20.1 cli_wallet error - boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::system::system_error>

[TimCliff]

After upgrading cli_wallet to 21.0 (non-mira), this command no longer works:
exec ./cli_wallet -s wss://gtg.steem.house:8090 -d --rpc-endpoint 127.0.0.1:8092

The exception it throws is:

terminate called after throwing an instance of 'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::system::system_error> >'
  what():  set_option: Bad file descriptor

[VIM-Arcange]

I have the same issue trying to connect wallet to my local node:

./cli_wallet --rpc-endpoint=0.0.0.0:8091                                                   
Logging RPC to file: logs/rpc/rpc.log                                                                                               
3506743ms main.cpp:169                  main                 ] wdata.ws_server: ws://localhost:8090                                 
3507190ms main.cpp:212                  main                 ] Listening for incoming RPC requests on 0.0.0.0:8091                  
terminate called after throwing an instance of 'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boo
st::system::system_error> >'                                                                                                        
  what():  set_option: Bad file descriptor 

[abitmore]

-H seems working fine. -r doesn't work.

[VIM-Arcange]

Has this been fixed?

Now that the HF21 date is over, I can't run the old version of cli_wallet anymore.
Several of my services rely on communication with a local wallet and are now down.
This is urgent! Please advise.

[TimCliff]

@VIM-Arcange I looked into the suggestion from @abitmore above. There are two paths through the code which allow the RPC endpoint connections. One is -r (or rpc-endpoint), and the other is -H (or rpc-http-endpoint). The -H version is working.

To use the alternate version, change -d --rpc-endpoint 127.0.0.1:8092 to -d --rpc-http-endpoint 127.0.0.1:8092. That will get rid of the error.

Once you do that, you will get a new error from whichever applications are connecting to the RPC endpoint: rejected connection from X.X.X.X:XXXX because it isn't in allowed set [] (where X.X.X.X:XXXX is the IP that you are connecting from).

To fix that, you will need an additional parameter on the call to launch cli_wallet: --rpc-http-allowip X.X.X.X, where X.X.X.X is the IP address of the connecting system (without the port).

The final version is:

exec ./cli_wallet -s wss://gtg.steem.house:8090 -d --rpc-endpoint 127.0.0.1:8092

changed to:

exec ./cli_wallet -s wss://gtg.steem.house:8090 -d --rpc-http-endpoint 127.0.0.1:8092 --rpc-http-allowip 127.0.0.1

[VIM-Arcange]

@TimCliff thank you for your answer.

I know I can use HTTP instead of RPC, but this leads me to rewrite all my processes
Something I would like to avoid in this overloaded times. 😓

Do you know if RPC support will be definitively removed?

[VIM-Arcange]

I made a quick test with HTTP and it's OK but I need to specify multiple authorized IP addresses
Tried several syntaxes but can't find the one working.
Can anyone help (before I dive into the code)?

[TimCliff]

I haven't tried it, but here is the syntax for where it is loaded into the string vector:

vector<string> allowed_ips;
allowed_ips = options["rpc-http-allowip"].as<vector<string>>();

[VIM-Arcange]

I saw it but how to pass a vector<string> as an argument on the command line?
Everything I tried ended with

terminate called after throwing an instance of 'boost::exception_detail::clone_i
mpl<boost::exception_detail::error_info_injector<boost::system::system_error> >'
  what():  set_option: Bad file descriptor

[VIM-Arcange]

I finally found it when looking at the example provided in Boost documentation provided here.

use
./cli_wallet --rpc-http-endpoint=0.0.0.0:8092 --rpc-http-allowip IP1 IP2 ... IPn
or
./cli_wallet --rpc-http-endpoint=0.0.0.0:8092 --rpc-http-allowip IP1 --rpc-http-allowip IP2 ... --rpc-http-allowip IPn

[TimCliff]

👍

[VIM-Arcange]

I think this issue should be kept open if it is planned to fix the WS error.
If not, the documentation and help prompt (cli_wallet help) should be updated

[emfrias]

I had the same problem with the websocket interface, and was forced to abandon it and use the http interface. If the websocket interface won't be fixed (and I don't need it, plain http is fine for me), I agree the option should be removed and docs fixed.

The http interface wasn't usable out-of-the-box because I don't know the specific IP address for --rpc-http-allowip. In order to make the HTTP interface usable, I had to hack the --rpc-http-allowip option to accept 0.0.0.0 as a wildcard. The websocket port defaulted to allow all IPs.

--- a/programs/cli_wallet/main.cpp
+++ b/programs/cli_wallet/main.cpp
@@ -247,8 +273,8 @@ int main( int argc, char** argv )
          _http_server->on_request(
             [&]( const fc::http::request& req, const fc::http::server::response& resp )
             {
-               auto itr = allowed_ip_set.find( fc::ip::endpoint::from_string(req.remote_endpoint).get_address() );
-               if( itr == allowed_ip_set.end() ) {
+               if( allowed_ip_set.find( fc::ip::endpoint::from_string(req.remote_endpoint).get_address() ) == allowed_ip_set.end() &&
+                   allowed_ip_set.find( fc::ip::address() ) == allowed_ip_set.end() ) {
                   elog("rejected connection from ${ip} because it isn't in allowed set ${s}", ("ip",req.remote_endpoint)("s",allowed_ip_set) );
                   resp.set_status( fc::http::reply::NotAuthorized );
                   return;