Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: auto-tls for websockets #2800

Merged
merged 12 commits into from
Nov 27, 2024
Merged

feat: auto-tls for websockets #2800

merged 12 commits into from
Nov 27, 2024
+537 −133

Conversation

achingbrain
Copy link
Member

Starts a tcp server on the listen port and hands connections off to internal http or https servers (depdending on connection type).

Upgrade requests from both servers are handled by a websocket server.

The https server is enabled when either a secure websocket address is listened to explicitly, or when a TLS certificate is provisioned by another libp2p component, likely @libp2p/auto-tls.

This means we don't need to add another port mapping for the https server since we run http and https over the same port.

Change checklist

  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation if necessary (this includes comments as well)
  • I have added tests that prove my fix is effective or that my feature works

@achingbrain achingbrain requested a review from a team as a code owner November 3, 2024 18:23
@achingbrain achingbrain marked this pull request as draft November 3, 2024 18:23
@achingbrain
Copy link
Member Author

Depends on #2798 and probably some others.

@achingbrain achingbrain changed the base branch from main to feat/add-auto-tls November 6, 2024 06:27
@achingbrain achingbrain mentioned this pull request Nov 19, 2024
Merged
3 tasks
Base automatically changed from feat/add-auto-tls to main November 19, 2024 16:52
@achingbrain achingbrain force-pushed the feat/websockets-auto-tls branch from fc491dc to 3b2c111 Compare November 19, 2024 17:02
@achingbrain
feat: auto-tls for websockets
b97e91a 
Starts a tcp server on the listen port and hands connections off
to internal http or https servers (depdending on connection type).

Upgrade requests from both servers are handled by a websocket
server.

The https server is enabled when either a secure websocket address
is listened to explicitly, or when a TLS certificate is provisioned
by another libp2p component, likely `@libp2p/auto-tls`.

This means we don't need to add another port mapping for the https
server since we run http and https over the same port.
@achingbrain achingbrain force-pushed the feat/websockets-auto-tls branch from 3b2c111 to b97e91a Compare November 19, 2024 17:03
@achingbrain achingbrain marked this pull request as ready for review November 26, 2024 16:01
@achingbrain
Copy link
Member Author

Merging to get a rc out for further testing

@achingbrain achingbrain merged commit 8a9258a into main Nov 27, 2024
33 of 34 checks passed
@achingbrain achingbrain deleted the feat/websockets-auto-tls branch November 27, 2024 09:05
@achingbrain achingbrain mentioned this pull request Nov 27, 2024
Merged
@sfroment
Copy link
Contributor

sfroment commented Dec 25, 2024
edited
Loading

@achingbrain Hey 👋 ,
This as broke the usage of websockets with pubsubPeerDiscovery, when pubsub is calling the getAddresses() here: https://github.com/libp2p/js-libp2p-pubsub-peer-discovery/blob/main/src/index.ts#L244 it will receive Listener is not ready yet from https://github.com/libp2p/js-libp2p/blob/main/packages/transport-websockets/src/listener.ts#L346.
I'll try to fix it on my own but if I don't let me know if you have a clue of what might cause this 🙏

@sfroment
Copy link
Contributor

sfroment commented Dec 25, 2024
edited
Loading

@achingbrain So I digged a bit more and the problem is coming from
https://github.com/libp2p/js-libp2p/blob/main/packages/libp2p/src/components.ts#L74-L80
as the pubsub afterStart will be called at the same time as the ws after start. So they'll both be awaited at the same time and since the ws isn't started when pubsub afterstart is called it will return the above error.
one quick fix would be to do:

async _invokeStartableMethod(methodName) {
        for (const [key, value] of Object.entries(this.components)) {
            if (isStartable(value)) {
                await value[methodName]?.();
            }
        }
}

But i don't think this is what you want ?

@sfroment
Copy link
Contributor

We could also change the transport manager to call listen on start and not afterStart but I don't know the implication of such a change

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@achingbrain @sfroment