Skip to content

Commit 27c976d

Browse files
tdb3luke-jrryanofsky
committed
fix: increase consistency of rpcauth parsing
Previous rpcauth behavior was to sometimes ignore empty -rpcauth= settings, and other times treat them as errors. Empty rpcauth is now consistently treated as an error and prevents bitcoind from starting. Updates associated test cases. Also updates to non-deprecated logging macro. Co-Authored-By: Luke Dashjr <[email protected]> Co-Authored-By: Ryan Ofsky <[email protected]>
1 parent 2ad3689 commit 27c976d

File tree

2 files changed

+8
-7
lines changed

2 files changed

+8
-7
lines changed

src/httprpc.cpp

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -314,8 +314,9 @@ static bool InitRPCAuthentication()
314314
LogPrintf("Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcauth for rpcauth auth generation.\n");
315315
strRPCUserColonPass = gArgs.GetArg("-rpcuser", "") + ":" + gArgs.GetArg("-rpcpassword", "");
316316
}
317-
if (gArgs.GetArg("-rpcauth", "") != "") {
318-
LogPrintf("Using rpcauth authentication.\n");
317+
318+
if (!gArgs.GetArgs("-rpcauth").empty()) {
319+
LogInfo("Using rpcauth authentication.\n");
319320
for (const std::string& rpcauth : gArgs.GetArgs("-rpcauth")) {
320321
std::vector<std::string> fields{SplitString(rpcauth, ':')};
321322
const std::vector<std::string> salt_hmac{SplitString(fields.back(), '$')};

test/functional/rpc_users.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -139,11 +139,12 @@ def run_test(self):
139139
init_error = 'Error: Unable to start HTTP server. See debug log for details.'
140140

141141
self.log.info('Check -rpcauth are validated')
142-
self.log.info('Empty -rpcauth are ignored')
143-
self.restart_node(0, extra_args=['-rpcauth'])
144-
self.restart_node(0, extra_args=['-rpcauth='])
142+
self.log.info('Empty -rpcauth are treated as error')
145143
self.stop_node(0)
144+
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth'])
145+
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth='])
146146
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=""'])
147+
self.log.info('Check malformed -rpcauth')
147148
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo'])
148149
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo:bar'])
149150
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo:bar:baz'])
@@ -154,8 +155,7 @@ def run_test(self):
154155
# pw = bitcoin
155156
rpcauth_user1 = '-rpcauth=user1:6dd184e5e69271fdd69103464630014f$eb3d7ce67c4d1ff3564270519b03b636c0291012692a5fa3dd1d2075daedd07b'
156157
rpcauth_user2 = '-rpcauth=user2:57b2f77c919eece63cfa46c2f06e46ae$266b63902f99f97eeaab882d4a87f8667ab84435c3799f2ce042ef5a994d620b'
157-
self.restart_node(0, extra_args=[rpcauth_user1, rpcauth_user2, '-rpcauth=']) # fixed in subsequent commit
158-
self.stop_node(0)
158+
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=[rpcauth_user1, rpcauth_user2, '-rpcauth='])
159159
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=[rpcauth_user1, '-rpcauth=', rpcauth_user2])
160160
self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=', rpcauth_user1, rpcauth_user2])
161161

0 commit comments

Comments
 (0)