foster/bitcoin-bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-02-13 11:25:02 -05:00
Code Issues Activity
bitcoin-bitcoin-core/src/rpc/request.cpp

243 lines
8.3 KiB
C++
Raw Normal View History

Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
// Copyright (c) 2010 Satoshi Nakamoto
scripted-diff: Bump copyright headers -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: - 2021: f47dda2c58b5d8d623e0e7ff4e74bc352dfa83d7 - 2020: fa0074e2d82928016a43ca408717154a1c70a4db - 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2022-12-24 23:49:50 +00:00
// Copyright (c) 2009-2022 The Bitcoin Core developers
Update comments in src/rpc* to be doxygen compatible
2014-11-20 10:19:29 +08:00
// Distributed under the MIT software license, see the accompanying
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
#include <rpc/request.h>
move-only: Extract common/args and common/config.cpp from util/system This is an extraction of ArgsManager related functions from util/system into their own common file. Config file related functions are moved to common/config.cpp. The background of this commit is an ongoing effort to decouple the libbitcoinkernel library from the ArgsManager. The ArgsManager belongs into the common library, since the kernel library should not depend on it. See doc/design/libraries.md for more information on this rationale.
2023-03-23 12:23:29 +01:00
#include <common/args.h>
#include <logging.h>
scripted-diff: Replace #include "" with #include <> (ryanofsky) -BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-11-10 13:57:53 +13:00
#include <random.h>
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
#include <rpc/protocol.h>
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
#include <util/fs.h>
refactor: Extract util/fs_helpers from util/system This is an extraction of filesystem related functions from util/system into their own utility file. The background of this commit is an ongoing effort to decouple the libbitcoinkernel library from the ArgsManager defined in system.h. Moving these functions out of system.h allows including them from a separate source file without including the ArgsManager definitions from system.h.
2023-03-06 23:41:46 +01:00
#include <util/fs_helpers.h>
scripted-diff: Move util files to separate directory. -BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
2018-10-22 15:51:11 -07:00
#include <util/strencodings.h>
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
refactor: replace boost::filesystem with std::filesystem Warning: Replacing fs::system_complete calls with fs::absolute calls in this commit may cause minor changes in behaviour because fs::absolute no longer strips trailing slashes; however these changes are believed to be safe. Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2020-06-11 08:58:46 +02:00
#include <fstream>
#include <stdexcept>
#include <string>
#include <vector>
Update comments in src/rpc* to be doxygen compatible
2014-11-20 10:19:29 +08:00
/**
* JSON-RPC protocol. Bitcoin speaks version 1.0 for maximum compatibility,
* but uses JSON-RPC 1.1/2.0 standards for parts of the 1.0 standard that were
* unspecified (HTTP errors and contents of 'error').
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
*
Update comments in src/rpc* to be doxygen compatible
2014-11-20 10:19:29 +08:00
* 1.0 spec: http://json-rpc.org/wiki/specification
* 1.2 spec: http://jsonrpc.org/historical/json-rpc-over-http.html
doc: add comments and release-notes for JSON-RPC 2.0
2023-03-01 14:03:26 -05:00
*
* If the server receives a request with the JSON-RPC 2.0 marker `{"jsonrpc": "2.0"}`
* then Bitcoin will respond with a strictly specified response.
* It will only return an HTTP error code if an actual HTTP error is encountered
* such as the endpoint is not found (404) or the request is not formatted correctly (500).
* Otherwise the HTTP code is always OK (200) and RPC errors will be included in the
* response body.
*
* 2.0 spec: https://www.jsonrpc.org/specification
*
* Also see http://www.simple-is-better.org/rpc/#differences-between-1-0-and-2-0
Update comments in src/rpc* to be doxygen compatible
2014-11-20 10:19:29 +08:00
*/
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
Refactor: Remove using namespace <xxx> from rpc/
2017-01-04 13:22:19 +09:00
UniValue JSONRPCRequestObj(const std::string& strMethod, const UniValue& params, const UniValue& id)
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
{
remove JSON Spirit UniValue wrapper
2015-05-13 21:29:19 +02:00
UniValue request(UniValue::VOBJ);
scripted-diff: Use UniValue.pushKV instead of push_back(Pair()) -BEGIN VERIFY SCRIPT- git grep -l "push_back(Pair" | xargs sed -i "s/push_back(Pair(\(.*\)));/pushKV(\1);/g" -END VERIFY SCRIPT-
2017-09-22 20:04:07 +02:00
request.pushKV("method", strMethod);
request.pushKV("params", params);
request.pushKV("id", id);
bitcoin-cli: use json-rpc 2.0
2024-06-06 10:25:48 -04:00
request.pushKV("jsonrpc", "2.0");
rpc: Change JSONRPCRequest to JSONRPCRequestObj This is more consistent with `JSONRPCReplyObj`.
2016-09-29 18:48:27 +02:00
return request;
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
}
rpc: JSON-RPC 2.0 should not respond to "notifications" For JSON-RPC 2.0 requests we need to distinguish between a missing "id" field and "id":null. This is accomplished by making the JSONRPCRequest id property a std::optional<UniValue> with a default value of UniValue::VNULL. A side-effect of this change for non-2.0 requests is that request which do not specify an "id" field will no longer return "id": null in the response.
2023-07-07 15:06:35 -04:00
UniValue JSONRPCReplyObj(UniValue result, UniValue error, std::optional<UniValue> id, JSONRPCVersion jsonrpc_version)
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
{
remove JSON Spirit UniValue wrapper
2015-05-13 21:29:19 +02:00
UniValue reply(UniValue::VOBJ);
rpc: Add "jsonrpc" field and drop null "result"/"error" fields Only for JSON-RPC 2.0 requests.
2023-07-07 14:41:23 -04:00
// Add JSON-RPC version number field in v2 only.
if (jsonrpc_version == JSONRPCVersion::V2) reply.pushKV("jsonrpc", "2.0");
// Add both result and error fields in v1, even though one will be null.
// Omit the null field in v2.
if (error.isNull()) {
rpc: Avoid copies in JSONRPCReplyObj() Change parameters from const references to values, so they can be moved into the reply instead of copied. Also update callers to move instead of copy.
2024-01-23 10:33:26 -05:00
reply.pushKV("result", std::move(result));
rpc: Add "jsonrpc" field and drop null "result"/"error" fields Only for JSON-RPC 2.0 requests.
2023-07-07 14:41:23 -04:00
if (jsonrpc_version == JSONRPCVersion::V1_LEGACY) reply.pushKV("error", NullUniValue);
} else {
if (jsonrpc_version == JSONRPCVersion::V1_LEGACY) reply.pushKV("result", NullUniValue);
reply.pushKV("error", std::move(error));
}
rpc: JSON-RPC 2.0 should not respond to "notifications" For JSON-RPC 2.0 requests we need to distinguish between a missing "id" field and "id":null. This is accomplished by making the JSONRPCRequest id property a std::optional<UniValue> with a default value of UniValue::VNULL. A side-effect of this change for non-2.0 requests is that request which do not specify an "id" field will no longer return "id": null in the response.
2023-07-07 15:06:35 -04:00
if (id.has_value()) reply.pushKV("id", std::move(id.value()));
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
return reply;
}
Refactor: Remove using namespace <xxx> from rpc/
2017-01-04 13:22:19 +09:00
UniValue JSONRPCError(int code, const std::string& message)
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
{
extend conversion to UniValue
2015-05-10 13:35:44 +02:00
UniValue error(UniValue::VOBJ);
scripted-diff: Use UniValue.pushKV instead of push_back(Pair()) -BEGIN VERIFY SCRIPT- git grep -l "push_back(Pair" | xargs sed -i "s/push_back(Pair(\(.*\)));/pushKV(\1);/g" -END VERIFY SCRIPT-
2017-09-22 20:04:07 +02:00
error.pushKV("code", code);
error.pushKV("message", message);
Split up bitcoinrpc (code movement only) Split bitcoinrpc up into - rpcserver: bitcoind RPC server - rpcclient: bitcoin-cli RPC client - rpcprotocol: shared common HTTP/JSON-RPC protocol code One step towards making bitcoin-cli independent from the rest of the code, and thus a smaller executable that doesn't have to be linked against leveldb. This commit only does code movement, there are no functional changes.
2013-11-20 14:18:57 +01:00
return error;
}
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
/** Username used when cookie authentication is in use (arbitrary, only for
* recognizability in debugging/logging purposes)
*/
static const std::string COOKIEAUTH_USER = "__cookie__";
/** Default name for auth cookie file */
util, refactor: Use GetPathArg to read "-rpccookiefile" value
2022-03-25 21:37:28 +01:00
static const char* const COOKIEAUTH_FILE = ".cookie";
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
rpc: Write authcookie atomically Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129.
2017-08-25 12:39:30 +02:00
/** Get name of RPC authentication cookie file */
static fs::path GetAuthCookieFile(bool temp=false)
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
{
util, refactor: Use GetPathArg to read "-rpccookiefile" value
2022-03-25 21:37:28 +01:00
fs::path arg = gArgs.GetPathArg("-rpccookiefile", COOKIEAUTH_FILE);
rpc: Write authcookie atomically Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129.
2017-08-25 12:39:30 +02:00
if (temp) {
arg += ".tmp";
}
refactor: Stop using gArgs global in system.cpp Most of the code in util/system.cpp that was hardcoded to use the global ArgsManager instance `gArgs` has been changed to work with explicit ArgsManager instances (for example in https://github.com/bitcoin/bitcoin/pull/20092). But a few hardcoded references to `gArgs` remain. This commit removes the last ones so these functions aren't reading or writing global state.
2023-02-27 14:21:13 -05:00
return AbsPathForConfigVal(gArgs, arg);
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
}
rpc: keep .cookie if it was not generated Otherwise, starting bitcoind twice may cause the `.cookie` file generated by the first instance to be deleted by the second instance shutdown (after failing to obtain a lock).
2023-11-03 16:34:42 +02:00
static bool g_generated_cookie = false;
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
bool GenerateAuthCookie(std::string* cookie_out, std::optional<fs::perms> cookie_perms)
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
{
rpc: Generate auth cookie in hex instead of base64 Base64 contains '/', and the '/' character in credentials is problematic for AuthServiceProxy which represents the RPC endpoint as an URI with user and password embedded. Closes #8399.
2016-10-01 16:57:25 +02:00
const size_t COOKIE_SIZE = 32;
unsigned char rand_pwd[COOKIE_SIZE];
refactor: use Span in random.*
2022-01-31 19:29:33 +07:00
GetRandBytes(rand_pwd);
refactor: Make HexStr take a span Make HexStr take a span of bytes, instead of an awkward pair of templated iterators.
2020-06-24 17:26:47 +02:00
std::string cookie = COOKIEAUTH_USER + ":" + HexStr(rand_pwd);
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
/** the umask determines what permissions are used to create this file -
refactor: Move system from util to common library Since the kernel library no longer depends on the system file, move it to the common library instead in accordance to the diagram in doc/design/libraries.md.
2023-05-08 11:32:13 +02:00
* these are set to 0077 in common/system.cpp.
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
*/
refactor: replace boost::filesystem with std::filesystem Warning: Replacing fs::system_complete calls with fs::absolute calls in this commit may cause minor changes in behaviour because fs::absolute no longer strips trailing slashes; however these changes are believed to be safe. Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2020-06-11 08:58:46 +02:00
std::ofstream file;
rpc: Write authcookie atomically Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129.
2017-08-25 12:39:30 +02:00
fs::path filepath_tmp = GetAuthCookieFile(true);
Move boost/std fstream to fsbridge
2018-08-04 13:32:13 +00:00
file.open(filepath_tmp);
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
if (!file.is_open()) {
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
LogInfo("Unable to open cookie authentication file %s for writing\n", fs::PathToString(filepath_tmp));
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
return false;
}
file << cookie;
file.close();
rpc: Write authcookie atomically Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129.
2017-08-25 12:39:30 +02:00
fs::path filepath = GetAuthCookieFile(false);
if (!RenameOver(filepath_tmp, filepath)) {
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
LogInfo("Unable to rename cookie authentication file %s to %s\n", fs::PathToString(filepath_tmp), fs::PathToString(filepath));
rpc: Write authcookie atomically Use POSIX rename atomicity at the `bitcoind` side to create a working cookie atomically: - Write `.cookie.tmp`, close file - Rename `.cookie.tmp` to `.cookie` This avoids clients reading invalid/partial cookies as in #11129.
2017-08-25 12:39:30 +02:00
return false;
}
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
if (cookie_perms) {
std::error_code code;
fs::permissions(filepath, cookie_perms.value(), fs::perm_options::replace, code);
if (code) {
LogInfo("Unable to set permissions on cookie authentication file %s\n", fs::PathToString(filepath_tmp));
return false;
}
}
rpc: keep .cookie if it was not generated Otherwise, starting bitcoind twice may cause the `.cookie` file generated by the first instance to be deleted by the second instance shutdown (after failing to obtain a lock).
2023-11-03 16:34:42 +02:00
g_generated_cookie = true;
init: add option for rpccookie permissions Add a bitcoind launch option `-rpccookieperms` to configure the file permissions of the cookie on Unix systems.
2024-01-08 15:02:44 +00:00
LogInfo("Generated RPC authentication cookie %s\n", fs::PathToString(filepath));
LogInfo("Permissions used for cookie: %s\n", PermsToSymbolicString(fs::status(filepath).permissions()));
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
if (cookie_out)
*cookie_out = cookie;
return true;
}
bool GetAuthCookie(std::string *cookie_out)
{
refactor: replace boost::filesystem with std::filesystem Warning: Replacing fs::system_complete calls with fs::absolute calls in this commit may cause minor changes in behaviour because fs::absolute no longer strips trailing slashes; however these changes are believed to be safe. Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2020-06-11 08:58:46 +02:00
std::ifstream file;
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
std::string cookie;
Replace uses of boost::filesystem with fs Step two in abstracting away boost::filesystem. To repeat this, simply run: ``` git ls-files \*.cpp \*.h | xargs sed -i 's/boost::filesystem/fs/g' ```
2017-03-01 17:05:50 +01:00
fs::path filepath = GetAuthCookieFile();
Move boost/std fstream to fsbridge
2018-08-04 13:32:13 +00:00
file.open(filepath);
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
if (!file.is_open())
return false;
std::getline(file, cookie);
file.close();
if (cookie_out)
*cookie_out = cookie;
return true;
}
void DeleteAuthCookie()
{
try {
rpc: keep .cookie if it was not generated Otherwise, starting bitcoind twice may cause the `.cookie` file generated by the first instance to be deleted by the second instance shutdown (after failing to obtain a lock).
2023-11-03 16:34:42 +02:00
if (g_generated_cookie) {
// Delete the cookie file if it was generated by this process
fs::remove(GetAuthCookieFile());
}
Replace uses of boost::filesystem with fs Step two in abstracting away boost::filesystem. To repeat this, simply run: ``` git ls-files \*.cpp \*.h | xargs sed -i 's/boost::filesystem/fs/g' ```
2017-03-01 17:05:50 +01:00
} catch (const fs::filesystem_error& e) {
utils: Convert fs error messages from multibyte to utf-8
2018-09-11 02:08:56 +08:00
LogPrintf("%s: Unable to remove random auth cookie file: %s\n", __func__, fsbridge::get_filesystem_error_message(e));
rpc: Implement random-cookie based authentication When no `-rpcpassword` is specified, use a special 'cookie' file for authentication. This file is generated with random content when the daemon starts, and deleted when it exits. Read access to this file controls who can access through RPC. By default this file is stored in the data directory but it be overriden with `-rpccookiefile`. This is similar to Tor CookieAuthentication: see https://www.torproject.org/docs/tor-manual.html.en Alternative to #6258. Like that pull, this allows running bitcoind without any manual configuration. However, daemons should ideally never write to their configuration files, so I prefer this solution.
2015-07-07 14:53:48 +02:00
}
}
rpc: drop unused JSONRPCProcessBatchReply size arg, refactor
2020-04-12 21:46:16 +02:00
std::vector<UniValue> JSONRPCProcessBatchReply(const UniValue& in)
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
{
if (!in.isArray()) {
throw std::runtime_error("Batch must be an array");
}
rpc: drop unused JSONRPCProcessBatchReply size arg, refactor
2020-04-12 21:46:16 +02:00
const size_t num {in.size()};
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
std::vector<UniValue> batch(num);
rpc: drop unused JSONRPCProcessBatchReply size arg, refactor
2020-04-12 21:46:16 +02:00
for (const UniValue& rec : in.getValues()) {
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
if (!rec.isObject()) {
rpc: drop unused JSONRPCProcessBatchReply size arg, refactor
2020-04-12 21:46:16 +02:00
throw std::runtime_error("Batch member must be an object");
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
}
scripted-diff: Use getInt<T> over get_int/get_int64 -BEGIN VERIFY SCRIPT- sed -i 's|\<get_int64\>|getInt<int64_t>|g' $(git grep -l get_int ':(exclude)src/univalue') sed -i 's|\<get_int\>|getInt<int>|g' $(git grep -l get_int ':(exclude)src/univalue') -END VERIFY SCRIPT-
2022-05-13 12:32:59 +02:00
size_t id = rec["id"].getInt<int>();
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
if (id >= num) {
rpc: drop unused JSONRPCProcessBatchReply size arg, refactor
2020-04-12 21:46:16 +02:00
throw std::runtime_error("Batch member id is larger than batch size");
rpc: Handle `getinfo` locally in bitcoin-cli w/ `-getinfo` This adds the infrastructure `BaseRequestHandler` class that takes care of converting bitcoin-cli arguments into a JSON-RPC request object, and converting the reply into a JSON object that can be shown as result. This is subsequently used to handle the `-getinfo` option, which sends a JSON-RPC batch request to the RPC server with `["getnetworkinfo", "getblockchaininfo", "getwalletinfo"]`, and after reply combines the result into what looks like a `getinfo` result. There have been some requests for a client-side `getinfo` and this is my PoC of how to do it. If this is considered a good idea some of the logic could be moved up to rpcclient.cpp and used in the GUI console as well. Extra-Author: Andrew Chow <achow101@gmail.com>
2016-09-29 16:45:19 +02:00
}
batch[id] = rec;
}
return batch;
}
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
void JSONRPCRequest::parse(const UniValue& valRequest)
{
// Parse request
if (!valRequest.isObject())
throw JSONRPCError(RPC_INVALID_REQUEST, "Invalid Request object");
const UniValue& request = valRequest.get_obj();
// Parse id now so errors from here on will have the id
rpc: JSON-RPC 2.0 should not respond to "notifications" For JSON-RPC 2.0 requests we need to distinguish between a missing "id" field and "id":null. This is accomplished by making the JSONRPCRequest id property a std::optional<UniValue> with a default value of UniValue::VNULL. A side-effect of this change for non-2.0 requests is that request which do not specify an "id" field will no longer return "id": null in the response.
2023-07-07 15:06:35 -04:00
if (request.exists("id")) {
id = request.find_value("id");
} else {
id = std::nullopt;
}
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
rpc: identify JSON-RPC 2.0 requests
2023-07-07 14:31:18 -04:00
// Check for JSON-RPC 2.0 (default 1.1)
m_json_version = JSONRPCVersion::V1_LEGACY;
const UniValue& jsonrpc_version = request.find_value("jsonrpc");
if (!jsonrpc_version.isNull()) {
if (!jsonrpc_version.isStr()) {
throw JSONRPCError(RPC_INVALID_REQUEST, "jsonrpc field must be a string");
}
// The "jsonrpc" key was added in the 2.0 spec, but some older documentation
// incorrectly included {"jsonrpc":"1.0"} in a request object, so we
// maintain that for backwards compatibility.
if (jsonrpc_version.get_str() == "1.0") {
m_json_version = JSONRPCVersion::V1_LEGACY;
} else if (jsonrpc_version.get_str() == "2.0") {
m_json_version = JSONRPCVersion::V2;
} else {
throw JSONRPCError(RPC_INVALID_REQUEST, "JSON-RPC version not supported");
}
}
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
// Parse method
Fix clang-tidy performance-unnecessary-copy-initialization warnings
2023-05-09 11:26:58 +02:00
const UniValue& valMethod{request.find_value("method")};
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
if (valMethod.isNull())
throw JSONRPCError(RPC_INVALID_REQUEST, "Missing method");
if (!valMethod.isStr())
throw JSONRPCError(RPC_INVALID_REQUEST, "Method must be a string");
strMethod = valMethod.get_str();
if (fLogIPs)
LogPrint(BCLog::RPC, "ThreadRPCServer method=%s user=%s peeraddr=%s\n", SanitizeString(strMethod),
this->authUser, this->peerAddr);
else
LogPrint(BCLog::RPC, "ThreadRPCServer method=%s user=%s\n", SanitizeString(strMethod), this->authUser);
// Parse params
Fix clang-tidy performance-unnecessary-copy-initialization warnings
2023-05-09 11:26:58 +02:00
const UniValue& valParams{request.find_value("params")};
rpc: migrate JSONRPCRequest functionality into request.cpp
2019-06-20 02:39:38 +09:00
if (valParams.isArray() || valParams.isObject())
params = valParams;
else if (valParams.isNull())
params = UniValue(UniValue::VARR);
else
throw JSONRPCError(RPC_INVALID_REQUEST, "Params must be an array or object");
}
Copy permalink