diff options
author | Lee Clagett <code@leeclagett.com> | 2017-02-05 17:48:03 -0500 |
---|---|---|
committer | Lee Clagett <code@leeclagett.com> | 2017-02-06 01:15:41 -0500 |
commit | ce7fcbb4aea884bb4bf433cf419ffa267f859c87 (patch) | |
tree | e8fb644b62006d78f801d739fbebad50f2c2409d /src/common | |
parent | Merge pull request #1669 (diff) | |
download | monero-ce7fcbb4aea884bb4bf433cf419ffa267f859c87.tar.xz |
Add server auth to monerod, and client auth to wallet-cli and wallet-rpc
Diffstat (limited to '')
-rw-r--r-- | src/common/CMakeLists.txt | 3 | ||||
-rw-r--r-- | src/common/command_line.cpp | 1 | ||||
-rw-r--r-- | src/common/command_line.h | 1 | ||||
-rw-r--r-- | src/common/common_fwd.h | 41 | ||||
-rw-r--r-- | src/common/password.cpp (renamed from src/wallet/password_container.cpp) | 27 | ||||
-rw-r--r-- | src/common/password.h (renamed from src/wallet/password_container.h) | 31 | ||||
-rw-r--r-- | src/common/rpc_client.h | 6 |
7 files changed, 104 insertions, 6 deletions
diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index dd17f6d64..a5d06f092 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -32,6 +32,7 @@ set(common_sources dns_utils.cpp util.cpp i18n.cpp + password.cpp perf_timer.cpp task_region.cpp thread_group.cpp) @@ -46,6 +47,7 @@ set(common_private_headers base58.h boost_serialization_helper.h command_line.h + common_fwd.h dns_utils.h http_connection.h int-util.h @@ -56,6 +58,7 @@ set(common_private_headers util.h varint.h i18n.h + password.h perf_timer.h stack_trace.h task_region.h diff --git a/src/common/command_line.cpp b/src/common/command_line.cpp index d95859256..c3df5c096 100644 --- a/src/common/command_line.cpp +++ b/src/common/command_line.cpp @@ -76,7 +76,6 @@ namespace command_line const arg_descriptor<bool> arg_version = {"version", "Output version information"}; const arg_descriptor<std::string> arg_data_dir = {"data-dir", "Specify data directory"}; const arg_descriptor<std::string> arg_testnet_data_dir = {"testnet-data-dir", "Specify testnet data directory"}; - const arg_descriptor<std::string> arg_user_agent = {"user-agent", "Restrict RPC use to clients using this user agent"}; const arg_descriptor<bool> arg_test_drop_download = {"test-drop-download", "For net tests: in download, discard ALL blocks instead checking/saving them (very fast)"}; const arg_descriptor<uint64_t> arg_test_drop_download_height = {"test-drop-download-height", "Like test-drop-download but disards only after around certain height", 0}; const arg_descriptor<int> arg_test_dbg_lock_sleep = {"test-dbg-lock-sleep", "Sleep time in ms, defaults to 0 (off), used to debug before/after locking mutex. Values 100 to 1000 are good for tests."}; diff --git a/src/common/command_line.h b/src/common/command_line.h index 3f0919e99..a09365a6b 100644 --- a/src/common/command_line.h +++ b/src/common/command_line.h @@ -207,7 +207,6 @@ namespace command_line extern const arg_descriptor<bool> arg_version; extern const arg_descriptor<std::string> arg_data_dir; extern const arg_descriptor<std::string> arg_testnet_data_dir; - extern const arg_descriptor<std::string> arg_user_agent; extern const arg_descriptor<bool> arg_test_drop_download; extern const arg_descriptor<uint64_t> arg_test_drop_download_height; extern const arg_descriptor<int> arg_test_dbg_lock_sleep; diff --git a/src/common/common_fwd.h b/src/common/common_fwd.h new file mode 100644 index 000000000..5d67251b1 --- /dev/null +++ b/src/common/common_fwd.h @@ -0,0 +1,41 @@ +// Copyright (c) 2014-2017, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers + +#pragma once + +namespace tools +{ + class DNSResolver; + struct login; + class password_container; + class t_http_connection; + class task_region; + class thread_group; +} diff --git a/src/wallet/password_container.cpp b/src/common/password.cpp index 832b93a1a..bdc9c69c0 100644 --- a/src/wallet/password_container.cpp +++ b/src/common/password.cpp @@ -1,4 +1,4 @@ -// Copyright (c) 2014-2016, The Monero Project +// Copyright (c) 2014-2017, The Monero Project // // All rights reserved. // @@ -28,7 +28,7 @@ // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers -#include "password_container.h" +#include "password.h" #include <iostream> #include <memory.h> @@ -245,4 +245,27 @@ namespace tools return boost::none; } + + boost::optional<login> login::parse(std::string&& userpass, bool verify, const char* message) + { + login out{}; + password_container wipe{std::move(userpass)}; + + const auto loc = wipe.password().find(':'); + if (loc == std::string::npos) + { + auto result = tools::password_container::prompt(verify, message); + if (!result) + return boost::none; + + out.password = std::move(*result); + } + else + { + out.password = password_container{wipe.password().substr(loc + 1)}; + } + + out.username = wipe.password().substr(0, loc); + return {std::move(out)}; + } } diff --git a/src/wallet/password_container.h b/src/common/password.h index 9c6faf9c8..12f715df4 100644 --- a/src/wallet/password_container.h +++ b/src/common/password.h @@ -1,4 +1,4 @@ -// Copyright (c) 2014-2016, The Monero Project +// Copyright (c) 2014-2017, The Monero Project // // All rights reserved. // @@ -64,4 +64,33 @@ namespace tools //! TODO Custom allocator that locks to RAM? std::string m_password; }; + + struct login + { + login() = default; + + /*! + Extracts username and password from the format `username:password`. A + blank username or password is allowed. If the `:` character is not + present, `password_container::prompt` will be called by forwarding the + `verify` and `message` arguments. + + \param userpass Is "consumed", and the memory contents are wiped. + \param verify is passed to `password_container::prompt` if necessary. + \param message is passed to `password_container::prompt` if necessary. + + \return The username and password, or boost::none if + `password_container::prompt` fails. + */ + static boost::optional<login> parse(std::string&& userpass, bool verify, const char* message = "Password"); + + login(const login&) = delete; + login(login&&) = default; + ~login() = default; + login& operator=(const login&) = delete; + login& operator=(login&&) = default; + + std::string username; + password_container password; + }; } diff --git a/src/common/rpc_client.h b/src/common/rpc_client.h index f5ecc8b50..40c103bf3 100644 --- a/src/common/rpc_client.h +++ b/src/common/rpc_client.h @@ -28,10 +28,13 @@ #pragma once +#include <boost/optional/optional.hpp> + #include "common/http_connection.h" #include "common/scoped_message_writer.h" #include "rpc/core_rpc_server_commands_defs.h" #include "storages/http_abstract_invoke.h" +#include "net/http_auth.h" #include "net/http_client.h" #include "string_tools.h" @@ -45,11 +48,12 @@ namespace tools t_rpc_client( uint32_t ip , uint16_t port + , boost::optional<epee::net_utils::http::login> user ) : m_http_client{} { m_http_client.set_server( - epee::string_tools::get_ip_string_from_int32(ip), std::to_string(port) + epee::string_tools::get_ip_string_from_int32(ip), std::to_string(port), std::move(user) ); } |