node: increase batch limits for auth rpc API (#27924)

This raises the JSON-RPC batch request limits significantly for the engine API endpoint. The limits are now also hard-coded, so users won't get them wrong. I have chosen these limits: maximum batch items: 2000 maximum batch response size: 250MB While it would also be possible to disable batch limits completely for the engine API, I think having some limits is a good safety net against misbehaving CLs. Since this isn't configurable, we really want to ensure this limit will never become an issue in the CL/EL communication, so I set them quite high. --------- Signed-off-by: jsvisa <delweng@gmail.com> Co-authored-by: Felix Lange <fjl@twurst.com>
1 year ago · 386cba15b5
parent a16d757cd4
commit 386cba15b5
2 changed files with 12 additions and 2 deletions
--- a/node/defaults.go
+++ b/node/defaults.go
@ -36,6 +36,13 @@ const (
 	DefaultAuthPort = 8551        // Default port for the authenticated apis
 )

+const (
+	// Engine API batch limits: these are not configurable by users, and should cover the
+	// needs of all CLs.
+	engineAPIBatchItemLimit         = 2000
+	engineAPIBatchResponseSizeLimit = 250 * 1000 * 1000
+)
+
 var (
 	DefaultAuthCors    = []string{"localhost"} // Default cors domain for the authenticated apis
 	DefaultAuthVhosts  = []string{"localhost"} // Default virtual hosts for the authenticated apis
--- a/node/node.go
+++ b/node/node.go
@ -449,8 +449,11 @@ func (n *Node) startRPC() error {
 		if err := server.setListenAddr(n.config.AuthAddr, port); err != nil {
 			return err
 		}
-		sharedConfig := rpcConfig
-		sharedConfig.jwtSecret = secret
+		sharedConfig := rpcEndpointConfig{
+			jwtSecret:              secret,
+			batchItemLimit:         engineAPIBatchItemLimit,
+			batchResponseSizeLimit: engineAPIBatchResponseSizeLimit,
+		}
 		if err := server.enableRPC(allAPIs, httpConfig{
 			CorsAllowedOrigins: DefaultAuthCors,
 			Vhosts:             n.config.AuthVirtualHosts,