From 604e2a997ff26202dd0fa1932d60dc14cc53ac6d Mon Sep 17 00:00:00 2001
From: Carl Dong <contact@carldong.me>
Date: Wed, 3 Jul 2019 13:33:00 -0400
Subject: [PATCH 1/4] test: rpc_users: Add function for auth'd requests.

---
 test/functional/rpc_users.py | 129 +++++++----------------------------
 1 file changed, 23 insertions(+), 106 deletions(-)

diff --git a/test/functional/rpc_users.py b/test/functional/rpc_users.py
index 102dd22594..8bb4676069 100755
--- a/test/functional/rpc_users.py
+++ b/test/functional/rpc_users.py
@@ -20,6 +20,17 @@ import string
 import configparser
 import sys
 
+def call_with_auth(node, user, password):
+    url = urllib.parse.urlparse(node.url)
+    headers = {"Authorization": "Basic " + str_to_b64str('{}:{}'.format(user, password))}
+
+    conn = http.client.HTTPConnection(url.hostname, url.port)
+    conn.connect()
+    conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
+    resp = conn.getresponse()
+    conn.close()
+    return resp
+
 
 class HTTPBasicsTest(BitcoinTestFramework):
     def set_test_params(self):
@@ -57,108 +68,39 @@ class HTTPBasicsTest(BitcoinTestFramework):
         ##################################################
         url = urllib.parse.urlparse(self.nodes[0].url)
 
-        #Old authpair
-        authpair = url.username + ':' + url.password
-
-        #New authpair generated via share/rpcauth tool
         password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
-
-        #Second authpair with different username
         password2 = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
-        authpairnew = "rt:"+password
 
         self.log.info('Correct...')
-        headers = {"Authorization": "Basic " + str_to_b64str(authpair)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 200)
-        conn.close()
+        assert_equal(200, call_with_auth(self.nodes[0], url.username, url.password).status)
 
         #Use new authpair to confirm both work
         self.log.info('Correct...')
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 200)
-        conn.close()
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt', password).status)
 
         #Wrong login name with rt's password
         self.log.info('Wrong...')
-        authpairnew = "rtwrong:"+password
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
+        assert_equal(401, call_with_auth(self.nodes[0], 'rtwrong', password).status)
 
         #Wrong password for rt
         self.log.info('Wrong...')
-        authpairnew = "rt:"+password+"wrong"
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
+        assert_equal(401, call_with_auth(self.nodes[0], 'rt', password+'wrong').status)
 
         #Correct for rt2
         self.log.info('Correct...')
-        authpairnew = "rt2:"+password2
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 200)
-        conn.close()
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt2', password2).status)
 
         #Wrong password for rt2
         self.log.info('Wrong...')
-        authpairnew = "rt2:"+password2+"wrong"
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
+        assert_equal(401, call_with_auth(self.nodes[0], 'rt2', password2+'wrong').status)
 
         #Correct for randomly generated user
         self.log.info('Correct...')
-        authpairnew = self.user+":"+self.password
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 200)
-        conn.close()
+        assert_equal(200, call_with_auth(self.nodes[0], self.user, self.password).status)
 
         #Wrong password for randomly generated user
         self.log.info('Wrong...')
-        authpairnew = self.user+":"+self.password+"Wrong"
-        headers = {"Authorization": "Basic " + str_to_b64str(authpairnew)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
+        assert_equal(401, call_with_auth(self.nodes[0], self.user, self.password+'Wrong').status)
 
         ###############################################################
         # Check correctness of the rpcuser/rpcpassword config options #
@@ -167,40 +109,15 @@ class HTTPBasicsTest(BitcoinTestFramework):
 
         # rpcuser and rpcpassword authpair
         self.log.info('Correct...')
-        rpcuserauthpair = "rpcuser💻:rpcpassword🔑"
-
-        headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 200)
-        conn.close()
+        assert_equal(200, call_with_auth(self.nodes[1], "rpcuser💻", "rpcpassword🔑").status)
 
         #Wrong login name with rpcuser's password
-        rpcuserauthpair = "rpcuserwrong:rpcpassword"
-        headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
+        self.log.info('Wrong...')
+        assert_equal(401, call_with_auth(self.nodes[1], 'rpcuserwrong', 'rpcpassword').status)
 
         #Wrong password for rpcuser
         self.log.info('Wrong...')
-        rpcuserauthpair = "rpcuser:rpcpasswordwrong"
-        headers = {"Authorization": "Basic " + str_to_b64str(rpcuserauthpair)}
-
-        conn = http.client.HTTPConnection(url.hostname, url.port)
-        conn.connect()
-        conn.request('POST', '/', '{"method": "getbestblockhash"}', headers)
-        resp = conn.getresponse()
-        assert_equal(resp.status, 401)
-        conn.close()
-
+        assert_equal(401, call_with_auth(self.nodes[1], 'rpcuser', 'rpcpasswordwrong').status)
 
 if __name__ == '__main__':
     HTTPBasicsTest ().main ()

From c73d871799982ca29c29cef90e1a78814cf34019 Mon Sep 17 00:00:00 2001
From: Carl Dong <contact@carldong.me>
Date: Wed, 3 Jul 2019 14:39:49 -0400
Subject: [PATCH 2/4] test: rpc_users: Add function for testing auth params.

---
 test/functional/rpc_users.py | 59 +++++++++++-------------------------
 1 file changed, 18 insertions(+), 41 deletions(-)

diff --git a/test/functional/rpc_users.py b/test/functional/rpc_users.py
index 8bb4676069..be21c837f4 100755
--- a/test/functional/rpc_users.py
+++ b/test/functional/rpc_users.py
@@ -61,63 +61,40 @@ class HTTPBasicsTest(BitcoinTestFramework):
             f.write(rpcuser+"\n")
             f.write(rpcpassword+"\n")
 
-    def run_test(self):
-
-        ##################################################
-        # Check correctness of the rpcauth config option #
-        ##################################################
-        url = urllib.parse.urlparse(self.nodes[0].url)
-
-        password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
-        password2 = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
-
+    def test_auth(self, node, user, password):
         self.log.info('Correct...')
-        assert_equal(200, call_with_auth(self.nodes[0], url.username, url.password).status)
+        assert_equal(200, call_with_auth(node, user, password).status)
 
-        #Use new authpair to confirm both work
-        self.log.info('Correct...')
-        assert_equal(200, call_with_auth(self.nodes[0], 'rt', password).status)
+        self.log.info('Wrong...')
+        assert_equal(401, call_with_auth(node, user, password+'wrong').status)
 
-        #Wrong login name with rt's password
         self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[0], 'rtwrong', password).status)
+        assert_equal(401, call_with_auth(node, user+'wrong', password).status)
 
-        #Wrong password for rt
         self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[0], 'rt', password+'wrong').status)
+        assert_equal(401, call_with_auth(node, user+'wrong', password+'wrong').status)
 
-        #Correct for rt2
-        self.log.info('Correct...')
-        assert_equal(200, call_with_auth(self.nodes[0], 'rt2', password2).status)
+    def run_test(self):
 
-        #Wrong password for rt2
-        self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[0], 'rt2', password2+'wrong').status)
+        ##################################################
+        # Check correctness of the rpcauth config option #
+        ##################################################
+        url = urllib.parse.urlparse(self.nodes[0].url)
 
-        #Correct for randomly generated user
-        self.log.info('Correct...')
-        assert_equal(200, call_with_auth(self.nodes[0], self.user, self.password).status)
+        password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
+        password2 = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
 
-        #Wrong password for randomly generated user
-        self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[0], self.user, self.password+'Wrong').status)
+        self.test_auth(self.nodes[0], url.username, url.password)
+        self.test_auth(self.nodes[0], 'rt', password)
+        self.test_auth(self.nodes[0], 'rt2', password2)
+        self.test_auth(self.nodes[0], self.user, self.password)
 
         ###############################################################
         # Check correctness of the rpcuser/rpcpassword config options #
         ###############################################################
         url = urllib.parse.urlparse(self.nodes[1].url)
 
-        # rpcuser and rpcpassword authpair
-        self.log.info('Correct...')
-        assert_equal(200, call_with_auth(self.nodes[1], "rpcuser💻", "rpcpassword🔑").status)
-
-        #Wrong login name with rpcuser's password
-        self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[1], 'rpcuserwrong', 'rpcpassword').status)
-
-        #Wrong password for rpcuser
-        self.log.info('Wrong...')
-        assert_equal(401, call_with_auth(self.nodes[1], 'rpcuser', 'rpcpasswordwrong').status)
+        self.test_auth(self.nodes[1], "rpcuser💻", "rpcpassword🔑")
 
 if __name__ == '__main__':
     HTTPBasicsTest ().main ()

From 830dc2dd0fccb7f3ec49ff7233a188d92c541e7e Mon Sep 17 00:00:00 2001
From: Carl Dong <contact@carldong.me>
Date: Wed, 3 Jul 2019 14:56:28 -0400
Subject: [PATCH 3/4] test: rpc_users: Also test rpcauth.py with specified
 password.

---
 test/functional/rpc_users.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/test/functional/rpc_users.py b/test/functional/rpc_users.py
index be21c837f4..2d06c95497 100755
--- a/test/functional/rpc_users.py
+++ b/test/functional/rpc_users.py
@@ -40,14 +40,21 @@ class HTTPBasicsTest(BitcoinTestFramework):
         super().setup_chain()
         #Append rpcauth to bitcoin.conf before initialization
         rpcauth = "rpcauth=rt:93648e835a54c573682c2eb19f882535$7681e9c5b74bdd85e78166031d2058e1069b3ed7ed967c93fc63abba06f31144"
-        rpcauth2 = "rpcauth=rt2:f8607b1a88861fac29dfccf9b52ff9f$ff36a0c23c8c62b4846112e50fa888416e94c17bfd4c42f88fd8f55ec6a3137e"
         rpcuser = "rpcuser=rpcuser💻"
         rpcpassword = "rpcpassword=rpcpassword🔑"
 
-        self.user = ''.join(SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(10))
         config = configparser.ConfigParser()
         config.read_file(open(self.options.configfile))
         gen_rpcauth = config['environment']['RPCAUTH']
+
+        # Generate RPCAUTH with specified password
+        self.rt2password = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
+        p = subprocess.Popen([sys.executable, gen_rpcauth, 'rt2', self.rt2password], stdout=subprocess.PIPE, universal_newlines=True)
+        lines = p.stdout.read().splitlines()
+        rpcauth2 = lines[1]
+
+        # Generate RPCAUTH without specifying password
+        self.user = ''.join(SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(10))
         p = subprocess.Popen([sys.executable, gen_rpcauth, self.user], stdout=subprocess.PIPE, universal_newlines=True)
         lines = p.stdout.read().splitlines()
         rpcauth3 = lines[1]
@@ -82,11 +89,10 @@ class HTTPBasicsTest(BitcoinTestFramework):
         url = urllib.parse.urlparse(self.nodes[0].url)
 
         password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
-        password2 = "8/F3uMDw4KSEbw96U3CA1C4X05dkHDN2BPFjTgZW4KI="
 
         self.test_auth(self.nodes[0], url.username, url.password)
         self.test_auth(self.nodes[0], 'rt', password)
-        self.test_auth(self.nodes[0], 'rt2', password2)
+        self.test_auth(self.nodes[0], 'rt2', self.rt2password)
         self.test_auth(self.nodes[0], self.user, self.password)
 
         ###############################################################

From e263a343d4b6a2622df6bb734cd9d51a0d20a663 Mon Sep 17 00:00:00 2001
From: Carl Dong <contact@carldong.me>
Date: Thu, 4 Jul 2019 12:41:34 -0400
Subject: [PATCH 4/4] test: rpc_users: Make variable names more clear.

---
 test/functional/rpc_users.py | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/test/functional/rpc_users.py b/test/functional/rpc_users.py
index 2d06c95497..8bbb3c04fa 100755
--- a/test/functional/rpc_users.py
+++ b/test/functional/rpc_users.py
@@ -39,9 +39,11 @@ class HTTPBasicsTest(BitcoinTestFramework):
     def setup_chain(self):
         super().setup_chain()
         #Append rpcauth to bitcoin.conf before initialization
+        self.rtpassword = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
         rpcauth = "rpcauth=rt:93648e835a54c573682c2eb19f882535$7681e9c5b74bdd85e78166031d2058e1069b3ed7ed967c93fc63abba06f31144"
-        rpcuser = "rpcuser=rpcuser💻"
-        rpcpassword = "rpcpassword=rpcpassword🔑"
+
+        self.rpcuser = "rpcuser💻"
+        self.rpcpassword = "rpcpassword🔑"
 
         config = configparser.ConfigParser()
         config.read_file(open(self.options.configfile))
@@ -65,8 +67,8 @@ class HTTPBasicsTest(BitcoinTestFramework):
             f.write(rpcauth2+"\n")
             f.write(rpcauth3+"\n")
         with open(os.path.join(get_datadir_path(self.options.tmpdir, 1), "bitcoin.conf"), 'a', encoding='utf8') as f:
-            f.write(rpcuser+"\n")
-            f.write(rpcpassword+"\n")
+            f.write("rpcuser={}\n".format(self.rpcuser))
+            f.write("rpcpassword={}\n".format(self.rpcpassword))
 
     def test_auth(self, node, user, password):
         self.log.info('Correct...')
@@ -88,10 +90,8 @@ class HTTPBasicsTest(BitcoinTestFramework):
         ##################################################
         url = urllib.parse.urlparse(self.nodes[0].url)
 
-        password = "cA773lm788buwYe4g4WT+05pKyNruVKjQ25x3n0DQcM="
-
         self.test_auth(self.nodes[0], url.username, url.password)
-        self.test_auth(self.nodes[0], 'rt', password)
+        self.test_auth(self.nodes[0], 'rt', self.rtpassword)
         self.test_auth(self.nodes[0], 'rt2', self.rt2password)
         self.test_auth(self.nodes[0], self.user, self.password)
 
@@ -100,7 +100,7 @@ class HTTPBasicsTest(BitcoinTestFramework):
         ###############################################################
         url = urllib.parse.urlparse(self.nodes[1].url)
 
-        self.test_auth(self.nodes[1], "rpcuser💻", "rpcpassword🔑")
+        self.test_auth(self.nodes[1], self.rpcuser, self.rpcpassword)
 
 if __name__ == '__main__':
     HTTPBasicsTest ().main ()