diff options
Diffstat (limited to 'src/httprpc.cpp')
| -rw-r--r-- | src/httprpc.cpp | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/src/httprpc.cpp b/src/httprpc.cpp index 5e9e41974..38f6e7964 100644 --- a/src/httprpc.cpp +++ b/src/httprpc.cpp @@ -1,12 +1,12 @@ -// Copyright (c) 2015-2017 The Bitcoin Core developers +// Copyright (c) 2015-2018 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include <httprpc.h> -#include <base58.h> #include <chainparams.h> #include <httpserver.h> +#include <key_io.h> #include <rpc/protocol.h> #include <rpc/server.h> #include <random.h> @@ -17,6 +17,8 @@ #include <crypto/hmac_sha256.h> #include <stdio.h> +#include <memory> + #include <boost/algorithm/string.hpp> // boost::trim /** WWW-Authenticate to present with 401 Unauthorized response */ @@ -84,7 +86,7 @@ static void JSONErrorReply(HTTPRequest* req, const UniValue& objError, const Uni //This function checks username and password against -rpcauth //entries from config file. static bool multiUserAuthorized(std::string strUserPass) -{ +{ if (strUserPass.find(':') == std::string::npos) { return false; } @@ -158,8 +160,9 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &) } JSONRPCRequest jreq; + jreq.peerAddr = req->GetPeer().ToString(); if (!RPCAuthorized(authHeader.second, jreq.authUser)) { - LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", req->GetPeer().ToString()); + LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", jreq.peerAddr); /* Deter brute-forcing If this results in a DoS the user really @@ -212,7 +215,7 @@ static bool InitRPCAuthentication() { if (gArgs.GetArg("-rpcpassword", "") == "") { - LogPrintf("No rpcpassword set - using random cookie authentication\n"); + LogPrintf("No rpcpassword set - using random cookie authentication.\n"); if (!GenerateAuthCookie(&strRPCUserColonPass)) { uiInterface.ThreadSafeMessageBox( _("Error: A fatal internal error occurred, see debug.log for details"), // Same message as AbortNode @@ -220,9 +223,13 @@ static bool InitRPCAuthentication() return false; } } else { - LogPrintf("Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcuser for rpcauth auth generation.\n"); + LogPrintf("Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcauth for rpcauth auth generation.\n"); strRPCUserColonPass = gArgs.GetArg("-rpcuser", "") + ":" + gArgs.GetArg("-rpcpassword", ""); } + if (gArgs.GetArg("-rpcauth","") != "") + { + LogPrintf("Using rpcauth authentication.\n"); + } return true; } @@ -237,8 +244,9 @@ bool StartHTTPRPC() // ifdef can be removed once we switch to better endpoint support and API versioning RegisterHTTPHandler("/wallet/", false, HTTPReq_JSONRPC); #endif - assert(EventBase()); - httpRPCTimerInterface = MakeUnique<HTTPRPCTimerInterface>(EventBase()); + struct event_base* eventBase = EventBase(); + assert(eventBase); + httpRPCTimerInterface = MakeUnique<HTTPRPCTimerInterface>(eventBase); RPCSetTimerInterface(httpRPCTimerInterface.get()); return true; } @@ -252,6 +260,9 @@ void StopHTTPRPC() { LogPrint(BCLog::RPC, "Stopping HTTP RPC server\n"); UnregisterHTTPHandler("/", true); +#ifdef ENABLE_WALLET + UnregisterHTTPHandler("/wallet/", false); +#endif if (httpRPCTimerInterface) { RPCUnsetTimerInterface(httpRPCTimerInterface.get()); httpRPCTimerInterface.reset(); |