highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-04-13 17:18:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#34965: cli: Return more helpful authentication errors

Browse Source 
257769a7ce qa: Improve error message (Hodlinator)
20a94c1524 cli: Clearer error messages on authentication failure (Hodlinator)
84c3f8d325 refactor(rpc): GenerateAuthCookieResult -> AuthCookieResult (Hodlinator)

Pull request description:

  Increases precision of error messages to help the user correct authentication issues.

  Inspired by #34935.

ACKs for top commit:
  davidgumberg:
    utACK 257769a7ce
  maflcko:
    review ACK 257769a7ce 🦇
  achow101:
    ACK 257769a7ce
  janb84:
    concept ACK 257769a7ce

Tree-SHA512: 1799db4b2c0ab3b67ed3d768da08c6be4f4beaad91a77406884b73950b420c8264c70b8e60a26a9e6fac058370f6accdb73c821d19bebb6edfbc8d7b84d01232
This commit is contained in:
Ava Chow
2026-04-02 15:55:28 -07:00
parent 4b98962731 257769a7ce
commit fa1f4feac4
7 changed files with 61 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/bitcoin-cli.cpp
View File

@@ -902,15 +902,13 @@ static UniValue CallRPC(BaseRequestHandler* rh, const std::string& strMethod, co
evhttp_request_set_error_cb(req.get(), http_error_cb);
// Get credentials
std::string strRPCUserColonPass;
bool failedToGetAuthCookie = false;
std::string rpc_credentials;
std::optional<AuthCookieResult> auth_cookie_result;
if (gArgs.GetArg("-rpcpassword", "") == "") {
// Try fall back to cookie-based authentication if no password is provided
if (!GetAuthCookie(&strRPCUserColonPass)) {
failedToGetAuthCookie = true;
}
auth_cookie_result = GetAuthCookie(rpc_credentials);
} else {
strRPCUserColonPass = username + ":" + gArgs.GetArg("-rpcpassword", "");
rpc_credentials = username + ":" + gArgs.GetArg("-rpcpassword", "");
}
struct evkeyvalq* output_headers = evhttp_request_get_output_headers(req.get());
@@ -918,7 +916,7 @@ static UniValue CallRPC(BaseRequestHandler* rh, const std::string& strMethod, co
evhttp_add_header(output_headers, "Host", host.c_str());
evhttp_add_header(output_headers, "Connection", "close");
evhttp_add_header(output_headers, "Content-Type", "application/json");
evhttp_add_header(output_headers, "Authorization", (std::string("Basic ") + EncodeBase64(strRPCUserColonPass)).c_str());
evhttp_add_header(output_headers, "Authorization", (std::string("Basic ") + EncodeBase64(rpc_credentials)).c_str());
// Attach request data
std::string strRequest = rh->PrepareRequest(strMethod, args).write() + "\n";
@@ -943,13 +941,24 @@ static UniValue CallRPC(BaseRequestHandler* rh, const std::string& strMethod, co
"Use \"bitcoin-cli -help\" for more info.",
host, port, responseErrorMessage));
} else if (response.status == HTTP_UNAUTHORIZED) {
if (failedToGetAuthCookie) {
throw std::runtime_error(strprintf(
"Could not locate RPC credentials. No authentication cookie could be found, and RPC password is not set. See -rpcpassword and -stdinrpcpass. Configuration file: (%s)",
fs::PathToString(gArgs.GetConfigFilePath())));
std::string error{"Authorization failed: "};
if (auth_cookie_result.has_value()) {
switch (*auth_cookie_result) {
case AuthCookieResult::Error:
error += "Failed to read cookie file and no rpcpassword was specified.";
break;
case AuthCookieResult::Disabled:
error += "Cookie file was disabled via -norpccookiefile and no rpcpassword was specified.";
break;
case AuthCookieResult::Ok:
error += "Cookie file credentials were invalid and no rpcpassword was specified.";
break;
}
} else {
throw std::runtime_error("Authorization failed: Incorrect rpcuser or rpcpassword");
error += "Incorrect rpcuser or rpcpassword were specified.";
}
error += strprintf(" Configuration file: (%s)", fs::PathToString(gArgs.GetConfigFilePath()));
throw std::runtime_error(error);
} else if (response.status == HTTP_SERVICE_UNAVAILABLE) {
throw std::runtime_error(strprintf("Server response: %s", response.body));
} else if (response.status >= 400 && response.status != HTTP_BAD_REQUEST && response.status != HTTP_NOT_FOUND && response.status != HTTP_INTERNAL_SERVER_ERROR)