From 76f95f052e4ab7f6074464f11b436a7374017b52 Mon Sep 17 00:00:00 2001
From: Dusan Klinec <dusan.klinec@gmail.com>
Date: Thu, 30 Aug 2018 13:35:05 +0200
Subject: rpc: allow to pass RPC login via RPC_LOGIN env var

- passing by parameter is insecure as it is shown in the process list
---
 src/rpc/rpc_args.cpp | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src/rpc')

diff --git a/src/rpc/rpc_args.cpp b/src/rpc/rpc_args.cpp
index d4044d11b..60c78480a 100644
--- a/src/rpc/rpc_args.cpp
+++ b/src/rpc/rpc_args.cpp
@@ -82,11 +82,17 @@ namespace cryptonote
       }
     }
 
-    if (command_line::has_arg(vm, arg.rpc_login))
+    const char *env_rpc_login = nullptr;
+    const bool has_rpc_arg = command_line::has_arg(vm, arg.rpc_login);
+    const bool use_rpc_env = !has_rpc_arg && (env_rpc_login = getenv("RPC_LOGIN")) != nullptr && strlen(env_rpc_login) > 0;
+    boost::optional<tools::login> login{};
+    if (has_rpc_arg || use_rpc_env)
     {
-      config.login = tools::login::parse(command_line::get_arg(vm, arg.rpc_login), true, [](bool verify) {
-        return tools::password_container::prompt(verify, "RPC server password");
-      });
+      config.login = tools::login::parse(
+          has_rpc_arg ? command_line::get_arg(vm, arg.rpc_login) : std::string(env_rpc_login), true, [](bool verify) {
+            return tools::password_container::prompt(verify, "RPC server password");
+          });
+
       if (!config.login)
         return boost::none;
 
-- 
cgit v1.2.3