Author

Topic: jsonRPC.php verifymessage method throws 500 error when supplying bad signature (Read 1366 times)

hero member
Activity: 525
Merit: 531
Try to use this file: https://gitorious.org/elbandi/minifaucet/source/0581e2540518071cee37de0854ae8641e784dcab:jsonRPCClient.php

This is a same jsonrpc.php, but i changed to use curl instead of fopen.
kjj
legendary
Activity: 1302
Merit: 1026
That particular RPC client always claims that it can't access the RPC when it has an error.  It is essentially the only error it knows.

You should be calling it from a try/catch block so that you can handle the exception yourself.

P.S.  Change your RPC password.  If you just noticed this now, it is in your logs dozens or hundreds of times.

P.P.S.  It is trivial to patch the bitcoind verifymessage RPC call to return the pubkey of the signature rather than true/false.  This patch will never be accepted into the main client because it is unsafe for human use, but it works great for a machine comparison/lookup to identify a user.

P.P.P.S.  And by trivial, I mean I posted it here in the forums a while back.
full member
Activity: 147
Merit: 100
To be more precise the error is:

fopen(http://.../): failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error
Can you provide a link to this jsonRPC library? Also, look, it's trying to fopen something and is failing.

Thanks much for the reply.

http://jsonrpcphp.org/code.php?file=jsonRPCClient

If it was unable to fopen the rpc http connection then it would throw that message everytime I try to connect, but it only does when the signature supplied is invalid, in which case I'd expect it to return a FALSE or a 0 or something like that.

I put a hack into the jsonRPCClient for now where I suppress the fopen error and return a FALSE instead of a exception. This seems to have patched it for now:

if ($fp = @fopen($this->url, 'r', false, $context)) { // <         $response = '';
         while($row = fgets($fp)) {
            $response.= trim($row)."\n";
         }
         $this->debug && $this->debug.='***** Server response *****'."\n".$response.'***** End of server response *****'."\n";
         $response = json_decode($response,true);
      } else {
         //throw new Exception('Unable to connect to '.$this->url); // << COMMENTED OUT
         return false; // << RETURN FALSE INSTEAD
      }
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
To be more precise the error is:

fopen(http://.../): failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error
Can you provide a link to this jsonRPC library? Also, look, it's trying to fopen something and is failing.
full member
Activity: 147
Merit: 100
To be more precise the error is:

fopen(http://.../): failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error
full member
Activity: 147
Merit: 100
I have been trying to add the ability for people to change their shortname's address on my site http://bit.co.in

So what I'm trying to do is to access bitcoind via the jsonRPC.php library like so:

if ($bitcoin->verifymessage($oldAddress, $signature, $message) == 1) $addressOwnershipValidated = true;

When I supply a valid signature it works fine, but when I supply an invalid one just to test, it breaks with an error like this:

Server 500 Error: fopen(http://...127.0.0.1:8332) Can't open file

I even tried suppressing the error via @$bitcoin->verifymessage(...) and also tried a try ... catch, but it always throws that same error.

Any idea what I'm doing wrong?
Jump to: