From 386cba15b5ee56908e3b33f7ee52a4c8486d5d8f Mon Sep 17 00:00:00 2001 From: Delweng Date: Wed, 16 Aug 2023 21:26:49 +0800 Subject: [PATCH] node: increase batch limits for auth rpc API (#27924) This raises the JSON-RPC batch request limits significantly for the engine API endpoint. The limits are now also hard-coded, so users won't get them wrong. I have chosen these limits: maximum batch items: 2000 maximum batch response size: 250MB While it would also be possible to disable batch limits completely for the engine API, I think having some limits is a good safety net against misbehaving CLs. Since this isn't configurable, we really want to ensure this limit will never become an issue in the CL/EL communication, so I set them quite high. --------- Signed-off-by: jsvisa Co-authored-by: Felix Lange --- node/defaults.go | 7 +++++++ node/node.go | 7 +++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/node/defaults.go b/node/defaults.go index d8f718121e..42d9d4cde0 100644 --- a/node/defaults.go +++ b/node/defaults.go @@ -36,6 +36,13 @@ const ( DefaultAuthPort = 8551 // Default port for the authenticated apis ) +const ( + // Engine API batch limits: these are not configurable by users, and should cover the + // needs of all CLs. + engineAPIBatchItemLimit = 2000 + engineAPIBatchResponseSizeLimit = 250 * 1000 * 1000 +) + var ( DefaultAuthCors = []string{"localhost"} // Default cors domain for the authenticated apis DefaultAuthVhosts = []string{"localhost"} // Default virtual hosts for the authenticated apis diff --git a/node/node.go b/node/node.go index da41169c52..41c9971fe8 100644 --- a/node/node.go +++ b/node/node.go @@ -449,8 +449,11 @@ func (n *Node) startRPC() error { if err := server.setListenAddr(n.config.AuthAddr, port); err != nil { return err } - sharedConfig := rpcConfig - sharedConfig.jwtSecret = secret + sharedConfig := rpcEndpointConfig{ + jwtSecret: secret, + batchItemLimit: engineAPIBatchItemLimit, + batchResponseSizeLimit: engineAPIBatchResponseSizeLimit, + } if err := server.enableRPC(allAPIs, httpConfig{ CorsAllowedOrigins: DefaultAuthCors, Vhosts: n.config.AuthVirtualHosts,