Merge branch 'next' into chore/remove-self-signer

# Conflicts: # testnet/stacks-node/src/tests/nakamoto_integrations.rs # testnet/stacks-node/src/tests/signer.rs
2026-05-30 15:55:04 +08:00 · 2024-03-05 17:48:06 +01:00
parent c0d4c28c40 20a4320fb7
commit 8b0b4b7bfa
15 changed files with 117 additions and 29 deletions
--- a/testnet/stacks-node/src/config.rs
+++ b/testnet/stacks-node/src/config.rs
@@ -178,6 +178,25 @@ mod tests {
            "ST2TFVBMRPS5SSNP98DQKQ5JNB2B6NZM91C4K3P7B"
        );
    }
+
+    #[test]
+    fn should_load_block_proposal_token() {
+        let config = Config::from_config_file(
+            ConfigFile::from_str(
+                r#"
+                [connection_options]
+                block_proposal_token = "password"
+                "#,
+            )
+            .unwrap(),
+        )
+        .expect("Expected to be able to parse block proposal token from file");
+
+        assert_eq!(
+            config.connection_options.block_proposal_token,
+            Some("password".to_string())
+        );
+    }
 }

 impl ConfigFile {
@@ -2015,6 +2034,7 @@ pub struct ConnectionOptionsFile {
    pub force_disconnect_interval: Option<u64>,
    pub antientropy_public: Option<bool>,
    pub private_neighbors: Option<bool>,
+    pub block_proposal_token: Option<String>,
 }

 impl ConnectionOptionsFile {
@@ -2138,6 +2158,7 @@ impl ConnectionOptionsFile {
            max_sockets: self.max_sockets.unwrap_or(800) as usize,
            antientropy_public: self.antientropy_public.unwrap_or(true),
            private_neighbors: self.private_neighbors.unwrap_or(true),
+            block_proposal_token: self.block_proposal_token,
            ..ConnectionOptions::default()
        })
    }
--- a/testnet/stacks-node/src/tests/nakamoto_integrations.rs
+++ b/testnet/stacks-node/src/tests/nakamoto_integrations.rs
@@ -23,6 +23,7 @@ use std::{env, thread};
 use clarity::vm::ast::ASTRules;
 use clarity::vm::costs::ExecutionCost;
 use clarity::vm::types::{PrincipalData, QualifiedContractIdentifier};
+use http_types::headers::AUTHORIZATION;
 use lazy_static::lazy_static;
 use libsigner::{BlockResponse, SignerMessage, SignerSession, StackerDBSession};
 use stacks::burnchains::MagicBytes;
@@ -1603,6 +1604,8 @@ fn block_proposal_api_endpoint() {

    let signers = TestSigners::default();
    let (mut conf, _miner_account) = naka_neon_integration_conf(None);
+    let password = "12345".to_string();
+    conf.connection_options.block_proposal_token = Some(password.clone());
    let account_keys = add_initial_balances(&mut conf, 10, 1_000_000);
    let stacker_sk = setup_stacker(&mut conf);
    let sender_signer_sk = Secp256k1PrivateKey::new();
@@ -1788,6 +1791,7 @@ fn block_proposal_api_endpoint() {

    const HTTP_ACCEPTED: u16 = 202;
    const HTTP_TOO_MANY: u16 = 429;
+    const HTTP_NOT_AUTHORIZED: u16 = 401;
    let test_cases = [
        (
            "Valid Nakamoto block proposal",
@@ -1826,6 +1830,7 @@ fn block_proposal_api_endpoint() {
            HTTP_ACCEPTED,
            Some(Err(ValidateRejectCode::ChainstateError)),
        ),
+        ("Not authorized", sign(&proposal), HTTP_NOT_AUTHORIZED, None),
    ];

    // Build HTTP client
@@ -1842,12 +1847,18 @@ fn block_proposal_api_endpoint() {
        test_cases.iter().enumerate()
    {
        // Send POST request
-        let mut response = client
+        let request_builder = client
            .post(&path)
            .header("Content-Type", "application/json")
-            .json(block_proposal)
-            .send()
-            .expect("Failed to POST");
+            .json(block_proposal);
+        let mut response = if expected_http_code == &HTTP_NOT_AUTHORIZED {
+            request_builder.send().expect("Failed to POST")
+        } else {
+            request_builder
+                .header(AUTHORIZATION.to_string(), password.to_string())
+                .send()
+                .expect("Failed to POST")
+        };
        let start_time = Instant::now();
        while ix != 1 && response.status().as_u16() == HTTP_TOO_MANY {
            if start_time.elapsed() > Duration::from_secs(30) {
@@ -1856,20 +1867,29 @@ fn block_proposal_api_endpoint() {
            }
            info!("Waiting for prior request to finish processing, and then resubmitting");
            thread::sleep(Duration::from_secs(5));
-            response = client
+            let request_builder = client
                .post(&path)
                .header("Content-Type", "application/json")
-                .json(block_proposal)
-                .send()
-                .expect("Failed to POST");
+                .json(block_proposal);
+            response = if expected_http_code == &HTTP_NOT_AUTHORIZED {
+                request_builder.send().expect("Failed to POST")
+            } else {
+                request_builder
+                    .header(AUTHORIZATION.to_string(), password.to_string())
+                    .send()
+                    .expect("Failed to POST")
+            };
        }

        let response_code = response.status().as_u16();
-        let response_json = response.json::<serde_json::Value>();
-
+        let response_json = if expected_http_code != &HTTP_NOT_AUTHORIZED {
+            response.json::<serde_json::Value>().unwrap().to_string()
+        } else {
+            "No json response".to_string()
+        };
        info!(
            "Block proposal submitted and checked for HTTP response";
-            "response_json" => %response_json.unwrap(),
+            "response_json" => response_json,
            "request_json" => serde_json::to_string(block_proposal).unwrap(),
            "response_code" => response_code,
            "test_description" => test_description,
--- a/testnet/stacks-node/src/tests/signer.rs
+++ b/testnet/stacks-node/src/tests/signer.rs
@@ -103,7 +103,11 @@ impl SignerTest {
            .map(|_| StacksPrivateKey::new())
            .collect::<Vec<StacksPrivateKey>>();

-        let (naka_conf, _miner_account) = naka_neon_integration_conf(None);
+        let (mut naka_conf, _miner_account) = naka_neon_integration_conf(None);
+        // So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life!
+        // That's the kind of thing an idiot would have on his luggage!
+        let password = "12345";
+        naka_conf.connection_options.block_proposal_token = Some(password.to_string());

        // Setup the signer and coordinator configurations
        let signer_configs = build_signer_config_tomls(
@@ -111,6 +115,7 @@ impl SignerTest {
            &naka_conf.node.rpc_bind,
            Some(Duration::from_millis(128)), // Timeout defaults to 5 seconds. Let's override it to 128 milliseconds.
            &Network::Testnet,
+            password,
        );

        let mut running_signers = Vec::new();
@@ -725,7 +730,12 @@ impl SignerTest {
        )
        .unwrap();

-        let invalid_stacks_client = StacksClient::new(StacksPrivateKey::new(), host, false);
+        let invalid_stacks_client = StacksClient::new(
+            StacksPrivateKey::new(),
+            host,
+            "12345".to_string(), // That's amazing. I've got the same combination on my luggage!
+            false,
+        );
        let invalid_signer_tx = invalid_stacks_client
            .build_vote_for_aggregate_public_key(0, round, point, reward_cycle, None, 0)
            .expect("FATAL: failed to build vote for aggregate public key");