Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing support fr RPC API over HTTPS #10539

Open
3 tasks done
ze42 opened this issue Oct 7, 2024 · 3 comments
Open
3 tasks done

Missing support fr RPC API over HTTPS #10539

ze42 opened this issue Oct 7, 2024 · 3 comments
Labels
effort/hours Estimated to take one or several hours good first issue Good issue for new contributors help wanted Seeking public contribution on this issue kind/bug A bug in existing code (including security flaws) P3 Low: Not priority right now

Comments

@ze42
Copy link

ze42 commented Oct 7, 2024

Checklist

Installation method

ipfs-update or dist.ipfs.tech

Version

/ipfs version --all
Kubo version: 0.30.0
Repo version: 16
System version: amd64/linux
Golang version: go1.22.7

Config

(probably not relevant)

{"API":{"HTTPHeaders":{}},"Addresses":{"API":"/ip4/127.0.0.1/tcp/5001","Announce":[],"AppendAnnounce":[],"Gateway":"/ip4/127.0.0.1/tcp/8080","NoAnnounce":[],"Swarm":["/ip4/0.0.0.0/tcp/4001","/ip6/::/tcp/4001","/ip4/0.0.0.0/udp/4001/quic-v1","/ip4/0.0.0.0/udp/4001/quic-v1/webtransport","/ip6/::/udp/4001/quic-v1","/ip6/::/udp/4001/quic-v1/webtransport"]},"AutoNAT":{},"Bootstrap":["/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN","/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa","/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb","/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt","/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ","/ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ"],"DNS":{"Resolvers":{}},"Datastore":{"BloomFilterSize":0,"GCPeriod":"1h","HashOnRead":false,"Spec":{"mounts":[{"child":{"path":"blocks","shardFunc":"/repo/flatfs/shard/v1/next-to-last/2","sync":true,"type":"flatfs"},"mountpoint":"/blocks","prefix":"flatfs.datastore","type":"measure"},{"child":{"compression":"none","path":"datastore","type":"levelds"},"mountpoint":"/","prefix":"leveldb.datastore","type":"measure"}],"type":"mount"},"StorageGCWatermark":90,"StorageMax":"10GB"},"Discovery":{"MDNS":{"Enabled":true}},"Experimental":{"FilestoreEnabled":false,"Libp2pStreamMounting":false,"OptimisticProvide":false,"OptimisticProvideJobsPoolSize":0,"P2pHttpProxy":false,"StrategicProviding":false,"UrlstoreEnabled":false},"Gateway":{"DeserializedResponses":null,"DisableHTMLErrors":null,"ExposeRoutingAPI":null,"HTTPHeaders":{},"NoDNSLink":false,"NoFetch":false,"PublicGateways":null,"RootRedirect":""},"Identity":{"PeerID":"12D3KooWHmUkKz2ys3uQpNStsCwDP7DBpvPMMF4182KsBQ55xb1A"},"Internal":{},"Ipns":{"RecordLifetime":"","RepublishPeriod":"","ResolveCacheSize":128},"Migration":{"DownloadSources":[],"Keep":""},"Mounts":{"FuseAllowOther":false,"IPFS":"/ipfs","IPNS":"/ipns"},"Peering":{"Peers":null},"Pinning":{"RemoteServices":{}},"Plugins":{"Plugins":null},"Provider":{"Strategy":""},"Pubsub":{"DisableSigning":false,"Router":""},"Reprovider":{},"Routing":{"Methods":null,"Routers":null},"Swarm":{"AddrFilters":null,"ConnMgr":{},"DisableBandwidthMetrics":false,"DisableNatPortMap":false,"RelayClient":{},"RelayService":{},"ResourceMgr":{},"Transports":{"Multiplexers":{},"Network":{},"Security":{}}}}

Description

When trying to connect to a distant API over https, it fails and try to connect with http.

/ipfs --api /dns/myapihost.mydomain.com/tcp/443/https files stat /
2024-10-07T16:00:52.505+0200	ERROR	cmds/http	http/parse.go:212	could not guess encoding from content type "text/html"
Error: unknown error content type: text/html

When checking logs from the RP we have in place receiving the request, we see "scheme": "http".

When trying to access directly the same URL with curl and https, it works properly.

@ze42 ze42 added kind/bug A bug in existing code (including security flaws) need/triage Needs initial labeling and prioritization labels Oct 7, 2024
@lidel
Copy link
Member

lidel commented Oct 8, 2024

Thank you for reporting this bug.

Indeed, /https and /tls/http are not supported. https:// hint is not forwarded to go-ipfs-cmds client.

The host value in:

remoteVersion, err := getRemoteVersion(tracingWrappedExecutor{cmdhttp.NewClient(host, opts...)})

likely does not include protocol, just host, and http:// is added in:

https://github.com/ipfs/go-ipfs-cmds/blob/ae8443f905e4604e2a0c001ac20a7c8fe4dd7948/http/client.go#L87-L89

Potential quick fix is to make sure kubo/cmd/ipfs/kubo/start.go prepends https:// to host if apiAddr contains /https or /tls/http

@ze42 would you have time to open PR with a fix?

@lidel lidel added the need/author-input Needs input from the original author label Oct 8, 2024
@lidel lidel changed the title API over HTTPs broken Missing support fr RPC API over HTTPS Oct 8, 2024
@lidel lidel added help wanted Seeking public contribution on this issue good first issue Good issue for new contributors effort/hours Estimated to take one or several hours and removed need/triage Needs initial labeling and prioritization need/author-input Needs input from the original author labels Oct 15, 2024
@Sairaviteja27
Copy link

Sairaviteja27 commented Oct 22, 2024

@lidel I’m new to this repository, but I believe this fix requires a small change, and I would like to contribute to it. Can I take this?

@lidel
Copy link
Member

lidel commented Oct 23, 2024

@Sairaviteja27 sure, submit PR once you have something ready for review 👍

@gammazero gammazero added the P3 Low: Not priority right now label Nov 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
effort/hours Estimated to take one or several hours good first issue Good issue for new contributors help wanted Seeking public contribution on this issue kind/bug A bug in existing code (including security flaws) P3 Low: Not priority right now
Projects
None yet
Development

No branches or pull requests

4 participants