Retropex/bitcoin
1
0
Fork 0
mirror of https://github.com/Retropex/bitcoin.git synced 2025-05-28 13:02:38 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'fix_rpcauth_blank' into rpcauthfile-28+knots

Browse Source
This commit is contained in:
Luke Dashjr 2024-09-03 13:53:22 +00:00
commit 6bb3773aa6
2 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/httprpc.cpp
View File

@ -314,9 +314,10 @@ static bool InitRPCAuthentication()
LogPrintf("Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcauth for rpcauth auth generation.\n");
strRPCUserColonPass = gArgs.GetArg("-rpcuser", "") + ":" + gArgs.GetArg("-rpcpassword", "");
}
if (gArgs.GetArg("-rpcauth", "") != "") {
if (!gArgs.GetArgs("-rpcauth").empty()) {
LogPrintf("Using rpcauth authentication.\n");
for (const std::string& rpcauth : gArgs.GetArgs("-rpcauth")) {
if (rpcauth.empty()) continue;
std::vector<std::string> fields{SplitString(rpcauth, ':')};
const std::vector<std::string> salt_hmac{SplitString(fields.back(), '$')};
if (fields.size() == 2 && salt_hmac.size() == 2) {

30
test/functional/rpc_users.py
View File

@ -138,9 +138,35 @@ class HTTPBasicsTest(BitcoinTestFramework):
init_error = 'Error: Unable to start HTTP server. See debug log for details.'
self.log.info('Check blank -rpcauth is ignored')
rpcauth_abc = '-rpcauth=abc:$2e32c2f20c67e29c328dd64a4214180f18da9e667d67c458070fd856f1e9e5e7'
rpcauth_def = '-rpcauth=def:$fd7adb152c05ef80dccf50a1fa4c05d5a3ec6da95575fc312ae7c5d091836351'
self.restart_node(0, extra_args=['-rpcauth'])
self.restart_node(0, extra_args=['-rpcauth=', rpcauth_abc])
self.restart_node(0, extra_args=[rpcauth_def, '-rpcauth='])
# ...without disrupting usage of other -rpcauth tokens
assert_equal(200, call_with_auth(self.nodes[0], 'def', 'abc').status)
assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
self.log.info('Check -norpcauth disables all previous -rpcauth params')
self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth'])
assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
assert_equal(401, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
self.log.info('Check -norpcauth can be reversed with -rpcauth')
self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', '-rpcauth'])
# FIXME: assert_equal(200, call_with_auth(self.nodes[0], 'def', 'abc').status)
assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
self.log.info('Check -norpcauth followed by a specific -rpcauth=* restores config file -rpcauth=* values too')
self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', rpcauth_abc])
assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', '-rpcauth='])
assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
self.log.info('Check -rpcauth are validated')
# Empty -rpcauth= are ignored
self.restart_node(0, extra_args=['-rpcauth='])
self.stop_node(0)
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo'])
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo:bar'])