aboutsummaryrefslogtreecommitdiff
path: root/src/wallet
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-09-07 21:38:41 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-09-18 20:32:02 +0100
commiteeb2bbc0fcc9c5afa2c3aa12915b4d3f31115e56 (patch)
treec55799576b49814203891a6688ec2dbdf86b7bcf /src/wallet
parentMerge pull request #1099 (diff)
downloadmonero-eeb2bbc0fcc9c5afa2c3aa12915b4d3f31115e56.tar.xz
epee: optionally restrict HTTP service to a configurable user agent
This is intended to catch traffic coming from a web browser, so we avoid issues with a web page sending a transfer RPC to the wallet. Requiring a particular user agent can act as a simple password scheme, while we wait for 0MQ and proper authentication to be merged.
Diffstat (limited to '')
-rw-r--r--src/wallet/wallet_rpc_server.cpp5
-rw-r--r--src/wallet/wallet_rpc_server.h2
2 files changed, 6 insertions, 1 deletions
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 1816ae801..faa40e166 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -45,11 +45,13 @@ namespace tools
//-----------------------------------------------------------------------------------
const command_line::arg_descriptor<std::string> wallet_rpc_server::arg_rpc_bind_port = {"rpc-bind-port", "Starts wallet as rpc server for wallet operations, sets bind port for server", "", true};
const command_line::arg_descriptor<std::string> wallet_rpc_server::arg_rpc_bind_ip = {"rpc-bind-ip", "Specify ip to bind rpc server", "127.0.0.1"};
+ const command_line::arg_descriptor<std::string> wallet_rpc_server::arg_user_agent = {"user-agent", "Restrict RPC to clients using this user agent", ""};
void wallet_rpc_server::init_options(boost::program_options::options_description& desc)
{
command_line::add_arg(desc, arg_rpc_bind_ip);
command_line::add_arg(desc, arg_rpc_bind_port);
+ command_line::add_arg(desc, arg_user_agent);
}
//------------------------------------------------------------------------------------------------------------------------------
wallet_rpc_server::wallet_rpc_server(wallet2& w):m_wallet(w)
@@ -83,6 +85,7 @@ namespace tools
{
m_bind_ip = command_line::get_arg(vm, arg_rpc_bind_ip);
m_port = command_line::get_arg(vm, arg_rpc_bind_port);
+ m_user_agent = command_line::get_arg(vm, arg_user_agent);
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
@@ -91,7 +94,7 @@ namespace tools
m_net_server.set_threads_prefix("RPC");
bool r = handle_command_line(vm);
CHECK_AND_ASSERT_MES(r, false, "Failed to process command line in core_rpc_server");
- return epee::http_server_impl_base<wallet_rpc_server, connection_context>::init(m_port, m_bind_ip);
+ return epee::http_server_impl_base<wallet_rpc_server, connection_context>::init(m_port, m_bind_ip, m_user_agent);
}
//------------------------------------------------------------------------------------------------------------------------------
bool wallet_rpc_server::on_getbalance(const wallet_rpc::COMMAND_RPC_GET_BALANCE::request& req, wallet_rpc::COMMAND_RPC_GET_BALANCE::response& res, epee::json_rpc::error& er)
diff --git a/src/wallet/wallet_rpc_server.h b/src/wallet/wallet_rpc_server.h
index c2532948f..b3e95c18a 100644
--- a/src/wallet/wallet_rpc_server.h
+++ b/src/wallet/wallet_rpc_server.h
@@ -50,6 +50,7 @@ namespace tools
const static command_line::arg_descriptor<std::string> arg_rpc_bind_port;
const static command_line::arg_descriptor<std::string> arg_rpc_bind_ip;
+ const static command_line::arg_descriptor<std::string> arg_user_agent;
static void init_options(boost::program_options::options_description& desc);
@@ -120,6 +121,7 @@ namespace tools
wallet2& m_wallet;
std::string m_port;
std::string m_bind_ip;
+ std::string m_user_agent;
std::atomic<bool> m_stop;
};
}