf.value().empty()) throw std::runtime_error("Improperly terminated chunk");
        }

        // We read all the chunks but never got the last chunk, wait for client to send more
        return false;
    } else {
        // No Content-length or Transfer-Encoding header means no body, see libevent evhttp_get_body()
        auto content_length_value{m_headers.FindFirst("Content-Length")};
        if (!content_length_value) return true;

        const auto content_length{ToIntegral<uint64_t>(content_length_value.value())};
        if (!content_length) throw std::runtime_error("Cannot parse Content-Length value");

        // Not enough data in buffer for expected body
        if (reader.Remaining() < *content_length) return false;

        if (*content_length > MAX_SIZE) throw std::runtime_error("Max body size exceeded");

        m_body = reader.ReadLength(*content_length);

        return true;
    }
}

void HTTPRequest::WriteReply(HTTPStatusCode status, std::span<const std::byte> reply_body)
{
    HTTPResponse res;

    // Some response headers are determined in advance and stored in the request
    res.m_headers = std::move(m_response_headers);

    // Response version matches request version
    res.m_version_major = m_version_major;
    res.m_version_minor = m_version_minor;

    // Add response code and look up reason string
    res.m_status = status;
    res.m_reason = HTTPStatusReasonString(status);

    // See libevent evhttp_response_needs_body()
    // Response headers are different if no body is needed
    bool needs_body{status != HTTP_NO_CONTENT && (status < 100 || status >= 200)};

    // See libevent evhttp_make_header_response()
    // Expected response headers depend on protocol version
    if (m_version_major == 1) {
        // HTTP/1.0
        if (m_version_minor == 0) {
            auto connection_header{m_headers.FindFirst("Connection")};
            if (connection_header && ToLower(connection_header.value()) == "keep-alive") {
                res.m_headers.Write("Connection", "keep-alive");
                res.m_keep_alive = true;
            }
        }

        // HTTP/1.1
        if (m_version_minor >= 1) {
            const int64_t now_seconds{TicksSinceEpoch<std::chrono::seconds>(NodeClock::now())};
            res.m_headers.Write("Date", FormatRFC1123DateTime(now_seconds));

            if (needs_body) {
#define strprintf tfm::format
            }

            // Default for HTTP/1.1
            res.m_keep_alive = true;
        }
    }

    if (needs_body && !res.m_headers.FindFirst("Content-Type")) {
        // Default type from libevent evhttp_new_object()
        res.m_headers.Write("Content-Type", "text/html; charset=ISO-8859-1");
    }

    auto connection_header{m_headers.FindFirst("Connection")};
    if (connection_header && ToLower(connection_header.value()) == "close") {
        // Might not exist already but we need to replace it, not append to it
        res.m_headers.RemoveAll("Connection");

        res.m_headers.Write("Connection", "close");
        res.m_keep_alive = false;
    }

    m_client->m_keep_alive = res.m_keep_alive;

    // Serialize the response headers
    const std::string headers{res.StringifyHeaders()};
    const auto headers_bytes{std::as_bytes(std::span{headers})};

    bool send_buffer_was_empty{false};
    // Fill the send buffer with the complete serialized response headers + body
    {
#define PASTE(x, y) x ## y
        send_buffer_was_empty = m_client->m_send_buffer.empty();
        m_client->m_send_buffer.insert(m_client->m_send_buffer.end(), headers_bytes.begin(), headers_bytes.end());

        // We've been using std::span up until now but it is finally time to copy
        // data. The original data will go out of scope when WriteReply() returns.
        // This is analogous to the memcpy() in libevent's evbuffer_add()
        m_client->m_send_buffer.insert(m_client->m_send_buffer.end(), reply_body.begin(), reply_body.end());
    }

    } while (0)
        BCLog::HTTP,
        "HTTPResponse (status code: %d size: %lld) added to send buffer for client %s (id=%lld)",
        status,
        headers_bytes.size() + reply_body.size(),
        m_client->m_origin,
        m_client->m_id);

    // If the send buffer was empty before we wrote this reply, we can try an
    // optimistic send akin to CConnman::PushMessage() in which we
    // push the data directly out the socket to client right now, instead
    // of waiting for the next iteration of the I/O loop.
    if (send_buffer_was_empty) {
        m_client->MaybeSendBytesFromBuffer();
    } else {
        // Inform HTTPServer I/O that data is ready to be sent to this client
        // in the next loop iteration.
        m_client->m_send_ready = true;
    }

    // Signal to the I/O loop that we are ready to handle the next request.
    m_client->m_req_busy = false;
}

CService HTTPRequest::GetPeer() const
{
    return m_client->m_addr;
}

std::optional<std::string> HTTPRequest::GetQueryParameter(const std::string_view key) const
{
    return GetQueryParameterFromUri(GetURI(), key);
}

// See libevent http.c evhttp_parse_query_impl()
// and https://www.rfc-editor.org/rfc/rfc3986#section-3.4
std::optional<std::string> GetQueryParameterFromUri(const std::string_view uri, const std::string_view key)
{
    // Handle %XX encoding
    std::string decoded_uri{UrlDecode(uri)};

    // find query in URI
    size_t start = decoded_uri.find('?');
    if (start == std::string::npos) return std::nullopt;
    size_t end = decoded_uri.find('#', start);
    if (end == std::string::npos) {
        end = decoded_uri.length();
    }
    const std::string_view query{decoded_uri.data() + start + 1, end - start - 1};
    // find requested parameter in query
    const std::vector<std::string_view> params{Split<std::string_view>(query, "&")};
    for (const std::string_view& param : params) {
        size_t delim = param.find('=');
        if (key == param.substr(0, delim)) {
            if (delim == std::string::npos) {
                return "";
            } else {
                return std::string(param.substr(delim + 1));
            }
        }
    }
    return std::nullopt;
}

std::pair<bool, std::string> HTTPRequest::GetHeader(const std::string_view hdr) const
{
    std::optional<std::string> found{m_headers.FindFirst(hdr)};
    return std::pair{found.has_value(), std::move(found).value_or("")};
}

void HTTPRequest::WriteHeader(std::string&& hdr, std::string&& value)
{
    m_response_headers.Write(std::move(hdr), std::move(value));
}

util::Expected<void, std::string> HTTPServer::BindAndStartListening(const CService& to)
{
    // Create socket for listening for incoming connections
    sockaddr_storage storage;
    auto sa = reinterpret_cast<sockaddr*>(&storage);
    socklen_t len{sizeof(storage)};
    if (!to.GetSockAddr(sa, &len)) {
#define strprintf tfm::format
    }

    std::unique_ptr<Sock> sock{CreateSock(to.GetSAFamily(), SOCK_STREAM, IPPROTO_TCP)};
    if (!sock) {
#define strprintf tfm::format
                                          to.ToStringAddrPort(),
#define WSAGetLastError()   errno
    }

    int socket_option_true{1};

    // Allow binding if the port is still in TIME_WAIT state after
    // the program was closed and restarted.
#define SOCKET_ERROR        -1
    } while (0)
                 "Cannot set SO_REUSEADDR on %s listen socket: %s, continuing anyway",
                 to.ToStringAddrPort(),
                 NetworkErrorString(WSAGetLastError()));
    }

    // some systems don't have IPV6_V6ONLY but are always v6only; others do have the option
    // and enable it by default or not. Try to enable it, if possible.
    if (to.IsIPv6()) {
#ifdef IPV6_V6ONLY
#define SOCKET_ERROR        -1
    } while (0)
                     "Cannot set IPV6_V6ONLY on %s listen socket: %s, continuing anyway",
                     to.ToStringAddrPort(),
                     NetworkErrorString(WSAGetLastError()));
        }
#endif
#ifdef WIN32
        int prot_level{PROTECTION_LEVEL_UNRESTRICTED};
        if (sock->SetSockOpt(IPPROTO_IPV6,
                             IPV6_PROTECTION_LEVEL,
                             &prot_level,
                             sizeof(prot_level)) == SOCKET_ERROR) {
            LogDebug(BCLog::HTTP,
                     "Cannot set IPV6_PROTECTION_LEVEL on %s listen socket: %s, continuing anyway",
                     to.ToStringAddrPort(),
                     NetworkErrorString(WSAGetLastError()));
        }
#endif
    }

#define SOCKET_ERROR        -1
#define WSAGetLastError()   errno
#define WSAEADDRINUSE       EADDRINUSE
#define strprintf tfm::format
                                              to.ToStringAddrPort(),
#define CLIENT_NAME "Bitcoin Core"
        } else {
#define strprintf tfm::format
                                              to.ToStringAddrPort(),
                                              NetworkErrorString(err))};
        }
    }

    // Listen for incoming connections
#define SOCKET_ERROR        -1
#define strprintf tfm::format
                                          to.ToStringAddrPort(),
#define WSAGetLastError()   errno
    }

    m_listen.emplace_back(std::move(sock));

    return {};
}

void HTTPServer::StopListening()
{
    m_listen.clear();
}

void HTTPServer::StartSocketsThreads()
{
    m_thread_socket_handler = std::thread(&util::TraceThread,
                                          "http",
                                          [this] { ThreadSocketHandler(); });
}

void HTTPServer::JoinSocketsThreads()
{
    if (m_thread_socket_handler.joinable()) {
        m_thread_socket_handler.join();
    }
}

std::unique_ptr<Sock> HTTPServer::AcceptConnection(const Sock& listen_sock, CService& addr)
{
    // Make sure we only operate on our own listening sockets
#define Assume(val) inline_assertion_check<false>(val, std::source_location::current(), #val)

    sockaddr_storage storage;
    socklen_t len{sizeof(storage)};
    auto sa = reinterpret_cast<sockaddr*>(&storage);

    auto sock{listen_sock.Accept(sa, &len)};

    if (!sock) {
#define WSAGetLastError()   errno
#define WSAEWOULDBLOCK      EWOULDBLOCK
    } while (0)
                     "Cannot accept new connection: %s",
                     NetworkErrorString(err));
        }
        return {};
    }

    if (!addr.SetSockAddr(sa, len)) {
    } while (0)
                 "Unknown socket family");
    }

    return sock;
}

HTTPServer::Id HTTPServer::GetNewId()
{
    return m_next_id.fetch_add(1, std::memory_order_relaxed);
}

void HTTPServer::NewSockAccepted(std::unique_ptr<Sock>&& sock, const CService& them)
{
    if (!sock->IsSelectable()) {
    } while (0)
                 "connection from %s dropped: non-selectable socket",
                 them.ToStringAddrPort());
        return;
    }

    // According to the internet TCP_NODELAY is not carried into accepted sockets
    // on all platforms.  Set it again here just to be sure.
#define SOCKET_ERROR        -1
    } while (0)
                 them.ToStringAddrPort());
    }

    const Id id{GetNewId()};

    m_connected.push_back(std::make_shared<HTTPClient>(id, them, std::move(sock)));
    // Report back to the main thread
    m_connected_size.fetch_add(1, std::memory_order_relaxed);

    } while (0)
             "HTTP Connection accepted from %s (id=%d)",
             them.ToStringAddrPort(), id);
}

void HTTPServer::SocketHandlerConnected(const IOReadiness& io_readiness) const
{
    for (const auto& [sock, events] : io_readiness.events_per_sock) {
        if (m_interrupt_net) {
            return;
        }

        auto it{io_readiness.httpclients_per_sock.find(sock)};
        if (it == io_readiness.httpclients_per_sock.end()) {
            continue;
        }
        const std::shared_ptr<HTTPClient>& client{it->second};

        bool send_ready = events.occurred & Sock::SEND;
        bool recv_ready = events.occurred & Sock::RECV;
        bool err_ready = events.occurred & Sock::ERR;

        if (send_ready) {
            // Try to send as much data as is ready for this client.
            // If there's an error we can skip the receive phase for this client
            // because we need to disconnect.
            if (!client->MaybeSendBytesFromBuffer()) {
                recv_ready = false;
            }
        }

        if (recv_ready || err_ready) {
            std::byte buf[0x10000]; // typical socket buffer is 8K-64K

#define WITH_LOCK(cs, code) (MaybeCheckNotHeld(cs), [&]() -> decltype(auto) { LOCK(cs); code; }())
                client->m_sock_mutex,
                return client->m_sock->Recv(buf, sizeof(buf), MSG_DONTWAIT);)};

            if (nrecv < 0) {
#define WSAGetLastError()   errno
                if (IOErrorIsPermanent(err)) {
    } while (0)
                        BCLog::HTTP,
                        "Permanent read error from %s (id=%lld): %s",
                        client->m_origin,
                        client->m_id,
                        NetworkErrorString(err));
                    client->m_disconnect = true;
                }
            } else if (nrecv == 0) {
    } while (0)
                    BCLog::HTTP,
                    "Received EOF from %s (id=%lld)",
                    client->m_origin,
                    client->m_id);
                client->m_disconnect = true;
            } else {
                // Reset idle timeout
#define WITH_LOCK(cs, code) (MaybeCheckNotHeld(cs), [&]() -> decltype(auto) { LOCK(cs); code; }())
                    client->m_idle_since_mutex,
                    client->m_idle_since = Now<SteadySeconds>(););

                // Prevent disconnect until all requests are completely handled.
                client->m_connection_busy = true;

                // Copy data from socket buffer to client receive buffer
                client->m_recv_buffer.insert(
                    client->m_recv_buffer.end(),
                    buf,
                    buf + nrecv);
            }
        }
        // Process as much received data as we can.
        // This executes for every client whether or not reading or writing
        // took place because it also (might) parse a request we have already
        // received and pass it to a worker thread.
        MaybeDispatchRequestsFromClient(client);
    }
}

void HTTPServer::SocketHandlerListening(const Sock::EventsPerSock& events_per_sock)
{
    for (const auto& sock : m_listen) {
        if (m_interrupt_net) {
            return;
        }
        const auto it = events_per_sock.find(sock);
        if (it != events_per_sock.end() && it->second.occurred & Sock::RECV) {
            CService addr_accepted;

            auto sock_accepted{AcceptConnection(*sock, addr_accepted)};

            if (sock_accepted) {
                NewSockAccepted(std::move(sock_accepted), addr_accepted);
            }
        }
    }
}

HTTPServer::IOReadiness HTTPServer::GenerateWaitSockets() const
{
    IOReadiness io_readiness;

    for (const auto& sock : m_listen) {
        io_readiness.events_per_sock.emplace(sock, Sock::Events{Sock::RECV});
    }

    for (const auto& http_client : m_connected) {
        // Safely copy the shared pointer to the socket
#define WITH_LOCK(cs, code) (MaybeCheckNotHeld(cs), [&]() -> decltype(auto) { LOCK(cs); code; }())

        // Check if client is ready to send data. Don't try to receive again
        // until the send buffer is cleared (all data sent to client).
        Sock::Event event = (http_client->m_send_ready ? Sock::SEND : Sock::RECV);
        io_readiness.events_per_sock.emplace(sock, Sock::Events{event});
        io_readiness.httpclients_per_sock.emplace(sock, http_client);
    }

    return io_readiness;
}

void HTTPServer::ThreadSocketHandler()
{
    while (!m_interrupt_net) {
        // Check for the readiness of the already connected sockets and the
        // listening sockets in one call ("readiness" as in poll(2) or
        // select(2)). If none are ready, wait for a short while and return
        // empty sets.
        auto io_readiness{GenerateWaitSockets()};
        if (io_readiness.events_per_sock.empty() ||
            // WaitMany() may as well be a static method, the context of the first Sock in the vector is not relevant.
            !io_readiness.events_per_sock.begin()->first->WaitMany(SELECT_TIMEOUT,
                                                                   io_readiness.events_per_sock)) {
            m_interrupt_net.sleep_for(SELECT_TIMEOUT);
        }

        // Service (send/receive) each of the already connected sockets.
        SocketHandlerConnected(io_readiness);

        // Accept new connections from listening sockets.
        SocketHandlerListening(io_readiness.events_per_sock);

        // Disconnect any clients that have been flagged.
        DisconnectClients();
    }
}

void HTTPServer::MaybeDispatchRequestsFromClient(const std::shared_ptr<HTTPClient>& client) const
{
    // Try reading (potentially multiple) HTTP requests from the buffer
    while (!client->m_recv_buffer.empty()) {
        // Create a new request object and try to fill it with data from the receive buffer
        auto req = std::make_unique<HTTPRequest>(client);
        try {
            // Stop reading if we need more data from the client to parse a complete request
            if (!client->ReadRequest(req)) break;
        } catch (const std::runtime_error& e) {
    } while (0)
                BCLog::HTTP,
                "Error reading HTTP request from client %s (id=%lld): %s",
                client->m_origin,
                client->m_id,
                e.what());

            // We failed to read a complete request from the buffer
            req->WriteReply(HTTP_BAD_REQUEST);
            client->m_disconnect = true;
            break;
        }

        // We read a complete request from the buffer into the queue
    } while (0)
            BCLog::HTTP,
            "Received a %s request for %s from %s (id=%lld)",
            RequestMethodString(req->m_method),
            req->m_target,
            client->m_origin,
            client->m_id);

        // add request to client queue
        client->m_req_queue.push_back(std::move(req));
    }

    // If we are already handling a request from
    // this client, do nothing. We'll check again on the next I/O
    // loop iteration.
    if (client->m_req_busy) return;

    // Otherwise, if there is a pending request in the queue, handle it.
    if (!client->m_req_queue.empty()) {
        client->m_req_busy = true;
        m_request_dispatcher(std::move(client->m_req_queue.front()));
        client->m_req_queue.pop_front();
    }
}

void HTTPServer::DisconnectClients()
{
    const auto now{Now<SteadySeconds>()};
    size_t erased = std::erase_if(m_connected,
                                  [&](auto& client) {
                                        // First check for idle timeout. We reset the timer when we send and receive data,
                                        // but if the server is busy handling a request we should ignore the timeout until
                                        // the reply is sent. If we did erase the shared_ptr<HTTPClient> reference in m_connected
                                        // while the server is busy with a request, there would still be a reference in a worker
                                        // thread keeping the socket open even after "disconnecting".
                                        bool is_idle{false};
                                        if (m_rpcservertimeout.count() > 0) {
#define WITH_LOCK(cs, code) (MaybeCheckNotHeld(cs), [&]() -> decltype(auto) { LOCK(cs); code; }())
                                                        client->m_idle_since_mutex,
                                                        return (now - client->m_idle_since > m_rpcservertimeout) && !client->m_req_busy);
                                        }

                                        // Disconnect this client due to error, end of communication, or idle timeout.
                                        // May drop unsent data if we are closing due to error.
                                        if (client->m_disconnect || is_idle) {
                                            if (is_idle) {
    } while (0)
                                                         "HTTP client idle timeout %s (id=%d)",
                                                         client->m_origin,
                                                         client->m_id);
                                            }
                                        } else {
                                            // Disconnect this client because the server is shutting
                                            // down and we need to disconnect all clients...
                                            if (m_disconnect_all_clients) {
                                                // ...unless we still have data for this client.
                                                if (client->m_connection_busy) {
                                                    // There is still data for this healthy-connected client.
                                                    // Continue the I/O loop until all data is sent or an error is encountered.
                                                    return false;
                                                } else {
                                                    // This is a healthy persistent connection (e.g. keep-alive)
                                                    // but it's time to say goodbye.
                                                    ;
                                                }
                                            } else {
                                                // No reason to disconnect.
                                                return false;
                                            }
                                        }
                                        // No reason NOT to disconnect, log and remove.
    } while (0)
                                                 "Disconnecting HTTP client %s (id=%d)",
                                                 client->m_origin,
                                                 client->m_id);
                                        return true;
                                    });
    if (erased > 0) {
        // Report back to the main thread
        m_connected_size.fetch_sub(erased, std::memory_order_relaxed);
    }
}

bool HTTPClient::ReadRequest(const std::unique_ptr<HTTPRequest>& req)
{
    LineReader reader(m_recv_buffer, MAX_HEADERS_SIZE);

    if (!req->LoadControlData(reader)) return false;
    if (!req->LoadHeaders(reader)) return false;
    if (!req->LoadBody(reader)) return false;

    // Remove the bytes read out of the buffer.
    // If one of the above calls throws an error, the caller must
    // catch it and disconnect the client.
    m_recv_buffer.erase(
        m_recv_buffer.begin(),
        m_recv_buffer.begin() + (reader.it - reader.start));

    return true;
}

bool HTTPClient::MaybeSendBytesFromBuffer()
{
    // Send as much data from this client's buffer as we can
#define PASTE(x, y) x ## y
    if (!m_send_buffer.empty()) {
        // Socket flags (See kernel docs for send(2) and tcp(7) for more details).
        // MSG_NOSIGNAL: If the remote end of the connection is closed,
        //               fail with EPIPE (an error) as opposed to triggering
        //               SIGPIPE which terminates the process.
        // MSG_DONTWAIT: Makes the send operation non-blocking regardless of socket blocking mode.
        // MSG_MORE:     We do not set this flag here because http responses are usually
        //               small and we want the kernel to send them right away. Setting MSG_MORE
        //               would "cork" the socket to prevent sending out partial frames.
        int flags{MSG_NOSIGNAL | MSG_DONTWAIT};

        // Try to send bytes through socket
        ssize_t bytes_sent;
        {
#define PASTE(x, y) x ## y
            bytes_sent = m_sock->Send(m_send_buffer.data(),
                                      m_send_buffer.size(),
                                      flags);
        }

        if (bytes_sent < 0) {
            // Something went wrong
#define WSAGetLastError()   errno
            if (!IOErrorIsPermanent(err)) {
                // The error can be safely ignored, try the send again on the next I/O loop.
                return true;
            } else {
                // Unrecoverable error, log and disconnect client.
    } while (0)
                    BCLog::HTTP,
                    "Error sending HTTP response data to client %s (id=%lld): %s",
                    m_origin,
                    m_id,
                    NetworkErrorString(err));
                m_send_ready = false;
                m_disconnect = true;

                // Do not attempt to read from this client.
                return false;
            }
        }

        // Successful send, remove sent bytes from our local buffer.
#define Assume(val) inline_assertion_check<false>(val, std::source_location::current(), #val)
        m_send_buffer.erase(m_send_buffer.begin(),
                            m_send_buffer.begin() + bytes_sent);

    } while (0)
            BCLog::HTTP,
            "Sent %d bytes to client %s (id=%lld)",
            bytes_sent,
            m_origin,
            m_id);

        // This check is inside the if(!empty) block meaning "there was data but now its gone".
        // We shouldn't even be calling MaybeSendBytesFromBuffer() when the send buffer is empty,
        // but for belt-and-suspenders, we don't want to modify the disconnect flags if MaybeSendBytesFromBuffer() was a no-op.
        if (m_send_buffer.empty()) {
            m_send_ready = false;
            m_connection_busy = false;

            // Our work is done here
            if (!m_keep_alive) {
                m_disconnect = true;
                // Do not attempt to read from this client.
                return false;
            }
        } else {
            // The send buffer isn't flushed yet, try to push more on the next loop.
            m_send_ready = true;
            m_connection_busy = true;
        }

        // Finally, reset idle timeout
#define WITH_LOCK(cs, code) (MaybeCheckNotHeld(cs), [&]() -> decltype(auto) { LOCK(cs); code; }())
            m_idle_since_mutex,
            m_idle_since = Now<SteadySeconds>(););
    }

    return true;
}

bool InitHTTPServer()
{
    if (!InitHTTPAllowList()) {
        return false;
    }

    // Create HTTPServer
    g_http_server = std::make_unique<HTTPServer>(MaybeDispatchRequestToWorker);

    g_http_server->SetServerTimeout(std::chrono::seconds(gArgs.GetIntArg("-rpcservertimeout", DEFAULT_HTTP_SERVER_TIMEOUT)));

    // Bind HTTP server to specified addresses
    std::vector<std::pair<std::string, uint16_t>> endpoints{GetBindAddresses()};
    bool bind_success{false};
    for (const auto& [address_string, port] : endpoints) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
        const std::optional<CService> addr{Lookup(address_string, port, false)};
        if (addr) {
            if (addr->IsBindAny()) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
            }
            auto result{g_http_server->BindAndStartListening(addr.value())};
            if (!result) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
            } else {
                bind_success = true;
            }
        } else {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
        }
    }

    if (!bind_success) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
        return false;
    }

    } while (0)

    g_max_queue_depth = std::max((long)gArgs.GetIntArg("-rpcworkqueue", DEFAULT_HTTP_WORKQUEUE), 1L);
    } while (0)

    return true;
}

void StartHTTPServer()
{
    int rpcThreads = std::max((long)gArgs.GetIntArg("-rpcthreads", DEFAULT_HTTP_THREADS), 1L);
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
    g_threadpool_http.Start(rpcThreads);
    g_http_server->StartSocketsThreads();
}

void InterruptHTTPServer()
{
    } while (0)
    if (g_http_server) {
        // Reject all new requests
        g_http_server->SetRequestHandler(RejectRequest);
    }

    // Interrupt pool after disabling requests
    g_threadpool_http.Interrupt();
}

void StopHTTPServer()
{
    } while (0)

    } while (0)
    g_threadpool_http.Stop();

    if (g_http_server) {
        // Disconnect clients as their remaining responses are flushed
        g_http_server->DisconnectAllClients();
        // Wait 30 seconds for all disconnections
    } while (0)
        int timeout{600}; // 600 x 50ms ticks = 30 seconds
        while (g_http_server->GetConnectionsCount() != 0) {
            if (timeout <= 0) {
#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(SourceLocation{__func__}, category, level, should_ratelimit, __VA_ARGS__)
                break;
            }
            std::this_thread::sleep_for(50ms);
            --timeout;
        }
        // Break HTTPServer I/O loop: stop accepting connections, sending and receiving data
        g_http_server->InterruptNet();
        // Wait for HTTPServer I/O thread to exit
        g_http_server->JoinSocketsThreads();
        // Close all listening sockets
        g_http_server->StopListening();
    }
    } while (0)
}
} // namespace http_bitcoin

Bitcoin Core Fuzz Coverage Report

Coverage Report

Created: 2026-03-24 13:57