Changeset View
Changeset View
Standalone View
Standalone View
src/httprpc.cpp
Show First 20 Lines • Show All 290 Lines • ▼ Show 20 Lines | bool HTTPRPCRequestProcessor::ProcessHTTPRequest(HTTPRequest *req) { | ||||
if (!authHeader.first) { | if (!authHeader.first) { | ||||
req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | ||||
req->WriteReply(HTTP_UNAUTHORIZED); | req->WriteReply(HTTP_UNAUTHORIZED); | ||||
return false; | return false; | ||||
} | } | ||||
JSONRPCRequest jreq; | JSONRPCRequest jreq; | ||||
if (!RPCAuthorized(config, authHeader.second, jreq.authUser)) { | if (!RPCAuthorized(config, authHeader.second, jreq.authUser)) { | ||||
LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", | LogPrint(BCLog::RPC, | ||||
"ThreadRPCServer incorrect password attempt from %s\n", | |||||
req->GetPeer().ToString()); | req->GetPeer().ToString()); | ||||
/** | /** | ||||
* Deter brute-forcing. | * Deter brute-forcing. | ||||
* If this results in a DoS the user really shouldn't have their RPC | * If this results in a DoS the user really shouldn't have their RPC | ||||
* port exposed. | * port exposed. | ||||
*/ | */ | ||||
MilliSleep(RPC_AUTH_BRUTE_FORCE_DELAY); | MilliSleep(RPC_AUTH_BRUTE_FORCE_DELAY); | ||||
Show All 37 Lines | try { | ||||
JSONErrorReply(req, JSONRPCError(RPC_PARSE_ERROR, e.what()), jreq.id); | JSONErrorReply(req, JSONRPCError(RPC_PARSE_ERROR, e.what()), jreq.id); | ||||
return false; | return false; | ||||
} | } | ||||
return true; | return true; | ||||
} | } | ||||
static bool InitRPCAuthentication(Config &config) { | static bool InitRPCAuthentication(Config &config) { | ||||
if (gArgs.GetArg("-rpcpassword", "") == "") { | if (gArgs.GetArg("-rpcpassword", "") == "") { | ||||
LogPrintf("No rpcpassword set - using random cookie authentication\n"); | LogPrint(BCLog::RPC, | ||||
"No rpcpassword set - using random cookie authentication\n"); | |||||
std::string generatedUserAndPassword; | std::string generatedUserAndPassword; | ||||
if (!GenerateAuthCookie(&generatedUserAndPassword)) { | if (!GenerateAuthCookie(&generatedUserAndPassword)) { | ||||
// Same message as AbortNode. | // Same message as AbortNode. | ||||
uiInterface.ThreadSafeMessageBox( | uiInterface.ThreadSafeMessageBox( | ||||
_("Error: A fatal internal error occurred, see debug.log for " | _("Error: A fatal internal error occurred, see debug.log for " | ||||
"details"), | "details"), | ||||
"", CClientUIInterface::MSG_ERROR); | "", CClientUIInterface::MSG_ERROR); | ||||
return false; | return false; | ||||
} | } | ||||
config.SetRPCUserAndPassword(generatedUserAndPassword); | config.SetRPCUserAndPassword(generatedUserAndPassword); | ||||
} else { | } else { | ||||
LogPrintf("Config options rpcuser and rpcpassword will soon be " | LogPrint(BCLog::RPC, | ||||
"Config options rpcuser and rpcpassword will soon be " | |||||
"deprecated. Locally-run instances may remove rpcuser to use " | "deprecated. Locally-run instances may remove rpcuser to use " | ||||
"cookie-based auth, or may be replaced with rpcauth. Please " | "cookie-based auth, or may be replaced with rpcauth. Please " | ||||
"see share/rpcuser for rpcauth auth generation.\n"); | "see share/rpcuser for rpcauth auth generation.\n"); | ||||
config.SetRPCUserAndPassword(gArgs.GetArg("-rpcuser", "") + ":" + | config.SetRPCUserAndPassword(gArgs.GetArg("-rpcuser", "") + ":" + | ||||
gArgs.GetArg("-rpcpassword", "")); | gArgs.GetArg("-rpcpassword", "")); | ||||
} | } | ||||
config.SetRPCCORSDomain(gArgs.GetArg("-rpccorsdomain", "")); | config.SetRPCCORSDomain(gArgs.GetArg("-rpccorsdomain", "")); | ||||
return true; | return true; | ||||
} | } | ||||
Show All 36 Lines |