aboutsummaryrefslogtreecommitdiff
path: root/src/rpc
diff options
context:
space:
mode:
Diffstat (limited to 'src/rpc')
-rw-r--r--src/rpc/core_rpc_server.cpp25
1 files changed, 23 insertions, 2 deletions
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index db228dd94..c7e2d742f 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -278,6 +278,7 @@ namespace cryptonote
}
}
disable_rpc_ban = rpc_config->disable_rpc_ban;
+ const std::string data_dir{command_line::get_arg(vm, cryptonote::arg_data_dir)};
std::string address = command_line::get_arg(vm, arg_rpc_payment_address);
if (!address.empty() && allow_rpc_payment)
{
@@ -306,7 +307,7 @@ namespace cryptonote
}
m_rpc_payment_allow_free_loopback = command_line::get_arg(vm, arg_rpc_payment_allow_free_loopback);
m_rpc_payment.reset(new rpc_payment(info.address, diff, credits));
- m_rpc_payment->load(command_line::get_arg(vm, cryptonote::arg_data_dir));
+ m_rpc_payment->load(data_dir);
m_p2p.set_rpc_credits_per_hash(RPC_CREDITS_PER_HASH_SCALE * (credits / (float)diff));
}
@@ -333,12 +334,32 @@ namespace cryptonote
if (m_rpc_payment)
m_net_server.add_idle_handler([this](){ return m_rpc_payment->on_idle(); }, 60 * 1000);
+ bool store_ssl_key = !restricted && rpc_config->ssl_options.auth.certificate_path.empty();
+ const auto ssl_base_path = (boost::filesystem::path{data_dir} / "rpc_ssl").string();
+ if (store_ssl_key && boost::filesystem::exists(ssl_base_path + ".crt"))
+ {
+ // load key from previous run, password prompted by OpenSSL
+ store_ssl_key = false;
+ rpc_config->ssl_options.auth =
+ epee::net_utils::ssl_authentication_t{ssl_base_path + ".key", ssl_base_path + ".crt"};
+ }
+
auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
- return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
+ const bool inited = epee::http_server_impl_base<core_rpc_server, connection_context>::init(
rng, std::move(port), std::move(bind_ip_str),
std::move(bind_ipv6_str), std::move(rpc_config->use_ipv6), std::move(rpc_config->require_ipv4),
std::move(rpc_config->access_control_origins), std::move(http_login), std::move(rpc_config->ssl_options)
);
+
+ if (store_ssl_key && inited)
+ {
+ // new keys were generated, store for next run
+ const auto error = epee::net_utils::store_ssl_keys(m_net_server.get_ssl_context(), ssl_base_path);
+ if (error)
+ MFATAL("Failed to store HTTP SSL cert/key for " << (restricted ? "restricted " : "") << "RPC server: " << error.message());
+ return !bool(error);
+ }
+ return inited;
}
//------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::check_payment(const std::string &client_message, uint64_t payment, const std::string &rpc, bool same_ts, std::string &message, uint64_t &credits, std::string &top_hash)