forked from bitcoin/bitcoin
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge #6209: chore: deprecate an option
platform-user
in favour of …
…whitelist e2c66ae chore: deprecate a setting platform-user in favour of whitelist (Konstantin Akimov) Pull request description: ## Issue being fixed or feature implemented Hard-coded restrictions for platform-user are super-seeded by whitelist feature. ## What was done? Before actually removing feature, let's make it deprecated for now Split from #6105 6105 - to close and re-open for next major release. It deprecates old command line argument `-platform-user` by renaming to `-deprecated-platform-user` ## How Has This Been Tested? See new 2 functional tests: `rpc_deprecated_platform_filter.py` and `rpc_external_queue.py` which are split from `rpc_platform_filter.py` ## Breaking Changes Command line argument `-platform-user` is renamed to `-deprecated-platform-user` ## Checklist: - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas - [x] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone ACKs for top commit: UdjinM6: utACK e2c66ae PastaPastaPasta: utACK e2c66ae Tree-SHA512: c237065304f5ba682bc381a202a17e1b7191bb02ba5e51d8eec3170315ee980e0c20fd3b6aa6d77f75095c1761d374a7139ef289b0c78d74809b233f15a1a04a
- Loading branch information
Showing
6 changed files
with
99 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
## Command-line options | ||
|
||
- `-platform-user` is deprecated in favor of the whitelist feature. In releases 22.x of Dash Core it has been renamed to `-deprecated-platform-user` and will be removed in version 23.x |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
#!/usr/bin/env python3 | ||
# Copyright (c) 2024 The Dash Core developers | ||
# Distributed under the MIT software license, see the accompanying | ||
# file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
"""Test that commands submitted by the platform user are filtered.""" | ||
|
||
from test_framework.test_framework import BitcoinTestFramework | ||
from test_framework.util import str_to_b64str, assert_equal | ||
|
||
import http.client | ||
import json | ||
import os | ||
import urllib.parse | ||
|
||
|
||
class HTTPBasicsTest(BitcoinTestFramework): | ||
def set_test_params(self): | ||
self.num_nodes = 1 | ||
self.supports_cli = False | ||
|
||
def setup_nodes(self): | ||
self.add_nodes(self.num_nodes) | ||
self.start_nodes() | ||
|
||
def setup_chain(self): | ||
super().setup_chain() | ||
# Append rpcauth to dash.conf before initialization | ||
rpcauthplatform = "rpcauth=platform-user:dd88fd676186f48553775d6fb5a2d344$bc1f7898698ead19c6ec7ff47055622dd7101478f1ff6444103d3dc03cd77c13" | ||
# rpcuser : platform-user | ||
# rpcpassword : password123 | ||
rpcauthoperator = "rpcauth=operator:e9b45dd0b61a7be72155535435365a3a$8fb7470bc6f74d8ceaf9a23f49b06127723bd563b3ed5d9cea776ef01803d191" | ||
# rpcuser : operator | ||
# rpcpassword : otherpassword | ||
|
||
masternodeblskey="masternodeblsprivkey=58af6e39bb4d86b22bda1a02b134c2f5b71caffa1377540b02f7f1ad122f59e0" | ||
|
||
with open(os.path.join(self.options.tmpdir+"/node0", "dash.conf"), 'a', encoding='utf8') as f: | ||
f.write(masternodeblskey+"\n") | ||
f.write(rpcauthplatform+"\n") | ||
f.write(rpcauthoperator+"\n") | ||
|
||
def run_test(self): | ||
url = urllib.parse.urlparse(self.nodes[0].url) | ||
|
||
def send_command(method, params, auth, expected_status, should_not_match=False): | ||
conn = http.client.HTTPConnection(url.hostname, url.port) | ||
conn.connect() | ||
body = {"method": method} | ||
if len(params): | ||
body["params"] = params | ||
conn.request('POST', '/', json.dumps(body), {"Authorization": "Basic " + str_to_b64str(auth)}) | ||
resp = conn.getresponse() | ||
if should_not_match: | ||
assert resp.status != expected_status | ||
else: | ||
assert_equal(resp.status, expected_status) | ||
conn.close() | ||
|
||
rpcuser_authpair_platform = "platform-user:password123" | ||
rpcuser_authpair_operator = "operator:otherpassword" | ||
rpcuser_authpair_wrong = "platform-user:rpcpasswordwrong" | ||
|
||
external_log_str = "HTTP: Calling handler for external user" | ||
always_expected_log_str = "ThreadRPCServer method=" | ||
|
||
self.log.info('Try using a incorrect password for platform-user...') | ||
send_command("getbestblockhash", [], rpcuser_authpair_wrong, 401) | ||
|
||
self.log.info("Check that there's no external queue by default") | ||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str], unexpected_msgs = [external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_platform, 200) | ||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str], unexpected_msgs = [external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_operator, 200) | ||
|
||
self.log.info("Restart node with -rpcexternaluser") | ||
self.restart_node(0, extra_args=["-rpcexternaluser=platform-user"]) | ||
|
||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str, external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_platform, 200) | ||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str], unexpected_msgs = [external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_operator, 200) | ||
|
||
self.log.info("Restart node with multiple external users") | ||
self.restart_node(0, extra_args=["-rpcexternaluser=platform-user,operator"]) | ||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str, external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_platform, 200) | ||
with self.nodes[0].assert_debug_log(expected_msgs=[always_expected_log_str, external_log_str]): | ||
send_command("getbestblockhash", [], rpcuser_authpair_operator, 200) | ||
|
||
|
||
if __name__ == '__main__': | ||
HTTPBasicsTest().main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters