mirror of
https://github.com/dashpay/dash.git
synced 2024-12-25 03:52:49 +01:00
Merge #16334: test: rpc_users: Also test rpcauth.py with password.
e263a343d4b6a2622df6bb734cd9d51a0d20a663 test: rpc_users: Make variable names more clear. (Carl Dong) 830dc2dd0fccb7f3ec49ff7233a188d92c541e7e test: rpc_users: Also test rpcauth.py with specified password. (Carl Dong) c73d871799982ca29c29cef90e1a78814cf34019 test: rpc_users: Add function for testing auth params. (Carl Dong) 604e2a997ff26202dd0fa1932d60dc14cc53ac6d test: rpc_users: Add function for auth'd requests. (Carl Dong) Pull request description: Fixes #14758 First two commits are tidy-ups which I feel are worthwhile as they are very straightforward, cut down the file by 50%, and made the final diff more minimal. Happy to squash after review. ACKs for top commit: laanwj: ACK e263a343d4b6a2622df6bb734cd9d51a0d20a663 Tree-SHA512: aa75c48570a87060238932d4c68e17234e158077f6195fb4917367e1ecc565e3cd8dd0ae51f9159ddd3d03742739680391bc1246454302db22d4a608c0633e80
This commit is contained in:
parent
906dd71de0
commit
ddd8e2f45b
@ -20,6 +20,17 @@ import string
|
||||
import configparser
|
||||
import sys
|
||||
|
||||
def call_with_auth(node, user, password):
|
||||
url = urllib.parse.urlparse(node.url)
|
||||
headers = {"Authorization": "Basic " + str_to_b64str('{}:{}'.format(user, password))}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
conn.close()
|
||||
return resp
|
||||
|
||||
|
||||
class HTTPBasicsTest(BitcoinTestFramework):
|
||||
def set_test_params(self):
|
||||
@ -29,15 +40,24 @@ class HTTPBasicsTest(BitcoinTestFramework):
|
||||
def setup_chain(self):
|
||||
super().setup_chain()
|
||||
#Append rpcauth to dash.conf before initialization
|
||||
self.rtpassword = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
|
||||
rpcauth = "rpcauth=rt:93648e835a54c573682c2eb19f882535$7681e9c5b74bdd85e78166031d2058e1069b3ed7ed967c93fc63abba06f31144"
|
||||
rpcauth2 = "rpcauth=rt2:f8607b1a88861fac29dfccf9b52ff9f$ff36a0c23c8c62b4846112e50fa888416e94c17bfd4c42f88fd8f55ec6a3137e"
|
||||
rpcuser = "rpcuser=rpcuser💻"
|
||||
rpcpassword = "rpcpassword=rpcpassword🔑"
|
||||
|
||||
self.user = ''.join(SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(10))
|
||||
self.rpcuser = "rpcuser💻"
|
||||
self.rpcpassword = "rpcpassword🔑"
|
||||
|
||||
config = configparser.ConfigParser()
|
||||
config.read_file(open(self.options.configfile))
|
||||
gen_rpcauth = config['environment']['RPCAUTH']
|
||||
|
||||
# Generate RPCAUTH with specified password
|
||||
self.rt2password = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
|
||||
p = subprocess.Popen([sys.executable, gen_rpcauth, 'rt2', self.rt2password], stdout=subprocess.PIPE, universal_newlines=True)
|
||||
lines = p.stdout.read().splitlines()
|
||||
rpcauth2 = lines[1]
|
||||
|
||||
# Generate RPCAUTH without specifying password
|
||||
self.user = ''.join(SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(10))
|
||||
p = subprocess.Popen([sys.executable, gen_rpcauth, self.user], stdout=subprocess.PIPE, universal_newlines=True)
|
||||
lines = p.stdout.read().splitlines()
|
||||
rpcauth3 = lines[1]
|
||||
@ -48,155 +68,35 @@ class HTTPBasicsTest(BitcoinTestFramework):
|
||||
f.write(rpcauth2 + "\n")
|
||||
f.write(rpcauth3 + "\n")
|
||||
with open(os.path.join(get_datadir_path(self.options.tmpdir, 1), "dash.conf"), 'a', encoding='utf8') as f:
|
||||
f.write(rpcuser + "\n")
|
||||
f.write(rpcpassword + "\n")
|
||||
f.write("rpcuser={}\n".format(self.rpcuser))
|
||||
f.write("rpcpassword={}\n".format(self.rpcpassword))
|
||||
|
||||
def test_auth(self, node, user, password):
|
||||
self.log.info('Correct...')
|
||||
assert_equal(200, call_with_auth(node, user, password).status)
|
||||
|
||||
self.log.info('Wrong...')
|
||||
assert_equal(401, call_with_auth(node, user, password+'wrong').status)
|
||||
|
||||
self.log.info('Wrong...')
|
||||
assert_equal(401, call_with_auth(node, user+'wrong', password).status)
|
||||
|
||||
self.log.info('Wrong...')
|
||||
assert_equal(401, call_with_auth(node, user+'wrong', password+'wrong').status)
|
||||
|
||||
def run_test(self):
|
||||
self.log.info('Check correctness of the rpcauth config option')
|
||||
url = urllib.parse.urlparse(self.nodes[0].url)
|
||||
|
||||
#Old authpair
|
||||
authpair = url.username + ':' + url.password
|
||||
|
||||
#New authpair generated via share/rpcauth tool
|
||||
password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
|
||||
|
||||
#Second authpair with different username
|
||||
password2 = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
|
||||
authpairnew = "rt:"+password
|
||||
|
||||
self.log.info('Correct...')
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpair)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 200)
|
||||
conn.close()
|
||||
|
||||
#Use new authpair to confirm both work
|
||||
self.log.info('Correct...')
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 200)
|
||||
conn.close()
|
||||
|
||||
#Wrong login name with rt's password
|
||||
self.log.info('Wrong...')
|
||||
authpairnew = "rtwrong:"+password
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
|
||||
#Wrong password for rt
|
||||
self.log.info('Wrong...')
|
||||
authpairnew = "rt:"+password+"wrong"
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
|
||||
#Correct for rt2
|
||||
self.log.info('Correct...')
|
||||
authpairnew = "rt2:"+password2
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 200)
|
||||
conn.close()
|
||||
|
||||
#Wrong password for rt2
|
||||
self.log.info('Wrong...')
|
||||
authpairnew = "rt2:"+password2+"wrong"
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
|
||||
#Correct for randomly generated user
|
||||
self.log.info('Correct...')
|
||||
authpairnew = self.user+":"+self.password
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 200)
|
||||
conn.close()
|
||||
|
||||
#Wrong password for randomly generated user
|
||||
self.log.info('Wrong...')
|
||||
authpairnew = self.user+":"+self.password+"Wrong"
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
self.test_auth(self.nodes[0], url.username, url.password)
|
||||
self.test_auth(self.nodes[0], 'rt', self.rtpassword)
|
||||
self.test_auth(self.nodes[0], 'rt2', self.rt2password)
|
||||
self.test_auth(self.nodes[0], self.user, self.password)
|
||||
|
||||
self.log.info('Check correctness of the rpcuser/rpcpassword config options')
|
||||
url = urllib.parse.urlparse(self.nodes[1].url)
|
||||
|
||||
# rpcuser and rpcpassword authpair
|
||||
self.log.info('Correct...')
|
||||
rpcuserauthpair = "rpcuser💻:rpcpassword🔑"
|
||||
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 200)
|
||||
conn.close()
|
||||
|
||||
#Wrong login name with rpcuser's password
|
||||
rpcuserauthpair = "rpcuserwrong:rpcpassword"
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
|
||||
#Wrong password for rpcuser
|
||||
self.log.info('Wrong...')
|
||||
rpcuserauthpair = "rpcuser:rpcpasswordwrong"
|
||||
headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
|
||||
|
||||
conn = http.client.HTTPConnection(url.hostname, url.port)
|
||||
conn.connect()
|
||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
|
||||
resp = conn.getresponse()
|
||||
assert_equal(resp.status, 401)
|
||||
conn.close()
|
||||
|
||||
self.test_auth(self.nodes[1], self.rpcuser, self.rpcpassword)
|
||||
|
||||
init_error = 'Error: Unable to start HTTP server. See debug log for details.'
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user