search

Grinnode-live / 2020-grin-bug-bash-challenge

Finding bugs in Grin-Wallet & Grin-nodes for a bounty prior to Grin fork v5.
3 stars 1 forks source link

[GRIN-Node][Owner API 2.0] test the ban_peer API method #51

Closed marekyggdrasil closed 3 years ago

marekyggdrasil commented 3 years ago

Description Goal of this issue is to test the ban_peer API method

Prerequisites

  1. GRIN-Node

Test procedure

  1. Run GRIN-Node in Owner API listener mode
  2. Pick one of the peers and perform an API request using cURL to ban_peer API method
  3. Record request payload, headers and all other relevant information. Same for the response.
  4. Record get_connected_peers and get_peers outputs

Expected result:

We would expect the banned peer to not be connected. Output should match the example. Include all cURL requests and responses.

Include the exact version of your grin-node and also your environment

uname -a
ndcroos commented 3 years ago

When I try to perform a request with curl I get an 401 error. This is what I run. 122.51.97.197:3514 was one the peers I saw in my Grin node TUI.

~$ curl -v --user grin:<owner api secret> -d '{"jsonrpc": "2.0", "method": "ban_peer", "id": 1, "params": ["122.51.97.197:3514"]}' http://127.0.0.1:3413/v2/owner
* Expire in 0 ms for 6 (transfer 0x55d31dba3f90)
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55d31dba3f90)
* Connected to 127.0.0.1 (127.0.0.1) port 3413 (#0)
> POST /v2/owner HTTP/1.1
> Host: 127.0.0.1:3413
> User-Agent: curl/7.64.0
> Accept: */*
> Content-Length: 88
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 88 out of 88 bytes
< HTTP/1.1 401 Unauthorized
< www-authenticate: Basic realm=GrinAPI
< content-length: 0
< date: Wed, 30 Dec 2020 18:06:00 GMT
< 
* Connection #0 to host 127.0.0.1 left intact

At the moment I haven't found the cause of my error. Maybe someone else can work on this issue further.

marekyggdrasil commented 3 years ago

@ndcroos in your request have you replaced <owner api secret> with an actual value of your owner_api_secret?

ndcroos commented 3 years ago

Yes, I did.

mojitoo commented 3 years ago

in "params": ["122.51.97.197:3514"] you need to pay attention to the port number , try 3413 instead of 3514

ndcroos commented 3 years ago

Thanks, using this I get a response back. My results will follow.

curl -v -ugrin:$(cat ~/.grin/main/.api_secret) -d '{"jsonrpc": "2.0", "method": "ban_peer", "id": 1, "params": ["122.51.97.197:3513"]}' http://127.0.0.1:3413/v2/owner
ndcroos commented 3 years ago

Prerequisites:

* grin-wallet 5.0.0-beta.4
* grin node 5.0.0-rc.1
* Linux debian 4.19.0-13-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64 GNU/Linux
* wallet address: grin1cwutd4sr0t0ac62764r9vz6wkgpmnmpheynh5tw56zvczvh8apdszxp25w

Run GRIN-Node in Owner API listener mode

Run wallet (1) in Owner API listener mode in a separate window. This starts an HTTP Owner API server.

~$ grin-wallet owner_api
Password: 
20201230 13:33:07.741 WARN grin_wallet_controller::controller - Starting HTTP Owner API server at 127.0.0.1:3420.
20201230 13:33:07.752 WARN grin_wallet_controller::controller - HTTP Owner listener started.

Pick one of the peers and perform an API request using cURL to ban_peer API method

I picked the first peer in my Grin TUI Peers list

~$ curl -v -ugrin:$(cat ~/.grin/main/.api_secret) -d '{"jsonrpc": "2.0", "method": "ban_peer", "id": 1, "params": ["122.51.97.197:3513"]}' http://127.0.0.1:3413/v2/owner7

This is my request payload, header and the response:

* Expire in 0 ms for 6 (transfer 0x55fe6c986f90)
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55fe6c986f90)
* Connected to 127.0.0.1 (127.0.0.1) port 3413 (#0)
* Server auth using Basic with user 'grin'
> POST /v2/owner HTTP/1.1
> Host: 127.0.0.1:3413
> Authorization: Basic Z3JpbjoxeUE5TGpYdVJyU3lDbEFWbmplRQ==
> User-Agent: curl/7.64.0
> Accept: */*
> Content-Length: 83
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 83 out of 83 bytes
< HTTP/1.1 200 OK
< access-control-allow-origin: *
< access-control-allow-headers: Content-Type, Authorization
< content-type: application/json
< content-length: 67
< date: Fri, 01 Jan 2021 12:36:53 GMT
< 
{
  "id": 1,
  "jsonrpc": "2.0",
  "result": {
    "Ok": null
  }
* Connection #0 to host 127.0.0.1 left intact

Record get_connected_peers and get_peers outputs

This is the result of the get_connected_peers method. Note that peer 122.51.97.197:3513 isn't connected.

~$ curl -v -ugrin:$(cat ~/.grin/main/.api_secret) -d '{"jsonrpc": "2.0", "method": "get_connected_peers", "id": 1, "params": []}' http://127.0.0.1:3413/v2/owner
* Expire in 0 ms for 6 (transfer 0x5622d91f6f90)
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x5622d91f6f90)
* Connected to 127.0.0.1 (127.0.0.1) port 3413 (#0)
* Server auth using Basic with user 'grin'
> POST /v2/owner HTTP/1.1
> Host: 127.0.0.1:3413
> Authorization: Basic Z3JpbjoxeUE5TGpYdVJyU3lDbEFWbmplRQ==
> User-Agent: curl/7.64.0
> Accept: */*
> Content-Length: 74
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 74 out of 74 bytes
< HTTP/1.1 200 OK
< access-control-allow-origin: *
< access-control-allow-headers: Content-Type, Authorization
< content-type: application/json
< content-length: 1768
< date: Fri, 01 Jan 2021 13:01:21 GMT
< 
{
  "id": 1,
  "jsonrpc": "2.0",
  "result": {
    "Ok": [
      {
        "addr": "83.78.90.65:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.1.1",
        "version": 1000
      },
      {
        "addr": "134.209.15.186:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.0.1",
        "version": 2
      },
      {
        "addr": "45.66.11.31:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.0.0-beta.1",
        "version": 2
      },
      {
        "addr": "51.137.65.30:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.1.1",
        "version": 1000
      },
      {
        "addr": "46.101.171.231:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.2.0-alpha.1",
        "version": 1000
      },
      {
        "addr": "159.65.198.167:3414",
        "capabilities": {
          "bits": 15
        },
        "direction": "Outbound",
        "height": 1027651,
        "total_difficulty": 1739092330789026,
        "user_agent": "MW/Grin 4.1.1",
        "version": 1000
      }
    ]
  }
* Connection #0 to host 127.0.0.1 left intact

This is the result of the get_peers method:

~$ curl -v -ugrin:$(cat ~/.grin/main/.api_secret) -d '{"jsonrpc": "2.0", "method": "get_peers", "id": 1, "params": ["122.51.97.197:3513"]}' http://127.0.0.1:3413/v2/owner
* Expire in 0 ms for 6 (transfer 0x559227826f90)
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x559227826f90)
* Connected to 127.0.0.1 (127.0.0.1) port 3413 (#0)
* Server auth using Basic with user 'grin'
> POST /v2/owner HTTP/1.1
> Host: 127.0.0.1:3413
> Authorization: Basic Z3JpbjoxeUE5TGpYdVJyU3lDbEFWbmplRQ==
> User-Agent: curl/7.64.0
> Accept: */*
> Content-Length: 84
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 84 out of 84 bytes
< HTTP/1.1 200 OK
< access-control-allow-origin: *
< access-control-allow-headers: Content-Type, Authorization
< content-type: application/json
< content-length: 357
< date: Fri, 01 Jan 2021 13:05:51 GMT
< 
{
  "id": 1,
  "jsonrpc": "2.0",
  "result": {
    "Ok": [
      {
        "addr": "122.51.97.197:3514",
        "ban_reason": "None",
        "capabilities": {
          "bits": 31
        },
        "flags": "Banned",
        "last_banned": 1609504613,
        "last_connected": 1609486033,
        "user_agent": "MW/Grin 5.0.0-beta.2"
      }
    ]
  }
* Connection #0 to host 127.0.0.1 left intact

Conclusion

The results run as expected. We don't see the banned peer in the get_connected_peers response.

marekyggdrasil commented 3 years ago

Well done, indeed 122.51.97.197:3513 is gone. Thanks for checking!