fix warnings + add more integration tests

Author: JasonVranek

tests/src/mock_relay.rs

@@ -69,6 +69,13 @@ pub struct MockRelayState {
     /// the short-circuit so tests can observe the attempt. Used to drive C3
     /// (retry-as-JSON) tests.
     submit_block_ssz_status_override: Option<StatusCode>,
+    /// If set, this literal string is sent as the outgoing `Content-Type`
+    /// header on `handle_get_header` and `handle_submit_block_v1` responses
+    /// instead of the canonical `application/json` / `application/octet-stream`
+    /// value. The body is still serialized according to the encoding that was
+    /// negotiated via `Accept`. Used to exercise PBS tolerance of
+    /// MIME-parameter suffixes like `application/octet-stream; charset=binary`.
+    response_content_type_override: Option<String>,
     received_get_header: Arc<AtomicU64>,
     received_get_status: Arc<AtomicU64>,
     received_register_validator: Arc<AtomicU64>,
@@ -102,6 +109,9 @@ impl MockRelayState {
     pub fn submit_block_ssz_status_override(&self) -> Option<StatusCode> {
         self.submit_block_ssz_status_override
     }
+    pub fn response_content_type_override(&self) -> Option<&str> {
+        self.response_content_type_override.as_deref()
+    }
     pub fn set_response_override(&self, status: StatusCode) {
         *self.response_override.write().unwrap() = Some(status);
     }
@@ -116,6 +126,7 @@ impl MockRelayState {
             supports_submit_block_v2: true,
             use_not_found_for_submit_block: false,
             submit_block_ssz_status_override: None,
+            response_content_type_override: None,
             received_get_header: Default::default(),
             received_get_status: Default::default(),
             received_register_validator: Default::default(),
@@ -154,6 +165,15 @@ impl MockRelayState {
     pub fn with_submit_block_ssz_status(self, status: StatusCode) -> Self {
         Self { submit_block_ssz_status_override: Some(status), ..self }
     }
+
+    /// Make the relay advertise `raw_content_type` as the `Content-Type`
+    /// header on `get_header` and `submit_block_v1` responses. The body is
+    /// still encoded via the negotiated [`EncodingType`] — only the header
+    /// string changes. Use this to drive PBS tolerance of MIME-parameter
+    /// suffixes (e.g. `application/octet-stream; charset=binary`).
+    pub fn with_response_content_type(self, raw_content_type: impl Into<String>) -> Self {
+        Self { response_content_type_override: Some(raw_content_type.into()), ..self }
+    }
 }
 
 pub fn mock_relay_app_router(state: Arc<MockRelayState>) -> Router {
@@ -277,7 +297,11 @@ async fn handle_get_header(
     let mut response = (StatusCode::OK, data).into_response();
     let consensus_version_header =
         HeaderValue::from_str(&consensus_version_header.to_string()).unwrap();
-    let content_type_header = HeaderValue::from_str(&content_type.to_string()).unwrap();
+    let content_type_str = state
+        .response_content_type_override()
+        .map(|s| s.to_string())
+        .unwrap_or_else(|| content_type.to_string());
+    let content_type_header = HeaderValue::from_str(&content_type_str).unwrap();
     response.headers_mut().insert(CONSENSUS_VERSION_HEADER, consensus_version_header);
     response.headers_mut().insert(CONTENT_TYPE, content_type_header);
     response
@@ -404,7 +428,11 @@ async fn handle_submit_block_v1(
             HeaderValue::from_str(&consensus_version_header.to_string()).unwrap();
         response.headers_mut().insert(CONSENSUS_VERSION_HEADER, consensus_version_header);
     }
-    let content_type_header = HeaderValue::from_str(&response_content_type.to_string()).unwrap();
+    let content_type_str = state
+        .response_content_type_override()
+        .map(|s| s.to_string())
+        .unwrap_or_else(|| response_content_type.to_string());
+    let content_type_header = HeaderValue::from_str(&content_type_str).unwrap();
     response.headers_mut().insert(CONTENT_TYPE, content_type_header);
     response
 }

tests/tests/pbs_get_header.rs

@@ -644,6 +644,89 @@ async fn test_get_header_bid_validation_matrix() -> Result<()> {
     Ok(())
 }
 
+/// PBS must accept relay `Content-Type` values that include MIME parameters
+/// (e.g. `application/octet-stream; charset=binary`). The audit fix for C2
+/// switched `EncodingType::from_str` to parse via the `mediatype` crate;
+/// this test exercises the full relay→PBS→BN path to guard against
+/// regressions at the wire boundary.
+#[tokio::test]
+async fn test_get_header_tolerates_mime_params_in_content_type() -> Result<()> {
+    setup_test_env();
+    let signer = random_secret();
+    let pubkey = signer.public_key();
+    let chain = Chain::Holesky;
+    let pbs_listener = get_free_listener().await;
+    let relay_listener = get_free_listener().await;
+    let pbs_port = pbs_listener.local_addr().unwrap().port();
+    let relay_port = relay_listener.local_addr().unwrap().port();
+
+    let mut mock_state = MockRelayState::new(chain, signer)
+        .with_response_content_type("application/octet-stream; charset=binary");
+    mock_state.supported_content_types = Arc::new(HashSet::from([EncodingType::Ssz]));
+    let mock_state = Arc::new(mock_state);
+    let mock_relay = generate_mock_relay(relay_port, pubkey)?;
+    tokio::spawn(start_mock_relay_service_with_listener(mock_state.clone(), relay_listener));
+
+    let pbs_config = get_pbs_config(pbs_port);
+    let config = to_pbs_config(chain, pbs_config, vec![mock_relay]);
+    let state = PbsState::new(config, PathBuf::new());
+    drop(pbs_listener);
+    tokio::spawn(PbsService::run::<(), DefaultBuilderApi>(state));
+
+    tokio::time::sleep(Duration::from_millis(100)).await;
+
+    let mock_validator = MockValidator::new(pbs_port)?;
+    let res =
+        mock_validator.do_get_header(None, vec![EncodingType::Ssz], ForkName::Electra).await?;
+    assert_eq!(res.status(), StatusCode::OK, "PBS should tolerate `; charset=binary` MIME param");
+    assert_eq!(mock_state.received_get_header(), 1);
+
+    let fork = get_consensus_version_header(res.headers()).expect("missing fork version header");
+    let bytes = res.bytes().await?;
+    let data = SignedBuilderBid::from_ssz_bytes_by_fork(&bytes, fork).unwrap();
+    assert_eq!(data.message.header().block_hash().0[0], 1);
+    Ok(())
+}
+
+/// Same guarantee on the JSON path: `application/json; charset=utf-8` (the
+/// value some production relays actually emit) must be accepted as JSON.
+#[tokio::test]
+async fn test_get_header_tolerates_json_charset_param() -> Result<()> {
+    setup_test_env();
+    let signer = random_secret();
+    let pubkey = signer.public_key();
+    let chain = Chain::Holesky;
+    let pbs_listener = get_free_listener().await;
+    let relay_listener = get_free_listener().await;
+    let pbs_port = pbs_listener.local_addr().unwrap().port();
+    let relay_port = relay_listener.local_addr().unwrap().port();
+
+    let mut mock_state = MockRelayState::new(chain, signer)
+        .with_response_content_type("application/json; charset=utf-8");
+    mock_state.supported_content_types = Arc::new(HashSet::from([EncodingType::Json]));
+    let mock_state = Arc::new(mock_state);
+    let mock_relay = generate_mock_relay(relay_port, pubkey)?;
+    tokio::spawn(start_mock_relay_service_with_listener(mock_state.clone(), relay_listener));
+
+    let pbs_config = get_pbs_config(pbs_port);
+    let config = to_pbs_config(chain, pbs_config, vec![mock_relay]);
+    let state = PbsState::new(config, PathBuf::new());
+    drop(pbs_listener);
+    tokio::spawn(PbsService::run::<(), DefaultBuilderApi>(state));
+
+    tokio::time::sleep(Duration::from_millis(100)).await;
+
+    let mock_validator = MockValidator::new(pbs_port)?;
+    let res =
+        mock_validator.do_get_header(None, vec![EncodingType::Json], ForkName::Electra).await?;
+    assert_eq!(res.status(), StatusCode::OK, "PBS should tolerate `; charset=utf-8` MIME param");
+    assert_eq!(mock_state.received_get_header(), 1);
+
+    let body: GetHeaderResponse = serde_json::from_slice(&res.bytes().await?)?;
+    assert_eq!(body.data.message.header().block_hash().0[0], 1);
+    Ok(())
+}
+
 /// Standard mode rejects a bid whose embedded pubkey does not match the relay's
 /// configured pubkey; None mode forwards it unchecked, proving the bypass works
 /// for the signature/pubkey validation check.

tests/tests/pbs_mux.rs

@@ -1,9 +1,4 @@
-use std::{
-    collections::{HashMap, HashSet},
-    path::PathBuf,
-    sync::Arc,
-    time::Duration,
-};
+use std::{collections::HashMap, path::PathBuf, sync::Arc, time::Duration};
 
 use alloy::primitives::U256;
 use cb_common::{

tests/tests/pbs_mux_refresh.rs

@@ -1,4 +1,4 @@
-use std::{collections::HashSet, path::PathBuf, sync::Arc, time::Duration};
+use std::{path::PathBuf, sync::Arc, time::Duration};
 
 use cb_common::{
     config::{MuxConfig, MuxKeysLoader, PbsMuxes},

tests/tests/pbs_post_blinded_blocks.rs

@@ -717,3 +717,56 @@ async fn test_submit_block_v2_ssz_does_not_retry_on_400() -> Result<()> {
     assert_eq!(attempts, 1);
     Ok(())
 }
+
+/// PBS must accept relay `Content-Type: application/octet-stream;
+/// charset=binary` on `submit_block` responses. The audit fix for C2 switched
+/// `EncodingType::from_str` to parse via the `mediatype` crate; this test
+/// exercises the full relay→PBS→BN path to guard against regressions on the
+/// v1 submit path.
+#[tokio::test]
+async fn test_submit_block_tolerates_mime_params_in_content_type() -> Result<()> {
+    setup_test_env();
+    let signer = random_secret();
+    let pubkey = signer.public_key();
+    let chain = Chain::Holesky;
+    let pbs_listener = get_free_listener().await;
+    let relay_listener = get_free_listener().await;
+    let pbs_port = pbs_listener.local_addr().unwrap().port();
+    let relay_port = relay_listener.local_addr().unwrap().port();
+
+    let mock_relay = generate_mock_relay(relay_port, pubkey)?;
+    let mut mock_relay_state = MockRelayState::new(chain, signer)
+        .with_response_content_type("application/octet-stream; charset=binary");
+    mock_relay_state.supported_content_types = Arc::new(HashSet::from([EncodingType::Ssz]));
+    let mock_state = Arc::new(mock_relay_state);
+    tokio::spawn(start_mock_relay_service_with_listener(mock_state.clone(), relay_listener));
+
+    let pbs_config = get_pbs_config(pbs_port);
+    let config = to_pbs_config(chain, pbs_config, vec![mock_relay]);
+    let state = PbsState::new(config, PathBuf::new());
+    drop(pbs_listener);
+    tokio::spawn(PbsService::run::<(), DefaultBuilderApi>(state));
+
+    tokio::time::sleep(Duration::from_millis(100)).await;
+
+    let signed_blinded_block = load_test_signed_blinded_block();
+    let mock_validator = MockValidator::new(pbs_port)?;
+    let res = mock_validator
+        .do_submit_block_v1(
+            Some(signed_blinded_block.clone()),
+            vec![EncodingType::Ssz],
+            EncodingType::Ssz,
+            ForkName::Electra,
+        )
+        .await?;
+    assert_eq!(res.status(), StatusCode::OK, "PBS should tolerate `; charset=binary` MIME param");
+    assert_eq!(mock_state.received_submit_block(), 1);
+
+    let bytes = res.bytes().await?;
+    let response_body = PayloadAndBlobs::from_ssz_bytes_by_fork(&bytes, ForkName::Electra).unwrap();
+    assert_eq!(
+        response_body.execution_payload.block_hash(),
+        signed_blinded_block.block_hash().into()
+    );
+    Ok(())
+}