diff options
Diffstat (limited to 'src/wallet')
| -rw-r--r-- | src/wallet/api/wallet_manager.cpp | 8 | ||||
| -rw-r--r-- | src/wallet/api/wallet_manager.h | 1 | ||||
| -rw-r--r-- | src/wallet/password_container.cpp | 281 | ||||
| -rw-r--r-- | src/wallet/password_container.h | 41 | ||||
| -rw-r--r-- | src/wallet/wallet2.cpp | 67 | ||||
| -rw-r--r-- | src/wallet/wallet2.h | 10 | ||||
| -rw-r--r-- | src/wallet/wallet2_api.h | 3 | ||||
| -rw-r--r-- | src/wallet/wallet_rpc_server.cpp | 98 | ||||
| -rw-r--r-- | src/wallet/wallet_rpc_server.h | 3 |
9 files changed, 292 insertions, 220 deletions
diff --git a/src/wallet/api/wallet_manager.cpp b/src/wallet/api/wallet_manager.cpp index 5a6f02b01..4ee5ab8df 100644 --- a/src/wallet/api/wallet_manager.cpp +++ b/src/wallet/api/wallet_manager.cpp @@ -352,6 +352,14 @@ double WalletManagerImpl::miningHashRate() const return mres.speed; } +std::string WalletManagerImpl::resolveOpenAlias(const std::string &address, bool &dnssec_valid) const +{ + std::vector<std::string> addresses = tools::wallet2::addresses_from_url(address, dnssec_valid); + if (addresses.empty()) + return ""; + return addresses.front(); +} + ///////////////////// WalletManagerFactory implementation ////////////////////// WalletManager *WalletManagerFactory::getWalletManager() diff --git a/src/wallet/api/wallet_manager.h b/src/wallet/api/wallet_manager.h index fe9662534..214afc3fa 100644 --- a/src/wallet/api/wallet_manager.h +++ b/src/wallet/api/wallet_manager.h @@ -52,6 +52,7 @@ public: uint64_t blockchainTargetHeight() const; uint64_t networkDifficulty() const; double miningHashRate() const; + std::string resolveOpenAlias(const std::string &address, bool &dnssec_valid) const; private: WalletManagerImpl() {} diff --git a/src/wallet/password_container.cpp b/src/wallet/password_container.cpp index 5260bbc8b..832b93a1a 100644 --- a/src/wallet/password_container.cpp +++ b/src/wallet/password_container.cpp @@ -42,153 +42,17 @@ #include <unistd.h> #endif -namespace tools +namespace { - namespace - { - bool is_cin_tty(); - } - // deleted via private member - password_container::password_container() - : m_empty(true),m_verify(true) - { - - } - password_container::password_container(bool verify) - : m_empty(true),m_verify(verify) - { - - } - - password_container::password_container(std::string&& password) - : m_empty(false) - , m_password(std::move(password)) - , m_verify(false) - { - - } - - - password_container::password_container(password_container&& rhs) - : m_empty(std::move(rhs.m_empty)) - , m_password(std::move(rhs.m_password)) - , m_verify(std::move(rhs.m_verify)) - { - } - password_container::~password_container() - { - clear(); - } - - void password_container::clear() - { - if (0 < m_password.capacity()) - { - m_password.replace(0, m_password.capacity(), m_password.capacity(), '\0'); - m_password.resize(0); - } - m_empty = true; - } - - bool password_container::read_password(const char *message) - { - clear(); - - bool r; - if (is_cin_tty()) - { - r = read_from_tty_double_check(message); - } - else - { - r = read_from_file(); - } - - if (r) - { - m_empty = false; - } - else - { - clear(); - } - - return r; - } - - bool password_container::read_from_file() - { - m_password.reserve(max_password_size); - for (size_t i = 0; i < max_password_size; ++i) - { - char ch = static_cast<char>(std::cin.get()); - if (std::cin.eof() || ch == '\n' || ch == '\r') - { - break; - } - else if (std::cin.fail()) - { - return false; - } - else - { - m_password.push_back(ch); - } - } - - return true; - } - -bool password_container::read_from_tty_double_check(const char *message) { - std::string pass1; - std::string pass2; - bool match=false; - bool doNotVerifyEntry=false; - if (m_verify){message = "Enter a password for your new wallet";} - do{ - if (message) - std::cout << message <<": "; - if (!password_container::read_from_tty(pass1)) - return false; - if (m_verify==true){//double check password; - std::cout << "Confirm Password: "; - if (!password_container::read_from_tty(pass2)) - return false; - if(pass1!=pass2){ //new password entered did not match - - std::cout << "Passwords do not match! Please try again." << std::endl; - pass1=""; - pass2=""; - match=false; - } - else{//new password matches - match=true; - } - } - else - doNotVerifyEntry=true; //do not verify - //No need to verify password entered at this point in the code - - }while(match==false && doNotVerifyEntry==false); - - m_password=pass1; - return true; - } - - #if defined(_WIN32) - - namespace + bool is_cin_tty() noexcept { - bool is_cin_tty() - { - return 0 != _isatty(_fileno(stdin)); - } + return 0 != _isatty(_fileno(stdin)); } - bool password_container::read_from_tty(std::string & pass) + bool read_from_tty(std::string& pass) { - const char BACKSPACE = 8; + static constexpr const char BACKSPACE = 8; HANDLE h_cin = ::GetStdHandle(STD_INPUT_HANDLE); @@ -198,8 +62,8 @@ bool password_container::read_from_tty_double_check(const char *message) { ::SetConsoleMode(h_cin, mode_new); bool r = true; - pass.reserve(max_password_size); - while (pass.size() < max_password_size) + pass.reserve(tools::password_container::max_password_size); + while (pass.size() < tools::password_container::max_password_size) { DWORD read; char ch; @@ -235,38 +99,36 @@ bool password_container::read_from_tty_double_check(const char *message) { return r; } -#else +#else // end WIN32 - namespace + bool is_cin_tty() noexcept { - bool is_cin_tty() - { - return 0 != isatty(fileno(stdin)); - } + return 0 != isatty(fileno(stdin)); + } - int getch() - { - struct termios tty_old; - tcgetattr(STDIN_FILENO, &tty_old); + int getch() noexcept + { + struct termios tty_old; + tcgetattr(STDIN_FILENO, &tty_old); - struct termios tty_new; - tty_new = tty_old; - tty_new.c_lflag &= ~(ICANON | ECHO); - tcsetattr(STDIN_FILENO, TCSANOW, &tty_new); + struct termios tty_new; + tty_new = tty_old; + tty_new.c_lflag &= ~(ICANON | ECHO); + tcsetattr(STDIN_FILENO, TCSANOW, &tty_new); - int ch = getchar(); + int ch = getchar(); - tcsetattr(STDIN_FILENO, TCSANOW, &tty_old); + tcsetattr(STDIN_FILENO, TCSANOW, &tty_old); - return ch; - } + return ch; } - bool password_container::read_from_tty(std::string &aPass) + + bool read_from_tty(std::string& aPass) { - const char BACKSPACE = 127; + static constexpr const char BACKSPACE = 127; - aPass.reserve(max_password_size); - while (aPass.size() < max_password_size) + aPass.reserve(tools::password_container::max_password_size); + while (aPass.size() < tools::password_container::max_password_size) { int ch = getch(); if (EOF == ch) @@ -297,5 +159,90 @@ bool password_container::read_from_tty_double_check(const char *message) { return true; } -#endif -} +#endif // end !WIN32 + + void clear(std::string& pass) noexcept + { + //! TODO Call a memory wipe function that hopefully is not optimized out + pass.replace(0, pass.capacity(), pass.capacity(), '\0'); + pass.clear(); + } + + bool read_from_tty(const bool verify, const char *message, std::string& pass1, std::string& pass2) + { + while (true) + { + if (message) + std::cout << message <<": "; + if (!read_from_tty(pass1)) + return false; + if (verify) + { + std::cout << "Confirm Password: "; + if (!read_from_tty(pass2)) + return false; + if(pass1!=pass2) + { + std::cout << "Passwords do not match! Please try again." << std::endl; + clear(pass1); + clear(pass2); + } + else //new password matches + return true; + } + else + return true; + //No need to verify password entered at this point in the code + } + + return false; + } + + bool read_from_file(std::string& pass) + { + pass.reserve(tools::password_container::max_password_size); + for (size_t i = 0; i < tools::password_container::max_password_size; ++i) + { + char ch = static_cast<char>(std::cin.get()); + if (std::cin.eof() || ch == '\n' || ch == '\r') + { + break; + } + else if (std::cin.fail()) + { + return false; + } + else + { + pass.push_back(ch); + } + } + return true; + } + +} // anonymous namespace + +namespace tools +{ + // deleted via private member + password_container::password_container() noexcept : m_password() {} + password_container::password_container(std::string&& password) noexcept + : m_password(std::move(password)) + { + } + + password_container::~password_container() noexcept + { + clear(m_password); + } + + boost::optional<password_container> password_container::prompt(const bool verify, const char *message) + { + password_container pass1{}; + password_container pass2{}; + if (is_cin_tty() ? read_from_tty(verify, message, pass1.m_password, pass2.m_password) : read_from_file(pass1.m_password)) + return {std::move(pass1)}; + + return boost::none; + } +} diff --git a/src/wallet/password_container.h b/src/wallet/password_container.h index 866d170f2..9c6faf9c8 100644 --- a/src/wallet/password_container.h +++ b/src/wallet/password_container.h @@ -31,34 +31,37 @@ #pragma once #include <string> -#include <boost/program_options/variables_map.hpp> +#include <boost/optional/optional.hpp> namespace tools { class password_container { public: - static const size_t max_password_size = 1024; - password_container(bool verify); - password_container(password_container&& rhs); - password_container(std::string&& password); - ~password_container(); + static constexpr const size_t max_password_size = 1024; - void clear(); - bool empty() const { return m_empty; } - const std::string& password() const { return m_password; } - void password(std::string&& val) { m_password = std::move(val); m_empty = false; } - bool read_password(const char *message = "Password"); + //! Empty password + password_container() noexcept; - private: - //delete constructor with no parameters - password_container(); - bool read_from_file(); - bool read_from_tty(std::string & pass); - bool read_from_tty_double_check(const char *message); + //! `password` is used as password + password_container(std::string&& password) noexcept; + + //! \return A password from stdin TTY prompt or `std::cin` pipe. + static boost::optional<password_container> prompt(bool verify, const char *mesage = "Password"); + + password_container(const password_container&) = delete; + password_container(password_container&& rhs) = default; + + //! Wipes internal password + ~password_container() noexcept; - bool m_empty; + password_container& operator=(const password_container&) = delete; + password_container& operator=(password_container&&) = default; + + const std::string& password() const noexcept { return m_password; } + + private: + //! TODO Custom allocator that locks to RAM? std::string m_password; - bool m_verify; }; } diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index db4fae557..ed488b50c 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -30,8 +30,6 @@ #include <random> #include <tuple> -#include <boost/archive/binary_oarchive.hpp> -#include <boost/archive/binary_iarchive.hpp> #include <boost/format.hpp> #include <boost/optional/optional.hpp> #include <boost/utility/value_init.hpp> @@ -174,9 +172,7 @@ boost::optional<tools::password_container> get_password(const boost::program_opt if (command_line::has_arg(vm, opts.password)) { - tools::password_container pwd(false); - pwd.password(command_line::get_arg(vm, opts.password)); - return {std::move(pwd)}; + return tools::password_container{command_line::get_arg(vm, opts.password)}; } if (command_line::has_arg(vm, opts.password_file)) @@ -192,19 +188,10 @@ boost::optional<tools::password_container> get_password(const boost::program_opt // Remove line breaks the user might have inserted boost::trim_right_if(password, boost::is_any_of("\r\n")); - return {tools::password_container(std::move(password))}; + return {tools::password_container{std::move(password)}}; } - //vm is already part of the password container class. just need to check vm for an already existing wallet - //here need to pass in variable map. This will indicate if the wallet already exists to the read password function - tools::password_container pwd(verify); - if (pwd.read_password()) - { - return {std::move(pwd)}; - } - - tools::fail_msg_writer() << tools::wallet2::tr("failed to read wallet password"); - return boost::none; + return tools::wallet2::password_prompt(verify); } std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file, bool testnet, bool restricted) @@ -431,6 +418,18 @@ void wallet2::init_options(boost::program_options::options_description& desc_par command_line::add_arg(desc_params, opts.restricted); } +boost::optional<password_container> wallet2::password_prompt(const bool is_new_wallet) +{ + auto pwd_container = tools::password_container::prompt( + is_new_wallet, (is_new_wallet ? tr("Enter a password for your new wallet") : tr("Wallet password")) + ); + if (!pwd_container) + { + tools::fail_msg_writer() << tr("failed to read wallet password"); + } + return pwd_container; +} + std::unique_ptr<wallet2> wallet2::make_from_json(const boost::program_options::variables_map& vm, const std::string& json_file) { const options opts{}; @@ -444,7 +443,7 @@ std::pair<std::unique_ptr<wallet2>, password_container> wallet2::make_from_file( auto pwd = get_password(vm, opts, false); if (!pwd) { - return {nullptr, password_container(false)}; + return {nullptr, password_container{}}; } auto wallet = make_basic(vm, opts); if (wallet) @@ -460,7 +459,7 @@ std::pair<std::unique_ptr<wallet2>, password_container> wallet2::make_new(const auto pwd = get_password(vm, opts, true); if (!pwd) { - return {nullptr, password_container(false)}; + return {nullptr, password_container{}}; } return {make_basic(vm, opts), std::move(*pwd)}; } @@ -2313,16 +2312,38 @@ void wallet2::load(const std::string& wallet_, const std::string& password) std::stringstream iss; iss << cache_data; - boost::archive::binary_iarchive ar(iss); - ar >> *this; + try { + boost::archive::portable_binary_iarchive ar(iss); + ar >> *this; + } + catch (...) + { + LOG_PRINT_L0("Failed to open portable binary, trying unportable"); + boost::filesystem::copy_file(m_wallet_file, m_wallet_file + ".unportable", boost::filesystem::copy_option::overwrite_if_exists); + iss.str(""); + iss << cache_data; + boost::archive::binary_iarchive ar(iss); + ar >> *this; + } } catch (...) { LOG_PRINT_L1("Failed to load encrypted cache, trying unencrypted"); std::stringstream iss; iss << buf; - boost::archive::binary_iarchive ar(iss); - ar >> *this; + try { + boost::archive::portable_binary_iarchive ar(iss); + ar >> *this; + } + catch (...) + { + LOG_PRINT_L0("Failed to open portable binary, trying unportable"); + boost::filesystem::copy_file(m_wallet_file, m_wallet_file + ".unportable", boost::filesystem::copy_option::overwrite_if_exists); + iss.str(""); + iss << buf; + boost::archive::binary_iarchive ar(iss); + ar >> *this; + } } THROW_WALLET_EXCEPTION_IF( m_account_public_address.m_spend_public_key != m_account.get_keys().m_account_address.m_spend_public_key || @@ -2396,7 +2417,7 @@ void wallet2::store_to(const std::string &path, const std::string &password) } // preparing wallet data std::stringstream oss; - boost::archive::binary_oarchive ar(oss); + boost::archive::portable_binary_oarchive ar(oss); ar << *this; wallet2::cache_file_data cache_file_data = boost::value_initialized<wallet2::cache_file_data>(); diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index c3381730b..54e26008b 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -31,7 +31,6 @@ #pragma once #include <memory> -#include <boost/archive/binary_iarchive.hpp> #include <boost/program_options/options_description.hpp> #include <boost/program_options/variables_map.hpp> @@ -104,6 +103,9 @@ namespace tools static bool has_testnet_option(const boost::program_options::variables_map& vm); static void init_options(boost::program_options::options_description& desc_params); + //! \return Password retrieved from prompt. Logs error on failure. + static boost::optional<password_container> password_prompt(const bool is_new_wallet); + //! Uses stdin and stdout. Returns a wallet2 if no errors. static std::unique_ptr<wallet2> make_from_json(const boost::program_options::variables_map& vm, const std::string& json_file); @@ -676,11 +678,11 @@ namespace boost namespace serialization { template <class Archive> - inline void initialize_transfer_details(Archive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver) + inline typename std::enable_if<!Archive::is_loading::value, void>::type initialize_transfer_details(Archive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver) { } - template<> - inline void initialize_transfer_details(boost::archive::binary_iarchive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver) + template <class Archive> + inline typename std::enable_if<Archive::is_loading::value, void>::type initialize_transfer_details(Archive &a, tools::wallet2::transfer_details &x, const boost::serialization::version_type ver) { if (ver < 1) { diff --git a/src/wallet/wallet2_api.h b/src/wallet/wallet2_api.h index 6651b876d..2e1d95b58 100644 --- a/src/wallet/wallet2_api.h +++ b/src/wallet/wallet2_api.h @@ -561,6 +561,9 @@ struct WalletManager //! returns current mining hash rate (0 if not mining) virtual double miningHashRate() const = 0; + + //! resolves an OpenAlias address to a monero address + virtual std::string resolveOpenAlias(const std::string &address, bool &dnssec_valid) const = 0; }; diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index 7c08bbe4b..2a259029d 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -28,6 +28,7 @@ // // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers #include <boost/asio/ip/address.hpp> +#include <boost/filesystem/operations.hpp> #include <cstdint> #include "include_base_utils.h" using namespace epee; @@ -36,10 +37,12 @@ using namespace epee; #include "wallet/wallet_args.h" #include "common/command_line.h" #include "common/i18n.h" +#include "common/util.h" #include "cryptonote_core/cryptonote_format_utils.h" #include "cryptonote_core/account.h" #include "wallet_rpc_server_commands_defs.h" #include "misc_language.h" +#include "string_coding.h" #include "string_tools.h" #include "crypto/hash.h" @@ -47,9 +50,11 @@ namespace { const command_line::arg_descriptor<std::string, true> arg_rpc_bind_port = {"rpc-bind-port", "Sets bind port for server"}; const command_line::arg_descriptor<std::string> arg_rpc_bind_ip = {"rpc-bind-ip", "Specify ip to bind rpc server", "127.0.0.1"}; - const command_line::arg_descriptor<std::string> arg_user_agent = {"user-agent", "Restrict RPC to clients using this user agent", ""}; - + const command_line::arg_descriptor<std::string> arg_rpc_login = {"rpc-login", "Specify username[:password] required for RPC connection"}; + const command_line::arg_descriptor<bool> arg_disable_rpc_login = {"disable-rpc-login", "Disable HTTP authentication for RPC"}; const command_line::arg_descriptor<bool> arg_confirm_external_bind = {"confirm-external-bind", "Confirm rcp-bind-ip value is NOT a loopback (local) IP"}; + + constexpr const char default_rpc_username[] = "monero"; } namespace tools @@ -60,9 +65,19 @@ namespace tools } //------------------------------------------------------------------------------------------------------------------------------ - wallet_rpc_server::wallet_rpc_server(wallet2& w):m_wallet(w) + wallet_rpc_server::wallet_rpc_server(wallet2& w):m_wallet(w), rpc_login_filename(), m_stop(false) {} //------------------------------------------------------------------------------------------------------------------------------ + wallet_rpc_server::~wallet_rpc_server() + { + try + { + boost::system::error_code ec{}; + boost::filesystem::remove(rpc_login_filename, ec); + } + catch (...) {} + } + //------------------------------------------------------------------------------------------------------------------------------ bool wallet_rpc_server::run() { m_stop = false; @@ -110,11 +125,79 @@ namespace tools } } + epee::net_utils::http::http_auth::login login{}; + + const bool disable_auth = command_line::get_arg(vm, arg_disable_rpc_login); + const std::string user_pass = command_line::get_arg(vm, arg_rpc_login); + const std::string bind_port = command_line::get_arg(vm, arg_rpc_bind_port); + + if (disable_auth) + { + if (!user_pass.empty()) + { + LOG_ERROR(tr("Cannot specify --") << arg_disable_rpc_login.name << tr(" and --") << arg_rpc_login.name); + return false; + } + } + else // auth enabled + { + if (user_pass.empty()) + { + login.username = default_rpc_username; + + std::array<std::uint8_t, 16> rand_128bit{{}}; + crypto::rand(rand_128bit.size(), rand_128bit.data()); + login.password = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size()); + } + else // user password + { + const auto loc = user_pass.find(':'); + login.username = user_pass.substr(0, loc); + if (loc != std::string::npos) + { + login.password = user_pass.substr(loc + 1); + } + else + { + login.password = tools::password_container::prompt(true, "RPC password").value_or( + tools::password_container{} + ).password(); + } + + if (login.username.empty() || login.password.empty()) + { + LOG_ERROR(tr("Blank username or password not permitted for RPC authenticaion")); + return false; + } + } + + assert(!login.username.empty()); + assert(!login.password.empty()); + + std::string temp = "monero-wallet-rpc." + bind_port + ".login"; + const auto cookie = tools::create_private_file(temp); + if (!cookie) + { + LOG_ERROR(tr("Failed to create file ") << temp << tr(". Check permissions or remove file")); + return false; + } + rpc_login_filename.swap(temp); // nothrow guarantee destructor cleanup + temp = rpc_login_filename; + std::fputs(login.username.c_str(), cookie.get()); + std::fputc(':', cookie.get()); + std::fputs(login.password.c_str(), cookie.get()); + std::fflush(cookie.get()); + if (std::ferror(cookie.get())) + { + LOG_ERROR(tr("Error writing to file ") << temp); + return false; + } + LOG_PRINT_L0(tr("RPC username/password is stored in file ") << temp); + } // end auth enabled + m_net_server.set_threads_prefix("RPC"); return epee::http_server_impl_base<wallet_rpc_server, connection_context>::init( - command_line::get_arg(vm, arg_rpc_bind_port), - std::move(bind_ip), - command_line::get_arg(vm, arg_user_agent) + std::move(bind_port), std::move(bind_ip), std::string{}, boost::make_optional(!disable_auth, std::move(login)) ); } //------------------------------------------------------------------------------------------------------------------------------ @@ -1132,7 +1215,8 @@ int main(int argc, char** argv) { tools::wallet2::init_options(desc_params); command_line::add_arg(desc_params, arg_rpc_bind_ip); command_line::add_arg(desc_params, arg_rpc_bind_port); - command_line::add_arg(desc_params, arg_user_agent); + command_line::add_arg(desc_params, arg_rpc_login); + command_line::add_arg(desc_params, arg_disable_rpc_login); command_line::add_arg(desc_params, arg_confirm_external_bind); command_line::add_arg(desc_params, arg_wallet_file); command_line::add_arg(desc_params, arg_from_json); diff --git a/src/wallet/wallet_rpc_server.h b/src/wallet/wallet_rpc_server.h index d18f18a47..92deec043 100644 --- a/src/wallet/wallet_rpc_server.h +++ b/src/wallet/wallet_rpc_server.h @@ -32,6 +32,7 @@ #include <boost/program_options/options_description.hpp> #include <boost/program_options/variables_map.hpp> +#include <string> #include "net/http_server_impl_base.h" #include "wallet_rpc_server_commands_defs.h" #include "wallet2.h" @@ -48,6 +49,7 @@ namespace tools static const char* tr(const char* str); wallet_rpc_server(wallet2& cr); + ~wallet_rpc_server(); bool init(const boost::program_options::variables_map& vm); bool run(); @@ -116,6 +118,7 @@ namespace tools bool on_query_key(const wallet_rpc::COMMAND_RPC_QUERY_KEY::request& req, wallet_rpc::COMMAND_RPC_QUERY_KEY::response& res, epee::json_rpc::error& er); wallet2& m_wallet; + std::string rpc_login_filename; std::atomic<bool> m_stop; }; } |