diff --git a/ci/do-audit.sh b/ci/do-audit.sh index 71a0465d6f..4482abc6a5 100755 --- a/ci/do-audit.sh +++ b/ci/do-audit.sh @@ -46,5 +46,7 @@ cargo_audit_ignores=( # https://github.com/paritytech/jsonrpc/issues/605 --ignore RUSTSEC-2021-0079 + # `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s + --ignore RUSTSEC-2021-0115 ) scripts/cargo-for-all-lock-files.sh stable audit "${cargo_audit_ignores[@]}" diff --git a/gossip/src/main.rs b/gossip/src/main.rs index 3499e1eb6d..917a8e61d9 100644 --- a/gossip/src/main.rs +++ b/gossip/src/main.rs @@ -218,7 +218,7 @@ fn process_spy_results( } } -fn process_spy(matches: &ArgMatches) -> std::io::Result<()> { +fn process_spy(matches: &ArgMatches, socket_addr_space: SocketAddrSpace) -> std::io::Result<()> { let num_nodes_exactly = matches .value_of("num_nodes_exactly") .map(|num| num.to_string().parse().unwrap()); @@ -232,7 +232,6 @@ fn process_spy(matches: &ArgMatches) -> std::io::Result<()> { let pubkey = matches .value_of("node_pubkey") .map(|pubkey_str| pubkey_str.parse::().unwrap()); - let socket_addr_space = SocketAddrSpace::new(matches.is_present("allow_private_addr")); let shred_version = value_t_or_exit!(matches, "shred_version", u16); let identity_keypair = keypair_of(matches, "identity").map(Arc::new); @@ -277,13 +276,15 @@ fn parse_entrypoint(matches: &ArgMatches) -> Option { }) } -fn process_rpc_url(matches: &ArgMatches) -> std::io::Result<()> { +fn process_rpc_url( + matches: &ArgMatches, + socket_addr_space: SocketAddrSpace, +) -> std::io::Result<()> { let any = matches.is_present("any"); let all = matches.is_present("all"); let entrypoint_addr = parse_entrypoint(matches); let timeout = value_t_or_exit!(matches, "timeout", u64); let shred_version = value_t_or_exit!(matches, "shred_version", u16); - let socket_addr_space = SocketAddrSpace::new(matches.is_present("allow_private_addr")); let (_all_peers, validators) = discover( None, // keypair entrypoint_addr.as_ref(), @@ -327,13 +328,13 @@ fn main() -> Result<(), Box> { solana_logger::setup_with_default("solana=info"); let matches = parse_matches(); - + let socket_addr_space = SocketAddrSpace::new(matches.is_present("allow_private_addr")); match matches.subcommand() { ("spy", Some(matches)) => { - process_spy(matches)?; + process_spy(matches, socket_addr_space)?; } ("rpc-url", Some(matches)) => { - process_rpc_url(matches)?; + process_rpc_url(matches, socket_addr_space)?; } _ => unreachable!(), } diff --git a/multinode-demo/bootstrap-validator.sh b/multinode-demo/bootstrap-validator.sh index 93c70af069..31d31f1dc3 100755 --- a/multinode-demo/bootstrap-validator.sh +++ b/multinode-demo/bootstrap-validator.sh @@ -79,6 +79,9 @@ while [[ -n $1 ]]; do elif [[ $1 == --accounts-db-skip-shrink ]]; then args+=("$1") shift + elif [[ $1 == --allow-private-addr ]]; then + args+=("$1") + shift elif [[ $1 == --skip-require-tower ]]; then maybeRequireTower=false shift diff --git a/multinode-demo/validator.sh b/multinode-demo/validator.sh index 43e63a962c..239e7c8c23 100755 --- a/multinode-demo/validator.sh +++ b/multinode-demo/validator.sh @@ -18,6 +18,7 @@ vote_account= no_restart=0 gossip_entrypoint= ledger_dir= +maybe_allow_private_addr= usage() { if [[ -n $1 ]]; then @@ -160,6 +161,10 @@ while [[ -n $1 ]]; do elif [[ $1 == --expected-bank-hash ]]; then args+=("$1" "$2") shift 2 + elif [[ $1 == --allow-private-addr ]]; then + args+=("$1") + maybe_allow_private_addr=$1 + shift elif [[ $1 == --accounts-db-skip-shrink ]]; then args+=("$1") shift @@ -312,7 +317,8 @@ setup_validator_accounts() { return 0 } -rpc_url=$($solana_gossip rpc-url --timeout 180 --entrypoint "$gossip_entrypoint") +# shellcheck disable=SC2086 # Don't want to double quote "$maybe_allow_private_addr" +rpc_url=$($solana_gossip $maybe_allow_private_addr rpc-url --timeout 180 --entrypoint "$gossip_entrypoint") [[ -r "$identity" ]] || $solana_keygen new --no-passphrase -so "$identity" [[ -r "$vote_account" ]] || $solana_keygen new --no-passphrase -so "$vote_account" diff --git a/net/net.sh b/net/net.sh index 873c81b023..6904ea76f3 100755 --- a/net/net.sh +++ b/net/net.sh @@ -309,7 +309,7 @@ startBootstrapLeader() { ${#clientIpList[@]} \"$benchTpsExtraArgs\" \ ${#clientIpList[@]} \"$benchExchangeExtraArgs\" \ \"$genesisOptions\" \ - \"$maybeNoSnapshot $maybeSkipLedgerVerify $maybeLimitLedgerSize $maybeWaitForSupermajority $maybeAccountsDbSkipShrink $maybeSkipRequireTower\" \ + \"$maybeNoSnapshot $maybeSkipLedgerVerify $maybeLimitLedgerSize $maybeWaitForSupermajority $maybeAllowPrivateAddr $maybeAccountsDbSkipShrink $maybeSkipRequireTower\" \ \"$gpuMode\" \ \"$maybeWarpSlot\" \ \"$waitForNodeInit\" \ @@ -381,7 +381,7 @@ startNode() { ${#clientIpList[@]} \"$benchTpsExtraArgs\" \ ${#clientIpList[@]} \"$benchExchangeExtraArgs\" \ \"$genesisOptions\" \ - \"$maybeNoSnapshot $maybeSkipLedgerVerify $maybeLimitLedgerSize $maybeWaitForSupermajority $maybeAccountsDbSkipShrink $maybeSkipRequireTower\" \ + \"$maybeNoSnapshot $maybeSkipLedgerVerify $maybeLimitLedgerSize $maybeWaitForSupermajority $maybeAllowPrivateAddr $maybeAccountsDbSkipShrink $maybeSkipRequireTower\" \ \"$gpuMode\" \ \"$maybeWarpSlot\" \ \"$waitForNodeInit\" \ @@ -782,6 +782,7 @@ maybeLimitLedgerSize="" maybeSkipLedgerVerify="" maybeDisableAirdrops="" maybeWaitForSupermajority="" +maybeAllowPrivateAddr="" maybeAccountsDbSkipShrink="" maybeSkipRequireTower="" debugBuild=false @@ -908,6 +909,9 @@ while [[ -n $1 ]]; do elif [[ $1 == --extra-primordial-stakes ]]; then extraPrimordialStakes=$2 shift 2 + elif [[ $1 = --allow-private-addr ]]; then + maybeAllowPrivateAddr="$1" + shift 1 elif [[ $1 = --accounts-db-skip-shrink ]]; then maybeAccountsDbSkipShrink="$1" shift 1 diff --git a/net/remote/remote-sanity.sh b/net/remote/remote-sanity.sh index 4d21afd680..8c36e99ffd 100755 --- a/net/remote/remote-sanity.sh +++ b/net/remote/remote-sanity.sh @@ -97,7 +97,7 @@ echo "--- $sanityTargetIp: node count ($numSanityNodes expected)" nodeArg="num-nodes-exactly" fi - $solana_gossip spy --entrypoint "$sanityTargetIp:8001" \ + $solana_gossip --allow-private-addr spy --entrypoint "$sanityTargetIp:8001" \ --$nodeArg "$numSanityNodes" --timeout 60 \ ) diff --git a/system-test/stability-testcases/gce-perf-stability-5-node-single-region.yml b/system-test/stability-testcases/gce-perf-stability-5-node-single-region.yml index 7970c27d15..5136286621 100755 --- a/system-test/stability-testcases/gce-perf-stability-5-node-single-region.yml +++ b/system-test/stability-testcases/gce-perf-stability-5-node-single-region.yml @@ -15,5 +15,6 @@ steps: USE_PUBLIC_IP_ADDRESSES: "false" ADDITIONAL_FLAGS: "--dedicated" TEST_TYPE: "fixed_duration" + ALLOW_PRIVATE_ADDR: "true" agents: - "queue=gce-deploy" diff --git a/system-test/testnet-automation.sh b/system-test/testnet-automation.sh index 3c12e26641..53850f1a15 100755 --- a/system-test/testnet-automation.sh +++ b/system-test/testnet-automation.sh @@ -131,6 +131,11 @@ function launch_testnet() { maybeAsyncNodeInit="--async-node-init" fi + declare maybeAllowPrivateAddr + if [[ "$ALLOW_PRIVATE_ADDR" = "true" ]]; then + maybeAllowPrivateAddr="--allow-private-addr" + fi + declare maybeExtraPrimordialStakes if [[ -n "$EXTRA_PRIMORDIAL_STAKES" ]]; then maybeExtraPrimordialStakes="--extra-primordial-stakes $EXTRA_PRIMORDIAL_STAKES" @@ -140,7 +145,8 @@ function launch_testnet() { # shellcheck disable=SC2086 "${REPO_ROOT}"/net/net.sh start $version_args \ -c idle=$NUMBER_OF_CLIENT_NODES $maybeStartAllowBootFailures \ - --gpu-mode $startGpuMode $maybeWarpSlot $maybeAsyncNodeInit $maybeExtraPrimordialStakes + --gpu-mode $startGpuMode $maybeWarpSlot $maybeAsyncNodeInit \ + $maybeExtraPrimordialStakes $maybeAllowPrivateAddr execution_step "Waiting for bootstrap validator's stake to fall below ${BOOTSTRAP_VALIDATOR_MAX_STAKE_THRESHOLD}%" wait_for_bootstrap_validator_stake_drop "$BOOTSTRAP_VALIDATOR_MAX_STAKE_THRESHOLD"