Changeset View
Changeset View
Standalone View
Standalone View
src/httprpc.cpp
// Copyright (c) 2015-2016 The Bitcoin Core developers | // Copyright (c) 2015-2016 The Bitcoin Core developers | ||||
// Distributed under the MIT software license, see the accompanying | // Distributed under the MIT software license, see the accompanying | ||||
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | // file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||||
#include <httprpc.h> | #include <httprpc.h> | ||||
#include <chainparams.h> | #include <chainparams.h> | ||||
#include <config.h> | #include <config.h> | ||||
#include <crypto/hmac_sha256.h> | #include <crypto/hmac_sha256.h> | ||||
#include <rpc/protocol.h> | #include <rpc/protocol.h> | ||||
#include <ui_interface.h> | #include <ui_interface.h> | ||||
#include <util/ref.h> | |||||
#include <util/strencodings.h> | #include <util/strencodings.h> | ||||
#include <util/system.h> | #include <util/system.h> | ||||
#include <util/translation.h> | #include <util/translation.h> | ||||
#include <walletinitinterface.h> | #include <walletinitinterface.h> | ||||
#include <boost/algorithm/string.hpp> // boost::trim | #include <boost/algorithm/string.hpp> // boost::trim | ||||
#include <algorithm> | #include <algorithm> | ||||
▲ Show 20 Lines • Show All 280 Lines • ▼ Show 20 Lines | bool HTTPRPCRequestProcessor::ProcessHTTPRequest(HTTPRequest *req) { | ||||
// Check authorization | // Check authorization | ||||
std::pair<bool, std::string> authHeader = req->GetHeader("authorization"); | std::pair<bool, std::string> authHeader = req->GetHeader("authorization"); | ||||
if (!authHeader.first) { | if (!authHeader.first) { | ||||
req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | ||||
req->WriteReply(HTTP_UNAUTHORIZED); | req->WriteReply(HTTP_UNAUTHORIZED); | ||||
return false; | return false; | ||||
} | } | ||||
JSONRPCRequest jreq; | JSONRPCRequest jreq(context); | ||||
jreq.peerAddr = req->GetPeer().ToString(); | jreq.peerAddr = req->GetPeer().ToString(); | ||||
if (!RPCAuthorized(authHeader.second, jreq.authUser)) { | if (!RPCAuthorized(authHeader.second, jreq.authUser)) { | ||||
LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", | LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", | ||||
jreq.peerAddr); | jreq.peerAddr); | ||||
/** | /** | ||||
* Deter brute-forcing. | * Deter brute-forcing. | ||||
* If this results in a DoS the user really shouldn't have their RPC | * If this results in a DoS the user really shouldn't have their RPC | ||||
▲ Show 20 Lines • Show All 173 Lines • Show Last 20 Lines |