Pages:
Author

Topic: JSON-RPC password (Read 36685 times)

sr. member
Activity: 504
Merit: 252
Elder Crypto God
April 16, 2011, 12:32:51 PM
#61
Code:
$result2 = $rpc->sendfrom($fromAccount, $toAccount, (float) $amount);

See if this works.

Now it worked! Thanx!

You're welcome. The problem was that you were trying to pass $amount as a string.
full member
Activity: 210
Merit: 100
Presale is live!
April 16, 2011, 06:17:52 AM
#60
Code:
$result2 = $rpc->sendfrom($fromAccount, $toAccount, (float) $amount);

See if this works.

Now it worked! Thanx!
full member
Activity: 210
Merit: 100
Presale is live!
April 15, 2011, 09:08:12 AM
#59
I'll arrive home in a few hours then I'll check if that's the problem

Thanx a lot dude
sr. member
Activity: 504
Merit: 252
Elder Crypto God
April 15, 2011, 08:50:18 AM
#58
Code:
$result2 = $rpc->sendfrom($fromAccount, $toAccount, (float) $amount);

See if this works.
full member
Activity: 210
Merit: 100
Presale is live!
April 15, 2011, 12:40:39 AM
#57
Alright, this thing I'm having a problem with:

Code:
       $result1 = $rpc->getbalance($fromAccount);
    $result2 = $rpc->sendfrom($fromAccount, $toAccount, $amount);

The first line works fine and gets me:

Code:
1***** Request *****
{"method":"getbalance","params":["fetokun"],"id":1}
***** End Of request *****

***** Server response *****
{"result":3639.00000000,"error":null,"id":1}
***** End of server response *****

But the second line gets me:
Code:
Warning: fopen(http://...@localhost:8332/): failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error in /var/www/meubitcoin/src/classes/jsonRPCClient.php on line 132 Fatal error: Uncaught exception 'Exception' with message 'Unable to connect...

Anybody knows why?

my bitcoin.conf:

Code:
rcpallowip=127.0.0.1
rpcuser=fetokun
rpcpassword=rcpass123
rpcport=8332
server=1
testnet=1
full member
Activity: 210
Merit: 100
Presale is live!
April 10, 2011, 08:29:32 AM
#56
found the problem

All I had to do was RTFM properly =D
full member
Activity: 210
Merit: 100
Presale is live!
April 10, 2011, 07:24:15 AM
#55
I'm getting the same error that was posted here about 1 year ago:

First of all, does "bitcoind getinfo" work?

Second, try to grab the attempt that jsonrpcclient.php makes with netcat (might have to install it first):

1) Stop bitcoind
2) netcat -l 8332
3) Run your client code with a modified (insecure) username and password
4) Ctrl-C netcat and post the output



when I do what lachesis mentioned above, netcat shows me:

Code:
{"method":"listaccounts","params":[],"id":1}

Its probably something very simple that I'm forgetting about... does anyone know what?
legendary
Activity: 1652
Merit: 2311
Chief Scientist
July 30, 2010, 07:53:40 AM
#54
$ ./bitcoind -datadir=/home/theymos/bitcoin -conf=/home/theymos/bitcoin/bitcoin.conf && ./bitcoind getinfo
error: You must set rpcpassword= in the configuration file:
That second ./bitcoind getinfo has to be:
Code:
./bitcoind -datadir=/home/theymos/bitcoin -conf=/home/theymos/bitcoin/bitcoin.conf getinfo
... otherwise it will use the default config file and datadir.
administrator
Activity: 5222
Merit: 13032
July 30, 2010, 12:54:36 AM
#53
When I upgraded from a version with switch-based passwords to the latest SVN, I ran into a problem: Bitcoin looks for the configuration file in the default "~/.bitcoin/bitcoin.conf" unless I point to any non-existent file. Example:
Code:
$ ls /home/theymos/bitcoin
addr.dat      blkindex.dat  debug.log          status.sh
bitcoin.conf  command.sh    debug.log.old.bz2  stop.sh
bitcoind      database      makefile           transfer.sh
blk0001.dat   db.log        start.sh           wallet.dat

$ ./bitcoind -datadir=/home/theymos/bitcoin -conf=/home/theymos/bitcoin/bitcoin.conf && ./bitcoind getinfo
error: You must set rpcpassword= in the configuration file:
/home/theymos/.bitcoin/bitcoin.conf
If the file does not exist, create it with owner-readable-only file permissions.

$ killall bitcoind

$ ./bitcoind -datadir=/home/theymos/bitcoin -conf=/home/theymos/bitcoin/asdf.conf && ./bitcoind getinfo
bitcoin server starting
error: You must set rpcpassword= in the configuration file:
/home/theymos/.bitcoin/bitcoin.conf
If the file does not exist, create it with owner-readable-only file permissions.

Warning: To use bitcoind, you must set rpcpassword=
in the configuration file: /home/theymos/bitcoin/asdf.conf
If the file does not exist, create it with owner-readable-only file permissions.

Bitcoin is using the correct datadir. Hardcoding the path in util.cpp just gives me "error:getinfo" (though maybe I'm not doing it correctly). Removing the "pathConfig.is_complete()" if statement does the same thing.

I'm on Linux with glibc 2.10.1. I'm using all of the recommended dependency versions. The only dependency I changed during the upgrade was Boost, which I had to recompile to get the additional libraries that Bitcoin now uses.
full member
Activity: 210
Merit: 105
July 25, 2010, 09:27:38 PM
#52
Ah alright. In that case, your username was actually "anything; does not have to be a 'real' user". That's why using the Bitcoin command line client worked - it used the full field for a username. I updated the wiki to remove the "; does not have to be a 'real' user" comment.
hero member
Activity: 532
Merit: 505
July 25, 2010, 08:38:57 PM
#51
Ok, i found it.  Cheesy

wiki says, create a bitcoin.conf like this:
Code:
rpcuser=anything; does not have to be a 'real' user
rpcpassword=anything
but that won't work (at least for some people, maybe windows?)

removing the ; did the job,
using # as seperator/commentor works fine.

hero member
Activity: 532
Merit: 505
July 25, 2010, 08:13:43 PM
#50
I'm on XP here, not sure if theres a netcat-clone available.

commandline works fine and does what it's supposed to

this works fine using <=0.3.2
Code:
require_once 'jsonRPCClient.php';
$bitcoin = new jsonRPCClient('http://localhost:8332/');
echo $bitcoin->getblockcount();


but this doesnt work using 0.3.3
Code:
require_once 'jsonRPCClient.php';
$bitcoin = new jsonRPCClient('http://username:password@localhost:8332/');
echo $bitcoin->getblockcount();

full member
Activity: 210
Merit: 105
July 25, 2010, 07:26:27 PM
#49
First of all, does "bitcoind getinfo" work?

Second, try to grab the attempt that jsonrpcclient.php makes with netcat (might have to install it first):

1) Stop bitcoind
2) netcat -l 8332
3) Run your client code with a modified (insecure) username and password
4) Ctrl-C netcat and post the output

hero member
Activity: 532
Merit: 505
July 25, 2010, 05:41:42 PM
#48
That's strange, didn't someone just say that was supposed to work?  (what library was he using?)  Post if you figure out what wrong.
That was me; I'm using the library at http://jsonrpcphp.org/ (download at http://jsonrpcphp.org/download.php?file=tgz&package=light), and I can confirm that this works:
Code:
require_once 'jsonRPCClient.php';
$bitcoin = new jsonRPCClient('http://username:password@localhost:8332/');
echo 
$bitcoin->getblockcount();
?>


not for me, that's what i tried first, cuz it's on the wiki.
this is all i get from jsonRPCClient:
Warning: fopen(http://...@localhost:8332/) [function.fopen]: failed to open stream: HTTP request failed! HTTP/1.0 401 Authorization Required in ...\jsonRPCClient.php on line 132


also couldn't get curl to authorize yet, all i get is
..curl_error():transfer closed with 15 bytes remaining to read..
which results in a "bad json-syntax" of course

testing on php5.3.0 curl7.19.4.
and open for ideas.
full member
Activity: 210
Merit: 105
July 25, 2010, 05:15:15 PM
#47
That's strange, didn't someone just say that was supposed to work?  (what library was he using?)  Post if you figure out what wrong.
That was me; I'm using the library at http://jsonrpcphp.org/ (download at http://jsonrpcphp.org/download.php?file=tgz&package=light), and I can confirm that this works:
Code:
require_once 'jsonRPCClient.php';
$bitcoin = new jsonRPCClient('http://username:password@localhost:8332/');
echo 
$bitcoin->getblockcount();
?>


Thanks to gavinandresen and satoshi for fixing that bug so fast.
founder
Activity: 364
Merit: 7423
July 25, 2010, 04:51:31 PM
#46
Great catch!  Simpler fix is to specify the BIO_FLAGS_BASE64_NO_NL in the rpc.cpp/EncodeBase64 function
SVN rev 111
founder
Activity: 364
Merit: 7423
July 25, 2010, 04:44:16 PM
#45
i got some problems here too trying to get this run on PHP.
so far i had no luck, neither the wiki-sample (jsonRPCClient trying to fopen(http://username:password@localhost:8332/)), nor my curl-sample (using setopt CURLOPT_HTTPAUTH, CURLAUTH_BASIC) seem to work.
That's strange, didn't someone just say that was supposed to work?  (what library was he using?)  Post if you figure out what wrong.

I hope it's not going to put up this much of a fight for all PHP users.

Looks like we've got the Fortran scenario already.
legendary
Activity: 1652
Merit: 2311
Chief Scientist
July 25, 2010, 04:38:19 PM
#44
I found what appears to be a bug: with a long enough username and password combination, the base64 encoder in bitcoind ... inserts a newline every 64 characters

Great catch!  Simpler fix is to specify the BIO_FLAGS_BASE64_NO_NL in the rpc.cpp/EncodeBase64 function:
Code:
diff --git a/rpc.cpp b/rpc.cpp
index 72bdc50..703b757 100644
--- a/rpc.cpp
+++ b/rpc.cpp
@@ -765,13 +765,14 @@ string EncodeBase64(string s)
     BUF_MEM *bptr;
 
     b64 = BIO_new(BIO_f_base64());
+    BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
     bmem = BIO_new(BIO_s_mem());
     b64 = BIO_push(b64, bmem);
     BIO_write(b64, s.c_str(), s.size());
     BIO_flush(b64);
     BIO_get_mem_ptr(b64, &bptr);
 
-    string result(bptr->data, bptr->length-1);
+    string result(bptr->data, bptr->length);
     BIO_free_all(b64);
 
     return result;
founder
Activity: 364
Merit: 7423
July 25, 2010, 04:34:29 PM
#43
I found what appears to be a bug: with a long enough username and password combination, the base64 encoder in bitcoind produces authorization headers that look like this:
Code:
...
Authorization: Basic YWJiYWJiYWFiYmE6aGVsbG93b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxkaGVsbG93
b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxk
It inserts a newline every 64 characters, which obviously breaks the Authorization header, so commands like "bitcoin getinfo" fail. The server still works fine with properly behaving clients.

This can be solved by removing the newlines (and maybe '\r's) from result at the end of the Base64Encode function:
Code:
result.erase(std::remove(result.begin(), result.end(), '\n'), result.end());
result.erase(std::remove(result.begin(), result.end(), '\r'), result.end());
+1 to you for having such a long password that you found this bug.

Uploaded to SVN as rev 110.
hero member
Activity: 490
Merit: 511
My avatar pic says it all
July 25, 2010, 04:05:43 PM
#42
Hmm... I implemented digest auth into a custom webserver I wrote a decade ago. From what I remember, it was fairly easy. However, client support back then was rather shoddy. It has improved a lot since then. Smiley

Perhaps we could document a simple stunnel + bitcoin configuration on the wiki then? Under a section called "Securely using bitcoind from remote"?

Just offering my 2c as usual. Tongue

Pages:
Jump to: